Manage AWS service-linked roles in a better way.
Project description
Upsert Service-Linked Role
AWS CDK construct to create a service-linked role (SLR) if there is no SLR for the same service, and if there is, skip the creation process.
Features
- Create a service-linked role. If it is already created in the same AWS account, just skip the creation.
- Standalone CFn template since no CDK assets are used. We use inline code for the Lambda function.
- Sleep some time after role creation to wait for IAM propagation.
Usage
npm install upsert-slr
import { ServiceLinkedRole } from 'upsert-slr';
new ServiceLinkedRole(this, 'ElasticsearchSlr', {
awsServiceName: 'es.amazonaws.com',
description: 'Service linked role for Elasticsearch',
});
Why do we need this?
CloudFormation also supports a service-linked role (doc). Why do we need this?
Because the resource behaves strangely when there is already a role with the same name. All we need is to simply create a role, and skip it if it already exists. Such behavior as upsert is achieved by this construct, upsert-slr
.
Also, even if CFn successfully creates a role, resources that depend on the role sometimes fail to be created because there is sometimes a delay before the role is actually available. See this stack overflow for more details.
To avoid the IAM propagation delay, this construct also waits for some time after a role is created.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for upsert_slr-1.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 31a81a0642c66db9fd8491dbf84dbfad9b6793d4d8ddf7f17e67701ffd35744e |
|
MD5 | 1a36931635160495cf80a1c65087f81d |
|
BLAKE2b-256 | a9a35f8d70bfe8f63c49bfe7b565abf569370f7cc3f5cd19d13254de4bc4aaa4 |