-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(core): parsing an ARN with a slash after a colon in the resource part fails #15166
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two things:
- ARNs need to be roundtrippable: we need to be able to
formatArn()
the information we got out ofparseArn()
and get the same ARN back. We might need to addmodernArn: boolean
to ArnComponents or something (or maybetypeSep = ':' | ':/'
). - We need
parseArnIfToken()
to produce CloudFormation expressions which, when evaluated, would produce the same value asparseArn()
would do on a literal string.
For the latter, given eval-cfn.ts
we could probably have each test exercise both forms of parsing, so that might be a worthwhile thing to add: https://github.com/aws/aws-cdk/blob/master/packages/@aws-cdk/core/test/evaluate-cfn.ts/#L8
The double test would look somewhat like: function assertArnParsesProperlyTo(arn: string, expectedComponents: ArnComponents, parseOptions: ...) {
const components = stack.parseArn(arn);
expect(components).toEqual(expectedComponents);
const tokenExprs = stack.parseArn(new Intrinsic({ Ref: TheArn }), ...parseOptions);
const tokenComponents = evaluateCFN(tokenExprs, { TheArn: arn });
expect(tokenComponents).toEqual(expectedComponents);
} (or something) |
a018778
to
d20c24b
Compare
@rix0rrr included your comments. Please take another look! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Provisional approval provided you come up with a good name for the new parameter :)
c23413e
to
e6da9af
Compare
'arn:aws:s3:::my_corporate_bucket/object.zip': { | ||
partition: 'aws', | ||
service: 's3', | ||
region: '', | ||
account: '', | ||
resource: 'my_corporate_bucket/object.zip', | ||
arnFormat: ArnFormat.NO_RESOURCE_NAME, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is definitely the most interesting test case. I can be convinced that it should return arnFormat : ArnFormat.SLASH_RESOURCE_NAME
, resource: 'my_corporate_bucket'
, sep: '/'
, and resourceName: 'object.zip'
instead of what it's returning right now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the current interpretation is correct.
arn:aws:s3:::my_corporate_bucket/object.zip
is really addressing a file in a bucket, with a fully qualified name. It makes sense that my_corporate_bucket/object.zip
is the value of resource
.
What I personally don't like is that resource
varyingly means the TYPE of the resource, or the NAME of the resource itself (depending on ARN format), but... c'est la vie, not something we can reasonably change anymore...
@rix0rrr I've decided to go with the option of introducing the Let me know what you think! |
…part fails New-style ARNs are of the form 'arn:aws:s4:us-west-1:12345:/resource-type/resource-name'. We didn't handle that correctly in parseArn(), and instead returned an `undefined` resource, which funnily enough should never happen according to our types. Introduce the concept of ARN formats, represented by an enum in core, and replace the `Stack.parseArn()` method by a new one `Stack.splitArn()`, taking that enum as a required second argument. Spotted in https://github.com/aws/aws-cdk/pull/15140/files#r653112073
e6da9af
to
d3c1ce0
Compare
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
@Mergifyio refresh |
Command
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…part fails (aws#15166) New-style ARNs are of the form `'arn:aws:s4:us-west-1:12345:/resource-type/resource-name'`. We didn't handle that correctly in `parseArn()`, and instead returned an `undefined` resource, which funnily enough should never happen according to our types. Introduce the concept of ARN formats, represented by an enum in core, and replace the `Stack.parseArn()` method by a new one `Stack.splitArn()`, taking that enum as a required second argument. Spotted in https://github.com/aws/aws-cdk/pull/15140/files#r653112073 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…part fails (aws#15166) New-style ARNs are of the form `'arn:aws:s4:us-west-1:12345:/resource-type/resource-name'`. We didn't handle that correctly in `parseArn()`, and instead returned an `undefined` resource, which funnily enough should never happen according to our types. Introduce the concept of ARN formats, represented by an enum in core, and replace the `Stack.parseArn()` method by a new one `Stack.splitArn()`, taking that enum as a required second argument. Spotted in https://github.com/aws/aws-cdk/pull/15140/files#r653112073 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…part fails (aws#15166) New-style ARNs are of the form `'arn:aws:s4:us-west-1:12345:/resource-type/resource-name'`. We didn't handle that correctly in `parseArn()`, and instead returned an `undefined` resource, which funnily enough should never happen according to our types. Introduce the concept of ARN formats, represented by an enum in core, and replace the `Stack.parseArn()` method by a new one `Stack.splitArn()`, taking that enum as a required second argument. Spotted in https://github.com/aws/aws-cdk/pull/15140/files#r653112073 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
New-style ARNs are of the form
'arn:aws:s4:us-west-1:12345:/resource-type/resource-name'
.We didn't handle that correctly in
parseArn()
, and instead returned anundefined
resource,which funnily enough should never happen according to our types.
Introduce the concept of ARN formats,
represented by an enum in core,
and replace the
Stack.parseArn()
method by a new oneStack.splitArn()
,taking that enum as a required second argument.
Spotted in https://github.com/aws/aws-cdk/pull/15140/files#r653112073
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license