Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Allow to specify custom KMS key for S3 object #505

Merged
merged 4 commits into from
Nov 3, 2023
Merged

feat: Allow to specify custom KMS key for S3 object #505

merged 4 commits into from
Nov 3, 2023

Conversation

joschna
Copy link
Contributor

@joschna joschna commented Oct 20, 2023

Description

I added a new variable s3_kms_key_id that allows to specify the KMS key that is used to encrypt the S3 object representing the Lambda package.

Motivation and Context

We are using S3 buckets with custom KMS key encryption to store our Lambda build artifacts. This module currently does not allow to specify a KMS key on the aws_s3_object resource which leads to failures when trying to upload the package (denied by bucket policy).

Breaking Changes

No

How Has This Been Tested?

  • I have updated at least one of the examples/* to demonstrate and validate my change(s)
    Added example s3-custom-kms-key
  • I have tested and validated these changes using one or more of the provided examples/* projects
    Changes were validated by deploying the complete example
  • I have executed pre-commit run -a on my pull request

joschna and others added 4 commits October 20, 2023 10:58
@joschna
Allow custom KMS key encryption for packages that are stored in s3
e427799 
The aws_s3_object resource currently does not allow to specify to kms_key_id parameter to provide a custom KMS key ARN to use for encryption. A new variable "s3_kms_key_id" has been introduced to allow to specify it.
@joschna
Add example 's3-custom-kms-key' and update documentation
5945ae1 
New example 's3-custom-kms-key' was added and mentioned in the main README
@antonbabenko
Merge branch 'master' into s3-enable-custom-kms-key
36e1009
@antonbabenko
Removed unnecessary examples/s3-custom-kms-key
a5cd8ff
antonbabenko
antonbabenko approved these changes Nov 3, 2023
View reviewed changes
Copy link
Member

@antonbabenko antonbabenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. I have updated this PR by removing unnecessary example code.

@antonbabenko antonbabenko merged commit eb339d6 into terraform-aws-modules:master Nov 3, 2023
27 checks passed
antonbabenko pushed a commit that referenced this pull request Nov 3, 2023
@semantic-release-bot
chore(release): version 6.3.0 [skip ci]
04e0349 
## [6.3.0](v6.2.0...v6.3.0) (2023-11-03)

### Features

* Allow to specify custom KMS key for S3 object ([#505](#505)) ([eb339d6](eb339d6))
@antonbabenko
Copy link
Member

This PR is included in version 6.3.0 🎉

@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2023

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 4, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@antonbabenko antonbabenko antonbabenko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joschna @antonbabenko