-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(pipelines): cannot publish assets to more than 35 environments #21010
Conversation
We used to use `Lazy.list()` to render the list of Role ARNs that the Asset Publishing Role needs to assume. The Lazy list cannot be split up, meaning the overflow rendering logic we recently added cannot apply to this policy. Turn the lazy list into mutating a policy statement in-place, so the policy overflow logic can split the policy statement into multiple managed policies.
@@ -488,10 +489,10 @@ class AssetPublishing extends Construct { | |||
private readonly MAX_PUBLISHERS_PER_STAGE = 50; | |||
|
|||
private readonly publishers: Record<string, PublishAssetsAction> = {}; | |||
private readonly assetRoles: Record<string, iam.IRole> = {}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❤️
Co-authored-by: Romain Marcadier <[email protected]>
Co-authored-by: Romain Marcadier <[email protected]>
Co-authored-by: Romain Marcadier <[email protected]>
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…ws#21010) We used to use `Lazy.list()` to render the list of Role ARNs that the Asset Publishing Role needs to assume. The Lazy list cannot be split up, meaning the overflow rendering logic we recently added cannot apply to this policy. Turn the lazy list into mutating a policy statement in-place, so the policy overflow logic can split the policy statement into multiple managed policies. Also in this PR: - To keep the tests behavior consistent (on whether arrays get rendered to the `Resource` field in statements or not, regardless of exactly which code path is taken), change the behavior of `PolicyStatement`, have it eagerly dedupe in memory. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We used to use
Lazy.list()
to render the list of Role ARNs that theAsset Publishing Role needs to assume.
The Lazy list cannot be split up, meaning the overflow rendering logic
we recently added cannot apply to this policy. Turn the lazy list into
mutating a policy statement in-place, so the policy overflow logic can
split the policy statement into multiple managed policies.
Also in this PR:
Resource
field in statements or not, regardless of exactly which code path is taken), change the behavior ofPolicyStatement
, have it eagerly dedupe in memory.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license