Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(events-targets): KinesisStream target not working when the stream is encrypted using a customer kms key #30956

Closed
wants to merge 4 commits into from
Closed

fix(events-targets): KinesisStream target not working when the stream is encrypted using a customer kms key #30956

wants to merge 4 commits into from

Conversation

BalmungSan
Copy link

Issue #10996

Closes #10996

Reason for this change

Unless there is a specific reason that I am missing, I don't see why it was necessary to manipulate the policy directly rather than delegate to the granWrite method already provided by the IStream interface, whose implementation would automatically also add the necessary KMS permissions to the Role.

Description of changes

Use stream.grantWrite rather than managing the IAM policy directly.

Description of how you validated changes

Delegating to existing unit tests. I would also test these changes on our real code if a SNAPSHOT is released.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Jul 25, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team July 25, 2024 22:29
@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort p1 labels Jul 25, 2024
aws-cdk-automation
aws-cdk-automation requested changes Jul 25, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@BalmungSan BalmungSan changed the title Fix Kinesis Stream EventBridge target not working when the Stream is encrypted using a customer KMS key fix(aws-events-targets): Kinesis Stream EventBridge target not working when the Stream is encrypted using a customer KMS key Jul 25, 2024
@BalmungSan BalmungSan changed the title fix(aws-events-targets): Kinesis Stream EventBridge target not working when the Stream is encrypted using a customer KMS key fix(events-targets): KinesisStream target not working when the stream is encrypted using a customer kms key Jul 25, 2024
@BalmungSan
Copy link
Author

TBH I am not putting more effort into this, I looked at the tests and I have no idea how I am supposed to know the id-like characters needed to add a test checking if the policy also adds the required KMS permissions.
Feel free to commit over the PR or just copy the changes.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 9cbd3e1
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

This was referenced Jul 29, 2024
Closed
Closed
@aws-cdk-automation
Copy link
Collaborator

This PR has been in the CHANGES REQUESTED state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week.

@aws-cdk-automation
Copy link
Collaborator

This PR has been deemed to be abandoned, and will be automatically closed. Please create a new PR for these changes if you think this decision has been made in error.

@aws-cdk-automation aws-cdk-automation added the closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. label Aug 24, 2024
@github-actions GitHub Actions
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 24, 2024
@aws-cdk-automation
Copy link
Collaborator

The pull request linter fails with the following errors:

❌ Fixes must contain a change to an integration test file and the resulting snapshot.

PRs must pass status checks before we can provide a meaningful review.

If you would like to request an exemption from the status checks or clarification on feedback, please leave a comment on this PR containing Exemption Request and/or Clarification Request.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@aws-cdk-automation aws-cdk-automation aws-cdk-automation requested changes

Assignees
No one assigned
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/small Small work item – less than a day of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[aws-events-targets] Kinesis Stream target with Customer-Managed KMS key causes EventBridge FailedInvocations
2 participants
@BalmungSan @aws-cdk-automation