bug: service-linked role creation not matching AWS role name #5249
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
I run the following command to create a service-linked role:
aws iam create-service-linked-role --aws-service-name ecs.amazonaws.com --endpoint-url=http://localhost:4566
Here is the role that is created.
Two things to notice:
- "RoleName" is "service-linked-role-xxxxxxxx". The ECS service-linked role name when I call AWS is AWSServiceRoleForECS
- Because the name is using a uuid concatenated to "service-linked-role", I can keep calling this endpoint and it will always create a new role, whereas in AWS, I would received an error saying role already exists.
{
"Role": {
"Path": "/",
"RoleName": "service-linked-role-6226467e",
"RoleId": "4trul9gogjlqtlz5r1jk",
"Arn": "arn:aws:iam::000000000000:role/aws-service-role/ecs.amazonaws.com/service-linked-role-6226467e",
"CreateDate": "2022-01-10T21:32:00.610000+00:00",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ecs.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
},
"MaxSessionDuration": 3600
}
}
Expected Behavior
- Service linked roles should match the names that AWS returns (for the case above it should return "AWSServiceRoleForECS")
- Service linked roles that already exist should return an error
How are you starting LocalStack?
With a docker-compose file
Steps To Reproduce
How are you starting localstack (e.g., bin/localstack command, arguments, or docker-compose.yml)
docker-compose up
Client commands (e.g., AWS SDK code snippet, or sequence of "awslocal" commands)
aws iam create-service-linked-role --aws-service-name ecs.amazonaws.com --endpoint-url=http://localhost:4566
Environment
- OS: Windows 10 and MacOS
- LocalStack: 0.13.3Anything else?
No response