kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ignore white space when validating IAM policy size limits 

The AWS documentation [0] mentions:

> IAM does not count white space when calculating the size of a policy against these quotas.

Therefore we should be excluding white space when performing this validation client-side.

[0] https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
This commit is contained in:
Peter Rifel 2021-11-09 07:31:21 -06:00
parent 0506b07814
commit dba112a21f
No known key found for this signature in database
GPG Key ID: BC6469E5B16DB2B6
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
upup/pkg/fi/cloudup/awstasks/iamrolepolicy.go
View File

@ -22,6 +22,7 @@ import (
"hash/fnv" "hash/fnv"
"net/url" "net/url"
"sort" "sort"
"strings"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
@ -296,9 +297,9 @@ func (e *IAMRolePolicy) policyDocumentString() (string, error) {
if err != nil { if err != nil {
return "", err return "", err
} }
policySize := len(policy) policySize := len(strings.Join(strings.Fields(policy), ""))
if policySize > 10240 { if policySize > 10240 {
return "", fmt.Errorf("policy size was %d. Policy cannot exceed 10240 bytes.", policySize) return "", fmt.Errorf("policy size was %d. Policy cannot exceed 10240 bytes", policySize)
} }
return policy, err return policy, err
} }