Fix issues with AWS Resource Access Manager (#95)

* Fix issues with sharing resources between accounts

* Truncate roleName for nextflow

hatchery/nextflow.go

@@ -188,7 +188,7 @@ func createNextflowResources(userName string, nextflowConfig NextflowConfig) (st
 	}
 
 	// create role for nextflow-created jobs
-	roleName := policyName
+	roleName := truncateString(policyName, 64)
 	roleResult, err := iamSvc.CreateRole(&iam.CreateRoleInput{
 		RoleName: &roleName,
 		AssumeRolePolicyDocument: aws.String(`{

hatchery/ram.go

@@ -11,8 +11,16 @@ import (
 	"github.com/aws/aws-sdk-go/service/ram"
 )
 
-func acceptTransitGatewayShare(pm *PayModel, userName string, sess *session.Session, ramArn *string) error {
-	ramSvc := ram.New(sess)
+func acceptTransitGatewayShare(pm *PayModel, sess *session.Session, ramArn *string) error {
+	roleARN := "arn:aws:iam::" + pm.AWSAccountId + ":role/csoc_adminvm"
+	svc := NewSVC(sess, roleARN)
+
+	// create RAM client in remote account.
+	ramSvc := ram.New(session.Must(session.NewSession(&aws.Config{
+		Credentials: svc.creds,
+		Region:      aws.String("us-east-1"),
+	})))
+
 	// Check if the resource share is already accepted.
 	// If not, accept the resource share
 	ramName := strings.ReplaceAll(os.Getenv("GEN3_ENDPOINT"), ".", "-") + "-ram"

hatchery/transitgateway.go

@@ -45,7 +45,7 @@ func setupTransitGateway(userName string) error {
 	}
 
 	// Accept transit gateway share in remote account
-	err = acceptTransitGatewayShare(pm, *tgwarn, sess, ramArn)
+	err = acceptTransitGatewayShare(pm, sess, ramArn)
 	if err != nil {
 		return err
 	}