Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can't specify kms.EncryptionKey for s3.BucketProps and codebuild.ProjectProps EncryptionKey property for .NET #1530

Closed
bfeinb opened this issue Jan 12, 2019 · 2 comments · Fixed by #1728
Labels
@aws-cdk/aws-kms Related to AWS Key Management bug This issue is a bug.

Comments

@bfeinb
Copy link

bfeinb commented Jan 12, 2019

In the .NET v0.22 version of the CDK, Amazon.CDK.AWS.KMS.EncryptionKey doesn't implement the Amazon.CDK.AWS.KMS.IIEncryptionKey interface, therefore instances of EncryptionKey can't be stored in the EncryptionKey properties of s3.BucketProps and codebuild.ProjectProps which are of type IIEncryptionKey. While I could import the key this prevents the automatic addition of the necessary permissions so that CodePipeline/CodeCommit/CodeBuild roles can access the encryption key.

@rix0rrr rix0rrr added bug This issue is a bug. @aws-cdk/aws-kms Related to AWS Key Management labels Jan 17, 2019
@brianmlima
Copy link

Same issue in the Java 0.24.1 version of the CDK. This looks like an oversight as I can create a simple impl of IEncryptionKey that delagates all its methods to an EncryptionKey instance and everything functions as expected.
I found this while setting QueueProps.builder.withEncryptionMasterKey(iEncryptionKey) .

@eladb
Copy link
Contributor

eladb commented Feb 11, 2019

when we rename EncryptionKey to Key, awslint would have caught this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-kms Related to AWS Key Management bug This issue is a bug.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants