fix(codebuild): rename CodeBuild VPC policy to be unique (#5385)

The policy used for the VPC permissions had the hard-coded name 'CodeBuildEc2Polocy', which meant you could only have at most one CodeBuild project in a VPC in each stack. The change is to use the construct's unique ID as the policy name, which means it will be different for every project in the stack.
aws · Dec 18, 2019 · 16a1200 · 16a1200
1 parent 7b34d56
commit 16a1200
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 3 deletions.
diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts
@@ -955,7 +955,6 @@ export class Project extends ProjectBase {
     }));
 
     const policy = new iam.Policy(this, 'PolicyDocument', {
-      policyName: 'CodeBuildEC2Policy',
       statements: [
         new iam.PolicyStatement({
           resources: ['*'],

diff --git a/packages/@aws-cdk/aws-codebuild/test/integ.project-vpc.expected.json b/packages/@aws-cdk/aws-codebuild/test/integ.project-vpc.expected.json
@@ -415,7 +415,7 @@
           ],
           "Version": "2012-10-17"
         },
-        "PolicyName": "CodeBuildEC2Policy",
+        "PolicyName": "MyProjectPolicyDocument646EE0F2",
         "Roles": [
           {
             "Ref": "MyProjectRole9BBE5233"
@@ -424,4 +424,4 @@
       }
     }
   }
-}
+}