dflook
commented
5 years ago Thanks! I'll take a look later today.
Closed pitkley closed 5 years ago
dflook
commented
5 years ago Thanks! I'll take a look later today.
pitkley
commented
5 years ago @dflook thanks for the thorough and quick review! 🙂 I have incorporated your suggestions, see the additional commits for each change.
dflook
commented
5 years ago Looks good. I'll test and merge this later today.
pitkley
commented
5 years ago @dflook thanks for taking the time to review and for getting this merged so quick! :tada:
snowake4me
commented
5 years ago Many thanks to @pitkley for this great feature / PR: Alas, I think I'm missing something critical (perhaps a failure to properly RTFM?) - see Issue #5
This PR adds a new top-level key
AssumeRoleto the allowed resource properties. If a role-ARN is specified using that key, the resource will now assume that role before creating the Route 53 resource records (and only for that!).The use-case is as follows: the hosted zone you want to create a certificate for is owned by an account different from the one the certificate should be created in. The cleanest way to create resource records in another account is by assuming a role in that account giving the required permissions.
I have successfully tested this change with the following scenarios:
I have split this PR up into 5 commits, which hopefully helps in reviewing the change. If you want me to also bump the version number, I'd appreciate it if you could tell me where all I'd have to do this (I assume just
setup.py?), and to which version.