Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws-cloudfront): Add convenience grant methods #13159

Closed
daniel-j-h opened this issue Feb 19, 2021 · 1 comment · Fixed by #22709
Closed

(aws-cloudfront): Add convenience grant methods #13159

daniel-j-h opened this issue Feb 19, 2021 · 1 comment · Fixed by #22709
Labels
@aws-cdk/aws-cloudfront Related to Amazon CloudFront effort/small Small work item – less than a day of effort feature/service-integration Add functionality to an L2 construct to enable easier integration with another service feature-request A feature should be added or improved. p2

Comments

@daniel-j-h
Copy link

Hey hey,

ideally the cloudfront distribution would provide convenience .grant* methods, to e.g. grant a user the permissions to invalidate a distribution or get a invalidation so the can wait on it until completion.

Use Case

A common use case is creating a CI/CD user with permissions to

  • publish assets to a distribution's origin like a s3 bucket
  • followed by invalidating the cloudfront distribution

for example this could be a CI/CD user automatically building and publishing static assets.

Now it would be great to have functionality like

const dist = new Distribution(..);
const user = new User(...);

dist.grantCreateInvalidation(user);

or similar, instead of having to write the policy out manually.
@daniel-j-h daniel-j-h added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Feb 19, 2021
@github-actions github-actions bot added the @aws-cdk/aws-cloudfront Related to Amazon CloudFront label Feb 19, 2021
@njlynch njlynch added effort/small Small work item – less than a day of effort p2 and removed needs-triage This issue or PR still needs to be triaged. labels Mar 3, 2021
@ericzbeard ericzbeard added the feature/service-integration Add functionality to an L2 construct to enable easier integration with another service label Apr 1, 2021
@daniel-j-h daniel-j-h mentioned this issue Apr 12, 2021
Merged
@Tietew Tietew mentioned this issue Oct 20, 2022
Closed
4 tasks
@Tietew Tietew mentioned this issue Oct 31, 2022
Merged
4 tasks
@mergify mergify bot closed this as completed in #22709 Nov 30, 2022
mergify bot pushed a commit that referenced this issue Nov 30, 2022
@Tietew
feat(cloudfront): add convenience grant methods to IDistribution (#22709
2eb7d73 
)

This PR adds convenience grant methods to `IDistribution`.

- `grant(identity, ...actions)` - generic grant method
- `grantCreateInvalidation(identity)` - shorthand to grant `cloudfront:CreateInvalidation` action.

Fixes #13159

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

brennanho pushed a commit to brennanho/aws-cdk that referenced this issue Dec 9, 2022
@Tietew
feat(cloudfront): add convenience grant methods to IDistribution (aws…
fd0f034 
…#22709)

This PR adds convenience grant methods to `IDistribution`.

- `grant(identity, ...actions)` - generic grant method
- `grantCreateInvalidation(identity)` - shorthand to grant `cloudfront:CreateInvalidation` action.

Fixes aws#13159

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
brennanho pushed a commit to brennanho/aws-cdk that referenced this issue Jan 20, 2023
@Tietew
feat(cloudfront): add convenience grant methods to IDistribution (aws…
c226912 
…#22709)

This PR adds convenience grant methods to `IDistribution`.

- `grant(identity, ...actions)` - generic grant method
- `grantCreateInvalidation(identity)` - shorthand to grant `cloudfront:CreateInvalidation` action.

Fixes aws#13159

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
brennanho pushed a commit to brennanho/aws-cdk that referenced this issue Feb 22, 2023
@Tietew
feat(cloudfront): add convenience grant methods to IDistribution (aws…
676fd7c 
…#22709)

This PR adds convenience grant methods to `IDistribution`.

- `grant(identity, ...actions)` - generic grant method
- `grantCreateInvalidation(identity)` - shorthand to grant `cloudfront:CreateInvalidation` action.

Fixes aws#13159

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-cloudfront Related to Amazon CloudFront effort/small Small work item – less than a day of effort feature/service-integration Add functionality to an L2 construct to enable easier integration with another service feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
3 participants
@daniel-j-h @ericzbeard @njlynch