base_role_definition.rb in jets-1.6.0

- old
+ new

@@ -3,15 +3,16 @@
     attr_reader :policy_definitions, :managed_policy_definitions
 
     def definition
       logical_id = role_logical_id
 
+      # Do not assign pretty role_name because long controller names might hit the 64-char
+      # limit. Also, IAM roles are global, so assigning role names prevents cross region deploys.
       definition = {
         logical_id => {
           type: "AWS::IAM::Role",
           properties: {
-            role_name: role_name,
             path: "/",
             assume_role_policy_document: {
               version: "2012-10-17",
               statement: [{
                 effect: "Allow",
@@ -22,10 +23,10 @@
           }
         }
       }
 
       definition[logical_id][:properties][:policies] = [
-        policy_name: "#{role_name}-policy",
+        policy_name: "#{policy_name[0..127]}", # required, limited to 128-chars
         policy_document: policy_document,
       ] unless policy_document['Statement'].empty?
 
       unless managed_policy_arns.empty?
         definition[logical_id][:properties][:managed_policy_arns] = managed_policy_arns
\ No newline at end of file