fix(sqs): kms:Decrypt permission to grantSendMessages #7522

shreyasdamle · 2020-04-22T17:04:45Z

Commit Message

Changes in grantSendMessages method:

Added 'kms:Decrypt' action to grantSendMessages

Fixes: #6609

End Commit Message

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

mergify · 2020-04-22T17:05:18Z

Title does not follow the guidelines of Conventional Commits. Please adjust title before merge.

aws-cdk-automation · 2020-04-22T17:10:36Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: 9d4c779
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-04-22T17:13:17Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: 5628f0e
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-04-26T20:14:31Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: 3107198
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-04-26T20:38:46Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: 7090f76
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-04-26T21:22:42Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: aad1527
Result: SUCCEEDED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

MrArnoldPalmer

Just prefer the grantDecrypt instead of listing out permissions. Otherwise pretty straightforward.

MrArnoldPalmer · 2020-05-04T01:28:43Z

packages/@aws-cdk/aws-sqs/lib/queue-base.ts

+      this.encryptionMasterKey.grant(grantee,
+        'kms:Encrypt',
+        'kms:ReEncrypt*',
+        'kms:GenerateDataKey*',
+        'kms:Decrypt',
+      );


Can we just do

this.encryptionMasterKey.grantEncrypt(grantee); this.encryptionMasterKey.grantDecrypt(grantee);

Thanks!
I have changed it to:

this.encryptionMasterKey.grantEncryptDecrypt(grantee);

Pull request has been modified.

aws-cdk-automation · 2020-05-04T02:09:40Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: 1c1cbef
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-05-04T02:28:17Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: b35bcbc
Result: FAILED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

aws-cdk-automation · 2020-05-04T03:21:47Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
Commit ID: d9f2196
Result: SUCCEEDED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

mergify · 2020-05-04T04:03:19Z

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

Add kms:Decrypt for grantSendMessages

9d4c779

shreyasdamle changed the title ~~Add kms:Decrypt for grantSendMessages~~ feat(sqs): kms:Decrypt permission to grantSendMessages Apr 22, 2020

Merge branch 'master' into sdamle-sqs

5628f0e

shreyasdamle changed the title ~~feat(sqs): kms:Decrypt permission to grantSendMessages~~ fix(sqs): kms:Decrypt permission to grantSendMessages Apr 22, 2020

SomayaB assigned MrArnoldPalmer Apr 23, 2020

Fix linter errors

3107198

Fix kms action error in sqs test for aws-s3-notofications

7090f76

Fix integ test errors in s3-notofications

aad1527

MrArnoldPalmer previously requested changes May 4, 2020

View reviewed changes

Address comments from CR

1c1cbef

Fix kms action ordering in sqs test for aws-s3-notofications

b35bcbc

shreyasdamle requested a review from MrArnoldPalmer May 4, 2020 02:09

Merge branch 'master' into sdamle-sqs

d9f2196

MrArnoldPalmer approved these changes May 4, 2020

View reviewed changes

mergify bot merged commit 3beac0e into aws:master May 4, 2020

shreyasdamle deleted the sdamle-sqs branch May 6, 2020 21:04

fix(sqs): kms:Decrypt permission to grantSendMessages #7522

fix(sqs): kms:Decrypt permission to grantSendMessages #7522

Uh oh!

Conversation

shreyasdamle commented Apr 22, 2020

Commit Message

End Commit Message

Uh oh!

mergify bot commented Apr 22, 2020

Uh oh!

aws-cdk-automation commented Apr 22, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented Apr 22, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented Apr 26, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented Apr 26, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented Apr 26, 2020

AWS CodeBuild CI Report

Uh oh!

MrArnoldPalmer left a comment

Choose a reason for hiding this comment

Uh oh!

MrArnoldPalmer May 4, 2020

Choose a reason for hiding this comment

Uh oh!

shreyasdamle May 4, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

aws-cdk-automation commented May 4, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented May 4, 2020

AWS CodeBuild CI Report

Uh oh!

aws-cdk-automation commented May 4, 2020

AWS CodeBuild CI Report

Uh oh!

mergify bot commented May 4, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

shreyasdamle May 4, 2020 •

edited

Loading