Skip to content

Commit

Permalink
fix(aws-ecs): scope drainhook permissions to container instance
Browse files Browse the repository at this point in the history
  • Loading branch information
@piradeepk
piradeepk committed Jul 3, 2019
1 parent 4bd45e7 commit 2f42267
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions packages/@aws-cdk/aws-ecs/lib/drain-hook/instance-drain-hook.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ export class InstanceDrainHook extends cdk.Construct {
heartbeatTimeout: drainTime,
});

const containerInstanceResource = Stack.of(this).formatArn({
const containerInstanceArn = Stack.of(this).formatArn({
service: 'ecs',
resource: 'containerInstance',
resourceName: props.cluster.clusterName.concat('*')
Expand Down Expand Up @@ -115,7 +115,7 @@ export class InstanceDrainHook extends cdk.Construct {
'ecs:UpdateContainerInstancesState',
'ecs:ListTasks'
],
resources: [containerInstanceResource]
resources: [containerInstanceArn]
}));
}
}

0 comments on commit 2f42267

Please sign in to comment.