search

zalando-stups / senza

Deploy immutable application stacks and create and execute AWS CloudFormation templates in a sane way
https://pypi.python.org/pypi/stups-senza
Other
96 stars 72 forks source link

Add Cross Stack Policy to IAM Role #562

Closed pc-alves closed 5 years ago

pc-alves commented 5 years ago

On March 18, 2019, AWS introduced limitations to the scope of calls to stack level APIs, such as DescribeStackResources. These APIs are used by aws-cfn-bootstrap scripts, including cfn-init and cfn-hup, which are commonly used to provision EC2 instances created by CloudFormation.

This limitation has not been applied to accounts that are making cross stack requests, but this will only be like that until May 30, 2019. When this comes into effect, it will prevent Elastigroup deployments from functioning as expected.

The policy added in this PR is the one recommended by Spotinst in their documentation.

This policy will be added when running the init command and when creating new Elastigroup stacks via create command. The policy will be added only if not found in the provided specification.

Current TODOs:

lmineiro commented 5 years ago

👍

pc-alves commented 5 years ago

👍