Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lake Formation Permissions issue not resolved by release 4.19 #1744

Closed
ArnoPauw opened this issue Dec 17, 2021 · 2 comments
Closed

Lake Formation Permissions issue not resolved by release 4.19 #1744

ArnoPauw opened this issue Dec 17, 2021 · 2 comments
Assignees
@mikhailshilkov
Labels
kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed

Comments

@ArnoPauw
Copy link

ArnoPauw commented Dec 17, 2021
edited
Loading

Release 4.19 did not resolve issue [#1531 ] where AWS Lake Formation Permissions do not work.

It would seem from the pull request, #1614, that the contributor might not have included the intended changes. Intended changes might have been included in a different pull request but I was unable to find any such PR.

Reproduction steps and result remains the same as stated in [#1531 ] while running @pulumi/aws version 4.32
Input

	new aws.lakeformation.Permissions(
		`xxxxxxxxxxxxxxxxxxxaaaaaaaaaaaxxxxxxxx`,
		{
			permissions: ['ALL'],
			principal:
				'arn:aws:iam::xxxxxxxxxxxxxx:role/service-role/AWSGlueServiceRole-xxxxxxxxx',
			database: {
				name: 'xxxxxxxxxxxxxxxxxxxxxxxxxx',
			},
		},
	);

Output and Version
Untitled

I've also tested with pulumi/aws version 4.19 and got the same results.
@stack72 stack72 added the kind/bug Some behavior is incorrect or out of spec label Dec 20, 2021
@XanManZA
Copy link

Still no comment or updates? Lodged 17 Dec 2021...

@mikhailshilkov mikhailshilkov self-assigned this Nov 4, 2023
@mikhailshilkov mikhailshilkov added the resolution/fixed This issue was fixed label Nov 4, 2023
@mikhailshilkov
Copy link
Member

It looks like the bridge issue got resolved. I tested the following repro today with 6.4.0 and it deploys just fine:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bucket = new aws.s3.Bucket("demo-bucket", {
});

const awsGlueCatalogDatabase = new aws.glue.CatalogDatabase("demo_aws_glue_catalog_database", {
    name: "mycatalogdatabase",
});

const awsGlueCatalogTable = new aws.glue.CatalogTable("demo_aws_glue_catalog_table", {
    databaseName: awsGlueCatalogDatabase.name,
    name: "mycatalogtable",
});

const lakeformations = new aws.lakeformation.Resource("demo-lakeformation", {arn: bucket.arn});

const datalakeuser = new aws.iam.User("demo-datalakeuser");

// Export the resources
export const bucketName = bucket.id;
export const glue_database_name = awsGlueCatalogDatabase.name;
export const glue_database_catalog_name = awsGlueCatalogTable.name;
export const lakeformations_name = lakeformations.id;
export const datalakeuser_name = datalakeuser.name;

const lakeformation_permissions = new aws.lakeformation.Permissions("demo-lakepermissions", {
 permissions: ["DESCRIBE"],
 principal: datalakeuser.arn,
 database: {
     name: awsGlueCatalogDatabase.name,
 }
});

I'll go ahead and resolve the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mikhailshilkov mikhailshilkov

Labels
kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@stack72 @mikhailshilkov @XanManZA @ArnoPauw