Include role path in get_execution_role() result #268
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The current STS GetCallerIdentity call returns only the role name, but not the role path. As a result, the result of get_execution_role() is incorrect if the assumed role has a path.
Codecov Report
@@ Coverage Diff @@
## master #268 +/- ##
=========================================
+ Coverage 92.34% 92.4% +0.06%
=========================================
Files 49 49
Lines 3277 3279 +2
=========================================
+ Hits 3026 3030 +4
+ Misses 251 249 -2
Continue to review full report at Codecov.
|
nadiaya
approved these changes
Jun 28, 2018
|
Not sure if we need to test all of our notebooks - the main difference is the execution role, not the notebook material. I had a notebook with an execution role that didn't have a slash and also made one with an execution role with a slash, and this change worked for both of those. |
|
Hey there, I just ran into an issue with this since the role I was using didn't have If there could have been some sort of warning / explicit handling of a permission failure, that would be appreciated. Thanks! |
|
@zmjjmz thanks for bringing that up! do you mind opening a new issue about this? that'll make it easier for us to track and resolve. |
knakad
added a commit
to knakad/sagemaker-python-sdk
that referenced
this pull request
Nov 27, 2019
* predictor.list_monitors() now returns a list of monitors. * monitor.update/start/stop now waits for schedule to finish updating before returning. * monitor.create will fail if a schedule was already created, explaining to the user that they must first delete a schedule before creating a new one. * fixed shallow copy on env to avoid mutating customer environment dictionary * fix integration tests based on latest API changes * no longer relying on schedule defaults in ITs until API is updated. * add missed imports to init to simplify user experience * remove broken assert because API now randomizes schedule if not provided * fix bug when attaching to monitor with entrypoint not specified
knakad
added a commit
to knakad/sagemaker-python-sdk
that referenced
this pull request
Dec 4, 2019
* predictor.list_monitors() now returns a list of monitors. * monitor.update/start/stop now waits for schedule to finish updating before returning. * monitor.create will fail if a schedule was already created, explaining to the user that they must first delete a schedule before creating a new one. * fixed shallow copy on env to avoid mutating customer environment dictionary * fix integration tests based on latest API changes * no longer relying on schedule defaults in ITs until API is updated. * add missed imports to init to simplify user experience * remove broken assert because API now randomizes schedule if not provided * fix bug when attaching to monitor with entrypoint not specified
knakad
added a commit
that referenced
this pull request
Dec 4, 2019
* predictor.list_monitors() now returns a list of monitors. * monitor.update/start/stop now waits for schedule to finish updating before returning. * monitor.create will fail if a schedule was already created, explaining to the user that they must first delete a schedule before creating a new one. * fixed shallow copy on env to avoid mutating customer environment dictionary * fix integration tests based on latest API changes * no longer relying on schedule defaults in ITs until API is updated. * add missed imports to init to simplify user experience * remove broken assert because API now randomizes schedule if not provided * fix bug when attaching to monitor with entrypoint not specified
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
The current STS GetCallerIdentity call returns only the role name, but not the role path. As a result, the result of get_execution_role() is incorrect if the assumed role has a path.
This was tested manually in SageMaker Notebook Instances with different roles to test the different cases.
Merge Checklist
_Put an
xin the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your pull request.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.