Skip to content

fix(stepfunctions-tasks): fix the generated IAM policy for EFS operations#30896

Merged
mergify[bot] merged 2 commits intoaws:mainfrom
ashishdhingra:issue30862_stepfunctions_tasks_iam_policy
Jul 29, 2024
Merged

fix(stepfunctions-tasks): fix the generated IAM policy for EFS operations#30896
mergify[bot] merged 2 commits intoaws:mainfrom
ashishdhingra:issue30862_stepfunctions_tasks_iam_policy

Conversation

@ashishdhingra
Copy link
Copy Markdown
Contributor

@ashishdhingra ashishdhingra commented Jul 18, 2024

Issue # (if applicable)

Closes #30862.

Reason for this change

Per TagResource, the operation requires permissions for the elasticfilesystem:TagResource action. Also per AWS managed policies for Amazon EFS, all the Action(s) are prefixed with elasticfilesystem: (not efs).

Description of changes

Updates the iamServiceMap that maintains list of services having mapping to IAM policy prefix names.

Description of how you validated changes

Added unit test and integration test (along with snapshot).

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added the repeat-contributor [Pilot] contributed between 3-5 PRs to the CDK label Jul 18, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team July 18, 2024 23:36
@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort p2 labels Jul 18, 2024
aws-cdk-automation
aws-cdk-automation previously requested changes Jul 18, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@ashishdhingra ashishdhingra changed the title fix(aws-stepfunctions-tasks): fix the generated IAM policy for EFS operations fix(stepfunctions-tasks): fix the generated IAM policy for EFS operations Jul 18, 2024
@aws-cdk-automation aws-cdk-automation dismissed their stale review July 18, 2024 23:40

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@ashishdhingra ashishdhingra force-pushed the issue30862_stepfunctions_tasks_iam_policy branch 8 times, most recently from d274c9e to f8506e1 Compare July 19, 2024 01:51
@ashishdhingra ashishdhingra force-pushed the issue30862_stepfunctions_tasks_iam_policy branch from f8506e1 to 8715bb9 Compare July 19, 2024 01:52
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Jul 19, 2024
@github-actions github-actions bot mentioned this pull request Jul 22, 2024
Closed
@ashishdhingra ashishdhingra added pr/needs-maintainer-review This PR needs a review from a Core Team Member and removed pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. repeat-contributor [Pilot] contributed between 3-5 PRs to the CDK labels Jul 25, 2024
@aws-cdk-automation aws-cdk-automation added pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. and removed pr/needs-maintainer-review This PR needs a review from a Core Team Member labels Jul 25, 2024
lpizzinidev
lpizzinidev approved these changes Jul 27, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

@aws-cdk-automation aws-cdk-automation added pr/needs-maintainer-review This PR needs a review from a Core Team Member and removed pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. labels Jul 27, 2024
@xazhao xazhao self-assigned this Jul 29, 2024
xazhao
xazhao previously approved these changes Jul 29, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@xazhao xazhao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me too!

@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Jul 29, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Jul 29, 2024
@mergify mergify bot dismissed xazhao’s stale review July 29, 2024 19:22

Pull request has been modified.

@aws-cdk-automation
Copy link
Copy Markdown
Collaborator

aws-cdk-automation commented Jul 29, 2024

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 466e596
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Jul 29, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 31808b4 into aws:main Jul 29, 2024
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jul 29, 2024

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 29, 2024
@ashishdhingra ashishdhingra deleted the issue30862_stepfunctions_tasks_iam_policy branch July 29, 2024 22:10
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@aws-cdk-automation aws-cdk-automation Awaiting requested review from aws-cdk-automation

2 more reviewers

@lpizzinidev lpizzinidev lpizzinidev approved these changes

@xazhao xazhao xazhao approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@xazhao xazhao

Labels

bug This issue is a bug. effort/small Small work item – less than a day of effort p2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

aws-cdk-lib/aws-stepfunctions-tasks: Issue with incorrectly generated IAM policy.

4 participants

@ashishdhingra @aws-cdk-automation @lpizzinidev @xazhao