Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Bug? CloudFromation AWS::ServiceCatalog::PortfolioPrincipalAssociation does not delete IAM_PATTERN principals

0

Bug: CloudFormation resource AWS::ServiceCatalog::PortfolioPrincipalAssociation allows for creating resources with type IAM_PATTERN, even though the documentation does not allow the. Those resources always fail to be deleted.

Excepted behavior:

  • Resource fails validation during creation, or
  • Resource can be deleted

To replicate: Deploy this template. Delete it.

{
 "Resources": {
  "Portfolio": {
   "Type": "AWS::ServiceCatalog::Portfolio",
   "Properties": {
    "DisplayName": "test",
    "ProviderName": "test",
    "Description": "test"
   },
   "PrincipalAssoc": {
    "Type": "AWS::ServiceCatalog::PortfolioPrincipalAssociation",
    "Properties": {
     "PortfolioId": {
      "Ref": "Portfolio"
     },
     "PrincipalARN": "arn:aws:iam:::role/SomeRolePattern*",
     "PrincipalType": "IAM_PATTERN"
    }
   }
  }
 }
}
Temas
Gestión y gobierno
Etiquetas
AWS CloudFormation
Idioma
English
f0ff
preguntada hace 8 meses174 visualizaciones
1 Respuesta
0

Hi,

this same ticket has been previously raised; https://github.com/aws/aws-cdk/issues/24370

You can probably weigh on it or open a Support ticket in your AWS console (service teams like CFN are not supposed to monitor re:Post for bug reports)

Best,

Didier

profile pictureAWS
EXPERTO
Didier_Durand
respondido hace 8 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante