provider-aws Huge API calls to `iam.amazonaws.com`

Huge API calls to `iam.amazonaws.com`

Open haooliveira84 opened this issue 7 months ago • 0 comments

What happened?

We're observed the increase API calls to iam.amazonaws.com with event UpdateAssumeRolePolicy

How can we reproduce it?

Provisioning the IAM Role, IAM Attach Policy and a IAM Policy.

What environment did it happen in?

Crossplane version: Crossplane-UXP: v1.14.7-up.1 Crossplane-provider version: v0.47.2

Part of CloudTrail event

...
    "eventSource": "iam.amazonaws.com",
    "eventName": "UpdateAssumeRolePolicy",
    "awsRegion": "us-east-1",
    "userAgent": "aws-sdk-go-v2/1.19.0 os/linux lang/go#1.21.2 md/GOOS#linux md/GOARCH#amd64 api/iam#1.14.0 crossplane-provider-aws/v0.47.2",
    "requestParameters": {
        "roleName": "role-application",
        "policyDocument": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\":\n    [\n      {\n        \"Effect\": \"Allow\",\n        \"Principal\": {\n          \"Service\": [\n            \"apigateway.amazonaws.com\",\n            \"lambda.amazonaws.com\",\n            \"states.amazonaws.com\"\n          ]\n        },\n        \"Action\": [\n          \"sts:AssumeRole\"\n        ]\n      }\n    ]\n}\n"
    },
...

Jul 10 '24 14:07 haooliveira84

provider-aws provider-aws copied to clipboard

Huge API calls to `iam.amazonaws.com`

What happened?

How can we reproduce it?

What environment did it happen in?

Part of CloudTrail event

provider-aws
provider-aws copied to clipboard