auto-generated role name too long, but managing manual role names too brittle

[startakovsky]

Hello,

So, I got the error that the auto-generated IAM-Role-Statements-Name was too long so I made my own. I took good care to make this a unique name indicating the region, the name of the stack etc. It seems that changing the name is nontrivial and ends up putting the stack in a weird place.

So my question is, is there a way to manipulate the maximum length of the unique role name so that I don't have to worry about it since the permissions are for this lambda function only?

Thanks, Steven

[Enase]

The answer is no. It is a duplicate of https://github.com/functionalone/serverless-iam-roles-per-function/issues/38 etc.

There is an idea to resolve it in this way https://github.com/functionalone/serverless-iam-roles-per-function/issues/34 / https://github.com/functionalone/serverless-iam-roles-per-function/pull/35

You may help community and finish the work in progress.

[startakovsky]

Thanks @Enase I had a look at those issues, but I do not think this solves things. If I use the PR I would still want to put a unique stack and region identifier and ultimately my issue is doing anything manual, because it is not easily modifiable and requires direct interaction with IAM in AWS itself.

So, I guess the request to shorten the auto-generated name to comply with AWS/provider conventions is not possible and I assume metadata cannot be utilized so that the iam role name cannot simply be some randomly generate ID.