(appconfig-alpha): grant read Configuration #28585

yamatatsu · 2024-01-05T08:04:45Z

Describe the feature

Now appconfig-alpha has no grant method. If grantReadConfig() is implemented, it will be useful.

Use Case

Using AppConfig from application codes.

Proposed Solution

environment.grantReadConfig(lambdaFunction);

Other Information

Needed policy is following:

new iam.PolicyStatement({
  actions: [
    "appconfig:GetLatestConfiguration",
    "appconfig:StartConfigurationSession",
  ],
  resources: [`${appConfigEnvironment.environmentArn}/*`],
})

see, https://docs.aws.amazon.com/appconfig/latest/userguide/about-data-plane.html

Acknowledgements

I may be able to implement this feature request
This feature might incur a breaking change

CDK version used

2.114.1

Environment details (OS name and version, etc.)

Mac OS, Apple silicon, Sonoma 14.2.1

The text was updated successfully, but these errors were encountered:

pahud · 2024-01-05T17:19:29Z

Absolutely! Thank you @yamatatsu !

…30180) ### Issue # (if applicable) Closes #28585 ### Reason for this change To simplify policy configuration for AppConfig Environments. ### Description of changes add grantReadConfig method to Environment Construct ### Description of how you validated changes Add unit test and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

github-actions · 2024-05-29T01:45:10Z

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

…ws#30180) ### Issue # (if applicable) Closes aws#28585 ### Reason for this change To simplify policy configuration for AppConfig Environments. ### Description of changes add grantReadConfig method to Environment Construct ### Description of how you validated changes Add unit test and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

yamatatsu added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jan 5, 2024

github-actions bot added the @aws-cdk/aws-iam Related to AWS Identity and Access Management label Jan 5, 2024

pahud added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Jan 5, 2024

github-actions bot mentioned this issue Feb 1, 2024

Monthly issue metrics report - Jan 2024 #28951

Closed

mazyu36 mentioned this issue May 13, 2024

feat(appconfig): add grantReadConfig method to Environment Construct #30180

Merged

1 task

mergify bot closed this as completed in #30180 May 29, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

(appconfig-alpha): grant read Configuration #28585

(appconfig-alpha): grant read Configuration #28585

yamatatsu commented Jan 5, 2024

pahud commented Jan 5, 2024

github-actions bot commented May 29, 2024