Open Context Providers #18
Comments
|
Copied from #166 Development within the CDK Construct library itself benefits greatly from this capability. When a new ContextProvider is needed, then a CDK contributor can just create it. Unfortunately, since the providers are hard-coded into the CDK, no 3rd party construct library can create their own ContextProvider; other than by contributing it to the CDK, of course. Some ContextProviders may be too specialized for reasonable consideration as a CDK contribution. Instead 3rd party libraries are required to implement workarounds, like CfnCustomResources that resolve during deployment instead of during synthesis. This increases the size of the Cfn template generated by the app, increases the time required to deploy the stack, adds unnecessary extra resources to the user's account, and makes it possible for a value generated by the CfnCustomResource to differ from one deployment to the next. Unfortunately, these CfnCustomResources required by 3rd party construct libraries may also be a security risk to the user. The lambda that backs them persists as long as the stack is deployed, and that lambda is granted permissions into the account that may be possible to leverage by an attacker that gains access to the lambda; depending on the lambda's purpose, of course. Use CaseI'm developing a third party construct library, and am running into exactly this problem. I have a requirement that would best/most-securely be met by a ContextProvider, but need to implement it with a CfnCustomResource instead. Proposed SolutionNot sure how this might be implemented; not familiar with these guts of the CDK. Should a plugin be attachable at run-time, or only on the command-line when invoked? ex: or The former is nice in that it's pretty easy to use, but may be a security risk -- a construct could register whatever provider it likes to get whatever data it likes. The later is clunky, but at least requires the user to take an explicit action to enable the provider. |
|
RFC created: #167 |
eladb
added
status/review
eladb
added
status/proposed
|
I think the former of the two examples seems the nicest. I'm not sure I see the security risk of having constructs add their own providers, considering all the other things a construct could do that's just as malicious (like running arbitrary network code). |
|
This topic has come to get me again. My use case is that i want to use a context provider to get an address allocation from IPAM. I need the allocation at synth time, so ec2.Vpc can calculate the subnets. |
|
A use case I've been mulling over for a while is pulling metadata from something like backstage.io and storing it in context. While we don't use backstage at my current company we do have internal metadata that can change, so being able to pull it in and ensure deterministic deploys would be great. Seemed like a nice match for a context provider. |
|
@gradybarrett We do have a similar use case where i would like to fetch some project metadata, but have it in the context to ensure it does not change unexpectedly. |
|
Any updates on this? I would like to be able to create context providers to import resource not currently supported by the existing ones. The primary motivation is to shift-left errors caused by referencing a resource that does not exist, instead of waiting until the stack operation to fail because I fat fingered the Arn of the execution role of a function. Thank you. |
|
If anyone wants to take this over, then I won't stand in their way. I do not have the bandwidth for tackling this, and I've mostly moved on to other projects that do not involve the CDK. |
|
Won't implement. This is not a feature that we believe is beneficial to the wider install base. |
mrgrain
added
status/stale
Description
e.g. constructs should be able to say they use a 3rd party vended context provider
Progress
The text was updated successfully, but these errors were encountered: