chore(aws-cdk-testing): fix integ test case using unrestricted princi…

…pal for role This test case is flagged up by automated security tooling. There is no actual risk since this is a test stack that is only short-lived and the permissions for the role only allow consuming messages from a queue that doesn't hold any data.
aws · Dec 18, 2023 · a7b7306 · a7b7306
1 parent 1a9c30e
commit a7b7306
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/simple-app/app.js b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/simple-app/app.js
@@ -14,7 +14,7 @@ class SimpleStack extends cdk.Stack {
       visibilityTimeout: cdk.Duration.seconds(300),
     });
     const role = new iam.Role(this, 'role', {
-      assumedBy: new iam.AnyPrincipal(),
+      assumedBy: new iam.AccountRootPrincipal(),
     });
     queue.grantConsumeMessages(role);
   }