Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(merge-back): 2.171.1 #32326

Closed
wants to merge 3 commits into from
Closed

chore(merge-back): 2.171.1 #32326

wants to merge 3 commits into from
+33 −23

Conversation

aws-cdk-automation
Copy link
Collaborator

No description provided.

iliapolo and others added 3 commits November 27, 2024 15:56
@iliapolo @rix0rrr
fix(cli): lambda hotswap fails if lambda:GetFunctionConfiguration a…
a073e93 
…ction is not allowed (#32301)

Closes #32219

### Reason for this change



In SDKv3, the standard `waitUntilFunctionUpdated` function invokes the `GetFunctionConfiguration` API, as opposed to SDKv2, which invoked `GetFunction`. This means that consumers of SDKv3 must allow the `lambda:GetFunctionConfiguration` action in their IAM role policy.

### Description of changes



Use a different waiter function provided by the SDK, which invokes `GetFunction` instead of `GetFunctionConfiguration`, and thus restoring required IAM permissions to what they were in SDKv2.

See https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-lambda/src/waiters/waitForFunctionUpdatedV2.ts#L10

> As opposed to https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-lambda/src/waiters/waitForFunctionUpdated.ts#L13

### Description of how you validated changes

Manul test. Assumed a role with the following policies:

![Screenshot 2024-11-27 at 9 34 25](https://github.com/user-attachments/assets/69415c37-6fe8-44d3-972c-1373ec55f46e)

```console
 ❯ cdk deploy --hotswap                                                                                                                                                                                                                                            [09:29:11]

✨  Synthesis time: 2.72s

⚠️ The --hotswap and --hotswap-fallback flags deliberately introduce CloudFormation drift to speed up deployments
⚠️ They should only be used for development - never use them for your production Stacks!

AwsCdkPlaygroundStack: deploying... [1/1]

✨ hotswapping resources:
   ✨ Lambda Function 'AwsCdkPlaygroundStack-Function76856677-7Rl7hiwwO5LQ'
❌  AwsCdkPlaygroundStack failed: TimeoutError: Resource is not in the expected state due to waiter status: TIMEOUT. Waiter has timed out.
```

Then, run the CLI from the PR.

```console
❯ /Users/epolon/dev/src/github.com/aws/aws-cdk/packages/aws-cdk/bin/cdk deploy --hotswap                                                                                                                                                                          [10:03:00]

✨  Synthesis time: 3.46s

⚠️ The --hotswap and --hotswap-fallback flags deliberately introduce CloudFormation drift to speed up deployments
⚠️ They should only be used for development - never use them for your production Stacks!

AwsCdkPlaygroundStack: deploying... [1/1]

✨ hotswapping resources:
   ✨ Lambda Function 'AwsCdkPlaygroundStack-Function76856677-7Rl7hiwwO5LQ'
✨ Lambda Function 'AwsCdkPlaygroundStack-Function76856677-7Rl7hiwwO5LQ' hotswapped!

 ✅  AwsCdkPlaygroundStack

✨  Deployment time: 12.72s

Stack ARN:
arn:aws:cloudformation:us-east-1:01234567890:stack/AwsCdkPlaygroundStack/22f2b380-a7cd-11ef-badd-0e08a8e0b5b1

✨  Total time: 16.19s

>>> elapsed time 23s                                                                                                                                                                                                                                                          
```



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@rix0rrr
chore(release): 2.171.1
8beaa20
@mergify
chore(release): 2.171.1 (#32311)
a95560c 
See CHANGELOG

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@aws-cdk-automation aws-cdk-automation requested a review from a team as a code owner November 28, 2024 21:15
@aws-cdk-automation aws-cdk-automation requested a review from a team November 28, 2024 21:15
@github-actions github-actions bot added the p2 label Nov 28, 2024
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Nov 28, 2024
@rix0rrr rix0rrr closed this Nov 28, 2024
@github-actions GitHub Actions
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 28, 2024
@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: a95560c
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aws-cdk-automation @rix0rrr @iliapolo