Fix for regions where resource policy not supported to not throw error during create

aws-redshiftserverless-namespace/src/main/java/software/amazon/redshiftserverless/namespace/CreateHandler.java

@@ -8,6 +8,7 @@
 import software.amazon.awssdk.services.redshift.model.RedshiftException;
 import software.amazon.awssdk.services.redshift.model.ResourceNotFoundException;
 import software.amazon.awssdk.services.redshift.model.UnsupportedOperationException;
+import software.amazon.awssdk.services.redshift.model.ResourcePolicy;
 import software.amazon.awssdk.services.redshiftserverless.model.CreateNamespaceRequest;
 import software.amazon.awssdk.services.redshiftserverless.model.CreateNamespaceResponse;
 import software.amazon.awssdk.services.redshiftserverless.RedshiftServerlessClient;
@@ -82,7 +83,10 @@ private PutResourcePolicyResponse putNamespaceResourcePolicy(
             putResponse = proxyClient.injectCredentialsAndInvokeV2(putRequest, proxyClient.client()::putResourcePolicy);
         } catch (ResourceNotFoundException e){
             throw new CfnNotFoundException(e);
-        } catch (InvalidPolicyException | UnsupportedOperationException | InvalidParameterValueException e) {
+        } catch (UnsupportedOperationException e) {
+            logger.log(e);
+            return noOpNamespaceResourcePoliy(putRequest);
+        } catch (InvalidPolicyException | InvalidParameterValueException e) {
             throw new CfnInvalidRequestException(ResourceModel.TYPE_NAME, e);
         } catch (SdkClientException | RedshiftException e) {
             throw new CfnGeneralServiceException(ResourceModel.TYPE_NAME, e);
@@ -92,6 +96,20 @@ private PutResourcePolicyResponse putNamespaceResourcePolicy(
         return putResponse;
     }
 
+    /**
+     * No Op method for assigning empty resource policy for Namespace create response.
+     * @param awsRequest the aws service request to describe a resource
+     * @return GetResourcePolicyResponse
+     */
+    private PutResourcePolicyResponse noOpNamespaceResourcePoliy(final PutResourcePolicyRequest awsRequest) {
+        ResourcePolicy resourcePolicy = ResourcePolicy.builder()
+                .resourceArn(awsRequest.resourceArn())
+                .policy(null)
+                .build();
+
+        return PutResourcePolicyResponse.builder().resourcePolicy(resourcePolicy).build();
+    }
+
     private ProgressEvent<ResourceModel, CallbackContext> createNamespaceErrorHandler(final CreateNamespaceRequest createNamespaceRequest,
                                                                                       final Exception exception,
                                                                                       final ProxyClient<RedshiftServerlessClient> client,

aws-redshiftserverless-namespace/src/main/java/software/amazon/redshiftserverless/namespace/ReadHandler.java

@@ -96,7 +96,7 @@ private GetResourcePolicyResponse getNamespaceResourcePolicy(
         } catch (InvalidPolicyException | UnsupportedOperationException e) {
           /* ResourcePolicy is not enabled in all regions, we should handle unsupported operation exception
           if NamespaceResourcePolicy is not added as a property while creating Namespace resource. */
-          if(!containsResourcePolicy && e.statusCode() == RESOURCE_POLICY_UNSUPPORTED_ERR_STATUS_CODE &&
+          if(e.statusCode() == RESOURCE_POLICY_UNSUPPORTED_ERR_STATUS_CODE &&
                   e.awsErrorDetails().errorMessage().contains(RESOURCE_POLICY_UNSUPPORTED_ERROR)) {
               logger.log(e.getMessage());
               return noOpNamespaceResourcePoliy(awsRequest);
@@ -107,7 +107,7 @@ private GetResourcePolicyResponse getNamespaceResourcePolicy(
             /* This error handling is required for backward compatibility. Without this exception handling, existing customers creating
             or updating their namespace will see an error with permission issues - "is not authorized to perform: redshift:GetResourcePolicy",
             as Read handler is trying to hit getResourcePolicy APIs to get namespaceResourcePolicy details.*/
-            if(!containsResourcePolicy && e.statusCode() == GET_RESOURCE_POLICY_ERR_STATUS_CODE &&
+            if(e.statusCode() == GET_RESOURCE_POLICY_ERR_STATUS_CODE &&
                     e.awsErrorDetails().errorMessage().contains(GET_RESOURCE_POLICY_ERROR)) {
                 logger.log(String.format("RedshiftException:  %s", e.getMessage()));
                 return noOpNamespaceResourcePoliy(awsRequest);