Open climbertjh2 opened 1 month ago
Hi @climbertjh2 , Thanks for reaching out. Could you please provide the minimum sample code for repro of this issue ?
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.
Describe the bug
Situation:
Bucket
constructs in aStack
BucketPolicy
constructs in the sameStack
Result:
AWS::S3::BucketPolicy
CloudFormation resources are synthesizedStack
is deployedBucketPolicy
(not the UNION of theBucketPolicy
constructs) "wins"BucketPolicy
does not match what is defined in the CDK application.Expected Behavior
Expected Behavior is either:
BucketPolicy
is createdBucketPolicy
and the explicitly createdBucketPolicy
is what is synthesized/deployedBucketPolicy
would NOT be appropriate if it lacks the necessary permissions (in this case, allowing the AWS logging service to be able to write to the identified access logging bucket)Current Behavior
Result:
AWS::S3::BucketPolicy
CloudFormation resources are synthesizedStack
is deployedBucketPolicy
(not the UNION of theBucketPolicy
constructs) "wins"BucketPolicy
does not match what is defined in the CDK application.Reproduction Steps
See above.
Possible Solution
Suggested Behavior:
BucketPolicy
is NOT appropriate since it lacks the necessary permissions (in this case, allowing the AWS logging service to be able to write to the identified access logging bucket)Or a recommendation to use
.addToResourcePolicy()
rather than creating explicitBucketPolicy
constructs.Additional Information/Context
Sample code can be provided on request.
CDK CLI Version
2.141.0
Framework Version
aws-cdk-lib@2.138.0
Node.js Version
v20.12.2
OS
MacOS
Language
TypeScript
Language Version
typescript@5.3.3
Other information
No response