Open SuryaTeja18 opened 1 year ago
Hello team,
aws: prefix tags are not being included in GetResource API's response for resources. However, the Describe calls corresponding to the particular service does include these tags.
Example:
[cloudshell-user@ip-10-6-21-130 ~]$ aws cloudcontrol get-resource --type-name AWS::Lambda::Function --identifier replication-macro { "TypeName": "AWS::Lambda::Function", "ResourceDescription": { "Identifier": "replication-macro", "Properties": "{\"MemorySize\":128,\"Description\":\"\",\"TracingConfig\":{\"Mode\":\"PassThrough\"},\"Timeout\":3,\"RuntimeManagementConfig\":{\"UpdateRuntimeOn\":\"Auto\"},\"Handler\":\"index.handler\",\"SnapStartResponse\":{\"OptimizationStatus\":\"Off\",\"ApplyOn\":\"None\"},\"Role\":\"arn:aws:iam::123456789012:role/ReplicateMacro-rTransformExecutionRole-973H8LSLFWLK\",\"FileSystemConfigs\":[],\"FunctionName\":\"replication-macro\",\"Runtime\":\"python3.7\",\"PackageType\":\"Zip\",\"Arn\":\"arn:aws:lambda:us-east-2:123456789021:function:replication-macro\",\"EphemeralStorage\":{\"Size\":512},\"Tags\":[{\"Value\":\"Alpha\",\"Key\":\"A\"}],\"Architectures\":[\"x86_64\"]}" } } [cloudshell-user@ip-10-6-21-130 ~]$ aws lambda list-tags --resource arn:aws:lambda:us-east-2:123456789012:function:replication-macro { "Tags": { "A": "Alpha", "aws:cloudformation:logical-id": "rTransformFunction", "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:123456789012:stack/ReplicateMacro/1aae61c0-ff17-11ed-972e-065f2cf72cdb", "aws:cloudformation:stack-name": "ReplicateMacro" } }
Same is the case with other resources as well.
GetResource API however tends to return aws-cdk
[cloudshell-user@ip-10-2-182-154 ~]$ aws cloudcontrol get-resource --type-name AWS::IAM::Role --identifier cdk-hnb659fds-lookup-role-123456789012-us-east-1 { "TypeName": "AWS::IAM::Role", "ResourceDescription": { "Identifier": "cdk-hnb659fds-lookup-role-123456789012-us-east-1", "Properties": "{\"Path\":\"/\",\"ManagedPolicyArns\":[\"arn:aws:iam::aws:policy/ReadOnlyAccess\"],\"MaxSessionDuration\":3600,\"RoleName\":\"cdk-hnb659fds-lookup-role-123456789012-us-east-1\",\"Description\":\"\",\"Policies\":[{\"PolicyName\":\"LookupRolePolicy\",\"PolicyDocument\":{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"kms:Decrypt\"],\"Resource\":\"*\",\"Effect\":\"Deny\",\"Sid\":\"DontReadSecrets\"}]}}],\"AssumeRolePolicyDocument\":{\"Version\":\"2008-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:root\"}}]},\"Arn\":\"arn:aws:iam::123456789012:role/cdk-hnb659fds-lookup-role-123456789012-us-east-1\",\"RoleId\":\"AROA2IK6PTBFV4VXS74L5\",\"Tags\":[{\"Value\":\"lookup\",\"Key\":\"aws-cdk:bootstrap-role\"}]}" } }
So the issue seems to be only with aws: prefix tags, the ones that are auto added by to resources created by CloudFormation.
Kindly fix this erroneous behaviour.
P123902621
jmklix
commented
8 months ago
Hello team,
aws: prefix tags are not being included in GetResource API's response for resources. However, the Describe calls corresponding to the particular service does include these tags.
Example:
Same is the case with other resources as well.
GetResource API however tends to return aws-cdk
So the issue seems to be only with aws: prefix tags, the ones that are auto added by to resources created by CloudFormation.
Kindly fix this erroneous behaviour.