Skip to content

ci(integration-test-deployment): pass --role-arn to integ-runner#37960

Draft
Abogical wants to merge 1 commit into
mainfrom
feat/integ-deployment-role-arn
Draft

ci(integration-test-deployment): pass --role-arn to integ-runner#37960
Abogical wants to merge 1 commit into
mainfrom
feat/integ-deployment-role-arn

Conversation

@Abogical
Copy link
Copy Markdown
Member

@Abogical Abogical commented May 21, 2026
edited
Loading

Reason for this change

integ-runner can create stacks with the bootstrap role ARN. This arn can be deleted during cleanup leading to errors as the stack cannot be deleted without manual intervention.

Description of changes

Use STS GetCallerIdentity to derive the role ARN from the assumed allocation credentials and pass it to integ-runner via --role-arn. This ensures CloudFormation uses the correct execution role for deploy/destroy operations regardless of what is baked into the synthesized templates.

This depends on the following PR being released: aws/aws-cdk-cli#1541

Describe any new or updated permissions being added

N/A

Description of how you validated changes

Not validated as this is a CI change.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@Abogical
feat(integration-test-deployment): pass --role-arn to integ-runner
341ba20 
Use STS GetCallerIdentity to derive the role ARN from the assumed
allocation credentials and pass it to integ-runner via --role-arn.
This ensures CloudFormation uses the correct execution role for
deploy/destroy operations regardless of what is baked into the
synthesized templates.
@github-actions github-actions Bot added the p2 label May 21, 2026
@github-actions github-actions Bot added the distinguished-contributor [Pilot] contributed 50+ PRs to the CDK label May 21, 2026
@mergify mergify Bot added the contribution/core This is a PR that came from AWS. label May 21, 2026
@mergify mergify Bot temporarily deployed to automation May 21, 2026 14:03 Inactive
@mergify mergify Bot temporarily deployed to automation May 21, 2026 14:03 Inactive
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026
edited
Loading

⚠️ This pull request description does not follow the correct template structure.

PRs without a linked issue will receive lower priority for review and merging. Please update the description to follow the PR template and include a line like Closes #123 in the Issue section. If no existing issue matches your change, create one first.

aws-cdk-automation
aws-cdk-automation previously requested changes May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(This review is outdated)

@Abogical Abogical changed the title feat(integration-test-deployment): pass --role-arn to integ-runner ci(integration-test-deployment): pass --role-arn to integ-runner May 21, 2026
@aws-cdk-automation aws-cdk-automation dismissed their stale review May 21, 2026 14:05

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

contribution/core This is a PR that came from AWS. distinguished-contributor [Pilot] contributed 50+ PRs to the CDK p2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Abogical @aws-cdk-automation