Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: asset permissions #1110

Merged
merged 7 commits into from
Feb 6, 2025
Merged

fix: asset permissions #1110

merged 7 commits into from
Feb 6, 2025
+208 −97

Conversation

markussiebert
Copy link
Contributor

Fixes #

markussiebert and others added 6 commits January 20, 2025 10:15
@markussiebert
chore: document how to disable iam generation
d330220
@markussiebert
chore: typo
5808414
chore: self mutation
0c6c0b9 
Signed-off-by: github-actions <[email protected]>
@markussiebert
fix: asset permissions
3a2a61b
@lenderom
fix: kms key asset permissions (#1101)
dd38e6b 
* fix: kms key asset permissions

Signed-off-by: lennartrommeiss <[email protected]>

* fix: update tests

Signed-off-by: lennartrommeiss <[email protected]>

* fix: update some tests

Signed-off-by: lennartrommeiss <[email protected]>

---------

Signed-off-by: lennartrommeiss <[email protected]>
@lenderom
Merge remote-tracking branch 'origin/main' into fix/asset-permissions
8515ea7 
Signed-off-by: lennartrommeiss <[email protected]>
@codecov Codecov
Copy link

codecov bot commented Feb 6, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 71.80%. Comparing base (8e85334) to head (7fa9565).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1110   +/-   ##
=======================================
  Coverage   71.80%   71.80%           
=======================================
  Files           3        3           
  Lines         461      461           
=======================================
  Hits          331      331           
  Misses         91       91           
  Partials       39       39
Flag Coverage Δ
go-lambda 71.80% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

chore: self mutation
7fa9565 
Signed-off-by: github-actions <[email protected]>
@lenderom
Copy link
Member

lenderom commented Feb 6, 2025
edited
Loading

This PR adds the function to grant KMS permissions automatically to key which is used by the default cdk bootstrap asset bucket. For this permissions for an KMS key lookup are necessary. This has no impact, if the S3 artifact is uploaded manually by setting (sopsS3Bucket and sopsS3Key)

To avoid the automatic key lookup set the new property assetEncryptionKey.

@markussiebert markussiebert merged commit 2755dea into main Feb 6, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@markussiebert @lenderom