Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

aws-dynamodb: Unable to set resource policy on DDB streams #31229

Open
1 task
grbinho opened this issue Aug 27, 2024 · 2 comments
Open
1 task

aws-dynamodb: Unable to set resource policy on DDB streams #31229

grbinho opened this issue Aug 27, 2024 · 2 comments
Labels
@aws-cdk/aws-dynamodb Related to Amazon DynamoDB effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2

Comments

@grbinho
Copy link

grbinho commented Aug 27, 2024

Describe the bug

There does not seem to be a way to set resource policy on DynamoDB stream through L2 constructs.
addReplica method does not allow setting stream resource policy nor is it available in TableOptionsV2.
We can only set resource policy for the table itself.

Regression Issue

  • Select this option if this issue appears to be a regression.

Last Known Working CDK Version

No response

Expected Behavior

I expect to be able to set a resource policy for DDB streams via L2 constructs.

Current Behavior

Currently it's is not possible to set resource policy for DDB streams via L2 constructs.

Reproduction Steps

Try creating DynamoDB table and set resource policy for DDB streams (not table).

Possible Solution

Expose streamResourcePolicy in TableOptionsV2.

Additional Information/Context

I'm currently setting the policy by getting the L1 construct and resolving the replicas property.

 const cfnTable = table.node.defaultChild as CfnGlobalTable
      if (cfnTable && props.streamResourcePolicy) {
        // At this stage, cfnTable.replicas is a Lazy.any() and needs to be resolved for us to be able to set new properties.
        const replicas = Stack.of(this).resolve(cfnTable.replicas) as CfnGlobalTable.ReplicaSpecificationProperty[]
        if (Array.isArray(replicas)) {
          cfnTable.replicas = replicas.map(replica => {
            return {
              ...replica,
              replicaStreamSpecification: {
                resourcePolicy: {
                  policyDocument: props.streamResourcePolicy,
                },
              },
            }
          })
        }
      }

CDK CLI Version

2.154.1

Framework Version

No response

Node.js Version

v20.15.0

OS

MacOS Sonoma 14.5 (23F79)

Language

TypeScript

Language Version

5.4.5

Other information

No response

@grbinho grbinho added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 27, 2024
@github-actions github-actions bot added the @aws-cdk/aws-dynamodb Related to Amazon DynamoDB label Aug 27, 2024
@LeeroyHannigan
Copy link
Contributor

Streams is not yet implemented as an L2 construct. I will take this as an action item.

@ashishdhingra ashishdhingra added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Aug 27, 2024
@ashishdhingra
Copy link
Contributor

Appears to be a feature request.

@ashishdhingra ashishdhingra added feature-request A feature should be added or improved. and removed bug This issue is a bug. labels Aug 27, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
@aws-cdk/aws-dynamodb Related to Amazon DynamoDB effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2
Projects
None yet
3 participants