Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Impossible to use pre-existing role for ApiGatewayV1 routes #987

Closed
antoine-js opened this issue Sep 4, 2024 · 4 comments · May be fixed by #1013
Closed

Impossible to use pre-existing role for ApiGatewayV1 routes #987

antoine-js opened this issue Sep 4, 2024 · 4 comments · May be fixed by #1013
Assignees
@fwang

Comments

@antoine-js
Copy link
Contributor

For ApiGatewayV2, it works:

const api = new sst.aws.ApiGatewayV2("MyApi");

api.route("GET /", {
  handler: "index.test",
  role: `arn:aws:iam::${accountId}:role/my-role`,
  memory: "256 MB",
  timeout: "30 seconds",
});

For ApiGatewayV1, it does not work:

const api = new sst.aws.ApiGatewayV1("MyApi");

api.route("GET /", {
  handler: "index.test",
  role: `arn:aws:iam::${accountId}:role/my-role`,
  memory: "256 MB",
  timeout: "30 seconds",
});

Error:

✕  Failed
   Error: "nodes.role" is not available when a pre-existing role is used.

       at Object.get role [as role] (file:///my-project/.sst/platform/src/components/aws/function.ts:1596
:17)
       at /my-project/.sst/platform/node_modules/@pulumi/output.ts:758:57

       at Array.some (<anonymous>)

       at impl (/my-project/.sst/platform/node_modules/@pulumi/output.ts:758:37)

       at containsUnknowns (/my-project/.sst/platform/node_modules/@pulumi/output.ts:743:12)

       at /my-project/.sst/platform/node_modules/@pulumi/output.ts:180:84

       at processTicksAndRejections (node:internal/process/task_queues:95:5)

       at async Promise.all (index 2)
@antoine-js antoine-js mentioned this issue Sep 8, 2024
Open
@jonathanPretre
Copy link

Actually, we are facing the same issue in my company. It is the last blocker we have before to move all our stack to SST. I hope this issue will find a solution 🤞

@fwang
Copy link
Contributor

fwang commented Sep 21, 2024

@antoine-js sorry about the delay.

i'm not getting the error w/ ur above code:

const api = new sst.aws.ApiGatewayV1("MyApi");

api.route("GET /", {
  handler: "index.test",
  role: `arn-of-a-role-used-by-another-lambda`,
});

I could successfully deploy.

Are you manually calling .nodes.role? /cc @jonathanPretre

@antoine-js
Copy link
Contributor Author

Hi @fwang,

I retried with my current version of SST (3.0.73) and still didnt work. But I tried upgrading to latest version (3.1.35) and it worked!

So I guess it was fixed indirectly.

I still wonder if my PR is worth checking as it should prevent any potential issue like this in the future by referencing the role used when not creating one. But other than that, we can close this issue.

@fwang
Copy link
Contributor

fwang commented Sep 26, 2024
edited
Loading

Hye @antoine-js thanks for the update.

Currently the thinking is if something was not created by the component, .nodes.xxxx will throw an error. We do this in multiple places.

I can see the flip side of referencing instead of throw.

Let me give it some thought.

@fwang fwang closed this as completed Sep 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fwang fwang

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: aws function predefined role antoine-js/ion
3 participants
@fwang @jonathanPretre @antoine-js