Open dossy opened 5 months ago
Hey guys, when do you plan to implement it? Does it have any workaround? Thanks.
Hey, we're still waiting on an update, thanks :)
@marcelinhov2 a workaround is to use a Custom Resource to call the GetNamespace
API. I've done it CDK, but it can be reproduced in CloudFormation
// Custom resource role, for least privilege
const getNamespaceCRRole = new iam.Role(this, 'GetNamespaceRole', {
assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'),
inlinePolicies: {
NamespaceCRPolicy: new iam.PolicyDocument({
statements: [
new iam.PolicyStatement({
actions: ['redshift-serverless:GetNamespace'],
resources: ['exmpleNamespaceArn'],
}),
new iam.PolicyStatement({
actions: ['logs:CreateLogStream', 'logs:PutLogEvents'],
resources: ['logGroupArn'],
}),
],
}),
},
});
// custom resource def
const getNamespaceCR = new cr.AwsCustomResource(this, 'GetNamespaceCR', {
onUpdate: {
service: 'RedshiftServerless',
action: 'GetNamespace',
parameters: {
namespaceName: props.namespaceName,
},
physicalResourceId: cr.PhysicalResourceId.of('exampleNamespaceName'),
},
role: getNamespaceCRRole.withoutPolicyUpdates(),
functionName: props.getNamespaceFunctionName,
logGroup: logGroupConstruct,
});
// importing the secret into the CDK, using the full secret ARN
this.redshiftAdminSecret = secretsmanager.Secret.fromSecretCompleteArn(
this,
'RedshiftAdminSecret',
getNamespaceCR.getResponseField('namespace.adminPasswordSecretArn')
);
Name of the resource
AWS::RedshiftServerless::Namespace
Resource name
No response
Description
AWS::RedshiftServerless::Namespace missing AdminPasswordSecretArn
See:
Related:
Other Details
No response