-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(pipelines): pipeline asset role trust policy has account root principal #30084
Changes from 1 commit
d4434e1
931a0b9
854bbbf
2fe374c
637f58c
b80c998
0c2fa99
0bca4b3
a30ecc2
6866c35
c293078
2ee638f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -396,17 +396,6 @@ describe('basic pipeline', () => { | |
Service: 'codebuild.amazonaws.com', | ||
}, | ||
}, | ||
{ | ||
Action: 'sts:AssumeRole', | ||
Effect: 'Allow', | ||
Principal: { | ||
AWS: { | ||
'Fn::Join': ['', [ | ||
'arn:', { Ref: 'AWS::Partition' }, `:iam::${PIPELINE_ENV.account}:root`, | ||
]], | ||
}, | ||
}, | ||
}, | ||
Comment on lines
-400
to
-409
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why does this test change when no feature flag is set? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Since the behavior has been tested with feature flag in the other test, we can use this to test default value. |
||
], | ||
}, | ||
}); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of explaining why we add a feature flag here, can we explain the behaviour of the flag when it's true vs false, i.e.
When this feature flag is enabled, the it will not add root account principal ...