aws-deployment-framework icon indicating copy to clipboard operation
aws-deployment-framework copied to clipboard

Published 20 hours ago verified publisher icon awslabs

feat(adf-bootstrap): (#472) modify trust relations for roles :zap:

Open AndreasAugustin opened this issue 1 year ago • 2 comments

*Issue #472 *

Description of changes: Modify the trust relations for the roles. Now a recreation of the related roles is possible without the need of a recreation for the adf stacks in all accounts.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

AndreasAugustin avatar Sep 06 '22 20:09 AndreasAugustin

Hey @AndreasAugustin thanks for raising this PR. It's a great solution.

Regarding the multi-block condition, is there any reason you wouldn't do it the same way as defined here: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_multi-value-conditions.html

Rather than using the intrinsic AND operator.

StewartW avatar Sep 06 '22 20:09 StewartW

Hey @AndreasAugustin thanks for raising this PR. It's a great solution.

Regarding the multi-block condition, is there any reason you wouldn't do it the same way as defined here: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_multi-value-conditions.html

Rather than using the intrinsic AND operator.

Hi @StewartW thanks a lot for the review.

  • fixed: StringEquals -> ArnEquals
  • also moved from single quotes in some statements to double quotes
  • Fn::And -> migrated to object based. I did not test it. At least cfn-lint is not complaining :+1: I try to test it ASAP

AndreasAugustin avatar Sep 07 '22 15:09 AndreasAugustin