-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[apigateway] Ability to specify custom cloudwatch role #10094
Comments
We currently don't have an option to configure your own role here. This can definitely be added. Is this what you're looking for? |
I missed it.
Yes. I need some analogue of LogRetention role for lambda. When I have fine-grained project permissions, I need to follow our internal policy (role name/used managed policies). That's why I am looking to ability to configure the CloudWatch role |
Marking this as a feature request. @excavador - you can work around this by setting |
@nija-at thank you for workaround |
I'm gonna pick this up if no one is taking it. |
@alvyn279 - this I would recommend picking something else up, if you're looking to contribute to the CDK. On the other hand, the workaround I've provided above should work if you're looking to fix this specific issue. |
This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
Take a look there: https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-apigateway/lib/restapi.ts#L505
Class
SpecRestApi
always invokesconfigureCloudWatchRole
(in case ifprops.cloudWatchRole
missed as well in case ifprops.cloudWatchRole
specified)aws-cdk/packages/@aws-cdk/aws-apigateway/lib/restapi.ts
Line 394 in 384f9cb
Method
configureCloudWatchRole
unconditionally create new role.As result,
props.cloudWatchRole
option does not make any senseReproduction Steps
What did you expect to happen?
AWS::ApiGateway::Account uses my role
What actually happened?
AWS::ApiGateway::Account uses unconditionally created role from
configureCloudWatchRole
Environment
This is 🐛 Bug Report
The text was updated successfully, but these errors were encountered: