Closed pritamrungta closed 1 year ago
dflook
commented
1 year ago Hi @pritamrungta, thanks for creating a PR.
This looks like a good addition. One suggestion, I think the new parameter should be Route53RoleExternalId to make it clear it relates to the Route53RoleArn.
pritamrungta
commented
1 year ago Thanks for the feedback. I've updated the PR with the changes.
dflook
commented
1 year ago The code with this change is too big to fit the template - how have you managed to create the templates in the PR?
pritamrungta
commented
1 year ago Hi, I ran python cloudformation.py using Python 3.9.16 to generate the templates.
Also, checked/invoked the generated lambda function from cloudformation.yaml on the AWS console (inline editor).
Let me know if you need more info.
pritamrungta
commented
1 year ago I see. Are you referring to test_lambda_code_size.py?
I think that limit should be 3MB now, isn't it?
dflook
commented
1 year ago I must have missed that, the limit is indeed 4MB now. I was using an old version of troposphere that enforced 4k, after updating it looks fine.
dflook
commented
1 year ago Thanks, this has been released as version 1.8.0
This PR adds basic support for ExternalId in sts->assume_role when it is required by Route53RoleArn conditions.
While it's still not attack-proof, it adds one more thin layer of security.