Skip to content

Remove DdApiKeySecretArn AllowedPattern constraints to allow friendly name support in DD forwarder lambda #956

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 1, 2025
Merged

Remove DdApiKeySecretArn AllowedPattern constraints to allow friendly name support in DD forwarder lambda #956

merged 2 commits into from
Jul 1, 2025

Conversation

LorisFriedel
Copy link
Member

@LorisFriedel LorisFriedel commented Jul 1, 2025
edited
Loading

What does this PR do?

To allow the use of the simple (aka friendly) name of the DD API key secret, I'm removing the AllowedPattern constraints on the DdApiKeySecretArn template variable and updating the variable description accordingly.

Motivation

This allows to use a naming convention for the secret names and deploy the lambda without having to know the full ARN of the secret. This makes scaling the use of the Datadog Forwarder much easier.

Testing Guidelines

The lambda code is using boto3.client.get_secret_value(SecretId=<var>), which, according to its documentation, allows to retrieve a secret from its ARN or its name (if the secret is in the same account):

SecretId (string) – [REQUIRED]
The ARN -->or name<-- of the secret to retrieve. To retrieve a secret from another account, you must use an ARN.

Types of changes

  • Bug fix
  • New feature
  • Breaking change
  • Misc (docs, refactoring, dependency upgrade, etc.)

Check all that apply

  • This PR's description is comprehensive
  • This PR contains breaking changes that are documented in the description
  • This PR introduces new APIs or parameters that are documented and unlikely to change in the foreseeable future
  • This PR impacts documentation, and it has been updated (or a ticket has been logged)
  • This PR's changes are covered by the automated tests
  • This PR collects user input/sensitive content into Datadog
  • This PR passes the integration tests (ask a Datadog member to run the tests)
  • This PR passes the unit tests
  • This PR passes the installation tests (ask a Datadog member to run the tests)

@LorisFriedel LorisFriedel requested a review from a team as a code owner July 1, 2025 00:03
@github-actions github-actions bot added the aws label Jul 1, 2025
@LorisFriedel LorisFriedel merged commit cb604e9 into master Jul 1, 2025
11 checks passed
@LorisFriedel LorisFriedel deleted the loris.friedel/relax-constraints-DdApiKeySecretArn-OBSPLTF-481 branch July 1, 2025 13:18
@LorisFriedel LorisFriedel mentioned this pull request Jul 1, 2025
Closed
@ktmq ktmq mentioned this pull request Jul 1, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ViBiOh ViBiOh ViBiOh approved these changes

Assignees
No one assigned
Labels
aws
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LorisFriedel @ViBiOh