feat(route53): add support for grantDelegation on imported PublicHostedZone#26333
feat(route53): add support for grantDelegation on imported PublicHostedZone#26333mergify[bot] merged 10 commits intoaws:mainfrom
Conversation
|
|
aws-cdk-automation
left a comment
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
scanlonp
left a comment
There was a problem hiding this comment.
We need the build to succeed before giving more thought to the review. The build was failing because the API had changed and these changes will likely fix that. Thanks!
| return makeHostedZoneArn(this, this.hostedZoneId); | ||
| } | ||
| public grantDelegation(grantee: iam.IGrantable) { | ||
| makeGrantDelegation(grantee, this.hostedZoneArn); |
There was a problem hiding this comment.
Looks like you need to return makeGrantDelegation
| return makeHostedZoneArn(this, this.hostedZoneId); | ||
| } | ||
| public grantDelegation(grantee: iam.IGrantable) { | ||
| makeGrantDelegation(grantee, this.hostedZoneArn); |
| }); | ||
|
|
||
| return g1.combine(g2); | ||
| makeGrantDelegation(grantee, this.hostedZoneArn); |
| }); | ||
| } | ||
|
|
||
| export function makeGrantDelegation(grantee: iam.IGrantable, hostedZoneArn: string) { |
There was a problem hiding this comment.
Please specify the return type in the function definition (looks like iam.Grant or iam.IGrantable)
scanlonp
left a comment
There was a problem hiding this comment.
All of the code looks good. Small nit: we should either move the code to the existing associated cross account delegation integ test, or change the name to take route53 out of the test name to be consistent with the other integ tests.
.../@aws-cdk-testing/framework-integ/test/aws-route53/test/integ.route53-imported-delegation.ts
Outdated
Show resolved
Hide resolved
| const role = new iam.Role(stack, 'Role', { | ||
| assumedBy: new iam.AccountRootPrincipal(), | ||
| }); | ||
|
|
||
| const publicZone = PublicHostedZone.fromPublicHostedZoneId(stack, 'PublicZone', 'public-zone-id'); | ||
| publicZone.grantDelegation(role); |
There was a problem hiding this comment.
I think we can move these lines of code into the cross-account-zone-delegation integ test, unless you thought about this and had a reason for keeping it separate.
Maybe the name could to shift to const importedPublicZone = PublicHostedZone.from...
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…dZone anymore (#26888) `Identity.publicHostedZone` takes an `IPublicHostedZone`, but because of TypeScript structural typing it would also accept an `IHostedZone`. When in [this PR](#26333) the `grantDelegation` method was added to the `IPublicHostedZone` interface, this passing was no longer allowed and code that used to work on accident, no longer works. For example: ``` const zone = HostedZone.fromHostedZoneId(stack, 'Zone', 'hosted-id'); const sesIdentity = ses.Identity.publicHostedZone(zone); ``` It raises an error because the imported `zone` does not implement the `grantDelegation` method. This fix moves the `grantDelegation` method declaration into the `IHostedZone` interface and makes it available to all imported zones. Closes #26872. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Imported
PublicHostedZonewithfromPublicHostedZoneIdandfromPublicHostedZoneAttributesdon't have support for thegrantDelegationmethod since they return an instance of typeIPublicHostedZone.This change adds support for
grantDelegationto those instances as well.Closes #26240.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license