aws-ses: add grant methods to EmailIdentity
#29083
Labels
@aws-cdk/aws-ses
Related to Amazon Simple Email Service
effort/small
Small work item – less than a day of effort
feature-request
A feature should be added or improved.
p2
Comments
karaken12
added
feature-request
github-actions
bot
added
the
@aws-cdk/aws-ses
1 task
kaizencc
added
p2
effort/small
mergify bot
pushed a commit
that referenced
this issue
Feb 13, 2024
### Issue Closes #29083 ### Reason for this change When granting send email access to a lambda the grant needs to be constructed manually, including constructing the ARN for the identity. e.g. ``` Grant.addToPrincipal({ grantee, actions: ["ses:SendEmail"], resourceArns: [ this.stack.formatArn({ service: 'ses', resource: 'identity', resourceName: 'test@example.com', }), ], scope: this }) ``` This is dissimilar to other constructs, which generally expose a grant method and one or more convenience methods for particularly relevant groups of actions. ### Description of changes Added `grant` and `grantSendEmail` to `IEmailIdentity`, and added a common abstract class, `BaseEmailIdentity` with the relevant grant code. This is to avoid code duplication between the full `EmailIdentity` and the `Import` class. ### Description of how you validated changes Tests added for grants on both new and imported email identities, and a test to validate the `grantSendEmail` method. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
GavinZZ
pushed a commit
that referenced
this issue
Feb 22, 2024
### Issue Closes #29083 ### Reason for this change When granting send email access to a lambda the grant needs to be constructed manually, including constructing the ARN for the identity. e.g. ``` Grant.addToPrincipal({ grantee, actions: ["ses:SendEmail"], resourceArns: [ this.stack.formatArn({ service: 'ses', resource: 'identity', resourceName: 'test@example.com', }), ], scope: this }) ``` This is dissimilar to other constructs, which generally expose a grant method and one or more convenience methods for particularly relevant groups of actions. ### Description of changes Added `grant` and `grantSendEmail` to `IEmailIdentity`, and added a common abstract class, `BaseEmailIdentity` with the relevant grant code. This is to avoid code duplication between the full `EmailIdentity` and the `Import` class. ### Description of how you validated changes Tests added for grants on both new and imported email identities, and a test to validate the `grantSendEmail` method. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature
Add a general
grantmethod toEmailIdentityobjects, as well as a more specific method for the send email action.Use Case
When granting send email access to a lambda the grant needs to be constructed manually, including constructing the ARN for the identity. e.g.
This is dissimilar to other constructs, which generally expose a
grantmethod and one or more convenience methods for particularly relevant groups of actions.Proposed Solution
Implement a
grantand agrantSendEmailmethod onEmailIdentity(andIEmailIdentity), so that the above use can be accomplished with a simpleOther Information
No response
Acknowledgements
CDK version used
2.126.0
Environment details (OS name and version, etc.)
Ubuntu 22.04
The text was updated successfully, but these errors were encountered: