Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(events): use existing Role when running ECS Task #8145

Merged
merged 11 commits into from
Aug 11, 2020
Merged

feat(events): use existing Role when running ECS Task #8145

merged 11 commits into from
Aug 11, 2020

Conversation

karupanerura
Copy link
Contributor

@karupanerura karupanerura commented May 22, 2020
edited by iliapolo
Loading

Fixes #7859

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@karupanerura
Copy link
Contributor Author

Hmm... How to document about it to README.md? There are no details for per targets in README.md. Is it intendedly? or should I add documents to there? (and should I add documents about also other targets?)

@karupanerura karupanerura mentioned this pull request May 22, 2020
Closed
2 tasks
@karupanerura
Copy link
Contributor Author

This is the only documentation about event targets I can find in README.md:
https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-events/README.md#event-targets

@karupanerura
Copy link
Contributor Author

Or... it's OK?

diff --git a/packages/@aws-cdk/aws-events/README.md b/packages/@aws-cdk/aws-events/README.md
index adade2d15..152bed6a8 100644
--- a/packages/@aws-cdk/aws-events/README.md
+++ b/packages/@aws-cdk/aws-events/README.md
@@ -89,7 +89,7 @@ import { Rule, Schedule } from '@aws-cdk/aws-events';
 import { EcsTask } from '@aws-cdk/aws-events-targets';
 ...
 
-const ecsTaskTarget = new EcsTask({ cluster, taskDefinition });
+const ecsTaskTarget = new EcsTask({ cluster, taskDefinition, role });
 
 new Rule(this, 'ScheduleRule', {
  schedule: Schedule.cron({ minute: '0', hour: '4' }),

@karupanerura
Copy link
Contributor Author

OK. I try it to avoid PR Linter failure: #8145 (comment)

rix0rrr
rix0rrr previously requested changes Jul 8, 2020
View reviewed changes
packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts
@@ -117,33 +126,8 @@ export class EcsTask implements events.IRuleTarget {
* Allows using tasks as target of EventBridge events
*/
public bind(_rule: events.IRule, _id?: string): events.RuleTargetConfig {
const policyStatements = [new iam.PolicyStatement({
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please revert this. I get that you don't want this for your specific use case right now, but we have to have consistent behavior across the whole of CDK otherwise people will constantly have to be digging in documentation.

If you want the specific role you're passing to not have statements added to them, pass role.withoutPolicyUpdates() instead.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like you thumbs-upped my comment, but didn't actually make the change.

Is the code now in a situation where the policy statements are added to the role users pass in (if they do)?

Copy link
Contributor Author

@karupanerura karupanerura Aug 11, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops! No, it isn't. I'm agree to your advice and this code should be fix.
But I haven't been able to do anything because I've been so busy lately, unlike 2 month ago. so sorry for late to fix it.

Copy link
Contributor Author

@karupanerura karupanerura Aug 11, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so I fixed it. I'm happy if you check it. I'm sorry late for the fix.

@mergify mergify bot dismissed rix0rrr’s stale review July 12, 2020 08:25

Pull request has been modified.

@karupanerura karupanerura requested a review from rix0rrr August 11, 2020 07:14
@rix0rrr rix0rrr changed the title feat(events-targets): supports to use existing IAM role to run ECS task by cloud watch event feat(events): use existing Role when running ECS Task Aug 11, 2020
@mergify
Copy link
Contributor

mergify bot commented Aug 11, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: de9fb87
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Aug 11, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit aad951a into aws:master Aug 11, 2020
@karupanerura karupanerura deleted the feature/events-ecs-task-existing-iam-role branch August 11, 2020 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees

@rix0rrr rix0rrr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

@aws-cdk/aws-events-targets: Use existing IAM role to run ECS task by cloud watch event
3 participants
@karupanerura @aws-cdk-automation @rix0rrr