Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(msk): allow both sasl/scram and iam auth #31743

Merged
merged 10 commits into from
Feb 8, 2025
Merged

fix(msk): allow both sasl/scram and iam auth #31743

merged 10 commits into from
Feb 8, 2025

Conversation

msambol
Copy link
Contributor

@msambol msambol commented Oct 14, 2024
edited by kaizencc
Loading

Pointed out here and verified in the Console, both SASL/SCRAM and IAM can be enabled together.

Closes #32779

It's a little confusing because CloudFormation groups Iam and Scram together under Sasl,
but the Console separates the two and allows both at the same time. I'd like to refactor this further but
this change unblocks the issue where SASL/SCRAM and IAM cannot be enabled together.

image

@aws-cdk-automation aws-cdk-automation requested a review from a team October 14, 2024 05:09
@github-actions github-actions bot added distinguished-contributor [Pilot] contributed 50+ PRs to the CDK p2 labels Oct 14, 2024
aws-cdk-automation
aws-cdk-automation previously requested changes Oct 14, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

msambol
msambol commented Oct 14, 2024
View reviewed changes
packages/@aws-cdk/aws-msk-alpha/README.md
@@ -124,7 +124,7 @@ const cluster = new msk.Cluster(this, 'cluster', {
});
```

### SASL/IAM
### IAM
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removing SASL here to avoid confusion.

@msambol msambol mentioned this pull request Oct 14, 2024
Merged
@msambol msambol changed the title fix(msk): allow both scram and iam auth fix(msk): allow both sasl/scram and iam auth Oct 14, 2024
@aws-cdk-automation aws-cdk-automation dismissed their stale review October 14, 2024 07:50

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Oct 14, 2024
nmussy
nmussy suggested changes Oct 14, 2024
View reviewed changes
Copy link
Contributor

@nmussy nmussy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall, just some missing regression tests and a style suggestion.

This is probably outside the scope of this PR, but it might be a good idea to expose Enabled if a user wants to set the props value but disable the feature. I'm just assuming here, but switching from Enabled: false to Enabled: true might be faster than updating CertificateAuthorityArnList for instance.

@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Oct 14, 2024
@msambol
Copy link
Contributor Author

msambol commented Oct 14, 2024

This is probably outside the scope of this PR, but it might be a good idea to expose Enabled if a user wants to set the props value but disable the feature. I'm just assuming here, but switching from Enabled: false to Enabled: true might be faster than updating CertificateAuthorityArnList for instance.

Agree on adding that, perhaps in a follow-on PR. I also think Iam should be decoupled from the SaslProps.

@github-actions github-actions bot mentioned this pull request Nov 1, 2024
Closed
@aws-cdk-automation
Copy link
Collaborator

This PR has been in the MERGE CONFLICTS state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week.

@codecov Codecov
Copy link

codecov bot commented Dec 22, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.92%. Comparing base (cf9d9e2) to head (b4c64de).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #31743   +/-   ##
=======================================
  Coverage   80.92%   80.92%           
=======================================
  Files         236      236           
  Lines       14253    14253           
  Branches     2490     2490           
=======================================
  Hits        11534    11534           
  Misses       2434     2434           
  Partials      285      285
Flag Coverage Δ
suite.unit 80.92% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 79.73% <ø> (ø)
packages/aws-cdk-lib/core 82.20% <ø> (ø)

@mazyu36 mazyu36 mentioned this pull request Jan 8, 2025
Closed
1 task
@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort labels Jan 9, 2025
@aws-cdk-automation
Copy link
Collaborator

This PR has been in the MERGE CONFLICTS state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week.

nmussy
nmussy approved these changes Jan 16, 2025
View reviewed changes
Copy link
Contributor

@nmussy nmussy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks for the changes 👍

@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Jan 16, 2025
@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Feb 3, 2025
@mergify mergify bot dismissed gracelu0’s stale review February 3, 2025 21:20

Pull request has been modified.

@msambol
Copy link
Contributor Author

msambol commented Feb 3, 2025

@gracelu0 fixed :)

@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Feb 3, 2025
@msambol
Copy link
Contributor Author

msambol commented Feb 7, 2025

@gracelu0 could we get this in today :)

gracelu0
gracelu0 previously approved these changes Feb 8, 2025
View reviewed changes
Copy link
Contributor

@gracelu0 gracelu0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 8, 2025

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 8, 2025

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated

You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it.

If you want to requeue this pull request, you need to post a comment with the text: @mergifyio requeue

@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Feb 8, 2025
@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 8, 2025

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot dismissed gracelu0’s stale review February 8, 2025 01:20

Pull request has been modified.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: b4c64de
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 8, 2025

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit fbcb732 into aws:main Feb 8, 2025
22 checks passed
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 8, 2025

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 8, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nmussy nmussy

@gracelu0 gracelu0

@aws-cdk-automation aws-cdk-automation

Assignees

@gracelu0 gracelu0

Labels
bug This issue is a bug. distinguished-contributor [Pilot] contributed 50+ PRs to the CDK effort/small Small work item – less than a day of effort p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

aws-msk-alpha: Cluster enforces incorrect authentication constraint
4 participants
@msambol @aws-cdk-automation @nmussy @gracelu0