-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(aws-s3-notifications): How to add event notification to existing bucket using existing role? #16173
Comments
At the moment, there is no way to pass your own role to create What you can do, however, is create your own custom resource (copied from the CDK) replacing the role creation with your own role. |
@otaviomacedo Thanks for your comment. Why would it not make sense to add the By custom resource, do you mean using the following code, but in my own Stack? https://github.com/aws/aws-cdk/blob/master/packages/@aws-cdk/aws-s3/lib/notifications-resource/notifications-resource-handler.ts#L27, where you would set your own role at https://github.com/aws/aws-cdk/blob/master/packages/@aws-cdk/aws-s3/lib/notifications-resource/notifications-resource-handler.ts#L61 ? E.g:
|
I am also dealing with this issue. I don't have rights to create a user role so any attempt to run CDK calling .addEventNotification() fails. Interestingly, I am able to manually create the event notification in the console., so that must do the operation without creating a new role. It's not clear to me why there is a difference in behavior. |
I am also having this issue. I don't have a workaround. I tried to make an Aspect to replace all IRole objects, but aspects apparently run after everything is linked. |
@timotk
Yes, exactly. |
Closing because this seems wrapped up. Ping me if you have any other questions |
|
❓ General Issue
How to add event notification to existing bucket using existing role?
I would like to add a S3 event notification to an existing bucket that triggers a lambda. As describe here, this process will create a
BucketNotificationsHandler
lambda. However, I am not allowed to create this lambda, since I do not have the permissions to create a role for it:Is there a way to work around this? I am not in control of the full AWS stack, so I cannot simply give myself the appropriate permission. I am allowed to pass an existing role.
Here's a slimmed down version of the code I am using:
(Partial) output of
cdk diff
:Final error:
Environment
Other information
related isssues:
The text was updated successfully, but these errors were encountered: