-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws-lambda: addPermission() warning should not be shown #29887
Comments
Are you interested to submit a PR for that? We'd love to review the PR and move this forward. |
### Issue #29887 Closes #29887 ### Reason for this change If an user imports a lambda and wants to add permissions a warning is show. This warning should be skippable with the skipPermissions flag. ### Description of how you validated changes Unit tests for checking if the warning is shown/not shown depending on the value of `skipPermissions` are added. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one. |
Describe the bug
Incorrect warning is logged when synthesizing a
HttpLambdaAuthorizer
that points to a Lambda in another AWS account.Expected Behavior
No warning message as I'm not intentionally setting any permissions on the handler.
Current Behavior
Consider a setup where a http lambda authorizer is used from another AWS account. In this case, the permissions to access the authorizer are already managed in the other account. When creating a lambda authorizer, a warning message is logged:
Reproduction Steps
Create a
HttpLambdaAuthorizer
with an ARN pointing to another account:Possible Solution
Looking at the skipPermissions option, I would actually expect that this option would make sure this warning is not logged as we do not care about permissions not being added (it's already handled). So maybe something like this could be the fix in
function-base.ts
:Additional Information/Context
I also looked at where
addPermission()
is actually triggered for this use-case, which is here. Maybe we should have an option inHttpLambdaAuthorizer
for not adding this permission in the first place?CDK CLI Version
2.137.0
Framework Version
No response
Node.js Version
v18.19.0
OS
OSX
Language
TypeScript
Language Version
5.2.0
Other information
Ticket which is slightly related: #28936
The text was updated successfully, but these errors were encountered: