New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
serverless-iam-roles-per-function
Advanced tools
serverless-iam-roles-per-function - npm Package Compare versions
Comparing version 1.0.2 to 1.0.3
@@ -5,2 +5,13 @@ # Change Log | ||
| <a name="1.0.3"></a> | ||
| ## [1.0.3](https://github.com/functionalone/serverless-iam-roles-per-function/compare/v1.0.2...v1.0.3) (2018-08-26) | ||
| ### Features | ||
| * support for auto shortening the role name when default naming scheme exceeds 64 chars ([97284e4](https://github.com/functionalone/serverless-iam-roles-per-function/commit/97284e4)) | ||
| * update dependencies ([b16de8d](https://github.com/functionalone/serverless-iam-roles-per-function/commit/b16de8d)) | ||
| <a name="1.0.2"></a> | ||
@@ -7,0 +18,0 @@ ## [1.0.2](https://github.com/functionalone/serverless-iam-roles-per-function/compare/v1.0.1...v1.0.2) (2018-07-28) |
@@ -16,2 +16,3 @@ declare class ServerlessIamPerFunctionPlugin { | ||
| validateStatements(statements: any): void; | ||
| getRoleNameLength(name_parts: any[]): number; | ||
| getFunctionRoleName(functionName: string): any; | ||
@@ -18,0 +19,0 @@ /** |
@@ -38,2 +38,10 @@ "use strict"; | ||
| } | ||
| getRoleNameLength(name_parts) { | ||
| let length = 0; //calculate the expected length. Sum the length of each part | ||
| for (const part of name_parts) { | ||
| length += part.length; | ||
| } | ||
| length += (name_parts.length - 1); //take into account the dashes between parts | ||
| return length; | ||
| } | ||
| getFunctionRoleName(functionName) { | ||
@@ -45,9 +53,8 @@ const roleName = this.serverless.providers.aws.naming.getRoleName(); | ||
| } | ||
| fnJoin[1].splice(2, 0, functionName); | ||
| let length = 0; //calculate the expected length. Sum the lenght of each part | ||
| for (const part of fnJoin[1]) { | ||
| length += part.length; | ||
| fnJoin[1].splice(2, 0, functionName); //insert the function name | ||
| if (this.getRoleNameLength(fnJoin[1]) > 64 && fnJoin[1][fnJoin[1].length - 1] === 'lambdaRole') { | ||
| // Remove lambdaRole from name to give more space for function name. | ||
| fnJoin[1].pop(); | ||
| } | ||
| length += (fnJoin[1].length - 1); //take into account the dashes between parts | ||
| if (length > 64) { //aws limits to 64 chars the role name | ||
| if (this.getRoleNameLength(fnJoin[1]) > 64) { //aws limits to 64 chars the role name | ||
| throw new this.serverless.classes.Error(`auto generated role name for function: ${functionName} is too long (over 64 chars). | ||
@@ -54,0 +61,0 @@ Try setting a custom role name using the property: iamRoleStatementsName.`); |
| { | ||
| "name": "serverless-iam-roles-per-function", | ||
| "private": false, | ||
| "version": "1.0.2", | ||
| "version": "1.0.3", | ||
| "engines": { | ||
@@ -52,4 +52,4 @@ "node": ">=6.10.0" | ||
| "rimraf": "^2.6.2", | ||
| "serverless": "^1.29.1", | ||
| "source-map-support": "^0.5.6", | ||
| "serverless": "^1.30.1", | ||
| "source-map-support": "^0.5.9", | ||
| "standard-version": "^4.4.0", | ||
@@ -56,0 +56,0 @@ "ts-node": "^6.2.0", |
@@ -98,2 +98,25 @@ # Serverless IAM Roles Per Function Plugin | ||
| ``` | ||
| ## Role Names | ||
| The plugin uses a naming convention for function roles which is similar to the naming convention used by the Serverless Framework. Function roles are named with the following convention: | ||
| ``` | ||
| <service-name>-<stage>-<function-name>-<region>-lambdaRole | ||
| ``` | ||
| AWS has a 64 character limit on role names. If the default naming exceeds 64 chars the plugin will remove the suffix: `-lambdaRole` to shorten the name. If it still exceeds 64 chars an error will be thrown containing a message of the form: | ||
| ``` | ||
| auto generated role name for function: ${functionName} is too long (over 64 chars). | ||
| Try setting a custom role name using the property: iamRoleStatementsName. | ||
| ``` | ||
| In this case you should set the role name using the property `iamRoleStatementsName`. For example: | ||
| ```yaml | ||
| functions: | ||
| func1: | ||
| handler: handler.get | ||
| iamRoleStatementsName: my-custom-role-name | ||
| iamRoleStatements: | ||
| - Effect: "Allow" | ||
| Action: | ||
| - dynamodb:GetItem | ||
| Resource: "arn:aws:dynamodb:${self:provider.region}:*:table/mytable" | ||
| ... | ||
| ``` | ||
@@ -100,0 +123,0 @@ ## More Info |
@@ -48,3 +48,12 @@ import _ from 'lodash'; | ||
| this.awsPackagePlugin.validateStatements(statements); | ||
| } | ||
| } | ||
| getRoleNameLength(name_parts: any[]) { | ||
| let length=0; //calculate the expected length. Sum the length of each part | ||
| for (const part of name_parts) { | ||
| length += part.length; | ||
| } | ||
| length += (name_parts.length - 1); //take into account the dashes between parts | ||
| return length; | ||
| } | ||
@@ -57,9 +66,8 @@ getFunctionRoleName(functionName: string) { | ||
| } | ||
| fnJoin[1].splice(2, 0, functionName); | ||
| let length=0; //calculate the expected length. Sum the lenght of each part | ||
| for (const part of fnJoin[1]) { | ||
| length += part.length; | ||
| fnJoin[1].splice(2, 0, functionName); //insert the function name | ||
| if(this.getRoleNameLength(fnJoin[1]) > 64 && fnJoin[1][fnJoin[1].length-1] === 'lambdaRole') { | ||
| // Remove lambdaRole from name to give more space for function name. | ||
| fnJoin[1].pop(); | ||
| } | ||
| length += (fnJoin[1].length - 1); //take into account the dashes between parts | ||
| if(length > 64) { //aws limits to 64 chars the role name | ||
| if(this.getRoleNameLength(fnJoin[1]) > 64) { //aws limits to 64 chars the role name | ||
| throw new this.serverless.classes.Error(`auto generated role name for function: ${functionName} is too long (over 64 chars). | ||
@@ -66,0 +74,0 @@ Try setting a custom role name using the property: iamRoleStatementsName.`); |
@@ -62,3 +62,3 @@ // tslint:disable:no-var-requires | ||
| describe('defaultInherit not set', () => { | ||
| let plugin: any; | ||
| let plugin: Plugin; | ||
@@ -119,2 +119,4 @@ beforeEach(async () => { | ||
| assertFunctionRoleName(name, roleName); | ||
| const name_parts = roleName['Fn::Join'][1]; | ||
| assert.equal(name_parts[name_parts.length - 1], 'lambdaRole'); | ||
| }); | ||
@@ -125,2 +127,14 @@ | ||
| }); | ||
| it('should return a name without "lambdaRole"', () => { | ||
| let name = 'test-name'; | ||
| let roleName = plugin.getFunctionRoleName(name); | ||
| const len = plugin.getRoleNameLength(roleName['Fn::Join'][1]); | ||
| //create a name which causes role name to be longer than 64 chars by 1. Will cause then lambdaRole to be removed | ||
| name += 'a'.repeat(64 - len + 1); | ||
| roleName = plugin.getFunctionRoleName(name); | ||
| assertFunctionRoleName(name, roleName); | ||
| const name_parts = roleName['Fn::Join'][1]; | ||
| assert.notEqual(name_parts[name_parts.length - 1], 'lambdaRole'); | ||
| }); | ||
| }); | ||
@@ -127,0 +141,0 @@ |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by5.82%
60435
- Lines of code
- increased by3.38%
857
- Number of lines in readme file
- increased by19.66%
140
No dependency changes