SNS notifications on stack events #8581
Comments
SomayaB
added
@aws-cdk/core
eladb
changed the title
eladb
added
effort/medium
|
Relabeled as feature. This is something we should be able to support. |
|
@rix0rrr any update on this? |
|
+1 |
|
AFAIK: Currently only possible through the cli: On subsequent calls the arn can be omitted. |
|
Thats why it would make up a good feature Request. Think should be part of the AWS CDK. |
|
Wouldn't this be a bit of chicken & egg problem? I mean something gotta provide SNS topic? |
Not really since you first need to deploy the sns with another stack or create it by hand. A check if this sns exists and a corresponding error message should not be the problem |
|
Given that it seems to be already supported on nested stack it shouldn't bee to much of a trouble to add this for top-level stacks, right? |
|
Any updates on this ? I agree this should be a part of the Stack construct rather than the NestedStack construct. |
|
+1 |
|
Now that this has been added to the Security Best Practices: it would be great to see better support for this. As a simpler fix, could the notification arns be configurable in the cdk.json file, so that defaults can be configured without having to always supply them on the command line for each new stack: https://docs.aws.amazon.com/cdk/v2/guide/cli.html#cli-config |
|
Is there an update on this? Both the integration in the CDK or in the context file seem very good features for me. It would be great, especially for projects where many devs are working on the same cdk app. |
|
This issue has received a significant amount of attention so we are automatically upgrading its priority. A member of the community will see the re-prioritization and provide an update on the issue. |
|
+1 |
|
Yes, this is being picked up by KICS as a |
|
Any word on this? Or a workaround? |
|
Its been 2 and a half years and still no update on this???? |
|
Hey! Is this on the roadmap? We'd like to use this in certain stacks which have a security impact |
… construct (#30551) ### Issue # (if applicable) #8581. ### Reason for this change It is easier and clearer to specify the SNS Topic ARNs on the stack construct itself instead of passing it as a command line argument. ### Description of changes Added a new optional stack prop, `notificationArns`, that is written to the CloudAssembly and concatenated with the CLI option `--notification-arns`. When I added CLI integ tests, I discovered that the existing framework is unable to use your local code. It always retrieves the latest release, which is not what you want when running it locally. This fixes that. Don't forget to select stacks by hierarchical ID (currently display name, in our tests) when writing certain test code. Otherwise, the tests may not select the stack you expected. ### Description of how you validated changes Unit tests + CLI integ test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…uct (#31107) ### Issue # (if applicable) #8581. ### Reason for this change It is easier and clearer to specify the SNS Topic ARNs on the stack construct itself instead of passing it as a command line argument. ### Description of changes Added a new optional stack prop, `notificationArns`, that is written to the CloudAssembly and concatenated with the CLI option `--notification-arns`. Don't forget to select stacks by hierarchical ID (currently display name, in our tests) when writing certain test code. Otherwise, the tests may not select the stack you expect. Depends on: cdklabs/cdk-assets#87 and cdklabs/cloud-assembly-schema#58. ### Description of how you validated changes Unit tests + CLI integ test. Framework integ tests not included because they would require an externally-created SNS Topic, which is not what we want in integ tests; besides, the case is covered by the CLI integ test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…uct (aws#31107) ### Issue # (if applicable) aws#8581. ### Reason for this change It is easier and clearer to specify the SNS Topic ARNs on the stack construct itself instead of passing it as a command line argument. ### Description of changes Added a new optional stack prop, `notificationArns`, that is written to the CloudAssembly and concatenated with the CLI option `--notification-arns`. Don't forget to select stacks by hierarchical ID (currently display name, in our tests) when writing certain test code. Otherwise, the tests may not select the stack you expect. Depends on: cdklabs/cdk-assets#87 and cdklabs/cloud-assembly-schema#58. ### Description of how you validated changes Unit tests + CLI integ test. Framework integ tests not included because they would require an externally-created SNS Topic, which is not what we want in integ tests; besides, the case is covered by the CLI integ test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Closed in #31107 |
|
Comments on closed issues and PRs are hard for our team to see. |
❓ General Issue
I am playing around with different ways to hook into lifecycle events of Stacks / Components. Of course there is the AwsCustomResource or ProviderFramework way. While AwsCustomResource is only viable for a simple SDK calls, ProviderFramework offers a lot more but with more complexity involved.
Now i noticed notificationArns on Stack level. What i recall you can attach them via command line on deployment (not what i am looking for) or programatically via NestedStack Construct. I wonder why this requirement is in place? Why cant we add them on our main stacks? (i think you can only read them)
This way one could easily setup a topic and a consumer and one should be able to hook into those lifecycle events pretty easily.
proposed idea
Why not having a method like this on Stack construct:
Not sure why this method is not available in the construct when at the end it will synth to AWS::CloudFormation::Stack
The text was updated successfully, but these errors were encountered: