When creating AWS::RUM::AppMonitor using CDK, we can omit passing AppMonitorConfiguration and let RUM create identityPool and anonymous guest IAM role. However, it would apply default values for other properties; e.g. the sample rate used for CloudWatch RUM is set to 10% of the user sessions.
On the other hand, when a AppMonitorConfiguration is supplied but guestRoleArn and identityPoolId are omitted:
Then the created AppMonitor is configured to use private authentication from existing provider. This is somewhat unexpected.
Desired feature
Allow customize AppMonitor via appMonitorConfiguration but still delegate creation of IdentityPool and GuestRole to RUM's internal logic(A.K.A option 1 from the attached screenshot):
In other words, it would be much clearer to set authorization option explicitly in CDK instead of inferring implicitly.
Please provide your feature request
Problem:
When creating AWS::RUM::AppMonitor using CDK, we can omit passing AppMonitorConfiguration and let RUM create identityPool and anonymous guest IAM role. However, it would apply default values for other properties; e.g. the sample rate used for CloudWatch RUM is set to 10% of the user sessions.
On the other hand, when a AppMonitorConfiguration is supplied but
guestRoleArnandidentityPoolIdare omitted:Then the created AppMonitor is configured to use private authentication from existing provider. This is somewhat unexpected.
Desired feature
Allow customize AppMonitor via appMonitorConfiguration but still delegate creation of IdentityPool and GuestRole to RUM's internal logic(A.K.A option 1 from the attached screenshot):
In other words, it would be much clearer to set authorization option explicitly in CDK instead of inferring implicitly.