`generate_lambda_session_name` can return a session name >64 chars

Question

`generate_lambda_session_name` can return a session name >64 chars

lorengordon opened this issue 4 years ago · 4 comments

Just ran into this issue... if the function name is sufficiently long, the session name returned by generate_lambda_session_name will fail...

An error occurred (ValidationError) when calling the AssumeRole operation: 1 validation error detected: Value 'new-account-trust-policy-nnnnnnnnnnn.mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm' at 'roleSessionName' failed to satisfy constraint: Member must have length less than or equal to 64

Answer 1 · 2021-05-17T22:37:36.000Z

Do you think it should be the function name or the identifier that should be truncated? My gut says identifier, there's more uniqueness in it than the function name

Answer 2 · 2021-05-17T22:47:52.000Z

I think I agree... Use only the first 64 chars and whatever snippet of the identifier makes it, hopefully will be unique enough to trace it down...

Answer 3 · 2021-05-18T01:10:42.000Z

Try version 1.7. I tried to make it smart, so the format is always kept, rather than just truncating it plainly. See the readme.

Answer 4 · 2021-05-18T13:16:12.000Z

Works like a champ, thanks!