From a20665d97f25d150e7672f32e180efa8cf4e83e7 Mon Sep 17 00:00:00 2001 From: Maha Benzekri Date: Fri, 15 Sep 2023 08:53:46 +0200 Subject: [PATCH 1/3] ARSN-367:principal change on schema and test add The maximum length should be 2048 characters having 31 characters on the fixed length prefix this explains the 2017 max limit put in the schema (cherry picked from commit 73c6f41fa3bf52947e2f9a33ac2cb40233309ab5) --- lib/policy/resourcePolicySchema.json | 2 +- lib/policy/userPolicySchema.json | 2 +- tests/unit/policy/test_policyValidator.spec.js | 5 +++++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/policy/resourcePolicySchema.json b/lib/policy/resourcePolicySchema.json index 87a2693d8..16b786ede 100644 --- a/lib/policy/resourcePolicySchema.json +++ b/lib/policy/resourcePolicySchema.json @@ -38,7 +38,7 @@ }, "principalAWSUserArn": { "type": "string", - "pattern": "^arn:aws:iam::[0-9]{12}:user/(?!\\*)[\\w+=,.@ -/]{1,64}$" + "pattern": "^arn:aws:iam::[0-9]{12}:user/(?!\\*)[\\w+=,.@ -/]{1,2017}$" }, "principalAWSRoleArn": { "type": "string", diff --git a/lib/policy/userPolicySchema.json b/lib/policy/userPolicySchema.json index 5024b8127..b96beb462 100644 --- a/lib/policy/userPolicySchema.json +++ b/lib/policy/userPolicySchema.json @@ -28,7 +28,7 @@ }, "principalAWSUserArn": { "type": "string", - "pattern": "^arn:aws:iam::[0-9]{12}:user/(?!\\*)[\\w+=,.@ -/]{1,64}$" + "pattern": "^arn:aws:iam::[0-9]{12}:user/(?!\\*)[\\w+=,.@ -/]{1,2017}$" }, "principalAWSRoleArn": { "type": "string", diff --git a/tests/unit/policy/test_policyValidator.spec.js b/tests/unit/policy/test_policyValidator.spec.js index a6a27a9e3..29367d117 100644 --- a/tests/unit/policy/test_policyValidator.spec.js +++ b/tests/unit/policy/test_policyValidator.spec.js @@ -187,6 +187,11 @@ describe('Policies validation - Principal', () => { value: { AWS: 'arn:aws:iam::111111111111:user/path/in/org/leaf' }, policyType: [user, resource], }, + { + name: 'user arn with vault made path', + value: { AWS: 'arn:aws:iam::767707094035:user/user2/TENANT_USER/null/5417be27-8709-48bd-adfb-865ebc58b9f0/1a464be02ea631bdaf2a9ee884434233374a457460e925bf10d9e4665f8fa796/c1d83067-a3f3-41a4-bd45-d6bf47270bd0' }, // eslint-disable-line max-len + policyType: [user, resource], + }, { name: 'multiple user arns', value: { From f3db7649ff1547f0716f77c1ab04ab26e3bc5eb9 Mon Sep 17 00:00:00 2001 From: Maha Benzekri Date: Tue, 12 Sep 2023 21:01:45 +0200 Subject: [PATCH 2/3] ARSN-365:Id added on policy schema and validator Signed-off-by: Maha Benzekri (cherry picked from commit 9ea39c6ed9a06949eedce38868c48772639f5ee3) --- lib/policy/resourcePolicySchema.json | 3 +++ tests/unit/policy/test_policyValidator.spec.js | 1 + 2 files changed, 4 insertions(+) diff --git a/lib/policy/resourcePolicySchema.json b/lib/policy/resourcePolicySchema.json index 16b786ede..8f486ac36 100644 --- a/lib/policy/resourcePolicySchema.json +++ b/lib/policy/resourcePolicySchema.json @@ -360,6 +360,9 @@ "type": "string", "const": "2012-10-17" }, + "Id": { + "type": "string" + }, "Statement": { "oneOf": [ { diff --git a/tests/unit/policy/test_policyValidator.spec.js b/tests/unit/policy/test_policyValidator.spec.js index 29367d117..06d192f10 100644 --- a/tests/unit/policy/test_policyValidator.spec.js +++ b/tests/unit/policy/test_policyValidator.spec.js @@ -16,6 +16,7 @@ const sampleUserPolicy = { }; const sampleResourcePolicy = { Version: '2012-10-17', + Id: 'cd3ad3d9-2776-4ef1-a904-4c229d1642ee', Statement: [ { Sid: 'ResourcePolicy1', From e9a9b74cb476d81308435ed6182c5573b60576b4 Mon Sep 17 00:00:00 2001 From: Maha Benzekri Date: Mon, 2 Oct 2023 14:04:32 +0200 Subject: [PATCH 3/3] ARSN-367:Bump arsenal version --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 5021edfd6..de4b9634e 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "engines": { "node": ">=16" }, - "version": "7.10.43", + "version": "7.10.43-1", "description": "Common utilities for the S3 project components", "main": "build/index.js", "repository": {