Skip to content

(aws-s3-notifications): add s3 trust to key for SNS event subscription #16271

New issue
New issue
Open
#33858
Open
(aws-s3-notifications): add s3 trust to key for SNS event subscription#16271
#33858
Labels
@aws-cdk/aws-s3-notificationsfeature-requestA feature should be added or improved.p1
@SamStephens

Description

@SamStephens
SamStephens
opened on Aug 30, 2021

Automatically add the required policy to the KMS key when an encrypted SNS topic is subscribed to S3 event.

Equivalent logic is present when subscribing an SQS queue to an S3 event.

Use Case

When configuring S3 notifications, I do not have to manually configure KMS trust for S3 when subscribing an encrypted SNS topic.

Proposed Solution

Add similar logic to encrypted SNS notification subscriptions as is present for encrypted SQS notification subscriptions.

Other

I had trouble finding where the logic doing this lives in the CDK currently, but here is the test showing this is done for SQS subscriptions, and here is the logic in an old version of the CDK, as referenced in #2504.

This is a 🚀 Feature Request

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-s3-notificationsfeature-requestA feature should be added or improved.p1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions