Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement CDK AccessKey (construct) #8432

Closed
2 tasks
Cloudrage opened this issue Jun 8, 2020 · 1 comment · Fixed by #18180
Closed
2 tasks

Implement CDK AccessKey (construct) #8432

Cloudrage opened this issue Jun 8, 2020 · 1 comment · Fixed by #18180
Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. help wanted We are asking the community to submit a PR to resolve this issue. p2

Comments

@Cloudrage
Copy link

Use Case

Create an AccessKey (and SecretKey) via CDK Construct.

Proposed Solution

Actually, the only way is to use Cfn via : class CfnAccessKey (construct)

https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-iam.CfnAccessKey.html

Other

Needed for example, to create a dedicated SMTP User.

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request
@Cloudrage Cloudrage added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jun 8, 2020
@SomayaB SomayaB added the @aws-cdk/aws-iam Related to AWS Identity and Access Management label Jun 8, 2020
@rix0rrr rix0rrr added effort/small Small work item – less than a day of effort help wanted We are asking the community to submit a PR to resolve this issue. labels Jun 16, 2020
@rix0rrr rix0rrr added the p2 label Aug 12, 2020
@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label Nov 6, 2020
@rix0rrr rix0rrr removed their assignment Jun 3, 2021
@laurelmay laurelmay mentioned this issue Dec 26, 2021
Merged
@mergify mergify bot closed this as completed in #18180 Jan 11, 2022
mergify bot pushed a commit that referenced this issue Jan 11, 2022
@laurelmay
feat(iam): generate AccessKeys (#18180)
beb5706 
This adds an L2 resource for creating IAM access keys. Instructions for
creating access keys are added to the README near the information on
creating users. Tests are added (including an integration test) and
locations elsewhere in the CDK where `CfnAccessKey` was used have been
updated to leverage the new L2 construct (which required changes in the
`secretsmanager` and `apigatewayv2-authorizers` packages).

Excludes were added for two `awslint` rules. Access Keys don't support
specifying physical names, so having such a property is impossible.
Additionally, since the primary value of an `AWS::IAM::AccessKey` is to
gain access to the `SecretAccessKey` value, a `fromXXX` static method
doesn't seem to make a lot of sense (because ideally you'd just pull that
from a Secret anyway if it was required in the app).

I looked into integrating with `secretsmanager.Secret` as part of this PR;
however, at this time it's currently experimental to support strings via
tokens and the experimental resource's documentation isn't available so it
seemed suboptimal to do that integration.

Resolves: #8432

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this issue Feb 21, 2022
@laurelmay @TikiTDO
feat(iam): generate AccessKeys (aws#18180)
eb634b7 
This adds an L2 resource for creating IAM access keys. Instructions for
creating access keys are added to the README near the information on
creating users. Tests are added (including an integration test) and
locations elsewhere in the CDK where `CfnAccessKey` was used have been
updated to leverage the new L2 construct (which required changes in the
`secretsmanager` and `apigatewayv2-authorizers` packages).

Excludes were added for two `awslint` rules. Access Keys don't support
specifying physical names, so having such a property is impossible.
Additionally, since the primary value of an `AWS::IAM::AccessKey` is to
gain access to the `SecretAccessKey` value, a `fromXXX` static method
doesn't seem to make a lot of sense (because ideally you'd just pull that
from a Secret anyway if it was required in the app).

I looked into integrating with `secretsmanager.Secret` as part of this PR;
however, at this time it's currently experimental to support strings via
tokens and the experimental resource's documentation isn't available so it
seemed suboptimal to do that integration.

Resolves: aws#8432

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. help wanted We are asking the community to submit a PR to resolve this issue. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(iam): generate AccessKeys laurelmay/aws-cdk
3 participants
@rix0rrr @SomayaB @Cloudrage