Merge branch 'master' into lambda-nodejs-assertions

aws · Jan 18, 2022 · 450cf79 · 450cf79
2 parents 98f83d3 + 03d388d
commit 450cf79
Show file tree

Hide file tree

Showing 32 changed files with 452 additions and 270 deletions.
diff --git a/packages/@aws-cdk/assets/package.json b/packages/@aws-cdk/assets/package.json
@@ -69,7 +69,7 @@
   },
   "license": "Apache-2.0",
   "devDependencies": {
-    "@aws-cdk/assert-internal": "0.0.0",
+    "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/cdk-integ-tools": "0.0.0",
     "@aws-cdk/pkglint": "0.0.0",

diff --git a/packages/@aws-cdk/assets/test/compat.test.ts b/packages/@aws-cdk/assets/test/compat.test.ts
@@ -1,5 +1,4 @@
 import { SymlinkFollowMode } from '@aws-cdk/core';
-import '@aws-cdk/assert-internal/jest';
 import { FollowMode } from '../lib';
 import { toSymlinkFollow } from '../lib/compat';
 

diff --git a/packages/@aws-cdk/assets/test/staging.test.ts b/packages/@aws-cdk/assets/test/staging.test.ts
@@ -3,7 +3,6 @@ import * as path from 'path';
 import { describeDeprecated } from '@aws-cdk/cdk-build-tools';
 import { App, Stack } from '@aws-cdk/core';
 import * as cxapi from '@aws-cdk/cx-api';
-import '@aws-cdk/assert-internal/jest';
 import { Staging } from '../lib';
 
 describeDeprecated('staging', () => {

diff --git a/packages/@aws-cdk/aws-ec2/lib/aspects/require-imdsv2-aspect.ts b/packages/@aws-cdk/aws-ec2/lib/aspects/require-imdsv2-aspect.ts
@@ -1,4 +1,6 @@
 import * as cdk from '@aws-cdk/core';
+import { FeatureFlags } from '@aws-cdk/core';
+import * as cxapi from '@aws-cdk/cx-api';
 import { CfnLaunchTemplate } from '../ec2.generated';
 import { Instance } from '../instance';
 import { LaunchTemplate } from '../launch-template';
@@ -83,17 +85,20 @@ export class InstanceRequireImdsv2Aspect extends RequireImdsv2Aspect {
       return;
     }
 
-    const name = `${node.node.id}LaunchTemplate`;
     const launchTemplate = new CfnLaunchTemplate(node, 'LaunchTemplate', {
       launchTemplateData: {
         metadataOptions: {
           httpTokens: 'required',
         },
       },
-      launchTemplateName: name,
     });
+    if (FeatureFlags.of(node).isEnabled(cxapi.EC2_UNIQUE_IMDSV2_LAUNCH_TEMPLATE_NAME)) {
+      launchTemplate.launchTemplateName = cdk.Names.uniqueId(launchTemplate);
+    } else {
+      launchTemplate.launchTemplateName = `${node.node.id}LaunchTemplate`;
+    }
     node.instance.launchTemplate = {
-      launchTemplateName: name,
+      launchTemplateName: launchTemplate.launchTemplateName,
       version: launchTemplate.getAtt('LatestVersionNumber').toString(),
     };
   }

diff --git a/packages/@aws-cdk/aws-ec2/test/aspects/require-imdsv2-aspect.test.ts b/packages/@aws-cdk/aws-ec2/test/aspects/require-imdsv2-aspect.test.ts
@@ -4,7 +4,9 @@ import {
   haveResourceLike,
 } from '@aws-cdk/assert-internal';
 import '@aws-cdk/assert-internal/jest';
+import { testFutureBehavior, testLegacyBehavior } from '@aws-cdk/cdk-build-tools';
 import * as cdk from '@aws-cdk/core';
+import * as cxapi from '@aws-cdk/cx-api';
 import {
   CfnLaunchTemplate,
   Instance,
@@ -135,6 +137,57 @@ describe('RequireImdsv2Aspect', () => {
         trace: undefined,
       });
     });
+
+    testFutureBehavior('launch template name is unique with feature flag', { [cxapi.EC2_UNIQUE_IMDSV2_LAUNCH_TEMPLATE_NAME]: true }, cdk.App, (app2) => {
+      // GIVEN
+      const otherStack = new cdk.Stack(app2, 'OtherStack');
+      const otherVpc = new Vpc(otherStack, 'OtherVpc');
+      const otherInstance = new Instance(otherStack, 'OtherInstance', {
+        vpc: otherVpc,
+        instanceType: new InstanceType('t2.micro'),
+        machineImage: MachineImage.latestAmazonLinux(),
+      });
+      const imdsv2Stack = new cdk.Stack(app2, 'RequireImdsv2Stack');
+      const imdsv2Vpc = new Vpc(imdsv2Stack, 'Vpc');
+      const instance = new Instance(imdsv2Stack, 'Instance', {
+        vpc: imdsv2Vpc,
+        instanceType: new InstanceType('t2.micro'),
+        machineImage: MachineImage.latestAmazonLinux(),
+      });
+      const aspect = new InstanceRequireImdsv2Aspect();
+
+      // WHEN
+      cdk.Aspects.of(imdsv2Stack).add(aspect);
+      cdk.Aspects.of(otherStack).add(aspect);
+      app2.synth();
+
+      // THEN
+      const launchTemplate = instance.node.tryFindChild('LaunchTemplate') as LaunchTemplate;
+      const otherLaunchTemplate = otherInstance.node.tryFindChild('LaunchTemplate') as LaunchTemplate;
+      expect(launchTemplate).toBeDefined();
+      expect(otherLaunchTemplate).toBeDefined();
+      expect(launchTemplate.launchTemplateName !== otherLaunchTemplate.launchTemplateName);
+    });
+
+    testLegacyBehavior('launch template name uses legacy id without feature flag', cdk.App, (app2) => {
+      // GIVEN
+      const imdsv2Stack = new cdk.Stack(app2, 'RequireImdsv2Stack');
+      const imdsv2Vpc = new Vpc(imdsv2Stack, 'Vpc');
+      const instance = new Instance(imdsv2Stack, 'Instance', {
+        vpc: imdsv2Vpc,
+        instanceType: new InstanceType('t2.micro'),
+        machineImage: MachineImage.latestAmazonLinux(),
+      });
+      const aspect = new InstanceRequireImdsv2Aspect();
+
+      // WHEN
+      cdk.Aspects.of(imdsv2Stack).add(aspect);
+      app2.synth();
+
+      // THEN
+      const launchTemplate = instance.node.tryFindChild('LaunchTemplate') as LaunchTemplate;
+      expect(launchTemplate.launchTemplateName).toEqual(`${instance.node.id}LaunchTemplate`);
+    });
   });
 
   describe('LaunchTemplateRequireImdsv2Aspect', () => {

diff --git a/packages/@aws-cdk/aws-fsx/package.json b/packages/@aws-cdk/aws-fsx/package.json
@@ -81,7 +81,7 @@
   },
   "license": "Apache-2.0",
   "devDependencies": {
-    "@aws-cdk/assert-internal": "0.0.0",
+    "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/cdk-integ-tools": "0.0.0",
     "@aws-cdk/cfn2ts": "0.0.0",

diff --git a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts
@@ -1,5 +1,5 @@
 import { strictEqual } from 'assert';
-import { expect as expectCDK, haveResource, ResourcePart } from '@aws-cdk/assert-internal';
+import { Template } from '@aws-cdk/assertions';
 import { ISubnet, Port, SecurityGroup, Subnet, Vpc } from '@aws-cdk/aws-ec2';
 import { Key } from '@aws-cdk/aws-kms';
 import { Aws, Stack, Token } from '@aws-cdk/core';
@@ -35,15 +35,15 @@ describe('FSx for Lustre File System', () => {
       vpcSubnet,
     });
 
-    expectCDK(stack).to(haveResource('AWS::FSx::FileSystem'));
-    expectCDK(stack).to(haveResource('AWS::EC2::SecurityGroup'));
+    Template.fromStack(stack).hasResource('AWS::FSx::FileSystem', {});
+    Template.fromStack(stack).hasResource('AWS::EC2::SecurityGroup', {});
     strictEqual(
       fileSystem.dnsName,
       `${fileSystem.fileSystemId}.fsx.${stack.region}.${Aws.URL_SUFFIX}`);
 
-    expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+    Template.fromStack(stack).hasResource('AWS::FSx::FileSystem', {
       DeletionPolicy: 'Retain',
-    }, ResourcePart.CompleteDefinition));
+    });
   });
 
   test('file system is created correctly when security group is provided', () => {
@@ -63,8 +63,8 @@ describe('FSx for Lustre File System', () => {
       vpcSubnet,
     });
 
-    expectCDK(stack).to(haveResource('AWS::FSx::FileSystem'));
-    expectCDK(stack).to(haveResource('AWS::EC2::SecurityGroup'));
+    Template.fromStack(stack).hasResource('AWS::FSx::FileSystem', {});
+    Template.fromStack(stack).hasResource('AWS::EC2::SecurityGroup', {});
   });
 
   test('encrypted file system is created correctly with custom KMS', () => {
@@ -88,11 +88,11 @@ describe('FSx for Lustre File System', () => {
      * in generated CDK, hence hardcoding the MD5 hash here for assertion. Assumption is that the path of the Key wont
      * change in this UT. Checked the unique id by generating the cloud formation stack.
      */
-    expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+    Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
       KmsKeyId: {
         Ref: 'customKeyFSDDB87C6D',
       },
-    }));
+    });
   });
 
   test('file system is created correctly when weekly maintenance time is provided', () => {
@@ -118,13 +118,13 @@ describe('FSx for Lustre File System', () => {
       vpcSubnet,
     });
 
-    expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+    Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
       LustreConfiguration: {
         DeploymentType: 'SCRATCH_2',
         WeeklyMaintenanceStartTime: '7:12:34',
       },
-    }));
-    expectCDK(stack).to(haveResource('AWS::EC2::SecurityGroup'));
+    });
+    Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroup', {});
   });
 
   describe('when validating props', () => {
@@ -145,13 +145,13 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_2,
             ExportPath: exportPath,
             ImportPath: importPath,
           },
-        }));
+        });
       });
 
       test('export and import paths are Tokens', () => {
@@ -172,13 +172,13 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_2,
             ExportPath: exportPathResolved,
             ImportPath: importPathResolved,
           },
-        }));
+        });
       });
 
       test('only export path is Token', () => {
@@ -299,12 +299,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_2,
             ImportedFileChunkSize: size,
           },
-        }));
+        });
       });
 
       test.each([
@@ -342,12 +342,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_2,
             ImportPath: importPath,
           },
-        }));
+        });
       });
 
       test('import path is Token', () => {
@@ -364,12 +364,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_2,
             ImportPath: importPathResolved,
           },
-        }));
+        });
       });
 
       test('invalid import path format', () => {
@@ -428,12 +428,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.PERSISTENT_1,
             PerUnitStorageThroughput: throughput,
           },
-        }));
+        });
       });
 
       test('invalid perUnitStorageThroughput', () => {
@@ -489,12 +489,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: deploymentType,
           },
           StorageCapacity: value,
-        }));
+        });
       });
 
       test.each([
@@ -529,12 +529,12 @@ describe('FSx for Lustre File System', () => {
           vpcSubnet,
         });
 
-        expectCDK(stack).to(haveResource('AWS::FSx::FileSystem', {
+        Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', {
           LustreConfiguration: {
             DeploymentType: LustreDeploymentType.SCRATCH_1,
           },
           StorageCapacity: validValue,
-        }));
+        });
       });
 
       test.each([1, 3601])('invalid value of %d for storage capacity with SCRATCH_1', (invalidValue: number) => {
@@ -566,8 +566,8 @@ describe('FSx for Lustre File System', () => {
 
     fs.connections.allowToAnyIpv4(Port.tcp(443));
 
-    expectCDK(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', {
+    Template.fromStack(stack).hasResourceProperties('AWS::EC2::SecurityGroupEgress', {
       GroupId: 'sg-123456789',
-    }));
+    });
   });
 });
diff --git a/packages/@aws-cdk/aws-kinesis/package.json b/packages/@aws-cdk/aws-kinesis/package.json
@@ -79,7 +79,7 @@
   },
   "license": "Apache-2.0",
   "devDependencies": {
-    "@aws-cdk/assert-internal": "0.0.0",
+    "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/cdk-integ-tools": "0.0.0",
     "@aws-cdk/cfn2ts": "0.0.0",