Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws-events-targets): SQSQueue target currently doesnt handle perms for encrypted queues #28257

Closed
1 of 2 tasks
DLundAJB opened this issue Dec 5, 2023 · 1 comment
Closed
1 of 2 tasks

(aws-events-targets): SQSQueue target currently doesnt handle perms for encrypted queues #28257

DLundAJB opened this issue Dec 5, 2023 · 1 comment
Labels
@aws-cdk/aws-events-targets feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.

Comments

@DLundAJB
Copy link

DLundAJB commented Dec 5, 2023

Describe the feature

Add another (optional) prop to sqsqueue event target props for encrypted sqs queues which adds correct permissions for events to use the sqs queue's KMS key.

Use Case

At the moment when using an sqs queue event target, in our case an imported sqs queue, if that queue is kms encrypted then currently the permissions that are created by adding the event target i.e sqs access policy dont include adding access to kms unless done so by accessing the queues master key and granting permissions outside of the event target. I feel it would be a quick win to include it as a prop.

Proposed Solution

By adding onto the current permissions grant logic, accessing the queues kms key and granting perms to the events service principal

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.10.0

Environment details (OS name and version, etc.)

EC2 Ubuntu Instance Running Ubuntu 22.04
@DLundAJB DLundAJB added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Dec 5, 2023
@DLundAJB DLundAJB closed this as completed Dec 5, 2023
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 5, 2023

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot mentioned this issue Jan 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-events-targets feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DLundAJB