search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.55k stars 3.87k forks source link

fix(cognito-identitypool): allow multiple IdentityPoolRoleAttachment resources #31390

Open Leo10Gama opened 2 weeks ago

Leo10Gama commented 2 weeks ago

Issue # (if applicable)

Closes #23449

Reason for this change

Previously, you could not create multiple IdentityPoolRoleAttachment resources. This was due to an API bug that was setting the logical ID of the role attachment to be identical to the logical ID of the identity pool itself. On its own, this was OK since you can have different resources with the same logical ID (weird, but allowed), but you cannot have two resources of the same type with the same logical ID. This was causing an issue for the cases of either creating an IdentityPoolRoleAttachment from scratch, or calling the addRoleMappings() method, which was creating an additional IdentityPoolRoleAttachment.

Description of changes

The service team was contacted and have made updates on their end to alleviate this issue. In terms of changes in CDK, we have only validated their changes...

Description of how you validated changes

...by updating the integration test. Since these errors were failing at deploy time, the unit test does not need to be updated. The integration test, however, now makes two additional checks to verify these changes have been successful: it calls addRoleMappings() and it creates a new IdentityPoolRoleAttachment resource. Both of these changes create a new role attachment, and map them to an identity pool which already has one, so if the deployment succeeds, we know the fix has been made.

Note: as of (2024-09-10), the changes have not yet been made, so the integration test will fail. Once changes are made, I'll update the snapshots and undraft this PR for review

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

aws-cdk-automation commented 2 weeks ago

The pull request linter fails with the following errors:

❌ Fixes must contain a change to an integration test file and the resulting snapshot.

PRs must pass status checks before we can provide a meaningful review.

If you would like to request an exemption from the status checks or clarification on feedback, please leave a comment on this PR containing Exemption Request and/or Clarification Request.

aws-cdk-automation commented 2 weeks ago

AWS CodeBuild CI Report

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository