diff --git a/.github/semantic.yml b/.github/semantic.yml deleted file mode 100644 index 9de964cc96cc3..0000000000000 --- a/.github/semantic.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Configuration for Semantic Pull Requests -titleOnly: true - -types: - - feat - - fix - - docs - - style - - refactor - - perf - - test - - build - - ci - - chore - - revert - - release - diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index cdcc281243a3c..d487a00514868 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.35.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.34.2-alpha.0...v2.35.0-alpha.0) (2022-08-02) + + +### Bug Fixes + +* **cognito-identitypool:** providerUrl causes error when mappingKey is not provided and it is a token ([#21191](https://github.com/aws/aws-cdk/issues/21191)) ([d91c904](https://github.com/aws/aws-cdk/commit/d91c9045b2ca027947c94ff8b93adb80f8ca8434)), closes [#19222](https://github.com/aws/aws-cdk/issues/19222) [/github.com/aws/aws-cdk/pull/21056#issuecomment-1178879318](https://github.com/aws//github.com/aws/aws-cdk/pull/21056/issues/issuecomment-1178879318) + ## [2.34.2-alpha.0](https://github.com/aws/aws-cdk/compare/v2.34.1-alpha.0...v2.34.2-alpha.0) (2022-07-29) ## [2.34.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.34.0-alpha.0...v2.34.1-alpha.0) (2022-07-29) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 350acc9cf3102..d8af952ec722f 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,37 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.35.0](https://github.com/aws/aws-cdk/compare/v2.34.2...v2.35.0) (2022-08-02) + + +### Features + +* **config:** add support for eks-cluster-xxx-version managed rule ([#21344](https://github.com/aws/aws-cdk/issues/21344)) ([82e8100](https://github.com/aws/aws-cdk/commit/82e81008c08669429c19c5b864292b256aaf976e)), closes [#21254](https://github.com/aws/aws-cdk/issues/21254) +* **core:** cache fingerprints of large assets ([#21321](https://github.com/aws/aws-cdk/issues/21321)) ([17f1ec8](https://github.com/aws/aws-cdk/commit/17f1ec881ba8fb300bd4cf8674a87640ab05c31a)), closes [#21297](https://github.com/aws/aws-cdk/issues/21297) +* **ec2:** add missing endpoints to InterfaceVpcEndpointAwsService ([#21401](https://github.com/aws/aws-cdk/issues/21401)) ([c64cccb](https://github.com/aws/aws-cdk/commit/c64cccb0f17d014f978b8df38f47dcfa254c89e6)), closes [#21402](https://github.com/aws/aws-cdk/issues/21402) [#21220](https://github.com/aws/aws-cdk/issues/21220) [#21338](https://github.com/aws/aws-cdk/issues/21338) [#19420](https://github.com/aws/aws-cdk/issues/19420) +* **events-targets:** add dlq support for ecs target ([#21396](https://github.com/aws/aws-cdk/issues/21396)) ([e82ba52](https://github.com/aws/aws-cdk/commit/e82ba52ac5c27863cc30309502ecd45810f96803)), closes [#21118](https://github.com/aws/aws-cdk/issues/21118) +* **fsx:** support AutoImportPolicy in LustreFilesystem ([#21301](https://github.com/aws/aws-cdk/issues/21301)) ([b1ce472](https://github.com/aws/aws-cdk/commit/b1ce472ed2a15480980286f21a028fdc20cdb91d)) +* **fsx:** support DataCompressionType in LustreConfiguration ([#21392](https://github.com/aws/aws-cdk/issues/21392)) ([214a792](https://github.com/aws/aws-cdk/commit/214a7921616fa2cf3031e17cc26308772878fefd)), closes [#16431](https://github.com/aws/aws-cdk/issues/16431) +* **opensearch:** add support for latest amazon opensearch service 1.3 ([#21413](https://github.com/aws/aws-cdk/issues/21413)) ([aa55715](https://github.com/aws/aws-cdk/commit/aa5571532f046158cde3da6080a8b19d9b1339e0)), closes [#21414](https://github.com/aws/aws-cdk/issues/21414) +* **pipelines:** allow use of custom role for pipeline ([#21299](https://github.com/aws/aws-cdk/issues/21299)) ([ff3c01a](https://github.com/aws/aws-cdk/commit/ff3c01a85d1bd32c149e83fda5bf44ec3253e99d)), closes [#21412](https://github.com/aws/aws-cdk/issues/21412) +* **rds:** add copyTagsToSnapshot to the construct props for ServerlessCluster and ServerlessClusterFromSnapshot ([#21056](https://github.com/aws/aws-cdk/issues/21056)) ([47333a1](https://github.com/aws/aws-cdk/commit/47333a12f83fbac6c8174bd7fe13f1e41159f8ae)), closes [#20968](https://github.com/aws/aws-cdk/issues/20968) + + +### Bug Fixes + +* **appmesh:** routes with weight 0 are assigned a weight of 1 ([#21400](https://github.com/aws/aws-cdk/issues/21400)) ([fa0341f](https://github.com/aws/aws-cdk/commit/fa0341f9caceff040a1af5b6ee7b4f8a736d02bf)) +* **cognito:** UserPoolClient doesn't correctly respect authFlows ([#21386](https://github.com/aws/aws-cdk/issues/21386)) ([daf178a](https://github.com/aws/aws-cdk/commit/daf178aa38632c9b830c20924a77b27b04698ce9)), closes [#16236](https://github.com/aws/aws-cdk/issues/16236) +* **core:** asset fingerprint cache invalidation incorrectly uses mtime ([#21374](https://github.com/aws/aws-cdk/issues/21374)) ([65a210a](https://github.com/aws/aws-cdk/commit/65a210aaaf8f45095170bca7779fd274aab54a00)), closes [#21321](https://github.com/aws/aws-cdk/issues/21321) +* **ecs:** ec2Service placement strategies use incorrect casing which causes drift ([#20946](https://github.com/aws/aws-cdk/issues/20946)) ([715158f](https://github.com/aws/aws-cdk/commit/715158f44ae1576361b93ec529f09d7dc0472c3b)), closes [#20812](https://github.com/aws/aws-cdk/issues/20812) +* **ecs:** new arn format not supported (under feature flag) ([#18140](https://github.com/aws/aws-cdk/issues/18140)) ([9749a57](https://github.com/aws/aws-cdk/commit/9749a5725c4f5cb13313a3d28d6b52e85c59548b)), closes [#16634](https://github.com/aws/aws-cdk/issues/16634) [#18137](https://github.com/aws/aws-cdk/issues/18137) +* **eks:** cannot disable cluster logging once it has been enabled ([#21185](https://github.com/aws/aws-cdk/issues/21185)) ([e41b073](https://github.com/aws/aws-cdk/commit/e41b073415bf68c8862219242d8f92c7fb6c16bb)), closes [#18112](https://github.com/aws/aws-cdk/issues/18112) [#20707](https://github.com/aws/aws-cdk/issues/20707) [#19898](https://github.com/aws/aws-cdk/issues/19898) +* **events:** archive construct does not have defaultChild set ([#21345](https://github.com/aws/aws-cdk/issues/21345)) ([de7d825](https://github.com/aws/aws-cdk/commit/de7d825a32e7d4ab7fd168ee61eb4243d87f41ff)), closes [#21263](https://github.com/aws/aws-cdk/issues/21263) + + +### Reverts + +* **cli:** cannot pass objects and numbers as context arguments ([#21387](https://github.com/aws/aws-cdk/issues/21387)) ([2fa85b9](https://github.com/aws/aws-cdk/commit/2fa85b99d643cd35c9685a0bd7d857ffdf55c486)), closes [aws/aws-cdk#20068](https://github.com/aws/aws-cdk/issues/20068) + ## [2.34.2](https://github.com/aws/aws-cdk/compare/v2.34.1...v2.34.2) (2022-07-29) ### Bug Fixes diff --git a/package.json b/package.json index 0cad796333733..67cbc706c2342 100644 --- a/package.json +++ b/package.json @@ -18,15 +18,15 @@ "devDependencies": { "@types/prettier": "2.6.0", "@yarnpkg/lockfile": "^1.1.0", - "cdk-generate-synthetic-examples": "^0.1.12", + "cdk-generate-synthetic-examples": "^0.1.14", "conventional-changelog-cli": "^2.2.2", "fs-extra": "^9.1.0", "graceful-fs": "^4.2.10", "jest-junit": "^13.2.0", - "jsii-diff": "^1.63.0", - "jsii-pacmak": "^1.62.0", - "jsii-reflect": "^1.63.0", - "jsii-rosetta": "^1.63.0", + "jsii-diff": "^1.63.2", + "jsii-pacmak": "^1.63.2", + "jsii-reflect": "^1.63.2", + "jsii-rosetta": "^1.63.2", "lerna": "^4.0.0", "patch-package": "^6.4.7", "semver": "^6.3.0", @@ -36,8 +36,7 @@ "resolutions": { "colors": "1.4.0", "markdown-it": "^12.3.2", - "string-width": "^4.2.3", - "jsii-pacmak": "1.62.0" + "string-width": "^4.2.3" }, "repository": { "type": "git", diff --git a/packages/@aws-cdk/aws-apigateway/README.md b/packages/@aws-cdk/aws-apigateway/README.md index e5e0a146e5e14..2663ef5fcdbbc 100644 --- a/packages/@aws-cdk/aws-apigateway/README.md +++ b/packages/@aws-cdk/aws-apigateway/README.md @@ -1305,13 +1305,19 @@ in your openApi file. ## Metrics The API Gateway service sends metrics around the performance of Rest APIs to Amazon CloudWatch. -These metrics can be referred to using the metric APIs available on the `RestApi` construct. -The APIs with the `metric` prefix can be used to get reference to specific metrics for this API. For example, -the method below refers to the client side errors metric for this API. +These metrics can be referred to using the metric APIs available on the `RestApi`, `Stage` and `Method` constructs. +Note that detailed metrics must be enabled for a stage to use the `Method` metrics. +Read more about [API Gateway metrics](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-metrics-and-dimensions.html), including enabling detailed metrics. +The APIs with the `metric` prefix can be used to get reference to specific metrics for this API. For example: ```ts const api = new apigateway.RestApi(this, 'my-api'); -const clientErrorMetric = api.metricClientError(); +const stage = api.deploymentStage; +const method = api.root.addMethod('GET'); + +const clientErrorApiMetric = api.metricClientError(); +const serverErrorStageMetric = stage.metricServerError(); +const latencyMethodMetric = method.metricLatency(stage); ``` ## APIGateway v2 diff --git a/packages/@aws-cdk/aws-apigateway/lib/method.ts b/packages/@aws-cdk/aws-apigateway/lib/method.ts index 8746189f9bdaa..b2b32f8aa752e 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/method.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/method.ts @@ -1,5 +1,7 @@ +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import { ArnFormat, Lazy, Resource, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; +import { ApiGatewayMetrics } from './apigateway-canned-metrics.generated'; import { CfnMethod, CfnMethodProps } from './apigateway.generated'; import { Authorizer, IAuthorizer } from './authorizer'; import { Integration, IntegrationConfig } from './integration'; @@ -9,6 +11,7 @@ import { IModel } from './model'; import { IRequestValidator, RequestValidatorOptions } from './requestvalidator'; import { IResource } from './resource'; import { IRestApi, RestApi, RestApiBase } from './restapi'; +import { IStage } from './stage'; import { validateHttpMethod } from './util'; export interface MethodOptions { @@ -364,6 +367,100 @@ export class Method extends Resource { // For backward compatibility return options.requestValidator?.requestValidatorId; } + + /** + * Returns the given named metric for this API method + */ + public metric(metricName: string, stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return new cloudwatch.Metric({ + namespace: 'AWS/ApiGateway', + metricName, + dimensionsMap: { ApiName: this.api.restApiName, Method: this.httpMethod, Resource: this.resource.path, Stage: stage.stageName }, + ...props, + }).attachTo(this); + } + + /** + * Metric for the number of client-side errors captured in a given period. + * + * @default - sum over 5 minutes + */ + public metricClientError(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics._4XxErrorSum, stage, props); + } + + /** + * Metric for the number of server-side errors captured in a given period. + * + * @default - sum over 5 minutes + */ + public metricServerError(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics._5XxErrorSum, stage, props); + } + + /** + * Metric for the number of requests served from the API cache in a given period. + * + * @default - sum over 5 minutes + */ + public metricCacheHitCount(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.cacheHitCountSum, stage, props); + } + + /** + * Metric for the number of requests served from the backend in a given period, + * when API caching is enabled. + * + * @default - sum over 5 minutes + */ + public metricCacheMissCount(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.cacheMissCountSum, stage, props); + } + + /** + * Metric for the total number API requests in a given period. + * + * @default - sample count over 5 minutes + */ + public metricCount(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.countSum, stage, { + statistic: 'SampleCount', + ...props, + }); + } + + /** + * Metric for the time between when API Gateway relays a request to the backend + * and when it receives a response from the backend. + * + * @default - average over 5 minutes. + */ + public metricIntegrationLatency(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.integrationLatencyAverage, stage, props); + } + + /** + * The time between when API Gateway receives a request from a client + * and when it returns a response to the client. + * The latency includes the integration latency and other API Gateway overhead. + * + * @default - average over 5 minutes. + */ + public metricLatency(stage: IStage, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.latencyAverage, stage, props); + } + + private cannedMetric(fn: (dims: { + ApiName: string; + Method: string; + Resource: string; + Stage: string; + }) => cloudwatch.MetricProps, stage: IStage, props?: cloudwatch.MetricOptions) { + return new cloudwatch.Metric({ + ...fn({ ApiName: this.api.restApiName, Method: this.httpMethod, Resource: this.resource.path, Stage: stage.stageName }), + ...props, + }).attachTo(this); + } } export enum AuthorizationType { diff --git a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts index 450df5003dc39..2eb6a6d2d1e73 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts @@ -28,6 +28,12 @@ export interface IRestApi extends IResourceBase { */ readonly restApiId: string; + /** + * The name of this API Gateway RestApi. + * @attribute + */ + readonly restApiName: string; + /** * The resource ID of the root resource. * @attribute @@ -673,6 +679,13 @@ export interface RestApiAttributes { */ readonly restApiId: string; + /** + * The name of the API Gateway RestApi. + * + * @default - ID of the RestApi construct. + */ + readonly restApiName?: string; + /** * The resource ID of the root resource. */ @@ -713,6 +726,7 @@ export class RestApi extends RestApiBase { public static fromRestApiAttributes(scope: Construct, id: string, attrs: RestApiAttributes): IRestApi { class Import extends RestApiBase { public readonly restApiId = attrs.restApiId; + public readonly restApiName = attrs.restApiName ?? id; public readonly restApiRootResourceId = attrs.rootResourceId; public readonly root: IResource = new RootResource(this, {}, this.restApiRootResourceId); } diff --git a/packages/@aws-cdk/aws-apigateway/lib/stage.ts b/packages/@aws-cdk/aws-apigateway/lib/stage.ts index 846eebfc5d613..281ee326db34d 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/stage.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/stage.ts @@ -1,6 +1,8 @@ +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import { ArnFormat, Duration, IResource, Resource, Stack, Token } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { AccessLogFormat, IAccessLogDestination } from './access-log'; +import { ApiGatewayMetrics } from './apigateway-canned-metrics.generated'; import { CfnStage } from './apigateway.generated'; import { Deployment } from './deployment'; import { IRestApi, RestApiBase } from './restapi'; @@ -348,4 +350,93 @@ export class Stage extends Resource implements IStage { }; } } + + /** + * Returns the given named metric for this stage + */ + public metric(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return new cloudwatch.Metric({ + namespace: 'AWS/ApiGateway', + metricName, + dimensionsMap: { ApiName: this.restApi.restApiName, Stage: this.stageName }, + ...props, + }).attachTo(this); + } + + /** + * Metric for the number of client-side errors captured in a given period. + * + * @default - sum over 5 minutes + */ + public metricClientError(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics._4XxErrorSum, props); + } + + /** + * Metric for the number of server-side errors captured in a given period. + * + * @default - sum over 5 minutes + */ + public metricServerError(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics._5XxErrorSum, props); + } + + /** + * Metric for the number of requests served from the API cache in a given period. + * + * @default - sum over 5 minutes + */ + public metricCacheHitCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.cacheHitCountSum, props); + } + + /** + * Metric for the number of requests served from the backend in a given period, + * when API caching is enabled. + * + * @default - sum over 5 minutes + */ + public metricCacheMissCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.cacheMissCountSum, props); + } + + /** + * Metric for the total number API requests in a given period. + * + * @default - sample count over 5 minutes + */ + public metricCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.countSum, { + statistic: 'SampleCount', + ...props, + }); + } + + /** + * Metric for the time between when API Gateway relays a request to the backend + * and when it receives a response from the backend. + * + * @default - average over 5 minutes. + */ + public metricIntegrationLatency(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.integrationLatencyAverage, props); + } + + /** + * The time between when API Gateway receives a request from a client + * and when it returns a response to the client. + * The latency includes the integration latency and other API Gateway overhead. + * + * @default - average over 5 minutes. + */ + public metricLatency(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.cannedMetric(ApiGatewayMetrics.latencyAverage, props); + } + + private cannedMetric(fn: (dims: { ApiName: string; Stage: string }) => cloudwatch.MetricProps, props?: cloudwatch.MetricOptions) { + return new cloudwatch.Metric({ + ...fn({ ApiName: this.restApi.restApiName, Stage: this.stageName }), + ...props, + }).attachTo(this); + } } diff --git a/packages/@aws-cdk/aws-apigateway/package.json b/packages/@aws-cdk/aws-apigateway/package.json index 20b88e9516ce4..b6f3c28297160 100644 --- a/packages/@aws-cdk/aws-apigateway/package.json +++ b/packages/@aws-cdk/aws-apigateway/package.json @@ -80,6 +80,7 @@ }, "license": "Apache-2.0", "devDependencies": { + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", diff --git a/packages/@aws-cdk/aws-apigateway/test/integ.restapi-metrics.ts b/packages/@aws-cdk/aws-apigateway/test/integ.restapi-metrics.ts new file mode 100644 index 0000000000000..e4b39f4a6590d --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/integ.restapi-metrics.ts @@ -0,0 +1,34 @@ +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as apigw from '../lib'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'restapi-metrics'); +const restApi = new apigw.RestApi(stack, 'Api'); +const stage = restApi.deploymentStage; +const method = restApi.root.addMethod('GET'); + +new cloudwatch.Alarm(stack, 'RestApiAlarm', { + metric: restApi.metricClientError(), + evaluationPeriods: 1, + threshold: 1, +}); + +new cloudwatch.Alarm(stack, 'MethodAlarm', { + metric: method.metricServerError(stage), + evaluationPeriods: 1, + threshold: 1, +}); + +new cloudwatch.Alarm(stack, 'StageAlarm', { + metric: stage.metricCount(), + evaluationPeriods: 1, + threshold: 1, +}); + +new integ.IntegTest(app, 'MetricsTest', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-apigateway/test/method.test.ts b/packages/@aws-cdk/aws-apigateway/test/method.test.ts index 1540a7d27ad16..a84f0e023b12c 100644 --- a/packages/@aws-cdk/aws-apigateway/test/method.test.ts +++ b/packages/@aws-cdk/aws-apigateway/test/method.test.ts @@ -935,4 +935,143 @@ describe('method', () => { }); + + describe('Metrics', () => { + test('metric', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const metricName = '4XXError'; + const statistic = 'Sum'; + const metric = method.metric(metricName, api.deploymentStage, { statistic }); + + // THEN + expect(metric.namespace).toEqual('AWS/ApiGateway'); + expect(metric.metricName).toEqual(metricName); + expect(metric.statistic).toEqual(statistic); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricClientError', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricClientError(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('4XXError'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricServerError', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricServerError(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('5XXError'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricCacheHitCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricCacheHitCount(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('CacheHitCount'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricCacheMissCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricCacheMissCount(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('CacheMissCount'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricCount(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('Count'); + expect(metric.statistic).toEqual('SampleCount'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricIntegrationLatency', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricIntegrationLatency(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('IntegrationLatency'); + expect(metric.statistic).toEqual('Average'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + + test('metricLatency', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigw.RestApi(stack, 'test-api'); + const method = api.root.addResource('pets').addMethod('GET'); + const color = '#00ff00'; + const metric = method.metricLatency(api.deploymentStage, { color }); + + // THEN + expect(metric.metricName).toEqual('Latency'); + expect(metric.statistic).toEqual('Average'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Method: 'GET', Resource: '/pets', Stage: api.deploymentStage.stageName }); + }); + }); }); diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/MetricsTestDefaultTestDeployAssertEA4ED73F.template.json b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/MetricsTestDefaultTestDeployAssertEA4ED73F.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/MetricsTestDefaultTestDeployAssertEA4ED73F.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/cdk.out similarity index 100% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/cdk.out rename to packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/cdk.out diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/integ.json b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/integ.json new file mode 100644 index 0000000000000..22a4b89662dc8 --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "MetricsTest/DefaultTest": { + "stacks": [ + "restapi-metrics" + ], + "assertionStack": "MetricsTestDefaultTestDeployAssertEA4ED73F" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..726c21d8d70fb --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/manifest.json @@ -0,0 +1,91 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "restapi-metrics": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "restapi-metrics.template.json", + "validateOnSynth": false + }, + "metadata": { + "/restapi-metrics/Api/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiF70053CD" + } + ], + "/restapi-metrics/Api/CloudWatchRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiCloudWatchRole73EC6FC4" + } + ], + "/restapi-metrics/Api/Account": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiAccountA18C9B29" + } + ], + "/restapi-metrics/Api/Deployment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiDeploymentB17BE62Df672ad8455f9678e4a3db5854bdb8d73" + } + ], + "/restapi-metrics/Api/DeploymentStage.prod/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiDeploymentStageprod3EB9684E" + } + ], + "/restapi-metrics/Api/Endpoint": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiEndpoint4F160690" + } + ], + "/restapi-metrics/Api/Default/GET/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiGET9257B917" + } + ], + "/restapi-metrics/RestApiAlarm/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "RestApiAlarm9B915321" + } + ], + "/restapi-metrics/MethodAlarm/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MethodAlarm14370C32" + } + ], + "/restapi-metrics/StageAlarm/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StageAlarm5DB1CE5B" + } + ] + }, + "displayName": "restapi-metrics" + }, + "MetricsTestDefaultTestDeployAssertEA4ED73F": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "MetricsTestDefaultTestDeployAssertEA4ED73F.template.json", + "validateOnSynth": false + }, + "displayName": "MetricsTest/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/restapi-metrics.template.json b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/restapi-metrics.template.json new file mode 100644 index 0000000000000..fee56e0a5be32 --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/restapi-metrics.template.json @@ -0,0 +1,203 @@ +{ + "Resources": { + "ApiF70053CD": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Name": "Api" + } + }, + "ApiCloudWatchRole73EC6FC4": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "apigateway.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs" + ] + ] + } + ] + } + }, + "ApiAccountA18C9B29": { + "Type": "AWS::ApiGateway::Account", + "Properties": { + "CloudWatchRoleArn": { + "Fn::GetAtt": [ + "ApiCloudWatchRole73EC6FC4", + "Arn" + ] + } + }, + "DependsOn": [ + "ApiF70053CD" + ] + }, + "ApiDeploymentB17BE62Df672ad8455f9678e4a3db5854bdb8d73": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "RestApiId": { + "Ref": "ApiF70053CD" + }, + "Description": "Automatically created by the RestApi construct" + }, + "DependsOn": [ + "ApiGET9257B917" + ] + }, + "ApiDeploymentStageprod3EB9684E": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "RestApiId": { + "Ref": "ApiF70053CD" + }, + "DeploymentId": { + "Ref": "ApiDeploymentB17BE62Df672ad8455f9678e4a3db5854bdb8d73" + }, + "StageName": "prod" + }, + "DependsOn": [ + "ApiAccountA18C9B29" + ] + }, + "ApiGET9257B917": { + "Type": "AWS::ApiGateway::Method", + "Properties": { + "HttpMethod": "GET", + "ResourceId": { + "Fn::GetAtt": [ + "ApiF70053CD", + "RootResourceId" + ] + }, + "RestApiId": { + "Ref": "ApiF70053CD" + }, + "AuthorizationType": "NONE", + "Integration": { + "Type": "MOCK" + } + } + }, + "RestApiAlarm9B915321": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "Dimensions": [ + { + "Name": "ApiName", + "Value": "Api" + } + ], + "MetricName": "4XXError", + "Namespace": "AWS/ApiGateway", + "Period": 300, + "Statistic": "Sum", + "Threshold": 1 + } + }, + "MethodAlarm14370C32": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "Dimensions": [ + { + "Name": "ApiName", + "Value": "Api" + }, + { + "Name": "Method", + "Value": "GET" + }, + { + "Name": "Resource", + "Value": "/" + }, + { + "Name": "Stage", + "Value": { + "Ref": "ApiDeploymentStageprod3EB9684E" + } + } + ], + "MetricName": "5XXError", + "Namespace": "AWS/ApiGateway", + "Period": 300, + "Statistic": "Sum", + "Threshold": 1 + } + }, + "StageAlarm5DB1CE5B": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "Dimensions": [ + { + "Name": "ApiName", + "Value": "Api" + }, + { + "Name": "Stage", + "Value": { + "Ref": "ApiDeploymentStageprod3EB9684E" + } + } + ], + "MetricName": "Count", + "Namespace": "AWS/ApiGateway", + "Period": 300, + "Statistic": "SampleCount", + "Threshold": 1 + } + } + }, + "Outputs": { + "ApiEndpoint4F160690": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "ApiF70053CD" + }, + ".execute-api.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/", + { + "Ref": "ApiDeploymentStageprod3EB9684E" + }, + "/" + ] + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/tree.json b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/tree.json new file mode 100644 index 0000000000000..33d2c195a4e95 --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/test/restapi-metrics.integ.snapshot/tree.json @@ -0,0 +1,399 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.33" + } + }, + "restapi-metrics": { + "id": "restapi-metrics", + "path": "restapi-metrics", + "children": { + "Api": { + "id": "Api", + "path": "restapi-metrics/Api", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/Api/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGateway::RestApi", + "aws:cdk:cloudformation:props": { + "name": "Api" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.CfnRestApi", + "version": "0.0.0" + } + }, + "CloudWatchRole": { + "id": "CloudWatchRole", + "path": "restapi-metrics/Api/CloudWatchRole", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/Api/CloudWatchRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "apigateway.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Account": { + "id": "Account", + "path": "restapi-metrics/Api/Account", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGateway::Account", + "aws:cdk:cloudformation:props": { + "cloudWatchRoleArn": { + "Fn::GetAtt": [ + "ApiCloudWatchRole73EC6FC4", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.CfnAccount", + "version": "0.0.0" + } + }, + "Deployment": { + "id": "Deployment", + "path": "restapi-metrics/Api/Deployment", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/Api/Deployment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGateway::Deployment", + "aws:cdk:cloudformation:props": { + "restApiId": { + "Ref": "ApiF70053CD" + }, + "description": "Automatically created by the RestApi construct" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.CfnDeployment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.Deployment", + "version": "0.0.0" + } + }, + "DeploymentStage.prod": { + "id": "DeploymentStage.prod", + "path": "restapi-metrics/Api/DeploymentStage.prod", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/Api/DeploymentStage.prod/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGateway::Stage", + "aws:cdk:cloudformation:props": { + "restApiId": { + "Ref": "ApiF70053CD" + }, + "deploymentId": { + "Ref": "ApiDeploymentB17BE62Df672ad8455f9678e4a3db5854bdb8d73" + }, + "stageName": "prod" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.CfnStage", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.Stage", + "version": "0.0.0" + } + }, + "Endpoint": { + "id": "Endpoint", + "path": "restapi-metrics/Api/Endpoint", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "restapi-metrics/Api/Default", + "children": { + "GET": { + "id": "GET", + "path": "restapi-metrics/Api/Default/GET", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/Api/Default/GET/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGateway::Method", + "aws:cdk:cloudformation:props": { + "httpMethod": "GET", + "resourceId": { + "Fn::GetAtt": [ + "ApiF70053CD", + "RootResourceId" + ] + }, + "restApiId": { + "Ref": "ApiF70053CD" + }, + "authorizationType": "NONE", + "integration": { + "type": "MOCK" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.CfnMethod", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.Method", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.ResourceBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigateway.RestApi", + "version": "0.0.0" + } + }, + "RestApiAlarm": { + "id": "RestApiAlarm", + "path": "restapi-metrics/RestApiAlarm", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/RestApiAlarm/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CloudWatch::Alarm", + "aws:cdk:cloudformation:props": { + "comparisonOperator": "GreaterThanOrEqualToThreshold", + "evaluationPeriods": 1, + "dimensions": [ + { + "name": "ApiName", + "value": "Api" + } + ], + "metricName": "4XXError", + "namespace": "AWS/ApiGateway", + "period": 300, + "statistic": "Sum", + "threshold": 1 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.CfnAlarm", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.Alarm", + "version": "0.0.0" + } + }, + "MethodAlarm": { + "id": "MethodAlarm", + "path": "restapi-metrics/MethodAlarm", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/MethodAlarm/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CloudWatch::Alarm", + "aws:cdk:cloudformation:props": { + "comparisonOperator": "GreaterThanOrEqualToThreshold", + "evaluationPeriods": 1, + "dimensions": [ + { + "name": "ApiName", + "value": "Api" + }, + { + "name": "Method", + "value": "GET" + }, + { + "name": "Resource", + "value": "/" + }, + { + "name": "Stage", + "value": { + "Ref": "ApiDeploymentStageprod3EB9684E" + } + } + ], + "metricName": "5XXError", + "namespace": "AWS/ApiGateway", + "period": 300, + "statistic": "Sum", + "threshold": 1 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.CfnAlarm", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.Alarm", + "version": "0.0.0" + } + }, + "StageAlarm": { + "id": "StageAlarm", + "path": "restapi-metrics/StageAlarm", + "children": { + "Resource": { + "id": "Resource", + "path": "restapi-metrics/StageAlarm/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CloudWatch::Alarm", + "aws:cdk:cloudformation:props": { + "comparisonOperator": "GreaterThanOrEqualToThreshold", + "evaluationPeriods": 1, + "dimensions": [ + { + "name": "ApiName", + "value": "Api" + }, + { + "name": "Stage", + "value": { + "Ref": "ApiDeploymentStageprod3EB9684E" + } + } + ], + "metricName": "Count", + "namespace": "AWS/ApiGateway", + "period": 300, + "statistic": "SampleCount", + "threshold": 1 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.CfnAlarm", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cloudwatch.Alarm", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "MetricsTest": { + "id": "MetricsTest", + "path": "MetricsTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "MetricsTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "MetricsTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.33" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "MetricsTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigateway/test/restapi.test.ts b/packages/@aws-cdk/aws-apigateway/test/restapi.test.ts index ee7cce939bb91..a9c581bd4e6c7 100644 --- a/packages/@aws-cdk/aws-apigateway/test/restapi.test.ts +++ b/packages/@aws-cdk/aws-apigateway/test/restapi.test.ts @@ -860,6 +860,7 @@ describe('restapi', () => { // THEN expect(stack.resolve(imported.restApiId)).toEqual('api-rxt4498f'); + expect(imported.restApiName).toEqual('imported-api'); }); test('fromRestApiAttributes()', () => { @@ -883,6 +884,32 @@ describe('restapi', () => { HttpMethod: 'GET', ResourceId: stack.resolve(resource.resourceId), }); + expect(imported.restApiName).toEqual('imported-api'); + }); + + test('fromRestApiAttributes() with restApiName', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const imported = apigw.RestApi.fromRestApiAttributes(stack, 'imported-api', { + restApiId: 'test-restapi-id', + rootResourceId: 'test-root-resource-id', + restApiName: 'test-restapi-name', + }); + const resource = imported.root.addResource('pets'); + resource.addMethod('GET'); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ApiGateway::Resource', { + PathPart: 'pets', + ParentId: stack.resolve(imported.restApiRootResourceId), + }); + Template.fromStack(stack).hasResourceProperties('AWS::ApiGateway::Method', { + HttpMethod: 'GET', + ResourceId: stack.resolve(resource.resourceId), + }); + expect(imported.restApiName).toEqual('test-restapi-name'); }); }); diff --git a/packages/@aws-cdk/aws-apigateway/test/stage.test.ts b/packages/@aws-cdk/aws-apigateway/test/stage.test.ts index b4181ce2f1af0..01be121666278 100644 --- a/packages/@aws-cdk/aws-apigateway/test/stage.test.ts +++ b/packages/@aws-cdk/aws-apigateway/test/stage.test.ts @@ -423,4 +423,135 @@ describe('stage', () => { }], }); }); + + describe('Metrics', () => { + test('metric', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const metricName = '4XXError'; + const statistic = 'Sum'; + const metric = api.deploymentStage.metric(metricName, { statistic }); + + // THEN + expect(metric.namespace).toEqual('AWS/ApiGateway'); + expect(metric.metricName).toEqual(metricName); + expect(metric.statistic).toEqual(statistic); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricClientError', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricClientError({ color }); + + // THEN + expect(metric.metricName).toEqual('4XXError'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricServerError', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricServerError({ color }); + + // THEN + expect(metric.metricName).toEqual('5XXError'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricCacheHitCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricCacheHitCount({ color }); + + // THEN + expect(metric.metricName).toEqual('CacheHitCount'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricCacheMissCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricCacheMissCount({ color }); + + // THEN + expect(metric.metricName).toEqual('CacheMissCount'); + expect(metric.statistic).toEqual('Sum'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricCount', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricCount({ color }); + + // THEN + expect(metric.metricName).toEqual('Count'); + expect(metric.statistic).toEqual('SampleCount'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricIntegrationLatency', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricIntegrationLatency({ color }); + + // THEN + expect(metric.metricName).toEqual('IntegrationLatency'); + expect(metric.statistic).toEqual('Average'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + + test('metricLatency', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const api = new apigateway.RestApi(stack, 'test-api'); + const color = '#00ff00'; + const metric = api.deploymentStage.metricLatency({ color }); + + // THEN + expect(metric.metricName).toEqual('Latency'); + expect(metric.statistic).toEqual('Average'); + expect(metric.color).toEqual(color); + expect(metric.dimensions).toEqual({ ApiName: 'test-api', Stage: api.deploymentStage.stageName }); + }); + }); }); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/README.md b/packages/@aws-cdk/aws-apigatewayv2-authorizers/README.md index 16a7b3c591b27..2320be5505ba4 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/README.md @@ -28,6 +28,7 @@ - [IAM Authorizers](#iam-authorizers) - [WebSocket APIs](#websocket-apis) - [Lambda Authorizer](#lambda-authorizer) + - [IAM Authorizers](#iam-authorizer) ## Introduction @@ -256,3 +257,42 @@ new apigwv2.WebSocketApi(this, 'WebSocketApi', { }, }); ``` + +### IAM Authorizer + +IAM authorizers can be used to allow identity-based access to your WebSocket API. + +```ts +import { WebSocketIamAuthorizer } from '@aws-cdk/aws-apigatewayv2-authorizers'; +import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations'; + +// This function handles your connect route +declare const connectHandler: lambda.Function; + +const webSocketApi = new apigwv2.WebSocketApi(this, 'WebSocketApi'); + +webSocketApi.addRoute('$connect', { + integration: new WebSocketLambdaIntegration('Integration', connectHandler), + authorizer: new WebSocketIamAuthorizer() +}); + +// Create an IAM user (identity) +const user = new iam.User(this, 'User'); + +const webSocketArn = Stack.of(this).formatArn({ + service: 'execute-api', + resource: webSocketApi.apiId, +}); + +// Grant access to the IAM user +user.attachInlinePolicy(new iam.Policy(this, 'AllowInvoke', { + statements: [ + new iam.PolicyStatement({ + actions: ['execute-api:Invoke'], + effect: iam.Effect.ALLOW, + resources: [webSocketArn], + }), + ], +})); + +``` diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/iam.ts new file mode 100644 index 0000000000000..1adac6766e3b7 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/iam.ts @@ -0,0 +1,19 @@ +import { + WebSocketAuthorizerType, + WebSocketRouteAuthorizerBindOptions, + WebSocketRouteAuthorizerConfig, + IWebSocketRouteAuthorizer, +} from '@aws-cdk/aws-apigatewayv2'; + +/** + * Authorize WebSocket API Routes with IAM + */ +export class WebSocketIamAuthorizer implements IWebSocketRouteAuthorizer { + public bind( + _options: WebSocketRouteAuthorizerBindOptions, + ): WebSocketRouteAuthorizerConfig { + return { + authorizationType: WebSocketAuthorizerType.IAM, + }; + } +} diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/index.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/index.ts index 04a64da0c7540..645c9d0758583 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/index.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/lib/websocket/index.ts @@ -1 +1,2 @@ export * from './lambda'; +export * from './iam'; diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json index 9327e2d103707..54aea78d30e1f 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json @@ -86,6 +86,7 @@ "@aws-cdk/integ-runner": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/aws-lambda": "^8.10.101", + "@aws-cdk/integ-tests": "0.0.0", "@types/jest": "^27.5.2" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/IntegApiGatewayV2Iam.template.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/IntegApiGatewayV2Iam.template.json new file mode 100644 index 0000000000000..8083d38ced5f5 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/IntegApiGatewayV2Iam.template.json @@ -0,0 +1,226 @@ +{ + "Resources": { + "User00B015A1": { + "Type": "AWS::IAM::User" + }, + "UserAccessEC42ADF7": { + "Type": "AWS::IAM::AccessKey", + "Properties": { + "UserName": { + "Ref": "User00B015A1" + } + } + }, + "authfunctionServiceRoleFCB72198": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "authfunction96361832": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "exports.handler = () => {return true}" + }, + "Role": { + "Fn::GetAtt": [ + "authfunctionServiceRoleFCB72198", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "nodejs14.x" + }, + "DependsOn": [ + "authfunctionServiceRoleFCB72198" + ] + }, + "WebSocketApi34BCF99B": { + "Type": "AWS::ApiGatewayV2::Api", + "Properties": { + "Name": "WebSocketApi", + "ProtocolType": "WEBSOCKET", + "RouteSelectionExpression": "$request.body.action" + } + }, + "WebSocketApiconnectRouteWebSocketLambdaIntegrationPermission76CD86C6": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "authfunction96361832", + "Arn" + ] + }, + "Principal": "apigateway.amazonaws.com", + "SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "WebSocketApi34BCF99B" + }, + "/*/*$connect" + ] + ] + } + } + }, + "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD": { + "Type": "AWS::ApiGatewayV2::Integration", + "Properties": { + "ApiId": { + "Ref": "WebSocketApi34BCF99B" + }, + "IntegrationType": "AWS_PROXY", + "IntegrationUri": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":apigateway:", + { + "Ref": "AWS::Region" + }, + ":lambda:path/2015-03-31/functions/", + { + "Fn::GetAtt": [ + "authfunction96361832", + "Arn" + ] + }, + "/invocations" + ] + ] + } + } + }, + "WebSocketApiconnectRoute846149DD": { + "Type": "AWS::ApiGatewayV2::Route", + "Properties": { + "ApiId": { + "Ref": "WebSocketApi34BCF99B" + }, + "RouteKey": "$connect", + "AuthorizationType": "AWS_IAM", + "Target": { + "Fn::Join": [ + "", + [ + "integrations/", + { + "Ref": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" + } + ] + ] + } + } + }, + "AllowInvoke767865EA": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "execute-api:Invoke", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "WebSocketApi34BCF99B" + } + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "AllowInvoke767865EA", + "Users": [ + { + "Ref": "User00B015A1" + } + ] + } + } + }, + "Outputs": { + "TESTACCESSKEYID": { + "Value": { + "Ref": "UserAccessEC42ADF7" + } + }, + "TESTSECRETACCESSKEY": { + "Value": { + "Fn::GetAtt": [ + "UserAccessEC42ADF7", + "SecretAccessKey" + ] + } + }, + "TESTREGION": { + "Value": { + "Ref": "AWS::Region" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/integ.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/integ.json new file mode 100644 index 0000000000000..c1ef6336fee4f --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "ApiGatewayV2WebSocketIamTest/DefaultTest": { + "stacks": [ + "IntegApiGatewayV2Iam" + ], + "assertionStack": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..0731b24a3b278 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/manifest.json @@ -0,0 +1,103 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "IntegApiGatewayV2Iam": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegApiGatewayV2Iam.template.json", + "validateOnSynth": false + }, + "metadata": { + "/IntegApiGatewayV2Iam/User/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "User00B015A1" + } + ], + "/IntegApiGatewayV2Iam/UserAccess/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "UserAccessEC42ADF7" + } + ], + "/IntegApiGatewayV2Iam/auth-function/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "authfunctionServiceRoleFCB72198" + } + ], + "/IntegApiGatewayV2Iam/auth-function/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "authfunction96361832" + } + ], + "/IntegApiGatewayV2Iam/WebSocketApi/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "WebSocketApi34BCF99B" + } + ], + "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration-Permission": [ + { + "type": "aws:cdk:logicalId", + "data": "WebSocketApiconnectRouteWebSocketLambdaIntegrationPermission76CD86C6" + } + ], + "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" + } + ], + "/IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "WebSocketApiconnectRoute846149DD" + } + ], + "/IntegApiGatewayV2Iam/AllowInvoke/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AllowInvoke767865EA" + } + ], + "/IntegApiGatewayV2Iam/TESTACCESSKEYID": [ + { + "type": "aws:cdk:logicalId", + "data": "TESTACCESSKEYID" + } + ], + "/IntegApiGatewayV2Iam/TESTSECRETACCESSKEY": [ + { + "type": "aws:cdk:logicalId", + "data": "TESTSECRETACCESSKEY" + } + ], + "/IntegApiGatewayV2Iam/TESTREGION": [ + { + "type": "aws:cdk:logicalId", + "data": "TESTREGION" + } + ] + }, + "displayName": "IntegApiGatewayV2Iam" + }, + "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "ApiGatewayV2WebSocketIamTestDefaultTestDeployAssert2B412D7B.template.json", + "validateOnSynth": false + }, + "displayName": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/tree.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/tree.json new file mode 100644 index 0000000000000..f0b23496709c0 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.integ.snapshot/tree.json @@ -0,0 +1,443 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "IntegApiGatewayV2Iam": { + "id": "IntegApiGatewayV2Iam", + "path": "IntegApiGatewayV2Iam", + "children": { + "User": { + "id": "User", + "path": "IntegApiGatewayV2Iam/User", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/User/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::User", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnUser", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.User", + "version": "0.0.0" + } + }, + "UserAccess": { + "id": "UserAccess", + "path": "IntegApiGatewayV2Iam/UserAccess", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/UserAccess/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::AccessKey", + "aws:cdk:cloudformation:props": { + "userName": { + "Ref": "User00B015A1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnAccessKey", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.AccessKey", + "version": "0.0.0" + } + }, + "auth-function": { + "id": "auth-function", + "path": "IntegApiGatewayV2Iam/auth-function", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "IntegApiGatewayV2Iam/auth-function/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/auth-function/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/auth-function/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "exports.handler = () => {return true}" + }, + "role": { + "Fn::GetAtt": [ + "authfunctionServiceRoleFCB72198", + "Arn" + ] + }, + "handler": "index.handler", + "runtime": "nodejs14.x" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "WebSocketApi": { + "id": "WebSocketApi", + "path": "IntegApiGatewayV2Iam/WebSocketApi", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/WebSocketApi/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Api", + "aws:cdk:cloudformation:props": { + "name": "WebSocketApi", + "protocolType": "WEBSOCKET", + "routeSelectionExpression": "$request.body.action" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.CfnApi", + "version": "0.0.0" + } + }, + "$connect-Route": { + "id": "$connect-Route", + "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route", + "children": { + "WebSocketLambdaIntegration-Permission": { + "id": "WebSocketLambdaIntegration-Permission", + "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration-Permission", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "authfunction96361832", + "Arn" + ] + }, + "principal": "apigateway.amazonaws.com", + "sourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "WebSocketApi34BCF99B" + }, + "/*/*$connect" + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + }, + "WebSocketLambdaIntegration": { + "id": "WebSocketLambdaIntegration", + "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/WebSocketLambdaIntegration/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Integration", + "aws:cdk:cloudformation:props": { + "apiId": { + "Ref": "WebSocketApi34BCF99B" + }, + "integrationType": "AWS_PROXY", + "integrationUri": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":apigateway:", + { + "Ref": "AWS::Region" + }, + ":lambda:path/2015-03-31/functions/", + { + "Fn::GetAtt": [ + "authfunction96361832", + "Arn" + ] + }, + "/invocations" + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.CfnIntegration", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.WebSocketIntegration", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/WebSocketApi/$connect-Route/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ApiGatewayV2::Route", + "aws:cdk:cloudformation:props": { + "apiId": { + "Ref": "WebSocketApi34BCF99B" + }, + "routeKey": "$connect", + "authorizationType": "AWS_IAM", + "target": { + "Fn::Join": [ + "", + [ + "integrations/", + { + "Ref": "WebSocketApiconnectRouteWebSocketLambdaIntegration3D2B13DD" + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.WebSocketRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apigatewayv2.WebSocketApi", + "version": "0.0.0" + } + }, + "AllowInvoke": { + "id": "AllowInvoke", + "path": "IntegApiGatewayV2Iam/AllowInvoke", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegApiGatewayV2Iam/AllowInvoke/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "execute-api:Invoke", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":execute-api:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":", + { + "Ref": "WebSocketApi34BCF99B" + } + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "AllowInvoke767865EA", + "users": [ + { + "Ref": "User00B015A1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + }, + "TESTACCESSKEYID": { + "id": "TESTACCESSKEYID", + "path": "IntegApiGatewayV2Iam/TESTACCESSKEYID", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TESTSECRETACCESSKEY": { + "id": "TESTSECRETACCESSKEY", + "path": "IntegApiGatewayV2Iam/TESTSECRETACCESSKEY", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TESTREGION": { + "id": "TESTREGION", + "path": "IntegApiGatewayV2Iam/TESTREGION", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "ApiGatewayV2WebSocketIamTest": { + "id": "ApiGatewayV2WebSocketIamTest", + "path": "ApiGatewayV2WebSocketIamTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "ApiGatewayV2WebSocketIamTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "ApiGatewayV2WebSocketIamTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.test.ts new file mode 100644 index 0000000000000..f0f34a3c11214 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/iam.test.ts @@ -0,0 +1,36 @@ +import { Template } from '@aws-cdk/assertions'; +import { WebSocketApi } from '@aws-cdk/aws-apigatewayv2'; +import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations'; +import { Code, Function, Runtime } from '@aws-cdk/aws-lambda'; +import { Stack } from '@aws-cdk/core'; +import { WebSocketIamAuthorizer } from '../../lib'; + +describe('WebSocketLambdaAuthorizer', () => { + test('default', () => { + const stack = new Stack(); + + const handler = new Function(stack, 'auth-function', { + runtime: Runtime.NODEJS_14_X, + code: Code.fromInline('exports.handler = () => {return true}'), + handler: 'index.handler', + }); + const integration = new WebSocketLambdaIntegration('Integration', handler); + + const authorizer = new WebSocketIamAuthorizer(); + + new WebSocketApi(stack, 'WebSocketApi', { + connectRouteOptions: { + integration, + authorizer, + }, + }); + + Template.fromStack(stack).hasResourceProperties( + 'AWS::ApiGatewayV2::Route', + { + RouteKey: '$connect', + AuthorizationType: 'AWS_IAM', + }, + ); + }); +}); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/integ.iam.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/integ.iam.ts new file mode 100644 index 0000000000000..281268ab6bee8 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/websocket/integ.iam.ts @@ -0,0 +1,61 @@ +import * as apigatewayv2 from '@aws-cdk/aws-apigatewayv2'; +import { WebSocketLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations'; +import * as iam from '@aws-cdk/aws-iam'; +import { Code, Function, Runtime } from '@aws-cdk/aws-lambda'; +import * as cdk from '@aws-cdk/core'; +import { Stack } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import { WebSocketIamAuthorizer } from '../../lib'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'IntegApiGatewayV2Iam'); +const user = new iam.User(stack, 'User'); +const userAccessKey = new iam.AccessKey(stack, 'UserAccess', { + user, +}); + +const handler = new Function(stack, 'auth-function', { + runtime: Runtime.NODEJS_14_X, + code: Code.fromInline('exports.handler = () => {return true}'), + handler: 'index.handler', +}); + +const webSocketApi = new apigatewayv2.WebSocketApi(stack, 'WebSocketApi', { + connectRouteOptions: { + integration: new WebSocketLambdaIntegration('WebSocketLambdaIntegration', handler), + authorizer: new WebSocketIamAuthorizer(), + }, +}); + +const arn = Stack.of(stack).formatArn({ + service: 'execute-api', + resource: webSocketApi.apiId, +}); + +user.attachInlinePolicy(new iam.Policy(stack, 'AllowInvoke', { + statements: [ + new iam.PolicyStatement({ + actions: ['execute-api:Invoke'], + effect: iam.Effect.ALLOW, + resources: [arn], + }), + ], +})); + +new integ.IntegTest(app, 'ApiGatewayV2WebSocketIamTest', { + testCases: [stack], +}); + +new cdk.CfnOutput(stack, 'TESTACCESSKEYID', { + value: userAccessKey.accessKeyId, +}); + +new cdk.CfnOutput(stack, 'TESTSECRETACCESSKEY', { + value: userAccessKey.secretAccessKey.unsafeUnwrap(), +}); + +new cdk.CfnOutput(stack, 'TESTREGION', { + value: stack.region, +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/authorizer.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/authorizer.ts index 5abb420c80bad..28d002d3a1044 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/authorizer.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/authorizer.ts @@ -12,6 +12,9 @@ import { IWebSocketRoute } from './route'; export enum WebSocketAuthorizerType { /** Lambda Authorizer */ LAMBDA = 'REQUEST', + + /** IAM Authorizer */ + IAM = 'AWS_IAM', } /** @@ -22,12 +25,12 @@ export interface WebSocketAuthorizerProps { * Name of the authorizer * @default - id of the WebSocketAuthorizer construct. */ - readonly authorizerName?: string + readonly authorizerName?: string; /** * WebSocket Api to attach the authorizer to */ - readonly webSocketApi: IWebSocketApi + readonly webSocketApi: IWebSocketApi; /** * The type of authorizer @@ -53,8 +56,7 @@ export interface WebSocketAuthorizerProps { /** * An authorizer for WebSocket APIs */ -export interface IWebSocketAuthorizer extends IAuthorizer { -} +export interface IWebSocketAuthorizer extends IAuthorizer {} /** * Reference to an WebSocket authorizer @@ -63,7 +65,7 @@ export interface WebSocketAuthorizerAttributes { /** * Id of the Authorizer */ - readonly authorizerId: string + readonly authorizerId: string; /** * Type of authorizer @@ -72,7 +74,7 @@ export interface WebSocketAuthorizerAttributes { * - CUSTOM - Lambda Authorizer * - NONE - No Authorization */ - readonly authorizerType: string + readonly authorizerType: string; } /** diff --git a/packages/@aws-cdk/aws-appmesh/lib/route-spec.ts b/packages/@aws-cdk/aws-appmesh/lib/route-spec.ts index e5ae7d9352f58..0ef904e03af24 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/route-spec.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/route-spec.ts @@ -585,7 +585,7 @@ function renderWeightedTargets(weightedTargets: WeightedTarget[]): CfnRoute.Weig for (const t of weightedTargets) { renderedTargets.push({ virtualNode: t.virtualNode.virtualNodeName, - weight: t.weight || 1, + weight: t.weight == undefined ? 1 : t.weight, }); } return renderedTargets; diff --git a/packages/@aws-cdk/aws-appmesh/test/route.test.ts b/packages/@aws-cdk/aws-appmesh/test/route.test.ts index 130a46f058f63..513e15c3356cd 100644 --- a/packages/@aws-cdk/aws-appmesh/test/route.test.ts +++ b/packages/@aws-cdk/aws-appmesh/test/route.test.ts @@ -1361,6 +1361,77 @@ describe('route', () => { }); }); + test('should allow zero weight route', () => { + // GIVEN + const stack = new cdk.Stack(); + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + const router = new appmesh.VirtualRouter(stack, 'router', { + mesh, + }); + + const virtualNode = mesh.addVirtualNode('test-node', { + serviceDiscovery: appmesh.ServiceDiscovery.dns('test'), + listeners: [appmesh.VirtualNodeListener.http()], + }); + + // WHEN + router.addRoute('http2', { + routeSpec: appmesh.RouteSpec.http2({ + priority: 50, + weightedTargets: [ + { + virtualNode: virtualNode, + weight: 0, + }, + ], + }), + }); + router.addRoute('http', { + routeSpec: appmesh.RouteSpec.http({ + priority: 10, + weightedTargets: [ + { + virtualNode: virtualNode, + weight: 0, + }, + ], + }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppMesh::Route', { + Spec: { + Priority: 50, + Http2Route: { + Action: { + WeightedTargets: [ + { + Weight: 0, + }, + ], + }, + }, + }, + }); + Template.fromStack(stack).hasResourceProperties('AWS::AppMesh::Route', { + Spec: { + Priority: 10, + HttpRoute: { + Action: { + WeightedTargets: [ + { + Weight: 0, + }, + ], + }, + }, + }, + }); + }); + test('Can import Routes using an ARN', () => { const app = new cdk.App(); // GIVEN diff --git a/packages/@aws-cdk/aws-appsync/README.md b/packages/@aws-cdk/aws-appsync/README.md index e562a0b267342..32d44938c8eed 100644 --- a/packages/@aws-cdk/aws-appsync/README.md +++ b/packages/@aws-cdk/aws-appsync/README.md @@ -264,7 +264,7 @@ import * as opensearch from '@aws-cdk/aws-opensearchservice'; const user = new iam.User(this, 'User'); const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_2, + version: opensearch.EngineVersion.OPENSEARCH_1_3, removalPolicy: RemovalPolicy.DESTROY, fineGrainedAccessControl: { masterUserArn: user.userArn }, encryptionAtRest: { enabled: true }, @@ -334,6 +334,29 @@ new route53.CnameRecord(this, `CnameApiRecord`, { }); ``` +## Log Group + +AppSync automatically create a log group with the name `/aws/appsync/apis/` upon deployment with +log data set to never expire. If you want to set a different expiration period, use the `logConfig.retention` property. + +To obtain the GraphQL API's log group as a `logs.ILogGroup` use the `logGroup` property of the +`GraphqlApi` construct. + +```ts +import * as logs from '@aws-cdk/aws-logs'; + +const logConfig: appsync.LogConfig = { + retention: logs.RetentionDays.ONE_WEEK, +}; + +new appsync.GraphqlApi(this, 'api', { + authorizationConfig: {}, + name: 'myApi', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'myApi.graphql')), + logConfig, +}); +``` + ## Schema Every GraphQL Api needs a schema to define the Api. CDK offers `appsync.Schema` @@ -427,7 +450,7 @@ new appsync.GraphqlApi(this, 'api', { defaultAuthorization: { authorizationType: appsync.AuthorizationType.LAMBDA, lambdaAuthorizerConfig: { - handler: authFunction, + handler: authFunction, // can also specify `resultsCacheTtl` and `validationRegex`. }, }, diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index ab740aac4cfb2..d384713310581 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -2,6 +2,7 @@ import { ICertificate } from '@aws-cdk/aws-certificatemanager'; import { IUserPool } from '@aws-cdk/aws-cognito'; import { ManagedPolicy, Role, IRole, ServicePrincipal, Grant, IGrantable } from '@aws-cdk/aws-iam'; import { IFunction } from '@aws-cdk/aws-lambda'; +import { ILogGroup, LogGroup, LogRetention, RetentionDays } from '@aws-cdk/aws-logs'; import { ArnFormat, CfnResource, Duration, Expiration, IResolvable, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnApiKey, CfnGraphQLApi, CfnGraphQLSchema, CfnDomainName, CfnDomainNameApiAssociation } from './appsync.generated'; @@ -248,6 +249,16 @@ export interface LogConfig { * @default - None */ readonly role?: IRole; + + /** + * The number of days log events are kept in CloudWatch Logs. + * By default AppSync keeps the logs infinitely. When updating this property, + * unsetting it doesn't remove the log retention policy. + * To remove the retention policy, set the value to `INFINITE` + * + * @default RetentionDays.INFINITE + */ + readonly retention?: RetentionDays } /** @@ -459,6 +470,11 @@ export class GraphqlApi extends GraphqlApiBase { */ public readonly apiKey?: string; + /** + * the CloudWatch Log Group for this API + */ + public readonly logGroup: ILogGroup; + private schemaResource: CfnGraphQLSchema; private api: CfnGraphQLApi; private apiKeyResource?: CfnApiKey; @@ -527,6 +543,16 @@ export class GraphqlApi extends GraphqlApiBase { }); } + const logGroupName = `/aws/appsync/apis/${this.apiId}`; + + this.logGroup = LogGroup.fromLogGroupName(this, 'LogGroup', logGroupName); + + if (props.logConfig?.retention) { + new LogRetention(this, 'LogRetention', { + logGroupName: this.logGroup.logGroupName, + retention: props.logConfig.retention, + }); + }; } /** @@ -620,10 +646,11 @@ export class GraphqlApi extends GraphqlApiBase { ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSAppSyncPushToCloudWatchLogs'), ], }).roleArn; + const fieldLogLevel: FieldLogLevel = config.fieldLogLevel ?? FieldLogLevel.NONE; return { cloudWatchLogsRoleArn: logsRoleArn, excludeVerboseContent: config.excludeVerboseContent, - fieldLogLevel: config.fieldLogLevel, + fieldLogLevel: fieldLogLevel, }; } diff --git a/packages/@aws-cdk/aws-appsync/package.json b/packages/@aws-cdk/aws-appsync/package.json index 480e781af2bbc..b0e9b8c1320d8 100644 --- a/packages/@aws-cdk/aws-appsync/package.json +++ b/packages/@aws-cdk/aws-appsync/package.json @@ -84,6 +84,7 @@ "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", @@ -97,6 +98,7 @@ "@aws-cdk/aws-elasticsearch": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", + "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-opensearchservice": "0.0.0", "@aws-cdk/aws-rds": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", @@ -113,6 +115,7 @@ "@aws-cdk/aws-elasticsearch": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", + "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-opensearchservice": "0.0.0", "@aws-cdk/aws-rds": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", diff --git a/packages/@aws-cdk/aws-appsync/test/appsync.test.ts b/packages/@aws-cdk/aws-appsync/test/appsync.test.ts index 350fbff6229db..1ed2a95b6aeae 100644 --- a/packages/@aws-cdk/aws-appsync/test/appsync.test.ts +++ b/packages/@aws-cdk/aws-appsync/test/appsync.test.ts @@ -2,6 +2,7 @@ import * as path from 'path'; import { Template } from '@aws-cdk/assertions'; import { Certificate } from '@aws-cdk/aws-certificatemanager'; import * as iam from '@aws-cdk/aws-iam'; +import * as logs from '@aws-cdk/aws-logs'; import * as cdk from '@aws-cdk/core'; import * as appsync from '../lib'; @@ -191,3 +192,49 @@ test('appsync GraphqlApi should be configured with custom domain when specified' DomainName: domainName, }); }); + +test('log retention should be configured with given retention time when specified', () => { + // GIVEN + const retentionTime = logs.RetentionDays.ONE_WEEK; + + // WHEN + new appsync.GraphqlApi(stack, 'log-retention', { + authorizationConfig: {}, + name: 'log-retention', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + logConfig: { + retention: retentionTime, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('Custom::LogRetention', { + LogGroupName: { + 'Fn::Join': [ + '', + [ + '/aws/appsync/apis/', + { + 'Fn::GetAtt': [ + 'logretentionB69DFB48', + 'ApiId', + ], + }, + ], + ], + }, + RetentionInDays: 7, + }); +}); + +test('log retention should not appear when no retention time is specified', () => { + // WHEN + new appsync.GraphqlApi(stack, 'no-log-retention', { + authorizationConfig: {}, + name: 'no-log-retention', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + }); + + // THEN + Template.fromStack(stack).resourceCountIs('Custom::LogRetention', 0); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/appsync-opensearch.template.json b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/appsync-opensearch.template.json index 0f075d2196757..85003197d3261 100644 --- a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/appsync-opensearch.template.json +++ b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/appsync-opensearch.template.json @@ -24,9 +24,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": true, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -39,7 +36,7 @@ "EncryptionAtRestOptions": { "Enabled": true }, - "EngineVersion": "OpenSearch_1.2", + "EngineVersion": "OpenSearch_1.3", "LogPublishingOptions": {}, "NodeToNodeEncryptionOptions": { "Enabled": true @@ -207,4 +204,4 @@ ] } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/manifest.json index 95c7efb1806d3..f0a3426f2a5e4 100644 --- a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", diff --git a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/tree.json b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/tree.json index 08425f5b4e387..ab3fd9f94d633 100644 --- a/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-appsync/test/graphql-opensearch.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } }, "appsync-opensearch": { @@ -66,9 +66,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": true, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-appsync/test/integ.graphql-opensearch.ts b/packages/@aws-cdk/aws-appsync/test/integ.graphql-opensearch.ts index cb96dee17e90f..a8c8984c04e14 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.graphql-opensearch.ts +++ b/packages/@aws-cdk/aws-appsync/test/integ.graphql-opensearch.ts @@ -8,7 +8,7 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'appsync-opensearch'); const user = new User(stack, 'User'); const domain = new opensearch.Domain(stack, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_2, + version: opensearch.EngineVersion.OPENSEARCH_1_3, removalPolicy: cdk.RemovalPolicy.DESTROY, fineGrainedAccessControl: { masterUserArn: user.userArn, diff --git a/packages/@aws-cdk/aws-appsync/test/integ.log-retention.ts b/packages/@aws-cdk/aws-appsync/test/integ.log-retention.ts new file mode 100644 index 0000000000000..664c28ceee237 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.log-retention.ts @@ -0,0 +1,40 @@ +import { join } from 'path'; +import { RetentionDays } from '@aws-cdk/aws-logs'; +import { App, Stack } from '@aws-cdk/core'; +import { ExpectedResult, IntegTest } from '@aws-cdk/integ-tests'; +import { GraphqlApi, LogConfig, Schema } from '../lib'; + +const app = new App(); +const stack = new Stack(app, 'AppSyncIntegLogRetention'); + + +const retentionTime = RetentionDays.ONE_WEEK; +const logConfig: LogConfig = { + retention: retentionTime, +}; + +const api = new GraphqlApi(stack, 'GraphqlApi', { + authorizationConfig: {}, + name: 'IntegLogRetention', + schema: Schema.fromAsset(join(__dirname, 'appsync.test.graphql')), + logConfig, +}); + +const integ = new IntegTest(app, 'Integ', { testCases: [stack] }); + +const describe = integ.assertions.awsApiCall('CloudWatchLogs', + 'describeLogGroups', + { + logGroupNamePrefix: api.logGroup.logGroupName, + }); + +describe.expect(ExpectedResult.objectLike({ + logGroups: [ + { + logGroupName: api.logGroup.logGroupName, + retentionInDays: retentionTime, + }, + ], +})); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/AppSyncIntegLogRetention.template.json b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/AppSyncIntegLogRetention.template.json new file mode 100644 index 0000000000000..1dc3cc6f7eaa2 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/AppSyncIntegLogRetention.template.json @@ -0,0 +1,240 @@ +{ + "Resources": { + "GraphqlApiApiLogsRoleBB9E6BAD": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appsync.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs" + ] + ] + } + ] + } + }, + "GraphqlApi1B6CF24C": { + "Type": "AWS::AppSync::GraphQLApi", + "Properties": { + "AuthenticationType": "API_KEY", + "Name": "IntegLogRetention", + "LogConfig": { + "CloudWatchLogsRoleArn": { + "Fn::GetAtt": [ + "GraphqlApiApiLogsRoleBB9E6BAD", + "Arn" + ] + }, + "FieldLogLevel": "NONE" + } + } + }, + "GraphqlApiSchema1B71CE4F": { + "Type": "AWS::AppSync::GraphQLSchema", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + }, + "Definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "GraphqlApiDefaultApiKey47EE7128": { + "Type": "AWS::AppSync::ApiKey", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + } + }, + "DependsOn": [ + "GraphqlApiSchema1B71CE4F" + ] + }, + "GraphqlApiLogRetention082A7017": { + "Type": "Custom::LogRetention", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", + "Arn" + ] + }, + "LogGroupName": { + "Fn::Join": [ + "", + [ + "/aws/appsync/apis/", + { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + } + ] + ] + }, + "RetentionInDays": 7 + } + }, + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:DeleteRetentionPolicy", + "logs:PutRetentionPolicy" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", + "Roles": [ + { + "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" + } + ] + } + }, + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Handler": "index.handler", + "Runtime": "nodejs14.x", + "Code": { + "S3Bucket": { + "Ref": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3BucketB4787383" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3VersionKey8CF8E820" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3VersionKey8CF8E820" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", + "Arn" + ] + } + }, + "DependsOn": [ + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" + ] + } + }, + "Parameters": { + "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3BucketB4787383": { + "Type": "String", + "Description": "S3 bucket for asset \"c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a\"" + }, + "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3VersionKey8CF8E820": { + "Type": "String", + "Description": "S3 key for asset version \"c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a\"" + }, + "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aArtifactHashC9560B34": { + "Type": "String", + "Description": "Artifact hash for asset \"c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a\"" + } + }, + "Outputs": { + "ExportsOutputFnGetAttGraphqlApi1B6CF24CApiIdE34D50AD": { + "Value": { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + }, + "Export": { + "Name": "AppSyncIntegLogRetention:ExportsOutputFnGetAttGraphqlApi1B6CF24CApiIdE34D50AD" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..ddbbd027583b6 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1,183 @@ +{ + "Resources": { + "AwsApiCallCloudWatchLogsdescribeLogGroups": { + "Type": "Custom::DeployAssert@SdkCallCloudWatchLogsdescribeLogGroups", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "service": "CloudWatchLogs", + "api": "describeLogGroups", + "parameters": { + "logGroupNamePrefix": { + "Fn::Join": [ + "", + [ + "/aws/appsync/apis/", + { + "Fn::ImportValue": "AppSyncIntegLogRetention:ExportsOutputFnGetAttGraphqlApi1B6CF24CApiIdE34D50AD" + } + ] + ] + } + }, + "flattenResponse": "false", + "salt": "1659609543121" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "AwsApiCallCloudWatchLogsdescribeLogGroupsAssertEqualsCloudWatchLogsdescribeLogGroupsD2E2CD37": { + "Type": "Custom::DeployAssert@AssertEquals", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "actual": { + "Fn::GetAtt": [ + "AwsApiCallCloudWatchLogsdescribeLogGroups", + "apiCallResponse" + ] + }, + "expected": { + "Fn::Join": [ + "", + [ + "{\"$ObjectLike\":{\"logGroups\":[{\"logGroupName\":\"/aws/appsync/apis/", + { + "Fn::ImportValue": "AppSyncIntegLogRetention:ExportsOutputFnGetAttGraphqlApi1B6CF24CApiIdE34D50AD" + }, + "\",\"retentionInDays\":7}]}}" + ] + ] + }, + "salt": "1659609543122" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "logs:DescribeLogGroups" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + } + ] + } + } + ] + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs14.x", + "Code": { + "S3Bucket": { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ] + } + ] + } + ] + ] + } + }, + "Timeout": 120, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + } + }, + "Outputs": { + "AssertionResultsAssertEqualsCloudWatchLogsdescribeLogGroups": { + "Value": { + "Fn::GetAtt": [ + "AwsApiCallCloudWatchLogsdescribeLogGroupsAssertEqualsCloudWatchLogsdescribeLogGroupsD2E2CD37", + "data" + ] + } + } + }, + "Parameters": { + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7": { + "Type": "String", + "Description": "S3 bucket for asset \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + }, + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E": { + "Type": "String", + "Description": "S3 key for asset version \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + }, + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9": { + "Type": "String", + "Description": "Artifact hash for asset \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd.bundle/index.js b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd.bundle/index.js new file mode 100644 index 0000000000000..b3ec1b8c53d30 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd.bundle/index.js @@ -0,0 +1,612 @@ +"use strict"; +var __create = Object.create; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __getProtoOf = Object.getPrototypeOf; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( + isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, + mod +)); +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// lib/assertions/providers/lambda-handler/index.ts +var lambda_handler_exports = {}; +__export(lambda_handler_exports, { + handler: () => handler +}); +module.exports = __toCommonJS(lambda_handler_exports); + +// ../assertions/lib/matcher.ts +var Matcher = class { + static isMatcher(x) { + return x && x instanceof Matcher; + } +}; +var MatchResult = class { + constructor(target) { + this.failures = []; + this.captures = /* @__PURE__ */ new Map(); + this.finalized = false; + this.target = target; + } + push(matcher, path, message) { + return this.recordFailure({ matcher, path, message }); + } + recordFailure(failure) { + this.failures.push(failure); + return this; + } + hasFailed() { + return this.failures.length !== 0; + } + get failCount() { + return this.failures.length; + } + compose(id, inner) { + const innerF = inner.failures; + this.failures.push(...innerF.map((f) => { + return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; + })); + inner.captures.forEach((vals, capture) => { + vals.forEach((value) => this.recordCapture({ capture, value })); + }); + return this; + } + finished() { + if (this.finalized) { + return this; + } + if (this.failCount === 0) { + this.captures.forEach((vals, cap) => cap._captured.push(...vals)); + } + this.finalized = true; + return this; + } + toHumanStrings() { + return this.failures.map((r) => { + const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; + return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; + }); + } + recordCapture(options) { + let values = this.captures.get(options.capture); + if (values === void 0) { + values = []; + } + values.push(options.value); + this.captures.set(options.capture, values); + } +}; + +// ../assertions/lib/private/matchers/absent.ts +var AbsentMatch = class extends Matcher { + constructor(name) { + super(); + this.name = name; + } + test(actual) { + const result = new MatchResult(actual); + if (actual !== void 0) { + result.recordFailure({ + matcher: this, + path: [], + message: `Received ${actual}, but key should be absent` + }); + } + return result; + } +}; + +// ../assertions/lib/private/type.ts +function getType(obj) { + return Array.isArray(obj) ? "array" : typeof obj; +} + +// ../assertions/lib/match.ts +var Match = class { + static absent() { + return new AbsentMatch("absent"); + } + static arrayWith(pattern) { + return new ArrayMatch("arrayWith", pattern); + } + static arrayEquals(pattern) { + return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); + } + static exact(pattern) { + return new LiteralMatch("exact", pattern, { partialObjects: false }); + } + static objectLike(pattern) { + return new ObjectMatch("objectLike", pattern); + } + static objectEquals(pattern) { + return new ObjectMatch("objectEquals", pattern, { partial: false }); + } + static not(pattern) { + return new NotMatch("not", pattern); + } + static serializedJson(pattern) { + return new SerializedJson("serializedJson", pattern); + } + static anyValue() { + return new AnyMatch("anyValue"); + } + static stringLikeRegexp(pattern) { + return new StringLikeRegexpMatch("stringLikeRegexp", pattern); + } +}; +var LiteralMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.partialObjects = options.partialObjects ?? false; + if (Matcher.isMatcher(this.pattern)) { + throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); + } + } + test(actual) { + if (Array.isArray(this.pattern)) { + return new ArrayMatch(this.name, this.pattern, { subsequence: false, partialObjects: this.partialObjects }).test(actual); + } + if (typeof this.pattern === "object") { + return new ObjectMatch(this.name, this.pattern, { partial: this.partialObjects }).test(actual); + } + const result = new MatchResult(actual); + if (typeof this.pattern !== typeof actual) { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected type ${typeof this.pattern} but received ${getType(actual)}` + }); + return result; + } + if (actual !== this.pattern) { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected ${this.pattern} but received ${actual}` + }); + } + return result; + } +}; +var ArrayMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.subsequence = options.subsequence ?? true; + this.partialObjects = options.partialObjects ?? false; + } + test(actual) { + if (!Array.isArray(actual)) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected type array but received ${getType(actual)}` + }); + } + if (!this.subsequence && this.pattern.length !== actual.length) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected array of length ${this.pattern.length} but received ${actual.length}` + }); + } + let patternIdx = 0; + let actualIdx = 0; + const result = new MatchResult(actual); + while (patternIdx < this.pattern.length && actualIdx < actual.length) { + const patternElement = this.pattern[patternIdx]; + const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); + const matcherName = matcher.name; + if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { + throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); + } + const innerResult = matcher.test(actual[actualIdx]); + if (!this.subsequence || !innerResult.hasFailed()) { + result.compose(`[${actualIdx}]`, innerResult); + patternIdx++; + actualIdx++; + } else { + actualIdx++; + } + } + for (; patternIdx < this.pattern.length; patternIdx++) { + const pattern = this.pattern[patternIdx]; + const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; + result.recordFailure({ + matcher: this, + path: [], + message: `Missing element${element}at pattern index ${patternIdx}` + }); + } + return result; + } +}; +var ObjectMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.partial = options.partial ?? true; + } + test(actual) { + if (typeof actual !== "object" || Array.isArray(actual)) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected type object but received ${getType(actual)}` + }); + } + const result = new MatchResult(actual); + if (!this.partial) { + for (const a of Object.keys(actual)) { + if (!(a in this.pattern)) { + result.recordFailure({ + matcher: this, + path: [`/${a}`], + message: "Unexpected key" + }); + } + } + } + for (const [patternKey, patternVal] of Object.entries(this.pattern)) { + if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { + result.recordFailure({ + matcher: this, + path: [`/${patternKey}`], + message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` + }); + continue; + } + const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); + const inner = matcher.test(actual[patternKey]); + result.compose(`/${patternKey}`, inner); + } + return result; + } +}; +var SerializedJson = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + const result = new MatchResult(actual); + if (getType(actual) !== "string") { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected JSON as a string but found ${getType(actual)}` + }); + return result; + } + let parsed; + try { + parsed = JSON.parse(actual); + } catch (err) { + if (err instanceof SyntaxError) { + result.recordFailure({ + matcher: this, + path: [], + message: `Invalid JSON string: ${actual}` + }); + return result; + } else { + throw err; + } + } + const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); + const innerResult = matcher.test(parsed); + result.compose(`(${this.name})`, innerResult); + return result; + } +}; +var NotMatch = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); + const innerResult = matcher.test(actual); + const result = new MatchResult(actual); + if (innerResult.failCount === 0) { + result.recordFailure({ + matcher: this, + path: [], + message: `Found unexpected match: ${JSON.stringify(actual, void 0, 2)}` + }); + } + return result; + } +}; +var AnyMatch = class extends Matcher { + constructor(name) { + super(); + this.name = name; + } + test(actual) { + const result = new MatchResult(actual); + if (actual == null) { + result.recordFailure({ + matcher: this, + path: [], + message: "Expected a value but found none" + }); + } + return result; + } +}; +var StringLikeRegexpMatch = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + const result = new MatchResult(actual); + const regex = new RegExp(this.pattern, "gm"); + if (typeof actual !== "string") { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected a string, but got '${typeof actual}'` + }); + } + if (!regex.test(actual)) { + result.recordFailure({ + matcher: this, + path: [], + message: `String '${actual}' did not match pattern '${this.pattern}'` + }); + } + return result; + } +}; + +// lib/assertions/providers/lambda-handler/base.ts +var https = __toESM(require("https")); +var url = __toESM(require("url")); +var CustomResourceHandler = class { + constructor(event, context) { + this.event = event; + this.context = context; + this.timedOut = false; + this.timeout = setTimeout(async () => { + await this.respond({ + status: "FAILED", + reason: "Lambda Function Timeout", + data: this.context.logStreamName + }); + this.timedOut = true; + }, context.getRemainingTimeInMillis() - 1200); + this.event = event; + this.physicalResourceId = extractPhysicalResourceId(event); + } + async handle() { + try { + console.log(`Event: ${JSON.stringify({ ...this.event, ResponseURL: "..." })}`); + const response = await this.processEvent(this.event.ResourceProperties); + console.log(`Event output : ${JSON.stringify(response)}`); + await this.respond({ + status: "SUCCESS", + reason: "OK", + data: response + }); + } catch (e) { + console.log(e); + await this.respond({ + status: "FAILED", + reason: e.message ?? "Internal Error" + }); + } finally { + clearTimeout(this.timeout); + } + } + respond(response) { + if (this.timedOut) { + return; + } + const cfResponse = { + Status: response.status, + Reason: response.reason, + PhysicalResourceId: this.physicalResourceId, + StackId: this.event.StackId, + RequestId: this.event.RequestId, + LogicalResourceId: this.event.LogicalResourceId, + NoEcho: false, + Data: response.data + }; + const responseBody = JSON.stringify(cfResponse); + console.log("Responding to CloudFormation", responseBody); + const parsedUrl = url.parse(this.event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: "PUT", + headers: { "content-type": "", "content-length": responseBody.length } + }; + return new Promise((resolve, reject) => { + try { + const request2 = https.request(requestOptions, resolve); + request2.on("error", reject); + request2.write(responseBody); + request2.end(); + } catch (e) { + reject(e); + } + }); + } +}; +function extractPhysicalResourceId(event) { + switch (event.RequestType) { + case "Create": + return event.LogicalResourceId; + case "Update": + case "Delete": + return event.PhysicalResourceId; + } +} + +// lib/assertions/providers/lambda-handler/assertion.ts +var AssertionHandler = class extends CustomResourceHandler { + async processEvent(request2) { + let actual = decodeCall(request2.actual); + const expected = decodeCall(request2.expected); + let result; + const matcher = new MatchCreator(expected).getMatcher(); + console.log(`Testing equality between ${JSON.stringify(request2.actual)} and ${JSON.stringify(request2.expected)}`); + const matchResult = matcher.test(actual); + matchResult.finished(); + if (matchResult.hasFailed()) { + result = { + data: JSON.stringify({ + status: "fail", + message: [ + ...matchResult.toHumanStrings(), + JSON.stringify(matchResult.target, void 0, 2) + ].join("\n") + }) + }; + if (request2.failDeployment) { + throw new Error(result.data); + } + } else { + result = { + data: JSON.stringify({ + status: "pass" + }) + }; + } + return result; + } +}; +var MatchCreator = class { + constructor(obj) { + this.parsedObj = { + matcher: obj + }; + } + getMatcher() { + try { + const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { + const nested = Object.keys(v)[0]; + switch (nested) { + case "$ArrayWith": + return Match.arrayWith(v[nested]); + case "$ObjectLike": + return Match.objectLike(v[nested]); + case "$StringLike": + return Match.stringLikeRegexp(v[nested]); + default: + return v; + } + }); + if (Matcher.isMatcher(final.matcher)) { + return final.matcher; + } + return Match.exact(final.matcher); + } catch { + return Match.exact(this.parsedObj.matcher); + } + } +}; +function decodeCall(call) { + if (!call) { + return void 0; + } + try { + const parsed = JSON.parse(call); + return parsed; + } catch (e) { + return call; + } +} + +// lib/assertions/providers/lambda-handler/utils.ts +function decode(object) { + return JSON.parse(JSON.stringify(object), (_k, v) => { + switch (v) { + case "TRUE:BOOLEAN": + return true; + case "FALSE:BOOLEAN": + return false; + default: + return v; + } + }); +} + +// lib/assertions/providers/lambda-handler/sdk.ts +function flatten(object) { + return Object.assign( + {}, + ...function _flatten(child, path = []) { + return [].concat(...Object.keys(child).map((key) => { + const childKey = Buffer.isBuffer(child[key]) ? child[key].toString("utf8") : child[key]; + return typeof childKey === "object" && childKey !== null ? _flatten(childKey, path.concat([key])) : { [path.concat([key]).join(".")]: childKey }; + })); + }(object) + ); +} +var AwsApiCallHandler = class extends CustomResourceHandler { + async processEvent(request2) { + const AWS = require("aws-sdk"); + console.log(`AWS SDK VERSION: ${AWS.VERSION}`); + const service = new AWS[request2.service](); + const response = await service[request2.api](request2.parameters && decode(request2.parameters)).promise(); + console.log(`SDK response received ${JSON.stringify(response)}`); + delete response.ResponseMetadata; + const respond = { + apiCallResponse: response + }; + const flatData = { + ...flatten(respond) + }; + return request2.flattenResponse === "true" ? flatData : respond; + } +}; + +// lib/assertions/providers/lambda-handler/types.ts +var ASSERT_RESOURCE_TYPE = "Custom::DeployAssert@AssertEquals"; +var SDK_RESOURCE_TYPE_PREFIX = "Custom::DeployAssert@SdkCall"; + +// lib/assertions/providers/lambda-handler/index.ts +async function handler(event, context) { + const provider = createResourceHandler(event, context); + await provider.handle(); +} +function createResourceHandler(event, context) { + if (event.ResourceType.startsWith(SDK_RESOURCE_TYPE_PREFIX)) { + return new AwsApiCallHandler(event, context); + } + switch (event.ResourceType) { + case ASSERT_RESOURCE_TYPE: + return new AssertionHandler(event, context); + default: + throw new Error(`Unsupported resource type "${event.ResourceType}`); + } +} +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + handler +}); diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.d.ts b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.d.ts new file mode 100644 index 0000000000000..9bbf5854684b6 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.d.ts @@ -0,0 +1 @@ +export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent, context: AWSLambda.Context): Promise; diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.js b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.js new file mode 100644 index 0000000000000..a844de880012a --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.js @@ -0,0 +1,174 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +// eslint-disable-next-line import/no-extraneous-dependencies +const AWS = require("aws-sdk"); +/** + * Creates a log group and doesn't throw if it exists. + * + * @param logGroupName the name of the log group to create. + * @param region to create the log group in + * @param options CloudWatch API SDK options. + */ +async function createLogGroupSafe(logGroupName, region, options) { + // If we set the log retention for a lambda, then due to the async nature of + // Lambda logging there could be a race condition when the same log group is + // already being created by the lambda execution. This can sometime result in + // an error "OperationAbortedException: A conflicting operation is currently + // in progress...Please try again." + // To avoid an error, we do as requested and try again. + let retryCount = options?.maxRetries == undefined ? 10 : options.maxRetries; + const delay = options?.retryOptions?.base == undefined ? 10 : options.retryOptions.base; + do { + try { + const cloudwatchlogs = new AWS.CloudWatchLogs({ apiVersion: '2014-03-28', region, ...options }); + await cloudwatchlogs.createLogGroup({ logGroupName }).promise(); + return; + } + catch (error) { + if (error.code === 'ResourceAlreadyExistsException') { + // The log group is already created by the lambda execution + return; + } + if (error.code === 'OperationAbortedException') { + if (retryCount > 0) { + retryCount--; + await new Promise(resolve => setTimeout(resolve, delay)); + continue; + } + else { + // The log group is still being created by another execution but we are out of retries + throw new Error('Out of attempts to create a logGroup'); + } + } + throw error; + } + } while (true); // exit happens on retry count check +} +/** + * Puts or deletes a retention policy on a log group. + * + * @param logGroupName the name of the log group to create + * @param region the region of the log group + * @param options CloudWatch API SDK options. + * @param retentionInDays the number of days to retain the log events in the specified log group. + */ +async function setRetentionPolicy(logGroupName, region, options, retentionInDays) { + // The same as in createLogGroupSafe(), here we could end up with the race + // condition where a log group is either already being created or its retention + // policy is being updated. This would result in an OperationAbortedException, + // which we will try to catch and retry the command a number of times before failing + let retryCount = options?.maxRetries == undefined ? 10 : options.maxRetries; + const delay = options?.retryOptions?.base == undefined ? 10 : options.retryOptions.base; + do { + try { + const cloudwatchlogs = new AWS.CloudWatchLogs({ apiVersion: '2014-03-28', region, ...options }); + if (!retentionInDays) { + await cloudwatchlogs.deleteRetentionPolicy({ logGroupName }).promise(); + } + else { + await cloudwatchlogs.putRetentionPolicy({ logGroupName, retentionInDays }).promise(); + } + return; + } + catch (error) { + if (error.code === 'OperationAbortedException') { + if (retryCount > 0) { + retryCount--; + await new Promise(resolve => setTimeout(resolve, delay)); + continue; + } + else { + // The log group is still being created by another execution but we are out of retries + throw new Error('Out of attempts to create a logGroup'); + } + } + throw error; + } + } while (true); // exit happens on retry count check +} +async function handler(event, context) { + try { + console.log(JSON.stringify({ ...event, ResponseURL: '...' })); + // The target log group + const logGroupName = event.ResourceProperties.LogGroupName; + // The region of the target log group + const logGroupRegion = event.ResourceProperties.LogGroupRegion; + // Parse to AWS SDK retry options + const retryOptions = parseRetryOptions(event.ResourceProperties.SdkRetry); + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + // Act on the target log group + await createLogGroupSafe(logGroupName, logGroupRegion, retryOptions); + await setRetentionPolicy(logGroupName, logGroupRegion, retryOptions, parseInt(event.ResourceProperties.RetentionInDays, 10)); + if (event.RequestType === 'Create') { + // Set a retention policy of 1 day on the logs of this very function. + // Due to the async nature of the log group creation, the log group for this function might + // still be not created yet at this point. Therefore we attempt to create it. + // In case it is being created, createLogGroupSafe will handle the conflict. + const region = process.env.AWS_REGION; + await createLogGroupSafe(`/aws/lambda/${context.functionName}`, region, retryOptions); + // If createLogGroupSafe fails, the log group is not created even after multiple attempts. + // In this case we have nothing to set the retention policy on but an exception will skip + // the next line. + await setRetentionPolicy(`/aws/lambda/${context.functionName}`, region, retryOptions, 1); + } + } + await respond('SUCCESS', 'OK', logGroupName); + } + catch (e) { + console.log(e); + await respond('FAILED', e.message, event.ResourceProperties.LogGroupName); + } + function respond(responseStatus, reason, physicalResourceId) { + const responseBody = JSON.stringify({ + Status: responseStatus, + Reason: reason, + PhysicalResourceId: physicalResourceId, + StackId: event.StackId, + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + Data: { + // Add log group name as part of the response so that it's available via Fn::GetAtt + LogGroupName: event.ResourceProperties.LogGroupName, + }, + }); + console.log('Responding', responseBody); + // eslint-disable-next-line @typescript-eslint/no-require-imports + const parsedUrl = require('url').parse(event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + return new Promise((resolve, reject) => { + try { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const request = require('https').request(requestOptions, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); + } + function parseRetryOptions(rawOptions) { + const retryOptions = {}; + if (rawOptions) { + if (rawOptions.maxRetries) { + retryOptions.maxRetries = parseInt(rawOptions.maxRetries, 10); + } + if (rawOptions.base) { + retryOptions.retryOptions = { + base: parseInt(rawOptions.base, 10), + }; + } + } + return retryOptions; + } +} +exports.handler = handler; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsK0JBQStCOzs7QUFFL0IsNkRBQTZEO0FBQzdELCtCQUErQjtBQVMvQjs7Ozs7O0dBTUc7QUFDSCxLQUFLLFVBQVUsa0JBQWtCLENBQUMsWUFBb0IsRUFBRSxNQUFlLEVBQUUsT0FBeUI7SUFDaEcsNEVBQTRFO0lBQzVFLDRFQUE0RTtJQUM1RSw2RUFBNkU7SUFDN0UsNEVBQTRFO0lBQzVFLG1DQUFtQztJQUNuQyx1REFBdUQ7SUFDdkQsSUFBSSxVQUFVLEdBQUcsT0FBTyxFQUFFLFVBQVUsSUFBSSxTQUFTLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQztJQUM1RSxNQUFNLEtBQUssR0FBRyxPQUFPLEVBQUUsWUFBWSxFQUFFLElBQUksSUFBSSxTQUFTLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUM7SUFDeEYsR0FBRztRQUNELElBQUk7WUFDRixNQUFNLGNBQWMsR0FBRyxJQUFJLEdBQUcsQ0FBQyxjQUFjLENBQUMsRUFBRSxVQUFVLEVBQUUsWUFBWSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDaEcsTUFBTSxjQUFjLENBQUMsY0FBYyxDQUFDLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNoRSxPQUFPO1NBQ1I7UUFBQyxPQUFPLEtBQUssRUFBRTtZQUNkLElBQUksS0FBSyxDQUFDLElBQUksS0FBSyxnQ0FBZ0MsRUFBRTtnQkFDbkQsMkRBQTJEO2dCQUMzRCxPQUFPO2FBQ1I7WUFDRCxJQUFJLEtBQUssQ0FBQyxJQUFJLEtBQUssMkJBQTJCLEVBQUU7Z0JBQzlDLElBQUksVUFBVSxHQUFHLENBQUMsRUFBRTtvQkFDbEIsVUFBVSxFQUFFLENBQUM7b0JBQ2IsTUFBTSxJQUFJLE9BQU8sQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUUsS0FBSyxDQUFDLENBQUMsQ0FBQztvQkFDekQsU0FBUztpQkFDVjtxQkFBTTtvQkFDTCxzRkFBc0Y7b0JBQ3RGLE1BQU0sSUFBSSxLQUFLLENBQUMsc0NBQXNDLENBQUMsQ0FBQztpQkFDekQ7YUFDRjtZQUNELE1BQU0sS0FBSyxDQUFDO1NBQ2I7S0FDRixRQUFRLElBQUksRUFBRSxDQUFDLG9DQUFvQztBQUN0RCxDQUFDO0FBRUQ7Ozs7Ozs7R0FPRztBQUNILEtBQUssVUFBVSxrQkFBa0IsQ0FBQyxZQUFvQixFQUFFLE1BQWUsRUFBRSxPQUF5QixFQUFFLGVBQXdCO0lBQzFILDBFQUEwRTtJQUMxRSwrRUFBK0U7SUFDL0UsOEVBQThFO0lBQzlFLG9GQUFvRjtJQUNwRixJQUFJLFVBQVUsR0FBRyxPQUFPLEVBQUUsVUFBVSxJQUFJLFNBQVMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDO0lBQzVFLE1BQU0sS0FBSyxHQUFHLE9BQU8sRUFBRSxZQUFZLEVBQUUsSUFBSSxJQUFJLFNBQVMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQztJQUN4RixHQUFHO1FBQ0QsSUFBSTtZQUNGLE1BQU0sY0FBYyxHQUFHLElBQUksR0FBRyxDQUFDLGNBQWMsQ0FBQyxFQUFFLFVBQVUsRUFBRSxZQUFZLEVBQUUsTUFBTSxFQUFFLEdBQUcsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUNoRyxJQUFJLENBQUMsZUFBZSxFQUFFO2dCQUNwQixNQUFNLGNBQWMsQ0FBQyxxQkFBcUIsQ0FBQyxFQUFFLFlBQVksRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7YUFDeEU7aUJBQU07Z0JBQ0wsTUFBTSxjQUFjLENBQUMsa0JBQWtCLENBQUMsRUFBRSxZQUFZLEVBQUUsZUFBZSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQzthQUN0RjtZQUNELE9BQU87U0FFUjtRQUFDLE9BQU8sS0FBSyxFQUFFO1lBQ2QsSUFBSSxLQUFLLENBQUMsSUFBSSxLQUFLLDJCQUEyQixFQUFFO2dCQUM5QyxJQUFJLFVBQVUsR0FBRyxDQUFDLEVBQUU7b0JBQ2xCLFVBQVUsRUFBRSxDQUFDO29CQUNiLE1BQU0sSUFBSSxPQUFPLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsT0FBTyxFQUFFLEtBQUssQ0FBQyxDQUFDLENBQUM7b0JBQ3pELFNBQVM7aUJBQ1Y7cUJBQU07b0JBQ0wsc0ZBQXNGO29CQUN0RixNQUFNLElBQUksS0FBSyxDQUFDLHNDQUFzQyxDQUFDLENBQUM7aUJBQ3pEO2FBQ0Y7WUFDRCxNQUFNLEtBQUssQ0FBQztTQUNiO0tBQ0YsUUFBUSxJQUFJLEVBQUUsQ0FBQyxvQ0FBb0M7QUFDdEQsQ0FBQztBQUVNLEtBQUssVUFBVSxPQUFPLENBQUMsS0FBa0QsRUFBRSxPQUEwQjtJQUMxRyxJQUFJO1FBQ0YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsR0FBRyxLQUFLLEVBQUUsV0FBVyxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUMsQ0FBQztRQUU5RCx1QkFBdUI7UUFDdkIsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLFlBQVksQ0FBQztRQUUzRCxxQ0FBcUM7UUFDckMsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLGNBQWMsQ0FBQztRQUUvRCxpQ0FBaUM7UUFDakMsTUFBTSxZQUFZLEdBQUcsaUJBQWlCLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRTFFLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7WUFDcEUsOEJBQThCO1lBQzlCLE1BQU0sa0JBQWtCLENBQUMsWUFBWSxFQUFFLGNBQWMsRUFBRSxZQUFZLENBQUMsQ0FBQztZQUNyRSxNQUFNLGtCQUFrQixDQUFDLFlBQVksRUFBRSxjQUFjLEVBQUUsWUFBWSxFQUFFLFFBQVEsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQUMsZUFBZSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFFN0gsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMscUVBQXFFO2dCQUNyRSwyRkFBMkY7Z0JBQzNGLDZFQUE2RTtnQkFDN0UsNEVBQTRFO2dCQUM1RSxNQUFNLE1BQU0sR0FBRyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsQ0FBQztnQkFDdEMsTUFBTSxrQkFBa0IsQ0FBQyxlQUFlLE9BQU8sQ0FBQyxZQUFZLEVBQUUsRUFBRSxNQUFNLEVBQUUsWUFBWSxDQUFDLENBQUM7Z0JBQ3RGLDBGQUEwRjtnQkFDMUYseUZBQXlGO2dCQUN6RixpQkFBaUI7Z0JBQ2pCLE1BQU0sa0JBQWtCLENBQUMsZUFBZSxPQUFPLENBQUMsWUFBWSxFQUFFLEVBQUUsTUFBTSxFQUFFLFlBQVksRUFBRSxDQUFDLENBQUMsQ0FBQzthQUMxRjtTQUNGO1FBRUQsTUFBTSxPQUFPLENBQUMsU0FBUyxFQUFFLElBQUksRUFBRSxZQUFZLENBQUMsQ0FBQztLQUM5QztJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVmLE1BQU0sT0FBTyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxZQUFZLENBQUMsQ0FBQztLQUMzRTtJQUVELFNBQVMsT0FBTyxDQUFDLGNBQXNCLEVBQUUsTUFBYyxFQUFFLGtCQUEwQjtRQUNqRixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDO1lBQ2xDLE1BQU0sRUFBRSxjQUFjO1lBQ3RCLE1BQU0sRUFBRSxNQUFNO1lBQ2Qsa0JBQWtCLEVBQUUsa0JBQWtCO1lBQ3RDLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztZQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtZQUMxQyxJQUFJLEVBQUU7Z0JBQ0osbUZBQW1GO2dCQUNuRixZQUFZLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixDQUFDLFlBQVk7YUFDcEQ7U0FDRixDQUFDLENBQUM7UUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRSxZQUFZLENBQUMsQ0FBQztRQUV4QyxpRUFBaUU7UUFDakUsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDMUQsTUFBTSxjQUFjLEdBQUc7WUFDckIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1lBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtZQUNwQixNQUFNLEVBQUUsS0FBSztZQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtTQUN2RSxDQUFDO1FBRUYsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtZQUNyQyxJQUFJO2dCQUNGLGlFQUFpRTtnQkFDakUsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDLE9BQU8sQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ2xFLE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsR0FBRyxFQUFFLENBQUM7YUFDZjtZQUFDLE9BQU8sQ0FBQyxFQUFFO2dCQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQzthQUNYO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsU0FBUyxpQkFBaUIsQ0FBQyxVQUFlO1FBQ3hDLE1BQU0sWUFBWSxHQUFvQixFQUFFLENBQUM7UUFDekMsSUFBSSxVQUFVLEVBQUU7WUFDZCxJQUFJLFVBQVUsQ0FBQyxVQUFVLEVBQUU7Z0JBQ3pCLFlBQVksQ0FBQyxVQUFVLEdBQUcsUUFBUSxDQUFDLFVBQVUsQ0FBQyxVQUFVLEVBQUUsRUFBRSxDQUFDLENBQUM7YUFDL0Q7WUFDRCxJQUFJLFVBQVUsQ0FBQyxJQUFJLEVBQUU7Z0JBQ25CLFlBQVksQ0FBQyxZQUFZLEdBQUc7b0JBQzFCLElBQUksRUFBRSxRQUFRLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxFQUFFLENBQUM7aUJBQ3BDLENBQUM7YUFDSDtTQUNGO1FBQ0QsT0FBTyxZQUFZLENBQUM7SUFDdEIsQ0FBQztBQUNILENBQUM7QUEzRkQsMEJBMkZDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgbm8tY29uc29sZSAqL1xuXG4vLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzXG5pbXBvcnQgKiBhcyBBV1MgZnJvbSAnYXdzLXNkayc7XG4vLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzXG5pbXBvcnQgdHlwZSB7IFJldHJ5RGVsYXlPcHRpb25zIH0gZnJvbSAnYXdzLXNkay9saWIvY29uZmlnLWJhc2UnO1xuXG5pbnRlcmZhY2UgU2RrUmV0cnlPcHRpb25zIHtcbiAgbWF4UmV0cmllcz86IG51bWJlcjtcbiAgcmV0cnlPcHRpb25zPzogUmV0cnlEZWxheU9wdGlvbnM7XG59XG5cbi8qKlxuICogQ3JlYXRlcyBhIGxvZyBncm91cCBhbmQgZG9lc24ndCB0aHJvdyBpZiBpdCBleGlzdHMuXG4gKlxuICogQHBhcmFtIGxvZ0dyb3VwTmFtZSB0aGUgbmFtZSBvZiB0aGUgbG9nIGdyb3VwIHRvIGNyZWF0ZS5cbiAqIEBwYXJhbSByZWdpb24gdG8gY3JlYXRlIHRoZSBsb2cgZ3JvdXAgaW5cbiAqIEBwYXJhbSBvcHRpb25zIENsb3VkV2F0Y2ggQVBJIFNESyBvcHRpb25zLlxuICovXG5hc3luYyBmdW5jdGlvbiBjcmVhdGVMb2dHcm91cFNhZmUobG9nR3JvdXBOYW1lOiBzdHJpbmcsIHJlZ2lvbj86IHN0cmluZywgb3B0aW9ucz86IFNka1JldHJ5T3B0aW9ucykge1xuICAvLyBJZiB3ZSBzZXQgdGhlIGxvZyByZXRlbnRpb24gZm9yIGEgbGFtYmRhLCB0aGVuIGR1ZSB0byB0aGUgYXN5bmMgbmF0dXJlIG9mXG4gIC8vIExhbWJkYSBsb2dnaW5nIHRoZXJlIGNvdWxkIGJlIGEgcmFjZSBjb25kaXRpb24gd2hlbiB0aGUgc2FtZSBsb2cgZ3JvdXAgaXNcbiAgLy8gYWxyZWFkeSBiZWluZyBjcmVhdGVkIGJ5IHRoZSBsYW1iZGEgZXhlY3V0aW9uLiBUaGlzIGNhbiBzb21ldGltZSByZXN1bHQgaW5cbiAgLy8gYW4gZXJyb3IgXCJPcGVyYXRpb25BYm9ydGVkRXhjZXB0aW9uOiBBIGNvbmZsaWN0aW5nIG9wZXJhdGlvbiBpcyBjdXJyZW50bHlcbiAgLy8gaW4gcHJvZ3Jlc3MuLi5QbGVhc2UgdHJ5IGFnYWluLlwiXG4gIC8vIFRvIGF2b2lkIGFuIGVycm9yLCB3ZSBkbyBhcyByZXF1ZXN0ZWQgYW5kIHRyeSBhZ2Fpbi5cbiAgbGV0IHJldHJ5Q291bnQgPSBvcHRpb25zPy5tYXhSZXRyaWVzID09IHVuZGVmaW5lZCA/IDEwIDogb3B0aW9ucy5tYXhSZXRyaWVzO1xuICBjb25zdCBkZWxheSA9IG9wdGlvbnM/LnJldHJ5T3B0aW9ucz8uYmFzZSA9PSB1bmRlZmluZWQgPyAxMCA6IG9wdGlvbnMucmV0cnlPcHRpb25zLmJhc2U7XG4gIGRvIHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgY2xvdWR3YXRjaGxvZ3MgPSBuZXcgQVdTLkNsb3VkV2F0Y2hMb2dzKHsgYXBpVmVyc2lvbjogJzIwMTQtMDMtMjgnLCByZWdpb24sIC4uLm9wdGlvbnMgfSk7XG4gICAgICBhd2FpdCBjbG91ZHdhdGNobG9ncy5jcmVhdGVMb2dHcm91cCh7IGxvZ0dyb3VwTmFtZSB9KS5wcm9taXNlKCk7XG4gICAgICByZXR1cm47XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIGlmIChlcnJvci5jb2RlID09PSAnUmVzb3VyY2VBbHJlYWR5RXhpc3RzRXhjZXB0aW9uJykge1xuICAgICAgICAvLyBUaGUgbG9nIGdyb3VwIGlzIGFscmVhZHkgY3JlYXRlZCBieSB0aGUgbGFtYmRhIGV4ZWN1dGlvblxuICAgICAgICByZXR1cm47XG4gICAgICB9XG4gICAgICBpZiAoZXJyb3IuY29kZSA9PT0gJ09wZXJhdGlvbkFib3J0ZWRFeGNlcHRpb24nKSB7XG4gICAgICAgIGlmIChyZXRyeUNvdW50ID4gMCkge1xuICAgICAgICAgIHJldHJ5Q291bnQtLTtcbiAgICAgICAgICBhd2FpdCBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgZGVsYXkpKTtcbiAgICAgICAgICBjb250aW51ZTtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAvLyBUaGUgbG9nIGdyb3VwIGlzIHN0aWxsIGJlaW5nIGNyZWF0ZWQgYnkgYW5vdGhlciBleGVjdXRpb24gYnV0IHdlIGFyZSBvdXQgb2YgcmV0cmllc1xuICAgICAgICAgIHRocm93IG5ldyBFcnJvcignT3V0IG9mIGF0dGVtcHRzIHRvIGNyZWF0ZSBhIGxvZ0dyb3VwJyk7XG4gICAgICAgIH1cbiAgICAgIH1cbiAgICAgIHRocm93IGVycm9yO1xuICAgIH1cbiAgfSB3aGlsZSAodHJ1ZSk7IC8vIGV4aXQgaGFwcGVucyBvbiByZXRyeSBjb3VudCBjaGVja1xufVxuXG4vKipcbiAqIFB1dHMgb3IgZGVsZXRlcyBhIHJldGVudGlvbiBwb2xpY3kgb24gYSBsb2cgZ3JvdXAuXG4gKlxuICogQHBhcmFtIGxvZ0dyb3VwTmFtZSB0aGUgbmFtZSBvZiB0aGUgbG9nIGdyb3VwIHRvIGNyZWF0ZVxuICogQHBhcmFtIHJlZ2lvbiB0aGUgcmVnaW9uIG9mIHRoZSBsb2cgZ3JvdXBcbiAqIEBwYXJhbSBvcHRpb25zIENsb3VkV2F0Y2ggQVBJIFNESyBvcHRpb25zLlxuICogQHBhcmFtIHJldGVudGlvbkluRGF5cyB0aGUgbnVtYmVyIG9mIGRheXMgdG8gcmV0YWluIHRoZSBsb2cgZXZlbnRzIGluIHRoZSBzcGVjaWZpZWQgbG9nIGdyb3VwLlxuICovXG5hc3luYyBmdW5jdGlvbiBzZXRSZXRlbnRpb25Qb2xpY3kobG9nR3JvdXBOYW1lOiBzdHJpbmcsIHJlZ2lvbj86IHN0cmluZywgb3B0aW9ucz86IFNka1JldHJ5T3B0aW9ucywgcmV0ZW50aW9uSW5EYXlzPzogbnVtYmVyKSB7XG4gIC8vIFRoZSBzYW1lIGFzIGluIGNyZWF0ZUxvZ0dyb3VwU2FmZSgpLCBoZXJlIHdlIGNvdWxkIGVuZCB1cCB3aXRoIHRoZSByYWNlXG4gIC8vIGNvbmRpdGlvbiB3aGVyZSBhIGxvZyBncm91cCBpcyBlaXRoZXIgYWxyZWFkeSBiZWluZyBjcmVhdGVkIG9yIGl0cyByZXRlbnRpb25cbiAgLy8gcG9saWN5IGlzIGJlaW5nIHVwZGF0ZWQuIFRoaXMgd291bGQgcmVzdWx0IGluIGFuIE9wZXJhdGlvbkFib3J0ZWRFeGNlcHRpb24sXG4gIC8vIHdoaWNoIHdlIHdpbGwgdHJ5IHRvIGNhdGNoIGFuZCByZXRyeSB0aGUgY29tbWFuZCBhIG51bWJlciBvZiB0aW1lcyBiZWZvcmUgZmFpbGluZ1xuICBsZXQgcmV0cnlDb3VudCA9IG9wdGlvbnM/Lm1heFJldHJpZXMgPT0gdW5kZWZpbmVkID8gMTAgOiBvcHRpb25zLm1heFJldHJpZXM7XG4gIGNvbnN0IGRlbGF5ID0gb3B0aW9ucz8ucmV0cnlPcHRpb25zPy5iYXNlID09IHVuZGVmaW5lZCA/IDEwIDogb3B0aW9ucy5yZXRyeU9wdGlvbnMuYmFzZTtcbiAgZG8ge1xuICAgIHRyeSB7XG4gICAgICBjb25zdCBjbG91ZHdhdGNobG9ncyA9IG5ldyBBV1MuQ2xvdWRXYXRjaExvZ3MoeyBhcGlWZXJzaW9uOiAnMjAxNC0wMy0yOCcsIHJlZ2lvbiwgLi4ub3B0aW9ucyB9KTtcbiAgICAgIGlmICghcmV0ZW50aW9uSW5EYXlzKSB7XG4gICAgICAgIGF3YWl0IGNsb3Vkd2F0Y2hsb2dzLmRlbGV0ZVJldGVudGlvblBvbGljeSh7IGxvZ0dyb3VwTmFtZSB9KS5wcm9taXNlKCk7XG4gICAgICB9IGVsc2Uge1xuICAgICAgICBhd2FpdCBjbG91ZHdhdGNobG9ncy5wdXRSZXRlbnRpb25Qb2xpY3koeyBsb2dHcm91cE5hbWUsIHJldGVudGlvbkluRGF5cyB9KS5wcm9taXNlKCk7XG4gICAgICB9XG4gICAgICByZXR1cm47XG5cbiAgICB9IGNhdGNoIChlcnJvcikge1xuICAgICAgaWYgKGVycm9yLmNvZGUgPT09ICdPcGVyYXRpb25BYm9ydGVkRXhjZXB0aW9uJykge1xuICAgICAgICBpZiAocmV0cnlDb3VudCA+IDApIHtcbiAgICAgICAgICByZXRyeUNvdW50LS07XG4gICAgICAgICAgYXdhaXQgbmV3IFByb21pc2UocmVzb2x2ZSA9PiBzZXRUaW1lb3V0KHJlc29sdmUsIGRlbGF5KSk7XG4gICAgICAgICAgY29udGludWU7XG4gICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgLy8gVGhlIGxvZyBncm91cCBpcyBzdGlsbCBiZWluZyBjcmVhdGVkIGJ5IGFub3RoZXIgZXhlY3V0aW9uIGJ1dCB3ZSBhcmUgb3V0IG9mIHJldHJpZXNcbiAgICAgICAgICB0aHJvdyBuZXcgRXJyb3IoJ091dCBvZiBhdHRlbXB0cyB0byBjcmVhdGUgYSBsb2dHcm91cCcpO1xuICAgICAgICB9XG4gICAgICB9XG4gICAgICB0aHJvdyBlcnJvcjtcbiAgICB9XG4gIH0gd2hpbGUgKHRydWUpOyAvLyBleGl0IGhhcHBlbnMgb24gcmV0cnkgY291bnQgY2hlY2tcbn1cblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIHRyeSB7XG4gICAgY29uc29sZS5sb2coSlNPTi5zdHJpbmdpZnkoeyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH0pKTtcblxuICAgIC8vIFRoZSB0YXJnZXQgbG9nIGdyb3VwXG4gICAgY29uc3QgbG9nR3JvdXBOYW1lID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkxvZ0dyb3VwTmFtZTtcblxuICAgIC8vIFRoZSByZWdpb24gb2YgdGhlIHRhcmdldCBsb2cgZ3JvdXBcbiAgICBjb25zdCBsb2dHcm91cFJlZ2lvbiA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5Mb2dHcm91cFJlZ2lvbjtcblxuICAgIC8vIFBhcnNlIHRvIEFXUyBTREsgcmV0cnkgb3B0aW9uc1xuICAgIGNvbnN0IHJldHJ5T3B0aW9ucyA9IHBhcnNlUmV0cnlPcHRpb25zKGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5TZGtSZXRyeSk7XG5cbiAgICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnIHx8IGV2ZW50LlJlcXVlc3RUeXBlID09PSAnVXBkYXRlJykge1xuICAgICAgLy8gQWN0IG9uIHRoZSB0YXJnZXQgbG9nIGdyb3VwXG4gICAgICBhd2FpdCBjcmVhdGVMb2dHcm91cFNhZmUobG9nR3JvdXBOYW1lLCBsb2dHcm91cFJlZ2lvbiwgcmV0cnlPcHRpb25zKTtcbiAgICAgIGF3YWl0IHNldFJldGVudGlvblBvbGljeShsb2dHcm91cE5hbWUsIGxvZ0dyb3VwUmVnaW9uLCByZXRyeU9wdGlvbnMsIHBhcnNlSW50KGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5SZXRlbnRpb25JbkRheXMsIDEwKSk7XG5cbiAgICAgIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0NyZWF0ZScpIHtcbiAgICAgICAgLy8gU2V0IGEgcmV0ZW50aW9uIHBvbGljeSBvZiAxIGRheSBvbiB0aGUgbG9ncyBvZiB0aGlzIHZlcnkgZnVuY3Rpb24uXG4gICAgICAgIC8vIER1ZSB0byB0aGUgYXN5bmMgbmF0dXJlIG9mIHRoZSBsb2cgZ3JvdXAgY3JlYXRpb24sIHRoZSBsb2cgZ3JvdXAgZm9yIHRoaXMgZnVuY3Rpb24gbWlnaHRcbiAgICAgICAgLy8gc3RpbGwgYmUgbm90IGNyZWF0ZWQgeWV0IGF0IHRoaXMgcG9pbnQuIFRoZXJlZm9yZSB3ZSBhdHRlbXB0IHRvIGNyZWF0ZSBpdC5cbiAgICAgICAgLy8gSW4gY2FzZSBpdCBpcyBiZWluZyBjcmVhdGVkLCBjcmVhdGVMb2dHcm91cFNhZmUgd2lsbCBoYW5kbGUgdGhlIGNvbmZsaWN0LlxuICAgICAgICBjb25zdCByZWdpb24gPSBwcm9jZXNzLmVudi5BV1NfUkVHSU9OO1xuICAgICAgICBhd2FpdCBjcmVhdGVMb2dHcm91cFNhZmUoYC9hd3MvbGFtYmRhLyR7Y29udGV4dC5mdW5jdGlvbk5hbWV9YCwgcmVnaW9uLCByZXRyeU9wdGlvbnMpO1xuICAgICAgICAvLyBJZiBjcmVhdGVMb2dHcm91cFNhZmUgZmFpbHMsIHRoZSBsb2cgZ3JvdXAgaXMgbm90IGNyZWF0ZWQgZXZlbiBhZnRlciBtdWx0aXBsZSBhdHRlbXB0cy5cbiAgICAgICAgLy8gSW4gdGhpcyBjYXNlIHdlIGhhdmUgbm90aGluZyB0byBzZXQgdGhlIHJldGVudGlvbiBwb2xpY3kgb24gYnV0IGFuIGV4Y2VwdGlvbiB3aWxsIHNraXBcbiAgICAgICAgLy8gdGhlIG5leHQgbGluZS5cbiAgICAgICAgYXdhaXQgc2V0UmV0ZW50aW9uUG9saWN5KGAvYXdzL2xhbWJkYS8ke2NvbnRleHQuZnVuY3Rpb25OYW1lfWAsIHJlZ2lvbiwgcmV0cnlPcHRpb25zLCAxKTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICBhd2FpdCByZXNwb25kKCdTVUNDRVNTJywgJ09LJywgbG9nR3JvdXBOYW1lKTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGNvbnNvbGUubG9nKGUpO1xuXG4gICAgYXdhaXQgcmVzcG9uZCgnRkFJTEVEJywgZS5tZXNzYWdlLCBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuTG9nR3JvdXBOYW1lKTtcbiAgfVxuXG4gIGZ1bmN0aW9uIHJlc3BvbmQocmVzcG9uc2VTdGF0dXM6IHN0cmluZywgcmVhc29uOiBzdHJpbmcsIHBoeXNpY2FsUmVzb3VyY2VJZDogc3RyaW5nKSB7XG4gICAgY29uc3QgcmVzcG9uc2VCb2R5ID0gSlNPTi5zdHJpbmdpZnkoe1xuICAgICAgU3RhdHVzOiByZXNwb25zZVN0YXR1cyxcbiAgICAgIFJlYXNvbjogcmVhc29uLFxuICAgICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbFJlc291cmNlSWQsXG4gICAgICBTdGFja0lkOiBldmVudC5TdGFja0lkLFxuICAgICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgICBEYXRhOiB7XG4gICAgICAgIC8vIEFkZCBsb2cgZ3JvdXAgbmFtZSBhcyBwYXJ0IG9mIHRoZSByZXNwb25zZSBzbyB0aGF0IGl0J3MgYXZhaWxhYmxlIHZpYSBGbjo6R2V0QXR0XG4gICAgICAgIExvZ0dyb3VwTmFtZTogZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkxvZ0dyb3VwTmFtZSxcbiAgICAgIH0sXG4gICAgfSk7XG5cbiAgICBjb25zb2xlLmxvZygnUmVzcG9uZGluZycsIHJlc3BvbnNlQm9keSk7XG5cbiAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgIGNvbnN0IHBhcnNlZFVybCA9IHJlcXVpcmUoJ3VybCcpLnBhcnNlKGV2ZW50LlJlc3BvbnNlVVJMKTtcbiAgICBjb25zdCByZXF1ZXN0T3B0aW9ucyA9IHtcbiAgICAgIGhvc3RuYW1lOiBwYXJzZWRVcmwuaG9zdG5hbWUsXG4gICAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgICBoZWFkZXJzOiB7ICdjb250ZW50LXR5cGUnOiAnJywgJ2NvbnRlbnQtbGVuZ3RoJzogcmVzcG9uc2VCb2R5Lmxlbmd0aCB9LFxuICAgIH07XG5cbiAgICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgICAgdHJ5IHtcbiAgICAgICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICAgICAgY29uc3QgcmVxdWVzdCA9IHJlcXVpcmUoJ2h0dHBzJykucmVxdWVzdChyZXF1ZXN0T3B0aW9ucywgcmVzb2x2ZSk7XG4gICAgICAgIHJlcXVlc3Qub24oJ2Vycm9yJywgcmVqZWN0KTtcbiAgICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgICByZXF1ZXN0LmVuZCgpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICByZWplY3QoZSk7XG4gICAgICB9XG4gICAgfSk7XG4gIH1cblxuICBmdW5jdGlvbiBwYXJzZVJldHJ5T3B0aW9ucyhyYXdPcHRpb25zOiBhbnkpOiBTZGtSZXRyeU9wdGlvbnMge1xuICAgIGNvbnN0IHJldHJ5T3B0aW9uczogU2RrUmV0cnlPcHRpb25zID0ge307XG4gICAgaWYgKHJhd09wdGlvbnMpIHtcbiAgICAgIGlmIChyYXdPcHRpb25zLm1heFJldHJpZXMpIHtcbiAgICAgICAgcmV0cnlPcHRpb25zLm1heFJldHJpZXMgPSBwYXJzZUludChyYXdPcHRpb25zLm1heFJldHJpZXMsIDEwKTtcbiAgICAgIH1cbiAgICAgIGlmIChyYXdPcHRpb25zLmJhc2UpIHtcbiAgICAgICAgcmV0cnlPcHRpb25zLnJldHJ5T3B0aW9ucyA9IHtcbiAgICAgICAgICBiYXNlOiBwYXJzZUludChyYXdPcHRpb25zLmJhc2UsIDEwKSxcbiAgICAgICAgfTtcbiAgICAgIH1cbiAgICB9XG4gICAgcmV0dXJuIHJldHJ5T3B0aW9ucztcbiAgfVxufVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.ts b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.ts new file mode 100644 index 0000000000000..b78be3cb5c1ec --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/index.ts @@ -0,0 +1,186 @@ +/* eslint-disable no-console */ + +// eslint-disable-next-line import/no-extraneous-dependencies +import * as AWS from 'aws-sdk'; +// eslint-disable-next-line import/no-extraneous-dependencies +import type { RetryDelayOptions } from 'aws-sdk/lib/config-base'; + +interface SdkRetryOptions { + maxRetries?: number; + retryOptions?: RetryDelayOptions; +} + +/** + * Creates a log group and doesn't throw if it exists. + * + * @param logGroupName the name of the log group to create. + * @param region to create the log group in + * @param options CloudWatch API SDK options. + */ +async function createLogGroupSafe(logGroupName: string, region?: string, options?: SdkRetryOptions) { + // If we set the log retention for a lambda, then due to the async nature of + // Lambda logging there could be a race condition when the same log group is + // already being created by the lambda execution. This can sometime result in + // an error "OperationAbortedException: A conflicting operation is currently + // in progress...Please try again." + // To avoid an error, we do as requested and try again. + let retryCount = options?.maxRetries == undefined ? 10 : options.maxRetries; + const delay = options?.retryOptions?.base == undefined ? 10 : options.retryOptions.base; + do { + try { + const cloudwatchlogs = new AWS.CloudWatchLogs({ apiVersion: '2014-03-28', region, ...options }); + await cloudwatchlogs.createLogGroup({ logGroupName }).promise(); + return; + } catch (error) { + if (error.code === 'ResourceAlreadyExistsException') { + // The log group is already created by the lambda execution + return; + } + if (error.code === 'OperationAbortedException') { + if (retryCount > 0) { + retryCount--; + await new Promise(resolve => setTimeout(resolve, delay)); + continue; + } else { + // The log group is still being created by another execution but we are out of retries + throw new Error('Out of attempts to create a logGroup'); + } + } + throw error; + } + } while (true); // exit happens on retry count check +} + +/** + * Puts or deletes a retention policy on a log group. + * + * @param logGroupName the name of the log group to create + * @param region the region of the log group + * @param options CloudWatch API SDK options. + * @param retentionInDays the number of days to retain the log events in the specified log group. + */ +async function setRetentionPolicy(logGroupName: string, region?: string, options?: SdkRetryOptions, retentionInDays?: number) { + // The same as in createLogGroupSafe(), here we could end up with the race + // condition where a log group is either already being created or its retention + // policy is being updated. This would result in an OperationAbortedException, + // which we will try to catch and retry the command a number of times before failing + let retryCount = options?.maxRetries == undefined ? 10 : options.maxRetries; + const delay = options?.retryOptions?.base == undefined ? 10 : options.retryOptions.base; + do { + try { + const cloudwatchlogs = new AWS.CloudWatchLogs({ apiVersion: '2014-03-28', region, ...options }); + if (!retentionInDays) { + await cloudwatchlogs.deleteRetentionPolicy({ logGroupName }).promise(); + } else { + await cloudwatchlogs.putRetentionPolicy({ logGroupName, retentionInDays }).promise(); + } + return; + + } catch (error) { + if (error.code === 'OperationAbortedException') { + if (retryCount > 0) { + retryCount--; + await new Promise(resolve => setTimeout(resolve, delay)); + continue; + } else { + // The log group is still being created by another execution but we are out of retries + throw new Error('Out of attempts to create a logGroup'); + } + } + throw error; + } + } while (true); // exit happens on retry count check +} + +export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent, context: AWSLambda.Context) { + try { + console.log(JSON.stringify({ ...event, ResponseURL: '...' })); + + // The target log group + const logGroupName = event.ResourceProperties.LogGroupName; + + // The region of the target log group + const logGroupRegion = event.ResourceProperties.LogGroupRegion; + + // Parse to AWS SDK retry options + const retryOptions = parseRetryOptions(event.ResourceProperties.SdkRetry); + + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + // Act on the target log group + await createLogGroupSafe(logGroupName, logGroupRegion, retryOptions); + await setRetentionPolicy(logGroupName, logGroupRegion, retryOptions, parseInt(event.ResourceProperties.RetentionInDays, 10)); + + if (event.RequestType === 'Create') { + // Set a retention policy of 1 day on the logs of this very function. + // Due to the async nature of the log group creation, the log group for this function might + // still be not created yet at this point. Therefore we attempt to create it. + // In case it is being created, createLogGroupSafe will handle the conflict. + const region = process.env.AWS_REGION; + await createLogGroupSafe(`/aws/lambda/${context.functionName}`, region, retryOptions); + // If createLogGroupSafe fails, the log group is not created even after multiple attempts. + // In this case we have nothing to set the retention policy on but an exception will skip + // the next line. + await setRetentionPolicy(`/aws/lambda/${context.functionName}`, region, retryOptions, 1); + } + } + + await respond('SUCCESS', 'OK', logGroupName); + } catch (e) { + console.log(e); + + await respond('FAILED', e.message, event.ResourceProperties.LogGroupName); + } + + function respond(responseStatus: string, reason: string, physicalResourceId: string) { + const responseBody = JSON.stringify({ + Status: responseStatus, + Reason: reason, + PhysicalResourceId: physicalResourceId, + StackId: event.StackId, + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + Data: { + // Add log group name as part of the response so that it's available via Fn::GetAtt + LogGroupName: event.ResourceProperties.LogGroupName, + }, + }); + + console.log('Responding', responseBody); + + // eslint-disable-next-line @typescript-eslint/no-require-imports + const parsedUrl = require('url').parse(event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + + return new Promise((resolve, reject) => { + try { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const request = require('https').request(requestOptions, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } catch (e) { + reject(e); + } + }); + } + + function parseRetryOptions(rawOptions: any): SdkRetryOptions { + const retryOptions: SdkRetryOptions = {}; + if (rawOptions) { + if (rawOptions.maxRetries) { + retryOptions.maxRetries = parseInt(rawOptions.maxRetries, 10); + } + if (rawOptions.base) { + retryOptions.retryOptions = { + base: parseInt(rawOptions.base, 10), + }; + } + } + return retryOptions; + } +} diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/integ.json b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/integ.json new file mode 100644 index 0000000000000..2e53939a47b06 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "AppSyncIntegLogRetention" + ], + "assertionStack": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..f5d5110397c91 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/manifest.json @@ -0,0 +1,184 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "AppSyncIntegLogRetention": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AppSyncIntegLogRetention.template.json", + "validateOnSynth": false + }, + "metadata": { + "/AppSyncIntegLogRetention": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a", + "id": "c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a", + "packaging": "zip", + "sourceHash": "c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a", + "s3BucketParameter": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3BucketB4787383", + "s3KeyParameter": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3VersionKey8CF8E820", + "artifactHashParameter": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aArtifactHashC9560B34" + } + } + ], + "/AppSyncIntegLogRetention/GraphqlApi/ApiLogsRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "GraphqlApiApiLogsRoleBB9E6BAD" + } + ], + "/AppSyncIntegLogRetention/GraphqlApi/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "GraphqlApi1B6CF24C" + } + ], + "/AppSyncIntegLogRetention/GraphqlApi/Schema": [ + { + "type": "aws:cdk:logicalId", + "data": "GraphqlApiSchema1B71CE4F" + } + ], + "/AppSyncIntegLogRetention/GraphqlApi/DefaultApiKey": [ + { + "type": "aws:cdk:logicalId", + "data": "GraphqlApiDefaultApiKey47EE7128" + } + ], + "/AppSyncIntegLogRetention/GraphqlApi/LogRetention/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "GraphqlApiLogRetention082A7017" + } + ], + "/AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" + } + ], + "/AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB" + } + ], + "/AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A" + } + ], + "/AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3BucketB4787383" + } + ], + "/AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aS3VersionKey8CF8E820" + } + ], + "/AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersc70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13aArtifactHashC9560B34" + } + ], + "/AppSyncIntegLogRetention/Exports/Output{\"Fn::GetAtt\":[\"GraphqlApi1B6CF24C\",\"ApiId\"]}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputFnGetAttGraphqlApi1B6CF24CApiIdE34D50AD" + } + ] + }, + "displayName": "AppSyncIntegLogRetention" + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false + }, + "dependencies": [ + "AppSyncIntegLogRetention" + ], + "metadata": { + "/Integ/DefaultTest/DeployAssert": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd.bundle", + "id": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "packaging": "zip", + "sourceHash": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "s3BucketParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7", + "s3KeyParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E", + "artifactHashParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9" + } + } + ], + "/Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "AwsApiCallCloudWatchLogsdescribeLogGroups" + } + ], + "/Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "AwsApiCallCloudWatchLogsdescribeLogGroupsAssertEqualsCloudWatchLogsdescribeLogGroupsD2E2CD37" + } + ], + "/Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/AssertionResults": [ + { + "type": "aws:cdk:logicalId", + "data": "AssertionResultsAssertEqualsCloudWatchLogsdescribeLogGroups" + } + ], + "/Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73" + } + ], + "/Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F" + } + ], + "/Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7" + } + ], + "/Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ], + "/Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9" + } + ] + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/tree.json b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/tree.json new file mode 100644 index 0000000000000..cd73d74dee554 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/log-retention.integ.snapshot/tree.json @@ -0,0 +1,592 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "AppSyncIntegLogRetention": { + "id": "AppSyncIntegLogRetention", + "path": "AppSyncIntegLogRetention", + "children": { + "GraphqlApi": { + "id": "GraphqlApi", + "path": "AppSyncIntegLogRetention/GraphqlApi", + "children": { + "ApiLogsRole": { + "id": "ApiLogsRole", + "path": "AppSyncIntegLogRetention/GraphqlApi/ApiLogsRole", + "children": { + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/GraphqlApi/ApiLogsRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appsync.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/GraphqlApi/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLApi", + "aws:cdk:cloudformation:props": { + "authenticationType": "API_KEY", + "name": "IntegLogRetention", + "logConfig": { + "cloudWatchLogsRoleArn": { + "Fn::GetAtt": [ + "GraphqlApiApiLogsRoleBB9E6BAD", + "Arn" + ] + }, + "fieldLogLevel": "NONE" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLApi", + "version": "0.0.0" + } + }, + "Schema": { + "id": "Schema", + "path": "AppSyncIntegLogRetention/GraphqlApi/Schema", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLSchema", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + }, + "definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLSchema", + "version": "0.0.0" + } + }, + "DefaultApiKey": { + "id": "DefaultApiKey", + "path": "AppSyncIntegLogRetention/GraphqlApi/DefaultApiKey", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::ApiKey", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "GraphqlApi1B6CF24C", + "ApiId" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnApiKey", + "version": "0.0.0" + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "AppSyncIntegLogRetention/GraphqlApi/LogGroup", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "LogRetention": { + "id": "LogRetention", + "path": "AppSyncIntegLogRetention/GraphqlApi/LogRetention", + "children": { + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/GraphqlApi/LogRetention/Resource", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogRetention", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.GraphqlApi", + "version": "0.0.0" + } + }, + "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a": { + "id": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a", + "children": { + "Code": { + "id": "Code", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "ServiceRole": { + "id": "ServiceRole", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:DeleteRetentionPolicy", + "logs:PutRetentionPolicy" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", + "roles": [ + { + "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "AppSyncIntegLogRetention/LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8a/Resource", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "AppSyncIntegLogRetention/AssetParameters", + "children": { + "c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a": { + "id": "c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a", + "path": "AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "AppSyncIntegLogRetention/AssetParameters/c70c1d1695771af4771fd98971e16bb3e6443c62c2994b002b2c3d76e707b13a/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "Exports": { + "id": "Exports", + "path": "AppSyncIntegLogRetention/Exports", + "children": { + "Output{\"Fn::GetAtt\":[\"GraphqlApi1B6CF24C\",\"ApiId\"]}": { + "id": "Output{\"Fn::GetAtt\":[\"GraphqlApi1B6CF24C\",\"ApiId\"]}", + "path": "AppSyncIntegLogRetention/Exports/Output{\"Fn::GetAtt\":[\"GraphqlApi1B6CF24C\",\"ApiId\"]}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "children": { + "AwsApiCallCloudWatchLogsdescribeLogGroups": { + "id": "AwsApiCallCloudWatchLogsdescribeLogGroups", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups", + "children": { + "SdkProvider": { + "id": "SdkProvider", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/SdkProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/SdkProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/Default", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/Default/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, + "AssertEqualsCloudWatchLogsdescribeLogGroups": { + "id": "AssertEqualsCloudWatchLogsdescribeLogGroups", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups", + "children": { + "AssertionProvider": { + "id": "AssertionProvider", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/AssertionProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/AssertionProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/Default", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/Default/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, + "AssertionResults": { + "id": "AssertionResults", + "path": "Integ/DefaultTest/DeployAssert/AwsApiCallCloudWatchLogsdescribeLogGroups/AssertEqualsCloudWatchLogsdescribeLogGroups/AssertionResults", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.EqualsAssertion", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AwsApiCall", + "version": "0.0.0" + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81": { + "id": "SingletonFunction1488541a7b23466481b69b4408076b81", + "path": "Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", + "children": { + "Staging": { + "id": "Staging", + "path": "Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "Integ/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "Integ/DefaultTest/DeployAssert/AssetParameters", + "children": { + "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd": { + "id": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "path": "Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "Integ/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts index d3939f6a3971c..3a5061fc0ff58 100644 --- a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts +++ b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts @@ -119,10 +119,10 @@ export interface CommonAutoScalingGroupProps { * This is applied when any of the settings on the ASG are changed that * affect how the instances should be created (VPC, instance type, startup * scripts, etc.). It indicates how the existing instances should be - * replaced with new instances matching the new config. By default, nothing - * is done and only new instances are launched with the new config. + * replaced with new instances matching the new config. By default, + * `updatePolicy` takes precedence over `updateType`. * - * @default UpdateType.None + * @default UpdateType.REPLACING_UPDATE, unless updatePolicy has been set * @deprecated Use `updatePolicy` instead */ readonly updateType?: UpdateType; diff --git a/packages/@aws-cdk/aws-autoscaling/test/asg-lt.integ.snapshot/aws-cdk-asg-integ.template.json b/packages/@aws-cdk/aws-autoscaling/test/asg-lt.integ.snapshot/aws-cdk-asg-integ.template.json index fa29f0359ac7f..127c588e7aee2 100644 --- a/packages/@aws-cdk/aws-autoscaling/test/asg-lt.integ.snapshot/aws-cdk-asg-integ.template.json +++ b/packages/@aws-cdk/aws-autoscaling/test/asg-lt.integ.snapshot/aws-cdk-asg-integ.template.json @@ -28,7 +28,18 @@ ] } ] - } + }, + "TagSpecifications": [ + { + "ResourceType": "launch-template", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-asg-integ/MainLT" + } + ] + } + ] } }, "T4gLT8FF7D308": { @@ -59,7 +70,18 @@ ] } ] - } + }, + "TagSpecifications": [ + { + "ResourceType": "launch-template", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-asg-integ/T4gLT" + } + ] + } + ] } }, "VPCB9E5F0B4": { diff --git a/packages/@aws-cdk/aws-batch/README.md b/packages/@aws-cdk/aws-batch/README.md index 02252a8cc6625..8c06ad6e7b623 100644 --- a/packages/@aws-cdk/aws-batch/README.md +++ b/packages/@aws-cdk/aws-batch/README.md @@ -74,6 +74,22 @@ const spotEnvironment = new batch.ComputeEnvironment(this, 'MySpotEnvironment', }); ``` +### Compute Environments and Security Groups + +Compute Environments implement the `IConnectable` interface, which means you can use +connections on other CDK resources to manipulate the security groups and allow access. + +For example, allowing a Compute Environment to access an EFS filesystem: + +```ts +import * as efs from '@aws-cdk/aws-efs'; + +declare const fileSystem: efs.FileSystem; +declare const computeEnvironment: batch.ComputeEnvironment; + +fileSystem.connections.allowDefaultPortFrom(computeEnvironment); +``` + ### Fargate Compute Environment It is possible to have AWS Batch submit jobs to be run on Fargate compute resources. Below is an example of how this can be done: diff --git a/packages/@aws-cdk/aws-batch/lib/compute-environment.ts b/packages/@aws-cdk/aws-batch/lib/compute-environment.ts index 7038923c0eae9..5e3b954bef541 100644 --- a/packages/@aws-cdk/aws-batch/lib/compute-environment.ts +++ b/packages/@aws-cdk/aws-batch/lib/compute-environment.ts @@ -323,7 +323,7 @@ export interface IComputeEnvironment extends IResource { * * Defines a batch compute environment to run batch jobs on. */ -export class ComputeEnvironment extends Resource implements IComputeEnvironment { +export class ComputeEnvironment extends Resource implements IComputeEnvironment, ec2.IConnectable { /** * Fetches an existing batch compute environment by its amazon resource name. * @@ -357,6 +357,11 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment */ public readonly computeEnvironmentName: string; + /** + * Connections for this compute environment. + */ + public readonly connections: ec2.Connections; + constructor(scope: Construct, id: string, props: ComputeEnvironmentProps = { enabled: true, managed: true }) { super(scope, id, { physicalName: props.computeEnvironmentName, @@ -370,8 +375,11 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment const spotFleetRole = this.getSpotFleetRole(props); let computeResources: CfnComputeEnvironment.ComputeResourcesProperty | undefined; + this.connections = this.buildConnections(props.computeResources?.vpc, props.computeResources?.securityGroups); + // Only allow compute resources to be set when using MANAGED type if (props.computeResources && this.isManaged(props)) { + computeResources = { bidPercentage: props.computeResources.bidPercentage, desiredvCpus: props.computeResources.desiredvCpus, @@ -380,7 +388,7 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment launchTemplate: props.computeResources.launchTemplate, maxvCpus: props.computeResources.maxvCpus || 256, placementGroup: props.computeResources.placementGroup, - securityGroupIds: this.buildSecurityGroupIds(props.computeResources.vpc, props.computeResources.securityGroups), + securityGroupIds: this.getSecurityGroupIds(), spotIamFleetRole: spotFleetRole?.roleArn, subnets: props.computeResources.vpc.selectSubnets(props.computeResources.vpcSubnets).subnetIds, tags: props.computeResources.computeResourcesTags, @@ -576,14 +584,29 @@ export class ComputeEnvironment extends Resource implements IComputeEnvironment return instanceTypes.map((type: ec2.InstanceType) => type.toString()); } - private buildSecurityGroupIds(vpc: ec2.IVpc, securityGroups?: ec2.ISecurityGroup[]): string[] | undefined { + private buildConnections(vpc?: ec2.IVpc, securityGroups?:ec2.ISecurityGroup[]): ec2.Connections { + + if (vpc === undefined) { + return new ec2.Connections({}); + } + if (securityGroups === undefined) { - return [ - new ec2.SecurityGroup(this, 'Resource-Security-Group', { vpc }).securityGroupId, - ]; + return new ec2.Connections({ + securityGroups: [ + new ec2.SecurityGroup(this, 'Resource-Security-Group', { vpc }), + ], + }); + } + + return new ec2.Connections({ securityGroups }); + }; + + private getSecurityGroupIds(): string[] | undefined { + if (this.connections === undefined) { + return undefined; } - return securityGroups.map((group: ec2.ISecurityGroup) => group.securityGroupId); + return this.connections.securityGroups.map((group: ec2.ISecurityGroup) => group.securityGroupId); } /** diff --git a/packages/@aws-cdk/aws-batch/package.json b/packages/@aws-cdk/aws-batch/package.json index 40bf13643c57c..2ca9c3ded5de6 100644 --- a/packages/@aws-cdk/aws-batch/package.json +++ b/packages/@aws-cdk/aws-batch/package.json @@ -93,6 +93,7 @@ "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecs": "0.0.0", + "@aws-cdk/aws-efs": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", @@ -104,6 +105,7 @@ "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecs": "0.0.0", + "@aws-cdk/aws-efs": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/BatchWithEFSTestDefaultTestDeployAssert0F887B55.template.json b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/BatchWithEFSTestDefaultTestDeployAssert0F887B55.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/BatchWithEFSTestDefaultTestDeployAssert0F887B55.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/batch-stack.template.json b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/batch-stack.template.json new file mode 100644 index 0000000000000..51e692acede35 --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/batch-stack.template.json @@ -0,0 +1,2121 @@ +{ + "Resources": { + "vpcA2121C38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc" + } + ] + } + }, + "vpcPublicSubnet1Subnet2E65531E": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "vpcPublicSubnet1RouteTable48A2DF9B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "vpcPublicSubnet1RouteTableAssociation5D3F4579": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" + }, + "SubnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + } + } + }, + "vpcPublicSubnet1DefaultRoute10708846": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + }, + "DependsOn": [ + "vpcVPCGW7984C166" + ] + }, + "vpcPublicSubnet1EIPDA49DCBE": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "vpcPublicSubnet1NATGateway9C16659E": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + }, + "AllocationId": { + "Fn::GetAtt": [ + "vpcPublicSubnet1EIPDA49DCBE", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "vpcPublicSubnet2Subnet009B674F": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "vpcPublicSubnet2RouteTableEB40D4CB": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "vpcPublicSubnet2RouteTableAssociation21F81B59": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" + }, + "SubnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + } + } + }, + "vpcPublicSubnet2DefaultRouteA1EC0F60": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + }, + "DependsOn": [ + "vpcVPCGW7984C166" + ] + }, + "vpcPublicSubnet2EIP9B3743B1": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "vpcPublicSubnet2NATGateway9B8AE11A": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + }, + "AllocationId": { + "Fn::GetAtt": [ + "vpcPublicSubnet2EIP9B3743B1", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "vpcPrivateSubnet1Subnet934893E8": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "batch-stack/vpc/PrivateSubnet1" + } + ] + } + }, + "vpcPrivateSubnet1RouteTableB41A48CC": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PrivateSubnet1" + } + ] + } + }, + "vpcPrivateSubnet1RouteTableAssociation67945127": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" + }, + "SubnetId": { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + } + } + }, + "vpcPrivateSubnet1DefaultRoute1AA8E2E5": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "vpcPublicSubnet1NATGateway9C16659E" + } + } + }, + "vpcPrivateSubnet2Subnet7031C2BA": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "batch-stack/vpc/PrivateSubnet2" + } + ] + } + }, + "vpcPrivateSubnet2RouteTable7280F23E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc/PrivateSubnet2" + } + ] + } + }, + "vpcPrivateSubnet2RouteTableAssociation007E94D3": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" + }, + "SubnetId": { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + } + }, + "vpcPrivateSubnet2DefaultRouteB0E07F99": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "vpcPublicSubnet2NATGateway9B8AE11A" + } + } + }, + "vpcIGWE57CBDCA": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/vpc" + } + ] + } + }, + "vpcVPCGW7984C166": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "vpcA2121C38" + }, + "InternetGatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + } + }, + "EFSF3301CFD": { + "Type": "AWS::EFS::FileSystem", + "Properties": { + "Encrypted": true, + "FileSystemTags": [ + { + "Key": "Name", + "Value": "batch-stack/EFS" + } + ], + "PerformanceMode": "generalPurpose" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "EFSEfsSecurityGroup56F189CE": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/EFS/EfsSecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "batch-stack/EFS" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "EFSEfsSecurityGroupfrombatchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D1298652049B175033E": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049", + "FromPort": 2049, + "GroupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84", + "GroupId" + ] + }, + "ToPort": 2049 + } + }, + "EFSEfsSecurityGroupfrombatchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD2049CEAD960B": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049", + "FromPort": 2049, + "GroupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceSecurityGroup07B09BF9", + "GroupId" + ] + }, + "ToPort": 2049 + } + }, + "EFSEfsSecurityGroupfrombatchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424204916919BCC": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049", + "FromPort": 2049, + "GroupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5", + "GroupId" + ] + }, + "ToPort": 2049 + } + }, + "EFSEfsSecurityGroupfrombatchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C2049F5D69397": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049", + "FromPort": 2049, + "GroupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceSecurityGroupE2963776", + "GroupId" + ] + }, + "ToPort": 2049 + } + }, + "EFSEfsSecurityGroupfrombatchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C12049304E0F7C": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049", + "FromPort": 2049, + "GroupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceSecurityGroup923D2390", + "GroupId" + ] + }, + "ToPort": 2049 + } + }, + "EFSEfsMountTarget1674E914B": { + "Type": "AWS::EFS::MountTarget", + "Properties": { + "FileSystemId": { + "Ref": "EFSF3301CFD" + }, + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + } + ], + "SubnetId": { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + } + } + }, + "EFSEfsMountTarget2A889DFBF": { + "Type": "AWS::EFS::MountTarget", + "Properties": { + "FileSystemId": { + "Ref": "EFSF3301CFD" + }, + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + } + ], + "SubnetId": { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + } + }, + "EFSAccessPointA847C4A5": { + "Type": "AWS::EFS::AccessPoint", + "Properties": { + "FileSystemId": { + "Ref": "EFSF3301CFD" + }, + "PosixUser": { + "Gid": "1000", + "Uid": "1000" + }, + "RootDirectory": { + "CreationInfo": { + "OwnerGid": "1000", + "OwnerUid": "1000", + "Permissions": "750" + } + } + } + }, + "DefaultJobRole72A01394": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "DefaultJobRoleDefaultPolicyDA586FA5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "elasticfilesystem:ClientRead", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EFSF3301CFD", + "Arn" + ] + } + }, + { + "Action": [ + "ecr:BatchCheckLayerAvailability", + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + }, + { + "Action": "ecr:GetAuthorizationToken", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "DefaultJobRoleDefaultPolicyDA586FA5", + "Roles": [ + { + "Ref": "DefaultJobRole72A01394" + } + ] + } + }, + "ec2launchtemplate": { + "Type": "AWS::EC2::LaunchTemplate", + "Properties": { + "LaunchTemplateData": { + "BlockDeviceMappings": [ + { + "DeviceName": "/dev/xvdcz", + "Ebs": { + "Encrypted": true, + "VolumeSize": 100, + "VolumeType": "gp2" + } + } + ] + }, + "LaunchTemplateName": "EC2LaunchTemplate" + } + }, + "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/batch-demand-compute-env-launch-template/Resource-Security-Group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplateEcsInstanceRole24D4E799": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplateInstanceProfile2DEC3A97": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "batchdemandcomputeenvlaunchtemplateEcsInstanceRole24D4E799" + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplateResourceServiceInstanceRole76AD99CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplateF8A5B233": { + "Type": "AWS::Batch::ComputeEnvironment", + "Properties": { + "Type": "MANAGED", + "ComputeResources": { + "AllocationStrategy": "BEST_FIT", + "InstanceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateInstanceProfile2DEC3A97", + "Arn" + ] + }, + "InstanceTypes": [ + "optimal" + ], + "LaunchTemplate": { + "LaunchTemplateName": "EC2LaunchTemplate" + }, + "MaxvCpus": 256, + "MinvCpus": 0, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "Tags": { + "compute-env-tag": "123XYZ" + }, + "Type": "EC2" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceServiceInstanceRole76AD99CC", + "Arn" + ] + }, + "State": "ENABLED" + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchspotcomputeenvResourceSecurityGroup07B09BF9": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/batch-spot-compute-env/Resource-Security-Group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchspotcomputeenvEcsInstanceRoleE976826B": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchspotcomputeenvInstanceProfileFA613AC2": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "batchspotcomputeenvEcsInstanceRoleE976826B" + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchspotcomputeenvResourceServiceInstanceRole8B0DF5A7": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchspotcomputeenv2CE4DFD9": { + "Type": "AWS::Batch::ComputeEnvironment", + "Properties": { + "Type": "MANAGED", + "ComputeResources": { + "AllocationStrategy": "SPOT_CAPACITY_OPTIMIZED", + "BidPercentage": 80, + "InstanceRole": { + "Fn::GetAtt": [ + "batchspotcomputeenvInstanceProfileFA613AC2", + "Arn" + ] + }, + "InstanceTypes": [ + "optimal" + ], + "MaxvCpus": 256, + "MinvCpus": 0, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceSecurityGroup07B09BF9", + "GroupId" + ] + } + ], + "SpotIamFleetRole": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet" + ] + ] + }, + "Subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "Type": "SPOT" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceServiceInstanceRole8B0DF5A7", + "Arn" + ] + }, + "State": "ENABLED" + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Security-Group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplate2EcsInstanceRoleEE146754": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplate2InstanceProfileC5A36CBC": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "batchdemandcomputeenvlaunchtemplate2EcsInstanceRoleEE146754" + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplate2ResourceServiceInstanceRole41CADAC1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchdemandcomputeenvlaunchtemplate2E12D5CBC": { + "Type": "AWS::Batch::ComputeEnvironment", + "Properties": { + "Type": "MANAGED", + "ComputeResources": { + "AllocationStrategy": "BEST_FIT", + "InstanceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2InstanceProfileC5A36CBC", + "Arn" + ] + }, + "InstanceTypes": [ + "optimal" + ], + "LaunchTemplate": { + "LaunchTemplateId": { + "Ref": "ec2launchtemplate" + } + }, + "MaxvCpus": 256, + "MinvCpus": 0, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "Tags": { + "compute-env-tag": "123XYZ" + }, + "Type": "EC2" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceServiceInstanceRole41CADAC1", + "Arn" + ] + }, + "State": "ENABLED" + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchjobqueueE3C528F2": { + "Type": "AWS::Batch::JobQueue", + "Properties": { + "ComputeEnvironmentOrder": [ + { + "ComputeEnvironment": { + "Ref": "batchdemandcomputeenvlaunchtemplateF8A5B233" + }, + "Order": 2 + }, + { + "ComputeEnvironment": { + "Ref": "batchspotcomputeenv2CE4DFD9" + }, + "Order": 3 + }, + { + "ComputeEnvironment": { + "Ref": "batchdemandcomputeenvlaunchtemplate2E12D5CBC" + }, + "Order": 4 + } + ], + "Priority": 1, + "State": "ENABLED" + } + }, + "batchfargatecomputeenvResourceSecurityGroupE2963776": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/batch-fargate-compute-env/Resource-Security-Group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchfargatecomputeenvResourceServiceInstanceRole94D7AA5F": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchfargatecomputeenvE9C3FCA4": { + "Type": "AWS::Batch::ComputeEnvironment", + "Properties": { + "Type": "MANAGED", + "ComputeResources": { + "MaxvCpus": 256, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceSecurityGroupE2963776", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "Type": "FARGATE" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceServiceInstanceRole94D7AA5F", + "Arn" + ] + }, + "State": "ENABLED" + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchfargatespotcomputeenvResourceSecurityGroup923D2390": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "batch-stack/batch-fargate-spot-compute-env/Resource-Security-Group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "vpcA2121C38" + } + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchfargatespotcomputeenvResourceServiceInstanceRole6462BFB0": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchfargatespotcomputeenv374749B0": { + "Type": "AWS::Batch::ComputeEnvironment", + "Properties": { + "Type": "MANAGED", + "ComputeResources": { + "MaxvCpus": 256, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceSecurityGroup923D2390", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "Type": "FARGATE_SPOT" + }, + "ServiceRole": { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceServiceInstanceRole6462BFB0", + "Arn" + ] + }, + "State": "ENABLED" + }, + "DependsOn": [ + "vpcIGWE57CBDCA", + "vpcPrivateSubnet1DefaultRoute1AA8E2E5", + "vpcPrivateSubnet1RouteTableB41A48CC", + "vpcPrivateSubnet1RouteTableAssociation67945127", + "vpcPrivateSubnet1Subnet934893E8", + "vpcPrivateSubnet2DefaultRouteB0E07F99", + "vpcPrivateSubnet2RouteTable7280F23E", + "vpcPrivateSubnet2RouteTableAssociation007E94D3", + "vpcPrivateSubnet2Subnet7031C2BA", + "vpcPublicSubnet1DefaultRoute10708846", + "vpcPublicSubnet1EIPDA49DCBE", + "vpcPublicSubnet1NATGateway9C16659E", + "vpcPublicSubnet1RouteTable48A2DF9B", + "vpcPublicSubnet1RouteTableAssociation5D3F4579", + "vpcPublicSubnet1Subnet2E65531E", + "vpcPublicSubnet2DefaultRouteA1EC0F60", + "vpcPublicSubnet2EIP9B3743B1", + "vpcPublicSubnet2NATGateway9B8AE11A", + "vpcPublicSubnet2RouteTableEB40D4CB", + "vpcPublicSubnet2RouteTableAssociation21F81B59", + "vpcPublicSubnet2Subnet009B674F", + "vpcA2121C38", + "vpcVPCGW7984C166" + ] + }, + "batchjobfargatequeue5A12983E": { + "Type": "AWS::Batch::JobQueue", + "Properties": { + "ComputeEnvironmentOrder": [ + { + "ComputeEnvironment": { + "Ref": "batchfargatecomputeenvE9C3FCA4" + }, + "Order": 1 + }, + { + "ComputeEnvironment": { + "Ref": "batchfargatespotcomputeenv374749B0" + }, + "Order": 2 + } + ], + "Priority": 1, + "State": "ENABLED" + } + }, + "batchjobrepo4C508C51": { + "Type": "AWS::ECR::Repository", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "batchjobdeffromecrE0E30DAD": { + "Type": "AWS::Batch::JobDefinition", + "Properties": { + "Type": "container", + "ContainerProperties": { + "Environment": [ + { + "Name": "AWS_REGION", + "Value": { + "Ref": "AWS::Region" + } + }, + { + "Name": "AWS_ACCOUNT", + "Value": { + "Ref": "AWS::AccountId" + } + } + ], + "Image": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 4, + { + "Fn::Split": [ + ":", + { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + ] + } + ] + }, + ".dkr.ecr.", + { + "Fn::Select": [ + 3, + { + "Fn::Split": [ + ":", + { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + ] + } + ] + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/", + { + "Ref": "batchjobrepo4C508C51" + }, + ":latest" + ] + ] + }, + "JobRoleArn": { + "Fn::GetAtt": [ + "DefaultJobRole72A01394", + "Arn" + ] + }, + "MountPoints": [ + { + "ContainerPath": "/mnt", + "ReadOnly": true, + "SourceVolume": "batchstackEFS25FF7B1E" + } + ], + "Privileged": false, + "ReadonlyRootFilesystem": false, + "ResourceRequirements": [ + { + "Type": "VCPU", + "Value": "1" + }, + { + "Type": "MEMORY", + "Value": "4" + } + ], + "Volumes": [ + { + "EfsVolumeConfiguration": { + "AuthorizationConfig": { + "AccessPointId": { + "Ref": "EFSAccessPointA847C4A5" + }, + "Iam": "ENABLED" + }, + "FileSystemId": { + "Ref": "EFSF3301CFD" + }, + "TransitEncryption": "ENABLED" + }, + "Name": "batchstackEFS25FF7B1E" + } + ] + }, + "PlatformCapabilities": [ + "EC2" + ], + "RetryStrategy": { + "Attempts": 1 + }, + "Timeout": {} + } + }, + "batchsecret7CD5E4C6": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {} + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "executionroleD9A39BE6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "executionroleDefaultPolicy497F11A3": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "batchsecret7CD5E4C6" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "executionroleDefaultPolicy497F11A3", + "Roles": [ + { + "Ref": "executionroleD9A39BE6" + } + ] + } + }, + "batchjobdeffargate7FE30059": { + "Type": "AWS::Batch::JobDefinition", + "Properties": { + "Type": "container", + "ContainerProperties": { + "Environment": [ + { + "Name": "AWS_REGION", + "Value": { + "Ref": "AWS::Region" + } + }, + { + "Name": "AWS_ACCOUNT", + "Value": { + "Ref": "AWS::AccountId" + } + } + ], + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "executionroleD9A39BE6", + "Arn" + ] + }, + "FargatePlatformConfiguration": { + "PlatformVersion": "1.4.0" + }, + "Image": "docker/whalesay", + "JobRoleArn": { + "Fn::GetAtt": [ + "DefaultJobRole72A01394", + "Arn" + ] + }, + "MountPoints": [ + { + "ContainerPath": "/mnt", + "ReadOnly": true, + "SourceVolume": "batchstackEFS25FF7B1E" + } + ], + "Privileged": false, + "ReadonlyRootFilesystem": false, + "ResourceRequirements": [ + { + "Type": "VCPU", + "Value": "0.25" + }, + { + "Type": "MEMORY", + "Value": "512" + } + ], + "Secrets": [ + { + "Name": "SECRET", + "ValueFrom": { + "Ref": "batchsecret7CD5E4C6" + } + } + ], + "Volumes": [ + { + "EfsVolumeConfiguration": { + "AuthorizationConfig": { + "AccessPointId": { + "Ref": "EFSAccessPointA847C4A5" + }, + "Iam": "ENABLED" + }, + "FileSystemId": { + "Ref": "EFSF3301CFD" + }, + "TransitEncryption": "ENABLED" + }, + "Name": "batchstackEFS25FF7B1E" + } + ] + }, + "PlatformCapabilities": [ + "FARGATE" + ], + "RetryStrategy": { + "Attempts": 1 + }, + "Timeout": {} + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/integ.json b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/integ.json new file mode 100644 index 0000000000000..5bab175e49e2b --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "BatchWithEFSTest/DefaultTest": { + "stacks": [ + "batch-stack" + ], + "assertionStack": "BatchWithEFSTestDefaultTestDeployAssert0F887B55" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..a4680b9517f9c --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/manifest.json @@ -0,0 +1,421 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "batch-stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "batch-stack.template.json", + "validateOnSynth": false + }, + "metadata": { + "/batch-stack/vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcA2121C38" + } + ], + "/batch-stack/vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1Subnet2E65531E" + } + ], + "/batch-stack/vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1RouteTable48A2DF9B" + } + ], + "/batch-stack/vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1RouteTableAssociation5D3F4579" + } + ], + "/batch-stack/vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1DefaultRoute10708846" + } + ], + "/batch-stack/vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1EIPDA49DCBE" + } + ], + "/batch-stack/vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet1NATGateway9C16659E" + } + ], + "/batch-stack/vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2Subnet009B674F" + } + ], + "/batch-stack/vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2RouteTableEB40D4CB" + } + ], + "/batch-stack/vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2RouteTableAssociation21F81B59" + } + ], + "/batch-stack/vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2DefaultRouteA1EC0F60" + } + ], + "/batch-stack/vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2EIP9B3743B1" + } + ], + "/batch-stack/vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPublicSubnet2NATGateway9B8AE11A" + } + ], + "/batch-stack/vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet1Subnet934893E8" + } + ], + "/batch-stack/vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet1RouteTableB41A48CC" + } + ], + "/batch-stack/vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet1RouteTableAssociation67945127" + } + ], + "/batch-stack/vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet1DefaultRoute1AA8E2E5" + } + ], + "/batch-stack/vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "/batch-stack/vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet2RouteTable7280F23E" + } + ], + "/batch-stack/vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet2RouteTableAssociation007E94D3" + } + ], + "/batch-stack/vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcPrivateSubnet2DefaultRouteB0E07F99" + } + ], + "/batch-stack/vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcIGWE57CBDCA" + } + ], + "/batch-stack/vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "vpcVPCGW7984C166" + } + ], + "/batch-stack/EFS/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSF3301CFD" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroup56F189CE" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroupfrombatchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D1298652049B175033E" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroupfrombatchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD2049CEAD960B" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroupfrombatchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424204916919BCC" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroupfrombatchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C2049F5D69397" + } + ], + "/batch-stack/EFS/EfsSecurityGroup/from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsSecurityGroupfrombatchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C12049304E0F7C" + } + ], + "/batch-stack/EFS/EfsMountTarget1": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsMountTarget1674E914B" + } + ], + "/batch-stack/EFS/EfsMountTarget2": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSEfsMountTarget2A889DFBF" + } + ], + "/batch-stack/EFSAccessPoint/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EFSAccessPointA847C4A5" + } + ], + "/batch-stack/DefaultJobRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultJobRole72A01394" + } + ], + "/batch-stack/DefaultJobRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "DefaultJobRoleDefaultPolicyDA586FA5" + } + ], + "/batch-stack/ec2-launch-template": [ + { + "type": "aws:cdk:logicalId", + "data": "ec2launchtemplate" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template/Resource-Security-Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template/Ecs-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplateEcsInstanceRole24D4E799" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template/Instance-Profile": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplateInstanceProfile2DEC3A97" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template/Resource-Service-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplateResourceServiceInstanceRole76AD99CC" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplateF8A5B233" + } + ], + "/batch-stack/batch-spot-compute-env/Resource-Security-Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchspotcomputeenvResourceSecurityGroup07B09BF9" + } + ], + "/batch-stack/batch-spot-compute-env/Ecs-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchspotcomputeenvEcsInstanceRoleE976826B" + } + ], + "/batch-stack/batch-spot-compute-env/Instance-Profile": [ + { + "type": "aws:cdk:logicalId", + "data": "batchspotcomputeenvInstanceProfileFA613AC2" + } + ], + "/batch-stack/batch-spot-compute-env/Resource-Service-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchspotcomputeenvResourceServiceInstanceRole8B0DF5A7" + } + ], + "/batch-stack/batch-spot-compute-env/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchspotcomputeenv2CE4DFD9" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template-2/Resource-Security-Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template-2/Ecs-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplate2EcsInstanceRoleEE146754" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template-2/Instance-Profile": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplate2InstanceProfileC5A36CBC" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template-2/Resource-Service-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplate2ResourceServiceInstanceRole41CADAC1" + } + ], + "/batch-stack/batch-demand-compute-env-launch-template-2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchdemandcomputeenvlaunchtemplate2E12D5CBC" + } + ], + "/batch-stack/batch-job-queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchjobqueueE3C528F2" + } + ], + "/batch-stack/batch-fargate-compute-env/Resource-Security-Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatecomputeenvResourceSecurityGroupE2963776" + } + ], + "/batch-stack/batch-fargate-compute-env/Resource-Service-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatecomputeenvResourceServiceInstanceRole94D7AA5F" + } + ], + "/batch-stack/batch-fargate-compute-env/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatecomputeenvE9C3FCA4" + } + ], + "/batch-stack/batch-fargate-spot-compute-env/Resource-Security-Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatespotcomputeenvResourceSecurityGroup923D2390" + } + ], + "/batch-stack/batch-fargate-spot-compute-env/Resource-Service-Instance-Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatespotcomputeenvResourceServiceInstanceRole6462BFB0" + } + ], + "/batch-stack/batch-fargate-spot-compute-env/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchfargatespotcomputeenv374749B0" + } + ], + "/batch-stack/batch-job-fargate-queue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchjobfargatequeue5A12983E" + } + ], + "/batch-stack/batch-job-repo/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchjobrepo4C508C51" + } + ], + "/batch-stack/batch-job-def-from-ecr/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchjobdeffromecrE0E30DAD" + } + ], + "/batch-stack/batch-secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchsecret7CD5E4C6" + } + ], + "/batch-stack/execution-role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "executionroleD9A39BE6" + } + ], + "/batch-stack/execution-role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "executionroleDefaultPolicy497F11A3" + } + ], + "/batch-stack/batch-job-def-fargate/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "batchjobdeffargate7FE30059" + } + ] + }, + "displayName": "batch-stack" + }, + "BatchWithEFSTestDefaultTestDeployAssert0F887B55": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "BatchWithEFSTestDefaultTestDeployAssert0F887B55.template.json", + "validateOnSynth": false + }, + "displayName": "BatchWithEFSTest/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/tree.json b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/tree.json new file mode 100644 index 0000000000000..2073887c16510 --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/batch-with-efs.integ.snapshot/tree.json @@ -0,0 +1,2584 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "batch-stack": { + "id": "batch-stack", + "path": "batch-stack", + "children": { + "vpc": { + "id": "vpc", + "path": "batch-stack/vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "batch-stack/vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "batch-stack/vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "batch-stack/vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "batch-stack/vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "batch-stack/vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" + }, + "subnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "batch-stack/vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPublicSubnet1RouteTable48A2DF9B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "batch-stack/vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "batch-stack/vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "vpcPublicSubnet1Subnet2E65531E" + }, + "allocationId": { + "Fn::GetAtt": [ + "vpcPublicSubnet1EIPDA49DCBE", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "batch-stack/vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "batch-stack/vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "batch-stack/vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "batch-stack/vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "batch-stack/vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" + }, + "subnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "batch-stack/vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPublicSubnet2RouteTableEB40D4CB" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "batch-stack/vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "batch-stack/vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "vpcPublicSubnet2Subnet009B674F" + }, + "allocationId": { + "Fn::GetAtt": [ + "vpcPublicSubnet2EIP9B3743B1", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "batch-stack/vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "batch-stack/vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "batch-stack/vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "batch-stack/vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "batch-stack/vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "batch-stack/vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" + }, + "subnetId": { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "batch-stack/vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPrivateSubnet1RouteTableB41A48CC" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "vpcPublicSubnet1NATGateway9C16659E" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "batch-stack/vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "batch-stack/vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "batch-stack/vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "batch-stack/vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "batch-stack/vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "batch-stack/vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" + }, + "subnetId": { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "batch-stack/vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "vpcPrivateSubnet2RouteTable7280F23E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "vpcPublicSubnet2NATGateway9B8AE11A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "batch-stack/vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "batch-stack/vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "batch-stack/vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "vpcA2121C38" + }, + "internetGatewayId": { + "Ref": "vpcIGWE57CBDCA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "EFS": { + "id": "EFS", + "path": "batch-stack/EFS", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/EFS/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EFS::FileSystem", + "aws:cdk:cloudformation:props": { + "encrypted": true, + "fileSystemTags": [ + { + "key": "Name", + "value": "batch-stack/EFS" + } + ], + "performanceMode": "generalPurpose" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.CfnFileSystem", + "version": "0.0.0" + } + }, + "EfsSecurityGroup": { + "id": "EfsSecurityGroup", + "path": "batch-stack/EFS/EfsSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/EFS/EfsSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/EFS/EfsSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "batch-stack/EFS" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049": { + "id": "from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049", + "path": "batch-stack/EFS/EfsSecurityGroup/from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from batchstackbatchdemandcomputeenvlaunchtemplateResourceSecurityGroup0D129865:2049", + "fromPort": 2049, + "groupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84", + "GroupId" + ] + }, + "toPort": 2049 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049": { + "id": "from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049", + "path": "batch-stack/EFS/EfsSecurityGroup/from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from batchstackbatchspotcomputeenvResourceSecurityGroup729D2DBD:2049", + "fromPort": 2049, + "groupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceSecurityGroup07B09BF9", + "GroupId" + ] + }, + "toPort": 2049 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049": { + "id": "from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049", + "path": "batch-stack/EFS/EfsSecurityGroup/from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from batchstackbatchdemandcomputeenvlaunchtemplate2ResourceSecurityGroup3ED06424:2049", + "fromPort": 2049, + "groupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5", + "GroupId" + ] + }, + "toPort": 2049 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049": { + "id": "from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049", + "path": "batch-stack/EFS/EfsSecurityGroup/from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from batchstackbatchfargatecomputeenvResourceSecurityGroup32BE704C:2049", + "fromPort": 2049, + "groupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceSecurityGroupE2963776", + "GroupId" + ] + }, + "toPort": 2049 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049": { + "id": "from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049", + "path": "batch-stack/EFS/EfsSecurityGroup/from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "from batchstackbatchfargatespotcomputeenvResourceSecurityGroup86E388C1:2049", + "fromPort": 2049, + "groupId": { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceSecurityGroup923D2390", + "GroupId" + ] + }, + "toPort": 2049 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "EfsMountTarget1": { + "id": "EfsMountTarget1", + "path": "batch-stack/EFS/EfsMountTarget1", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EFS::MountTarget", + "aws:cdk:cloudformation:props": { + "fileSystemId": { + "Ref": "EFSF3301CFD" + }, + "securityGroups": [ + { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + } + ], + "subnetId": { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.CfnMountTarget", + "version": "0.0.0" + } + }, + "EfsMountTarget2": { + "id": "EfsMountTarget2", + "path": "batch-stack/EFS/EfsMountTarget2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EFS::MountTarget", + "aws:cdk:cloudformation:props": { + "fileSystemId": { + "Ref": "EFSF3301CFD" + }, + "securityGroups": [ + { + "Fn::GetAtt": [ + "EFSEfsSecurityGroup56F189CE", + "GroupId" + ] + } + ], + "subnetId": { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.CfnMountTarget", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.FileSystem", + "version": "0.0.0" + } + }, + "EFSAccessPoint": { + "id": "EFSAccessPoint", + "path": "batch-stack/EFSAccessPoint", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/EFSAccessPoint/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EFS::AccessPoint", + "aws:cdk:cloudformation:props": { + "fileSystemId": { + "Ref": "EFSF3301CFD" + }, + "posixUser": { + "uid": "1000", + "gid": "1000" + }, + "rootDirectory": { + "creationInfo": { + "ownerGid": "1000", + "ownerUid": "1000", + "permissions": "750" + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.CfnAccessPoint", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-efs.AccessPoint", + "version": "0.0.0" + } + }, + "DefaultJobRole": { + "id": "DefaultJobRole", + "path": "batch-stack/DefaultJobRole", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/DefaultJobRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "batch-stack/DefaultJobRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/DefaultJobRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "elasticfilesystem:ClientRead", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EFSF3301CFD", + "Arn" + ] + } + }, + { + "Action": [ + "ecr:BatchCheckLayerAvailability", + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + }, + { + "Action": "ecr:GetAuthorizationToken", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "DefaultJobRoleDefaultPolicyDA586FA5", + "roles": [ + { + "Ref": "DefaultJobRole72A01394" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "ec2-launch-template": { + "id": "ec2-launch-template", + "path": "batch-stack/ec2-launch-template", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::LaunchTemplate", + "aws:cdk:cloudformation:props": { + "launchTemplateData": { + "blockDeviceMappings": [ + { + "deviceName": "/dev/xvdcz", + "ebs": { + "encrypted": true, + "volumeSize": 100, + "volumeType": "gp2" + } + } + ] + }, + "launchTemplateName": "EC2LaunchTemplate" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnLaunchTemplate", + "version": "0.0.0" + } + }, + "batch-demand-compute-env-launch-template": { + "id": "batch-demand-compute-env-launch-template", + "path": "batch-stack/batch-demand-compute-env-launch-template", + "children": { + "Resource-Security-Group": { + "id": "Resource-Security-Group", + "path": "batch-stack/batch-demand-compute-env-launch-template/Resource-Security-Group", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template/Resource-Security-Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/batch-demand-compute-env-launch-template/Resource-Security-Group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Ecs-Instance-Role": { + "id": "Ecs-Instance-Role", + "path": "batch-stack/batch-demand-compute-env-launch-template/Ecs-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template/Ecs-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Instance-Profile": { + "id": "Instance-Profile", + "path": "batch-stack/batch-demand-compute-env-launch-template/Instance-Profile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "batchdemandcomputeenvlaunchtemplateEcsInstanceRole24D4E799" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "Resource-Service-Instance-Role": { + "id": "Resource-Service-Instance-Role", + "path": "batch-stack/batch-demand-compute-env-launch-template/Resource-Service-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template/Resource-Service-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::ComputeEnvironment", + "aws:cdk:cloudformation:props": { + "type": "MANAGED", + "computeResources": { + "launchTemplate": { + "launchTemplateName": "EC2LaunchTemplate" + }, + "maxvCpus": 256, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceSecurityGroup23599B84", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "tags": { + "compute-env-tag": "123XYZ" + }, + "type": "EC2", + "allocationStrategy": "BEST_FIT", + "instanceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateInstanceProfile2DEC3A97", + "Arn" + ] + }, + "instanceTypes": [ + "optimal" + ], + "minvCpus": 0 + }, + "serviceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplateResourceServiceInstanceRole76AD99CC", + "Arn" + ] + }, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnComputeEnvironment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.ComputeEnvironment", + "version": "0.0.0" + } + }, + "batch-spot-compute-env": { + "id": "batch-spot-compute-env", + "path": "batch-stack/batch-spot-compute-env", + "children": { + "Resource-SpotFleet-Role": { + "id": "Resource-SpotFleet-Role", + "path": "batch-stack/batch-spot-compute-env/Resource-SpotFleet-Role", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource-Security-Group": { + "id": "Resource-Security-Group", + "path": "batch-stack/batch-spot-compute-env/Resource-Security-Group", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-spot-compute-env/Resource-Security-Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/batch-spot-compute-env/Resource-Security-Group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Ecs-Instance-Role": { + "id": "Ecs-Instance-Role", + "path": "batch-stack/batch-spot-compute-env/Ecs-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-spot-compute-env/Ecs-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Instance-Profile": { + "id": "Instance-Profile", + "path": "batch-stack/batch-spot-compute-env/Instance-Profile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "batchspotcomputeenvEcsInstanceRoleE976826B" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "Resource-Service-Instance-Role": { + "id": "Resource-Service-Instance-Role", + "path": "batch-stack/batch-spot-compute-env/Resource-Service-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-spot-compute-env/Resource-Service-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-spot-compute-env/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::ComputeEnvironment", + "aws:cdk:cloudformation:props": { + "type": "MANAGED", + "computeResources": { + "bidPercentage": 80, + "maxvCpus": 256, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceSecurityGroup07B09BF9", + "GroupId" + ] + } + ], + "spotIamFleetRole": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet" + ] + ] + }, + "subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "type": "SPOT", + "allocationStrategy": "SPOT_CAPACITY_OPTIMIZED", + "instanceRole": { + "Fn::GetAtt": [ + "batchspotcomputeenvInstanceProfileFA613AC2", + "Arn" + ] + }, + "instanceTypes": [ + "optimal" + ], + "minvCpus": 0 + }, + "serviceRole": { + "Fn::GetAtt": [ + "batchspotcomputeenvResourceServiceInstanceRole8B0DF5A7", + "Arn" + ] + }, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnComputeEnvironment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.ComputeEnvironment", + "version": "0.0.0" + } + }, + "batch-demand-compute-env-launch-template-2": { + "id": "batch-demand-compute-env-launch-template-2", + "path": "batch-stack/batch-demand-compute-env-launch-template-2", + "children": { + "Resource-Security-Group": { + "id": "Resource-Security-Group", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Security-Group", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Security-Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Security-Group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Ecs-Instance-Role": { + "id": "Ecs-Instance-Role", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Ecs-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Ecs-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Instance-Profile": { + "id": "Instance-Profile", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Instance-Profile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "batchdemandcomputeenvlaunchtemplate2EcsInstanceRoleEE146754" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "Resource-Service-Instance-Role": { + "id": "Resource-Service-Instance-Role", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Service-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Resource-Service-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-demand-compute-env-launch-template-2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::ComputeEnvironment", + "aws:cdk:cloudformation:props": { + "type": "MANAGED", + "computeResources": { + "launchTemplate": { + "launchTemplateId": { + "Ref": "ec2launchtemplate" + } + }, + "maxvCpus": 256, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceSecurityGroupBEA8DDD5", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "tags": { + "compute-env-tag": "123XYZ" + }, + "type": "EC2", + "allocationStrategy": "BEST_FIT", + "instanceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2InstanceProfileC5A36CBC", + "Arn" + ] + }, + "instanceTypes": [ + "optimal" + ], + "minvCpus": 0 + }, + "serviceRole": { + "Fn::GetAtt": [ + "batchdemandcomputeenvlaunchtemplate2ResourceServiceInstanceRole41CADAC1", + "Arn" + ] + }, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnComputeEnvironment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.ComputeEnvironment", + "version": "0.0.0" + } + }, + "batch-job-queue": { + "id": "batch-job-queue", + "path": "batch-stack/batch-job-queue", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-job-queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::JobQueue", + "aws:cdk:cloudformation:props": { + "computeEnvironmentOrder": [ + { + "computeEnvironment": { + "Ref": "batchdemandcomputeenvlaunchtemplateF8A5B233" + }, + "order": 2 + }, + { + "computeEnvironment": { + "Ref": "batchspotcomputeenv2CE4DFD9" + }, + "order": 3 + }, + { + "computeEnvironment": { + "Ref": "batchdemandcomputeenvlaunchtemplate2E12D5CBC" + }, + "order": 4 + } + ], + "priority": 1, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnJobQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.JobQueue", + "version": "0.0.0" + } + }, + "batch-fargate-compute-env": { + "id": "batch-fargate-compute-env", + "path": "batch-stack/batch-fargate-compute-env", + "children": { + "Resource-Security-Group": { + "id": "Resource-Security-Group", + "path": "batch-stack/batch-fargate-compute-env/Resource-Security-Group", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-compute-env/Resource-Security-Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/batch-fargate-compute-env/Resource-Security-Group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource-Service-Instance-Role": { + "id": "Resource-Service-Instance-Role", + "path": "batch-stack/batch-fargate-compute-env/Resource-Service-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-compute-env/Resource-Service-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-compute-env/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::ComputeEnvironment", + "aws:cdk:cloudformation:props": { + "type": "MANAGED", + "computeResources": { + "maxvCpus": 256, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceSecurityGroupE2963776", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "type": "FARGATE" + }, + "serviceRole": { + "Fn::GetAtt": [ + "batchfargatecomputeenvResourceServiceInstanceRole94D7AA5F", + "Arn" + ] + }, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnComputeEnvironment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.ComputeEnvironment", + "version": "0.0.0" + } + }, + "batch-fargate-spot-compute-env": { + "id": "batch-fargate-spot-compute-env", + "path": "batch-stack/batch-fargate-spot-compute-env", + "children": { + "Resource-Security-Group": { + "id": "Resource-Security-Group", + "path": "batch-stack/batch-fargate-spot-compute-env/Resource-Security-Group", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-spot-compute-env/Resource-Security-Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "batch-stack/batch-fargate-spot-compute-env/Resource-Security-Group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "vpcA2121C38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Resource-Service-Instance-Role": { + "id": "Resource-Service-Instance-Role", + "path": "batch-stack/batch-fargate-spot-compute-env/Resource-Service-Instance-Role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-spot-compute-env/Resource-Service-Instance-Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSBatchServiceRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-fargate-spot-compute-env/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::ComputeEnvironment", + "aws:cdk:cloudformation:props": { + "type": "MANAGED", + "computeResources": { + "maxvCpus": 256, + "securityGroupIds": [ + { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceSecurityGroup923D2390", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "vpcPrivateSubnet1Subnet934893E8" + }, + { + "Ref": "vpcPrivateSubnet2Subnet7031C2BA" + } + ], + "type": "FARGATE_SPOT" + }, + "serviceRole": { + "Fn::GetAtt": [ + "batchfargatespotcomputeenvResourceServiceInstanceRole6462BFB0", + "Arn" + ] + }, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnComputeEnvironment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.ComputeEnvironment", + "version": "0.0.0" + } + }, + "batch-job-fargate-queue": { + "id": "batch-job-fargate-queue", + "path": "batch-stack/batch-job-fargate-queue", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-job-fargate-queue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::JobQueue", + "aws:cdk:cloudformation:props": { + "computeEnvironmentOrder": [ + { + "computeEnvironment": { + "Ref": "batchfargatecomputeenvE9C3FCA4" + }, + "order": 1 + }, + { + "computeEnvironment": { + "Ref": "batchfargatespotcomputeenv374749B0" + }, + "order": 2 + } + ], + "priority": 1, + "state": "ENABLED" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnJobQueue", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.JobQueue", + "version": "0.0.0" + } + }, + "batch-job-repo": { + "id": "batch-job-repo", + "path": "batch-stack/batch-job-repo", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-job-repo/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECR::Repository", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecr.CfnRepository", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecr.Repository", + "version": "0.0.0" + } + }, + "batch-job-def-from-ecr": { + "id": "batch-job-def-from-ecr", + "path": "batch-stack/batch-job-def-from-ecr", + "children": { + "Resource-Batch-Job-Container-Definition": { + "id": "Resource-Batch-Job-Container-Definition", + "path": "batch-stack/batch-job-def-from-ecr/Resource-Batch-Job-Container-Definition", + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-job-def-from-ecr/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::JobDefinition", + "aws:cdk:cloudformation:props": { + "type": "container", + "containerProperties": { + "environment": [ + { + "name": "AWS_REGION", + "value": { + "Ref": "AWS::Region" + } + }, + { + "name": "AWS_ACCOUNT", + "value": { + "Ref": "AWS::AccountId" + } + } + ], + "image": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 4, + { + "Fn::Split": [ + ":", + { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + ] + } + ] + }, + ".dkr.ecr.", + { + "Fn::Select": [ + 3, + { + "Fn::Split": [ + ":", + { + "Fn::GetAtt": [ + "batchjobrepo4C508C51", + "Arn" + ] + } + ] + } + ] + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/", + { + "Ref": "batchjobrepo4C508C51" + }, + ":latest" + ] + ] + }, + "jobRoleArn": { + "Fn::GetAtt": [ + "DefaultJobRole72A01394", + "Arn" + ] + }, + "mountPoints": [ + { + "containerPath": "/mnt", + "sourceVolume": "batchstackEFS25FF7B1E", + "readOnly": true + } + ], + "privileged": false, + "readonlyRootFilesystem": false, + "volumes": [ + { + "name": "batchstackEFS25FF7B1E", + "efsVolumeConfiguration": { + "fileSystemId": { + "Ref": "EFSF3301CFD" + }, + "transitEncryption": "ENABLED", + "authorizationConfig": { + "accessPointId": { + "Ref": "EFSAccessPointA847C4A5" + }, + "iam": "ENABLED" + } + } + } + ], + "resourceRequirements": [ + { + "type": "VCPU", + "value": "1" + }, + { + "type": "MEMORY", + "value": "4" + } + ] + }, + "platformCapabilities": [ + "EC2" + ], + "retryStrategy": { + "attempts": 1 + }, + "timeout": {} + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnJobDefinition", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.JobDefinition", + "version": "0.0.0" + } + }, + "batch-secret": { + "id": "batch-secret", + "path": "batch-stack/batch-secret", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "generateSecretString": {} + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + }, + "execution-role": { + "id": "execution-role", + "path": "batch-stack/execution-role", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/execution-role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "batch.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "batch-stack/execution-role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "batch-stack/execution-role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "batchsecret7CD5E4C6" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "executionroleDefaultPolicy497F11A3", + "roles": [ + { + "Ref": "executionroleD9A39BE6" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "batch-job-def-fargate": { + "id": "batch-job-def-fargate", + "path": "batch-stack/batch-job-def-fargate", + "children": { + "Resource-Batch-Job-Container-Definition": { + "id": "Resource-Batch-Job-Container-Definition", + "path": "batch-stack/batch-job-def-fargate/Resource-Batch-Job-Container-Definition", + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "batch-stack/batch-job-def-fargate/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Batch::JobDefinition", + "aws:cdk:cloudformation:props": { + "type": "container", + "containerProperties": { + "environment": [ + { + "name": "AWS_REGION", + "value": { + "Ref": "AWS::Region" + } + }, + { + "name": "AWS_ACCOUNT", + "value": { + "Ref": "AWS::AccountId" + } + } + ], + "secrets": [ + { + "name": "SECRET", + "valueFrom": { + "Ref": "batchsecret7CD5E4C6" + } + } + ], + "image": "docker/whalesay", + "jobRoleArn": { + "Fn::GetAtt": [ + "DefaultJobRole72A01394", + "Arn" + ] + }, + "executionRoleArn": { + "Fn::GetAtt": [ + "executionroleD9A39BE6", + "Arn" + ] + }, + "mountPoints": [ + { + "containerPath": "/mnt", + "sourceVolume": "batchstackEFS25FF7B1E", + "readOnly": true + } + ], + "privileged": false, + "readonlyRootFilesystem": false, + "volumes": [ + { + "name": "batchstackEFS25FF7B1E", + "efsVolumeConfiguration": { + "fileSystemId": { + "Ref": "EFSF3301CFD" + }, + "transitEncryption": "ENABLED", + "authorizationConfig": { + "accessPointId": { + "Ref": "EFSAccessPointA847C4A5" + }, + "iam": "ENABLED" + } + } + } + ], + "fargatePlatformConfiguration": { + "platformVersion": "1.4.0" + }, + "resourceRequirements": [ + { + "type": "VCPU", + "value": "0.25" + }, + { + "type": "MEMORY", + "value": "512" + } + ] + }, + "platformCapabilities": [ + "FARGATE" + ], + "retryStrategy": { + "attempts": 1 + }, + "timeout": {} + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.CfnJobDefinition", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-batch.JobDefinition", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "BatchWithEFSTest": { + "id": "BatchWithEFSTest", + "path": "BatchWithEFSTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "BatchWithEFSTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "BatchWithEFSTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "BatchWithEFSTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts b/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts index 82c4ca821e7d1..d31a0f60e9a82 100644 --- a/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts +++ b/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts @@ -583,5 +583,61 @@ describe('Batch Compute Environment', () => { }); }); }); + + describe('connectable functions', () => { + test('ec2 ingress rule', () => { + const computeEnvironment = new batch.ComputeEnvironment(stack, 'test-compute-env', { + managed: true, + computeResources: { + vpc, + }, + }); + + const sg1 = new ec2.SecurityGroup(stack, 'SomeSecurityGroup', { vpc, allowAllOutbound: false }); + const somethingConnectable = new SomethingConnectable(new ec2.Connections({ securityGroups: [sg1] })); + + somethingConnectable.connections.allowFrom(computeEnvironment, ec2.Port.tcp(12345), 'connect to me'); + + Template.fromStack(stack).hasResourceProperties + ('AWS::EC2::SecurityGroupIngress', { + GroupId: { 'Fn::GetAtt': ['SomeSecurityGroupEF219AD6', 'GroupId'] }, + IpProtocol: 'tcp', + Description: 'connect to me', + SourceSecurityGroupId: { 'Fn::GetAtt': ['testcomputeenvResourceSecurityGroup7615BA87', 'GroupId'] }, + FromPort: 12345, + ToPort: 12345, + }); + }); + + test('fargate ingress rule', () => { + const computeEnvironment = new batch.ComputeEnvironment(stack, 'test-fargate-env', { + managed: true, + computeResources: { + vpc, + type: batch.ComputeResourceType.FARGATE, + }, + }); + + const sg1 = new ec2.SecurityGroup(stack, 'SomeSecurityGroup', { vpc, allowAllOutbound: false }); + const somethingConnectable = new SomethingConnectable(new ec2.Connections({ securityGroups: [sg1] })); + + somethingConnectable.connections.allowFrom(computeEnvironment, ec2.Port.tcp(12345), 'connect to me'); + + Template.fromStack(stack).hasResourceProperties + ('AWS::EC2::SecurityGroupIngress', { + GroupId: { 'Fn::GetAtt': ['SomeSecurityGroupEF219AD6', 'GroupId'] }, + IpProtocol: 'tcp', + Description: 'connect to me', + SourceSecurityGroupId: { 'Fn::GetAtt': ['testfargateenvResourceSecurityGroup66A2FC03', 'GroupId'] }, + FromPort: 12345, + ToPort: 12345, + }); + }); + }); }); }); + +class SomethingConnectable implements ec2.IConnectable { + constructor(public readonly connections: ec2.Connections) { + } +} diff --git a/packages/@aws-cdk/aws-batch/test/integ.batch-with-efs.ts b/packages/@aws-cdk/aws-batch/test/integ.batch-with-efs.ts new file mode 100644 index 0000000000000..58c1a6a37d0a5 --- /dev/null +++ b/packages/@aws-cdk/aws-batch/test/integ.batch-with-efs.ts @@ -0,0 +1,203 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ecr from '@aws-cdk/aws-ecr'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as efs from '@aws-cdk/aws-efs'; +import * as iam from '@aws-cdk/aws-iam'; +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as batch from '../lib/'; + +export const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'batch-stack'); + +const vpc = new ec2.Vpc(stack, 'vpc'); + +const efsFs = new efs.FileSystem(stack, 'EFS', { + vpc, + performanceMode: efs.PerformanceMode.GENERAL_PURPOSE, + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); + +const accessPoint = new efs.AccessPoint( + stack, + 'EFSAccessPoint', + { + fileSystem: efsFs, + createAcl: { + ownerUid: '1000', + ownerGid: '1000', + permissions: '750', + }, + posixUser: { + uid: '1000', + gid: '1000', + }, + }, +); + +const volumes: ecs.Volume[] = [{ + name: cdk.Names.uniqueId(efsFs), + efsVolumeConfiguration: { + fileSystemId: efsFs.fileSystemId, + transitEncryption: 'ENABLED', + authorizationConfig: { + accessPointId: accessPoint.accessPointId, + iam: 'ENABLED', + }, + }, +}]; + +const mountPoints: ecs.MountPoint[] = [{ + containerPath: '/mnt', + sourceVolume: volumes[0].name, + readOnly: true, +}]; + +const jobRole = new iam.Role(stack, 'DefaultJobRole', { + assumedBy: new iam.ServicePrincipal('ecs-tasks.amazonaws.com'), +}); + +efsFs.grant(jobRole, 'elasticfilesystem:ClientRead'); + +const launchTemplate = new ec2.CfnLaunchTemplate(stack, 'ec2-launch-template', { + launchTemplateName: 'EC2LaunchTemplate', + launchTemplateData: { + blockDeviceMappings: [ + { + deviceName: '/dev/xvdcz', + ebs: { + encrypted: true, + volumeSize: 100, + volumeType: 'gp2', + }, + }, + ], + }, +}); + +const computeEnvironments = [ + { + computeEnvironment: new batch.ComputeEnvironment(stack, 'batch-demand-compute-env-launch-template', { + managed: true, + computeResources: { + type: batch.ComputeResourceType.ON_DEMAND, + vpc, + launchTemplate: { + launchTemplateName: launchTemplate.launchTemplateName as string, + }, + computeResourcesTags: { + 'compute-env-tag': '123XYZ', + }, + }, + }), + order: 2, + }, + { + computeEnvironment: new batch.ComputeEnvironment(stack, 'batch-spot-compute-env', { + managed: true, + computeResources: { + type: batch.ComputeResourceType.SPOT, + vpc, + bidPercentage: 80, + }, + }), + order: 3, + }, + { + computeEnvironment: new batch.ComputeEnvironment(stack, 'batch-demand-compute-env-launch-template-2', { + managed: true, + computeResources: { + type: batch.ComputeResourceType.ON_DEMAND, + vpc, + launchTemplate: { + launchTemplateId: launchTemplate.ref as string, + }, + computeResourcesTags: { + 'compute-env-tag': '123XYZ', + }, + }, + }), + order: 4, + }, +]; + +// Allow Comppute Environments to access the filesystem +computeEnvironments.forEach((ce) => { + efsFs.connections.allowDefaultPortFrom(ce.computeEnvironment); +}); + +new batch.JobQueue(stack, 'batch-job-queue', { computeEnvironments }); + +const fargateEnvironments = [ + { + computeEnvironment: new batch.ComputeEnvironment(stack, 'batch-fargate-compute-env', { + managed: true, + computeResources: { + type: batch.ComputeResourceType.FARGATE, + vpc, + }, + }), + order: 1, + }, + { + computeEnvironment: new batch.ComputeEnvironment(stack, 'batch-fargate-spot-compute-env', { + managed: true, + computeResources: { + type: batch.ComputeResourceType.FARGATE_SPOT, + vpc, + }, + }), + order: 2, + }, +]; + +fargateEnvironments.forEach((ce) => { + efsFs.connections.allowDefaultPortFrom(ce.computeEnvironment); +}); + +// Split out into two job queues because each queue +// supports a max of 3 compute environments +new batch.JobQueue(stack, 'batch-job-fargate-queue', { + computeEnvironments: fargateEnvironments, +}); + +const repo = new ecr.Repository(stack, 'batch-job-repo'); + +new batch.JobDefinition(stack, 'batch-job-def-from-ecr', { + container: { + jobRole, + image: new ecs.EcrImage(repo, 'latest'), + mountPoints, + volumes, + }, +}); + +const secret = new secretsmanager.Secret(stack, 'batch-secret'); +const executionRole = new iam.Role(stack, 'execution-role', { + assumedBy: new iam.ServicePrincipal('batch.amazonaws.com'), +}); + +new batch.JobDefinition(stack, 'batch-job-def-fargate', { + platformCapabilities: [batch.PlatformCapabilities.FARGATE], + container: { + image: ecs.ContainerImage.fromRegistry('docker/whalesay'), + // Have to specify 1.4 here rather than LATEST - stack fails to deploy with + // 'LATEST' which is a bug somewhere in CloudFormation/Fargate + platformVersion: ecs.FargatePlatformVersion.VERSION1_4, + executionRole, + jobRole, + secrets: { + SECRET: ecs.Secret.fromSecretsManager(secret), + }, + mountPoints, + volumes, + }, +}); + +new integ.IntegTest(app, 'BatchWithEFSTest', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md index 4f6ccce9d7c95..137cd1d214e10 100644 --- a/packages/@aws-cdk/aws-cognito/README.md +++ b/packages/@aws-cdk/aws-cognito/README.md @@ -741,6 +741,20 @@ pool.addClient('app-client', { }); ``` +User Pool clients can generate a client ID as well as a client secret, to support more advanced authentication workflows. + +To create a client with an autogenerated client secret, pass the `generateSecret: true` prop: + +```ts +const userPoolClient = new cognito.UserPoolClient(this, 'UserPoolClient', { + userPool: importedPool, + generateSecret: true, +}); + +// Allows you to pass the generated secret to other pieces of infrastructure +const secret = userPoolClient.userPoolClientSecret; +``` + ### Resource Servers A resource server is a server for access-protected resources. It handles authenticated requests from an app that has an diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts index 34781bcdc14db..cabcae64a2c8f 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts @@ -1,4 +1,5 @@ -import { IResource, Resource, Duration } from '@aws-cdk/core'; +import { IResource, Resource, Duration, Stack, SecretValue } from '@aws-cdk/core'; +import { AwsCustomResource, AwsCustomResourcePolicy, PhysicalResourceId } from '@aws-cdk/custom-resources'; import { Construct } from 'constructs'; import { CfnUserPoolClient } from './cognito.generated'; import { IUserPool } from './user-pool'; @@ -321,24 +322,39 @@ export interface IUserPoolClient extends IResource { * @attribute */ readonly userPoolClientId: string; + + /** + * The generated client secret. Only available if the "generateSecret" props is set to true + * @attribute + */ + readonly userPoolClientSecret: SecretValue; } /** * Define a UserPool App Client */ export class UserPoolClient extends Resource implements IUserPoolClient { + /** * Import a user pool client given its id. */ public static fromUserPoolClientId(scope: Construct, id: string, userPoolClientId: string): IUserPoolClient { class Import extends Resource implements IUserPoolClient { public readonly userPoolClientId = userPoolClientId; + get userPoolClientSecret(): SecretValue { + throw new Error('UserPool Client Secret is not available for imported Clients'); + } } return new Import(scope, id); } public readonly userPoolClientId: string; + + private _generateSecret?: boolean; + private readonly userPool: IUserPool; + private _userPoolClientSecret?: SecretValue; + /** * The OAuth flows enabled for this client. */ @@ -374,6 +390,9 @@ export class UserPoolClient extends Resource implements IUserPoolClient { } } + this._generateSecret = props.generateSecret; + this.userPool = props.userPool; + const resource = new CfnUserPoolClient(this, 'Resource', { clientName: props.userPoolClientName, generateSecret: props.generateSecret, @@ -407,6 +426,41 @@ export class UserPoolClient extends Resource implements IUserPoolClient { return this._userPoolClientName; } + public get userPoolClientSecret(): SecretValue { + if (!this._generateSecret) { + throw new Error( + 'userPoolClientSecret is available only if generateSecret is set to true.', + ); + } + + // Create the Custom Resource that assists in resolving the User Pool Client secret + // just once, no matter how many times this method is called + if (!this._userPoolClientSecret) { + this._userPoolClientSecret = SecretValue.resourceAttribute(new AwsCustomResource( + this, + 'DescribeCognitoUserPoolClient', + { + resourceType: 'Custom::DescribeCognitoUserPoolClient', + onCreate: { + region: Stack.of(this).region, + service: 'CognitoIdentityServiceProvider', + action: 'describeUserPoolClient', + parameters: { + UserPoolId: this.userPool.userPoolId, + ClientId: this.userPoolClientId, + }, + physicalResourceId: PhysicalResourceId.of(this.userPoolClientId), + }, + policy: AwsCustomResourcePolicy.fromSdkCalls({ + resources: [this.userPool.userPoolArn], + }), + }, + ).getResponseField('UserPoolClient.ClientSecret')); + } + + return this._userPoolClientSecret; + } + private configureAuthFlows(props: UserPoolClientProps): string[] | undefined { if (!props.authFlows || Object.keys(props.authFlows).length === 0) return undefined; diff --git a/packages/@aws-cdk/aws-cognito/package.json b/packages/@aws-cdk/aws-cognito/package.json index 4c8ab76451d30..633a3b5195fa2 100644 --- a/packages/@aws-cdk/aws-cognito/package.json +++ b/packages/@aws-cdk/aws-cognito/package.json @@ -91,6 +91,7 @@ }, "dependencies": { "@aws-cdk/aws-certificatemanager": "0.0.0", + "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", @@ -102,6 +103,7 @@ "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-certificatemanager": "0.0.0", + "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", diff --git a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-client-explicit-props.ts b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-client-explicit-props.ts index 6f71e03dbed6e..26f715f29180d 100644 --- a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-client-explicit-props.ts +++ b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-client-explicit-props.ts @@ -1,5 +1,6 @@ +import { Secret } from '@aws-cdk/aws-secretsmanager'; import { App, RemovalPolicy, Stack } from '@aws-cdk/core'; -import { OAuthScope, UserPool, ClientAttributes, StringAttribute } from '../lib'; +import { ClientAttributes, OAuthScope, StringAttribute, UserPool } from '../lib'; const app = new App(); const stack = new Stack(app, 'integ-user-pool-client-explicit-props'); @@ -12,7 +13,7 @@ const userpool = new UserPool(stack, 'myuserpool', { }, }); -userpool.addClient('myuserpoolclient', { +const client = userpool.addClient('myuserpoolclient', { userPoolClientName: 'myuserpoolclient', authFlows: { adminUserPassword: true, @@ -57,3 +58,7 @@ userpool.addClient('myuserpoolclient', { website: true, }).withCustomAttributes('attribute_one', 'attribute_two'), }); + +new Secret(stack, 'Secret', { + secretStringValue: client.userPoolClientSecret, +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js new file mode 100644 index 0000000000000..7bae87b06d44d --- /dev/null +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js @@ -0,0 +1,252 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = exports.forceSdkInstallation = exports.flatten = exports.PHYSICAL_RESOURCE_ID_REFERENCE = void 0; +/* eslint-disable no-console */ +const child_process_1 = require("child_process"); +const fs = require("fs"); +const path_1 = require("path"); +/** + * Serialized form of the physical resource id for use in the operation parameters + */ +exports.PHYSICAL_RESOURCE_ID_REFERENCE = 'PHYSICAL:RESOURCEID:'; +/** + * Flattens a nested object + * + * @param object the object to be flattened + * @returns a flat object with path as keys + */ +function flatten(object) { + return Object.assign({}, ...function _flatten(child, path = []) { + return [].concat(...Object.keys(child) + .map(key => { + const childKey = Buffer.isBuffer(child[key]) ? child[key].toString('utf8') : child[key]; + return typeof childKey === 'object' && childKey !== null + ? _flatten(childKey, path.concat([key])) + : ({ [path.concat([key]).join('.')]: childKey }); + })); + }(object)); +} +exports.flatten = flatten; +/** + * Decodes encoded special values (physicalResourceId) + */ +function decodeSpecialValues(object, physicalResourceId) { + return JSON.parse(JSON.stringify(object), (_k, v) => { + switch (v) { + case exports.PHYSICAL_RESOURCE_ID_REFERENCE: + return physicalResourceId; + default: + return v; + } + }); +} +/** + * Filters the keys of an object. + */ +function filterKeys(object, pred) { + return Object.entries(object) + .reduce((acc, [k, v]) => pred(k) + ? { ...acc, [k]: v } + : acc, {}); +} +let latestSdkInstalled = false; +function forceSdkInstallation() { + latestSdkInstalled = false; +} +exports.forceSdkInstallation = forceSdkInstallation; +/** + * Installs latest AWS SDK v2 + */ +function installLatestSdk() { + console.log('Installing latest AWS SDK v2'); + // Both HOME and --prefix are needed here because /tmp is the only writable location + child_process_1.execSync('HOME=/tmp npm install aws-sdk@2 --production --no-package-lock --no-save --prefix /tmp'); + latestSdkInstalled = true; +} +// no currently patched services +const patchedServices = []; +/** + * Patches the AWS SDK by loading service models in the same manner as the actual SDK + */ +function patchSdk(awsSdk) { + const apiLoader = awsSdk.apiLoader; + patchedServices.forEach(({ serviceName, apiVersions }) => { + const lowerServiceName = serviceName.toLowerCase(); + if (!awsSdk.Service.hasService(lowerServiceName)) { + apiLoader.services[lowerServiceName] = {}; + awsSdk[serviceName] = awsSdk.Service.defineService(lowerServiceName, apiVersions); + } + else { + awsSdk.Service.addVersions(awsSdk[serviceName], apiVersions); + } + apiVersions.forEach(apiVersion => { + Object.defineProperty(apiLoader.services[lowerServiceName], apiVersion, { + get: function get() { + const modelFilePrefix = `aws-sdk-patch/${lowerServiceName}-${apiVersion}`; + const model = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.service.json`), 'utf-8')); + model.paginators = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.paginators.json`), 'utf-8')).pagination; + return model; + }, + enumerable: true, + configurable: true, + }); + }); + }); + return awsSdk; +} +/* eslint-disable @typescript-eslint/no-require-imports, import/no-extraneous-dependencies */ +async function handler(event, context) { + try { + let AWS; + if (!latestSdkInstalled && event.ResourceProperties.InstallLatestAwsSdk === 'true') { + try { + installLatestSdk(); + AWS = require('/tmp/node_modules/aws-sdk'); + } + catch (e) { + console.log(`Failed to install latest AWS SDK v2: ${e}`); + AWS = require('aws-sdk'); // Fallback to pre-installed version + } + } + else if (latestSdkInstalled) { + AWS = require('/tmp/node_modules/aws-sdk'); + } + else { + AWS = require('aws-sdk'); + } + try { + AWS = patchSdk(AWS); + } + catch (e) { + console.log(`Failed to patch AWS SDK: ${e}. Proceeding with the installed copy.`); + } + console.log(JSON.stringify({ ...event, ResponseURL: '...' })); + console.log('AWS SDK VERSION: ' + AWS.VERSION); + event.ResourceProperties.Create = decodeCall(event.ResourceProperties.Create); + event.ResourceProperties.Update = decodeCall(event.ResourceProperties.Update); + event.ResourceProperties.Delete = decodeCall(event.ResourceProperties.Delete); + // Default physical resource id + let physicalResourceId; + switch (event.RequestType) { + case 'Create': + physicalResourceId = event.ResourceProperties.Create?.physicalResourceId?.id ?? + event.ResourceProperties.Update?.physicalResourceId?.id ?? + event.ResourceProperties.Delete?.physicalResourceId?.id ?? + event.LogicalResourceId; + break; + case 'Update': + case 'Delete': + physicalResourceId = event.ResourceProperties[event.RequestType]?.physicalResourceId?.id ?? event.PhysicalResourceId; + break; + } + let flatData = {}; + let data = {}; + const call = event.ResourceProperties[event.RequestType]; + if (call) { + let credentials; + if (call.assumedRoleArn) { + const timestamp = (new Date()).getTime(); + const params = { + RoleArn: call.assumedRoleArn, + RoleSessionName: `${timestamp}-${physicalResourceId}`.substring(0, 64), + }; + credentials = new AWS.ChainableTemporaryCredentials({ + params: params, + }); + } + if (!Object.prototype.hasOwnProperty.call(AWS, call.service)) { + throw Error(`Service ${call.service} does not exist in AWS SDK version ${AWS.VERSION}.`); + } + const awsService = new AWS[call.service]({ + apiVersion: call.apiVersion, + credentials: credentials, + region: call.region, + }); + try { + const response = await awsService[call.action](call.parameters && decodeSpecialValues(call.parameters, physicalResourceId)).promise(); + flatData = { + apiVersion: awsService.config.apiVersion, + region: awsService.config.region, + ...flatten(response), + }; + let outputPaths; + if (call.outputPath) { + outputPaths = [call.outputPath]; + } + else if (call.outputPaths) { + outputPaths = call.outputPaths; + } + if (outputPaths) { + data = filterKeys(flatData, startsWithOneOf(outputPaths)); + } + else { + data = flatData; + } + } + catch (e) { + if (!call.ignoreErrorCodesMatching || !new RegExp(call.ignoreErrorCodesMatching).test(e.code)) { + throw e; + } + } + if (call.physicalResourceId?.responsePath) { + physicalResourceId = flatData[call.physicalResourceId.responsePath]; + } + } + await respond('SUCCESS', 'OK', physicalResourceId, data); + } + catch (e) { + console.log(e); + await respond('FAILED', e.message || 'Internal Error', context.logStreamName, {}); + } + function respond(responseStatus, reason, physicalResourceId, data) { + const responseBody = JSON.stringify({ + Status: responseStatus, + Reason: reason, + PhysicalResourceId: physicalResourceId, + StackId: event.StackId, + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + NoEcho: false, + Data: data, + }); + console.log('Responding', responseBody); + // eslint-disable-next-line @typescript-eslint/no-require-imports + const parsedUrl = require('url').parse(event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + return new Promise((resolve, reject) => { + try { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const request = require('https').request(requestOptions, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); + } +} +exports.handler = handler; +function decodeCall(call) { + if (!call) { + return undefined; + } + return JSON.parse(call); +} +function startsWithOneOf(searchStrings) { + return function (string) { + for (const searchString of searchStrings) { + if (string.startsWith(searchString)) { + return true; + } + } + return false; + }; +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsaURBQXlDO0FBQ3pDLHlCQUF5QjtBQUN6QiwrQkFBNEI7QUFTNUI7O0dBRUc7QUFDVSxRQUFBLDhCQUE4QixHQUFHLHNCQUFzQixDQUFDO0FBRXJFOzs7OztHQUtHO0FBQ0gsU0FBZ0IsT0FBTyxDQUFDLE1BQWM7SUFDcEMsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUNsQixFQUFFLEVBQ0YsR0FBRyxTQUFTLFFBQVEsQ0FBQyxLQUFVLEVBQUUsT0FBaUIsRUFBRTtRQUNsRCxPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQzthQUNuQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDVCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDeEYsT0FBTyxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksUUFBUSxLQUFLLElBQUk7Z0JBQ3RELENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUN4QyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLENBQUMsQ0FBQztRQUNyRCxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUNWLENBQUM7QUFDSixDQUFDO0FBYkQsMEJBYUM7QUFFRDs7R0FFRztBQUNILFNBQVMsbUJBQW1CLENBQUMsTUFBYyxFQUFFLGtCQUEwQjtJQUNyRSxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLEVBQUUsRUFBRTtRQUNsRCxRQUFRLENBQUMsRUFBRTtZQUNULEtBQUssc0NBQThCO2dCQUNqQyxPQUFPLGtCQUFrQixDQUFDO1lBQzVCO2dCQUNFLE9BQU8sQ0FBQyxDQUFDO1NBQ1o7SUFDSCxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQVMsVUFBVSxDQUFDLE1BQWMsRUFBRSxJQUE4QjtJQUNoRSxPQUFPLE1BQU0sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDO1NBQzFCLE1BQU0sQ0FDTCxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUN0QixDQUFDLENBQUMsRUFBRSxHQUFHLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRTtRQUNwQixDQUFDLENBQUMsR0FBRyxFQUNQLEVBQUUsQ0FDSCxDQUFDO0FBQ04sQ0FBQztBQUVELElBQUksa0JBQWtCLEdBQUcsS0FBSyxDQUFDO0FBRS9CLFNBQWdCLG9CQUFvQjtJQUNsQyxrQkFBa0IsR0FBRyxLQUFLLENBQUM7QUFDN0IsQ0FBQztBQUZELG9EQUVDO0FBRUQ7O0dBRUc7QUFDSCxTQUFTLGdCQUFnQjtJQUN2QixPQUFPLENBQUMsR0FBRyxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDNUMsb0ZBQW9GO0lBQ3BGLHdCQUFRLENBQUMsd0ZBQXdGLENBQUMsQ0FBQztJQUNuRyxrQkFBa0IsR0FBRyxJQUFJLENBQUM7QUFDNUIsQ0FBQztBQUVELGdDQUFnQztBQUNoQyxNQUFNLGVBQWUsR0FBcUQsRUFBRSxDQUFDO0FBQzdFOztHQUVHO0FBQ0gsU0FBUyxRQUFRLENBQUMsTUFBVztJQUMzQixNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDO0lBQ25DLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLFdBQVcsRUFBRSxXQUFXLEVBQUUsRUFBRSxFQUFFO1FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ25ELElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFO1lBQ2hELFNBQVMsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDMUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFDLGdCQUFnQixFQUFFLFdBQVcsQ0FBQyxDQUFDO1NBQ25GO2FBQU07WUFDTCxNQUFNLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDOUQ7UUFDRCxXQUFXLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxFQUFFO1lBQy9CLE1BQU0sQ0FBQyxjQUFjLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLFVBQVUsRUFBRTtnQkFDdEUsR0FBRyxFQUFFLFNBQVMsR0FBRztvQkFDZixNQUFNLGVBQWUsR0FBRyxpQkFBaUIsZ0JBQWdCLElBQUksVUFBVSxFQUFFLENBQUM7b0JBQzFFLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxlQUFlLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDO29CQUN2RyxLQUFLLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxrQkFBa0IsQ0FBQyxFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDO29CQUMxSCxPQUFPLEtBQUssQ0FBQztnQkFDZixDQUFDO2dCQUNELFVBQVUsRUFBRSxJQUFJO2dCQUNoQixZQUFZLEVBQUUsSUFBSTthQUNuQixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0gsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVELDZGQUE2RjtBQUN0RixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsSUFBSTtRQUNGLElBQUksR0FBUSxDQUFDO1FBQ2IsSUFBSSxDQUFDLGtCQUFrQixJQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsS0FBSyxNQUFNLEVBQUU7WUFDbEYsSUFBSTtnQkFDRixnQkFBZ0IsRUFBRSxDQUFDO2dCQUNuQixHQUFHLEdBQUcsT0FBTyxDQUFDLDJCQUEyQixDQUFDLENBQUM7YUFDNUM7WUFBQyxPQUFPLENBQUMsRUFBRTtnQkFDVixPQUFPLENBQUMsR0FBRyxDQUFDLHdDQUF3QyxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUN6RCxHQUFHLEdBQUcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsb0NBQW9DO2FBQy9EO1NBQ0Y7YUFBTSxJQUFJLGtCQUFrQixFQUFFO1lBQzdCLEdBQUcsR0FBRyxPQUFPLENBQUMsMkJBQTJCLENBQUMsQ0FBQztTQUM1QzthQUFNO1lBQ0wsR0FBRyxHQUFHLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztTQUMxQjtRQUNELElBQUk7WUFDRixHQUFHLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1NBQ3JCO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixPQUFPLENBQUMsR0FBRyxDQUFDLDRCQUE0QixDQUFDLHVDQUF1QyxDQUFDLENBQUM7U0FDbkY7UUFFRCxPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzlELE9BQU8sQ0FBQyxHQUFHLENBQUMsbUJBQW1CLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRS9DLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM5RSxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUUsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzlFLCtCQUErQjtRQUMvQixJQUFJLGtCQUEwQixDQUFDO1FBQy9CLFFBQVEsS0FBSyxDQUFDLFdBQVcsRUFBRTtZQUN6QixLQUFLLFFBQVE7Z0JBQ1gsa0JBQWtCLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sRUFBRSxrQkFBa0IsRUFBRSxFQUFFO29CQUN2RCxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxFQUFFLGtCQUFrQixFQUFFLEVBQUU7b0JBQ3ZELEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEVBQUUsa0JBQWtCLEVBQUUsRUFBRTtvQkFDdkQsS0FBSyxDQUFDLGlCQUFpQixDQUFDO2dCQUM3QyxNQUFNO1lBQ1IsS0FBSyxRQUFRLENBQUM7WUFDZCxLQUFLLFFBQVE7Z0JBQ1gsa0JBQWtCLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsRUFBRSxrQkFBa0IsRUFBRSxFQUFFLElBQUksS0FBSyxDQUFDLGtCQUFrQixDQUFDO2dCQUNySCxNQUFNO1NBQ1Q7UUFFRCxJQUFJLFFBQVEsR0FBOEIsRUFBRSxDQUFDO1FBQzdDLElBQUksSUFBSSxHQUE4QixFQUFFLENBQUM7UUFDekMsTUFBTSxJQUFJLEdBQTJCLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFakYsSUFBSSxJQUFJLEVBQUU7WUFFUixJQUFJLFdBQVcsQ0FBQztZQUNoQixJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUU7Z0JBQ3ZCLE1BQU0sU0FBUyxHQUFHLENBQUMsSUFBSSxJQUFJLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUV6QyxNQUFNLE1BQU0sR0FBRztvQkFDYixPQUFPLEVBQUUsSUFBSSxDQUFDLGNBQWM7b0JBQzVCLGVBQWUsRUFBRSxHQUFHLFNBQVMsSUFBSSxrQkFBa0IsRUFBRSxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDO2lCQUN2RSxDQUFDO2dCQUVGLFdBQVcsR0FBRyxJQUFJLEdBQUcsQ0FBQyw2QkFBNkIsQ0FBQztvQkFDbEQsTUFBTSxFQUFFLE1BQU07aUJBQ2YsQ0FBQyxDQUFDO2FBQ0o7WUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQzVELE1BQU0sS0FBSyxDQUFDLFdBQVcsSUFBSSxDQUFDLE9BQU8sc0NBQXNDLEdBQUcsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxDQUFDO2FBQzFGO1lBQ0QsTUFBTSxVQUFVLEdBQUcsSUFBSyxHQUFXLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUNoRCxVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVU7Z0JBQzNCLFdBQVcsRUFBRSxXQUFXO2dCQUN4QixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07YUFDcEIsQ0FBQyxDQUFDO1lBRUgsSUFBSTtnQkFDRixNQUFNLFFBQVEsR0FBRyxNQUFNLFVBQVUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQzVDLElBQUksQ0FBQyxVQUFVLElBQUksbUJBQW1CLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQ3pGLFFBQVEsR0FBRztvQkFDVCxVQUFVLEVBQUUsVUFBVSxDQUFDLE1BQU0sQ0FBQyxVQUFVO29CQUN4QyxNQUFNLEVBQUUsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNO29CQUNoQyxHQUFHLE9BQU8sQ0FBQyxRQUFRLENBQUM7aUJBQ3JCLENBQUM7Z0JBRUYsSUFBSSxXQUFpQyxDQUFDO2dCQUN0QyxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUU7b0JBQ25CLFdBQVcsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztpQkFDakM7cUJBQU0sSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFO29CQUMzQixXQUFXLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQztpQkFDaEM7Z0JBRUQsSUFBSSxXQUFXLEVBQUU7b0JBQ2YsSUFBSSxHQUFHLFVBQVUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7aUJBQzNEO3FCQUFNO29CQUNMLElBQUksR0FBRyxRQUFRLENBQUM7aUJBQ2pCO2FBQ0Y7WUFBQyxPQUFPLENBQUMsRUFBRTtnQkFDVixJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixJQUFJLENBQUMsSUFBSSxNQUFNLENBQUMsSUFBSSxDQUFDLHdCQUF3QixDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRTtvQkFDN0YsTUFBTSxDQUFDLENBQUM7aUJBQ1Q7YUFDRjtZQUVELElBQUksSUFBSSxDQUFDLGtCQUFrQixFQUFFLFlBQVksRUFBRTtnQkFDekMsa0JBQWtCLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxZQUFZLENBQUMsQ0FBQzthQUNyRTtTQUNGO1FBRUQsTUFBTSxPQUFPLENBQUMsU0FBUyxFQUFFLElBQUksRUFBRSxrQkFBa0IsRUFBRSxJQUFJLENBQUMsQ0FBQztLQUMxRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNmLE1BQU0sT0FBTyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsT0FBTyxJQUFJLGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxhQUFhLEVBQUUsRUFBRSxDQUFDLENBQUM7S0FDbkY7SUFFRCxTQUFTLE9BQU8sQ0FBQyxjQUFzQixFQUFFLE1BQWMsRUFBRSxrQkFBMEIsRUFBRSxJQUFTO1FBQzVGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUM7WUFDbEMsTUFBTSxFQUFFLGNBQWM7WUFDdEIsTUFBTSxFQUFFLE1BQU07WUFDZCxrQkFBa0IsRUFBRSxrQkFBa0I7WUFDdEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1lBQ3RCLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztZQUMxQixpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1lBQzFDLE1BQU0sRUFBRSxLQUFLO1lBQ2IsSUFBSSxFQUFFLElBQUk7U0FDWCxDQUFDLENBQUM7UUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRSxZQUFZLENBQUMsQ0FBQztRQUV4QyxpRUFBaUU7UUFDakUsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDMUQsTUFBTSxjQUFjLEdBQUc7WUFDckIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1lBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtZQUNwQixNQUFNLEVBQUUsS0FBSztZQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtTQUN2RSxDQUFDO1FBRUYsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtZQUNyQyxJQUFJO2dCQUNGLGlFQUFpRTtnQkFDakUsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDLE9BQU8sQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ2xFLE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsR0FBRyxFQUFFLENBQUM7YUFDZjtZQUFDLE9BQU8sQ0FBQyxFQUFFO2dCQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQzthQUNYO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0FBQ0gsQ0FBQztBQWpKRCwwQkFpSkM7QUFFRCxTQUFTLFVBQVUsQ0FBQyxJQUF3QjtJQUMxQyxJQUFJLENBQUMsSUFBSSxFQUFFO1FBQUUsT0FBTyxTQUFTLENBQUM7S0FBRTtJQUNoQyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDMUIsQ0FBQztBQUVELFNBQVMsZUFBZSxDQUFDLGFBQXVCO0lBQzlDLE9BQU8sVUFBUyxNQUFjO1FBQzVCLEtBQUssTUFBTSxZQUFZLElBQUksYUFBYSxFQUFFO1lBQ3hDLElBQUksTUFBTSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsRUFBRTtnQkFDbkMsT0FBTyxJQUFJLENBQUM7YUFDYjtTQUNGO1FBQ0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDLENBQUM7QUFDSixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgbm8tY29uc29sZSAqL1xuaW1wb3J0IHsgZXhlY1N5bmMgfSBmcm9tICdjaGlsZF9wcm9jZXNzJztcbmltcG9ydCAqIGFzIGZzIGZyb20gJ2ZzJztcbmltcG9ydCB7IGpvaW4gfSBmcm9tICdwYXRoJztcbi8vIGltcG9ydCB0aGUgQVdTTGFtYmRhIHBhY2thZ2UgZXhwbGljaXRseSxcbi8vIHdoaWNoIGlzIGdsb2JhbGx5IGF2YWlsYWJsZSBpbiB0aGUgTGFtYmRhIHJ1bnRpbWUsXG4vLyBhcyBvdGhlcndpc2UgbGlua2luZyB0aGlzIHJlcG9zaXRvcnkgd2l0aCBsaW5rLWFsbC5zaFxuLy8gZmFpbHMgaW4gdGhlIENESyBhcHAgZXhlY3V0ZWQgd2l0aCB0cy1ub2RlXG4vKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzLGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBBd3NTZGtDYWxsIH0gZnJvbSAnLi4vYXdzLWN1c3RvbS1yZXNvdXJjZSc7XG5cbi8qKlxuICogU2VyaWFsaXplZCBmb3JtIG9mIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBpZCBmb3IgdXNlIGluIHRoZSBvcGVyYXRpb24gcGFyYW1ldGVyc1xuICovXG5leHBvcnQgY29uc3QgUEhZU0lDQUxfUkVTT1VSQ0VfSURfUkVGRVJFTkNFID0gJ1BIWVNJQ0FMOlJFU09VUkNFSUQ6JztcblxuLyoqXG4gKiBGbGF0dGVucyBhIG5lc3RlZCBvYmplY3RcbiAqXG4gKiBAcGFyYW0gb2JqZWN0IHRoZSBvYmplY3QgdG8gYmUgZmxhdHRlbmVkXG4gKiBAcmV0dXJucyBhIGZsYXQgb2JqZWN0IHdpdGggcGF0aCBhcyBrZXlzXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBmbGF0dGVuKG9iamVjdDogb2JqZWN0KTogeyBba2V5OiBzdHJpbmddOiBhbnkgfSB7XG4gIHJldHVybiBPYmplY3QuYXNzaWduKFxuICAgIHt9LFxuICAgIC4uLmZ1bmN0aW9uIF9mbGF0dGVuKGNoaWxkOiBhbnksIHBhdGg6IHN0cmluZ1tdID0gW10pOiBhbnkge1xuICAgICAgcmV0dXJuIFtdLmNvbmNhdCguLi5PYmplY3Qua2V5cyhjaGlsZClcbiAgICAgICAgLm1hcChrZXkgPT4ge1xuICAgICAgICAgIGNvbnN0IGNoaWxkS2V5ID0gQnVmZmVyLmlzQnVmZmVyKGNoaWxkW2tleV0pID8gY2hpbGRba2V5XS50b1N0cmluZygndXRmOCcpIDogY2hpbGRba2V5XTtcbiAgICAgICAgICByZXR1cm4gdHlwZW9mIGNoaWxkS2V5ID09PSAnb2JqZWN0JyAmJiBjaGlsZEtleSAhPT0gbnVsbFxuICAgICAgICAgICAgPyBfZmxhdHRlbihjaGlsZEtleSwgcGF0aC5jb25jYXQoW2tleV0pKVxuICAgICAgICAgICAgOiAoeyBbcGF0aC5jb25jYXQoW2tleV0pLmpvaW4oJy4nKV06IGNoaWxkS2V5IH0pO1xuICAgICAgICB9KSk7XG4gICAgfShvYmplY3QpLFxuICApO1xufVxuXG4vKipcbiAqIERlY29kZXMgZW5jb2RlZCBzcGVjaWFsIHZhbHVlcyAocGh5c2ljYWxSZXNvdXJjZUlkKVxuICovXG5mdW5jdGlvbiBkZWNvZGVTcGVjaWFsVmFsdWVzKG9iamVjdDogb2JqZWN0LCBwaHlzaWNhbFJlc291cmNlSWQ6IHN0cmluZykge1xuICByZXR1cm4gSlNPTi5wYXJzZShKU09OLnN0cmluZ2lmeShvYmplY3QpLCAoX2ssIHYpID0+IHtcbiAgICBzd2l0Y2ggKHYpIHtcbiAgICAgIGNhc2UgUEhZU0lDQUxfUkVTT1VSQ0VfSURfUkVGRVJFTkNFOlxuICAgICAgICByZXR1cm4gcGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgICAgZGVmYXVsdDpcbiAgICAgICAgcmV0dXJuIHY7XG4gICAgfVxuICB9KTtcbn1cblxuLyoqXG4gKiBGaWx0ZXJzIHRoZSBrZXlzIG9mIGFuIG9iamVjdC5cbiAqL1xuZnVuY3Rpb24gZmlsdGVyS2V5cyhvYmplY3Q6IG9iamVjdCwgcHJlZDogKGtleTogc3RyaW5nKSA9PiBib29sZWFuKSB7XG4gIHJldHVybiBPYmplY3QuZW50cmllcyhvYmplY3QpXG4gICAgLnJlZHVjZShcbiAgICAgIChhY2MsIFtrLCB2XSkgPT4gcHJlZChrKVxuICAgICAgICA/IHsgLi4uYWNjLCBba106IHYgfVxuICAgICAgICA6IGFjYyxcbiAgICAgIHt9LFxuICAgICk7XG59XG5cbmxldCBsYXRlc3RTZGtJbnN0YWxsZWQgPSBmYWxzZTtcblxuZXhwb3J0IGZ1bmN0aW9uIGZvcmNlU2RrSW5zdGFsbGF0aW9uKCkge1xuICBsYXRlc3RTZGtJbnN0YWxsZWQgPSBmYWxzZTtcbn1cblxuLyoqXG4gKiBJbnN0YWxscyBsYXRlc3QgQVdTIFNESyB2MlxuICovXG5mdW5jdGlvbiBpbnN0YWxsTGF0ZXN0U2RrKCk6IHZvaWQge1xuICBjb25zb2xlLmxvZygnSW5zdGFsbGluZyBsYXRlc3QgQVdTIFNESyB2MicpO1xuICAvLyBCb3RoIEhPTUUgYW5kIC0tcHJlZml4IGFyZSBuZWVkZWQgaGVyZSBiZWNhdXNlIC90bXAgaXMgdGhlIG9ubHkgd3JpdGFibGUgbG9jYXRpb25cbiAgZXhlY1N5bmMoJ0hPTUU9L3RtcCBucG0gaW5zdGFsbCBhd3Mtc2RrQDIgLS1wcm9kdWN0aW9uIC0tbm8tcGFja2FnZS1sb2NrIC0tbm8tc2F2ZSAtLXByZWZpeCAvdG1wJyk7XG4gIGxhdGVzdFNka0luc3RhbGxlZCA9IHRydWU7XG59XG5cbi8vIG5vIGN1cnJlbnRseSBwYXRjaGVkIHNlcnZpY2VzXG5jb25zdCBwYXRjaGVkU2VydmljZXM6IHsgc2VydmljZU5hbWU6IHN0cmluZzsgYXBpVmVyc2lvbnM6IHN0cmluZ1tdIH1bXSA9IFtdO1xuLyoqXG4gKiBQYXRjaGVzIHRoZSBBV1MgU0RLIGJ5IGxvYWRpbmcgc2VydmljZSBtb2RlbHMgaW4gdGhlIHNhbWUgbWFubmVyIGFzIHRoZSBhY3R1YWwgU0RLXG4gKi9cbmZ1bmN0aW9uIHBhdGNoU2RrKGF3c1NkazogYW55KTogYW55IHtcbiAgY29uc3QgYXBpTG9hZGVyID0gYXdzU2RrLmFwaUxvYWRlcjtcbiAgcGF0Y2hlZFNlcnZpY2VzLmZvckVhY2goKHsgc2VydmljZU5hbWUsIGFwaVZlcnNpb25zIH0pID0+IHtcbiAgICBjb25zdCBsb3dlclNlcnZpY2VOYW1lID0gc2VydmljZU5hbWUudG9Mb3dlckNhc2UoKTtcbiAgICBpZiAoIWF3c1Nkay5TZXJ2aWNlLmhhc1NlcnZpY2UobG93ZXJTZXJ2aWNlTmFtZSkpIHtcbiAgICAgIGFwaUxvYWRlci5zZXJ2aWNlc1tsb3dlclNlcnZpY2VOYW1lXSA9IHt9O1xuICAgICAgYXdzU2RrW3NlcnZpY2VOYW1lXSA9IGF3c1Nkay5TZXJ2aWNlLmRlZmluZVNlcnZpY2UobG93ZXJTZXJ2aWNlTmFtZSwgYXBpVmVyc2lvbnMpO1xuICAgIH0gZWxzZSB7XG4gICAgICBhd3NTZGsuU2VydmljZS5hZGRWZXJzaW9ucyhhd3NTZGtbc2VydmljZU5hbWVdLCBhcGlWZXJzaW9ucyk7XG4gICAgfVxuICAgIGFwaVZlcnNpb25zLmZvckVhY2goYXBpVmVyc2lvbiA9PiB7XG4gICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoYXBpTG9hZGVyLnNlcnZpY2VzW2xvd2VyU2VydmljZU5hbWVdLCBhcGlWZXJzaW9uLCB7XG4gICAgICAgIGdldDogZnVuY3Rpb24gZ2V0KCkge1xuICAgICAgICAgIGNvbnN0IG1vZGVsRmlsZVByZWZpeCA9IGBhd3Mtc2RrLXBhdGNoLyR7bG93ZXJTZXJ2aWNlTmFtZX0tJHthcGlWZXJzaW9ufWA7XG4gICAgICAgICAgY29uc3QgbW9kZWwgPSBKU09OLnBhcnNlKGZzLnJlYWRGaWxlU3luYyhqb2luKF9fZGlybmFtZSwgYCR7bW9kZWxGaWxlUHJlZml4fS5zZXJ2aWNlLmpzb25gKSwgJ3V0Zi04JykpO1xuICAgICAgICAgIG1vZGVsLnBhZ2luYXRvcnMgPSBKU09OLnBhcnNlKGZzLnJlYWRGaWxlU3luYyhqb2luKF9fZGlybmFtZSwgYCR7bW9kZWxGaWxlUHJlZml4fS5wYWdpbmF0b3JzLmpzb25gKSwgJ3V0Zi04JykpLnBhZ2luYXRpb247XG4gICAgICAgICAgcmV0dXJuIG1vZGVsO1xuICAgICAgICB9LFxuICAgICAgICBlbnVtZXJhYmxlOiB0cnVlLFxuICAgICAgICBjb25maWd1cmFibGU6IHRydWUsXG4gICAgICB9KTtcbiAgICB9KTtcbiAgfSk7XG4gIHJldHVybiBhd3NTZGs7XG59XG5cbi8qIGVzbGludC1kaXNhYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHMsIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llcyAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIHRyeSB7XG4gICAgbGV0IEFXUzogYW55O1xuICAgIGlmICghbGF0ZXN0U2RrSW5zdGFsbGVkICYmIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5JbnN0YWxsTGF0ZXN0QXdzU2RrID09PSAndHJ1ZScpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGluc3RhbGxMYXRlc3RTZGsoKTtcbiAgICAgICAgQVdTID0gcmVxdWlyZSgnL3RtcC9ub2RlX21vZHVsZXMvYXdzLXNkaycpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICBjb25zb2xlLmxvZyhgRmFpbGVkIHRvIGluc3RhbGwgbGF0ZXN0IEFXUyBTREsgdjI6ICR7ZX1gKTtcbiAgICAgICAgQVdTID0gcmVxdWlyZSgnYXdzLXNkaycpOyAvLyBGYWxsYmFjayB0byBwcmUtaW5zdGFsbGVkIHZlcnNpb25cbiAgICAgIH1cbiAgICB9IGVsc2UgaWYgKGxhdGVzdFNka0luc3RhbGxlZCkge1xuICAgICAgQVdTID0gcmVxdWlyZSgnL3RtcC9ub2RlX21vZHVsZXMvYXdzLXNkaycpO1xuICAgIH0gZWxzZSB7XG4gICAgICBBV1MgPSByZXF1aXJlKCdhd3Mtc2RrJyk7XG4gICAgfVxuICAgIHRyeSB7XG4gICAgICBBV1MgPSBwYXRjaFNkayhBV1MpO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIGNvbnNvbGUubG9nKGBGYWlsZWQgdG8gcGF0Y2ggQVdTIFNESzogJHtlfS4gUHJvY2VlZGluZyB3aXRoIHRoZSBpbnN0YWxsZWQgY29weS5gKTtcbiAgICB9XG5cbiAgICBjb25zb2xlLmxvZyhKU09OLnN0cmluZ2lmeSh7IC4uLmV2ZW50LCBSZXNwb25zZVVSTDogJy4uLicgfSkpO1xuICAgIGNvbnNvbGUubG9nKCdBV1MgU0RLIFZFUlNJT046ICcgKyBBV1MuVkVSU0lPTik7XG5cbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuQ3JlYXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuQ3JlYXRlKTtcbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXBkYXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXBkYXRlKTtcbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlKTtcbiAgICAvLyBEZWZhdWx0IHBoeXNpY2FsIHJlc291cmNlIGlkXG4gICAgbGV0IHBoeXNpY2FsUmVzb3VyY2VJZDogc3RyaW5nO1xuICAgIHN3aXRjaCAoZXZlbnQuUmVxdWVzdFR5cGUpIHtcbiAgICAgIGNhc2UgJ0NyZWF0ZSc6XG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZCA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5DcmVhdGU/LnBoeXNpY2FsUmVzb3VyY2VJZD8uaWQgPz9cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLlVwZGF0ZT8ucGh5c2ljYWxSZXNvdXJjZUlkPy5pZCA/P1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlPy5waHlzaWNhbFJlc291cmNlSWQ/LmlkID8/XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgIGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkO1xuICAgICAgICBicmVhaztcbiAgICAgIGNhc2UgJ1VwZGF0ZSc6XG4gICAgICBjYXNlICdEZWxldGUnOlxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXNbZXZlbnQuUmVxdWVzdFR5cGVdPy5waHlzaWNhbFJlc291cmNlSWQ/LmlkID8/IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZDtcbiAgICAgICAgYnJlYWs7XG4gICAgfVxuXG4gICAgbGV0IGZsYXREYXRhOiB7IFtrZXk6IHN0cmluZ106IHN0cmluZyB9ID0ge307XG4gICAgbGV0IGRhdGE6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0gPSB7fTtcbiAgICBjb25zdCBjYWxsOiBBd3NTZGtDYWxsIHwgdW5kZWZpbmVkID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzW2V2ZW50LlJlcXVlc3RUeXBlXTtcblxuICAgIGlmIChjYWxsKSB7XG5cbiAgICAgIGxldCBjcmVkZW50aWFscztcbiAgICAgIGlmIChjYWxsLmFzc3VtZWRSb2xlQXJuKSB7XG4gICAgICAgIGNvbnN0IHRpbWVzdGFtcCA9IChuZXcgRGF0ZSgpKS5nZXRUaW1lKCk7XG5cbiAgICAgICAgY29uc3QgcGFyYW1zID0ge1xuICAgICAgICAgIFJvbGVBcm46IGNhbGwuYXNzdW1lZFJvbGVBcm4sXG4gICAgICAgICAgUm9sZVNlc3Npb25OYW1lOiBgJHt0aW1lc3RhbXB9LSR7cGh5c2ljYWxSZXNvdXJjZUlkfWAuc3Vic3RyaW5nKDAsIDY0KSxcbiAgICAgICAgfTtcblxuICAgICAgICBjcmVkZW50aWFscyA9IG5ldyBBV1MuQ2hhaW5hYmxlVGVtcG9yYXJ5Q3JlZGVudGlhbHMoe1xuICAgICAgICAgIHBhcmFtczogcGFyYW1zLFxuICAgICAgICB9KTtcbiAgICAgIH1cblxuICAgICAgaWYgKCFPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoQVdTLCBjYWxsLnNlcnZpY2UpKSB7XG4gICAgICAgIHRocm93IEVycm9yKGBTZXJ2aWNlICR7Y2FsbC5zZXJ2aWNlfSBkb2VzIG5vdCBleGlzdCBpbiBBV1MgU0RLIHZlcnNpb24gJHtBV1MuVkVSU0lPTn0uYCk7XG4gICAgICB9XG4gICAgICBjb25zdCBhd3NTZXJ2aWNlID0gbmV3IChBV1MgYXMgYW55KVtjYWxsLnNlcnZpY2VdKHtcbiAgICAgICAgYXBpVmVyc2lvbjogY2FsbC5hcGlWZXJzaW9uLFxuICAgICAgICBjcmVkZW50aWFsczogY3JlZGVudGlhbHMsXG4gICAgICAgIHJlZ2lvbjogY2FsbC5yZWdpb24sXG4gICAgICB9KTtcblxuICAgICAgdHJ5IHtcbiAgICAgICAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBhd3NTZXJ2aWNlW2NhbGwuYWN0aW9uXShcbiAgICAgICAgICBjYWxsLnBhcmFtZXRlcnMgJiYgZGVjb2RlU3BlY2lhbFZhbHVlcyhjYWxsLnBhcmFtZXRlcnMsIHBoeXNpY2FsUmVzb3VyY2VJZCkpLnByb21pc2UoKTtcbiAgICAgICAgZmxhdERhdGEgPSB7XG4gICAgICAgICAgYXBpVmVyc2lvbjogYXdzU2VydmljZS5jb25maWcuYXBpVmVyc2lvbiwgLy8gRm9yIHRlc3QgcHVycG9zZXM6IGNoZWNrIGlmIGFwaVZlcnNpb24gd2FzIGNvcnJlY3RseSBwYXNzZWQuXG4gICAgICAgICAgcmVnaW9uOiBhd3NTZXJ2aWNlLmNvbmZpZy5yZWdpb24sIC8vIEZvciB0ZXN0IHB1cnBvc2VzOiBjaGVjayBpZiByZWdpb24gd2FzIGNvcnJlY3RseSBwYXNzZWQuXG4gICAgICAgICAgLi4uZmxhdHRlbihyZXNwb25zZSksXG4gICAgICAgIH07XG5cbiAgICAgICAgbGV0IG91dHB1dFBhdGhzOiBzdHJpbmdbXSB8IHVuZGVmaW5lZDtcbiAgICAgICAgaWYgKGNhbGwub3V0cHV0UGF0aCkge1xuICAgICAgICAgIG91dHB1dFBhdGhzID0gW2NhbGwub3V0cHV0UGF0aF07XG4gICAgICAgIH0gZWxzZSBpZiAoY2FsbC5vdXRwdXRQYXRocykge1xuICAgICAgICAgIG91dHB1dFBhdGhzID0gY2FsbC5vdXRwdXRQYXRocztcbiAgICAgICAgfVxuXG4gICAgICAgIGlmIChvdXRwdXRQYXRocykge1xuICAgICAgICAgIGRhdGEgPSBmaWx0ZXJLZXlzKGZsYXREYXRhLCBzdGFydHNXaXRoT25lT2Yob3V0cHV0UGF0aHMpKTtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICBkYXRhID0gZmxhdERhdGE7XG4gICAgICAgIH1cbiAgICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgICAgaWYgKCFjYWxsLmlnbm9yZUVycm9yQ29kZXNNYXRjaGluZyB8fCAhbmV3IFJlZ0V4cChjYWxsLmlnbm9yZUVycm9yQ29kZXNNYXRjaGluZykudGVzdChlLmNvZGUpKSB7XG4gICAgICAgICAgdGhyb3cgZTtcbiAgICAgICAgfVxuICAgICAgfVxuXG4gICAgICBpZiAoY2FsbC5waHlzaWNhbFJlc291cmNlSWQ/LnJlc3BvbnNlUGF0aCkge1xuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQgPSBmbGF0RGF0YVtjYWxsLnBoeXNpY2FsUmVzb3VyY2VJZC5yZXNwb25zZVBhdGhdO1xuICAgICAgfVxuICAgIH1cblxuICAgIGF3YWl0IHJlc3BvbmQoJ1NVQ0NFU1MnLCAnT0snLCBwaHlzaWNhbFJlc291cmNlSWQsIGRhdGEpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgY29uc29sZS5sb2coZSk7XG4gICAgYXdhaXQgcmVzcG9uZCgnRkFJTEVEJywgZS5tZXNzYWdlIHx8ICdJbnRlcm5hbCBFcnJvcicsIGNvbnRleHQubG9nU3RyZWFtTmFtZSwge30pO1xuICB9XG5cbiAgZnVuY3Rpb24gcmVzcG9uZChyZXNwb25zZVN0YXR1czogc3RyaW5nLCByZWFzb246IHN0cmluZywgcGh5c2ljYWxSZXNvdXJjZUlkOiBzdHJpbmcsIGRhdGE6IGFueSkge1xuICAgIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgIFN0YXR1czogcmVzcG9uc2VTdGF0dXMsXG4gICAgICBSZWFzb246IHJlYXNvbixcbiAgICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICAgICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICAgIFJlcXVlc3RJZDogZXZlbnQuUmVxdWVzdElkLFxuICAgICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgICAgTm9FY2hvOiBmYWxzZSxcbiAgICAgIERhdGE6IGRhdGEsXG4gICAgfSk7XG5cbiAgICBjb25zb2xlLmxvZygnUmVzcG9uZGluZycsIHJlc3BvbnNlQm9keSk7XG5cbiAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgIGNvbnN0IHBhcnNlZFVybCA9IHJlcXVpcmUoJ3VybCcpLnBhcnNlKGV2ZW50LlJlc3BvbnNlVVJMKTtcbiAgICBjb25zdCByZXF1ZXN0T3B0aW9ucyA9IHtcbiAgICAgIGhvc3RuYW1lOiBwYXJzZWRVcmwuaG9zdG5hbWUsXG4gICAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgICBoZWFkZXJzOiB7ICdjb250ZW50LXR5cGUnOiAnJywgJ2NvbnRlbnQtbGVuZ3RoJzogcmVzcG9uc2VCb2R5Lmxlbmd0aCB9LFxuICAgIH07XG5cbiAgICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgICAgdHJ5IHtcbiAgICAgICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICAgICAgY29uc3QgcmVxdWVzdCA9IHJlcXVpcmUoJ2h0dHBzJykucmVxdWVzdChyZXF1ZXN0T3B0aW9ucywgcmVzb2x2ZSk7XG4gICAgICAgIHJlcXVlc3Qub24oJ2Vycm9yJywgcmVqZWN0KTtcbiAgICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgICByZXF1ZXN0LmVuZCgpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICByZWplY3QoZSk7XG4gICAgICB9XG4gICAgfSk7XG4gIH1cbn1cblxuZnVuY3Rpb24gZGVjb2RlQ2FsbChjYWxsOiBzdHJpbmcgfCB1bmRlZmluZWQpIHtcbiAgaWYgKCFjYWxsKSB7IHJldHVybiB1bmRlZmluZWQ7IH1cbiAgcmV0dXJuIEpTT04ucGFyc2UoY2FsbCk7XG59XG5cbmZ1bmN0aW9uIHN0YXJ0c1dpdGhPbmVPZihzZWFyY2hTdHJpbmdzOiBzdHJpbmdbXSk6IChzdHJpbmc6IHN0cmluZykgPT4gYm9vbGVhbiB7XG4gIHJldHVybiBmdW5jdGlvbihzdHJpbmc6IHN0cmluZyk6IGJvb2xlYW4ge1xuICAgIGZvciAoY29uc3Qgc2VhcmNoU3RyaW5nIG9mIHNlYXJjaFN0cmluZ3MpIHtcbiAgICAgIGlmIChzdHJpbmcuc3RhcnRzV2l0aChzZWFyY2hTdHJpbmcpKSB7XG4gICAgICAgIHJldHVybiB0cnVlO1xuICAgICAgfVxuICAgIH1cbiAgICByZXR1cm4gZmFsc2U7XG4gIH07XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.assets.json b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.assets.json new file mode 100644 index 0000000000000..2a16e6998cdee --- /dev/null +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.assets.json @@ -0,0 +1,32 @@ +{ + "version": "20.0.0", + "files": { + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "source": { + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "a09e3952a00512ff423e162936d8b4f56b506ee42564ce9c1428aff3aade5214": { + "source": { + "path": "integ-user-pool-client-explicit-props.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "a09e3952a00512ff423e162936d8b4f56b506ee42564ce9c1428aff3aade5214.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.template.json b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.template.json index dee8380750373..b1859e5657629 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.template.json +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/integ-user-pool-client-explicit-props.template.json @@ -97,6 +97,186 @@ "zoneinfo" ] } + }, + "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyF83BED40": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "cognito-idp:DescribeUserPoolClient", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myuserpool01998219", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyF83BED40", + "Roles": [ + { + "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + } + ] + } + }, + "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientEA733B32": { + "Type": "Custom::DescribeCognitoUserPoolClient", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd22872D164C4C", + "Arn" + ] + }, + "Create": { + "Fn::Join": [ + "", + [ + "{\"region\":\"", + { + "Ref": "AWS::Region" + }, + "\",\"service\":\"CognitoIdentityServiceProvider\",\"action\":\"describeUserPoolClient\",\"parameters\":{\"UserPoolId\":\"", + { + "Ref": "myuserpool01998219" + }, + "\",\"ClientId\":\"", + { + "Ref": "myuserpoolmyuserpoolclientAFB2274E" + }, + "\"},\"physicalResourceId\":{\"id\":\"", + { + "Ref": "myuserpoolmyuserpoolclientAFB2274E" + }, + "\"}}" + ] + ] + }, + "InstallLatestAwsSdk": true + }, + "DependsOn": [ + "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyF83BED40" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "nodejs14.x", + "Timeout": 120 + }, + "DependsOn": [ + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + ] + }, + "SecretA720EF05": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": { + "Fn::GetAtt": [ + "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientEA733B32", + "UserPoolClient.ClientSecret" + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A": { + "Type": "String", + "Description": "S3 bucket for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" + }, + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5": { + "Type": "String", + "Description": "S3 key for asset version \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" + }, + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC": { + "Type": "String", + "Description": "Artifact hash for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/manifest.json index 88e9bac5a8dc1..39622dc4b2b05 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -15,6 +15,20 @@ "validateOnSynth": false }, "metadata": { + "/integ-user-pool-client-explicit-props": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "packaging": "zip", + "sourceHash": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "s3BucketParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A", + "s3KeyParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5", + "artifactHashParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" + } + } + ], "/integ-user-pool-client-explicit-props/myuserpool/Resource": [ { "type": "aws:cdk:logicalId", @@ -26,6 +40,54 @@ "type": "aws:cdk:logicalId", "data": "myuserpoolmyuserpoolclientAFB2274E" } + ], + "/integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/CustomResourcePolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyF83BED40" + } + ], + "/integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/Resource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientEA733B32" + } + ], + "/integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + } + ], + "/integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C" + } + ], + "/integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" + } + ], + "/integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" + } + ], + "/integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" + } + ], + "/integ-user-pool-client-explicit-props/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SecretA720EF05" + } ] }, "displayName": "integ-user-pool-client-explicit-props" diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/tree.json b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/tree.json index 4b467d623b0b8..31651db839fc7 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client-explicit-props.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.51" } }, "integ-user-pool-client-explicit-props": { @@ -135,6 +135,86 @@ "fqn": "@aws-cdk/aws-cognito.CfnUserPoolClient", "version": "0.0.0" } + }, + "DescribeCognitoUserPoolClient": { + "id": "DescribeCognitoUserPoolClient", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient", + "children": { + "Provider": { + "id": "Provider", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/Provider", + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.SingletonFunction", + "version": "0.0.0" + } + }, + "CustomResourcePolicy": { + "id": "CustomResourcePolicy", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/CustomResourcePolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/CustomResourcePolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "cognito-idp:DescribeUserPoolClient", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myuserpool01998219", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyF83BED40", + "roles": [ + { + "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/Resource", + "children": { + "Default": { + "id": "Default", + "path": "integ-user-pool-client-explicit-props/myuserpool/myuserpoolclient/DescribeCognitoUserPoolClient/Resource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/custom-resources.AwsCustomResource", + "version": "0.0.0" + } } }, "constructInfo": { @@ -147,6 +227,224 @@ "fqn": "@aws-cdk/aws-cognito.UserPool", "version": "0.0.0" } + }, + "AWS679f53fac002430cb0da5b7982bd2287": { + "id": "AWS679f53fac002430cb0da5b7982bd2287", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-user-pool-client-explicit-props/AWS679f53fac002430cb0da5b7982bd2287/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", + "Arn" + ] + }, + "handler": "index.handler", + "runtime": "nodejs14.x", + "timeout": 120 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "integ-user-pool-client-explicit-props/AssetParameters", + "children": { + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "path": "integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "integ-user-pool-client-explicit-props/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "Secret": { + "id": "Secret", + "path": "integ-user-pool-client-explicit-props/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-user-pool-client-explicit-props/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": { + "Fn::GetAtt": [ + "myuserpoolmyuserpoolclientDescribeCognitoUserPoolClientEA733B32", + "UserPoolClient.ClientSecret" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts index 2ee44dc877066..e4b357e96e927 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts @@ -42,6 +42,165 @@ describe('User Pool Client', () => { expect(() => client2.userPoolClientName).toThrow(/available only if specified on the UserPoolClient during initialization/); }); + describe('Client with secret', () => { + + test('generate secret', () => { + // GIVEN + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + const clientWithSecret = new UserPoolClient(stack, 'clientWithSecret', { + userPool: pool, + generateSecret: true, + }); + + // THEN + expect(clientWithSecret.userPoolClientSecret).toBeDefined(); + + // Make sure getter returns the same secret regardless if it's called one or many times + expect(clientWithSecret.userPoolClientSecret).toEqual(clientWithSecret.userPoolClientSecret); + + // Make sure the generated template has correct resources + Template.fromStack(stack).hasResourceProperties('Custom::DescribeCognitoUserPoolClient', { + ServiceToken: { + 'Fn::GetAtt': [ + 'AWS679f53fac002430cb0da5b7982bd22872D164C4C', + 'Arn', + ], + }, + Create: { + 'Fn::Join': [ + '', + [ + '{"region":"', + { + Ref: 'AWS::Region', + }, + '","service":"CognitoIdentityServiceProvider","action":"describeUserPoolClient","parameters":{"UserPoolId":"', + { + Ref: 'PoolD3F588B8', + }, + '","ClientId":"', + { + Ref: 'clientWithSecretD25031A8', + }, + '"},"physicalResourceId":{"id":"', + { + Ref: 'clientWithSecretD25031A8', + }, + '"}}', + ], + ], + }, + InstallLatestAwsSdk: true, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [{ + Action: 'cognito-idp:DescribeUserPoolClient', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'PoolD3F588B8', + 'Arn', + ], + }, + }], + Version: '2012-10-17', + }, + PolicyName: 'clientWithSecretDescribeCognitoUserPoolClientCustomResourcePolicyCDE4AB00', + Roles: [{ Ref: 'AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2' }], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [{ + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'lambda.amazonaws.com', + }, + }], + Version: '2012-10-17', + }, + ManagedPolicyArns: [{ + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':iam::aws:policy/service-role/AWSLambdaBasicExecutionRole', + ], + ], + }], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + Code: { + S3Bucket: { + 'Fn::Sub': 'cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}', + }, + S3Key: '105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286.zip', + }, + Role: { + 'Fn::GetAtt': [ + 'AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2', + 'Arn', + ], + }, + Handler: 'index.handler', + Runtime: 'nodejs14.x', + Timeout: 120, + }); + }); + + test('explicitly disable secret generation', () => { + // GIVEN + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + const clientWithoutSecret = new UserPoolClient(stack, 'clientWithoutSecret1', { + userPool: pool, + generateSecret: false, + }); + + // THEN + expect(() => clientWithoutSecret.userPoolClientSecret).toThrow(/userPoolClientSecret is available only if generateSecret is set to true./); + + // Make sure the generated template does not create resources + expect(Template.fromStack(stack).findResources('Custom::DescribeCognitoUserPoolClient')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::IAM::Policy')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::IAM::Role')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::Lambda::Function')).toEqual({}); + }); + + test('lacking secret configuration implicitly disables it', () => { + // GIVEN + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + const clientWithoutSecret = new UserPoolClient(stack, 'clientWithoutSecret2', { + userPool: pool, + generateSecret: undefined, + }); + + // THEN + expect(() => clientWithoutSecret.userPoolClientSecret).toThrow(/userPoolClientSecret is available only if generateSecret is set to true./); + + // Make sure the generated template does not create resources + expect(Template.fromStack(stack).findResources('Custom::DescribeCognitoUserPoolClient')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::IAM::Policy')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::IAM::Role')).toEqual({}); + expect(Template.fromStack(stack).findResources('AWS::Lambda::Function')).toEqual({}); + }); + }); + test('import', () => { // GIVEN const stack = new Stack(); diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/integ-user-pool-resource-server.assets.json b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/integ-user-pool-resource-server.assets.json new file mode 100644 index 0000000000000..631e9fcea9bfe --- /dev/null +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/integ-user-pool-resource-server.assets.json @@ -0,0 +1,19 @@ +{ + "version": "20.0.0", + "files": { + "049bd36f74620af6fc8d539c066135f807e1f738f45d6553a63580253593f5d2": { + "source": { + "path": "integ-user-pool-resource-server.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "049bd36f74620af6fc8d539c066135f807e1f738f45d6553a63580253593f5d2.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/manifest.json index b5e4fd43f14a0..3074b3c110d9c 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -44,6 +44,42 @@ "type": "aws:cdk:logicalId", "data": "clientid" } + ], + "myuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyFAAD57F1": [ + { + "type": "aws:cdk:logicalId", + "data": "myuserpoolclientDescribeCognitoUserPoolClientCustomResourcePolicyFAAD57F1", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "myuserpoolclientDescribeCognitoUserPoolClient662FE3FB": [ + { + "type": "aws:cdk:logicalId", + "data": "myuserpoolclientDescribeCognitoUserPoolClient662FE3FB", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": [ + { + "type": "aws:cdk:logicalId", + "data": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "AWS679f53fac002430cb0da5b7982bd22872D164C4C": [ + { + "type": "aws:cdk:logicalId", + "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "integ-user-pool-resource-server" diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/tree.json b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/tree.json index c282784d7d870..33bc803afecd7 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-resource-server.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.51" } }, "integ-user-pool-resource-server": { diff --git a/packages/@aws-cdk/aws-config/lib/rule.ts b/packages/@aws-cdk/aws-config/lib/rule.ts index f47625651c990..c4c6e14a2377c 100644 --- a/packages/@aws-cdk/aws-config/lib/rule.ts +++ b/packages/@aws-cdk/aws-config/lib/rule.ts @@ -1318,6 +1318,8 @@ export class ResourceType { public static readonly EC2_EIP = new ResourceType('AWS::EC2::EIP'); /** EC2 instance */ public static readonly EC2_INSTANCE = new ResourceType('AWS::EC2::Instance'); + /** EC2 Network Interface */ + public static readonly EC2_NETWORK_INTERFACE = new ResourceType('AWS::EC2::NetworkInterface'); /** EC2 security group */ public static readonly EC2_SECURITY_GROUP = new ResourceType('AWS::EC2::SecurityGroup'); /** EC2 NAT gateway */ @@ -1326,18 +1328,54 @@ export class ResourceType { public static readonly EC2_EGRESS_ONLY_INTERNET_GATEWAY = new ResourceType('AWS::EC2::EgressOnlyInternetGateway'); /** EC2 flow log */ public static readonly EC2_FLOW_LOG = new ResourceType('AWS::EC2::FlowLog'); + /** EC2 transit gateway */ + public static readonly EC2_TRANSIT_GATEWAY = new ResourceType('AWS::EC2::TransitGateway'); + /** EC2 transit gateway attachment */ + public static readonly EC2_TRANSIT_GATEWAY_ATTACHMENT = new ResourceType('AWS::EC2::TransitGatewayAttachment'); + /** EC2 transit gateway route table */ + public static readonly EC2_TRANSIT_GATEWAY_ROUTE_TABLE = new ResourceType('AWS::EC2::TransitGatewayRouteTable'); /** EC2 VPC endpoint */ public static readonly EC2_VPC_ENDPOINT = new ResourceType('AWS::EC2::VPCEndpoint'); /** EC2 VPC endpoint service */ public static readonly EC2_VPC_ENDPOINT_SERVICE = new ResourceType('AWS::EC2::VPCEndpointService'); /** EC2 VPC peering connection */ public static readonly EC2_VPC_PEERING_CONNECTION = new ResourceType('AWS::EC2::VPCPeeringConnection'); + /** EC2 registered HA instance */ + public static readonly EC2_REGISTERED_HA_INSTANCE = new ResourceType('AWS::EC2::RegisteredHAInstance'); + /** EC2 launch template */ + public static readonly EC2_LAUNCH_TEMPLATE = new ResourceType('AWS::EC2::LaunchTemplate'); + /** Amazon ECR repository */ + public static readonly ECR_REPOSITORY = new ResourceType('AWS::ECR::Repository'); + /** Amazon ECR public repository */ + public static readonly ECR_PUBLIC_REPOSITORY = new ResourceType('AWS::ECR::PublicRepository'); + /** Amazon ECS cluster */ + public static readonly ECS_CLUSTER = new ResourceType('AWS::ECS::Cluster'); + /** Amazon ECS task definition */ + public static readonly ECS_TASK_DEFINITION = new ResourceType('AWS::ECS::TaskDefinition'); + /** Amazon ECS service */ + public static readonly ECS_SERVICE = new ResourceType('AWS::ECS::Service'); + /** Amazon EFS file system */ + public static readonly EFS_FILE_SYSTEM = new ResourceType('AWS::EFS::FileSystem'); + /** Amazon EFS access point */ + public static readonly EFS_ACCESS_POINT = new ResourceType('AWS::EFS::AccessPoint'); /** Amazon Elastic Kubernetes Service cluster */ public static readonly EKS_CLUSTER = new ResourceType('AWS::EKS::Cluster'); + /** Amazon EMR security configuration */ + public static readonly EMR_SECURITY_CONFIGURATION = new ResourceType('AWS::EMR::SecurityConfiguration'); + /** Amazon GuardDuty detector */ + public static readonly GUARDDUTY_DETECTOR = new ResourceType('AWS::GuardDuty::Detector'); /** Amazon ElasticSearch domain */ public static readonly ELASTICSEARCH_DOMAIN = new ResourceType('AWS::Elasticsearch::Domain'); + /** Amazon OpenSearch domain */ + public static readonly OPENSEARCH_DOMAIN = new ResourceType('AWS::OpenSearch::Domain'); /** Amazon QLDB ledger */ public static readonly QLDB_LEDGER = new ResourceType('AWS::QLDB::Ledger'); + /** Amazon Kinesis stream */ + public static readonly KINESIS_STREAM = new ResourceType('AWS::Kinesis::Stream'); + /** Amazon Kinesis stream consumer */ + public static readonly KINESIS_STREAM_CONSUMER = new ResourceType('AWS::Kinesis::StreamConsumer'); + /** Amazon MSK cluster */ + public static readonly MSK_CLUSTER = new ResourceType('AWS::MSK::Cluster'); /** Amazon Redshift cluster */ public static readonly REDSHIFT_CLUSTER = new ResourceType('AWS::Redshift::Cluster'); /** Amazon Redshift cluster parameter group */ @@ -1364,12 +1402,24 @@ export class ResourceType { public static readonly RDS_DB_CLUSTER = new ResourceType('AWS::RDS::DBCluster'); /** Amazon RDS database cluster snapshot */ public static readonly RDS_DB_CLUSTER_SNAPSHOT = new ResourceType('AWS::RDS::DBClusterSnapshot'); + /** Amazon Route53 resolver resolver endpoint */ + public static readonly ROUTE53_RESOLVER_RESOLVER_ENDPOINT = new ResourceType('AWS::Route53Resolver::ResolverEndpoint'); + /** Amazon Route53 resolver resolver rule */ + public static readonly ROUTE53_RESOLVER_RESOLVER_RULE = new ResourceType('AWS::Route53Resolver::ResolverRule'); + /** Amazon Route53 resolver resolver rule association */ + public static readonly ROUTE53_RESOLVER_RESOLVER_RULE_ASSOCIATION = new ResourceType('AWS::Route53Resolver::ResolverRuleAssociation'); /** Amazon SQS queue */ public static readonly SQS_QUEUE = new ResourceType('AWS::SQS::Queue'); /** Amazon SNS topic */ public static readonly SNS_TOPIC = new ResourceType('AWS::SNS::Topic'); /** Amazon S3 bucket */ public static readonly S3_BUCKET = new ResourceType('AWS::S3::Bucket'); + /** Amazon SageMaker code repository */ + public static readonly SAGEMAKER_CODE_REPOSITORY = new ResourceType('AWS::SageMaker::CodeRepository'); + /** Amazon SageMaker model */ + public static readonly SAGEMAKER_MODEL = new ResourceType('AWS::SageMaker::Model'); + /** Amazon SageMaker notebook instance */ + public static readonly SAGEMAKER_NOTEBOOK_INSTANCE = new ResourceType('AWS::SageMaker::NotebookInstance'); /** Amazon S3 account public access block */ public static readonly S3_ACCOUNT_PUBLIC_ACCESS_BLOCK = new ResourceType('AWS::S3::AccountPublicAccessBlock'); /** Amazon EC2 customer gateway */ @@ -1396,6 +1446,22 @@ export class ResourceType { public static readonly AUTO_SCALING_POLICY = new ResourceType('AWS::AutoScaling::ScalingPolicy'); /** AWS Auto Scaling scheduled action */ public static readonly AUTO_SCALING_SCHEDULED_ACTION = new ResourceType('AWS::AutoScaling::ScheduledAction'); + /** Amazon WorkSpaces connection alias */ + public static readonly WORKSPACES_CONNECTION_ALIAS = new ResourceType('AWS::WorkSpaces::ConnectionAlias'); + /** Amazon WorkSpaces workSpace */ + public static readonly WORKSPACES_WORKSPACE = new ResourceType('AWS::WorkSpaces::Workspace'); + /** AWS Backup backup plan */ + public static readonly BACKUP_BACKUP_PLAN = new ResourceType('AWS::Backup::BackupPlan'); + /** AWS Backup backup selection */ + public static readonly BACKUP_BACKUP_SELECTION = new ResourceType('AWS::Backup::BackupSelection'); + /** AWS Backup backup vault */ + public static readonly BACKUP_BACKUP_VAULT = new ResourceType('AWS::Backup::BackupVault'); + /** AWS Backup backup recovery point */ + public static readonly BACKUP_RECOVERY_POINT = new ResourceType('AWS::Backup::RecoveryPoint'); + /** AWS Batch job queue */ + public static readonly BATCH_JOB_QUEUE = new ResourceType('AWS::Batch::JobQueue'); + /** AWS Batch compute environment */ + public static readonly BATCH_COMPUTE_ENVIRONMENT = new ResourceType('AWS::Batch::ComputeEnvironment'); /** AWS Certificate manager certificate */ public static readonly ACM_CERTIFICATE = new ResourceType('AWS::ACM::Certificate'); /** AWS CloudFormation stack */ @@ -1404,14 +1470,34 @@ export class ResourceType { public static readonly CLOUDTRAIL_TRAIL = new ResourceType('AWS::CloudTrail::Trail'); /** AWS CodeBuild project */ public static readonly CODEBUILD_PROJECT = new ResourceType('AWS::CodeBuild::Project'); + /** AWS CodeDeploy application */ + public static readonly CODEDEPLOY_APPLICATION = new ResourceType('AWS::CodeDeploy::Application'); + /** AWS CodeDeploy deployment config */ + public static readonly CODEDEPLOY_DEPLOYMENT_CONFIG = new ResourceType('AWS::CodeDeploy::DeploymentConfig'); + /** AWS CodeDeploy deployment group */ + public static readonly CODEDEPLOY_DEPLOYMENT_GROUP = new ResourceType('AWS::CodeDeploy::DeploymentGroup'); /** AWS CodePipeline pipeline */ public static readonly CODEPIPELINE_PIPELINE = new ResourceType('AWS::CodePipeline::Pipeline'); + /** AWS Config resource compliance */ + public static readonly CONFIG_RESOURCE_COMPLIANCE = new ResourceType('AWS::Config::ResourceCompliance'); + /** AWS Config conformance pack compliance */ + public static readonly CONFIG_CONFORMANCE_PACK_COMPLIANCE = new ResourceType('AWS::Config::ConformancePackCompliance'); + /** AWS DMS event subscription */ + public static readonly DMS_EVENT_SUBSCRIPTION = new ResourceType('AWS::DMS::EventSubscription'); + /** AWS DMS replication subnet group */ + public static readonly DMS_REPLICATION_SUBNET_GROUP = new ResourceType('AWS::DMS::ReplicationSubnetGroup'); /** AWS Elastic Beanstalk (EB) application */ public static readonly ELASTIC_BEANSTALK_APPLICATION = new ResourceType('AWS::ElasticBeanstalk::Application'); /** AWS Elastic Beanstalk (EB) application version */ public static readonly ELASTIC_BEANSTALK_APPLICATION_VERSION = new ResourceType('AWS::ElasticBeanstalk::ApplicationVersion'); /** AWS Elastic Beanstalk (EB) environment */ public static readonly ELASTIC_BEANSTALK_ENVIRONMENT = new ResourceType('AWS::ElasticBeanstalk::Environment'); + /** AWS GlobalAccelerator listener */ + public static readonly GLOBALACCELERATOR_LISTENER = new ResourceType('AWS::GlobalAccelerator::Listener'); + /** AWS GlobalAccelerator endpoint group */ + public static readonly GLOBALACCELERATOR_ENDPOINT_GROUP = new ResourceType('AWS::GlobalAccelerator::EndpointGroup'); + /** AWS GlobalAccelerator accelerator */ + public static readonly GLOBALACCELERATOR_ACCELERATOR = new ResourceType('AWS::GlobalAccelerator::Accelerator'); /** AWS IAM user */ public static readonly IAM_USER = new ResourceType('AWS::IAM::User'); /** AWS IAM group */ @@ -1420,6 +1506,8 @@ export class ResourceType { public static readonly IAM_ROLE = new ResourceType('AWS::IAM::Role'); /** AWS IAM policy */ public static readonly IAM_POLICY = new ResourceType('AWS::IAM::Policy'); + /** AWS IAM AccessAnalyzer analyzer */ + public static readonly IAM_ACCESSANALYZER_ANALYZER = new ResourceType('AWS::AccessAnalyzer::Analyzer'); /** AWS KMS Key */ public static readonly KMS_KEY = new ResourceType('AWS::KMS::Key'); /** AWS Lambda function */ @@ -1437,6 +1525,10 @@ export class ResourceType { public static readonly SHIELD_PROTECTION = new ResourceType('AWS::Shield::Protection'); /** AWS Shield regional protection */ public static readonly SHIELD_REGIONAL_PROTECTION = new ResourceType('AWS::ShieldRegional::Protection'); + /** AWS StepFunctions activity */ + public static readonly STEPFUNCTIONS_ACTIVITY = new ResourceType('AWS::StepFunctions::Activity'); + /** AWS StepFunctions state machine */ + public static readonly STEPFUNCTIONS_STATE_MACHINE = new ResourceType('AWS::StepFunctions::StateMachine'); /** AWS Systems Manager managed instance inventory */ public static readonly SYSTEMS_MANAGER_MANAGED_INSTANCE_INVENTORY = new ResourceType('AWS::SSM::ManagedInstanceInventory'); /** AWS Systems Manager patch compliance */ @@ -1467,12 +1559,18 @@ export class ResourceType { public static readonly WAFV2_RULE_GROUP = new ResourceType('AWS::WAFv2::RuleGroup'); /** AWS WAFv2 managed rule set */ public static readonly WAFV2_MANAGED_RULE_SET = new ResourceType('AWS::WAFv2::ManagedRuleSet'); + /** AWS WAFv2 ip set */ + public static readonly WAFV2_IP_SET = new ResourceType('AWS::WAFv2::IPSet'); + /** AWS WAFv2 regex pattern set */ + public static readonly WAFV2_REGEX_PATTERN_SET = new ResourceType('AWS::WAFv2::RegexPatternSet'); /** AWS X-Ray encryption configuration */ public static readonly XRAY_ENCRYPTION_CONFIGURATION = new ResourceType('AWS::XRay::EncryptionConfig'); /** AWS ELB classic load balancer */ public static readonly ELB_LOAD_BALANCER = new ResourceType('AWS::ElasticLoadBalancing::LoadBalancer'); /** AWS ELBv2 network load balancer or AWS ELBv2 application load balancer */ public static readonly ELBV2_LOAD_BALANCER = new ResourceType('AWS::ElasticLoadBalancingV2::LoadBalancer'); + /** AWS ELBv2 application load balancer listener */ + public static readonly ELBV2_LISTENER = new ResourceType('AWS::ElasticLoadBalancingV2::Listener'); /** A custom resource type to support future cases. */ public static of(type: string): ResourceType { diff --git a/packages/@aws-cdk/aws-config/test/rule.test.ts b/packages/@aws-cdk/aws-config/test/rule.test.ts index bc33acf58d5ab..284354d302f9d 100644 --- a/packages/@aws-cdk/aws-config/test/rule.test.ts +++ b/packages/@aws-cdk/aws-config/test/rule.test.ts @@ -298,4 +298,123 @@ describe('rule', () => { }, }); }); + + test('scope to resource', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new config.ManagedRule(stack, 'Rule', { + identifier: 'AWS_SUPER_COOL', + ruleScope: config.RuleScope.fromResources([ + config.ResourceType.EC2_NETWORK_INTERFACE, + config.ResourceType.EC2_TRANSIT_GATEWAY, + config.ResourceType.EC2_TRANSIT_GATEWAY_ATTACHMENT, + config.ResourceType.EC2_TRANSIT_GATEWAY_ROUTE_TABLE, + config.ResourceType.EC2_REGISTERED_HA_INSTANCE, + config.ResourceType.EC2_LAUNCH_TEMPLATE, + config.ResourceType.ECR_REPOSITORY, + config.ResourceType.ECR_PUBLIC_REPOSITORY, + config.ResourceType.ECS_CLUSTER, + config.ResourceType.ECS_TASK_DEFINITION, + config.ResourceType.ECS_SERVICE, + config.ResourceType.EFS_FILE_SYSTEM, + config.ResourceType.EFS_ACCESS_POINT, + config.ResourceType.EMR_SECURITY_CONFIGURATION, + config.ResourceType.GUARDDUTY_DETECTOR, + config.ResourceType.OPENSEARCH_DOMAIN, + config.ResourceType.KINESIS_STREAM, + config.ResourceType.KINESIS_STREAM_CONSUMER, + config.ResourceType.MSK_CLUSTER, + config.ResourceType.ROUTE53_RESOLVER_RESOLVER_ENDPOINT, + config.ResourceType.ROUTE53_RESOLVER_RESOLVER_RULE, + config.ResourceType.ROUTE53_RESOLVER_RESOLVER_RULE_ASSOCIATION, + config.ResourceType.SAGEMAKER_CODE_REPOSITORY, + config.ResourceType.SAGEMAKER_MODEL, + config.ResourceType.SAGEMAKER_NOTEBOOK_INSTANCE, + config.ResourceType.WORKSPACES_CONNECTION_ALIAS, + config.ResourceType.WORKSPACES_WORKSPACE, + config.ResourceType.BACKUP_BACKUP_PLAN, + config.ResourceType.BACKUP_BACKUP_SELECTION, + config.ResourceType.BACKUP_BACKUP_VAULT, + config.ResourceType.BACKUP_RECOVERY_POINT, + config.ResourceType.BATCH_JOB_QUEUE, + config.ResourceType.BATCH_COMPUTE_ENVIRONMENT, + config.ResourceType.CODEDEPLOY_APPLICATION, + config.ResourceType.CODEDEPLOY_DEPLOYMENT_CONFIG, + config.ResourceType.CODEDEPLOY_DEPLOYMENT_GROUP, + config.ResourceType.CONFIG_RESOURCE_COMPLIANCE, + config.ResourceType.CONFIG_CONFORMANCE_PACK_COMPLIANCE, + config.ResourceType.DMS_EVENT_SUBSCRIPTION, + config.ResourceType.DMS_REPLICATION_SUBNET_GROUP, + config.ResourceType.GLOBALACCELERATOR_LISTENER, + config.ResourceType.GLOBALACCELERATOR_ENDPOINT_GROUP, + config.ResourceType.GLOBALACCELERATOR_ACCELERATOR, + config.ResourceType.IAM_ACCESSANALYZER_ANALYZER, + config.ResourceType.STEPFUNCTIONS_ACTIVITY, + config.ResourceType.STEPFUNCTIONS_STATE_MACHINE, + config.ResourceType.WAFV2_IP_SET, + config.ResourceType.WAFV2_REGEX_PATTERN_SET, + config.ResourceType.ELBV2_LISTENER, + ]), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Config::ConfigRule', { + Scope: { + ComplianceResourceTypes: [ + 'AWS::EC2::NetworkInterface', + 'AWS::EC2::TransitGateway', + 'AWS::EC2::TransitGatewayAttachment', + 'AWS::EC2::TransitGatewayRouteTable', + 'AWS::EC2::RegisteredHAInstance', + 'AWS::EC2::LaunchTemplate', + 'AWS::ECR::Repository', + 'AWS::ECR::PublicRepository', + 'AWS::ECS::Cluster', + 'AWS::ECS::TaskDefinition', + 'AWS::ECS::Service', + 'AWS::EFS::FileSystem', + 'AWS::EFS::AccessPoint', + 'AWS::EMR::SecurityConfiguration', + 'AWS::GuardDuty::Detector', + 'AWS::OpenSearch::Domain', + 'AWS::Kinesis::Stream', + 'AWS::Kinesis::StreamConsumer', + 'AWS::MSK::Cluster', + 'AWS::Route53Resolver::ResolverEndpoint', + 'AWS::Route53Resolver::ResolverRule', + 'AWS::Route53Resolver::ResolverRuleAssociation', + 'AWS::SageMaker::CodeRepository', + 'AWS::SageMaker::Model', + 'AWS::SageMaker::NotebookInstance', + 'AWS::WorkSpaces::ConnectionAlias', + 'AWS::WorkSpaces::Workspace', + 'AWS::Backup::BackupPlan', + 'AWS::Backup::BackupSelection', + 'AWS::Backup::BackupVault', + 'AWS::Backup::RecoveryPoint', + 'AWS::Batch::JobQueue', + 'AWS::Batch::ComputeEnvironment', + 'AWS::CodeDeploy::Application', + 'AWS::CodeDeploy::DeploymentConfig', + 'AWS::CodeDeploy::DeploymentGroup', + 'AWS::Config::ResourceCompliance', + 'AWS::Config::ConformancePackCompliance', + 'AWS::DMS::EventSubscription', + 'AWS::DMS::ReplicationSubnetGroup', + 'AWS::GlobalAccelerator::Listener', + 'AWS::GlobalAccelerator::EndpointGroup', + 'AWS::GlobalAccelerator::Accelerator', + 'AWS::AccessAnalyzer::Analyzer', + 'AWS::StepFunctions::Activity', + 'AWS::StepFunctions::StateMachine', + 'AWS::WAFv2::IPSet', + 'AWS::WAFv2::RegexPatternSet', + 'AWS::ElasticLoadBalancingV2::Listener', + ], + }, + }); + }); + }); diff --git a/packages/@aws-cdk/aws-ec2/lib/launch-template.ts b/packages/@aws-cdk/aws-ec2/lib/launch-template.ts index ea25070ff7b62..790940efc6e95 100644 --- a/packages/@aws-cdk/aws-ec2/lib/launch-template.ts +++ b/packages/@aws-cdk/aws-ec2/lib/launch-template.ts @@ -563,6 +563,7 @@ export class LaunchTemplate extends Resource implements ILaunchTemplate, iam.IGr } this.tags = new TagManager(TagType.KEY_VALUE, 'AWS::EC2::LaunchTemplate'); + const tagsToken = Lazy.any({ produce: () => { if (this.tags.hasTags()) { @@ -588,6 +589,27 @@ export class LaunchTemplate extends Resource implements ILaunchTemplate, iam.IGr }, }); + const ltTagsToken = Lazy.any({ + produce: () => { + if (this.tags.hasTags()) { + const renderedTags = this.tags.renderTags(); + const lowerCaseRenderedTags = renderedTags.map( (tag: { [key: string]: string}) => { + return { + key: tag.Key, + value: tag.Value, + }; + }); + return [ + { + resourceType: 'launch-template', + tags: lowerCaseRenderedTags, + }, + ]; + } + return undefined; + }, + }); + const resource = new CfnLaunchTemplate(this, 'Resource', { launchTemplateName: props?.launchTemplateName, launchTemplateData: { @@ -655,6 +677,7 @@ export class LaunchTemplate extends Resource implements ILaunchTemplate, iam.IGr // placement: undefined, }, + tagSpecifications: ltTagsToken, }); Tags.of(this).add(NAME_TAG, this.node.path); diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts index ccb23517c4ff6..b2ce23975af8a 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts @@ -260,8 +260,14 @@ export class InterfaceVpcEndpointService implements IInterfaceVpcEndpointService export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointService { public static readonly SAGEMAKER_NOTEBOOK = new InterfaceVpcEndpointAwsService('notebook', 'aws.sagemaker'); public static readonly ATHENA = new InterfaceVpcEndpointAwsService('athena'); + public static readonly APPLICATION_AUTOSCALING = new InterfaceVpcEndpointAwsService('application-autoscaling'); + public static readonly AUTOSCALING = new InterfaceVpcEndpointAwsService('autoscaling'); + public static readonly AUTOSCALING_PLANS = new InterfaceVpcEndpointAwsService('autoscaling-plans'); + public static readonly BATCH = new InterfaceVpcEndpointAwsService('batch'); public static readonly CLOUDFORMATION = new InterfaceVpcEndpointAwsService('cloudformation'); public static readonly CLOUDTRAIL = new InterfaceVpcEndpointAwsService('cloudtrail'); + public static readonly CODEARTIFACT_API = new InterfaceVpcEndpointAwsService('codeartifact.api'); + public static readonly CODEARTIFACT_REPOSITORIES = new InterfaceVpcEndpointAwsService('codeartifact.repositories'); public static readonly CODEBUILD = new InterfaceVpcEndpointAwsService('codebuild'); public static readonly CODEBUILD_FIPS = new InterfaceVpcEndpointAwsService('codebuild-fips'); public static readonly CODECOMMIT = new InterfaceVpcEndpointAwsService('codecommit'); @@ -294,6 +300,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly CLOUDWATCH = new InterfaceVpcEndpointAwsService('monitoring'); public static readonly RDS = new InterfaceVpcEndpointAwsService('rds'); public static readonly RDS_DATA = new InterfaceVpcEndpointAwsService('rds-data'); + public static readonly S3 = new InterfaceVpcEndpointAwsService('s3'); public static readonly SAGEMAKER_API = new InterfaceVpcEndpointAwsService('sagemaker.api'); public static readonly SAGEMAKER_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.runtime'); public static readonly SAGEMAKER_RUNTIME_FIPS = new InterfaceVpcEndpointAwsService('sagemaker.runtime-fips'); diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index 9c0a81de000a0..a155c4d6bd249 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -260,12 +260,17 @@ "docs-public-apis:@aws-cdk/aws-ec2.GatewayVpcEndpointAwsService.DYNAMODB", "docs-public-apis:@aws-cdk/aws-ec2.GatewayVpcEndpointAwsService.S3", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APIGATEWAY", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APPLICATION_AUTOSCALING", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.AUTOSCALING", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.AUTOSCALING_PLANS", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.ATHENA", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDFORMATION", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDTRAIL", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_EVENTS", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEARTIFACT_API", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEARTIFACT_REPOSITORIES", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEBUILD", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEBUILD_FIPS", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODECOMMIT", @@ -276,6 +281,7 @@ "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEGURU_REVIEWER", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CODEPIPELINE", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.CONFIG", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.BATCH", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.EC2", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.EC2_MESSAGES", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.ECR", @@ -294,6 +300,7 @@ "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.KMS", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.RDS", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.RDS_DATA", + "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.S3", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SAGEMAKER_API", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SAGEMAKER_NOTEBOOK", "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.SAGEMAKER_RUNTIME", diff --git a/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts b/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts index 90916eea165f5..29b4f25676418 100644 --- a/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/launch-template.test.ts @@ -74,6 +74,17 @@ describe('LaunchTemplate', () => { }, ], }, + TagSpecifications: [ + { + ResourceType: 'launch-template', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + ], }); Template.fromStack(stack).resourceCountIs('AWS::IAM::InstanceProfile', 0); expect(() => { template.grantPrincipal; }).toThrow(); @@ -248,6 +259,17 @@ describe('LaunchTemplate', () => { }, ], }, + TagSpecifications: [ + { + ResourceType: 'launch-template', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + ], + }, + ], }); expect(template.role).toBeDefined(); expect(template.grantPrincipal).toBeDefined(); @@ -533,6 +555,21 @@ describe('LaunchTemplate', () => { }, ], }, + TagSpecifications: [ + { + ResourceType: 'launch-template', + Tags: [ + { + Key: 'Name', + Value: 'Default/Template', + }, + { + Key: 'TestKey', + Value: 'TestValue', + }, + ], + }, + ], }); }); diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-endpoint.test.ts b/packages/@aws-cdk/aws-ec2/test/vpc-endpoint.test.ts index 7ad9568478b51..df65f805670c8 100644 --- a/packages/@aws-cdk/aws-ec2/test/vpc-endpoint.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/vpc-endpoint.test.ts @@ -734,6 +734,7 @@ describe('vpc endpoint', () => { }); + test('test vpc interface endpoint for transcribe can be created correctly in cn-northwest-1', () => { //GIVEN const stack = new Stack(undefined, 'TestStack', { env: { account: '123456789012', region: 'cn-northwest-1' } }); @@ -751,5 +752,99 @@ describe('vpc endpoint', () => { }); + + test('test codeartifact vpc interface endpoint in us-west-2', () => { + //GIVEN + const stack = new Stack(undefined, 'TestStack', { env: { account: '123456789012', region: 'us-west-2' } }); + const vpc = new Vpc(stack, 'VPC'); + + //WHEN + vpc.addInterfaceEndpoint('CodeArtifact API Endpoint', { + service: InterfaceVpcEndpointAwsService.CODEARTIFACT_API, + }); + + vpc.addInterfaceEndpoint('CodeArtifact Repositories Endpoint', { + service: InterfaceVpcEndpointAwsService.CODEARTIFACT_REPOSITORIES, + }); + + //THEN + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.codeartifact.repositories', + }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.codeartifact.api', + }); + + }); + + test('test s3 vpc interface endpoint in us-west-2', () => { + //GIVEN + const stack = new Stack(undefined, 'TestStack', { env: { account: '123456789012', region: 'us-west-2' } }); + const vpc = new Vpc(stack, 'VPC'); + + //WHEN + vpc.addInterfaceEndpoint('CodeArtifact API Endpoint', { + service: InterfaceVpcEndpointAwsService.S3, + }); + + //THEN + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.s3', + }); + + }); + + test('test batch vpc interface endpoint in us-west-2', () => { + //GIVEN + const stack = new Stack(undefined, 'TestStack', { env: { account: '123456789012', region: 'us-west-2' } }); + const vpc = new Vpc(stack, 'VPC'); + + //WHEN + vpc.addInterfaceEndpoint('CodeArtifact API Endpoint', { + service: InterfaceVpcEndpointAwsService.BATCH, + }); + + //THEN + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.batch', + }); + + }); + + test('test autoscaling vpc interface endpoint in us-west-2', () => { + //GIVEN + const stack = new Stack(undefined, 'TestStack', { env: { account: '123456789012', region: 'us-west-2' } }); + const vpc = new Vpc(stack, 'VPC'); + + //WHEN + vpc.addInterfaceEndpoint('Autoscaling API Endpoint', { + service: InterfaceVpcEndpointAwsService.AUTOSCALING, + }); + + vpc.addInterfaceEndpoint('Autoscaling-plan API Endpoint', { + service: InterfaceVpcEndpointAwsService.AUTOSCALING_PLANS, + }); + + vpc.addInterfaceEndpoint('Application-Autoscaling API Endpoint', { + service: InterfaceVpcEndpointAwsService.APPLICATION_AUTOSCALING, + }); + + //THEN + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.autoscaling', + }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.autoscaling-plans', + }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpoint', { + ServiceName: 'com.amazonaws.us-west-2.application-autoscaling', + }); + }); }); }); diff --git a/packages/@aws-cdk/aws-ecs-patterns/README.md b/packages/@aws-cdk/aws-ecs-patterns/README.md index 36d366c1d64c3..879608a005605 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/README.md +++ b/packages/@aws-cdk/aws-ecs-patterns/README.md @@ -653,6 +653,172 @@ const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargat }); ``` +### Select idleTimeout for ApplicationMultipleTargetGroupsFargateService + +```ts +import { Certificate } from '@aws-cdk/aws-certificatemanager'; +import { InstanceType } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { ApplicationProtocol, SslPolicy } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { PublicHostedZone } from '@aws-cdk/aws-route53'; +const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); +const loadBalancedFargateService = new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(this, 'myService', { + cluster: new ecs.Cluster(this, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: new PublicHostedZone(this, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(this, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(120), + domainName: 'frontend.com', + domainZone: new PublicHostedZone(this, 'HostedZone', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(this, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], +}); +``` + +### Set health checks for ApplicationMultipleTargetGroupsFargateService + +```ts +import { Certificate } from '@aws-cdk/aws-certificatemanager'; +import { InstanceType } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { ApplicationProtocol,Protocol, SslPolicy } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { PublicHostedZone } from '@aws-cdk/aws-route53'; +const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); + +const loadBalancedFargateService = new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(this, 'myService', { + cluster: new ecs.Cluster(this, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: new PublicHostedZone(this, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(this, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(120), + domainName: 'frontend.com', + domainZone: new PublicHostedZone(this, 'HostedZone', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(this, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], +}); + +loadBalancedFargateService.targetGroups[0].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + + +loadBalancedFargateService.targetGroups[1].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + +``` + + ### Set PlatformVersion for ScheduledFargateTask ```ts diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts index c5e1dbf0d7370..14973d3295362 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts @@ -304,6 +304,13 @@ export interface ApplicationLoadBalancerProps { * @default - No Route53 hosted domain zone. */ readonly domainZone?: IHostedZone; + + /** + * The load balancer idle timeout, in seconds + * + * @default - CloudFormation sets idle timeout to 60 seconds + */ + readonly idleTimeout?: Duration; } /** @@ -371,11 +378,13 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends Constru /** * The default Application Load Balancer for the service (first added load balancer). + * @deprecated - Use `loadBalancers` instead. */ public readonly loadBalancer: ApplicationLoadBalancer; /** - * The default listener for the service (first added listener). + * The default listener for the service (first added listener). + * @deprecated - Use `listeners` instead. */ public readonly listener: ApplicationListener; @@ -385,10 +394,18 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends Constru public readonly cluster: ICluster; protected logDriver?: LogDriver; - protected listeners = new Array(); - protected targetGroups = new Array(); - - private loadBalancers = new Array(); + /** + * The listeners of the service. + */ + public readonly listeners = new Array(); + /** + * The target groups of the service. + */ + public readonly targetGroups = new Array(); + /** + * The load balancers of the service. + */ + public readonly loadBalancers = new Array(); /** * Constructs a new instance of the ApplicationMultipleTargetGroupsServiceBase class. @@ -408,8 +425,9 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends Constru } if (props.loadBalancers) { + this.validateLbProps(props.loadBalancers); for (const lbProps of props.loadBalancers) { - const lb = this.createLoadBalancer(lbProps.name, lbProps.publicLoadBalancer); + const lb = this.createLoadBalancer(lbProps.name, lbProps.publicLoadBalancer, lbProps.idleTimeout); this.loadBalancers.push(lb); const protocolType = new Set(); for (const listenerProps of lbProps.listeners) { @@ -564,11 +582,23 @@ export abstract class ApplicationMultipleTargetGroupsServiceBase extends Constru } } - private createLoadBalancer(name: string, publicLoadBalancer?: boolean): ApplicationLoadBalancer { + private validateLbProps(props: ApplicationLoadBalancerProps[]) { + for (let prop of props) { + if (prop.idleTimeout) { + if (prop.idleTimeout > Duration.seconds(4000) || prop.idleTimeout < Duration.seconds(1)) { + throw new Error('Load balancer idle timeout must be between 1 and 4000 seconds.'); + } + } + } + + } + + private createLoadBalancer(name: string, publicLoadBalancer?: boolean, idleTimeout?: Duration): ApplicationLoadBalancer { const internetFacing = publicLoadBalancer ?? true; const lbProps = { vpc: this.cluster.vpc, internetFacing, + idleTimeout: idleTimeout, }; return new ApplicationLoadBalancer(this, name, lbProps); diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts index 6f3189c8937c7..1783a84967196 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts @@ -289,11 +289,13 @@ export abstract class NetworkMultipleTargetGroupsServiceBase extends Construct { /** * The Network Load Balancer for the service. + * @deprecated - Use `loadBalancers` instead. */ public readonly loadBalancer: NetworkLoadBalancer; /** * The listener for the service. + * @deprecated - Use `listeners` instead. */ public readonly listener: NetworkListener; @@ -303,10 +305,18 @@ export abstract class NetworkMultipleTargetGroupsServiceBase extends Construct { public readonly cluster: ICluster; protected logDriver?: LogDriver; - protected listeners = new Array(); - protected targetGroups = new Array(); - - private loadBalancers = new Array(); + /** + * The listeners of the service. + */ + public readonly listeners = new Array(); + /** + * The target groups of the service. + */ + public readonly targetGroups = new Array(); + /** + * The load balancers of the service. + */ + public readonly loadBalancers = new Array(); /** * Constructs a new instance of the NetworkMultipleTargetGroupsServiceBase class. diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts index 9fd2441621bd3..4950338194015 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts @@ -92,6 +92,7 @@ export class ApplicationMultipleTargetGroupsEc2Service extends ApplicationMultip public readonly taskDefinition: Ec2TaskDefinition; /** * The default target group for the service. + * @deprecated - Use `targetGroups` instead. */ public readonly targetGroup: ApplicationTargetGroup; diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts index fc9e92d6f5ef3..19b5a8634bfef 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts @@ -91,6 +91,7 @@ export class NetworkMultipleTargetGroupsEc2Service extends NetworkMultipleTarget public readonly taskDefinition: Ec2TaskDefinition; /** * The default target group for the service. + * @deprecated - Use `targetGroups` instead. */ public readonly targetGroup: NetworkTargetGroup; diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts index b527daabf0e0e..b72ba9324cbc6 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts @@ -106,6 +106,7 @@ export class ApplicationMultipleTargetGroupsFargateService extends ApplicationMu /** * The default target group for the service. + * @deprecated - Use `targetGroups` instead. */ public readonly targetGroup: ApplicationTargetGroup; diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts index eca9e6b037d37..5d40ebe104cc8 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts @@ -106,6 +106,7 @@ export class NetworkMultipleTargetGroupsFargateService extends NetworkMultipleTa /** * The default target group for the service. + * @deprecated - Use `targetGroups` instead. */ public readonly targetGroup: NetworkTargetGroup; diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/integ.json index 17ffa192cde64..2602549529e34 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/integ.json @@ -1,14 +1,11 @@ { "version": "20.0.0", "testCases": { - "@aws-cdk/aws-ecs-patterns/test/ec2/integ.application-load-balanced-ecs-service": { + "applicationLoadBalancedEc2ServiceTest/DefaultTest": { "stacks": [ "aws-ecs-integ" ], - "diffAssets": false, - "stackUpdateWorkflow": true + "assertionStack": "applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A" } - }, - "synthContext": {}, - "enableLookups": false + } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/manifest.json index 3f7a29b48068a..470d60a2d35bb 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/manifest.json @@ -329,6 +329,15 @@ ] }, "displayName": "aws-ecs-integ" + }, + "applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "applicationLoadBalancedEc2ServiceTestDefaultTestDeployAssert3356477A.template.json", + "validateOnSynth": false + }, + "displayName": "applicationLoadBalancedEc2ServiceTest/DefaultTest/DeployAssert" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/tree.json index 32be27899fdd6..27a809458018f 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.49" } }, "aws-ecs-integ": { @@ -1803,6 +1803,42 @@ "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" } + }, + "applicationLoadBalancedEc2ServiceTest": { + "id": "applicationLoadBalancedEc2ServiceTest", + "path": "applicationLoadBalancedEc2ServiceTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "applicationLoadBalancedEc2ServiceTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "applicationLoadBalancedEc2ServiceTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.49" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "applicationLoadBalancedEc2ServiceTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json new file mode 100644 index 0000000000000..97493686abf9a --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json @@ -0,0 +1,1347 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb1SecurityGroup1B4AB3AE32768655359B529E90": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 32768, + "GroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "ToPort": 65535 + } + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A32768655350C2BEE3F": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 32768, + "GroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ToPort": 65535 + } + }, + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466": { + "Type": "AWS::AutoScaling::LaunchConfiguration", + "Properties": { + "ImageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "InstanceType": "t2.micro", + "IamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "UserData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + ] + }, + "ClusterDefaultAutoScalingGroupASG0F98E147": { + "Type": "AWS::AutoScaling::AutoScalingGroup", + "Properties": { + "MaxSize": "1", + "MinSize": "1", + "LaunchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "Tags": [ + { + "Key": "Name", + "PropagateAtLaunch": true, + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VPCZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + }, + "UpdatePolicy": { + "AutoScalingReplacingUpdate": { + "WillReplace": true + }, + "AutoScalingScheduledAction": { + "IgnoreUnmodifiedGroupSizeProperties": true + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "Role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "Environment": { + "Variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "Handler": "index.lambda_handler", + "Runtime": "python3.9", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "Timeout": 310 + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + ] + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "Principal": "sns.amazonaws.com", + "SourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC": { + "Type": "AWS::SNS::Subscription", + "Properties": { + "Protocol": "lambda", + "TopicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "Endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB": { + "Type": "AWS::SNS::Topic", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325": { + "Type": "AWS::AutoScaling::LifecycleHook", + "Properties": { + "AutoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "DefaultResult": "CONTINUE", + "HeartbeatTimeout": 300, + "NotificationTargetARN": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "RoleARN": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + ] + }, + "myServicelb1FA8CBE12": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb1SecurityGroup342C51EA": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb1F7E1D606", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb1SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E648232768655354FEE8C76": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "FromPort": 32768, + "ToPort": 65535 + } + }, + "myServicelb1listener15ED0E805": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": 30, + "HealthCheckPort": "8050", + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": 10, + "HealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200" + }, + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "UnhealthyThresholdCount": 2, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2C84C7BCB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb2SecurityGroupEB00B5B9": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E64823276865535FF83B71B": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "FromPort": 32768, + "ToPort": 65535 + } + }, + "myServicelb2listener2AA6970EB": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "myServicelb2listener2ECSTargetGroupweb90Group6841F924": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": 30, + "HealthCheckPort": "8050", + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": 10, + "HealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200" + }, + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "UnhealthyThresholdCount": 2, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Memory": 512, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "HostPort": 0, + "Protocol": "tcp" + }, + { + "ContainerPort": 90, + "HostPort": 0, + "Protocol": "tcp" + } + ] + } + ], + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "NetworkMode": "bridge", + "RequiresCompatibilities": [ + "EC2" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "EC2", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + }, + { + "ContainerName": "web", + "ContainerPort": 90, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "SchedulingStrategy": "REPLICA", + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A", + "myServicelb1listener15ED0E805", + "myServicelb2listener2ECSTargetGroupweb90Group6841F924", + "myServicelb2listener2AA6970EB" + ] + } + }, + "Parameters": { + "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" + } + }, + "Outputs": { + "myServiceLoadBalancerDNSlb1341EE21A": { + "Value": { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + }, + "myServiceServiceURLlb1httpAFA12FD3": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + ] + ] + } + }, + "myServiceLoadBalancerDNSlb2DDCE46C8": { + "Value": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + }, + "myServiceServiceURLlb2http935C1443": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + ] + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/integ.json new file mode 100644 index 0000000000000..7d88ed348230e --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "aws-ecs-integ" + ], + "assertionStack": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..44dc3a34f2ad0 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/manifest.json @@ -0,0 +1,403 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-ecs-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ.template.json", + "validateOnSynth": false + }, + "metadata": { + "/aws-ecs-integ/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb1SecurityGroup1B4AB3AE32768655359B529E90" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A32768655350C2BEE3F" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325" + } + ], + "/aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + } + ], + "/aws-ecs-integ/myService/lb1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1FA8CBE12" + } + ], + "/aws-ecs-integ/myService/lb1/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1SecurityGroup342C51EA" + } + ], + "/aws-ecs-integ/myService/lb1/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E648232768655354FEE8C76" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener15ED0E805" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb1": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb1341EE21A" + } + ], + "/aws-ecs-integ/myService/ServiceURLlb1http": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlb1httpAFA12FD3" + } + ], + "/aws-ecs-integ/myService/lb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2C84C7BCB" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGroupEB00B5B9" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E64823276865535FF83B71B" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2AA6970EB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb2": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb2DDCE46C8" + } + ], + "/aws-ecs-integ/myService/ServiceURLlb2http": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlb2http935C1443" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRole1C1DE6CC" + } + ], + "/aws-ecs-integ/myService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDef7FB8322A" + } + ], + "/aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefwebLogGroupA1767F2C" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRole618CD311" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571" + } + ], + "/aws-ecs-integ/myService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceB0B6FAA0" + } + ] + }, + "displayName": "aws-ecs-integ" + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/tree.json new file mode 100644 index 0000000000000..435e78add54d3 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-application-load-balanced-ecs-service.integ.snapshot/tree.json @@ -0,0 +1,2200 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "aws-ecs-integ": { + "id": "aws-ecs-integ", + "path": "aws-ecs-integ", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-ecs-integ/Cluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnCluster", + "version": "0.0.0" + } + }, + "DefaultAutoScalingGroup": { + "id": "DefaultAutoScalingGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "children": { + "InstanceSecurityGroup": { + "id": "InstanceSecurityGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:32768-65535": { + "id": "from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:32768-65535", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 32768, + "groupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535": { + "id": "from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 32768, + "groupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "LaunchConfig": { + "id": "LaunchConfig", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LaunchConfiguration", + "aws:cdk:cloudformation:props": { + "imageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "instanceType": "t2.micro", + "iamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "securityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "userData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLaunchConfiguration", + "version": "0.0.0" + } + }, + "ASG": { + "id": "ASG", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::AutoScalingGroup", + "aws:cdk:cloudformation:props": { + "maxSize": "1", + "minSize": "1", + "launchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "propagateAtLaunch": true + } + ], + "vpcZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnAutoScalingGroup", + "version": "0.0.0" + } + }, + "DrainECSHook": { + "id": "DrainECSHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook", + "children": { + "Function": { + "id": "Function", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "environment": { + "variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "handler": "index.lambda_handler", + "runtime": "python3.9", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "timeout": 310 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + }, + "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": { + "id": "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "principal": "sns.amazonaws.com", + "sourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + }, + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Subscription", + "aws:cdk:cloudformation:props": { + "protocol": "lambda", + "topicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnSubscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Subscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "LifecycleHookDrainHook": { + "id": "LifecycleHookDrainHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook", + "children": { + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Topic", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnTopic", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Topic", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LifecycleHook", + "aws:cdk:cloudformation:props": { + "autoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "lifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "defaultResult": "CONTINUE", + "heartbeatTimeout": 300, + "notificationTargetArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "roleArn": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.LifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.AutoScalingGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Cluster", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "myService": { + "id": "myService", + "path": "aws-ecs-integ/myService", + "children": { + "lb1": { + "id": "lb1", + "path": "aws-ecs-integ/myService/lb1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb1F7E1D606", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 80, + "toPort": 80, + "description": "Allow from anyone on port 80" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": { + "id": "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "fromPort": 32768, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener1": { + "id": "listener1", + "path": "aws-ecs-integ/myService/lb1/listener1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "port": 80, + "protocol": "HTTP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckIntervalSeconds": 30, + "healthCheckPort": "8050", + "healthCheckProtocol": "HTTP", + "healthCheckTimeoutSeconds": 10, + "healthyThresholdCount": 2, + "matcher": { + "httpCode": "200" + }, + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "unhealthyThresholdCount": 2, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb1": { + "id": "LoadBalancerDNSlb1", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb1", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlb1http": { + "id": "ServiceURLlb1http", + "path": "aws-ecs-integ/myService/ServiceURLlb1http", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "lb2": { + "id": "lb2", + "path": "aws-ecs-integ/myService/lb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 80, + "toPort": 80, + "description": "Allow from anyone on port 80" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": { + "id": "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "fromPort": 32768, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener2": { + "id": "listener2", + "path": "aws-ecs-integ/myService/lb2/listener2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "port": 80, + "protocol": "HTTP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Group": { + "id": "ECSTargetGroupweb90Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckIntervalSeconds": 30, + "healthCheckPort": "8050", + "healthCheckProtocol": "HTTP", + "healthCheckTimeoutSeconds": 10, + "healthyThresholdCount": 2, + "matcher": { + "httpCode": "200" + }, + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "unhealthyThresholdCount": 2, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb2": { + "id": "LoadBalancerDNSlb2", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb2", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlb2http": { + "id": "ServiceURLlb2http", + "path": "aws-ecs-integ/myService/ServiceURLlb2http", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ/myService/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "memory": 512, + "name": "web", + "portMappings": [ + { + "containerPort": 80, + "hostPort": 0, + "protocol": "tcp" + }, + { + "containerPort": 90, + "hostPort": 0, + "protocol": "tcp" + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + } + } + ], + "executionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "family": "awsecsintegmyServiceTaskDefA3A33D18", + "networkMode": "bridge", + "requiresCompatibilities": [ + "EC2" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ/myService/TaskDef/web", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "ExecutionRole": { + "id": "ExecutionRole", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2TaskDefinition", + "version": "0.0.0" + } + }, + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "ClusterEB0386A7" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50 + }, + "enableEcsManagedTags": false, + "healthCheckGracePeriodSeconds": 60, + "launchType": "EC2", + "loadBalancers": [ + { + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "containerName": "web", + "containerPort": 80 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "containerName": "web", + "containerPort": 90 + } + ], + "schedulingStrategy": "REPLICA", + "taskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs-patterns.ApplicationMultipleTargetGroupsEc2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json new file mode 100644 index 0000000000000..cd263045feb42 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.template.json @@ -0,0 +1,1151 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466": { + "Type": "AWS::AutoScaling::LaunchConfiguration", + "Properties": { + "ImageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "InstanceType": "t2.micro", + "IamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "UserData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + ] + }, + "ClusterDefaultAutoScalingGroupASG0F98E147": { + "Type": "AWS::AutoScaling::AutoScalingGroup", + "Properties": { + "MaxSize": "1", + "MinSize": "1", + "LaunchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "Tags": [ + { + "Key": "Name", + "PropagateAtLaunch": true, + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VPCZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + }, + "UpdatePolicy": { + "AutoScalingReplacingUpdate": { + "WillReplace": true + }, + "AutoScalingScheduledAction": { + "IgnoreUnmodifiedGroupSizeProperties": true + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "Role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "Environment": { + "Variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "Handler": "index.lambda_handler", + "Runtime": "python3.9", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "Timeout": 310 + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + ] + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "Principal": "sns.amazonaws.com", + "SourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC": { + "Type": "AWS::SNS::Subscription", + "Properties": { + "Protocol": "lambda", + "TopicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "Endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB": { + "Type": "AWS::SNS::Topic", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325": { + "Type": "AWS::AutoScaling::LifecycleHook", + "Properties": { + "AutoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "DefaultResult": "CONTINUE", + "HeartbeatTimeout": 300, + "NotificationTargetARN": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "RoleARN": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + ] + }, + "myServicelb1FA8CBE12": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb1listener15ED0E805": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "Port": 80, + "Protocol": "TCP" + } + }, + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckPort": "8050", + "Port": 80, + "Protocol": "TCP", + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2C84C7BCB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb2listener2AA6970EB": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "Port": 80, + "Protocol": "TCP" + } + }, + "myServicelb2listener2ECSTargetGroupweb90Group6841F924": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckPort": "8050", + "Port": 90, + "Protocol": "TCP", + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Memory": 512, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "HostPort": 0, + "Protocol": "tcp" + }, + { + "ContainerPort": 90, + "HostPort": 0, + "Protocol": "tcp" + } + ] + } + ], + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "NetworkMode": "bridge", + "RequiresCompatibilities": [ + "EC2" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "EC2", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + }, + { + "ContainerName": "web", + "ContainerPort": 90, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "SchedulingStrategy": "REPLICA", + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A", + "myServicelb1listener15ED0E805", + "myServicelb2listener2ECSTargetGroupweb90Group6841F924", + "myServicelb2listener2AA6970EB" + ] + } + }, + "Parameters": { + "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" + } + }, + "Outputs": { + "myServiceLoadBalancerDNSlb1341EE21A": { + "Value": { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + }, + "myServiceLoadBalancerDNSlb2DDCE46C8": { + "Value": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/integ.json new file mode 100644 index 0000000000000..7d88ed348230e --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "aws-ecs-integ" + ], + "assertionStack": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..e2ab030f939e1 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/manifest.json @@ -0,0 +1,355 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-ecs-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ.template.json", + "validateOnSynth": false + }, + "metadata": { + "/aws-ecs-integ/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325" + } + ], + "/aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + } + ], + "/aws-ecs-integ/myService/lb1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1FA8CBE12" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener15ED0E805" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb1": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb1341EE21A" + } + ], + "/aws-ecs-integ/myService/lb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2C84C7BCB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2AA6970EB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb2": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb2DDCE46C8" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRole1C1DE6CC" + } + ], + "/aws-ecs-integ/myService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDef7FB8322A" + } + ], + "/aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefwebLogGroupA1767F2C" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRole618CD311" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571" + } + ], + "/aws-ecs-integ/myService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceB0B6FAA0" + } + ] + }, + "displayName": "aws-ecs-integ" + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/tree.json new file mode 100644 index 0000000000000..5d4157669cdba --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/healthchecks-multiple-network-load-balanced-ecs-service.integ.snapshot/tree.json @@ -0,0 +1,1952 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "aws-ecs-integ": { + "id": "aws-ecs-integ", + "path": "aws-ecs-integ", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-ecs-integ/Cluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnCluster", + "version": "0.0.0" + } + }, + "DefaultAutoScalingGroup": { + "id": "DefaultAutoScalingGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "children": { + "InstanceSecurityGroup": { + "id": "InstanceSecurityGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "LaunchConfig": { + "id": "LaunchConfig", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LaunchConfiguration", + "aws:cdk:cloudformation:props": { + "imageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "instanceType": "t2.micro", + "iamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "securityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "userData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLaunchConfiguration", + "version": "0.0.0" + } + }, + "ASG": { + "id": "ASG", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::AutoScalingGroup", + "aws:cdk:cloudformation:props": { + "maxSize": "1", + "minSize": "1", + "launchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "propagateAtLaunch": true + } + ], + "vpcZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnAutoScalingGroup", + "version": "0.0.0" + } + }, + "DrainECSHook": { + "id": "DrainECSHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook", + "children": { + "Function": { + "id": "Function", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "environment": { + "variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "handler": "index.lambda_handler", + "runtime": "python3.9", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "timeout": 310 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + }, + "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": { + "id": "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "principal": "sns.amazonaws.com", + "sourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + }, + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Subscription", + "aws:cdk:cloudformation:props": { + "protocol": "lambda", + "topicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnSubscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Subscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "LifecycleHookDrainHook": { + "id": "LifecycleHookDrainHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook", + "children": { + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Topic", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnTopic", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Topic", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LifecycleHook", + "aws:cdk:cloudformation:props": { + "autoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "lifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "defaultResult": "CONTINUE", + "heartbeatTimeout": 300, + "notificationTargetArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "roleArn": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.LifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.AutoScalingGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Cluster", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "myService": { + "id": "myService", + "path": "aws-ecs-integ/myService", + "children": { + "lb1": { + "id": "lb1", + "path": "aws-ecs-integ/myService/lb1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "listener1": { + "id": "listener1", + "path": "aws-ecs-integ/myService/lb1/listener1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "port": 80, + "protocol": "TCP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckPort": "8050", + "port": 80, + "protocol": "TCP", + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb1": { + "id": "LoadBalancerDNSlb1", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb1", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "lb2": { + "id": "lb2", + "path": "aws-ecs-integ/myService/lb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "listener2": { + "id": "listener2", + "path": "aws-ecs-integ/myService/lb2/listener2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "port": 80, + "protocol": "TCP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Group": { + "id": "ECSTargetGroupweb90Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckPort": "8050", + "port": 90, + "protocol": "TCP", + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb2": { + "id": "LoadBalancerDNSlb2", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb2", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ/myService/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "memory": 512, + "name": "web", + "portMappings": [ + { + "containerPort": 80, + "hostPort": 0, + "protocol": "tcp" + }, + { + "containerPort": 90, + "hostPort": 0, + "protocol": "tcp" + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + } + } + ], + "executionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "family": "awsecsintegmyServiceTaskDefA3A33D18", + "networkMode": "bridge", + "requiresCompatibilities": [ + "EC2" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ/myService/TaskDef/web", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "ExecutionRole": { + "id": "ExecutionRole", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2TaskDefinition", + "version": "0.0.0" + } + }, + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "ClusterEB0386A7" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50 + }, + "enableEcsManagedTags": false, + "healthCheckGracePeriodSeconds": 60, + "launchType": "EC2", + "loadBalancers": [ + { + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "containerName": "web", + "containerPort": 80 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "containerName": "web", + "containerPort": 90 + } + ], + "schedulingStrategy": "REPLICA", + "taskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs-patterns.NetworkMultipleTargetGroupsEc2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-application-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-application-load-balanced-ecs-service.ts new file mode 100644 index 0000000000000..f3503b7a067e1 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-application-load-balanced-ecs-service.ts @@ -0,0 +1,80 @@ +import { InstanceType, Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { Protocol } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { App, Duration, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; + +import { ApplicationMultipleTargetGroupsEc2Service } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); +cluster.addCapacity('DefaultAutoScalingGroup', { instanceType: new InstanceType('t2.micro') }); + +// Two load balancers with two listeners and two target groups. +const applicationMultipleTargetGroupsFargateService = new ApplicationMultipleTargetGroupsEc2Service(stack, 'myService', { + cluster, + memoryLimitMiB: 512, + taskImageOptions: { + image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + loadBalancers: [ + { + name: 'lb1', + listeners: [ + { + name: 'listener1', + }, + ], + }, + { + name: 'lb2', + listeners: [ + { + name: 'listener2', + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener1', + }, + { + containerPort: 90, + listener: 'listener2', + }, + ], +}); + +applicationMultipleTargetGroupsFargateService.targetGroups[0].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + +applicationMultipleTargetGroupsFargateService.targetGroups[1].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + +applicationMultipleTargetGroupsFargateService.loadBalancers[0]._enableCrossEnvironment; +applicationMultipleTargetGroupsFargateService.loadBalancers[1]._enableCrossEnvironment; + +applicationMultipleTargetGroupsFargateService.listeners[0].listenerArn; +applicationMultipleTargetGroupsFargateService.listeners[1].listenerArn; + +new IntegTest(app, 'Integ', { testCases: [stack] }); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-network-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-network-load-balanced-ecs-service.ts new file mode 100644 index 0000000000000..c743c5a88db83 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.healthchecks-multiple-network-load-balanced-ecs-service.ts @@ -0,0 +1,62 @@ +import { InstanceType, Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { App, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { NetworkMultipleTargetGroupsEc2Service } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); +cluster.addCapacity('DefaultAutoScalingGroup', { instanceType: new InstanceType('t2.micro') }); +// Two load balancers with two listeners and two target groups. +const networkMultipleTargetGroupsFargateService = new NetworkMultipleTargetGroupsEc2Service(stack, 'myService', { + cluster, + memoryLimitMiB: 512, + taskImageOptions: { + image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + loadBalancers: [ + { + name: 'lb1', + listeners: [ + { + name: 'listener1', + }, + ], + }, + { + name: 'lb2', + listeners: [ + { + name: 'listener2', + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener1', + }, + { + containerPort: 90, + listener: 'listener2', + }, + ], +}); + +networkMultipleTargetGroupsFargateService.targetGroups[0].configureHealthCheck({ + port: '8050', +}); + +networkMultipleTargetGroupsFargateService.targetGroups[1].configureHealthCheck({ + port: '8050', +}); + +networkMultipleTargetGroupsFargateService.loadBalancers[0]._enableCrossEnvironment; +networkMultipleTargetGroupsFargateService.loadBalancers[1]._enableCrossEnvironment; + +new IntegTest(app, 'Integ', { testCases: [stack] }); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service-idle-timeout.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service-idle-timeout.ts new file mode 100644 index 0000000000000..764d379c3e391 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service-idle-timeout.ts @@ -0,0 +1,84 @@ +import { Certificate } from '@aws-cdk/aws-certificatemanager'; +import { InstanceType, Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { ApplicationProtocol, SslPolicy } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { PublicHostedZone } from '@aws-cdk/aws-route53'; +import { App, Duration, Stack } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; + +import { ApplicationMultipleTargetGroupsEc2Service } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const zone = new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); +cluster.addCapacity('DefaultAutoScalingGroup', { instanceType: new InstanceType('t2.micro') }); + +// Two load balancers with different idle timeouts. +new ApplicationMultipleTargetGroupsEc2Service(stack, 'myService', { + cluster, + memoryLimitMiB: 256, + taskImageOptions: { + image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: zone, + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(400), + domainName: 'frontend.example.com', + domainZone: zone, + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], +}); + +new integ.IntegTest(app, 'multiAlbEcsEc2Test', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/l3s.test.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/l3s.test.ts index 0d751433e05c5..c28b3071c8263 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/l3s.test.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/l3s.test.ts @@ -927,6 +927,293 @@ test('idletime is undefined when not set', () => { }); }); +test('errors when idleTimeout is over 4000 seconds for multiAlbService', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // THEN + expect(() => { + new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(stack, 'myService', { + cluster: new ecs.Cluster(stack, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(5000), + domainName: 'frontend.com', + domainZone: new PublicHostedZone(stack, 'HostedZone2', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], + }); + }).toThrowError(); +}); + +test('errors when idleTimeout is under 1 seconds for multiAlbService', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // THEN + expect(() => { + new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(stack, 'myService', { + cluster: new ecs.Cluster(stack, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(0), + domainName: 'frontend.com', + domainZone: new PublicHostedZone(stack, 'HostedZone2', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], + }); + }).toThrowError(); +}); + +test('passes when idleTimeout is between 1 and 4000 seconds for multiAlbService', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // THEN + expect(() => { + new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(stack, 'myService', { + cluster: new ecs.Cluster(stack, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + idleTimeout: Duration.seconds(400), + domainName: 'api.example.com', + domainZone: new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + idleTimeout: Duration.seconds(120), + domainName: 'frontend.com', + domainZone: new PublicHostedZone(stack, 'HostedZone2', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], + }); + }).toBeTruthy(); +}); + +test('idletime is undefined when not set for multiAlbService', () => { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // WHEN + new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(stack, 'myService', { + cluster: new ecs.Cluster(stack, 'EcsCluster', { vpc }), + memoryLimitMiB: 256, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + enableExecuteCommand: true, + loadBalancers: [ + { + name: 'lb', + domainName: 'api.example.com', + domainZone: new PublicHostedZone(stack, 'HostedZone', { zoneName: 'example.com' }), + listeners: [ + { + name: 'listener', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + { + name: 'lb2', + domainName: 'frontend.com', + domainZone: new PublicHostedZone(stack, 'HostedZone2', { zoneName: 'frontend.com' }), + listeners: [ + { + name: 'listener2', + protocol: ApplicationProtocol.HTTPS, + certificate: Certificate.fromCertificateArn(stack, 'Cert2', 'helloworld'), + sslPolicy: SslPolicy.TLS12_EXT, + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener', + }, + { + containerPort: 90, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener', + }, + { + containerPort: 443, + listener: 'listener2', + }, + { + containerPort: 80, + pathPattern: 'a/b/c', + priority: 10, + listener: 'listener2', + }, + ], + }); + + // THEN - stack contains default LoadBalancer Attributes + Template.fromStack(stack).hasResourceProperties('AWS::ElasticLoadBalancingV2::LoadBalancer', { + LoadBalancerAttributes: [ + { + Key: 'deletion_protection.enabled', + Value: 'false', + }, + ], + }); +}); + + test('test Fargate loadbalanced construct with optional log driver input', () => { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/aws-ecs-integ.template.json new file mode 100644 index 0000000000000..1f92840411d3f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/aws-ecs-integ.template.json @@ -0,0 +1,1555 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "HostedZoneDB99F866": { + "Type": "AWS::Route53::HostedZone", + "Properties": { + "Name": "example.com." + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelbSecurityGroup3AE0D1673276865535F3D481F7": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 32768, + "GroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + }, + "ToPort": 65535 + } + }, + "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A32768655350C2BEE3F": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 32768, + "GroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ToPort": 65535 + } + }, + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466": { + "Type": "AWS::AutoScaling::LaunchConfiguration", + "Properties": { + "ImageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "InstanceType": "t2.micro", + "IamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "UserData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + ] + }, + "ClusterDefaultAutoScalingGroupASG0F98E147": { + "Type": "AWS::AutoScaling::AutoScalingGroup", + "Properties": { + "MaxSize": "1", + "MinSize": "1", + "LaunchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "Tags": [ + { + "Key": "Name", + "PropagateAtLaunch": true, + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "VPCZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + }, + "UpdatePolicy": { + "AutoScalingReplacingUpdate": { + "WillReplace": true + }, + "AutoScalingScheduledAction": { + "IgnoreUnmodifiedGroupSizeProperties": true + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "Role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "Environment": { + "Variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "Handler": "index.lambda_handler", + "Runtime": "python3.9", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "Timeout": 310 + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + ] + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "Principal": "sns.amazonaws.com", + "SourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC": { + "Type": "AWS::SNS::Subscription", + "Properties": { + "Protocol": "lambda", + "TopicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "Endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB": { + "Type": "AWS::SNS::Topic", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "Roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325": { + "Type": "AWS::AutoScaling::LifecycleHook", + "Properties": { + "AutoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "DefaultResult": "CONTINUE", + "HeartbeatTimeout": 300, + "NotificationTargetARN": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "RoleARN": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + }, + "DependsOn": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + ] + }, + "myServicelb360A9ADD": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + }, + { + "Key": "idle_timeout.timeout_seconds", + "Value": "400" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelbSecurityGroup97C897CA": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb8B06FF8F", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 443", + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelbSecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482327686553538B6E8FC": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "FromPort": 32768, + "ToPort": 65535 + } + }, + "myServicelblistener1D7944F2": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb360A9ADD" + }, + "Certificates": [ + { + "CertificateArn": "helloworld" + } + ], + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" + } + }, + "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelblistenerECSTargetGroupweb90Group4AA47881": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelblistenerECSTargetGroupweb90Rule68215E8D": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", + "Properties": { + "Actions": [ + { + "TargetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb90Group4AA47881" + }, + "Type": "forward" + } + ], + "Conditions": [ + { + "Field": "path-pattern", + "PathPatternConfig": { + "Values": [ + "a/b/c" + ] + } + } + ], + "ListenerArn": { + "Ref": "myServicelblistener1D7944F2" + }, + "Priority": 10 + } + }, + "myServiceDNSlb1E167074": { + "Type": "AWS::Route53::RecordSet", + "Properties": { + "Name": "api.example.com.", + "Type": "A", + "AliasTarget": { + "DNSName": { + "Fn::Join": [ + "", + [ + "dualstack.", + { + "Fn::GetAtt": [ + "myServicelb360A9ADD", + "DNSName" + ] + } + ] + ] + }, + "HostedZoneId": { + "Fn::GetAtt": [ + "myServicelb360A9ADD", + "CanonicalHostedZoneID" + ] + } + }, + "HostedZoneId": { + "Ref": "HostedZoneDB99F866" + } + } + }, + "myServicelb2C84C7BCB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + }, + { + "Key": "idle_timeout.timeout_seconds", + "Value": "400" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb2SecurityGroupEB00B5B9": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 443", + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E64823276865535FF83B71B": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "FromPort": 32768, + "ToPort": 65535 + } + }, + "myServicelb2listener2AA6970EB": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "Certificates": [ + { + "CertificateArn": "helloworld" + } + ], + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" + } + }, + "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "instance", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2listener2ECSTargetGroupweb80Rule2490715C": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", + "Properties": { + "Actions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6" + }, + "Type": "forward" + } + ], + "Conditions": [ + { + "Field": "path-pattern", + "PathPatternConfig": { + "Values": [ + "a/b/c" + ] + } + } + ], + "ListenerArn": { + "Ref": "myServicelb2listener2AA6970EB" + }, + "Priority": 10 + } + }, + "myServiceDNSlb2811DE909": { + "Type": "AWS::Route53::RecordSet", + "Properties": { + "Name": "frontend.example.com.", + "Type": "A", + "AliasTarget": { + "DNSName": { + "Fn::Join": [ + "", + [ + "dualstack.", + { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + ] + ] + }, + "HostedZoneId": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "CanonicalHostedZoneID" + ] + } + }, + "HostedZoneId": { + "Ref": "HostedZoneDB99F866" + } + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefTaskRoleDefaultPolicyD48473C0": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "ssmmessages:CreateControlChannel", + "ssmmessages:CreateDataChannel", + "ssmmessages:OpenControlChannel", + "ssmmessages:OpenDataChannel" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefTaskRoleDefaultPolicyD48473C0", + "Roles": [ + { + "Ref": "myServiceTaskDefTaskRole1C1DE6CC" + } + ] + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Memory": 256, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "HostPort": 0, + "Protocol": "tcp" + }, + { + "ContainerPort": 90, + "HostPort": 0, + "Protocol": "tcp" + }, + { + "ContainerPort": 443, + "HostPort": 0, + "Protocol": "tcp" + } + ] + } + ], + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "NetworkMode": "bridge", + "RequiresCompatibilities": [ + "EC2" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "EnableExecuteCommand": true, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "EC2", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4" + } + }, + { + "ContainerName": "web", + "ContainerPort": 90, + "TargetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb90Group4AA47881" + } + }, + { + "ContainerName": "web", + "ContainerPort": 443, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268" + } + }, + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6" + } + } + ], + "SchedulingStrategy": "REPLICA", + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4", + "myServicelblistenerECSTargetGroupweb90Group4AA47881", + "myServicelblistenerECSTargetGroupweb90Rule68215E8D", + "myServicelblistener1D7944F2", + "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268", + "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6", + "myServicelb2listener2ECSTargetGroupweb80Rule2490715C", + "myServicelb2listener2AA6970EB" + ] + } + }, + "Parameters": { + "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" + } + }, + "Outputs": { + "myServiceLoadBalancerDNSlbDE816AD2": { + "Value": { + "Fn::GetAtt": [ + "myServicelb360A9ADD", + "DNSName" + ] + } + }, + "myServiceServiceURLlbhttps4348F098": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "myServiceDNSlb1E167074" + } + ] + ] + } + }, + "myServiceLoadBalancerDNSlb2DDCE46C8": { + "Value": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + }, + "myServiceServiceURLlb2https8BC76F76": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "myServiceDNSlb2811DE909" + } + ] + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/integ.json new file mode 100644 index 0000000000000..1f0f3217f86e7 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "multiAlbEcsEc2Test/DefaultTest": { + "stacks": [ + "aws-ecs-integ" + ], + "assertionStack": "multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..46d0ad30fc217 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/manifest.json @@ -0,0 +1,451 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-ecs-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ.template.json", + "validateOnSynth": false + }, + "metadata": { + "/aws-ecs-integ/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ/HostedZone/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "HostedZoneDB99F866" + } + ], + "/aws-ecs-integ/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelbSecurityGroup3AE0D167:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelbSecurityGroup3AE0D1673276865535F3D481F7" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A32768655350C2BEE3F" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeawsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B4FDC19F0" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic3B6438EC" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5" + } + ], + "/aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHook4A9A4325" + } + ], + "/aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + } + ], + "/aws-ecs-integ/myService/lb/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb360A9ADD" + } + ], + "/aws-ecs-integ/myService/lb/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelbSecurityGroup97C897CA" + } + ], + "/aws-ecs-integ/myService/lb/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelbSecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482327686553538B6E8FC" + } + ], + "/aws-ecs-integ/myService/lb/listener/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelblistener1D7944F2" + } + ], + "/aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4" + } + ], + "/aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelblistenerECSTargetGroupweb90Group4AA47881" + } + ], + "/aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Rule/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelblistenerECSTargetGroupweb90Rule68215E8D" + } + ], + "/aws-ecs-integ/myService/DNSlb/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceDNSlb1E167074" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlbDE816AD2" + } + ], + "/aws-ecs-integ/myService/ServiceURLlbhttps": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlbhttps4348F098" + } + ], + "/aws-ecs-integ/myService/lb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2C84C7BCB" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGroupEB00B5B9" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGrouptoawsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E64823276865535FF83B71B" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2AA6970EB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb443Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Rule/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb80Rule2490715C" + } + ], + "/aws-ecs-integ/myService/DNSlb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceDNSlb2811DE909" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb2": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb2DDCE46C8" + } + ], + "/aws-ecs-integ/myService/ServiceURLlb2https": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlb2https8BC76F76" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRole1C1DE6CC" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRoleDefaultPolicyD48473C0" + } + ], + "/aws-ecs-integ/myService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDef7FB8322A" + } + ], + "/aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefwebLogGroupA1767F2C" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRole618CD311" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571" + } + ], + "/aws-ecs-integ/myService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceB0B6FAA0" + } + ] + }, + "displayName": "aws-ecs-integ" + }, + "multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0.template.json", + "validateOnSynth": false + }, + "displayName": "multiAlbEcsEc2Test/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/multiAlbEcsEc2TestDefaultTestDeployAssertE5F6E3B0.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/tree.json new file mode 100644 index 0000000000000..d5087127fe4a4 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/multiple-application-load-balanced-ecs-service-idle-timeout.integ.snapshot/tree.json @@ -0,0 +1,2570 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.49" + } + }, + "aws-ecs-integ": { + "id": "aws-ecs-integ", + "path": "aws-ecs-integ", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "HostedZone": { + "id": "HostedZone", + "path": "aws-ecs-integ/HostedZone", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/HostedZone/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::HostedZone", + "aws:cdk:cloudformation:props": { + "name": "example.com." + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.CfnHostedZone", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.PublicHostedZone", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-ecs-integ/Cluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnCluster", + "version": "0.0.0" + } + }, + "DefaultAutoScalingGroup": { + "id": "DefaultAutoScalingGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "children": { + "InstanceSecurityGroup": { + "id": "InstanceSecurityGroup", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelbSecurityGroup3AE0D167:32768-65535": { + "id": "from awsecsintegmyServicelbSecurityGroup3AE0D167:32768-65535", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelbSecurityGroup3AE0D167:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 32768, + "groupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + }, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535": { + "id": "from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 32768, + "groupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "ec2.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ecs:DeregisterContainerInstance", + "ecs:RegisterContainerInstance", + "ecs:Submit*" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + }, + { + "Action": [ + "ecs:Poll", + "ecs:StartTelemetrySession" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecr:GetAuthorizationToken", + "ecs:DiscoverPollEndpoint", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy06157A81", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupInstanceRole9A14B384" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "version": "0.0.0" + } + }, + "LaunchConfig": { + "id": "LaunchConfig", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LaunchConfig", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LaunchConfiguration", + "aws:cdk:cloudformation:props": { + "imageId": { + "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + }, + "instanceType": "t2.micro", + "iamInstanceProfile": { + "Ref": "ClusterDefaultAutoScalingGroupInstanceProfile2BB4FE55" + }, + "securityGroups": [ + { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + } + ], + "userData": { + "Fn::Base64": { + "Fn::Join": [ + "", + [ + "#!/bin/bash\necho ECS_CLUSTER=", + { + "Ref": "ClusterEB0386A7" + }, + " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" + ] + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLaunchConfiguration", + "version": "0.0.0" + } + }, + "ASG": { + "id": "ASG", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/ASG", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::AutoScalingGroup", + "aws:cdk:cloudformation:props": { + "maxSize": "1", + "minSize": "1", + "launchConfigurationName": { + "Ref": "ClusterDefaultAutoScalingGroupLaunchConfig81EA5466" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup", + "propagateAtLaunch": true + } + ], + "vpcZoneIdentifier": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnAutoScalingGroup", + "version": "0.0.0" + } + }, + "DrainECSHook": { + "id": "DrainECSHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook", + "children": { + "Function": { + "id": "Function", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ], + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "ec2:DescribeHosts", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstances" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "autoscaling:CompleteLifecycleAction", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":autoscaling:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":autoScalingGroup:*:autoScalingGroupName/", + { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + } + ] + ] + } + }, + { + "Action": [ + "ecs:DescribeContainerInstances", + "ecs:DescribeTasks", + "ecs:ListTasks", + "ecs:UpdateContainerInstancesState" + ], + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "ecs:ListContainerInstances", + "ecs:SubmitContainerStateChange", + "ecs:SubmitTaskStateChange" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "ClusterEB0386A7", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicy221F6E5E", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + }, + "role": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole2AC250B1", + "Arn" + ] + }, + "environment": { + "variables": { + "CLUSTER": { + "Ref": "ClusterEB0386A7" + } + } + }, + "handler": "index.lambda_handler", + "runtime": "python3.9", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ], + "timeout": 310 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + }, + "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B": { + "id": "AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:awsecsintegClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopic2FBAAF9B", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + }, + "principal": "sns.amazonaws.com", + "sourceArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + }, + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Subscription", + "aws:cdk:cloudformation:props": { + "protocol": "lambda", + "topicArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "endpoint": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupDrainECSHookFunctionFE918865", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnSubscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Subscription", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.49" + } + }, + "LifecycleHookDrainHook": { + "id": "LifecycleHookDrainHook", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook", + "children": { + "Topic": { + "id": "Topic", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SNS::Topic", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.CfnTopic", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sns.Topic", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "autoscaling.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicyFFFD6EA5", + "roles": [ + { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AutoScaling::LifecycleHook", + "aws:cdk:cloudformation:props": { + "autoScalingGroupName": { + "Ref": "ClusterDefaultAutoScalingGroupASG0F98E147" + }, + "lifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", + "defaultResult": "CONTINUE", + "heartbeatTimeout": 300, + "notificationTargetArn": { + "Ref": "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicFE5437FB" + }, + "roleArn": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupLifecycleHookDrainHookRole70201663", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.CfnLifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.LifecycleHook", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-autoscaling.AutoScalingGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Cluster", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118": { + "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "aws-ecs-integ/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Cert": { + "id": "Cert", + "path": "aws-ecs-integ/Cert", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Cert2": { + "id": "Cert2", + "path": "aws-ecs-integ/Cert2", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "myService": { + "id": "myService", + "path": "aws-ecs-integ/myService", + "children": { + "lb": { + "id": "lb", + "path": "aws-ecs-integ/myService/lb", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + }, + { + "key": "idle_timeout.timeout_seconds", + "value": "400" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb8B06FF8F", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 443, + "toPort": 443, + "description": "Allow from anyone on port 443" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": { + "id": "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "path": "aws-ecs-integ/myService/lb/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelbSecurityGroup97C897CA", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "fromPort": 32768, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener": { + "id": "listener", + "path": "aws-ecs-integ/myService/lb/listener", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/listener/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb360A9ADD" + }, + "certificates": [ + { + "certificateArn": "helloworld" + } + ], + "port": 443, + "protocol": "HTTPS", + "sslPolicy": "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Group": { + "id": "ECSTargetGroupweb90Group", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Rule": { + "id": "ECSTargetGroupweb90Rule", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Rule", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb/listener/ECSTargetGroupweb90Rule/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::ListenerRule", + "aws:cdk:cloudformation:props": { + "actions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb90Group4AA47881" + } + } + ], + "conditions": [ + { + "field": "path-pattern", + "pathPatternConfig": { + "values": [ + "a/b/c" + ] + } + } + ], + "listenerArn": { + "Ref": "myServicelblistener1D7944F2" + }, + "priority": 10 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListenerRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "DNSlb": { + "id": "DNSlb", + "path": "aws-ecs-integ/myService/DNSlb", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/DNSlb/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", + "aws:cdk:cloudformation:props": { + "name": "api.example.com.", + "type": "A", + "aliasTarget": { + "hostedZoneId": { + "Fn::GetAtt": [ + "myServicelb360A9ADD", + "CanonicalHostedZoneID" + ] + }, + "dnsName": { + "Fn::Join": [ + "", + [ + "dualstack.", + { + "Fn::GetAtt": [ + "myServicelb360A9ADD", + "DNSName" + ] + } + ] + ] + } + }, + "hostedZoneId": { + "Ref": "HostedZoneDB99F866" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.CfnRecordSet", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.ARecord", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb": { + "id": "LoadBalancerDNSlb", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlbhttps": { + "id": "ServiceURLlbhttps", + "path": "aws-ecs-integ/myService/ServiceURLlbhttps", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "lb2": { + "id": "lb2", + "path": "aws-ecs-integ/myService/lb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + }, + { + "key": "idle_timeout.timeout_seconds", + "value": "400" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 443, + "toPort": 443, + "description": "Allow from anyone on port 443" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535": { + "id": "to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegClusterDefaultAutoScalingGroupInstanceSecurityGroupED6E6482:32768-65535", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "ClusterDefaultAutoScalingGroupInstanceSecurityGroup1D15236A", + "GroupId" + ] + }, + "fromPort": 32768, + "toPort": 65535 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener2": { + "id": "listener2", + "path": "aws-ecs-integ/myService/lb2/listener2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "certificates": [ + { + "certificateArn": "helloworld" + } + ], + "port": 443, + "protocol": "HTTPS", + "sslPolicy": "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb443Group": { + "id": "ECSTargetGroupweb443Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb443Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb443Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "instance", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Rule": { + "id": "ECSTargetGroupweb80Rule", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Rule", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb80Rule/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::ListenerRule", + "aws:cdk:cloudformation:props": { + "actions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6" + } + } + ], + "conditions": [ + { + "field": "path-pattern", + "pathPatternConfig": { + "values": [ + "a/b/c" + ] + } + } + ], + "listenerArn": { + "Ref": "myServicelb2listener2AA6970EB" + }, + "priority": 10 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListenerRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "DNSlb2": { + "id": "DNSlb2", + "path": "aws-ecs-integ/myService/DNSlb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/DNSlb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", + "aws:cdk:cloudformation:props": { + "name": "frontend.example.com.", + "type": "A", + "aliasTarget": { + "hostedZoneId": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "CanonicalHostedZoneID" + ] + }, + "dnsName": { + "Fn::Join": [ + "", + [ + "dualstack.", + { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + ] + ] + } + }, + "hostedZoneId": { + "Ref": "HostedZoneDB99F866" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.CfnRecordSet", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.ARecord", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb2": { + "id": "LoadBalancerDNSlb2", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb2", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlb2https": { + "id": "ServiceURLlb2https", + "path": "aws-ecs-integ/myService/ServiceURLlb2https", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ/myService/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "ssmmessages:CreateControlChannel", + "ssmmessages:CreateDataChannel", + "ssmmessages:OpenControlChannel", + "ssmmessages:OpenDataChannel" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefTaskRoleDefaultPolicyD48473C0", + "roles": [ + { + "Ref": "myServiceTaskDefTaskRole1C1DE6CC" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "memory": 256, + "name": "web", + "portMappings": [ + { + "containerPort": 80, + "hostPort": 0, + "protocol": "tcp" + }, + { + "containerPort": 90, + "hostPort": 0, + "protocol": "tcp" + }, + { + "containerPort": 443, + "hostPort": 0, + "protocol": "tcp" + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + } + } + ], + "executionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "family": "awsecsintegmyServiceTaskDefA3A33D18", + "networkMode": "bridge", + "requiresCompatibilities": [ + "EC2" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ/myService/TaskDef/web", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "ExecutionRole": { + "id": "ExecutionRole", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2TaskDefinition", + "version": "0.0.0" + } + }, + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "ClusterEB0386A7" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50 + }, + "enableEcsManagedTags": false, + "enableExecuteCommand": true, + "healthCheckGracePeriodSeconds": 60, + "launchType": "EC2", + "loadBalancers": [ + { + "targetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb80Group4ADFE4C4" + }, + "containerName": "web", + "containerPort": 80 + }, + { + "targetGroupArn": { + "Ref": "myServicelblistenerECSTargetGroupweb90Group4AA47881" + }, + "containerName": "web", + "containerPort": 90 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb443Group8FAB1268" + }, + "containerName": "web", + "containerPort": 443 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb80Group0590BDE6" + }, + "containerName": "web", + "containerPort": 80 + } + ], + "schedulingStrategy": "REPLICA", + "taskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Ec2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs-patterns.ApplicationMultipleTargetGroupsEc2Service", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "multiAlbEcsEc2Test": { + "id": "multiAlbEcsEc2Test", + "path": "multiAlbEcsEc2Test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "multiAlbEcsEc2Test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "multiAlbEcsEc2Test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.49" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "multiAlbEcsEc2Test/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/network-load-balanced-ecs-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/network-load-balanced-ecs-service.integ.snapshot/manifest.json index 814b078c1e8f1..b2719e3c34be3 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/network-load-balanced-ecs-service.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/network-load-balanced-ecs-service.integ.snapshot/manifest.json @@ -314,24 +314,6 @@ "type": "aws:cdk:logicalId", "data": "myServiceB0B6FAA0" } - ], - "FirstCapacityProvierD92F5AC4": [ - { - "type": "aws:cdk:logicalId", - "data": "FirstCapacityProvierD92F5AC4", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } - ], - "SecondCapacityProvierADE5DA56": [ - { - "type": "aws:cdk:logicalId", - "data": "SecondCapacityProvierADE5DA56", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" - ] - } ] }, "displayName": "aws-ecs-integ" diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json new file mode 100644 index 0000000000000..5ff8dbb899a8d --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json @@ -0,0 +1,913 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "myServicelb1FA8CBE12": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb1SecurityGroup342C51EA": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb1F7E1D606", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb1SecurityGrouptoawsecsintegmyServiceSecurityGroup8DAB521180E5389098": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "FromPort": 80, + "ToPort": 80 + } + }, + "myServicelb1listener15ED0E805": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": 30, + "HealthCheckPort": "8050", + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": 10, + "HealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200" + }, + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "ip", + "UnhealthyThresholdCount": 2, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2C84C7BCB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb2SecurityGroupEB00B5B9": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2SecurityGrouptoawsecsintegmyServiceSecurityGroup8DAB521190B4F7C173": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "FromPort": 90, + "ToPort": 90 + } + }, + "myServicelb2listener2AA6970EB": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "myServicelb2listener2ECSTargetGroupweb90Group6841F924": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": 30, + "HealthCheckPort": "8050", + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": 10, + "HealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200" + }, + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "stickiness.enabled", + "Value": "false" + } + ], + "TargetType": "ip", + "UnhealthyThresholdCount": 2, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Memory": 512, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + }, + { + "ContainerPort": 90, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "256", + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + }, + { + "ContainerName": "web", + "ContainerPort": 90, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A", + "myServicelb1listener15ED0E805", + "myServicelb2listener2ECSTargetGroupweb90Group6841F924", + "myServicelb2listener2AA6970EB" + ] + }, + "myServiceSecurityGroupC3B9D4E0": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/myService/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceSecurityGroupfromawsecsintegmyServicelb1SecurityGroup1B4AB3AE80AB7BEE2C": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "ToPort": 80 + } + }, + "myServiceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A90CDB6211B": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 90, + "GroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ToPort": 90 + } + } + }, + "Outputs": { + "myServiceLoadBalancerDNSlb1341EE21A": { + "Value": { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + }, + "myServiceServiceURLlb1httpAFA12FD3": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + ] + ] + } + }, + "myServiceLoadBalancerDNSlb2DDCE46C8": { + "Value": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + }, + "myServiceServiceURLlb2http935C1443": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + ] + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/integ.json new file mode 100644 index 0000000000000..7d88ed348230e --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "aws-ecs-integ" + ], + "assertionStack": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..5c3ee183d52bf --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/manifest.json @@ -0,0 +1,316 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-ecs-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ.template.json", + "validateOnSynth": false + }, + "metadata": { + "/aws-ecs-integ/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-ecs-integ/myService/lb1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1FA8CBE12" + } + ], + "/aws-ecs-integ/myService/lb1/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1SecurityGroup342C51EA" + } + ], + "/aws-ecs-integ/myService/lb1/SecurityGroup/to awsecsintegmyServiceSecurityGroup8DAB5211:80": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1SecurityGrouptoawsecsintegmyServiceSecurityGroup8DAB521180E5389098" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener15ED0E805" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb1": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb1341EE21A" + } + ], + "/aws-ecs-integ/myService/ServiceURLlb1http": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlb1httpAFA12FD3" + } + ], + "/aws-ecs-integ/myService/lb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2C84C7BCB" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGroupEB00B5B9" + } + ], + "/aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegmyServiceSecurityGroup8DAB5211:90": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2SecurityGrouptoawsecsintegmyServiceSecurityGroup8DAB521190B4F7C173" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2AA6970EB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb2": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb2DDCE46C8" + } + ], + "/aws-ecs-integ/myService/ServiceURLlb2http": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceServiceURLlb2http935C1443" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRole1C1DE6CC" + } + ], + "/aws-ecs-integ/myService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDef7FB8322A", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefwebLogGroupA1767F2C" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRole618CD311" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571" + } + ], + "/aws-ecs-integ/myService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceB0B6FAA0" + } + ], + "/aws-ecs-integ/myService/Service/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceSecurityGroupC3B9D4E0" + } + ], + "/aws-ecs-integ/myService/Service/SecurityGroup/from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:80": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceSecurityGroupfromawsecsintegmyServicelb1SecurityGroup1B4AB3AE80AB7BEE2C" + } + ], + "/aws-ecs-integ/myService/Service/SecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:90": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceSecurityGroupfromawsecsintegmyServicelb2SecurityGroup98A4D36A90CDB6211B" + } + ] + }, + "displayName": "aws-ecs-integ" + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/tree.json new file mode 100644 index 0000000000000..983496c01ff73 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-application-load-balanced-fargate-service.integ.snapshot/tree.json @@ -0,0 +1,1544 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "aws-ecs-integ": { + "id": "aws-ecs-integ", + "path": "aws-ecs-integ", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-ecs-integ/Cluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnCluster", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Cluster", + "version": "0.0.0" + } + }, + "myService": { + "id": "myService", + "path": "aws-ecs-integ/myService", + "children": { + "lb1": { + "id": "lb1", + "path": "aws-ecs-integ/myService/lb1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb1F7E1D606", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 80, + "toPort": 80, + "description": "Allow from anyone on port 80" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegmyServiceSecurityGroup8DAB5211:80": { + "id": "to awsecsintegmyServiceSecurityGroup8DAB5211:80", + "path": "aws-ecs-integ/myService/lb1/SecurityGroup/to awsecsintegmyServiceSecurityGroup8DAB5211:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "fromPort": 80, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener1": { + "id": "listener1", + "path": "aws-ecs-integ/myService/lb1/listener1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "port": 80, + "protocol": "HTTP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckIntervalSeconds": 30, + "healthCheckPort": "8050", + "healthCheckProtocol": "HTTP", + "healthCheckTimeoutSeconds": 10, + "healthyThresholdCount": 2, + "matcher": { + "httpCode": "200" + }, + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "ip", + "unhealthyThresholdCount": 2, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb1": { + "id": "LoadBalancerDNSlb1", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb1", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlb1http": { + "id": "ServiceURLlb1http", + "path": "aws-ecs-integ/myService/ServiceURLlb1http", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "lb2": { + "id": "lb2", + "path": "aws-ecs-integ/myService/lb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + } + ], + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "application" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Automatically created Security Group for ELB awsecsintegmyServicelb27C4A3B4D", + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "tcp", + "fromPort": 80, + "toPort": 80, + "description": "Allow from anyone on port 80" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "to awsecsintegmyServiceSecurityGroup8DAB5211:90": { + "id": "to awsecsintegmyServiceSecurityGroup8DAB5211:90", + "path": "aws-ecs-integ/myService/lb2/SecurityGroup/to awsecsintegmyServiceSecurityGroup8DAB5211:90", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress", + "aws:cdk:cloudformation:props": { + "groupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "ipProtocol": "tcp", + "description": "Load balancer to target", + "destinationSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "fromPort": 90, + "toPort": 90 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupEgress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "listener2": { + "id": "listener2", + "path": "aws-ecs-integ/myService/lb2/listener2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "port": 80, + "protocol": "HTTP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Group": { + "id": "ECSTargetGroupweb90Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckIntervalSeconds": 30, + "healthCheckPort": "8050", + "healthCheckProtocol": "HTTP", + "healthCheckTimeoutSeconds": 10, + "healthyThresholdCount": 2, + "matcher": { + "httpCode": "200" + }, + "port": 80, + "protocol": "HTTP", + "targetGroupAttributes": [ + { + "key": "stickiness.enabled", + "value": "false" + } + ], + "targetType": "ip", + "unhealthyThresholdCount": 2, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.ApplicationLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb2": { + "id": "LoadBalancerDNSlb2", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb2", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "ServiceURLlb2http": { + "id": "ServiceURLlb2http", + "path": "aws-ecs-integ/myService/ServiceURLlb2http", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ/myService/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "memory": 512, + "name": "web", + "portMappings": [ + { + "containerPort": 80, + "protocol": "tcp" + }, + { + "containerPort": 90, + "protocol": "tcp" + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + } + } + ], + "cpu": "256", + "executionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "family": "awsecsintegmyServiceTaskDefA3A33D18", + "memory": "512", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ/myService/TaskDef/web", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "ExecutionRole": { + "id": "ExecutionRole", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.FargateTaskDefinition", + "version": "0.0.0" + } + }, + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "ClusterEB0386A7" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50 + }, + "enableEcsManagedTags": false, + "healthCheckGracePeriodSeconds": 60, + "launchType": "FARGATE", + "loadBalancers": [ + { + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "containerName": "web", + "containerPort": 80 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "containerName": "web", + "containerPort": 90 + } + ], + "networkConfiguration": { + "awsvpcConfiguration": { + "assignPublicIp": "DISABLED", + "subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + } + ] + } + }, + "taskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnService", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/Service/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/Service/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ/myService/Service/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:80": { + "id": "from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:80", + "path": "aws-ecs-integ/myService/Service/SecurityGroup/from awsecsintegmyServicelb1SecurityGroup1B4AB3AE:80", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 80, + "groupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb1SecurityGroup342C51EA", + "GroupId" + ] + }, + "toPort": 80 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + }, + "from awsecsintegmyServicelb2SecurityGroup98A4D36A:90": { + "id": "from awsecsintegmyServicelb2SecurityGroup98A4D36A:90", + "path": "aws-ecs-integ/myService/Service/SecurityGroup/from awsecsintegmyServicelb2SecurityGroup98A4D36A:90", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress", + "aws:cdk:cloudformation:props": { + "ipProtocol": "tcp", + "description": "Load balancer to target", + "fromPort": 90, + "groupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "sourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServicelb2SecurityGroupEB00B5B9", + "GroupId" + ] + }, + "toPort": 90 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroupIngress", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.FargateService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs-patterns.ApplicationMultipleTargetGroupsFargateService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json new file mode 100644 index 0000000000000..0ec97403216ba --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/aws-ecs-integ.template.json @@ -0,0 +1,717 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "myServicelb1FA8CBE12": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb1listener15ED0E805": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "Port": 80, + "Protocol": "TCP" + } + }, + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckPort": "8050", + "Port": 80, + "Protocol": "TCP", + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServicelb2C84C7BCB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServicelb2listener2AA6970EB": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "Port": 80, + "Protocol": "TCP" + } + }, + "myServicelb2listener2ECSTargetGroupweb90Group6841F924": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckPort": "8050", + "Port": 90, + "Protocol": "TCP", + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Memory": 512, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + }, + { + "ContainerPort": 90, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "256", + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + }, + { + "ContainerName": "web", + "ContainerPort": 90, + "TargetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A", + "myServicelb1listener15ED0E805", + "myServicelb2listener2ECSTargetGroupweb90Group6841F924", + "myServicelb2listener2AA6970EB" + ] + }, + "myServiceSecurityGroupC3B9D4E0": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/myService/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + } + }, + "Outputs": { + "myServiceLoadBalancerDNSlb1341EE21A": { + "Value": { + "Fn::GetAtt": [ + "myServicelb1FA8CBE12", + "DNSName" + ] + } + }, + "myServiceLoadBalancerDNSlb2DDCE46C8": { + "Value": { + "Fn::GetAtt": [ + "myServicelb2C84C7BCB", + "DNSName" + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/integ.json new file mode 100644 index 0000000000000..7d88ed348230e --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "aws-ecs-integ" + ], + "assertionStack": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..4746f1ce7b8bf --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/manifest.json @@ -0,0 +1,268 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-ecs-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ.template.json", + "validateOnSynth": false + }, + "metadata": { + "/aws-ecs-integ/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-ecs-integ/myService/lb1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1FA8CBE12" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener15ED0E805" + } + ], + "/aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb1": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb1341EE21A" + } + ], + "/aws-ecs-integ/myService/lb2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2C84C7BCB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2AA6970EB" + } + ], + "/aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + ], + "/aws-ecs-integ/myService/LoadBalancerDNSlb2": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceLoadBalancerDNSlb2DDCE46C8" + } + ], + "/aws-ecs-integ/myService/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefTaskRole1C1DE6CC" + } + ], + "/aws-ecs-integ/myService/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDef7FB8322A", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] + } + ], + "/aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefwebLogGroupA1767F2C" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRole618CD311" + } + ], + "/aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571" + } + ], + "/aws-ecs-integ/myService/Service/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceB0B6FAA0" + } + ], + "/aws-ecs-integ/myService/Service/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "myServiceSecurityGroupC3B9D4E0" + } + ] + }, + "displayName": "aws-ecs-integ" + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "validateOnSynth": false + }, + "displayName": "Integ/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/tree.json new file mode 100644 index 0000000000000..94068ebb5704e --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/healthchecks-multiple-network-load-balanced-fargate-service.integ.snapshot/tree.json @@ -0,0 +1,1296 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "aws-ecs-integ": { + "id": "aws-ecs-integ", + "path": "aws-ecs-integ", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-ecs-integ/Cluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnCluster", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.Cluster", + "version": "0.0.0" + } + }, + "myService": { + "id": "myService", + "path": "aws-ecs-integ/myService", + "children": { + "lb1": { + "id": "lb1", + "path": "aws-ecs-integ/myService/lb1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "listener1": { + "id": "listener1", + "path": "aws-ecs-integ/myService/lb1/listener1", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb1FA8CBE12" + }, + "port": 80, + "protocol": "TCP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb80Group": { + "id": "ECSTargetGroupweb80Group", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb1/listener1/ECSTargetGroupweb80Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckPort": "8050", + "port": 80, + "protocol": "TCP", + "targetType": "ip", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb1": { + "id": "LoadBalancerDNSlb1", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb1", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "lb2": { + "id": "lb2", + "path": "aws-ecs-integ/myService/lb2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "aws:cdk:cloudformation:props": { + "loadBalancerAttributes": [ + { + "key": "deletion_protection.enabled", + "value": "false" + } + ], + "scheme": "internet-facing", + "subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "type": "network" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer", + "version": "0.0.0" + } + }, + "listener2": { + "id": "listener2", + "path": "aws-ecs-integ/myService/lb2/listener2", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::Listener", + "aws:cdk:cloudformation:props": { + "defaultActions": [ + { + "type": "forward", + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + } + } + ], + "loadBalancerArn": { + "Ref": "myServicelb2C84C7BCB" + }, + "port": 80, + "protocol": "TCP" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnListener", + "version": "0.0.0" + } + }, + "ECSTargetGroupweb90Group": { + "id": "ECSTargetGroupweb90Group", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/lb2/listener2/ECSTargetGroupweb90Group/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "aws:cdk:cloudformation:props": { + "healthCheckPort": "8050", + "port": 90, + "protocol": "TCP", + "targetType": "ip", + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkListener", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer", + "version": "0.0.0" + } + }, + "LoadBalancerDNSlb2": { + "id": "LoadBalancerDNSlb2", + "path": "aws-ecs-integ/myService/LoadBalancerDNSlb2", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ/myService/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "memory": 512, + "name": "web", + "portMappings": [ + { + "containerPort": 80, + "protocol": "tcp" + }, + { + "containerPort": 90, + "protocol": "tcp" + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + } + } + ], + "cpu": "256", + "executionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "family": "awsecsintegmyServiceTaskDefA3A33D18", + "memory": "512", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ/myService/TaskDef/web", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/web/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-logs.LogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.ContainerDefinition", + "version": "0.0.0" + } + }, + "ExecutionRole": { + "id": "ExecutionRole", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/TaskDef/ExecutionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.FargateTaskDefinition", + "version": "0.0.0" + } + }, + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ/myService/Service/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "ClusterEB0386A7" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50 + }, + "enableEcsManagedTags": false, + "healthCheckGracePeriodSeconds": 60, + "launchType": "FARGATE", + "loadBalancers": [ + { + "targetGroupArn": { + "Ref": "myServicelb1listener1ECSTargetGroupweb80GroupC3F9339A" + }, + "containerName": "web", + "containerPort": 80 + }, + { + "targetGroupArn": { + "Ref": "myServicelb2listener2ECSTargetGroupweb90Group6841F924" + }, + "containerName": "web", + "containerPort": 90 + } + ], + "networkConfiguration": { + "awsvpcConfiguration": { + "assignPublicIp": "DISABLED", + "subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "securityGroups": [ + { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + } + ] + } + }, + "taskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.CfnService", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ/myService/Service/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ/myService/Service/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ/myService/Service/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs.FargateService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecs-patterns.NetworkMultipleTargetGroupsFargateService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.51" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-application-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-application-load-balanced-fargate-service.ts new file mode 100644 index 0000000000000..84efe3718bf03 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-application-load-balanced-fargate-service.ts @@ -0,0 +1,79 @@ +import { Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { Protocol } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { App, Duration, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; + +import { ApplicationMultipleTargetGroupsFargateService } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); + +// Two load balancers with two listeners and two target groups. +const applicationMultipleTargetGroupsFargateService = new ApplicationMultipleTargetGroupsFargateService(stack, 'myService', { + cluster, + memoryLimitMiB: 512, + taskImageOptions: { + image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + loadBalancers: [ + { + name: 'lb1', + listeners: [ + { + name: 'listener1', + }, + ], + }, + { + name: 'lb2', + listeners: [ + { + name: 'listener2', + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener1', + }, + { + containerPort: 90, + listener: 'listener2', + }, + ], +}); + +applicationMultipleTargetGroupsFargateService.targetGroups[0].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + +applicationMultipleTargetGroupsFargateService.targetGroups[1].configureHealthCheck({ + port: '8050', + protocol: Protocol.HTTP, + healthyThresholdCount: 2, + unhealthyThresholdCount: 2, + timeout: Duration.seconds(10), + interval: Duration.seconds(30), + healthyHttpCodes: '200', +}); + +applicationMultipleTargetGroupsFargateService.loadBalancers[0]._enableCrossEnvironment; +applicationMultipleTargetGroupsFargateService.loadBalancers[1]._enableCrossEnvironment; + +applicationMultipleTargetGroupsFargateService.listeners[0].listenerArn; +applicationMultipleTargetGroupsFargateService.listeners[1].listenerArn; + +new IntegTest(app, 'Integ', { testCases: [stack] }); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-network-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-network-load-balanced-fargate-service.ts new file mode 100644 index 0000000000000..68e761647bb51 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.healthchecks-multiple-network-load-balanced-fargate-service.ts @@ -0,0 +1,62 @@ +import { Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { App, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { NetworkMultipleTargetGroupsFargateService } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); + +// Two load balancers with two listeners and two target groups. +const networkMultipleTargetGroupsFargateService = new NetworkMultipleTargetGroupsFargateService(stack, 'myService', { + cluster, + memoryLimitMiB: 512, + taskImageOptions: { + image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }, + loadBalancers: [ + { + name: 'lb1', + listeners: [ + { + name: 'listener1', + }, + ], + }, + { + name: 'lb2', + listeners: [ + { + name: 'listener2', + }, + ], + }, + ], + targetGroups: [ + { + containerPort: 80, + listener: 'listener1', + }, + { + containerPort: 90, + listener: 'listener2', + }, + ], +}); + +networkMultipleTargetGroupsFargateService.targetGroups[0].configureHealthCheck({ + port: '8050', +}); + +networkMultipleTargetGroupsFargateService.targetGroups[1].configureHealthCheck({ + port: '8050', +}); + +networkMultipleTargetGroupsFargateService.loadBalancers[0]._enableCrossEnvironment; +networkMultipleTargetGroupsFargateService.loadBalancers[1]._enableCrossEnvironment; + +new IntegTest(app, 'Integ', { testCases: [stack] }); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/integ.json index 7044311d56ad3..943bed0c69b0a 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/integ.json @@ -1,14 +1,11 @@ { "version": "20.0.0", "testCases": { - "fargate/integ.l3-capacity-provider-strategies": { + "l3CapacityProviderStrategiesTest/DefaultTest": { "stacks": [ "aws-ecs-integ-lb-fargate" ], - "diffAssets": false, - "stackUpdateWorkflow": true + "assertionStack": "l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7" } - }, - "synthContext": {}, - "enableLookups": false + } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/manifest.json index 9276f2e6e685e..7a04777da984f 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/manifest.json @@ -240,10 +240,7 @@ "/aws-ecs-integ-lb-fargate/ALBFargateService/Service/Service": [ { "type": "aws:cdk:logicalId", - "data": "ALBFargateService90FDCE10", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "ALBFargateService90FDCE10" } ], "/aws-ecs-integ-lb-fargate/ALBFargateService/Service/SecurityGroup/Resource": [ @@ -315,10 +312,7 @@ "/aws-ecs-integ-lb-fargate/NLBFargateService/Service/Service": [ { "type": "aws:cdk:logicalId", - "data": "NLBFargateServiceB92AC095", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "NLBFargateServiceB92AC095" } ], "/aws-ecs-integ-lb-fargate/NLBFargateService/Service/SecurityGroup/Resource": [ @@ -329,6 +323,15 @@ ] }, "displayName": "aws-ecs-integ-lb-fargate" + }, + "l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "l3CapacityProviderStrategiesTestDefaultTestDeployAssertCE3F86E7.template.json", + "validateOnSynth": false + }, + "displayName": "l3CapacityProviderStrategiesTest/DefaultTest/DeployAssert" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/tree.json index c85f5be4cb9bd..7a237de085ef7 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.49" } }, "aws-ecs-integ-lb-fargate": { @@ -1721,6 +1721,42 @@ "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" } + }, + "l3CapacityProviderStrategiesTest": { + "id": "l3CapacityProviderStrategiesTest", + "path": "l3CapacityProviderStrategiesTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "l3CapacityProviderStrategiesTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "l3CapacityProviderStrategiesTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.49" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "l3CapacityProviderStrategiesTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ecs/lib/cluster.ts b/packages/@aws-cdk/aws-ecs/lib/cluster.ts index 5666e7f6403ac..dc42dacb975e0 100644 --- a/packages/@aws-cdk/aws-ecs/lib/cluster.ts +++ b/packages/@aws-cdk/aws-ecs/lib/cluster.ts @@ -338,7 +338,7 @@ export class Cluster extends Resource implements ICluster { const autoScalingGroup = new autoscaling.AutoScalingGroup(this, id, { vpc: this.vpc, machineImage, - updateType: options.updateType || autoscaling.UpdateType.REPLACING_UPDATE, + updateType: !!options.updatePolicy ? undefined : options.updateType || autoscaling.UpdateType.REPLACING_UPDATE, ...options, }); diff --git a/packages/@aws-cdk/aws-ecs/test/cluster.test.ts b/packages/@aws-cdk/aws-ecs/test/cluster.test.ts index 11394fb74622a..5e2e0403ac33b 100644 --- a/packages/@aws-cdk/aws-ecs/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-ecs/test/cluster.test.ts @@ -1725,6 +1725,143 @@ describe('cluster', () => { }); + testDeprecated('updatePolicy set when passed without updateType', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + updatePolicy: autoscaling.UpdatePolicy.replacingUpdate(), + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', { + UpdatePolicy: { + AutoScalingReplacingUpdate: { + WillReplace: true, + }, + }, + }); + }); + + testDeprecated('undefined updateType & updatePolicy replaced by default updatePolicy', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', { + UpdatePolicy: { + AutoScalingReplacingUpdate: { + WillReplace: true, + }, + }, + }); + }); + + testDeprecated('updateType.NONE replaced by updatePolicy equivalent', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + updateType: autoscaling.UpdateType.NONE, + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', { + UpdatePolicy: { + AutoScalingScheduledAction: { + IgnoreUnmodifiedGroupSizeProperties: true, + }, + }, + }); + }); + + testDeprecated('updateType.REPLACING_UPDATE replaced by updatePolicy equivalent', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + updateType: autoscaling.UpdateType.REPLACING_UPDATE, + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', { + UpdatePolicy: { + AutoScalingReplacingUpdate: { + WillReplace: true, + }, + }, + }); + }); + + testDeprecated('updateType.ROLLING_UPDATE replaced by updatePolicy equivalent', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + updateType: autoscaling.UpdateType.ROLLING_UPDATE, + }); + + // THEN + Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', { + UpdatePolicy: { + AutoScalingRollingUpdate: { + WaitOnResourceSignals: false, + PauseTime: 'PT0S', + SuspendProcesses: [ + 'HealthCheck', + 'ReplaceUnhealthy', + 'AZRebalance', + 'AlarmNotification', + 'ScheduledActions', + ], + }, + AutoScalingScheduledAction: { + IgnoreUnmodifiedGroupSizeProperties: true, + }, + }, + }); + }); + + testDeprecated('throws when updatePolicy and updateType both specified', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + + expect(() => { + cluster.addCapacity('bottlerocket-asg', { + instanceType: new ec2.InstanceType('c5.large'), + machineImage: new ecs.BottleRocketImage(), + updatePolicy: autoscaling.UpdatePolicy.replacingUpdate(), + updateType: autoscaling.UpdateType.REPLACING_UPDATE, + }); + }).toThrow("Cannot set 'signals'/'updatePolicy' and 'updateType' together. Prefer 'signals'/'updatePolicy'"); + }); + testDeprecated('allows specifying capacityProviders (deprecated)', () => { // GIVEN const app = new cdk.App(); diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/aws-ecs-integ.template.json b/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/aws-ecs-integ.template.json index 0f3734dc75d0e..803cae34a9f34 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/aws-ecs-integ.template.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/aws-ecs-integ.template.json @@ -1460,7 +1460,7 @@ "Ref": "EnvFileDeploymentAwsCliLayerA8FC897D" } ], - "Runtime": "python3.7", + "Runtime": "python3.9", "Timeout": 900 }, "DependsOn": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/tree.json index a8afb7f3d8803..6e784ccb82867 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/environment-file.integ.snapshot/tree.json @@ -2330,7 +2330,7 @@ "Ref": "EnvFileDeploymentAwsCliLayerA8FC897D" } ], - "runtime": "python3.7", + "runtime": "python3.9", "timeout": 900 } }, diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts index 0177a7e21b695..dfafd02d4c291 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts @@ -286,10 +286,14 @@ function parseProps(props: any): aws.EKS.CreateClusterRequest { parsed.resourcesVpcConfig.endpointPublicAccess = parsed.resourcesVpcConfig.endpointPublicAccess === 'true'; } - if (typeof (parsed.logging?.clusterLogging[0].enabled) === 'string') { + if (typeof (parsed.logging?.clusterLogging[0]?.enabled) === 'string') { parsed.logging.clusterLogging[0].enabled = parsed.logging.clusterLogging[0].enabled === 'true'; } + if (typeof (parsed.logging?.clusterLogging[1]?.enabled) === 'string') { + parsed.logging.clusterLogging[1].enabled = parsed.logging.clusterLogging[1].enabled === 'false'; + } + return parsed; } diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts index 755b89eec135c..28c6a5a2f51d7 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts @@ -25,7 +25,7 @@ export interface ClusterResourceProps { readonly onEventLayer?: lambda.ILayerVersion; readonly clusterHandlerSecurityGroup?: ec2.ISecurityGroup; readonly tags?: { [key: string]: string }; - readonly logging?: { [key: string]: [ { [key: string]: any } ] }; + readonly logging?: { [key: string]: [ { [key: string]: any }, { [key: string]: any } ] }; } /** diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 5fd70cd5b1d45..481f0891c849d 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -1285,7 +1285,7 @@ export class Cluster extends ClusterBase { private readonly version: KubernetesVersion; - private readonly logging?: { [key: string]: [ { [key: string]: any } ] }; + private readonly logging?: { [key: string]: [ { [key: string]: any }, { [key: string]: any } ] }; /** * A dummy CloudFormation resource that is used as a wait barrier which @@ -1347,12 +1347,28 @@ export class Cluster extends ClusterBase { // Get subnetIds for all selected subnets const subnetIds = Array.from(new Set(flatten(selectedSubnetIdsPerGroup))); + // The value of clusterLoggingTypeDisabled should be invert of props.clusterLogging. + let clusterLoggingTypeDisabled: ClusterLoggingTypes[] = []; + + // Find out type(s) to disable. + Object.values(ClusterLoggingTypes).forEach(function (key) { + let clusterLoggingTypeEnabled = Object.values(props.clusterLogging ? Object.values(props.clusterLogging) : []); + if (!Object.values(clusterLoggingTypeEnabled).includes(key)) { + clusterLoggingTypeDisabled.push(key); + }; + }); + + // Leave it untouched as undefined if (props.clusterLogging === undefined). this.logging = props.clusterLogging ? { clusterLogging: [ { enabled: true, types: Object.values(props.clusterLogging), }, + { + enabled: false, + types: Object.values(clusterLoggingTypeDisabled), + }, ], } : undefined; diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 61826a064745f..15e92dde9593a 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -90,7 +90,7 @@ "@types/sinon": "^9.0.11", "@types/yaml": "1.9.6", "aws-sdk": "^2.848.0", - "cdk8s": "^2.3.67", + "cdk8s": "^2.3.74", "cdk8s-plus-21": "^2.0.0-beta.12", "jest": "^27.5.1", "sinon": "^9.2.4" diff --git a/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts b/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts index d7d7789bde0a5..7a486cc67600f 100644 --- a/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts +++ b/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts @@ -566,6 +566,10 @@ describe('cluster resource provider', () => { types: ['api'], enabled: true, }, + { + types: ['audit', 'authenticator', 'controllerManager', 'scheduler'], + enabled: false, + }, ], }, }, { @@ -581,6 +585,10 @@ describe('cluster resource provider', () => { types: ['api'], enabled: true, }, + { + types: ['audit', 'authenticator', 'controllerManager', 'scheduler'], + enabled: false, + }, ], }, }); @@ -622,6 +630,10 @@ describe('cluster resource provider', () => { types: ['api', 'audit', 'authenticator', 'controllerManager', 'scheduler'], enabled: true, }, + { + types: [], + enabled: false, + }, ], }, resourcesVpcConfig: { @@ -644,6 +656,10 @@ describe('cluster resource provider', () => { types: ['api', 'audit', 'authenticator', 'controllerManager', 'scheduler'], enabled: true, }, + { + types: [], + enabled: false, + }, ], }, resourcesVpcConfig: { diff --git a/packages/@aws-cdk/aws-eks/test/cluster.test.ts b/packages/@aws-cdk/aws-eks/test/cluster.test.ts index 1f6ba84fc20fa..8b797a954007f 100644 --- a/packages/@aws-cdk/aws-eks/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-eks/test/cluster.test.ts @@ -3156,4 +3156,98 @@ describe('cluster', () => { }, }); }); + + test('create a cluster without logging configure', () => { + // GIVEN + const { stack } = testFixture(); + + // WHEN + new eks.Cluster(stack, 'Cluster', { + version: CLUSTER_VERSION, + }); + + // THEN + Template.fromStack(stack).resourceCountIs('Custom::AWSCDK-EKS-Cluster::Config::logging', 0); + }); + + test('create a cluster with partial logging configure', () => { + // GIVEN + const { stack } = testFixture(); + + // WHEN + new eks.Cluster(stack, 'Cluster', { + version: CLUSTER_VERSION, + clusterLogging: [ + eks.ClusterLoggingTypes.API, + eks.ClusterLoggingTypes.AUTHENTICATOR, + eks.ClusterLoggingTypes.SCHEDULER, + ], + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { + Config: { + logging: { + clusterLogging: [ + { + enabled: true, + types: [ + 'api', + 'authenticator', + 'scheduler', + ], + }, + { + enabled: false, + types: [ + 'audit', + 'controllerManager', + ], + }, + ], + }, + }, + }); + }); + + test('create a cluster with all logging configure', () => { + // GIVEN + const { stack } = testFixture(); + + // WHEN + new eks.Cluster(stack, 'Cluster', { + version: CLUSTER_VERSION, + clusterLogging: [ + eks.ClusterLoggingTypes.API, + eks.ClusterLoggingTypes.AUDIT, + eks.ClusterLoggingTypes.AUTHENTICATOR, + eks.ClusterLoggingTypes.CONTROLLER_MANAGER, + eks.ClusterLoggingTypes.SCHEDULER, + ], + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { + Config: { + logging: { + clusterLogging: [ + { + enabled: true, + types: [ + 'api', + 'audit', + 'authenticator', + 'controllerManager', + 'scheduler', + ], + }, + { + enabled: false, + types: [], + }, + ], + }, + }, + }); + }); }); diff --git a/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json b/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json index 281bb1075114d..e82dac45c4b78 100644 --- a/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json +++ b/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json @@ -825,6 +825,13 @@ "authenticator", "scheduler" ] + }, + { + "enabled": false, + "types": [ + "audit", + "controllerManager" + ] } ] } @@ -4032,4 +4039,4 @@ "Default": "/aws/service/bottlerocket/aws-k8s-1.21/x86_64/latest/image_id" } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json b/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json index 7d2bb8615cb6f..48a92cfb5667b 100644 --- a/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json +++ b/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json @@ -668,6 +668,13 @@ "authenticator", "scheduler" ] + }, + { + "enabled": false, + "types": [ + "audit", + "controllerManager" + ] } ] } @@ -1316,4 +1323,4 @@ "Description": "Artifact hash for asset \"3d78a5cdc39276c4ee8503417d4363951a0693b01cfd99ec9786feed456d012f\"" } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-eks/test/fargate.test.ts b/packages/@aws-cdk/aws-eks/test/fargate.test.ts index e028981ff7bf2..d0cff709da411 100644 --- a/packages/@aws-cdk/aws-eks/test/fargate.test.ts +++ b/packages/@aws-cdk/aws-eks/test/fargate.test.ts @@ -459,7 +459,62 @@ describe('fargate', () => { }); - test('supports cluster logging with FargateCluster', () => { + test('supports cluster logging without FargateCluster', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + + new eks.FargateCluster(stack, 'FargateCluster', { + version: CLUSTER_VERSION, + }); + + //THEN + Template.fromStack(stack).resourceCountIs('Custom::AWSCDK-EKS-Cluster::Config::logging', 0); + }); + + test('supports cluster partial logging enabled with FargateCluster', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + + new eks.FargateCluster(stack, 'FargateCluster', { + version: CLUSTER_VERSION, + clusterLogging: [ + eks.ClusterLoggingTypes.API, + eks.ClusterLoggingTypes.AUTHENTICATOR, + eks.ClusterLoggingTypes.SCHEDULER, + ], + }); + + //THEN + Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { + Config: { + logging: { + clusterLogging: [ + { + enabled: true, + types: [ + 'api', + 'authenticator', + 'scheduler', + ], + }, + { + enabled: false, + types: [ + 'audit', + 'controllerManager', + ], + }, + ], + }, + }, + }); + }); + + test('supports cluster all logging enabled with FargateCluster', () => { // GIVEN const stack = new Stack(); @@ -469,7 +524,9 @@ describe('fargate', () => { version: CLUSTER_VERSION, clusterLogging: [ eks.ClusterLoggingTypes.API, + eks.ClusterLoggingTypes.AUDIT, eks.ClusterLoggingTypes.AUTHENTICATOR, + eks.ClusterLoggingTypes.CONTROLLER_MANAGER, eks.ClusterLoggingTypes.SCHEDULER, ], }); @@ -479,7 +536,20 @@ describe('fargate', () => { Config: { logging: { clusterLogging: [ - { enabled: true, types: ['api', 'authenticator', 'scheduler'] }, + { + enabled: true, + types: [ + 'api', + 'audit', + 'authenticator', + 'controllerManager', + 'scheduler', + ], + }, + { + enabled: false, + types: [], + }, ], }, }, diff --git a/packages/@aws-cdk/aws-events-targets/README.md b/packages/@aws-cdk/aws-events-targets/README.md index c17bb37a9118b..7dc1c9116b720 100644 --- a/packages/@aws-cdk/aws-events-targets/README.md +++ b/packages/@aws-cdk/aws-events-targets/README.md @@ -36,7 +36,7 @@ EventBridge. ## Event retry policy and using dead-letter queues -The Codebuild, CodePipeline, Lambda, StepFunctions, LogGroup, SQSQueue and SNSTopic targets support attaching a [dead letter queue and setting retry policies](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html). See the [lambda example](#invoke-a-lambda-function). +The Codebuild, CodePipeline, Lambda, StepFunctions, LogGroup, SQSQueue, SNSTopic and ECSTask targets support attaching a [dead letter queue and setting retry policies](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html). See the [lambda example](#invoke-a-lambda-function). Use [escape hatches](https://docs.aws.amazon.com/cdk/latest/guide/cfn_layer.html) for the other target types. ## Invoke a Lambda function diff --git a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts index 8e0c6108a8ed6..4a695f1259796 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts @@ -5,12 +5,12 @@ import * as iam from '@aws-cdk/aws-iam'; import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; import { ContainerOverride } from './ecs-task-properties'; -import { singletonEventRole } from './util'; +import { addToDeadLetterQueueResourcePolicy, bindBaseTargetConfig, singletonEventRole, TargetBaseProps } from './util'; /** * Properties to define an ECS Event Task */ -export interface EcsTaskProps { +export interface EcsTaskProps extends TargetBaseProps { /** * Cluster where service will be deployed */ @@ -180,7 +180,12 @@ export class EcsTask implements events.IRuleTarget { } : baseEcsParameters; + if (this.props.deadLetterQueue) { + addToDeadLetterQueueResourcePolicy(_rule, this.props.deadLetterQueue); + } + return { + ...bindBaseTargetConfig(this.props), arn, role, ecsParameters, diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/EcsTestDefaultTestDeployAssert8B2741C4.template.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/EcsTestDefaultTestDeployAssert8B2741C4.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/EcsTestDefaultTestDeployAssert8B2741C4.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/LambdaTestDefaultTestDeployAssert1AF2B360.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/Dockerfile b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/Dockerfile similarity index 100% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/Dockerfile rename to packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/Dockerfile diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/index.py b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/index.py similarity index 100% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/index.py rename to packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/index.py diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.template.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/aws-ecs-integ-ecs.template.json similarity index 95% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.template.json rename to packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/aws-ecs-integ-ecs.template.json index 122842ca14a76..301cfa1544fc5 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.template.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/aws-ecs-integ-ecs.template.json @@ -674,6 +674,50 @@ "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B" ] }, + "MyDeadLetterQueueD997968A": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "MyDeadLetterQueuePolicyCC35D52C": { + "Type": "AWS::SQS::QueuePolicy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Condition": { + "ArnEquals": { + "aws:SourceArn": { + "Fn::GetAtt": [ + "Rule4C995B7F", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + }, + "Sid": "AllowEventRuleawsecsintegecsRuleB8841E8B" + } + ], + "Version": "2012-10-17" + }, + "Queues": [ + { + "Ref": "MyDeadLetterQueueD997968A" + } + ] + } + }, "TaskDefTaskRole1EDB4A67": { "Type": "AWS::IAM::Role", "Properties": { @@ -908,6 +952,14 @@ "Arn" ] }, + "DeadLetterConfig": { + "Arn": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + } + }, "EcsParameters": { "TaskCount": 1, "TaskDefinitionArn": { diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/integ.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/integ.json new file mode 100644 index 0000000000000..f505ccfa36522 --- /dev/null +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "EcsTest/DefaultTest": { + "stacks": [ + "aws-ecs-integ-ecs" + ], + "assertionStack": "EcsTestDefaultTestDeployAssert8B2741C4" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/manifest.json similarity index 92% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/manifest.json rename to packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/manifest.json index 0067ad2e9dffc..6fb52a919cae7 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/manifest.json @@ -208,6 +208,18 @@ "data": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" } ], + "/aws-ecs-integ-ecs/MyDeadLetterQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDeadLetterQueueD997968A" + } + ], + "/aws-ecs-integ-ecs/MyDeadLetterQueue/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDeadLetterQueuePolicyCC35D52C" + } + ], "/aws-ecs-integ-ecs/TaskDef/TaskRole/Resource": [ { "type": "aws:cdk:logicalId", @@ -258,6 +270,15 @@ ] }, "displayName": "aws-ecs-integ-ecs" + }, + "EcsTestDefaultTestDeployAssert8B2741C4": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "EcsTestDefaultTestDeployAssert8B2741C4.template.json", + "validateOnSynth": false + }, + "displayName": "EcsTest/DefaultTest/DeployAssert" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/tree.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/tree.json similarity index 94% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/tree.json rename to packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/tree.json index 71cc0011f7c87..ec5ed57cb120c 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.58" } }, "aws-ecs-integ-ecs": { @@ -922,7 +922,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.58" } }, "LifecycleHookDrainHook": { @@ -1102,6 +1102,85 @@ "version": "0.0.0" } }, + "MyDeadLetterQueue": { + "id": "MyDeadLetterQueue", + "path": "aws-ecs-integ-ecs/MyDeadLetterQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-ecs/MyDeadLetterQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "aws-ecs-integ-ecs/MyDeadLetterQueue/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-ecs/MyDeadLetterQueue/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::QueuePolicy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Condition": { + "ArnEquals": { + "aws:SourceArn": { + "Fn::GetAtt": [ + "Rule4C995B7F", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + }, + "Sid": "AllowEventRuleawsecsintegecsRuleB8841E8B" + } + ], + "Version": "2012-10-17" + }, + "queues": [ + { + "Ref": "MyDeadLetterQueueD997968A" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueuePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.QueuePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, "TaskDef": { "id": "TaskDef", "path": "aws-ecs-integ-ecs/TaskDef", @@ -1517,6 +1596,14 @@ "Ref": "TaskDef54694570" } }, + "deadLetterConfig": { + "arn": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + } + }, "input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}" } ] @@ -1538,6 +1625,42 @@ "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" } + }, + "EcsTest": { + "id": "EcsTest", + "path": "EcsTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "EcsTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "EcsTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "EcsTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.assets.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.assets.json index 64a87a8d44f98..83f19afc0f864 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.assets.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.assets.json @@ -1,7 +1,7 @@ { - "version": "17.0.0", + "version": "20.0.0", "files": { - "f68c909c141898dc9228a20066545eb77eb23a8b9d68b9231c2b2636e53e1832": { + "b1481d24efb56aa5b7c39fd39926bf062d67288f130d5c694a59ca686db1d30a": { "source": { "path": "aws-ecs-integ-fargate.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "f68c909c141898dc9228a20066545eb77eb23a8b9d68b9231c2b2636e53e1832.json", + "objectKey": "b1481d24efb56aa5b7c39fd39926bf062d67288f130d5c694a59ca686db1d30a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.template.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.template.json index 36a74569e58d0..c11b59cd7e961 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.template.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/aws-ecs-integ-fargate.template.json @@ -213,6 +213,50 @@ "EcsCluster97242B84": { "Type": "AWS::ECS::Cluster" }, + "MyDeadLetterQueueD997968A": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "MyDeadLetterQueuePolicyCC35D52C": { + "Type": "AWS::SQS::QueuePolicy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Condition": { + "ArnEquals": { + "aws:SourceArn": { + "Fn::GetAtt": [ + "Rule4C995B7F", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + }, + "Sid": "AllowEventRuleawsecsintegfargateRule16FD584B" + } + ], + "Version": "2012-10-17" + }, + "Queues": [ + { + "Ref": "MyDeadLetterQueueD997968A" + } + ] + } + }, "TaskDefTaskRole1EDB4A67": { "Type": "AWS::IAM::Role", "Properties": { @@ -472,6 +516,14 @@ "Arn" ] }, + "DeadLetterConfig": { + "Arn": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + } + }, "EcsParameters": { "LaunchType": "FARGATE", "NetworkConfiguration": { diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/manifest.json index e887eeb6cf0ee..2b118110e0e93 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -112,6 +112,18 @@ "data": "EcsCluster97242B84" } ], + "/aws-ecs-integ-fargate/MyDeadLetterQueue/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDeadLetterQueueD997968A" + } + ], + "/aws-ecs-integ-fargate/MyDeadLetterQueue/Policy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDeadLetterQueuePolicyCC35D52C" + } + ], "/aws-ecs-integ-fargate/TaskDef/TaskRole/Resource": [ { "type": "aws:cdk:logicalId", @@ -121,10 +133,7 @@ "/aws-ecs-integ-fargate/TaskDef/Resource": [ { "type": "aws:cdk:logicalId", - "data": "TaskDef54694570", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "TaskDef54694570" } ], "/aws-ecs-integ-fargate/TaskDef/TheContainer/LogGroup/Resource": [ diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/tree.json b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/tree.json index 5ac97d51362c0..ce14d7a86be8f 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-fargate-task.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } }, "aws-ecs-integ-fargate": { @@ -395,6 +395,85 @@ "version": "0.0.0" } }, + "MyDeadLetterQueue": { + "id": "MyDeadLetterQueue", + "path": "aws-ecs-integ-fargate/MyDeadLetterQueue", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-fargate/MyDeadLetterQueue/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::Queue", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueue", + "version": "0.0.0" + } + }, + "Policy": { + "id": "Policy", + "path": "aws-ecs-integ-fargate/MyDeadLetterQueue/Policy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-fargate/MyDeadLetterQueue/Policy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SQS::QueuePolicy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Condition": { + "ArnEquals": { + "aws:SourceArn": { + "Fn::GetAtt": [ + "Rule4C995B7F", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + }, + "Sid": "AllowEventRuleawsecsintegfargateRule16FD584B" + } + ], + "Version": "2012-10-17" + }, + "queues": [ + { + "Ref": "MyDeadLetterQueueD997968A" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.CfnQueuePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.QueuePolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-sqs.Queue", + "version": "0.0.0" + } + }, "TaskDef": { "id": "TaskDef", "path": "aws-ecs-integ-fargate/TaskDef", @@ -872,6 +951,14 @@ } } }, + "deadLetterConfig": { + "arn": { + "Fn::GetAtt": [ + "MyDeadLetterQueueD997968A", + "Arn" + ] + } + }, "input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}" } ] diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts index 25b04148016b4..c8c48d8821e0d 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts @@ -4,6 +4,7 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecs from '@aws-cdk/aws-ecs'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; +import * as sqs from '@aws-cdk/aws-sqs'; import { testDeprecated } from '@aws-cdk/cdk-build-tools'; import * as cdk from '@aws-cdk/core'; import * as targets from '../../lib'; @@ -69,6 +70,61 @@ test('Can use EC2 taskdef as EventRule target', () => { }); }); +test('Can use EC2 taskdef as EventRule target with dead letter queue', () => { + // GIVEN + const deadLetterQueue = new sqs.Queue(stack, 'MyDeadLetterQueue'); + const taskDefinition = new ecs.Ec2TaskDefinition(stack, 'TaskDef'); + taskDefinition.addContainer('TheContainer', { + image: ecs.ContainerImage.fromRegistry('henk'), + memoryLimitMiB: 256, + }); + + const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 min)'), + }); + + // WHEN + rule.addTarget(new targets.EcsTask({ + cluster, + taskDefinition, + taskCount: 1, + containerOverrides: [{ + containerName: 'TheContainer', + command: ['echo', events.EventField.fromPath('$.detail.event')], + }], + deadLetterQueue, + })); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Events::Rule', { + Targets: [ + { + Arn: { 'Fn::GetAtt': ['EcsCluster97242B84', 'Arn'] }, + EcsParameters: { + TaskCount: 1, + TaskDefinitionArn: { Ref: 'TaskDef54694570' }, + }, + InputTransformer: { + InputPathsMap: { + 'detail-event': '$.detail.event', + }, + InputTemplate: '{"containerOverrides":[{"name":"TheContainer","command":["echo",]}]}', + }, + RoleArn: { 'Fn::GetAtt': ['TaskDefEventsRoleFB3B67B8', 'Arn'] }, + Id: 'Target0', + DeadLetterConfig: { + Arn: { + 'Fn::GetAtt': [ + 'MyDeadLetterQueueD997968A', + 'Arn', + ], + }, + }, + }, + ], + }); +}); + test('Throws error for lacking of taskRole ' + 'when importing from an EC2 task definition just from a task definition arn as EventRule target', () => { // GIVEN @@ -347,6 +403,81 @@ test('Can use Fargate taskdef as EventRule target', () => { }); }); +test('Can use Fargate taskdef as EventRule target with dead letter queue', () => { + // GIVEN + const deadLetterQueue = new sqs.Queue(stack, 'MyDeadLetterQueue'); + const taskDefinition = new ecs.FargateTaskDefinition(stack, 'TaskDef'); + taskDefinition.addContainer('TheContainer', { + image: ecs.ContainerImage.fromRegistry('henk'), + }); + + const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 min)'), + }); + + // WHEN + const target = new targets.EcsTask({ + cluster, + taskDefinition, + taskCount: 1, + containerOverrides: [{ + containerName: 'TheContainer', + command: ['echo', events.EventField.fromPath('$.detail.event')], + }], + deadLetterQueue, + }); + rule.addTarget(target); + + // THEN + expect(target.securityGroups?.length).toBeGreaterThan(0); // Generated security groups should be accessible. + Template.fromStack(stack).hasResourceProperties('AWS::Events::Rule', { + Targets: [ + { + Arn: { 'Fn::GetAtt': ['EcsCluster97242B84', 'Arn'] }, + EcsParameters: { + TaskCount: 1, + TaskDefinitionArn: { Ref: 'TaskDef54694570' }, + LaunchType: 'FARGATE', + NetworkConfiguration: { + AwsVpcConfiguration: { + Subnets: [ + { + Ref: 'VpcPrivateSubnet1Subnet536B997A', + }, + ], + AssignPublicIp: 'DISABLED', + SecurityGroups: [ + { + 'Fn::GetAtt': [ + 'TaskDefSecurityGroupD50E7CF0', + 'GroupId', + ], + }, + ], + }, + }, + }, + InputTransformer: { + InputPathsMap: { + 'detail-event': '$.detail.event', + }, + InputTemplate: '{"containerOverrides":[{"name":"TheContainer","command":["echo",]}]}', + }, + RoleArn: { 'Fn::GetAtt': ['TaskDefEventsRoleFB3B67B8', 'Arn'] }, + Id: 'Target0', + DeadLetterConfig: { + Arn: { + 'Fn::GetAtt': [ + 'MyDeadLetterQueueD997968A', + 'Arn', + ], + }, + }, + }, + ], + }); +}); + test('Can use same fargate taskdef with multiple rules', () => { // GIVEN const taskDefinition = new ecs.FargateTaskDefinition(stack, 'TaskDef'); diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.ts deleted file mode 100644 index e3369a2a74d28..0000000000000 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.ts +++ /dev/null @@ -1,53 +0,0 @@ -import * as path from 'path'; -import * as ec2 from '@aws-cdk/aws-ec2'; -import * as ecs from '@aws-cdk/aws-ecs'; -import * as events from '@aws-cdk/aws-events'; -import * as cdk from '@aws-cdk/core'; -import * as targets from '../../lib'; - - -const app = new cdk.App(); - -class EventStack extends cdk.Stack { - constructor(scope: cdk.App, id: string) { - super(scope, id); - - const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); - - const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc }); - cluster.addCapacity('DefaultAutoScalingGroup', { - instanceType: new ec2.InstanceType('t2.micro'), - }); - - /// !show - // Create a Task Definition for the container to start - const taskDefinition = new ecs.Ec2TaskDefinition(this, 'TaskDef'); - taskDefinition.addContainer('TheContainer', { - image: ecs.ContainerImage.fromAsset(path.resolve(__dirname, 'eventhandler-image')), - memoryLimitMiB: 256, - logging: new ecs.AwsLogDriver({ streamPrefix: 'EventDemo' }), - }); - - // An Rule that describes the event trigger (in this case a scheduled run) - const rule = new events.Rule(this, 'Rule', { - schedule: events.Schedule.rate(cdk.Duration.minutes(1)), - }); - - // Use EcsTask as the target of the Rule - rule.addTarget(new targets.EcsTask({ - cluster, - taskDefinition, - taskCount: 1, - containerOverrides: [{ - containerName: 'TheContainer', - environment: [ - { name: 'I_WAS_TRIGGERED', value: 'From CloudWatch Events' }, - ], - }], - })); - /// !hide - } -} - -new EventStack(app, 'aws-ecs-integ-ecs'); -app.synth(); diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.ts new file mode 100644 index 0000000000000..f387c57cb7caf --- /dev/null +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.ts @@ -0,0 +1,54 @@ +import * as path from 'path'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as events from '@aws-cdk/aws-events'; +import * as sqs from '@aws-cdk/aws-sqs'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as targets from '../../lib'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-ecs-integ-ecs'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 1 }); + +const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); +cluster.addCapacity('DefaultAutoScalingGroup', { + instanceType: new ec2.InstanceType('t2.micro'), +}); + +const deadLetterQueue = new sqs.Queue(stack, 'MyDeadLetterQueue'); + +// Create a Task Definition for the container to start +const taskDefinition = new ecs.Ec2TaskDefinition(stack, 'TaskDef'); +taskDefinition.addContainer('TheContainer', { + image: ecs.ContainerImage.fromAsset(path.resolve(__dirname, 'eventhandler-image')), + memoryLimitMiB: 256, + logging: new ecs.AwsLogDriver({ streamPrefix: 'EventDemo' }), +}); + +// An Rule that describes the event trigger (in this case a scheduled run) +const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.rate(cdk.Duration.minutes(1)), +}); + +// Use EcsTask as the target of the Rule +rule.addTarget(new targets.EcsTask({ + cluster, + taskDefinition, + taskCount: 1, + containerOverrides: [{ + containerName: 'TheContainer', + environment: [ + { name: 'I_WAS_TRIGGERED', value: 'From CloudWatch Events' }, + ], + }], + deadLetterQueue, +})); + +new integ.IntegTest(app, 'EcsTest', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.ts index effa1162fb802..c1f0c9b93aa0f 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.ts +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.ts @@ -2,48 +2,49 @@ import * as path from 'path'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecs from '@aws-cdk/aws-ecs'; import * as events from '@aws-cdk/aws-events'; +import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; import * as targets from '../../lib'; - const app = new cdk.App(); -class EventStack extends cdk.Stack { - constructor(scope: cdk.App, id: string) { - super(scope, id); - - const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); - - const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc }); - - /// !show - // Create a Task Definition for the container to start - const taskDefinition = new ecs.FargateTaskDefinition(this, 'TaskDef'); - taskDefinition.addContainer('TheContainer', { - image: ecs.ContainerImage.fromAsset(path.resolve(__dirname, 'eventhandler-image')), - logging: new ecs.AwsLogDriver({ streamPrefix: 'EventDemo' }), - }); - - // A rule that describes the event trigger (in this case a scheduled run) - const rule = new events.Rule(this, 'Rule', { - schedule: events.Schedule.rate(cdk.Duration.minutes(1)), - }); - - // Use EcsTask as the target of the Rule - rule.addTarget(new targets.EcsTask({ - cluster, - taskDefinition, - taskCount: 1, - containerOverrides: [{ - containerName: 'TheContainer', - environment: [ - { name: 'I_WAS_TRIGGERED', value: 'From CloudWatch Events' }, - ], - }], - })); - /// !hide - } -} - -new EventStack(app, 'aws-ecs-integ-fargate'); +const stack = new cdk.Stack(app, 'aws-ecs-integ-fargate'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 1 }); + +const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); + +const deadLetterQueue = new sqs.Queue(stack, 'MyDeadLetterQueue'); + +// Create a Task Definition for the container to start +const taskDefinition = new ecs.FargateTaskDefinition(stack, 'TaskDef'); +taskDefinition.addContainer('TheContainer', { + image: ecs.ContainerImage.fromAsset(path.resolve(__dirname, 'eventhandler-image')), + logging: new ecs.AwsLogDriver({ streamPrefix: 'EventDemo' }), +}); + +// A rule that describes the event trigger (in this case a scheduled run) +const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.rate(cdk.Duration.minutes(1)), +}); + +// Use EcsTask as the target of the Rule +rule.addTarget(new targets.EcsTask({ + cluster, + taskDefinition, + taskCount: 1, + containerOverrides: [{ + containerName: 'TheContainer', + environment: [ + { name: 'I_WAS_TRIGGERED', value: 'From CloudWatch Events' }, + ], + }], + deadLetterQueue, +})); + +new integ.IntegTest(app, 'EcsFargateTest', { + testCases: [stack], +}); + app.synth(); diff --git a/packages/@aws-cdk/aws-events/lib/archive.ts b/packages/@aws-cdk/aws-events/lib/archive.ts index b4710cc3c7fb8..95d1e72ac2e11 100644 --- a/packages/@aws-cdk/aws-events/lib/archive.ts +++ b/packages/@aws-cdk/aws-events/lib/archive.ts @@ -74,5 +74,6 @@ export class Archive extends Resource { this.archiveArn = archive.attrArn; this.archiveName = archive.attrArchiveName; + this.node.defaultChild = archive; } } diff --git a/packages/@aws-cdk/aws-events/package.json b/packages/@aws-cdk/aws-events/package.json index daceb1f27e8fb..d1d4acefa688b 100644 --- a/packages/@aws-cdk/aws-events/package.json +++ b/packages/@aws-cdk/aws-events/package.json @@ -85,6 +85,8 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", + "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", "jest": "^27.5.1" diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.assets.json b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.assets.json similarity index 66% rename from packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.assets.json rename to packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.assets.json index 0744c7939dd0f..b2decb971c4a3 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/application-load-balanced-ecs-service.integ.snapshot/aws-ecs-integ.assets.json +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.assets.json @@ -1,15 +1,15 @@ { "version": "20.0.0", "files": { - "14bdb67f7676296b9bdb5b121f8aa237cf8df54278388a53a755ffd368499b9b": { + "c328ab321c3d5fd5f5a82abed4520136f53bd07785ecd2a382c66fc17090bb0d": { "source": { - "path": "aws-ecs-integ.template.json", + "path": "IntegStack.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "14bdb67f7676296b9bdb5b121f8aa237cf8df54278388a53a755ffd368499b9b.json", + "objectKey": "c328ab321c3d5fd5f5a82abed4520136f53bd07785ecd2a382c66fc17090bb0d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.template.json b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.template.json new file mode 100644 index 0000000000000..3597ce864ba57 --- /dev/null +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/IntegStack.template.json @@ -0,0 +1,29 @@ +{ + "Resources": { + "EventBridgeF6D0CF9D": { + "Type": "AWS::Events::EventBus", + "Properties": { + "Name": "IntegStackEventBridgeF828A2C9" + } + }, + "MyCustomArchive": { + "Type": "AWS::Events::Archive", + "Properties": { + "SourceArn": { + "Fn::GetAtt": [ + "EventBridgeF6D0CF9D", + "Arn" + ] + }, + "EventPattern": { + "account": [ + { + "Ref": "AWS::AccountId" + } + ] + }, + "RetentionDays": 0 + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/integ.json b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/integ.json similarity index 75% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/integ.json rename to packages/@aws-cdk/aws-events/test/archive.integ.snapshot/integ.json index 91861c41180e2..61f733fb5e8db 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/integ.json +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/integ.json @@ -1,9 +1,9 @@ { "version": "20.0.0", "testCases": { - "integ.event-ec2-task.lit": { + "integ.archive": { "stacks": [ - "aws-ecs-integ-ecs" + "IntegStack" ], "diffAssets": false, "stackUpdateWorkflow": true diff --git a/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..7d8745565413e --- /dev/null +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/manifest.json @@ -0,0 +1,43 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "IntegStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegStack.template.json", + "validateOnSynth": false + }, + "metadata": { + "/IntegStack/EventBridge/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EventBridgeF6D0CF9D" + } + ], + "/IntegStack/Archive/Archive": [ + { + "type": "aws:cdk:logicalId", + "data": "MyCustomArchive" + } + ], + "Archive4DBC1EC9": [ + { + "type": "aws:cdk:logicalId", + "data": "Archive4DBC1EC9", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ] + }, + "displayName": "IntegStack" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/tree.json b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/tree.json new file mode 100644 index 0000000000000..f4aa900c9ece9 --- /dev/null +++ b/packages/@aws-cdk/aws-events/test/archive.integ.snapshot/tree.json @@ -0,0 +1,92 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "IntegStack": { + "id": "IntegStack", + "path": "IntegStack", + "children": { + "EventBridge": { + "id": "EventBridge", + "path": "IntegStack/EventBridge", + "children": { + "Resource": { + "id": "Resource", + "path": "IntegStack/EventBridge/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Events::EventBus", + "aws:cdk:cloudformation:props": { + "name": "IntegStackEventBridgeF828A2C9" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-events.CfnEventBus", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-events.EventBus", + "version": "0.0.0" + } + }, + "Archive": { + "id": "Archive", + "path": "IntegStack/Archive", + "children": { + "Archive": { + "id": "Archive", + "path": "IntegStack/Archive/Archive", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Events::Archive", + "aws:cdk:cloudformation:props": { + "sourceArn": { + "Fn::GetAtt": [ + "EventBridgeF6D0CF9D", + "Arn" + ] + }, + "eventPattern": { + "account": [ + { + "Ref": "AWS::AccountId" + } + ] + }, + "retentionDays": 0 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-events.CfnArchive", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-events.Archive", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events/test/archive.test.ts b/packages/@aws-cdk/aws-events/test/archive.test.ts index 8119961738cf1..595a845af60c0 100644 --- a/packages/@aws-cdk/aws-events/test/archive.test.ts +++ b/packages/@aws-cdk/aws-events/test/archive.test.ts @@ -77,4 +77,20 @@ describe('archive', () => { }, }); }); + + test('should have defined defaultChild', () => { + const stack = new Stack(); + + const eventBus = new EventBus(stack, 'Bus'); + + const archive = new Archive(stack, 'Archive', { + sourceEventBus: eventBus, + eventPattern: { + account: [stack.account], + }, + retention: Duration.days(10), + }); + + expect(archive.node.defaultChild).toBe(archive.node.findChild('Archive')); + }); }); diff --git a/packages/@aws-cdk/aws-events/test/integ.archive.ts b/packages/@aws-cdk/aws-events/test/integ.archive.ts new file mode 100644 index 0000000000000..b9a47ba6fafe6 --- /dev/null +++ b/packages/@aws-cdk/aws-events/test/integ.archive.ts @@ -0,0 +1,23 @@ +import { App, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { Archive, CfnArchive, EventBus } from '../lib'; + +const app = new App(); + +const stack = new Stack(app, 'IntegStack'); + +const eventBus = new EventBus(stack, 'EventBridge'); + +const archive = new Archive(stack, 'Archive', { + sourceEventBus: eventBus, + eventPattern: { + account: [stack.account], + }, +}); +(archive.node.defaultChild as CfnArchive).overrideLogicalId('MyCustomArchive'); + +new IntegTest(app, 'ArchiveTest', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-fsx/README.md b/packages/@aws-cdk/aws-fsx/README.md index 50fbad1d10a42..f94150dcf4775 100644 --- a/packages/@aws-cdk/aws-fsx/README.md +++ b/packages/@aws-cdk/aws-fsx/README.md @@ -190,6 +190,20 @@ const fs = new fsx.LustreFileSystem(this, "FsxLustreFileSystem", { }); ``` +### Compression + +By default, transparent compression of data within FSx for Lustre is switched off. To enable it, add the following to your `lustreConfiguration`: + +```ts +const lustreConfiguration = { + // ... + dataCompressionType: fsx.LustreDataCompressionType.LZ4, + // ... +} +``` + +When you turn data compression on for an existing file system, only newly written files are compressed. Existing files are not compressed. For more information, see [Compressing previously written files](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html#migrate-compression).``` + ## FSx for Windows File Server The L2 construct for the FSx for Windows File Server has not yet been implemented. To instantiate an FSx for Windows diff --git a/packages/@aws-cdk/aws-fsx/lib/lustre-file-system.ts b/packages/@aws-cdk/aws-fsx/lib/lustre-file-system.ts index b8dd31abd1f7b..72b100acdb581 100644 --- a/packages/@aws-cdk/aws-fsx/lib/lustre-file-system.ts +++ b/packages/@aws-cdk/aws-fsx/lib/lustre-file-system.ts @@ -50,6 +50,21 @@ export enum LustreAutoImportPolicy { NEW_CHANGED_DELETED = 'NEW_CHANGED_DELETED', } +/** + * The permitted Lustre data compression algorithms +*/ +export enum LustreDataCompressionType { + /** + * + * `NONE` - (Default) Data compression is turned off when the file system is created. + */ + NONE = 'NONE', + /** + * `LZ4` - Data compression is turned on with the LZ4 algorithm. Note: When you turn data compression on for an existing file system, only newly written files are compressed. Existing files are not compressed. + */ + LZ4 = 'LZ4', +} + /** * The configuration for the Amazon FSx for Lustre file system. * @@ -102,6 +117,16 @@ export interface LustreConfiguration { */ readonly autoImportPolicy?: LustreAutoImportPolicy; + /** + * Sets the data compression configuration for the file system. + * For more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* . + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fsx-filesystem-lustreconfiguration.html#cfn-fsx-filesystem-lustreconfiguration-datacompressiontype + * @default - no compression + */ + + readonly dataCompressionType?: LustreDataCompressionType; + /** * Required for the PERSISTENT_1 deployment type, describes the amount of read and write throughput for each 1 * tebibyte of storage, in MB/s/TiB. Valid values are 50, 100, 200. diff --git a/packages/@aws-cdk/aws-fsx/test/integ.lustre-file-system.ts b/packages/@aws-cdk/aws-fsx/test/integ.lustre-file-system.ts index 5202df62b2d08..c0f0e560146a9 100644 --- a/packages/@aws-cdk/aws-fsx/test/integ.lustre-file-system.ts +++ b/packages/@aws-cdk/aws-fsx/test/integ.lustre-file-system.ts @@ -1,6 +1,6 @@ import { AmazonLinuxGeneration, AmazonLinuxImage, Instance, InstanceClass, InstanceSize, InstanceType, SubnetType, Vpc } from '@aws-cdk/aws-ec2'; import { App, RemovalPolicy, Stack } from '@aws-cdk/core'; -import { LustreDeploymentType, LustreFileSystem } from '../lib'; +import { LustreDeploymentType, LustreFileSystem, LustreDataCompressionType } from '../lib'; const app = new App(); @@ -11,6 +11,7 @@ const vpc = new Vpc(stack, 'VPC'); const storageCapacity = 1200; const lustreConfiguration = { deploymentType: LustreDeploymentType.SCRATCH_2, + dataCompressionType: LustreDataCompressionType.LZ4, }; const fs = new LustreFileSystem(stack, 'FsxLustreFileSystem', { lustreConfiguration, diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/aws-ecs-integ-lb-fargate.assets.json b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.assets.json similarity index 65% rename from packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/aws-ecs-integ-lb-fargate.assets.json rename to packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.assets.json index 22dfaabfccefd..d8f6a2ce43279 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/l3-capacity-provider-strategies.integ.snapshot/aws-ecs-integ-lb-fargate.assets.json +++ b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.assets.json @@ -1,15 +1,15 @@ { "version": "20.0.0", "files": { - "13516b59b60d6e751339d97de677f580e59df6a814e62325fc725c5becb7b15d": { + "06adf1bf5fb38407db9062bf544139638b8c6ac84c58a3f741f5730bba7509a2": { "source": { - "path": "aws-ecs-integ-lb-fargate.template.json", + "path": "AwsCdkFsxLustre.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "13516b59b60d6e751339d97de677f580e59df6a814e62325fc725c5becb7b15d.json", + "objectKey": "06adf1bf5fb38407db9062bf544139638b8c6ac84c58a3f741f5730bba7509a2.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.template.json b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.template.json index b77c823cc3297..74f9e08f2f353 100644 --- a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.template.json +++ b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/AwsCdkFsxLustre.template.json @@ -451,6 +451,7 @@ } ], "LustreConfiguration": { + "DataCompressionType": "LZ4", "DeploymentType": "SCRATCH_2" }, "SecurityGroupIds": [ diff --git a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/manifest.json index fde496be013b9..1f7984aeadbb7 100644 --- a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", diff --git a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts index c48720cbd1afd..2bec0b74bfd00 100644 --- a/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts +++ b/packages/@aws-cdk/aws-fsx/test/lustre-file-system.test.ts @@ -3,7 +3,7 @@ import { Template } from '@aws-cdk/assertions'; import { ISubnet, Port, SecurityGroup, Subnet, Vpc } from '@aws-cdk/aws-ec2'; import { Key } from '@aws-cdk/aws-kms'; import { Aws, Stack, Token } from '@aws-cdk/core'; -import { LustreConfiguration, LustreDeploymentType, LustreAutoImportPolicy, LustreFileSystem, LustreMaintenanceTime, Weekday } from '../lib'; +import { LustreConfiguration, LustreDeploymentType, LustreAutoImportPolicy, LustreFileSystem, LustreMaintenanceTime, Weekday, LustreDataCompressionType } from '../lib'; describe('FSx for Lustre File System', () => { let lustreConfiguration: LustreConfiguration; @@ -479,6 +479,29 @@ describe('FSx for Lustre File System', () => { }); }); + describe('DataCompressionType', () => { + test('dataCompressionType enabled', () => { + lustreConfiguration = { + deploymentType: LustreDeploymentType.SCRATCH_2, + dataCompressionType: LustreDataCompressionType.LZ4, + }; + + new LustreFileSystem(stack, 'FsxFileSystem', { + lustreConfiguration, + storageCapacityGiB: storageCapacity, + vpc, + vpcSubnet, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::FSx::FileSystem', { + LustreConfiguration: { + DeploymentType: LustreDeploymentType.SCRATCH_2, + DataCompressionType: LustreDataCompressionType.LZ4, + }, + }); + }); + }); + describe('perUnitStorageThroughput', () => { test.each([ 50, diff --git a/packages/@aws-cdk/aws-iot-actions/README.md b/packages/@aws-cdk/aws-iot-actions/README.md index 088fda5f3e5b8..2572003a0fab7 100644 --- a/packages/@aws-cdk/aws-iot-actions/README.md +++ b/packages/@aws-cdk/aws-iot-actions/README.md @@ -31,6 +31,7 @@ Currently supported are: - Put records to Kinesis Data Firehose stream - Send messages to SQS queues - Publish messages on SNS topics +- Write messages into columns of DynamoDB ## Republish a message to another MQTT topic @@ -278,3 +279,23 @@ const topicRule = new iot.TopicRule(this, 'TopicRule', { ], }); ``` + +## Write attributes of a message to DynamoDB + +The code snippet below creates an AWS IoT rule that writes all or part of an +MQTT message to DynamoDB using the DynamoDBv2 action. + +```ts +import * as dynamodb from '@aws-cdk/aws-dynamodb'; + +declare const table: dynamodb.Table; + +const topicRule = new iot.TopicRule(this, 'TopicRule', { + sql: iot.IotSql.fromStringAsVer20160323( + "SELECT * FROM 'device/+/data'", + ), + actions: [ + new actions.DynamoDBv2PutItemAction(table) + ], +}); +``` diff --git a/packages/@aws-cdk/aws-iot-actions/lib/dynamodbv2-put-item-action.ts b/packages/@aws-cdk/aws-iot-actions/lib/dynamodbv2-put-item-action.ts new file mode 100644 index 0000000000000..606ad3f0036f0 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/lib/dynamodbv2-put-item-action.ts @@ -0,0 +1,44 @@ +import * as dynamodb from '@aws-cdk/aws-dynamodb'; +import * as iam from '@aws-cdk/aws-iam'; +import * as iot from '@aws-cdk/aws-iot'; +import { CommonActionProps } from './common-action-props'; +import { singletonActionRole } from './private/role'; + +/** + * Configuration properties of an action for the dynamodb table. + */ +export interface DynamoDBv2PutItemActionProps extends CommonActionProps { +} + +/** + * The action to put the record from an MQTT message to the DynamoDB table. + */ +export class DynamoDBv2PutItemAction implements iot.IAction { + private readonly role?: iam.IRole; + + /** + * @param table the DynamoDB table in which to put the items. + * @param props Optional properties to not use default + */ + constructor(private readonly table: dynamodb.ITable, props: DynamoDBv2PutItemActionProps = {}) { + this.role = props.role; + } + + bind(rule: iot.ITopicRule): iot.ActionConfig { + const role = this.role ?? singletonActionRole(rule); + role.addToPrincipalPolicy(new iam.PolicyStatement({ + actions: ['dynamodb:PutItem'], + resources: [this.table.tableArn], + })); + return { + configuration: { + dynamoDBv2: { + putItem: { + tableName: this.table.tableName, + }, + roleArn: role.roleArn, + }, + }, + }; + } +} diff --git a/packages/@aws-cdk/aws-iot-actions/lib/index.ts b/packages/@aws-cdk/aws-iot-actions/lib/index.ts index 5c214f4143309..91dd24ac32cd1 100644 --- a/packages/@aws-cdk/aws-iot-actions/lib/index.ts +++ b/packages/@aws-cdk/aws-iot-actions/lib/index.ts @@ -2,6 +2,7 @@ export * from './cloudwatch-logs-action'; export * from './cloudwatch-put-metric-action'; export * from './cloudwatch-set-alarm-state-action'; export * from './common-action-props'; +export * from './dynamodbv2-put-item-action'; export * from './firehose-put-record-action'; export * from './iot-republish-action'; export * from './kinesis-put-record-action'; diff --git a/packages/@aws-cdk/aws-iot-actions/package-lock.json b/packages/@aws-cdk/aws-iot-actions/package-lock.json new file mode 100644 index 0000000000000..094a8191aafc5 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/package-lock.json @@ -0,0 +1,173 @@ +{ + "name": "@aws-cdk/aws-iot-actions", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@aws-cdk/cloud-assembly-schema": { + "version": "1.166.1", + "resolved": "https://registry.npmjs.org/@aws-cdk/cloud-assembly-schema/-/cloud-assembly-schema-1.166.1.tgz", + "integrity": "sha512-QL8IKpaUngtqQipLO6/7uvbR7HE8CTr2z3JLKcLjofountigs6l4VdL8wR6XMbzZ18DaOJ6iLWHGpbT4BBoHPg==", + "requires": { + "jsonschema": "^1.4.1", + "semver": "^7.3.7" + }, + "dependencies": { + "jsonschema": { + "version": "1.4.1", + "bundled": true + }, + "lru-cache": { + "version": "6.0.0", + "bundled": true, + "requires": { + "yallist": "^4.0.0" + } + }, + "semver": { + "version": "7.3.7", + "bundled": true, + "requires": { + "lru-cache": "^6.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "bundled": true + } + } + }, + "@aws-cdk/cx-api": { + "version": "1.166.1", + "resolved": "https://registry.npmjs.org/@aws-cdk/cx-api/-/cx-api-1.166.1.tgz", + "integrity": "sha512-cCsRe8wRGVhGaKFcW2l4b2LInzc9FeDsoaRTRreT3I+MxYyCAYlwWmx0RYoLg6r5eq6TD9PLAbOcCC6Y46CZ1g==", + "requires": { + "@aws-cdk/cloud-assembly-schema": "1.166.1", + "semver": "^7.3.7" + }, + "dependencies": { + "lru-cache": { + "version": "6.0.0", + "bundled": true, + "requires": { + "yallist": "^4.0.0" + } + }, + "semver": { + "version": "7.3.7", + "bundled": true, + "requires": { + "lru-cache": "^6.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "bundled": true + } + } + }, + "@aws-cdk/integ-tests": { + "version": "1.166.1", + "resolved": "https://registry.npmjs.org/@aws-cdk/integ-tests/-/integ-tests-1.166.1.tgz", + "integrity": "sha512-x+KHKQDjKYbqTEUnTcbQa7Ubqu25N3/6PTeXpYs2staBB0HQPySjwbY87I6Lxpi1AexlJb+YhwfBofC7B/qoBQ==", + "requires": { + "@aws-cdk/cloud-assembly-schema": "1.166.1", + "@aws-cdk/core": "1.166.1", + "constructs": "^3.3.69" + }, + "dependencies": { + "@aws-cdk/core": { + "version": "1.166.1", + "resolved": "https://registry.npmjs.org/@aws-cdk/core/-/core-1.166.1.tgz", + "integrity": "sha512-C0xNgePI1o6+RJqiXSG3RgiQu7q9uKf56QxeRgvCLsgDDrS/DBZFe7erAC/cO6R7mxhqyOOIWJSHuCdUWPmkqg==", + "requires": { + "@aws-cdk/cloud-assembly-schema": "1.166.1", + "@aws-cdk/cx-api": "1.166.1", + "@aws-cdk/region-info": "1.166.1", + "@balena/dockerignore": "^1.0.2", + "constructs": "^3.3.69", + "fs-extra": "^9.1.0", + "ignore": "^5.2.0", + "minimatch": "^3.1.2" + }, + "dependencies": { + "@balena/dockerignore": { + "version": "1.0.2", + "bundled": true + }, + "at-least-node": { + "version": "1.0.0", + "bundled": true + }, + "balanced-match": { + "version": "1.0.2", + "bundled": true + }, + "brace-expansion": { + "version": "1.1.11", + "bundled": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "concat-map": { + "version": "0.0.1", + "bundled": true + }, + "fs-extra": { + "version": "9.1.0", + "bundled": true, + "requires": { + "at-least-node": "^1.0.0", + "graceful-fs": "^4.2.0", + "jsonfile": "^6.0.1", + "universalify": "^2.0.0" + } + }, + "graceful-fs": { + "version": "4.2.10", + "bundled": true + }, + "ignore": { + "version": "5.2.0", + "bundled": true + }, + "jsonfile": { + "version": "6.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.6", + "universalify": "^2.0.0" + } + }, + "minimatch": { + "version": "3.1.2", + "bundled": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "universalify": { + "version": "2.0.0", + "bundled": true + } + } + }, + "constructs": { + "version": "3.4.57", + "resolved": "https://registry.npmjs.org/constructs/-/constructs-3.4.57.tgz", + "integrity": "sha512-jQyF6jFUJFqew13gDMZ9G8TkgFIJ7jMIG56FX9i3j/4pfGHrT+zwu6C95uuFIrBveC2RctxuDup23xBzs/XgUA==" + } + } + }, + "@aws-cdk/region-info": { + "version": "1.166.1", + "resolved": "https://registry.npmjs.org/@aws-cdk/region-info/-/region-info-1.166.1.tgz", + "integrity": "sha512-yxjMjXNhG+Iqo04P1U0JNBGeR3kfDe3Ecc72ywuxi+QH/bhCEGnf+783BjYqXHWh4olTwZbMYQ/BcsOO0Dchkw==" + }, + "case": { + "version": "1.6.3" + } + } +} diff --git a/packages/@aws-cdk/aws-iot-actions/package.json b/packages/@aws-cdk/aws-iot-actions/package.json index 769fa94121569..44b052ec6db66 100644 --- a/packages/@aws-cdk/aws-iot-actions/package.json +++ b/packages/@aws-cdk/aws-iot-actions/package.json @@ -81,6 +81,7 @@ "@aws-cdk/aws-kinesisfirehose-destinations": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", "jest": "^27.5.1", @@ -88,6 +89,7 @@ }, "dependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-dynamodb": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-iot": "0.0.0", "@aws-cdk/aws-kinesis": "0.0.0", @@ -104,6 +106,7 @@ "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-dynamodb": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-iot": "0.0.0", "@aws-cdk/aws-kinesis": "0.0.0", diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/dynamodbv2integtestDefaultTestDeployAssertEF9A9A37.template.json b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/dynamodbv2integtestDefaultTestDeployAssertEF9A9A37.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/dynamodbv2integtestDefaultTestDeployAssertEF9A9A37.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/integ.json b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/integ.json new file mode 100644 index 0000000000000..c30fa81cf3bd9 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "dynamodbv2-integtest/DefaultTest": { + "stacks": [ + "test-dynamodbv2-put-item-action-stack" + ], + "assertionStack": "dynamodbv2integtestDefaultTestDeployAssertEF9A9A37" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..50a2778c1a195 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/manifest.json @@ -0,0 +1,63 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "test-dynamodbv2-put-item-action-stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "test-dynamodbv2-put-item-action-stack.template.json", + "validateOnSynth": false + }, + "metadata": { + "/test-dynamodbv2-put-item-action-stack/TopicRule/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TopicRule40A4EA44" + } + ], + "/test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TopicRuleTopicRuleActionRole246C4F77" + } + ], + "/test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687" + } + ], + "/test-dynamodbv2-put-item-action-stack/MyTable": [ + { + "type": "aws:cdk:hasPhysicalName", + "data": { + "Ref": "MyTable794EDED1" + } + } + ], + "/test-dynamodbv2-put-item-action-stack/MyTable/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyTable794EDED1" + } + ] + }, + "displayName": "test-dynamodbv2-put-item-action-stack" + }, + "dynamodbv2integtestDefaultTestDeployAssertEF9A9A37": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "dynamodbv2integtestDefaultTestDeployAssertEF9A9A37.template.json", + "validateOnSynth": false + }, + "displayName": "dynamodbv2-integtest/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/test-dynamodbv2-put-item-action-stack.template.json b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/test-dynamodbv2-put-item-action-stack.template.json new file mode 100644 index 0000000000000..d7fa86d112450 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/test-dynamodbv2-put-item-action-stack.template.json @@ -0,0 +1,105 @@ +{ + "Resources": { + "TopicRule40A4EA44": { + "Type": "AWS::IoT::TopicRule", + "Properties": { + "TopicRulePayload": { + "Actions": [ + { + "DynamoDBv2": { + "PutItem": { + "TableName": { + "Ref": "MyTable794EDED1" + } + }, + "RoleArn": { + "Fn::GetAtt": [ + "TopicRuleTopicRuleActionRole246C4F77", + "Arn" + ] + } + } + } + ], + "AwsIotSqlVersion": "2016-03-23", + "Sql": "SELECT * FROM 'device/+/data'" + } + } + }, + "TopicRuleTopicRuleActionRole246C4F77": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "dynamodb:PutItem", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyTable794EDED1", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687", + "Roles": [ + { + "Ref": "TopicRuleTopicRuleActionRole246C4F77" + } + ] + } + }, + "MyTable794EDED1": { + "Type": "AWS::DynamoDB::Table", + "Properties": { + "KeySchema": [ + { + "AttributeName": "hashKey", + "KeyType": "HASH" + }, + { + "AttributeName": "sortKey", + "KeyType": "RANGE" + } + ], + "AttributeDefinitions": [ + { + "AttributeName": "hashKey", + "AttributeType": "S" + }, + { + "AttributeName": "sortKey", + "AttributeType": "N" + } + ], + "ProvisionedThroughput": { + "ReadCapacityUnits": 1, + "WriteCapacityUnits": 1 + }, + "TableName": "MyTable" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/tree.json b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/tree.json new file mode 100644 index 0000000000000..995b3a6a9f21f --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.integ.snapshot/tree.json @@ -0,0 +1,246 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "test-dynamodbv2-put-item-action-stack": { + "id": "test-dynamodbv2-put-item-action-stack", + "path": "test-dynamodbv2-put-item-action-stack", + "children": { + "TopicRule": { + "id": "TopicRule", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule", + "children": { + "Resource": { + "id": "Resource", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IoT::TopicRule", + "aws:cdk:cloudformation:props": { + "topicRulePayload": { + "actions": [ + { + "dynamoDBv2": { + "putItem": { + "tableName": { + "Ref": "MyTable794EDED1" + } + }, + "roleArn": { + "Fn::GetAtt": [ + "TopicRuleTopicRuleActionRole246C4F77", + "Arn" + ] + } + } + } + ], + "awsIotSqlVersion": "2016-03-23", + "sql": "SELECT * FROM 'device/+/data'" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iot.CfnTopicRule", + "version": "0.0.0" + } + }, + "TopicRuleActionRole": { + "id": "TopicRuleActionRole", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole", + "children": { + "Resource": { + "id": "Resource", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "test-dynamodbv2-put-item-action-stack/TopicRule/TopicRuleActionRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "dynamodb:PutItem", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyTable794EDED1", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687", + "roles": [ + { + "Ref": "TopicRuleTopicRuleActionRole246C4F77" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iot.TopicRule", + "version": "0.0.0" + } + }, + "MyTable": { + "id": "MyTable", + "path": "test-dynamodbv2-put-item-action-stack/MyTable", + "children": { + "Resource": { + "id": "Resource", + "path": "test-dynamodbv2-put-item-action-stack/MyTable/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::DynamoDB::Table", + "aws:cdk:cloudformation:props": { + "keySchema": [ + { + "attributeName": "hashKey", + "keyType": "HASH" + }, + { + "attributeName": "sortKey", + "keyType": "RANGE" + } + ], + "attributeDefinitions": [ + { + "attributeName": "hashKey", + "attributeType": "S" + }, + { + "attributeName": "sortKey", + "attributeType": "N" + } + ], + "provisionedThroughput": { + "readCapacityUnits": 1, + "writeCapacityUnits": 1 + }, + "tableName": "MyTable" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-dynamodb.CfnTable", + "version": "0.0.0" + } + }, + "ScalingRole": { + "id": "ScalingRole", + "path": "test-dynamodbv2-put-item-action-stack/MyTable/ScalingRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-dynamodb.Table", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "dynamodbv2-integtest": { + "id": "dynamodbv2-integtest", + "path": "dynamodbv2-integtest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "dynamodbv2-integtest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "dynamodbv2-integtest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "dynamodbv2-integtest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.test.ts b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.test.ts new file mode 100644 index 0000000000000..f4ddf926ed6f5 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/dynamodbv2-put-item-action.test.ts @@ -0,0 +1,96 @@ +import { Template, Match } from '@aws-cdk/assertions'; +import * as dynamodb from '@aws-cdk/aws-dynamodb'; +import * as iam from '@aws-cdk/aws-iam'; +import * as iot from '@aws-cdk/aws-iot'; +import * as cdk from '@aws-cdk/core'; +import * as actions from '../../lib'; + +test('Default dynamoDBv2 action', () => { + // GIVEN + const stack = new cdk.Stack(); + const topicRule = new iot.TopicRule(stack, 'MyTopicRule', { + sql: iot.IotSql.fromStringAsVer20160323("SELECT topic(2) as device_id FROM 'device/+/data'"), + }); + const table = dynamodb.Table.fromTableArn(stack, 'MyTable', 'arn:aws:dynamodb:xx-west-1:111122223333:table/my-table'); + + // WHEN + topicRule.addAction(new actions.DynamoDBv2PutItemAction(table)); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IoT::TopicRule', { + TopicRulePayload: { + Actions: [ + { + DynamoDBv2: { + PutItem: { + TableName: 'my-table', + }, + RoleArn: { + 'Fn::GetAtt': ['MyTopicRuleTopicRuleActionRoleCE2D05DA', 'Arn'], + }, + }, + }, + ], + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'iot.amazonaws.com', + }, + }, + ], + Version: '2012-10-17', + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 'dynamodb:PutItem', + Effect: 'Allow', + Resource: 'arn:aws:dynamodb:xx-west-1:111122223333:table/my-table', + }, + ], + Version: '2012-10-17', + }, + PolicyName: 'MyTopicRuleTopicRuleActionRoleDefaultPolicy54A701F7', + Roles: [ + { Ref: 'MyTopicRuleTopicRuleActionRoleCE2D05DA' }, + ], + }); +}); + + +test('can set role', () => { + // GIVEN + const stack = new cdk.Stack(); + const topicRule = new iot.TopicRule(stack, 'MyTopicRule', { + sql: iot.IotSql.fromStringAsVer20160323("SELECT topic(2) as device_id FROM 'device/+/data'"), + }); + const table = dynamodb.Table.fromTableArn(stack, 'MyTable', 'arn:aws:dynamodb:xx-west-1:111122223333:table/my-table'); + const role = iam.Role.fromRoleArn(stack, 'MyRole', 'arn:aws:iam::123456789012:role/ForTest'); + + // WHEN + topicRule.addAction(new actions.DynamoDBv2PutItemAction(table, { role })); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IoT::TopicRule', { + TopicRulePayload: { + Actions: [ + Match.objectLike({ DynamoDBv2: { RoleArn: 'arn:aws:iam::123456789012:role/ForTest' } }), + ], + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyName: 'MyRolePolicy64AB00A5', + Roles: ['ForTest'], + }); +}); diff --git a/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/integ.dynamodbv2-put-item-action.ts b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/integ.dynamodbv2-put-item-action.ts new file mode 100644 index 0000000000000..1dc0e7c2eb509 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-actions/test/dynamodbv2/integ.dynamodbv2-put-item-action.ts @@ -0,0 +1,41 @@ +import * as dynamodb from '@aws-cdk/aws-dynamodb'; +import * as iot from '@aws-cdk/aws-iot'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as actions from '../../lib'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'test-dynamodbv2-put-item-action-stack'); + +const topicRule = new iot.TopicRule(stack, 'TopicRule', { + sql: iot.IotSql.fromStringAsVer20160323( + "SELECT * FROM 'device/+/data'", + ), +}); + +const tablePartitionKey: dynamodb.Attribute = { + name: 'hashKey', + type: dynamodb.AttributeType.STRING, +}; + +const tableSortKey: dynamodb.Attribute = { + name: 'sortKey', + type: dynamodb.AttributeType.NUMBER, +}; + +const table = new dynamodb.Table(stack, 'MyTable', { + tableName: 'MyTable', + readCapacity: 1, + writeCapacity: 1, + partitionKey: tablePartitionKey, + sortKey: tableSortKey, + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); + +topicRule.addAction(new actions.DynamoDBv2PutItemAction(table)); + +new integ.IntegTest(app, 'dynamodbv2-integtest', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-iotevents-actions/README.md b/packages/@aws-cdk/aws-iotevents-actions/README.md index 486ddd8124c34..c4c9eaa13d96d 100644 --- a/packages/@aws-cdk/aws-iotevents-actions/README.md +++ b/packages/@aws-cdk/aws-iotevents-actions/README.md @@ -24,9 +24,78 @@ AWS IoT Events can trigger actions when it detects a specified event or transiti Currently supported are: +- Use timer - Set variable to detector instanse - Invoke a Lambda function +## Use timer + +The code snippet below creates an Action that creates the timer with duration in seconds. + +```ts +import * as iotevents from '@aws-cdk/aws-iotevents'; +import * as actions from '@aws-cdk/aws-iotevents-actions'; + +declare const input: iotevents.IInput; + +const state = new iotevents.State({ + stateName: 'MyState', + onEnter: [{ + eventName: 'test-event', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.SetTimerAction('MyTimer', { + duration: cdk.Duration.seconds(60), + }), + ], + }], +}); +``` + +Setting duration by [IoT Events Expression](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html): + +```ts +new actions.SetTimerAction('MyTimer', { + durationExpression: iotevents.Expression.inputAttribute(input, 'payload.durationSeconds'), +}) +``` + +And the timer can be reset and cleared. Below is an example of general +[Device HeartBeat](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-examples-dhb.html) +Detector Model: + +```ts +const online = new iotevents.State({ + stateName: 'Online', + onEnter: [{ + eventName: 'enter-event', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.SetTimerAction('MyTimer', { + duration: cdk.Duration.seconds(60), + }), + ], + }], + onInput: [{ + eventName: 'input-event', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.ResetTimerAction('MyTimer'), + ], + }], + onExit: [{ + eventName: 'exit-event', + actions: [ + new actions.ClearTimerAction('MyTimer'), + ], + }], +}); +const offline = new iotevents.State({ stateName: 'Offline' }); + +online.transitionTo(offline, { when: iotevents.Expression.timeout('MyTimer') }); +offline.transitionTo(online, { when: iotevents.Expression.currentInput(input) }); +``` + ## Set variable to detector instanse The code snippet below creates an Action that set variable to detector instanse @@ -44,12 +113,10 @@ const state = new iotevents.State({ eventName: 'test-event', condition: iotevents.Expression.currentInput(input), actions: [ - actions: [ - new actions.SetVariableAction( - 'MyVariable', - iotevents.Expression.inputAttribute(input, 'payload.temperature'), - ), - ], + new actions.SetVariableAction( + 'MyVariable', + iotevents.Expression.inputAttribute(input, 'payload.temperature'), + ), ], }], }); diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/clear-timer-action.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/clear-timer-action.ts new file mode 100644 index 0000000000000..c533b8171cc8b --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/clear-timer-action.ts @@ -0,0 +1,25 @@ +import * as iotevents from '@aws-cdk/aws-iotevents'; +import { Construct } from 'constructs'; + +/** + * The action to delete an existing timer. + */ +export class ClearTimerAction implements iotevents.IAction { + /** + * @param timerName the name of the timer + */ + constructor(private readonly timerName: string) {} + + /** + * @internal + */ + public _bind(_scope: Construct, _options: iotevents.ActionBindOptions): iotevents.ActionConfig { + return { + configuration: { + clearTimer: { + timerName: this.timerName, + }, + }, + }; + } +} diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/index.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/index.ts index e51394d301376..77b06b1419f2d 100644 --- a/packages/@aws-cdk/aws-iotevents-actions/lib/index.ts +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/index.ts @@ -1,2 +1,6 @@ +export * from './clear-timer-action'; export * from './set-variable-action'; export * from './lambda-invoke-action'; +export * from './reset-timer-action'; +export * from './set-timer-action'; +export * from './timer-duration'; diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/lambda-invoke-action.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/lambda-invoke-action.ts index af9dec5d32472..f7c291d0c80e9 100644 --- a/packages/@aws-cdk/aws-iotevents-actions/lib/lambda-invoke-action.ts +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/lambda-invoke-action.ts @@ -12,7 +12,10 @@ export class LambdaInvokeAction implements iotevents.IAction { constructor(private readonly func: lambda.IFunction) { } - bind(_scope: Construct, options: iotevents.ActionBindOptions): iotevents.ActionConfig { + /** + * @internal + */ + public _bind(_scope: Construct, options: iotevents.ActionBindOptions): iotevents.ActionConfig { this.func.grantInvoke(options.role); return { configuration: { diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/reset-timer-action.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/reset-timer-action.ts new file mode 100644 index 0000000000000..2e2868da8c540 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/reset-timer-action.ts @@ -0,0 +1,25 @@ +import * as iotevents from '@aws-cdk/aws-iotevents'; +import { Construct } from 'constructs'; + +/** + * The action to reset an existing timer. + */ +export class ResetTimerAction implements iotevents.IAction { + /** + * @param timerName the name of the timer + */ + constructor(private readonly timerName: string) {} + + /** + * @internal + */ + public _bind(_scope: Construct, _options: iotevents.ActionBindOptions): iotevents.ActionConfig { + return { + configuration: { + resetTimer: { + timerName: this.timerName, + }, + }, + }; + } +} diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/set-timer-action.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/set-timer-action.ts new file mode 100644 index 0000000000000..3a656bb53de49 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/set-timer-action.ts @@ -0,0 +1,32 @@ +import * as iotevents from '@aws-cdk/aws-iotevents'; +import { Construct } from 'constructs'; +import { TimerDuration } from './timer-duration'; + +/** + * The action to create a timer with duration in seconds. + */ +export class SetTimerAction implements iotevents.IAction { + /** + * @param timerName the name of the timer + * @param timerDuration the duration of the timer + */ + constructor( + private readonly timerName: string, + private readonly timerDuration: TimerDuration, + ) { + } + + /** + * @internal + */ + public _bind(_scope: Construct, _options: iotevents.ActionBindOptions): iotevents.ActionConfig { + return { + configuration: { + setTimer: { + timerName: this.timerName, + durationExpression: this.timerDuration._bind(), + }, + }, + }; + } +} diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/set-variable-action.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/set-variable-action.ts index 1d2596ddb866b..a719d3cc2522a 100644 --- a/packages/@aws-cdk/aws-iotevents-actions/lib/set-variable-action.ts +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/set-variable-action.ts @@ -12,7 +12,10 @@ export class SetVariableAction implements iotevents.IAction { constructor(private readonly variableName: string, private readonly value: iotevents.Expression) { } - bind(_scope: Construct, _options: iotevents.ActionBindOptions): iotevents.ActionConfig { + /** + * @internal + */ + public _bind(_scope: Construct, _options: iotevents.ActionBindOptions): iotevents.ActionConfig { return { configuration: { setVariable: { diff --git a/packages/@aws-cdk/aws-iotevents-actions/lib/timer-duration.ts b/packages/@aws-cdk/aws-iotevents-actions/lib/timer-duration.ts new file mode 100644 index 0000000000000..e9fe41be3c544 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/lib/timer-duration.ts @@ -0,0 +1,54 @@ +import * as iotevents from '@aws-cdk/aws-iotevents'; +import { Duration } from '@aws-cdk/core'; + +/** + * The duration of the timer. + */ +export abstract class TimerDuration { + /** + * Create a timer-duration from Duration. + * + * The range of the duration is 60-31622400 seconds. + * The evaluated result of the duration expression is rounded down to the nearest whole number. + * For example, if you set the timer to 60.99 seconds, the evaluated result of the duration expression is 60 seconds. + */ + public static fromDuration(duration: Duration): TimerDuration { + const seconds = duration.toSeconds(); + if (seconds < 60) { + throw new Error(`duration cannot be less than 60 seconds, got: ${duration.toString()}`); + } + if (seconds > 31622400) { + throw new Error(`duration cannot be greater than 31622400 seconds, got: ${duration.toString()}`); + } + return new TimerDurationImpl(seconds.toString()); + } + + /** + * Create a timer-duration from Expression. + * + * You can use a string expression that includes numbers, variables ($variable.), + * and input values ($input..) as the duration. + * + * The range of the duration is 60-31622400 seconds. + * The evaluated result of the duration expression is rounded down to the nearest whole number. + * For example, if you set the timer to 60.99 seconds, the evaluated result of the duration expression is 60 seconds. + */ + public static fromExpression(expression: iotevents.Expression): TimerDuration { + return new TimerDurationImpl(expression.evaluate()); + } + + /** + * @internal + */ + public abstract _bind(): string; +} + +class TimerDurationImpl extends TimerDuration { + constructor(private readonly durationExpression: string) { + super(); + } + + public _bind() { + return this.durationExpression; + } +} diff --git a/packages/@aws-cdk/aws-iotevents-actions/package.json b/packages/@aws-cdk/aws-iotevents-actions/package.json index 8f6edec334e5f..63c6c90ea0e15 100644 --- a/packages/@aws-cdk/aws-iotevents-actions/package.json +++ b/packages/@aws-cdk/aws-iotevents-actions/package.json @@ -73,6 +73,7 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", "jest": "^27.5.1" diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/clear-timer-action.test.ts b/packages/@aws-cdk/aws-iotevents-actions/test/iot/clear-timer-action.test.ts new file mode 100644 index 0000000000000..1f3d2195633a2 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/clear-timer-action.test.ts @@ -0,0 +1,44 @@ +import { Template } from '@aws-cdk/assertions'; +import * as iotevents from '@aws-cdk/aws-iotevents'; +import * as cdk from '@aws-cdk/core'; +import * as actions from '../../lib'; + +let stack: cdk.Stack; +let input: iotevents.IInput; +beforeEach(() => { + stack = new cdk.Stack(); + input = iotevents.Input.fromInputName(stack, 'MyInput', 'test-input'); +}); + +test('Default property', () => { + // WHEN + new iotevents.DetectorModel(stack, 'MyDetectorModel', { + initialState: new iotevents.State({ + stateName: 'test-state', + onEnter: [{ + eventName: 'test-eventName', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.ClearTimerAction('MyTimer'), + ], + }], + }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IoTEvents::DetectorModel', { + DetectorModelDefinition: { + States: [{ + OnEnter: { + Events: [{ + Actions: [{ + ClearTimer: { + TimerName: 'MyTimer', + }, + }], + }], + }, + }], + }, + }); +}); diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/integ.timer-actions.ts b/packages/@aws-cdk/aws-iotevents-actions/test/iot/integ.timer-actions.ts new file mode 100644 index 0000000000000..cdaf780145a25 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/integ.timer-actions.ts @@ -0,0 +1,64 @@ +/** + * Stack verification steps: + * * put a message + * * aws iotevents-data batch-put-message --region=us-east-1 --messages=messageId=(date | md5),inputName=test_input,payload=(echo '{"payload":{"deviceId":"000"}}' | base64) + */ +import * as iotevents from '@aws-cdk/aws-iotevents'; +import * as cdk from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import * as actions from '../../lib'; + +/** + * This example will creates the detector model for Device HeartBeat Monitoring. + * + * @see https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-examples-dhb.html + */ +class TestStack extends cdk.Stack { + constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { + super(scope, id, props); + + const input = new iotevents.Input(this, 'MyInput', { + inputName: 'test_input', + attributeJsonPaths: ['payload.deviceId'], + }); + + const online = new iotevents.State({ + stateName: 'Online', + onEnter: [{ + eventName: 'enter-event', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.SetTimerAction('MyTimer', actions.TimerDuration.fromDuration(cdk.Duration.seconds(60))), + ], + }], + onInput: [{ + eventName: 'input-event', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.ResetTimerAction('MyTimer'), + ], + }], + onExit: [{ + eventName: 'exit-event', + actions: [ + new actions.ClearTimerAction('MyTimer'), + ], + }], + }); + const offline = new iotevents.State({ stateName: 'Offline' }); + + online.transitionTo(offline, { when: iotevents.Expression.timeout('MyTimer') }); + offline.transitionTo(online, { when: iotevents.Expression.currentInput(input) }); + + new iotevents.DetectorModel(this, 'MyDetectorModel', { + detectorKey: 'payload.deviceId', + initialState: online, + }); + } +} + +// GIVEN +const app = new cdk.App(); +const stack = new TestStack(app, 'iotevents-timer-actions-test-stack'); +new IntegTest(app, 'TimerActions', { testCases: [stack] }); +app.synth(); diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/reset-timer-action.test.ts b/packages/@aws-cdk/aws-iotevents-actions/test/iot/reset-timer-action.test.ts new file mode 100644 index 0000000000000..40c9ff5e7e91a --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/reset-timer-action.test.ts @@ -0,0 +1,44 @@ +import { Template } from '@aws-cdk/assertions'; +import * as iotevents from '@aws-cdk/aws-iotevents'; +import * as cdk from '@aws-cdk/core'; +import * as actions from '../../lib'; + +let stack: cdk.Stack; +let input: iotevents.IInput; +beforeEach(() => { + stack = new cdk.Stack(); + input = iotevents.Input.fromInputName(stack, 'MyInput', 'test-input'); +}); + +test('Default property', () => { + // WHEN + new iotevents.DetectorModel(stack, 'MyDetectorModel', { + initialState: new iotevents.State({ + stateName: 'test-state', + onEnter: [{ + eventName: 'test-eventName', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.ResetTimerAction('MyTimer'), + ], + }], + }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IoTEvents::DetectorModel', { + DetectorModelDefinition: { + States: [{ + OnEnter: { + Events: [{ + Actions: [{ + ResetTimer: { + TimerName: 'MyTimer', + }, + }], + }], + }, + }], + }, + }); +}); diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/set-timer-action.test.ts b/packages/@aws-cdk/aws-iotevents-actions/test/iot/set-timer-action.test.ts new file mode 100644 index 0000000000000..5f2653c620222 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/set-timer-action.test.ts @@ -0,0 +1,57 @@ +import { Template } from '@aws-cdk/assertions'; +import * as iotevents from '@aws-cdk/aws-iotevents'; +import * as cdk from '@aws-cdk/core'; +import * as actions from '../../lib'; + +let stack: cdk.Stack; +let input: iotevents.IInput; +beforeEach(() => { + stack = new cdk.Stack(); + input = iotevents.Input.fromInputName(stack, 'MyInput', 'test-input'); +}); + +test.each([ + ['Can set duration', actions.TimerDuration.fromDuration(cdk.Duration.minutes(2)), '120'], + ['Can set durationExpression', actions.TimerDuration.fromExpression(iotevents.Expression.fromString('test-expression')), 'test-expression'], +])('%s', (_, durationOption, durationExpression) => { + // WHEN + new iotevents.DetectorModel(stack, 'MyDetectorModel', { + initialState: new iotevents.State({ + stateName: 'test-state', + onEnter: [{ + eventName: 'test-eventName', + condition: iotevents.Expression.currentInput(input), + actions: [ + new actions.SetTimerAction('MyTimer', durationOption), + ], + }], + }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IoTEvents::DetectorModel', { + DetectorModelDefinition: { + States: [{ + OnEnter: { + Events: [{ + Actions: [{ + SetTimer: { + TimerName: 'MyTimer', + DurationExpression: durationExpression, + }, + }], + }], + }, + }], + }, + }); +}); + +test.each([ + ['duration less than 60 seconds', cdk.Duration.seconds(59), 'duration cannot be less than 60 seconds, got: Duration.seconds(59)'], + ['duration greater than 31622400 seconds', cdk.Duration.seconds(31622401), 'duration cannot be greater than 31622400 seconds, got: Duration.seconds(31622401)'], +])('Cannot set %', (_, duration, errorMessage) => { + expect(() => { + actions.TimerDuration.fromDuration(duration); + }).toThrow(errorMessage); +}); diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/TimerActionsDefaultTestDeployAssert89D9000B.template.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/TimerActionsDefaultTestDeployAssert89D9000B.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/TimerActionsDefaultTestDeployAssert89D9000B.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/integ.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/integ.json new file mode 100644 index 0000000000000..be3cb597b0fe5 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "TimerActions/DefaultTest": { + "stacks": [ + "iotevents-timer-actions-test-stack" + ], + "assertionStack": "TimerActionsDefaultTestDeployAssert89D9000B" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.assets.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.assets.json new file mode 100644 index 0000000000000..69a4b6590cf96 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.assets.json @@ -0,0 +1,19 @@ +{ + "version": "20.0.0", + "files": { + "2e8c935c8b92198714514946548737d7e2ec921f7635995c80095bcb79441bea": { + "source": { + "path": "iotevents-timer-actions-test-stack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "2e8c935c8b92198714514946548737d7e2ec921f7635995c80095bcb79441bea.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.template.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.template.json new file mode 100644 index 0000000000000..cf78b96310b13 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/iotevents-timer-actions-test-stack.template.json @@ -0,0 +1,151 @@ +{ + "Resources": { + "MyInput08947B23": { + "Type": "AWS::IoTEvents::Input", + "Properties": { + "InputDefinition": { + "Attributes": [ + { + "JsonPath": "payload.deviceId" + } + ] + }, + "InputName": "test_input" + } + }, + "MyDetectorModelDetectorModelRoleF2FB4D88": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iotevents.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "MyDetectorModel559C0B0E": { + "Type": "AWS::IoTEvents::DetectorModel", + "Properties": { + "DetectorModelDefinition": { + "InitialStateName": "Online", + "States": [ + { + "OnEnter": { + "Events": [ + { + "Actions": [ + { + "SetTimer": { + "DurationExpression": "60", + "TimerName": "MyTimer" + } + } + ], + "Condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "EventName": "enter-event" + } + ] + }, + "OnExit": { + "Events": [ + { + "Actions": [ + { + "ClearTimer": { + "TimerName": "MyTimer" + } + } + ], + "EventName": "exit-event" + } + ] + }, + "OnInput": { + "Events": [ + { + "Actions": [ + { + "ResetTimer": { + "TimerName": "MyTimer" + } + } + ], + "Condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "EventName": "input-event" + } + ], + "TransitionEvents": [ + { + "Condition": "timeout(\"MyTimer\")", + "EventName": "Online_to_Offline", + "NextState": "Offline" + } + ] + }, + "StateName": "Online" + }, + { + "OnInput": { + "TransitionEvents": [ + { + "Condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "EventName": "Offline_to_Online", + "NextState": "Online" + } + ] + }, + "StateName": "Offline" + } + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyDetectorModelDetectorModelRoleF2FB4D88", + "Arn" + ] + }, + "Key": "payload.deviceId" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..e8f8b1d56f962 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/manifest.json @@ -0,0 +1,49 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "iotevents-timer-actions-test-stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "iotevents-timer-actions-test-stack.template.json", + "validateOnSynth": false + }, + "metadata": { + "/iotevents-timer-actions-test-stack/MyInput/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyInput08947B23" + } + ], + "/iotevents-timer-actions-test-stack/MyDetectorModel/DetectorModelRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDetectorModelDetectorModelRoleF2FB4D88" + } + ], + "/iotevents-timer-actions-test-stack/MyDetectorModel/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyDetectorModel559C0B0E" + } + ] + }, + "displayName": "iotevents-timer-actions-test-stack" + }, + "TimerActionsDefaultTestDeployAssert89D9000B": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "TimerActionsDefaultTestDeployAssert89D9000B.template.json", + "validateOnSynth": false + }, + "displayName": "TimerActions/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/tree.json b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/tree.json new file mode 100644 index 0000000000000..f60b628102a08 --- /dev/null +++ b/packages/@aws-cdk/aws-iotevents-actions/test/iot/timer-actions.integ.snapshot/tree.json @@ -0,0 +1,268 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "iotevents-timer-actions-test-stack": { + "id": "iotevents-timer-actions-test-stack", + "path": "iotevents-timer-actions-test-stack", + "children": { + "MyInput": { + "id": "MyInput", + "path": "iotevents-timer-actions-test-stack/MyInput", + "children": { + "Resource": { + "id": "Resource", + "path": "iotevents-timer-actions-test-stack/MyInput/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IoTEvents::Input", + "aws:cdk:cloudformation:props": { + "inputDefinition": { + "attributes": [ + { + "jsonPath": "payload.deviceId" + } + ] + }, + "inputName": "test_input" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iotevents.CfnInput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iotevents.Input", + "version": "0.0.0" + } + }, + "MyDetectorModel": { + "id": "MyDetectorModel", + "path": "iotevents-timer-actions-test-stack/MyDetectorModel", + "children": { + "DetectorModelRole": { + "id": "DetectorModelRole", + "path": "iotevents-timer-actions-test-stack/MyDetectorModel/DetectorModelRole", + "children": { + "Resource": { + "id": "Resource", + "path": "iotevents-timer-actions-test-stack/MyDetectorModel/DetectorModelRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iotevents.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "iotevents-timer-actions-test-stack/MyDetectorModel/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IoTEvents::DetectorModel", + "aws:cdk:cloudformation:props": { + "detectorModelDefinition": { + "initialStateName": "Online", + "states": [ + { + "stateName": "Online", + "onEnter": { + "events": [ + { + "eventName": "enter-event", + "condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "actions": [ + { + "setTimer": { + "timerName": "MyTimer", + "durationExpression": "60" + } + } + ] + } + ] + }, + "onInput": { + "events": [ + { + "eventName": "input-event", + "condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "actions": [ + { + "resetTimer": { + "timerName": "MyTimer" + } + } + ] + } + ], + "transitionEvents": [ + { + "eventName": "Online_to_Offline", + "condition": "timeout(\"MyTimer\")", + "nextState": "Offline" + } + ] + }, + "onExit": { + "events": [ + { + "eventName": "exit-event", + "actions": [ + { + "clearTimer": { + "timerName": "MyTimer" + } + } + ] + } + ] + } + }, + { + "stateName": "Offline", + "onInput": { + "transitionEvents": [ + { + "eventName": "Offline_to_Online", + "condition": { + "Fn::Join": [ + "", + [ + "currentInput(\"", + { + "Ref": "MyInput08947B23" + }, + "\")" + ] + ] + }, + "nextState": "Online" + } + ] + } + } + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "MyDetectorModelDetectorModelRoleF2FB4D88", + "Arn" + ] + }, + "key": "payload.deviceId" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iotevents.CfnDetectorModel", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iotevents.DetectorModel", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "TimerActions": { + "id": "TimerActions", + "path": "TimerActions", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "TimerActions/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "TimerActions/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "TimerActions/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iotevents/lib/action.ts b/packages/@aws-cdk/aws-iotevents/lib/action.ts index f43c6b6c91626..0f5a1c1fac105 100644 --- a/packages/@aws-cdk/aws-iotevents/lib/action.ts +++ b/packages/@aws-cdk/aws-iotevents/lib/action.ts @@ -18,8 +18,9 @@ export interface ActionBindOptions { export interface IAction { /** * Returns the AWS IoT Events action specification. + * @internal */ - bind(scope: Construct, options: ActionBindOptions): ActionConfig; + _bind(scope: Construct, options: ActionBindOptions): ActionConfig; } /** diff --git a/packages/@aws-cdk/aws-iotevents/lib/expression.ts b/packages/@aws-cdk/aws-iotevents/lib/expression.ts index 8ad98de5d5496..925fd6a7201f5 100644 --- a/packages/@aws-cdk/aws-iotevents/lib/expression.ts +++ b/packages/@aws-cdk/aws-iotevents/lib/expression.ts @@ -20,6 +20,15 @@ export abstract class Expression { return this.fromString(`currentInput("${input.inputName}")`); } + /** + * Create a expression for function `timeout("timer-name")`. + * It is evaluated to true if the specified timer has elapsed. + * You can define a timer only using the `setTimer` action. + */ + public static timeout(timerName: string): Expression { + return this.fromString(`timeout("${timerName}")`); + } + /** * Create a expression for get an input attribute as `$input.TemperatureInput.temperatures[2]`. */ diff --git a/packages/@aws-cdk/aws-iotevents/lib/state.ts b/packages/@aws-cdk/aws-iotevents/lib/state.ts index ef8ce689fec47..221a2cf032bb9 100644 --- a/packages/@aws-cdk/aws-iotevents/lib/state.ts +++ b/packages/@aws-cdk/aws-iotevents/lib/state.ts @@ -182,7 +182,7 @@ function toEventsJson( return events?.map(event => ({ eventName: event.eventName, condition: event.condition?.evaluate(), - actions: event.actions?.map(action => action.bind(scope, actionBindOptions).configuration), + actions: event.actions?.map(action => action._bind(scope, actionBindOptions).configuration), })); } @@ -198,7 +198,7 @@ function toTransitionEventsJson( return transitionEvents.map(transitionEvent => ({ eventName: transitionEvent.eventName, condition: transitionEvent.condition.evaluate(), - actions: transitionEvent.actions?.map(action => action.bind(scope, actionBindOptions).configuration), + actions: transitionEvent.actions?.map(action => action._bind(scope, actionBindOptions).configuration), nextState: transitionEvent.nextState.stateName, })); } diff --git a/packages/@aws-cdk/aws-iotevents/package.json b/packages/@aws-cdk/aws-iotevents/package.json index ad246d85bc882..35327daf2534c 100644 --- a/packages/@aws-cdk/aws-iotevents/package.json +++ b/packages/@aws-cdk/aws-iotevents/package.json @@ -103,6 +103,12 @@ "engines": { "node": ">= 14.15.0" }, + "awslint": { + "exclude": [ + "no-unused-type:@aws-cdk/aws-iotevents.ActionBindOptions", + "no-unused-type:@aws-cdk/aws-iotevents.ActionConfig" + ] + }, "stability": "experimental", "maturity": "experimental", "awscdkio": { diff --git a/packages/@aws-cdk/aws-iotevents/test/detector-model.test.ts b/packages/@aws-cdk/aws-iotevents/test/detector-model.test.ts index 2b485648059bd..dcfdc7e8f15d6 100644 --- a/packages/@aws-cdk/aws-iotevents/test/detector-model.test.ts +++ b/packages/@aws-cdk/aws-iotevents/test/detector-model.test.ts @@ -148,7 +148,7 @@ test('can set actions to events', () => { eventName: 'test-eventName1', condition: iotevents.Expression.currentInput(input), actions: [{ - bind: () => ({ + _bind: () => ({ configuration: { lambda: { functionArn: 'arn:aws:lambda:us-east-1:123456789012:function:MyFn', @@ -200,7 +200,7 @@ test.each([ test('can set an action to multiple detector models', () => { // GIVEN an action const action: iotevents.IAction = { - bind: (_, { role }) => { + _bind: (_, { role }) => { role.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['lambda:InvokeFunction'], resources: ['arn:aws:lambda:us-east-1:123456789012:function:MyFn'], @@ -393,7 +393,7 @@ test('can set actions to transitions', () => { iotevents.Expression.inputAttribute(input, 'payload.temperature'), iotevents.Expression.fromString('12'), ), - executing: [{ bind: () => ({ configuration: { setTimer: { timerName: 'test-timer' } } }) }], + executing: [{ _bind: () => ({ configuration: { setTimer: { timerName: 'test-timer' } } }) }], }); new iotevents.DetectorModel(stack, 'MyDetectorModel', { @@ -501,6 +501,7 @@ describe('Expression', () => { const E = iotevents.Expression; test.each([ ['currentInput', (testInput: iotevents.IInput) => E.currentInput(testInput), 'currentInput("test-input")'], + ['timeout', () => E.timeout('test-timer'), 'timeout("test-timer")'], ['inputAttribute', (testInput: iotevents.IInput) => E.inputAttribute(testInput, 'json.path'), '$input.test-input.json.path'], ['add', () => E.add(E.fromString('5'), E.fromString('2')), '5 + 2'], ['subtract', () => E.subtract(E.fromString('5'), E.fromString('2')), '5 - 2'], diff --git a/packages/@aws-cdk/aws-lambda-event-sources/README.md b/packages/@aws-cdk/aws-lambda-event-sources/README.md index e9c34cd97bd45..c7143701ea422 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/README.md +++ b/packages/@aws-cdk/aws-lambda-event-sources/README.md @@ -261,6 +261,9 @@ const topic = 'some-cool-topic'; // The secret that allows access to your self hosted Kafka cluster declare const secret: Secret; +// (Optional) The secret containing the root CA certificate that your Kafka brokers use for TLS encryption +declare const encryption: Secret; + declare const myFunction: lambda.Function; myFunction.addEventSource(new SelfManagedKafkaEventSource({ bootstrapServers: bootstrapServers, @@ -268,6 +271,7 @@ myFunction.addEventSource(new SelfManagedKafkaEventSource({ secret: secret, batchSize: 100, // default startingPosition: lambda.StartingPosition.TRIM_HORIZON, + encryption: encryption // optional })); ``` diff --git a/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts b/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts index bf89ca34cd244..7569fbaa58129 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts @@ -10,7 +10,7 @@ import { StreamEventSource, BaseStreamEventSourceProps } from './stream'; /** * Properties for a Kafka event source */ -export interface KafkaEventSourceProps extends BaseStreamEventSourceProps{ +export interface KafkaEventSourceProps extends BaseStreamEventSourceProps { /** * The Kafka topic to subscribe to */ @@ -94,6 +94,14 @@ export interface SelfManagedKafkaEventSourceProps extends KafkaEventSourceProps * @default AuthenticationMethod.SASL_SCRAM_512_AUTH */ readonly authenticationMethod?: AuthenticationMethod + + /** + * The secret with the root CA certificate used by your Kafka brokers for TLS encryption + * This field is required if your Kafka brokers use certificates signed by a private CA + * + * @default - none + */ + readonly rootCACertificate?: secretsmanager.Secret; } /** @@ -231,6 +239,13 @@ export class SelfManagedKafkaEventSource extends StreamEventSource { sourceAccessConfigurations.push({ type: authType, uri: this.innerProps.secret.secretArn }); } + if (this.innerProps.rootCACertificate !== undefined) { + sourceAccessConfigurations.push({ + type: lambda.SourceAccessConfigurationType.SERVER_ROOT_CA_CERTIFICATE, + uri: this.innerProps.rootCACertificate.secretArn, + }); + } + if (this.innerProps.vpcSubnets !== undefined && this.innerProps.securityGroup !== undefined) { sourceAccessConfigurations.push({ type: lambda.SourceAccessConfigurationType.VPC_SECURITY_GROUP, diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kafka-selfmanaged.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kafka-selfmanaged.ts new file mode 100644 index 0000000000000..8fa4532e80e16 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kafka-selfmanaged.ts @@ -0,0 +1,68 @@ +import * as lambda from '@aws-cdk/aws-lambda'; +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import { AuthenticationMethod, SelfManagedKafkaEventSource } from '../lib'; +import { TestFunction } from './test-function'; + +class KafkaSelfManagedEventSourceTest extends cdk.Stack { + constructor(scope: cdk.App, id: string) { + super(scope, id); + + const dummyCertString = `-----BEGIN CERTIFICATE----- +MIIE5DCCAsygAwIBAgIRAPJdwaFaNRrytHBto0j5BA0wDQYJKoZIhvcNAQELBQAw +cmUuiAii9R0= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFgjCCA2qgAwIBAgIQdjNZd6uFf9hbNC5RdfmHrzANBgkqhkiG9w0BAQsFADBb +c8PH3PSoAaRwMMgOSA2ALJvbRz8mpg== +-----END CERTIFICATE-----" +`; + + const dummyPrivateKey = `-----BEGIN ENCRYPTED PRIVATE KEY----- +zp2mwJn2NYB7AZ7+imp0azDZb+8YG2aUCiyqb6PnnA== +-----END ENCRYPTED PRIVATE KEY-----`; + + const fn = new TestFunction(this, 'F'); + const rootCASecret = new secretsmanager.Secret(this, 'S', { + secretObjectValue: { + certificate: cdk.SecretValue.unsafePlainText(dummyCertString), + }, + }); + const clientCertificatesSecret = new secretsmanager.Secret(this, 'SC', { + secretObjectValue: { + certificate: cdk.SecretValue.unsafePlainText(dummyCertString), + privateKey: cdk.SecretValue.unsafePlainText(dummyPrivateKey), + }, + }); + rootCASecret.grantRead(fn); + clientCertificatesSecret.grantRead(fn); + + const bootstrapServers = [ + 'my-self-hosted-kafka-broker-1:9092', + 'my-self-hosted-kafka-broker-2:9092', + 'my-self-hosted-kafka-broker-3:9092', + ]; + + fn.addEventSource( + new SelfManagedKafkaEventSource({ + bootstrapServers, + topic: 'my-test-topic', + secret: clientCertificatesSecret, + authenticationMethod: AuthenticationMethod.CLIENT_CERTIFICATE_TLS_AUTH, + rootCACertificate: rootCASecret, + startingPosition: lambda.StartingPosition.TRIM_HORIZON, + }), + ); + } +} + +const app = new cdk.App(); +const stack = new KafkaSelfManagedEventSourceTest( + app, + 'lambda-event-source-kafka-self-managed', +); +new integ.IntegTest(app, 'LambdaEventSourceKafkaSelfManagedTest', { + testCases: [stack], +}); +app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F.template.json b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/integ.json b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/integ.json new file mode 100644 index 0000000000000..44bd2659107b8 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "LambdaEventSourceKafkaSelfManagedTest/DefaultTest": { + "stacks": [ + "lambda-event-source-kafka-self-managed" + ], + "assertionStack": "LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/lambda-event-source-kafka-self-managed.template.json b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/lambda-event-source-kafka-self-managed.template.json new file mode 100644 index 0000000000000..9659e7f53a2c7 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/lambda-event-source-kafka-self-managed.template.json @@ -0,0 +1,138 @@ +{ + "Resources": { + "FServiceRole3AC82EE1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "FServiceRoleDefaultPolicy17A19BFA": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": [ + { + "Ref": "S509448A1" + }, + { + "Ref": "SC0855C491" + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "FServiceRoleDefaultPolicy17A19BFA", + "Roles": [ + { + "Ref": "FServiceRole3AC82EE1" + } + ] + } + }, + "FC4345940": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "exports.handler = async function handler(event) {\n console.log('event:', JSON.stringify(event, undefined, 2));\n return { event };\n}" + }, + "Role": { + "Fn::GetAtt": [ + "FServiceRole3AC82EE1", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "nodejs14.x" + }, + "DependsOn": [ + "FServiceRoleDefaultPolicy17A19BFA", + "FServiceRole3AC82EE1" + ] + }, + "FKafkaEventSource838c4d5ff3c99c1a617120adfca83e5bmytesttopic1E7A7798": { + "Type": "AWS::Lambda::EventSourceMapping", + "Properties": { + "FunctionName": { + "Ref": "FC4345940" + }, + "BatchSize": 100, + "SelfManagedEventSource": { + "Endpoints": { + "KafkaBootstrapServers": [ + "my-self-hosted-kafka-broker-1:9092", + "my-self-hosted-kafka-broker-2:9092", + "my-self-hosted-kafka-broker-3:9092" + ] + } + }, + "SourceAccessConfigurations": [ + { + "Type": "CLIENT_CERTIFICATE_TLS_AUTH", + "URI": { + "Ref": "SC0855C491" + } + }, + { + "Type": "SERVER_ROOT_CA_CERTIFICATE", + "URI": { + "Ref": "S509448A1" + } + } + ], + "StartingPosition": "TRIM_HORIZON", + "Topics": [ + "my-test-topic" + ] + } + }, + "S509448A1": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": "{\"certificate\":\"-----BEGIN CERTIFICATE-----\\nMIIE5DCCAsygAwIBAgIRAPJdwaFaNRrytHBto0j5BA0wDQYJKoZIhvcNAQELBQAw\\ncmUuiAii9R0=\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\nMIIFgjCCA2qgAwIBAgIQdjNZd6uFf9hbNC5RdfmHrzANBgkqhkiG9w0BAQsFADBb\\nc8PH3PSoAaRwMMgOSA2ALJvbRz8mpg==\\n-----END CERTIFICATE-----\\\"\\n\"}" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "SC0855C491": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": "{\"certificate\":\"-----BEGIN CERTIFICATE-----\\nMIIE5DCCAsygAwIBAgIRAPJdwaFaNRrytHBto0j5BA0wDQYJKoZIhvcNAQELBQAw\\ncmUuiAii9R0=\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\nMIIFgjCCA2qgAwIBAgIQdjNZd6uFf9hbNC5RdfmHrzANBgkqhkiG9w0BAQsFADBb\\nc8PH3PSoAaRwMMgOSA2ALJvbRz8mpg==\\n-----END CERTIFICATE-----\\\"\\n\",\"privateKey\":\"-----BEGIN ENCRYPTED PRIVATE KEY-----\\nzp2mwJn2NYB7AZ7+imp0azDZb+8YG2aUCiyqb6PnnA==\\n-----END ENCRYPTED PRIVATE KEY-----\"}" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..2377866c5c89c --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/manifest.json @@ -0,0 +1,67 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "lambda-event-source-kafka-self-managed": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "lambda-event-source-kafka-self-managed.template.json", + "validateOnSynth": false + }, + "metadata": { + "/lambda-event-source-kafka-self-managed/F/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FServiceRole3AC82EE1" + } + ], + "/lambda-event-source-kafka-self-managed/F/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FServiceRoleDefaultPolicy17A19BFA" + } + ], + "/lambda-event-source-kafka-self-managed/F/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FC4345940" + } + ], + "/lambda-event-source-kafka-self-managed/F/KafkaEventSource:838c4d5ff3c99c1a617120adfca83e5b:my-test-topic/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FKafkaEventSource838c4d5ff3c99c1a617120adfca83e5bmytesttopic1E7A7798" + } + ], + "/lambda-event-source-kafka-self-managed/S/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "S509448A1" + } + ], + "/lambda-event-source-kafka-self-managed/SC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SC0855C491" + } + ] + }, + "displayName": "lambda-event-source-kafka-self-managed" + }, + "LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "LambdaEventSourceKafkaSelfManagedTestDefaultTestDeployAssertAF78BD0F.template.json", + "validateOnSynth": false + }, + "displayName": "LambdaEventSourceKafkaSelfManagedTest/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/tree.json b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/tree.json new file mode 100644 index 0000000000000..45ae3d1e9a9d1 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka-selfmanaged.integ.snapshot/tree.json @@ -0,0 +1,301 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "lambda-event-source-kafka-self-managed": { + "id": "lambda-event-source-kafka-self-managed", + "path": "lambda-event-source-kafka-self-managed", + "children": { + "F": { + "id": "F", + "path": "lambda-event-source-kafka-self-managed/F", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "lambda-event-source-kafka-self-managed/F/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/F/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "lambda-event-source-kafka-self-managed/F/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/F/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": [ + { + "Ref": "S509448A1" + }, + { + "Ref": "SC0855C491" + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "FServiceRoleDefaultPolicy17A19BFA", + "roles": [ + { + "Ref": "FServiceRole3AC82EE1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/F/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "exports.handler = async function handler(event) {\n console.log('event:', JSON.stringify(event, undefined, 2));\n return { event };\n}" + }, + "role": { + "Fn::GetAtt": [ + "FServiceRole3AC82EE1", + "Arn" + ] + }, + "handler": "index.handler", + "runtime": "nodejs14.x" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + }, + "KafkaEventSource:838c4d5ff3c99c1a617120adfca83e5b:my-test-topic": { + "id": "KafkaEventSource:838c4d5ff3c99c1a617120adfca83e5b:my-test-topic", + "path": "lambda-event-source-kafka-self-managed/F/KafkaEventSource:838c4d5ff3c99c1a617120adfca83e5b:my-test-topic", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/F/KafkaEventSource:838c4d5ff3c99c1a617120adfca83e5b:my-test-topic/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::EventSourceMapping", + "aws:cdk:cloudformation:props": { + "functionName": { + "Ref": "FC4345940" + }, + "batchSize": 100, + "selfManagedEventSource": { + "endpoints": { + "kafkaBootstrapServers": [ + "my-self-hosted-kafka-broker-1:9092", + "my-self-hosted-kafka-broker-2:9092", + "my-self-hosted-kafka-broker-3:9092" + ] + } + }, + "sourceAccessConfigurations": [ + { + "type": "CLIENT_CERTIFICATE_TLS_AUTH", + "uri": { + "Ref": "SC0855C491" + } + }, + { + "type": "SERVER_ROOT_CA_CERTIFICATE", + "uri": { + "Ref": "S509448A1" + } + } + ], + "startingPosition": "TRIM_HORIZON", + "topics": [ + "my-test-topic" + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnEventSourceMapping", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.EventSourceMapping", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "S": { + "id": "S", + "path": "lambda-event-source-kafka-self-managed/S", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/S/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": "{\"certificate\":\"-----BEGIN CERTIFICATE-----\\nMIIE5DCCAsygAwIBAgIRAPJdwaFaNRrytHBto0j5BA0wDQYJKoZIhvcNAQELBQAw\\ncmUuiAii9R0=\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\nMIIFgjCCA2qgAwIBAgIQdjNZd6uFf9hbNC5RdfmHrzANBgkqhkiG9w0BAQsFADBb\\nc8PH3PSoAaRwMMgOSA2ALJvbRz8mpg==\\n-----END CERTIFICATE-----\\\"\\n\"}" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + }, + "SC": { + "id": "SC", + "path": "lambda-event-source-kafka-self-managed/SC", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-event-source-kafka-self-managed/SC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": "{\"certificate\":\"-----BEGIN CERTIFICATE-----\\nMIIE5DCCAsygAwIBAgIRAPJdwaFaNRrytHBto0j5BA0wDQYJKoZIhvcNAQELBQAw\\ncmUuiAii9R0=\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\nMIIFgjCCA2qgAwIBAgIQdjNZd6uFf9hbNC5RdfmHrzANBgkqhkiG9w0BAQsFADBb\\nc8PH3PSoAaRwMMgOSA2ALJvbRz8mpg==\\n-----END CERTIFICATE-----\\\"\\n\",\"privateKey\":\"-----BEGIN ENCRYPTED PRIVATE KEY-----\\nzp2mwJn2NYB7AZ7+imp0azDZb+8YG2aUCiyqb6PnnA==\\n-----END ENCRYPTED PRIVATE KEY-----\"}" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "LambdaEventSourceKafkaSelfManagedTest": { + "id": "LambdaEventSourceKafkaSelfManagedTest", + "path": "LambdaEventSourceKafkaSelfManagedTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "LambdaEventSourceKafkaSelfManagedTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "LambdaEventSourceKafkaSelfManagedTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.63" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "LambdaEventSourceKafkaSelfManagedTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka.test.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka.test.ts index 43fc533e93770..b1c5ef86d2612 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/kafka.test.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/kafka.test.ts @@ -524,6 +524,84 @@ describe('KafkaEventSource', () => { }); }); + test('using CLIENT_CERTIFICATE_TLS_AUTH with rootCA', () => { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const kafkaTopic = 'some-topic'; + const secret = new Secret(stack, 'Secret', { secretName: 'AmazonMSK_KafkaSecret' }); + const rootCACertificate = new Secret(stack, 'RootCASecret', { secretName: 'AmazonMSK_KafkaSecret_Root_CA' }); + const bootstrapServers = ['kafka-broker:9092']; + const sg = SecurityGroup.fromSecurityGroupId(stack, 'SecurityGroup', 'sg-0123456789'); + const vpc = new Vpc(stack, 'Vpc'); + + // WHEN + fn.addEventSource(new sources.SelfManagedKafkaEventSource( + { + bootstrapServers: bootstrapServers, + topic: kafkaTopic, + secret: secret, + startingPosition: lambda.StartingPosition.TRIM_HORIZON, + vpc: vpc, + vpcSubnets: { subnetType: SubnetType.PRIVATE_WITH_NAT }, + securityGroup: sg, + authenticationMethod: sources.AuthenticationMethod.CLIENT_CERTIFICATE_TLS_AUTH, + rootCACertificate: rootCACertificate, + })); + + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::EventSourceMapping', { + SourceAccessConfigurations: Match.arrayWith([ + { + Type: 'CLIENT_CERTIFICATE_TLS_AUTH', + URI: { + Ref: 'SecretA720EF05', + }, + }, + { + Type: 'SERVER_ROOT_CA_CERTIFICATE', + URI: { + Ref: 'RootCASecret21632BB9', + }, + }, + ]), + }); + }); + + test('with rootCA', () => { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const kafkaTopic = 'some-topic'; + const rootCACertificate = new Secret(stack, 'RootCASecret', { secretName: 'AmazonMSK_KafkaSecret_Root_CA' }); + const bootstrapServers = ['kafka-broker:9092']; + const sg = SecurityGroup.fromSecurityGroupId(stack, 'SecurityGroup', 'sg-0123456789'); + const vpc = new Vpc(stack, 'Vpc'); + + // WHEN + fn.addEventSource(new sources.SelfManagedKafkaEventSource( + { + bootstrapServers: bootstrapServers, + topic: kafkaTopic, + startingPosition: lambda.StartingPosition.TRIM_HORIZON, + vpc: vpc, + vpcSubnets: { subnetType: SubnetType.PRIVATE_WITH_NAT }, + securityGroup: sg, + rootCACertificate: rootCACertificate, + })); + + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::EventSourceMapping', { + SourceAccessConfigurations: Match.arrayWith([ + { + Type: 'SERVER_ROOT_CA_CERTIFICATE', + URI: { + Ref: 'RootCASecret21632BB9', + }, + }, + ]), + }); + }); + + test('ManagedKafkaEventSource name conforms to construct id rules', () => { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts index ddd9a7b01ab97..eb2f59db03e09 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts @@ -175,6 +175,8 @@ export function getTsconfigCompilerOptions(tsconfigPath: string): string { if (type === 'boolean') { if (value) { compilerOptionsString += option + ' '; + } else { + compilerOptionsString += option + ' false '; } } else if (type === 'string') { compilerOptionsString += option + ' ' + value + ' '; diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index 06d18f714246b..265fce21bf6fe 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -79,7 +79,7 @@ "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", "delay": "5.0.0", - "esbuild": "^0.14.50" + "esbuild": "^0.14.53" }, "dependencies": { "@aws-cdk/aws-lambda": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts index c38334e7e4176..189769bc90f34 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts @@ -188,7 +188,9 @@ describe('getTsconfigCompilerOptions', () => { '--alwaysStrict', '--charset utf8', '--declaration', + '--declarationMap false', '--experimentalDecorators', + '--incremental false', '--inlineSourceMap', '--inlineSources', '--lib es2020', @@ -207,6 +209,7 @@ describe('getTsconfigCompilerOptions', () => { '--strict', '--strictNullChecks', '--strictPropertyInitialization', + '--stripInternal false', '--target ES2020', ].join(' ')); }); diff --git a/packages/@aws-cdk/aws-lambda/README.md b/packages/@aws-cdk/aws-lambda/README.md index dc40e77e1363d..f12afc0c3d809 100644 --- a/packages/@aws-cdk/aws-lambda/README.md +++ b/packages/@aws-cdk/aws-lambda/README.md @@ -81,6 +81,16 @@ new lambda.DockerImageFunction(this, 'ECRFunction', { The props for these docker image resources allow overriding the image's `CMD`, `ENTRYPOINT`, and `WORKDIR` configurations as well as choosing a specific tag or digest. See their docs for more information. +To deploy a `DockerImageFunction` on Lambda `arm64` architecture, specify `Architecture.ARM_64` in `architecture`. +This will bundle docker image assets for `arm64` architecture with `--platform linux/arm64` even if build within an `x86_64` host. + +```ts +new DockerImageFunction(this, 'AssetFunction', { + code: DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-arm64-handler')), + architecture: Architecture.ARM_64, +}); +``` + ## Execution Role Lambda functions assume an IAM role during execution. In CDK by default, Lambda diff --git a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts index c85dca2694db6..d5e2d568bdd2e 100644 --- a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts +++ b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts @@ -41,6 +41,11 @@ export class SourceAccessConfigurationType { */ public static readonly CLIENT_CERTIFICATE_TLS_AUTH = new SourceAccessConfigurationType('CLIENT_CERTIFICATE_TLS_AUTH'); + /** + * The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers. + */ + public static readonly SERVER_ROOT_CA_CERTIFICATE = new SourceAccessConfigurationType('SERVER_ROOT_CA_CERTIFICATE'); + /** A custom source access configuration property */ public static of(name: string): SourceAccessConfigurationType { return new SourceAccessConfigurationType(name); diff --git a/packages/@aws-cdk/aws-lambda/lib/function.ts b/packages/@aws-cdk/aws-lambda/lib/function.ts index 9c142eb4da0c8..2f14b31b3b9d2 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function.ts @@ -1094,7 +1094,12 @@ Environment variables can be marked for removal when used in Lambda@Edge by sett throw new Error('Cannot configure \'securityGroup\' or \'allowAllOutbound\' without configuring a VPC'); } - if (!props.vpc) { return undefined; } + if (!props.vpc) { + if (props.vpcSubnets) { + throw new Error('Cannot configure \'vpcSubnets\' without configuring a VPC'); + } + return undefined; + } if (props.securityGroup && props.allowAllOutbound !== undefined) { throw new Error('Configure \'allowAllOutbound\' directly on the supplied SecurityGroup.'); diff --git a/packages/@aws-cdk/aws-lambda/lib/image-function.ts b/packages/@aws-cdk/aws-lambda/lib/image-function.ts index a53f303c88b78..5000bae85e2c2 100644 --- a/packages/@aws-cdk/aws-lambda/lib/image-function.ts +++ b/packages/@aws-cdk/aws-lambda/lib/image-function.ts @@ -1,5 +1,7 @@ import * as ecr from '@aws-cdk/aws-ecr'; +import { Platform } from '@aws-cdk/aws-ecr-assets'; import { Construct } from 'constructs'; +import { Architecture } from './architecture'; import { AssetImageCode, AssetImageCodeProps, EcrImageCode, EcrImageCodeProps, Code } from './code'; import { Function, FunctionOptions } from './function'; import { Handler } from './handler'; @@ -41,8 +43,12 @@ export abstract class DockerImageCode { */ public static fromImageAsset(directory: string, props: AssetImageCodeProps = {}): DockerImageCode { return { - _bind() { - return new AssetImageCode(directory, props); + _bind(architecture?: Architecture) { + return new AssetImageCode(directory, { + // determine the platform from `architecture`. + ...architecture?.dockerPlatform ? { platform: Platform.custom(architecture.dockerPlatform) } : {}, + ...props, + }); }, }; } @@ -51,7 +57,7 @@ export abstract class DockerImageCode { * Produce a `Code` instance from this `DockerImageCode`. * @internal */ - public abstract _bind(): Code; + public abstract _bind(architecture?: Architecture): Code; } /** @@ -63,7 +69,7 @@ export class DockerImageFunction extends Function { ...props, handler: Handler.FROM_IMAGE, runtime: Runtime.FROM_IMAGE, - code: props.code._bind(), + code: props.code._bind(props.architecture), }); } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/BundlingDefaultTestDeployAssertAACA0CAF.template.json b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/BundlingDefaultTestDeployAssertAACA0CAF.template.json new file mode 100644 index 0000000000000..7db53b9a92c99 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/BundlingDefaultTestDeployAssertAACA0CAF.template.json @@ -0,0 +1,210 @@ +{ + "Resources": { + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8": { + "Type": "Custom::DeployAssert@SdkCallLambdainvoke", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "service": "Lambda", + "api": "invoke", + "parameters": { + "FunctionName": { + "Fn::ImportValue": "cdk-integ-lambda-bundling-docker-bundling-opts:ExportsOutputRefFunction76856677C48862D5" + } + }, + "flattenResponse": "false", + "salt": "1659700764721" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8InvokeA3F6E40A": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::ImportValue": "cdk-integ-lambda-bundling-docker-bundling-opts:ExportsOutputRefFunction76856677C48862D5" + }, + "Principal": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + }, + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8AssertEqualsLambdainvoke89C63F4A": { + "Type": "Custom::DeployAssert@AssertEquals", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F", + "Arn" + ] + }, + "actual": { + "Fn::GetAtt": [ + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8", + "apiCallResponse" + ] + }, + "expected": "{\"$ObjectLike\":{\"Payload\":\"200\"}}", + "salt": "1659700764722" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "lambda:Invoke" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + }, + { + "Action": [ + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":lambda:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":function:", + { + "Fn::ImportValue": "cdk-integ-lambda-bundling-docker-bundling-opts:ExportsOutputRefFunction76856677C48862D5" + } + ] + ] + } + ] + } + ] + } + } + ] + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Runtime": "nodejs14.x", + "Code": { + "S3Bucket": { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ] + } + ] + } + ] + ] + } + }, + "Timeout": 120, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73", + "Arn" + ] + } + } + } + }, + "Outputs": { + "AssertionResultsAssertEqualsLambdainvoke": { + "Value": { + "Fn::GetAtt": [ + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8AssertEqualsLambdainvoke89C63F4A", + "data" + ] + } + } + }, + "Parameters": { + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7": { + "Type": "String", + "Description": "S3 bucket for asset \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + }, + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E": { + "Type": "String", + "Description": "S3 key for asset version \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + }, + "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9": { + "Type": "String", + "Description": "Artifact hash for asset \"0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk-integ-lambda-bundling-docker-bundling-opts.template.json b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk-integ-lambda-bundling-docker-bundling-opts.template.json new file mode 100644 index 0000000000000..991dde5f31d4b --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk-integ-lambda-bundling-docker-bundling-opts.template.json @@ -0,0 +1,113 @@ +{ + "Resources": { + "FunctionServiceRole675BB04A": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "Function76856677": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3BucketFA35C5ED" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "FunctionServiceRole675BB04A", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "python3.9" + }, + "DependsOn": [ + "FunctionServiceRole675BB04A" + ] + } + }, + "Parameters": { + "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3BucketFA35C5ED": { + "Type": "String", + "Description": "S3 bucket for asset \"badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668\"" + }, + "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58": { + "Type": "String", + "Description": "S3 key for asset version \"badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668\"" + }, + "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668ArtifactHash68AB8820": { + "Type": "String", + "Description": "Artifact hash for asset \"badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668\"" + } + }, + "Outputs": { + "ExportsOutputRefFunction76856677C48862D5": { + "Value": { + "Ref": "Function76856677" + }, + "Export": { + "Name": "cdk-integ-lambda-bundling-docker-bundling-opts:ExportsOutputRefFunction76856677C48862D5" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/integ.json b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/integ.json new file mode 100644 index 0000000000000..73d0ae4a3a54f --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "20.0.0", + "testCases": { + "Bundling/DefaultTest": { + "stacks": [ + "cdk-integ-lambda-bundling-docker-bundling-opts" + ], + "stackUpdateWorkflow": false, + "assertionStack": "BundlingDefaultTestDeployAssertAACA0CAF" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..def0254a06124 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/manifest.json @@ -0,0 +1,154 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "cdk-integ-lambda-bundling-docker-bundling-opts": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-lambda-bundling-docker-bundling-opts.template.json", + "validateOnSynth": false + }, + "metadata": { + "/cdk-integ-lambda-bundling-docker-bundling-opts": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668", + "id": "badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668", + "packaging": "zip", + "sourceHash": "badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668", + "s3BucketParameter": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3BucketFA35C5ED", + "s3KeyParameter": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58", + "artifactHashParameter": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668ArtifactHash68AB8820" + } + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/Function/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FunctionServiceRole675BB04A" + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/Function/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Function76856677" + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3BucketFA35C5ED" + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58" + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668ArtifactHash68AB8820" + } + ], + "/cdk-integ-lambda-bundling-docker-bundling-opts/Exports/Output{\"Ref\":\"Function76856677\"}": [ + { + "type": "aws:cdk:logicalId", + "data": "ExportsOutputRefFunction76856677C48862D5" + } + ] + }, + "displayName": "cdk-integ-lambda-bundling-docker-bundling-opts" + }, + "BundlingDefaultTestDeployAssertAACA0CAF": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "BundlingDefaultTestDeployAssertAACA0CAF.template.json", + "validateOnSynth": false + }, + "dependencies": [ + "cdk-integ-lambda-bundling-docker-bundling-opts" + ], + "metadata": { + "/Bundling/DefaultTest/DeployAssert": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd.bundle", + "id": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "packaging": "zip", + "sourceHash": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "s3BucketParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7", + "s3KeyParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E", + "artifactHashParameter": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9" + } + } + ], + "/Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8" + } + ], + "/Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/Invoke": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8InvokeA3F6E40A" + } + ], + "/Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/Default/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8AssertEqualsLambdainvoke89C63F4A" + } + ], + "/Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/AssertionResults": [ + { + "type": "aws:cdk:logicalId", + "data": "AssertionResultsAssertEqualsLambdainvoke" + } + ], + "/Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81Role37ABCE73" + } + ], + "/Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler": [ + { + "type": "aws:cdk:logicalId", + "data": "SingletonFunction1488541a7b23466481b69b4408076b81HandlerCD40AE9F" + } + ], + "/Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3BucketF94385B7" + } + ], + "/Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdS3VersionKey66DB0F9E" + } + ], + "/Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbdArtifactHash2AC894D9" + } + ] + }, + "displayName": "Bundling/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/tree.json b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/tree.json new file mode 100644 index 0000000000000..3528b43171152 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/bundling.docker-opts.integ.snapshot/tree.json @@ -0,0 +1,461 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "cdk-integ-lambda-bundling-docker-bundling-opts": { + "id": "cdk-integ-lambda-bundling-docker-bundling-opts", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts", + "children": { + "Function": { + "id": "Function", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Function/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3BucketFA35C5ED" + }, + "s3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbadc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668S3VersionKeyE3A69E58" + } + ] + } + ] + } + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "FunctionServiceRole675BB04A", + "Arn" + ] + }, + "handler": "index.handler", + "runtime": "python3.9" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters", + "children": { + "badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668": { + "id": "badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/AssetParameters/badc2d9df4b50b7ee1eaf05b055fa93217d48bfecf7ad59a8fdac427eea82668/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "Exports": { + "id": "Exports", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Exports", + "children": { + "Output{\"Ref\":\"Function76856677\"}": { + "id": "Output{\"Ref\":\"Function76856677\"}", + "path": "cdk-integ-lambda-bundling-docker-bundling-opts/Exports/Output{\"Ref\":\"Function76856677\"}", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "Bundling": { + "id": "Bundling", + "path": "Bundling", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Bundling/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Bundling/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Bundling/DefaultTest/DeployAssert", + "children": { + "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8": { + "id": "LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8", + "children": { + "SdkProvider": { + "id": "SdkProvider", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/SdkProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/SdkProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/Default", + "children": { + "Default": { + "id": "Default", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/Default/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, + "Invoke": { + "id": "Invoke", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/Invoke", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "AssertEqualsLambdainvoke": { + "id": "AssertEqualsLambdainvoke", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke", + "children": { + "AssertionProvider": { + "id": "AssertionProvider", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/AssertionProvider", + "children": { + "AssertionsProvider": { + "id": "AssertionsProvider", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/AssertionProvider/AssertionsProvider", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.AssertionsProvider", + "version": "0.0.0" + } + }, + "Default": { + "id": "Default", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/Default", + "children": { + "Default": { + "id": "Default", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/Default/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, + "AssertionResults": { + "id": "AssertionResults", + "path": "Bundling/DefaultTest/DeployAssert/LambdaInvoke55933c6da447c7ea94ebd3a50e8557a8/AssertEqualsLambdainvoke/AssertionResults", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.EqualsAssertion", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.LambdaInvokeFunction", + "version": "0.0.0" + } + }, + "SingletonFunction1488541a7b23466481b69b4408076b81": { + "id": "SingletonFunction1488541a7b23466481b69b4408076b81", + "path": "Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81", + "children": { + "Staging": { + "id": "Staging", + "path": "Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Staging", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Role", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + }, + "Handler": { + "id": "Handler", + "path": "Bundling/DefaultTest/DeployAssert/SingletonFunction1488541a7b23466481b69b4408076b81/Handler", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "Bundling/DefaultTest/DeployAssert/AssetParameters", + "children": { + "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd": { + "id": "0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "path": "Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "Bundling/DefaultTest/DeployAssert/AssetParameters/0d8d96305807ac805d23c6d7b279eef238715605efad63c839ad1e7e8236bdbd/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/Dockerfile b/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/Dockerfile new file mode 100644 index 0000000000000..3da16ef980217 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/Dockerfile @@ -0,0 +1,6 @@ +FROM public.ecr.aws/lambda/python:latest + +ARG FUNCTION_DIR="/var/task" +COPY index.py ${FUNCTION_DIR} + +CMD [ "index.handler" ] \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/index.py b/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/index.py new file mode 100644 index 0000000000000..fe4f05995f6bd --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/docker-arm64-handler/index.py @@ -0,0 +1,6 @@ +import json, platform +def handler(event, context): + return { + 'statusCode': 200, + 'body': json.dumps( f'Hello CDK from Lambda({platform.platform()})!') + } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/integ.bundling.docker-opts.ts b/packages/@aws-cdk/aws-lambda/test/integ.bundling.docker-opts.ts new file mode 100644 index 0000000000000..80441cf6ab906 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/integ.bundling.docker-opts.ts @@ -0,0 +1,57 @@ +/// !cdk-integ pragma:disable-update-workflow +import * as path from 'path'; +import { App, Stack, StackProps } from '@aws-cdk/core'; +import { IntegTest, ExpectedResult } from '@aws-cdk/integ-tests'; +import { Construct } from 'constructs'; +import * as lambda from '../lib'; + +/** + * Stack verification steps: + * * aws cloudformation describe-stacks --stack-name cdk-integ-lambda-bundling-docker-bundling-opts --query Stacks[0].Outputs[0].OutputValue + * * aws lambda invoke --function-name response.json + * * cat response.json + * The last command should show '200' + */ +class TestStack extends Stack { + public readonly functionName: string; + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const assetPath = path.join(__dirname, 'python-lambda-handler'); + const fn = new lambda.Function(this, 'Function', { + code: lambda.Code.fromAsset(assetPath, { + bundling: { + image: lambda.Runtime.PYTHON_3_9.bundlingImage, + command: [ + 'bash', '-c', [ + 'cp -au . /asset-output', + 'cd /asset-output', + 'pip install -r requirements.txt -t .', + ].join(' && '), + ], + network: 'host', + }, + }), + runtime: lambda.Runtime.PYTHON_3_9, + handler: 'index.handler', + }); + + this.functionName = fn.functionName; + } +} + +const app = new App(); +const stack = new TestStack(app, 'cdk-integ-lambda-bundling-docker-bundling-opts'); + +const integ = new IntegTest(app, 'Bundling', { + testCases: [stack], + stackUpdateWorkflow: false, +}); + +const invoke = integ.assertions.invokeFunction({ + functionName: stack.functionName, +}); +invoke.expect(ExpectedResult.objectLike({ + Payload: '200', +})); +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/integ.lambda.docker-arm64.ts b/packages/@aws-cdk/aws-lambda/test/integ.lambda.docker-arm64.ts new file mode 100644 index 0000000000000..b567e9b5733fc --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/integ.lambda.docker-arm64.ts @@ -0,0 +1,19 @@ +import * as path from 'path'; +import { App, Stack } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import { Architecture, DockerImageCode, DockerImageFunction } from '../lib'; + +const app = new App(); + +const stack = new Stack(app, 'lambda-ecr-docker-arm64'); + +new DockerImageFunction(stack, 'MyLambda', { + code: DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-arm64-handler')), + architecture: Architecture.ARM_64, +}); + +new integ.IntegTest(app, 'lambda-docker-arm64', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda-platform.test.ts b/packages/@aws-cdk/aws-lambda/test/lambda-platform.test.ts new file mode 100644 index 0000000000000..1b38bd7ea2c8a --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda-platform.test.ts @@ -0,0 +1,44 @@ +import * as path from 'path'; +import { Template } from '@aws-cdk/assertions'; +import * as cdk from '@aws-cdk/core'; +import { Architecture, DockerImageCode, DockerImageFunction } from '../lib'; + +describe('lambda platform', () => { + test('can choose lambda architecture arm64', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + + // WHEN + new DockerImageFunction(stack, 'Lambda', { + code: DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-arm64-handler')), + architecture: Architecture.ARM_64, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + Architectures: [ + 'arm64', + ], + }); + }); + + test('can choose lambda architecture x86_64', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + + // WHEN + new DockerImageFunction(stack, 'Lambda', { + code: DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-arm64-handler')), + architecture: Architecture.X86_64, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + Architectures: [ + 'x86_64', + ], + }); + }); +}); diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.json new file mode 100644 index 0000000000000..73b08e0ca0c6f --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "lambda-docker-arm64/DefaultTest": { + "stacks": [ + "lambda-ecr-docker-arm64" + ], + "assertionStack": "lambdadockerarm64DefaultTestDeployAssert07D408EF" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.lambda.docker-arm64.expected.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.lambda.docker-arm64.expected.json new file mode 100644 index 0000000000000..448d6b6011df9 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/integ.lambda.docker-arm64.expected.json @@ -0,0 +1,74 @@ +{ + "Resources": { + "MyLambdaServiceRole4539ECB6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "MyLambdaCCE802FB": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ImageUri": { + "Fn::Join": [ + "", + [ + { + "Ref": "AWS::AccountId" + }, + ".dkr.ecr.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/aws-cdk/assets:166017f6f6f219800dee266c149e208fe18dea1788d822b1783afbc008c25db7" + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "MyLambdaServiceRole4539ECB6", + "Arn" + ] + }, + "Architectures": [ + "arm64" + ], + "PackageType": "Image" + }, + "DependsOn": [ + "MyLambdaServiceRole4539ECB6" + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.assets.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.assets.json similarity index 60% rename from packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.assets.json rename to packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.assets.json index cb55f7d816f58..723719a1247a6 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-ec2-task.lit.integ.snapshot/aws-ecs-integ-ecs.assets.json +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.assets.json @@ -1,29 +1,30 @@ { "version": "20.0.0", "files": { - "3c50421f7823038cd9fabd7e8e3e52667d7e61da2760abe3c2a76725bedb06b8": { + "e57a612d901fd500f4eae1beabe146b3d7a4f81dd10a81199b9c884d1e227a1e": { "source": { - "path": "aws-ecs-integ-ecs.template.json", + "path": "lambda-ecr-docker-arm64.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "3c50421f7823038cd9fabd7e8e3e52667d7e61da2760abe3c2a76725bedb06b8.json", + "objectKey": "e57a612d901fd500f4eae1beabe146b3d7a4f81dd10a81199b9c884d1e227a1e.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } } }, "dockerImages": { - "7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2": { + "027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040": { "source": { - "directory": "asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2" + "directory": "asset.027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", + "platform": "linux/arm64" }, "destinations": { "current_account-current_region": { "repositoryName": "cdk-hnb659fds-container-assets-${AWS::AccountId}-${AWS::Region}", - "imageTag": "7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2", + "imageTag": "027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-image-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.template.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.template.json new file mode 100644 index 0000000000000..20f5a2745bf18 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambda-ecr-docker-arm64.template.json @@ -0,0 +1,74 @@ +{ + "Resources": { + "MyLambdaServiceRole4539ECB6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "MyLambdaCCE802FB": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ImageUri": { + "Fn::Join": [ + "", + [ + { + "Ref": "AWS::AccountId" + }, + ".dkr.ecr.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/aws-cdk/assets:027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040" + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "MyLambdaServiceRole4539ECB6", + "Arn" + ] + }, + "Architectures": [ + "arm64" + ], + "PackageType": "Image" + }, + "DependsOn": [ + "MyLambdaServiceRole4539ECB6" + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambdadockerarm64DefaultTestDeployAssert07D408EF.template.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambdadockerarm64DefaultTestDeployAssert07D408EF.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/lambdadockerarm64DefaultTestDeployAssert07D408EF.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..a910ee19ed94c --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/manifest.json @@ -0,0 +1,57 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "lambda-ecr-docker-arm64": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "lambda-ecr-docker-arm64.template.json", + "validateOnSynth": false + }, + "metadata": { + "/lambda-ecr-docker-arm64": [ + { + "type": "aws:cdk:asset", + "data": { + "repositoryName": "aws-cdk/assets", + "imageTag": "027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", + "id": "027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", + "packaging": "container-image", + "path": "asset.027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", + "sourceHash": "027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040", + "platform": "linux/arm64" + } + } + ], + "/lambda-ecr-docker-arm64/MyLambda/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyLambdaServiceRole4539ECB6" + } + ], + "/lambda-ecr-docker-arm64/MyLambda/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyLambdaCCE802FB" + } + ] + }, + "displayName": "lambda-ecr-docker-arm64" + }, + "lambdadockerarm64DefaultTestDeployAssert07D408EF": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "lambdadockerarm64DefaultTestDeployAssert07D408EF.template.json", + "validateOnSynth": false + }, + "displayName": "lambda-docker-arm64/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/tree.json b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/tree.json new file mode 100644 index 0000000000000..a01ab92a26150 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda/test/lambda.docker-arm64.integ.snapshot/tree.json @@ -0,0 +1,196 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "lambda-ecr-docker-arm64": { + "id": "lambda-ecr-docker-arm64", + "path": "lambda-ecr-docker-arm64", + "children": { + "MyLambda": { + "id": "MyLambda", + "path": "lambda-ecr-docker-arm64/MyLambda", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "lambda-ecr-docker-arm64/MyLambda/ServiceRole", + "children": { + "Resource": { + "id": "Resource", + "path": "lambda-ecr-docker-arm64/MyLambda/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "AssetImage": { + "id": "AssetImage", + "path": "lambda-ecr-docker-arm64/MyLambda/AssetImage", + "children": { + "Staging": { + "id": "Staging", + "path": "lambda-ecr-docker-arm64/MyLambda/AssetImage/Staging", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "Repository": { + "id": "Repository", + "path": "lambda-ecr-docker-arm64/MyLambda/AssetImage/Repository", + "constructInfo": { + "fqn": "@aws-cdk/aws-ecr.RepositoryBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ecr-assets.DockerImageAsset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "lambda-ecr-docker-arm64/MyLambda/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "imageUri": { + "Fn::Join": [ + "", + [ + { + "Ref": "AWS::AccountId" + }, + ".dkr.ecr.", + { + "Ref": "AWS::Region" + }, + ".", + { + "Ref": "AWS::URLSuffix" + }, + "/aws-cdk/assets:027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040" + ] + ] + } + }, + "role": { + "Fn::GetAtt": [ + "MyLambdaServiceRole4539ECB6", + "Arn" + ] + }, + "architectures": [ + "arm64" + ], + "packageType": "Image" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.DockerImageFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "lambda-docker-arm64": { + "id": "lambda-docker-arm64", + "path": "lambda-docker-arm64", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "lambda-docker-arm64/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "lambda-docker-arm64/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "lambda-docker-arm64/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda/test/vpc-lambda.test.ts b/packages/@aws-cdk/aws-lambda/test/vpc-lambda.test.ts index f1811b59e8f03..bdb742462194c 100644 --- a/packages/@aws-cdk/aws-lambda/test/vpc-lambda.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/vpc-lambda.test.ts @@ -323,6 +323,21 @@ describe('lambda + vpc', () => { }); }).toThrow(/Lambda Functions in a public subnet/); }); + + test('specifying vpcSubnets without a vpc throws an Error', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + expect(() => { + new lambda.Function(stack, 'Function', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_14_X, + vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE }, + }); + }).toThrow('Cannot configure \'vpcSubnets\' without configuring a VPC'); + }); }); class SomethingConnectable implements ec2.IConnectable { diff --git a/packages/@aws-cdk/aws-opensearchservice/README.md b/packages/@aws-cdk/aws-opensearchservice/README.md index 65cf275025354..04153b1fc7a48 100644 --- a/packages/@aws-cdk/aws-opensearchservice/README.md +++ b/packages/@aws-cdk/aws-opensearchservice/README.md @@ -31,16 +31,16 @@ See [Migrating to OpenSearch](https://docs.aws.amazon.com/cdk/api/latest/docs/aw Create a development cluster by simply specifying the version: ```ts -const devDomain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const devDomain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, }); ``` To perform version upgrades without replacing the entire domain, specify the `enableVersionUpgrade` property. ```ts -const devDomain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const devDomain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, enableVersionUpgrade: true, // defaults to false }); ``` @@ -48,8 +48,8 @@ const devDomain = new opensearch.Domain(this, 'Domain', { Create a production grade cluster by also specifying things like capacity and az distribution ```ts -const prodDomain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const prodDomain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, capacity: { masterNodes: 5, dataNodes: 20, @@ -104,7 +104,7 @@ This method accepts a domain endpoint of an already existing domain: ```ts const domainEndpoint = 'https://my-domain-jcjotrt6f7otem4sqcwbch3c4u.us-east-1.es.amazonaws.com'; -const domain = opensearch.Domain.fromDomainEndpoint(this, 'ImportedDomain', domainEndpoint); +const domain = Domain.fromDomainEndpoint(this, 'ImportedDomain', domainEndpoint); ``` ### Using the output of another CloudFormation stack @@ -129,7 +129,7 @@ Helper methods also exist for managing access to the domain. ```ts declare const fn: lambda.Function; -declare const domain: opensearch.Domain; +declare const domain: Domain; // Grant write access to the app-search index domain.grantIndexWrite('app-search', fn); @@ -143,8 +143,8 @@ domain.grantPathRead('app-search/_search', fn); The domain can also be created with encryption enabled: ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, ebs: { volumeSize: 100, volumeType: ec2.EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, @@ -168,8 +168,8 @@ Domains can be placed inside a VPC, providing a secure communication between Ama ```ts const vpc = new ec2.Vpc(this, 'Vpc'); -const domainProps: opensearch.DomainProps = { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domainProps: DomainProps = { + version: EngineVersion.OPENSEARCH_1_0, removalPolicy: RemovalPolicy.DESTROY, vpc, // must be enabled since our VPC contains multiple private subnets. @@ -181,7 +181,7 @@ const domainProps: opensearch.DomainProps = { dataNodes: 2, }, }; -new opensearch.Domain(this, 'Domain', domainProps); +new Domain(this, 'Domain', domainProps); ``` In addition, you can use the `vpcSubnets` property to control which specific subnets will be used, and the `securityGroups` property to control @@ -192,7 +192,7 @@ which security groups will be attached to the domain. By default, CDK will selec Helper methods exist to access common domain metrics for example: ```ts -declare const domain: opensearch.Domain; +declare const domain: Domain; const freeStorageSpace = domain.metricFreeStorageSpace(); const masterSysMemoryUtilization = domain.metric('MasterSysMemoryUtilization'); ``` @@ -205,8 +205,8 @@ The domain can also be created with a master user configured. The password can be supplied or dynamically created if not supplied. ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, enforceHttps: true, nodeToNodeEncryption: true, encryptionAtRest: { @@ -243,8 +243,8 @@ stored in the AWS Secrets Manager as secret. The secret has the prefix `MasterUser`. ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, useUnsignedBasicAuth: true, }); @@ -259,8 +259,8 @@ constructor property, or later by means of a helper method. For simple permissions the `accessPolicies` constructor may be sufficient: ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, accessPolicies: [ new iam.PolicyStatement({ actions: ['es:*ESHttpPost', 'es:ESHttpPut*'], @@ -277,8 +277,8 @@ For more complex use-cases, for example, to set the domain up to receive data fr allows for policies that include the explicit domain ARN. ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, }); domain.addAccessPolicies( new iam.PolicyStatement({ @@ -313,8 +313,8 @@ domain.addAccessPolicies( Audit logs can be enabled for a domain, but only when fine grained access control is enabled. ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, enforceHttps: true, nodeToNodeEncryption: true, encryptionAtRest: { @@ -337,8 +337,8 @@ const domain = new opensearch.Domain(this, 'Domain', { UltraWarm nodes can be enabled to provide a cost-effective way to store large amounts of read-only data. ```ts -const domain = new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, capacity: { masterNodes: 2, warmNodes: 2, @@ -352,8 +352,8 @@ const domain = new opensearch.Domain(this, 'Domain', { Custom endpoints can be configured to reach the domain under a custom domain name. ```ts -new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, customEndpoint: { domainName: 'search.example.com', }, @@ -369,8 +369,8 @@ Additionally, an automatic CNAME-Record is created if a hosted zone is provided [Advanced options](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) can used to configure additional options. ```ts -new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_1_0, +new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, advancedOptions: { 'rest.action.multi.allow_explicit_index': 'false', 'indices.fielddata.cache.size': '25', @@ -378,3 +378,22 @@ new opensearch.Domain(this, 'Domain', { }, }); ``` + +## Amazon Cognito authentication for OpenSearch Dashboards + +The domain can be configured to use Amazon Cognito authentication for OpenSearch Dashboards. + +> Visit [Configuring Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) for more details. + +```ts +declare const cognitoConfigurationRole: iam.Role; + +const domain = new Domain(this, 'Domain', { + version: EngineVersion.OPENSEARCH_1_0, + cognitoDashboardsAuth: { + role: cognitoConfigurationRole, + identityPoolId: 'example-identity-pool-id', + userPoolId: 'example-user-pool-id', + }, +}); +``` diff --git a/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts b/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts index 960b9b626f8c7..4d51c6c176c6e 100644 --- a/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts +++ b/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts @@ -1583,12 +1583,12 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }, nodeToNodeEncryptionOptions: { enabled: nodeToNodeEncryptionEnabled }, logPublishingOptions: logPublishing, - cognitoOptions: { - enabled: props.cognitoDashboardsAuth != null, + cognitoOptions: props.cognitoDashboardsAuth ? { + enabled: true, identityPoolId: props.cognitoDashboardsAuth?.identityPoolId, roleArn: props.cognitoDashboardsAuth?.role.roleArn, userPoolId: props.cognitoDashboardsAuth?.userPoolId, - }, + }: undefined, vpcOptions: cfnVpcOptions, snapshotOptions: props.automatedSnapshotStartHour ? { automatedSnapshotStartHour: props.automatedSnapshotStartHour } diff --git a/packages/@aws-cdk/aws-opensearchservice/lib/version.ts b/packages/@aws-cdk/aws-opensearchservice/lib/version.ts index b989ac4867b72..0347159408023 100644 --- a/packages/@aws-cdk/aws-opensearchservice/lib/version.ts +++ b/packages/@aws-cdk/aws-opensearchservice/lib/version.ts @@ -68,6 +68,9 @@ export class EngineVersion { /** AWS OpenSearch 1.2 */ public static readonly OPENSEARCH_1_2 = EngineVersion.openSearch('1.2'); + /** AWS OpenSearch 1.3 */ + public static readonly OPENSEARCH_1_3 = EngineVersion.openSearch('1.3'); + /** * Custom ElasticSearch version * @param version custom version number diff --git a/packages/@aws-cdk/aws-opensearchservice/package.json b/packages/@aws-cdk/aws-opensearchservice/package.json index 0d7ab91e184a5..a18f45d1c3b65 100644 --- a/packages/@aws-cdk/aws-opensearchservice/package.json +++ b/packages/@aws-cdk/aws-opensearchservice/package.json @@ -89,6 +89,8 @@ "@aws-cdk/integ-runner": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", + "@aws-cdk/aws-cognito": "0.0.0", "@types/jest": "^27.5.2" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-opensearchservice/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-opensearchservice/rosetta/default.ts-fixture index 625996f43fb30..0bf08b6ca9abd 100644 --- a/packages/@aws-cdk/aws-opensearchservice/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-opensearchservice/rosetta/default.ts-fixture @@ -1,12 +1,12 @@ // Fixture with packages imported, but nothing else import { Construct } from 'constructs'; -import { RemovalPolicy, Stack } from '@aws-cdk/core'; -import * as opensearch from '@aws-cdk/aws-opensearchservice'; +import { RemovalPolicy, Stack, Fn } from '@aws-cdk/core'; +import { Domain, DomainProps, EngineVersion } from '@aws-cdk/aws-opensearchservice'; import * as lambda from '@aws-cdk/aws-lambda'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; -class Fixture extends Stack { +class Fixture extends Stack { constructor(scope: Construct, id: string) { super(scope, id); diff --git a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts index 07094a348e52b..6260678513600 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts +++ b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts @@ -187,9 +187,6 @@ test('minimal example renders correctly', () => { new Domain(stack, 'Domain', { version: defaultVersion }); Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { - CognitoOptions: { - Enabled: false, - }, EBSOptions: { EBSEnabled: true, VolumeSize: 10, @@ -1852,6 +1849,46 @@ describe('advanced options', () => { }); }); +describe('cognito dashboards auth', () => { + test('cognito dashboards auth is not configured by default', () => { + new Domain(stack, 'Domain', { version: defaultVersion }); + + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + CognitoOptions: Match.absent(), + }); + }); + + test('cognito dashboards auth can be configured', () => { + const identityPoolId = 'test-identity-pool-id'; + const userPoolId = 'test-user-pool-id'; + const user = new iam.User(stack, 'testuser'); + const role = new iam.Role(stack, 'testrole', { assumedBy: user }); + + new Domain(stack, 'Domain', { + version: defaultVersion, + cognitoDashboardsAuth: { + role, + identityPoolId, + userPoolId, + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + CognitoOptions: { + Enabled: true, + IdentityPoolId: identityPoolId, + RoleArn: { + 'Fn::GetAtt': [ + 'testroleFAA56B58', + 'Arn', + ], + }, + UserPoolId: userPoolId, + }, + }); + }); +}); + function testGrant( expectedActions: string[], invocation: (user: iam.IPrincipal, domain: Domain) => void, diff --git a/packages/@aws-cdk/aws-opensearchservice/test/integ.opensearch.cognitodashboardsauth.ts b/packages/@aws-cdk/aws-opensearchservice/test/integ.opensearch.cognitodashboardsauth.ts new file mode 100644 index 0000000000000..42642148dcff7 --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/integ.opensearch.cognitodashboardsauth.ts @@ -0,0 +1,54 @@ +/// !cdk-integ pragma:ignore-assets +import * as cognito from '@aws-cdk/aws-cognito'; +import * as iam from '@aws-cdk/aws-iam'; +import { App, RemovalPolicy, Stack, StackProps } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { Construct } from 'constructs'; +import * as opensearch from '../lib'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + // Adding required resources per https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html#cognito-auth-config + const identityPool = new cognito.CfnIdentityPool(this, 'IdentityPool', { + allowUnauthenticatedIdentities: true, + }); + + const userPool = new cognito.UserPool(this, 'UserPool', { + removalPolicy: RemovalPolicy.DESTROY, + }); + userPool.addDomain('UserPoolDomain', { + cognitoDomain: { + domainPrefix: 'integ-test-domain-prefix', + }, + }); + + const role = new iam.Role(this, 'Role', { + assumedBy: new iam.ServicePrincipal('opensearchservice.amazonaws.com'), + managedPolicies: [ + iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonOpenSearchServiceCognitoAccess'), + ], + }); + + // Adding a domain with cognito dashboards auth configured + new opensearch.Domain(this, 'Domain', { + removalPolicy: RemovalPolicy.DESTROY, + version: opensearch.EngineVersion.OPENSEARCH_1_0, + cognitoDashboardsAuth: { + role, + identityPoolId: identityPool.ref, + userPoolId: userPool.userPoolId, + }, + }); + } +} + +const app = new App(); +const stack = new TestStack(app, 'cdk-integ-opensearch-cognitodashboardsauth'); + +new IntegTest(app, 'CognitoAuthForOpenSearchDashboards', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk-integ-opensearch-advancedsecurity.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk-integ-opensearch-advancedsecurity.template.json index 7b59058b5673c..6d5410432e9f8 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk-integ-opensearch-advancedsecurity.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk-integ-opensearch-advancedsecurity.template.json @@ -24,9 +24,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": true, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/manifest.json index ffe19a2034a60..d21141bf55b77 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/tree.json index b11e66f2e05c0..0b7486944e4ce 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.advancedsecurity.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } }, "cdk-integ-opensearch-advancedsecurity": { @@ -66,9 +66,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": true, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk-integ-opensearch-cognitodashboardsauth.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk-integ-opensearch-cognitodashboardsauth.template.json new file mode 100644 index 0000000000000..98fbe17c6246f --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk-integ-opensearch-cognitodashboardsauth.template.json @@ -0,0 +1,126 @@ +{ + "Resources": { + "IdentityPool": { + "Type": "AWS::Cognito::IdentityPool", + "Properties": { + "AllowUnauthenticatedIdentities": true + } + }, + "UserPool6BA7E5F2": { + "Type": "AWS::Cognito::UserPool", + "Properties": { + "AccountRecoverySetting": { + "RecoveryMechanisms": [ + { + "Name": "verified_phone_number", + "Priority": 1 + }, + { + "Name": "verified_email", + "Priority": 2 + } + ] + }, + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": true + }, + "EmailVerificationMessage": "The verification code to your new account is {####}", + "EmailVerificationSubject": "Verify your new account", + "SmsVerificationMessage": "The verification code to your new account is {####}", + "VerificationMessageTemplate": { + "DefaultEmailOption": "CONFIRM_WITH_CODE", + "EmailMessage": "The verification code to your new account is {####}", + "EmailSubject": "Verify your new account", + "SmsMessage": "The verification code to your new account is {####}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "UserPoolUserPoolDomain9F01E991": { + "Type": "AWS::Cognito::UserPoolDomain", + "Properties": { + "Domain": "integ-test-domain-prefix", + "UserPoolId": { + "Ref": "UserPool6BA7E5F2" + } + } + }, + "Role1ABCC5F0": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "opensearchservice.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/AmazonOpenSearchServiceCognitoAccess" + ] + ] + } + ] + } + }, + "Domain66AC69E0": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r5.large.search", + "ZoneAwarenessEnabled": false + }, + "CognitoOptions": { + "Enabled": true, + "IdentityPoolId": { + "Ref": "IdentityPool" + }, + "RoleArn": { + "Fn::GetAtt": [ + "Role1ABCC5F0", + "Arn" + ] + }, + "UserPoolId": { + "Ref": "UserPool6BA7E5F2" + } + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_1.0", + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/integ.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/integ.json new file mode 100644 index 0000000000000..30a553b18aed8 --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "CognitoAuthForOpenSearchDashboards/DefaultTest": { + "stacks": [ + "cdk-integ-opensearch-cognitodashboardsauth" + ], + "assertionStack": "CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..1af8818405456 --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/manifest.json @@ -0,0 +1,61 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "cdk-integ-opensearch-cognitodashboardsauth": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-opensearch-cognitodashboardsauth.template.json", + "validateOnSynth": false + }, + "metadata": { + "/cdk-integ-opensearch-cognitodashboardsauth/IdentityPool": [ + { + "type": "aws:cdk:logicalId", + "data": "IdentityPool" + } + ], + "/cdk-integ-opensearch-cognitodashboardsauth/UserPool/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "UserPool6BA7E5F2" + } + ], + "/cdk-integ-opensearch-cognitodashboardsauth/UserPool/UserPoolDomain/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "UserPoolUserPoolDomain9F01E991" + } + ], + "/cdk-integ-opensearch-cognitodashboardsauth/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Role1ABCC5F0" + } + ], + "/cdk-integ-opensearch-cognitodashboardsauth/Domain/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Domain66AC69E0" + } + ] + }, + "displayName": "cdk-integ-opensearch-cognitodashboardsauth" + }, + "CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "CognitoAuthForOpenSearchDashboardsDefaultTestDeployAssert4CCFA971.template.json", + "validateOnSynth": false + }, + "displayName": "CognitoAuthForOpenSearchDashboards/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/tree.json new file mode 100644 index 0000000000000..45b4ec90cb407 --- /dev/null +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.cognitodashboardsauth.integ.snapshot/tree.json @@ -0,0 +1,265 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "cdk-integ-opensearch-cognitodashboardsauth": { + "id": "cdk-integ-opensearch-cognitodashboardsauth", + "path": "cdk-integ-opensearch-cognitodashboardsauth", + "children": { + "IdentityPool": { + "id": "IdentityPool", + "path": "cdk-integ-opensearch-cognitodashboardsauth/IdentityPool", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::IdentityPool", + "aws:cdk:cloudformation:props": { + "allowUnauthenticatedIdentities": true + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cognito.CfnIdentityPool", + "version": "0.0.0" + } + }, + "UserPool": { + "id": "UserPool", + "path": "cdk-integ-opensearch-cognitodashboardsauth/UserPool", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-opensearch-cognitodashboardsauth/UserPool/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::UserPool", + "aws:cdk:cloudformation:props": { + "accountRecoverySetting": { + "recoveryMechanisms": [ + { + "name": "verified_phone_number", + "priority": 1 + }, + { + "name": "verified_email", + "priority": 2 + } + ] + }, + "adminCreateUserConfig": { + "allowAdminCreateUserOnly": true + }, + "emailVerificationMessage": "The verification code to your new account is {####}", + "emailVerificationSubject": "Verify your new account", + "smsVerificationMessage": "The verification code to your new account is {####}", + "verificationMessageTemplate": { + "defaultEmailOption": "CONFIRM_WITH_CODE", + "emailMessage": "The verification code to your new account is {####}", + "emailSubject": "Verify your new account", + "smsMessage": "The verification code to your new account is {####}" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cognito.CfnUserPool", + "version": "0.0.0" + } + }, + "UserPoolDomain": { + "id": "UserPoolDomain", + "path": "cdk-integ-opensearch-cognitodashboardsauth/UserPool/UserPoolDomain", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-opensearch-cognitodashboardsauth/UserPool/UserPoolDomain/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Cognito::UserPoolDomain", + "aws:cdk:cloudformation:props": { + "domain": "integ-test-domain-prefix", + "userPoolId": { + "Ref": "UserPool6BA7E5F2" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cognito.CfnUserPoolDomain", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cognito.UserPoolDomain", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-cognito.UserPool", + "version": "0.0.0" + } + }, + "Role": { + "id": "Role", + "path": "cdk-integ-opensearch-cognitodashboardsauth/Role", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-opensearch-cognitodashboardsauth/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "opensearchservice.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/AmazonOpenSearchServiceCognitoAccess" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Domain": { + "id": "Domain", + "path": "cdk-integ-opensearch-cognitodashboardsauth/Domain", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-opensearch-cognitodashboardsauth/Domain/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::OpenSearchService::Domain", + "aws:cdk:cloudformation:props": { + "clusterConfig": { + "dedicatedMasterEnabled": false, + "instanceCount": 1, + "instanceType": "r5.large.search", + "zoneAwarenessEnabled": false + }, + "cognitoOptions": { + "enabled": true, + "identityPoolId": { + "Ref": "IdentityPool" + }, + "roleArn": { + "Fn::GetAtt": [ + "Role1ABCC5F0", + "Arn" + ] + }, + "userPoolId": { + "Ref": "UserPool6BA7E5F2" + } + }, + "domainEndpointOptions": { + "enforceHttps": false, + "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" + }, + "ebsOptions": { + "ebsEnabled": true, + "volumeSize": 10, + "volumeType": "gp2" + }, + "encryptionAtRestOptions": { + "enabled": false + }, + "engineVersion": "OpenSearch_1.0", + "logPublishingOptions": {}, + "nodeToNodeEncryptionOptions": { + "enabled": false + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-opensearchservice.CfnDomain", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-opensearchservice.Domain", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "CognitoAuthForOpenSearchDashboards": { + "id": "CognitoAuthForOpenSearchDashboards", + "path": "CognitoAuthForOpenSearchDashboards", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "CognitoAuthForOpenSearchDashboards/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "CognitoAuthForOpenSearchDashboards/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "CognitoAuthForOpenSearchDashboards/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk-integ-opensearch-custom-kms-key.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk-integ-opensearch-custom-kms-key.template.json index 2b33df14043ca..712fc8e981a0d 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk-integ-opensearch-custom-kms-key.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk-integ-opensearch-custom-kms-key.template.json @@ -44,9 +44,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -228,7 +225,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "S3Key": { "Fn::Join": [ @@ -241,7 +238,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -254,7 +251,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -281,17 +278,17 @@ } }, "Parameters": { - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A": { "Type": "String", - "Description": "S3 bucket for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 bucket for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5": { "Type": "String", - "Description": "S3 key for asset version \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 key for asset version \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC": { "Type": "String", - "Description": "Artifact hash for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "Artifact hash for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/manifest.json index b40eb5029b9f1..117ba4863ee90 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,13 +19,13 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "packaging": "zip", - "sourceHash": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "s3BucketParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F", - "s3KeyParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058", - "artifactHashParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "sourceHash": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "s3BucketParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A", + "s3KeyParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5", + "artifactHashParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } } ], @@ -71,22 +71,22 @@ "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C" } ], - "/cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket": [ + "/cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" } ], - "/cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey": [ + "/cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ], - "/cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash": [ + "/cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } ] }, diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/tree.json index ee137350369d2..d6232912c89d3 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.custom-kms-key.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } }, "cdk-integ-opensearch-custom-kms-key": { @@ -83,9 +83,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": false, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -334,7 +331,7 @@ "aws:cdk:cloudformation:props": { "code": { "s3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "s3Key": { "Fn::Join": [ @@ -347,7 +344,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -360,7 +357,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -377,7 +374,7 @@ ] }, "handler": "index.handler", - "runtime": "nodejs12.x", + "runtime": "nodejs14.x", "timeout": 120 } }, @@ -396,13 +393,13 @@ "id": "AssetParameters", "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters", "children": { - "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90": { - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket", + "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -410,7 +407,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey", + "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -418,7 +415,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash", + "path": "cdk-integ-opensearch-custom-kms-key/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -427,13 +424,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } } }, diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk-integ-opensearch.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk-integ-opensearch.template.json index c92ea5ebf3939..2341834355603 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk-integ-opensearch.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk-integ-opensearch.template.json @@ -116,9 +116,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -290,7 +287,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "S3Key": { "Fn::Join": [ @@ -303,7 +300,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -316,7 +313,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -456,9 +453,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -596,17 +590,17 @@ } }, "Parameters": { - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A": { "Type": "String", - "Description": "S3 bucket for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 bucket for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5": { "Type": "String", - "Description": "S3 key for asset version \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 key for asset version \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC": { "Type": "String", - "Description": "Artifact hash for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "Artifact hash for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/manifest.json index 70e033a8594e9..fca6b84f2b386 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,13 +19,13 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "packaging": "zip", - "sourceHash": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "s3BucketParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F", - "s3KeyParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058", - "artifactHashParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "sourceHash": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "s3BucketParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A", + "s3KeyParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5", + "artifactHashParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } } ], @@ -83,22 +83,22 @@ "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C" } ], - "/cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket": [ + "/cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" } ], - "/cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey": [ + "/cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ], - "/cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash": [ + "/cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } ], "/cdk-integ-opensearch/Domain2/SlowSearchLogs/Resource": [ diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/tree.json index 023b8f817182d..6ece69ad106a1 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } }, "cdk-integ-opensearch": { @@ -163,9 +163,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": false, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -382,7 +379,7 @@ "aws:cdk:cloudformation:props": { "code": { "s3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "s3Key": { "Fn::Join": [ @@ -395,7 +392,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -408,7 +405,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -425,7 +422,7 @@ ] }, "handler": "index.handler", - "runtime": "nodejs12.x", + "runtime": "nodejs14.x", "timeout": 120 } }, @@ -444,13 +441,13 @@ "id": "AssetParameters", "path": "cdk-integ-opensearch/AssetParameters", "children": { - "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90": { - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "path": "cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "path": "cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket", + "path": "cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -458,7 +455,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey", + "path": "cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -466,7 +463,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "cdk-integ-opensearch/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash", + "path": "cdk-integ-opensearch/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -475,13 +472,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.58" } }, "Domain2": { @@ -631,9 +628,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": false, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk-integ-opensearch-ultrawarm.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk-integ-opensearch-ultrawarm.template.json index 8bbe484db5eb1..f7cff4e18d0ad 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk-integ-opensearch-ultrawarm.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk-integ-opensearch-ultrawarm.template.json @@ -14,9 +14,6 @@ "WarmType": "ultrawarm1.medium.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/manifest.json index 236babe96d8bc..6be0e451acd67 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/tree.json index c2a46081544cf..9e11c3c61aa60 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.ultrawarm.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } }, "cdk-integ-opensearch-ultrawarm": { @@ -37,9 +37,6 @@ "warmType": "ultrawarm1.medium.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": false, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk-integ-opensearch-unsignedbasicauth.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk-integ-opensearch-unsignedbasicauth.template.json index ea296db686ba3..1c93dd64f4282 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk-integ-opensearch-unsignedbasicauth.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk-integ-opensearch-unsignedbasicauth.template.json @@ -40,9 +40,6 @@ "InstanceType": "r5.large.search", "ZoneAwarenessEnabled": false }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": true, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -189,7 +186,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "S3Key": { "Fn::Join": [ @@ -202,7 +199,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -215,7 +212,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -241,17 +238,17 @@ } }, "Parameters": { - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A": { "Type": "String", - "Description": "S3 bucket for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 bucket for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5": { "Type": "String", - "Description": "S3 key for asset version \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 key for asset version \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC": { "Type": "String", - "Description": "Artifact hash for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "Artifact hash for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/manifest.json index ffeed3ea79ef7..a8e93cbb58d78 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,13 +19,13 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "packaging": "zip", - "sourceHash": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "s3BucketParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F", - "s3KeyParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058", - "artifactHashParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "sourceHash": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "s3BucketParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A", + "s3KeyParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5", + "artifactHashParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } } ], @@ -65,22 +65,22 @@ "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C" } ], - "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket": [ + "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" } ], - "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey": [ + "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ], - "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash": [ + "/cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } ] }, diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/tree.json index 988fda54fcc91..333619059d1d4 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.unsignedbasicauth.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } }, "cdk-integ-opensearch-unsignedbasicauth": { @@ -79,9 +79,6 @@ "instanceType": "r5.large.search", "zoneAwarenessEnabled": false }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": true, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" @@ -279,7 +276,7 @@ "aws:cdk:cloudformation:props": { "code": { "s3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "s3Key": { "Fn::Join": [ @@ -292,7 +289,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -305,7 +302,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -322,7 +319,7 @@ ] }, "handler": "index.handler", - "runtime": "nodejs12.x", + "runtime": "nodejs14.x", "timeout": 120 } }, @@ -341,13 +338,13 @@ "id": "AssetParameters", "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters", "children": { - "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90": { - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket", + "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -355,7 +352,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey", + "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -363,7 +360,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash", + "path": "cdk-integ-opensearch-unsignedbasicauth/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -371,14 +368,14 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } } }, diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk-integ-opensearch-vpc.template.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk-integ-opensearch-vpc.template.json index 9283e90ab7003..cfb61b56e1d9c 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk-integ-opensearch-vpc.template.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk-integ-opensearch-vpc.template.json @@ -411,9 +411,6 @@ }, "ZoneAwarenessEnabled": true }, - "CognitoOptions": { - "Enabled": false - }, "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/manifest.json index 8eedc53e2f14b..7984c610349ba 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", diff --git a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/tree.json b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/tree.json index a4d9ed29f17e1..d56fce1ae57b9 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-opensearchservice/test/opensearch.vpc.integ.snapshot/tree.json @@ -8,8 +8,8 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.58" } }, "cdk-integ-opensearch-vpc": { @@ -712,9 +712,6 @@ "availabilityZoneCount": 2 } }, - "cognitoOptions": { - "enabled": false - }, "domainEndpointOptions": { "enforceHttps": false, "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" diff --git a/packages/@aws-cdk/aws-rds/lib/instance-engine.ts b/packages/@aws-cdk/aws-rds/lib/instance-engine.ts index 1dcba69bcfc16..ff8544b330684 100644 --- a/packages/@aws-cdk/aws-rds/lib/instance-engine.ts +++ b/packages/@aws-cdk/aws-rds/lib/instance-engine.ts @@ -238,25 +238,55 @@ export class MariaDbEngineVersion { */ public static readonly VER_10_1_34 = MariaDbEngineVersion.of('10.1.34', '10.1'); - /** Version "10.2" (only a major version, without a specific minor version). */ + /** + * Version "10.2" (only a major version, without a specific minor version) + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2 = MariaDbEngineVersion.of('10.2', '10.2'); - /** Version "10.2.11". */ + /** + * Version "10.2.11". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_11 = MariaDbEngineVersion.of('10.2.11', '10.2'); - /** Version "10.2.12". */ + /** + * Version "10.2.12". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_12 = MariaDbEngineVersion.of('10.2.12', '10.2'); - /** Version "10.2.15". */ + /** + * Version "10.2.15". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_15 = MariaDbEngineVersion.of('10.2.15', '10.2'); - /** Version "10.2.21". */ + /** + * Version "10.2.21". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_21 = MariaDbEngineVersion.of('10.2.21', '10.2'); - /** Version "10.2.32". */ + /** + * Version "10.2.32". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_32 = MariaDbEngineVersion.of('10.2.32', '10.2'); - /** Version "10.2.37". */ + /** + * Version "10.2.37". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_37 = MariaDbEngineVersion.of('10.2.37', '10.2'); - /** Version "10.2.39". */ + /** + * Version "10.2.39". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_39 = MariaDbEngineVersion.of('10.2.39', '10.2'); - /** Version "10.2.40". */ + /** + * Version "10.2.40". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_40 = MariaDbEngineVersion.of('10.2.40', '10.2'); - /** Version "10.2.41". */ + /** + * Version "10.2.41". + * @deprecated MariaDB 10.2 will reach end of life on October 15, 2022 + */ public static readonly VER_10_2_41 = MariaDbEngineVersion.of('10.2.41', '10.2'); /** Version "10.3" (only a major version, without a specific minor version). */ @@ -275,6 +305,10 @@ export class MariaDbEngineVersion { public static readonly VER_10_3_31 = MariaDbEngineVersion.of('10.3.31', '10.3'); /** Version "10.3.32". */ public static readonly VER_10_3_32 = MariaDbEngineVersion.of('10.3.32', '10.3'); + /** Version "10.3.34". */ + public static readonly VER_10_3_34 = MariaDbEngineVersion.of('10.3.34', '10.3'); + /** Version "10.3.35". */ + public static readonly VER_10_3_35 = MariaDbEngineVersion.of('10.3.35', '10.3'); /** Version "10.4" (only a major version, without a specific minor version). */ public static readonly VER_10_4 = MariaDbEngineVersion.of('10.4', '10.4'); @@ -288,6 +322,10 @@ export class MariaDbEngineVersion { public static readonly VER_10_4_21 = MariaDbEngineVersion.of('10.4.21', '10.4'); /** Version "10.4.22". */ public static readonly VER_10_4_22 = MariaDbEngineVersion.of('10.4.22', '10.4'); + /** Version "10.4.24". */ + public static readonly VER_10_4_24 = MariaDbEngineVersion.of('10.4.24', '10.4'); + /** Version "10.4.25". */ + public static readonly VER_10_4_25 = MariaDbEngineVersion.of('10.4.25', '10.4'); /** Version "10.5" (only a major version, without a specific minor version). */ public static readonly VER_10_5 = MariaDbEngineVersion.of('10.5', '10.5'); @@ -299,6 +337,19 @@ export class MariaDbEngineVersion { public static readonly VER_10_5_12 = MariaDbEngineVersion.of('10.5.12', '10.5'); /** Version "10.5.13". */ public static readonly VER_10_5_13 = MariaDbEngineVersion.of('10.5.13', '10.5'); + /** Version "10.5.15". */ + public static readonly VER_10_5_15 = MariaDbEngineVersion.of('10.5.15', '10.5'); + /** Version "10.5.16". */ + public static readonly VER_10_5_16 = MariaDbEngineVersion.of('10.5.16', '10.5'); + + /** Version "10.6" (only a major version, without a specific minor version). */ + public static readonly VER_10_6 = MariaDbEngineVersion.of('10.6', '10.6'); + /** Version "10.6.5". */ + public static readonly VER_10_6_5 = MariaDbEngineVersion.of('10.6.5', '10.6'); + /** Version "10.6.7". */ + public static readonly VER_10_6_7 = MariaDbEngineVersion.of('10.6.7', '10.6'); + /** Version "10.6.8". */ + public static readonly VER_10_6_8 = MariaDbEngineVersion.of('10.6.8', '10.6'); /** * Create a new MariaDbEngineVersion with an arbitrary version. @@ -902,6 +953,8 @@ export class PostgresEngineVersion { public static readonly VER_12_9 = PostgresEngineVersion.of('12.9', '12', { s3Import: true, s3Export: true }); /** Version "12.10". */ public static readonly VER_12_10 = PostgresEngineVersion.of('12.10', '12', { s3Import: true, s3Export: true }); + /** Version "12.11". */ + public static readonly VER_12_11 = PostgresEngineVersion.of('12.11', '12', { s3Import: true, s3Export: true }); /** Version "13" (only a major version, without a specific minor version). */ public static readonly VER_13 = PostgresEngineVersion.of('13', '13', { s3Import: true, s3Export: true }); @@ -917,6 +970,8 @@ export class PostgresEngineVersion { public static readonly VER_13_5 = PostgresEngineVersion.of('13.5', '13', { s3Import: true, s3Export: true }); /** Version "13.6". */ public static readonly VER_13_6 = PostgresEngineVersion.of('13.6', '13', { s3Import: true, s3Export: true }); + /** Version "13.7". */ + public static readonly VER_13_7 = PostgresEngineVersion.of('13.7', '13', { s3Import: true, s3Export: true }); /** Version "14" (only a major version, without a specific minor version). */ public static readonly VER_14 = PostgresEngineVersion.of('14', '14', { s3Import: true, s3Export: true }); @@ -924,6 +979,8 @@ export class PostgresEngineVersion { public static readonly VER_14_1 = PostgresEngineVersion.of('14.1', '14', { s3Import: true, s3Export: true }); /** Version "14.2". */ public static readonly VER_14_2 = PostgresEngineVersion.of('14.2', '14', { s3Import: true, s3Export: true }); + /** Version "14.3". */ + public static readonly VER_14_3 = PostgresEngineVersion.of('14.3', '14', { s3Import: true, s3Export: true }); /** * Create a new PostgresEngineVersion with an arbitrary version. diff --git a/packages/@aws-cdk/aws-rds/test/mariadb/mariadb.instance-engine.test.ts b/packages/@aws-cdk/aws-rds/test/mariadb/mariadb.instance-engine.test.ts new file mode 100644 index 0000000000000..f2aa303812dfd --- /dev/null +++ b/packages/@aws-cdk/aws-rds/test/mariadb/mariadb.instance-engine.test.ts @@ -0,0 +1,91 @@ +import { Template } from '@aws-cdk/assertions'; +import * as core from '@aws-cdk/core'; +import * as rds from '../../lib'; + +describe('MariaDB server instance engine', () => { + describe('MariaDB instance engine versions', () => { + test("has MajorEngineVersion ending in '10.3' for major version 10.3", () => { + const stack = new core.Stack(); + new rds.OptionGroup(stack, 'OptionGroup', { + engine: rds.DatabaseInstanceEngine.mariaDb({ + version: rds.MariaDbEngineVersion.VER_10_3, + }), + configurations: [ + { + name: 'MARIADB_BACKUP_RESTORE', + settings: { + IAM_ROLE_ARN: 'some-role-arn', + }, + }, + ], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::OptionGroup', { + MajorEngineVersion: '10.3', + }); + }); + + test("has MajorEngineVersion ending in '10.4' for major version 10.4", () => { + const stack = new core.Stack(); + new rds.OptionGroup(stack, 'OptionGroup', { + engine: rds.DatabaseInstanceEngine.mariaDb({ + version: rds.MariaDbEngineVersion.VER_10_4, + }), + configurations: [ + { + name: 'MARIADB_BACKUP_RESTORE', + settings: { + IAM_ROLE_ARN: 'some-role-arn', + }, + }, + ], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::OptionGroup', { + MajorEngineVersion: '10.4', + }); + }); + + test("has MajorEngineVersion ending in '10.5' for major version 10.5", () => { + const stack = new core.Stack(); + new rds.OptionGroup(stack, 'OptionGroup', { + engine: rds.DatabaseInstanceEngine.mariaDb({ + version: rds.MariaDbEngineVersion.VER_10_5, + }), + configurations: [ + { + name: 'MARIADB_BACKUP_RESTORE', + settings: { + IAM_ROLE_ARN: 'some-role-arn', + }, + }, + ], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::OptionGroup', { + MajorEngineVersion: '10.5', + }); + }); + + test("has MajorEngineVersion ending in '10.6' for major version 10.6", () => { + const stack = new core.Stack(); + new rds.OptionGroup(stack, 'OptionGroup', { + engine: rds.DatabaseInstanceEngine.mariaDb({ + version: rds.MariaDbEngineVersion.VER_10_6, + }), + configurations: [ + { + name: 'MARIADB_BACKUP_RESTORE', + settings: { + IAM_ROLE_ARN: 'some-role-arn', + }, + }, + ], + }); + + Template.fromStack(stack).hasResourceProperties('AWS::RDS::OptionGroup', { + MajorEngineVersion: '10.6', + }); + }); + }); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/README.md b/packages/@aws-cdk/aws-s3-assets/README.md index 8c6bff846abdd..b14612f967121 100644 --- a/packages/@aws-cdk/aws-s3-assets/README.md +++ b/packages/@aws-cdk/aws-s3-assets/README.md @@ -142,6 +142,28 @@ const asset = new assets.Asset(this, 'BundledAsset', { Use `BundlingOutput.ARCHIVED` if the bundling output contains a single archive file and you don't want it to be zipped. +### Docker options + +Depending on your build environment, you may need to pass certain docker options to the `docker run` command that bundles assets. +This can be done using [BundlingOptions](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.BundlingOptions.html) properties. + +Some optional properties to pass to the docker bundling + +```ts +const asset = new assets.Asset(this, 'BundledAsset', { + path: '/path/to/asset', + bundling: { + image: ambda.Runtime.PYTHON_3_9.bundlingImage,, + command: [ + 'bash', '-c', + 'pip install -r requirements.txt -t /asset-output && cp -au . /asset-output' + ], + securityOpt: 'no-new-privileges:true', // https://docs.docker.com/engine/reference/commandline/run/#optional-security-options---security-opt + network: 'host', //https://docs.docker.com/engine/reference/commandline/run/#connect-a-container-to-a-network---network + }, +}); +``` + ## CloudFormation Resource Metadata > NOTE: This section is relevant for authors of AWS Resource Constructs. diff --git a/packages/@aws-cdk/aws-s3-assets/package.json b/packages/@aws-cdk/aws-s3-assets/package.json index c32bb977ec994..c6cbf52593674 100644 --- a/packages/@aws-cdk/aws-s3-assets/package.json +++ b/packages/@aws-cdk/aws-s3-assets/package.json @@ -81,6 +81,7 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2" diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/asset.98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/index.html b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/asset.98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/index.html new file mode 100644 index 0000000000000..ce9fbb380030a --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/asset.98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/index.html @@ -0,0 +1,3 @@ +

This is a sample file

+ +

With markdown

diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk-integ-assets-bundling-docker-opts.template.json b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk-integ-assets-bundling-docker-opts.template.json new file mode 100644 index 0000000000000..bcb1f1d5a3674 --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk-integ-assets-bundling-docker-opts.template.json @@ -0,0 +1,16 @@ +{ + "Parameters": { + "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3BucketC921DFA4": { + "Type": "String", + "Description": "S3 bucket for asset \"98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22\"" + }, + "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3VersionKey4EB943F1": { + "Type": "String", + "Description": "S3 key for asset version \"98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22\"" + }, + "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22ArtifactHashA4014A8F": { + "Type": "String", + "Description": "Artifact hash for asset \"98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..588d7b269d34f --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575.template.json b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/integ.json b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/integ.json new file mode 100644 index 0000000000000..4f00a33a1cf0d --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/integ.json @@ -0,0 +1,11 @@ +{ + "version": "20.0.0", + "testCases": { + "cdk-integ-s3-assets-bundling-docker-opts/DefaultTest": { + "stacks": [ + "cdk-integ-assets-bundling-docker-opts" + ], + "assertionStack": "cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..268b6f059b56b --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/manifest.json @@ -0,0 +1,63 @@ +{ + "version": "20.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "cdk-integ-assets-bundling-docker-opts": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-assets-bundling-docker-opts.template.json", + "validateOnSynth": false + }, + "metadata": { + "/cdk-integ-assets-bundling-docker-opts": [ + { + "type": "aws:cdk:asset", + "data": { + "path": "asset.98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22", + "id": "98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22", + "packaging": "zip", + "sourceHash": "98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22", + "s3BucketParameter": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3BucketC921DFA4", + "s3KeyParameter": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3VersionKey4EB943F1", + "artifactHashParameter": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22ArtifactHashA4014A8F" + } + } + ], + "/cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/S3Bucket": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3BucketC921DFA4" + } + ], + "/cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/S3VersionKey": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22S3VersionKey4EB943F1" + } + ], + "/cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/ArtifactHash": [ + { + "type": "aws:cdk:logicalId", + "data": "AssetParameters98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22ArtifactHashA4014A8F" + } + ] + }, + "displayName": "cdk-integ-assets-bundling-docker-opts" + }, + "cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegs3assetsbundlingdockeroptsDefaultTestDeployAssert7B7BC575.template.json", + "validateOnSynth": false + }, + "displayName": "cdk-integ-s3-assets-bundling-docker-opts/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/tree.json b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/tree.json new file mode 100644 index 0000000000000..dc33d3473a660 --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/assets.bundling.docker-opts.integ.snapshot/tree.json @@ -0,0 +1,137 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "cdk-integ-assets-bundling-docker-opts": { + "id": "cdk-integ-assets-bundling-docker-opts", + "path": "cdk-integ-assets-bundling-docker-opts", + "children": { + "BundledAsset": { + "id": "BundledAsset", + "path": "cdk-integ-assets-bundling-docker-opts/BundledAsset", + "children": { + "Stage": { + "id": "Stage", + "path": "cdk-integ-assets-bundling-docker-opts/BundledAsset/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "cdk-integ-assets-bundling-docker-opts/BundledAsset/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "AssetParameters": { + "id": "AssetParameters", + "path": "cdk-integ-assets-bundling-docker-opts/AssetParameters", + "children": { + "98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22": { + "id": "98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22", + "path": "cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22", + "children": { + "S3Bucket": { + "id": "S3Bucket", + "path": "cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/S3Bucket", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "S3VersionKey": { + "id": "S3VersionKey", + "path": "cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/S3VersionKey", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "ArtifactHash": { + "id": "ArtifactHash", + "path": "cdk-integ-assets-bundling-docker-opts/AssetParameters/98ba393580c41ce2b2e3417f5e114223359ba726471a06326cf81743b16daa22/ArtifactHash", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-s3-assets-bundling-docker-opts": { + "id": "cdk-integ-s3-assets-bundling-docker-opts", + "path": "cdk-integ-s3-assets-bundling-docker-opts", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-s3-assets-bundling-docker-opts/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-s3-assets-bundling-docker-opts/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.58" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-s3-assets-bundling-docker-opts/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.docker-opts.ts b/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.docker-opts.ts new file mode 100644 index 0000000000000..4541aca5a81ff --- /dev/null +++ b/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.docker-opts.ts @@ -0,0 +1,27 @@ +import * as path from 'path'; +import { App, DockerImage, Stack } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as assets from '../lib'; + + +const app = new App(); +const stack = new Stack(app, 'cdk-integ-assets-bundling-docker-opts'); + +new assets.Asset(stack, 'BundledAsset', { + path: path.join(__dirname, 'markdown-asset'), // /asset-input and working directory in the container + bundling: { + image: DockerImage.fromBuild(path.join(__dirname, 'alpine-markdown')), // Build an image + command: [ + 'sh', '-c', ` + markdown index.md > /asset-output/index.html + `, + ], + network: 'host', + }, +}); +/// !hide +new integ.IntegTest(app, 'cdk-integ-s3-assets-bundling-docker-opts', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts index 49785c5093b33..abaf1e2be63ee 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts +++ b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts @@ -299,7 +299,7 @@ export class BucketDeployment extends Construct { uuid: this.renderSingletonUuid(props.memoryLimit, props.ephemeralStorageSize, props.vpc), code: lambda.Code.fromAsset(path.join(__dirname, 'lambda')), layers: [new AwsCliLayer(this, 'AwsCliLayer')], - runtime: lambda.Runtime.PYTHON_3_7, + runtime: lambda.Runtime.PYTHON_3_9, environment: props.useEfs ? { MOUNT_PATH: mountPath, } : undefined, diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.207d1c59082dd1ab722c445b190e0c2cbb20d6c3e981cf674a60159b56338e86/__entrypoint__.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js similarity index 100% rename from packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.207d1c59082dd1ab722c445b190e0c2cbb20d6c3e981cf674a60159b56338e86/__entrypoint__.js rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.d.ts b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.d.ts rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.js rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.ts b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.ts rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip similarity index 69% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip index e478968fa8400..0e782f0e80200 100644 Binary files a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip and b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip differ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js deleted file mode 100644 index 3475719002c73..0000000000000 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js +++ /dev/null @@ -1,119 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = exports.external = void 0; -const https = require("https"); -const url = require("url"); -// for unit tests -exports.external = { - sendHttpRequest: defaultSendHttpRequest, - log: defaultLog, - includeStackTraces: true, - userHandlerIndex: './index', -}; -const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; -const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; -async function handler(event, context) { - exports.external.log(JSON.stringify(event, undefined, 2)); - // ignore DELETE event when the physical resource ID is the marker that - // indicates that this DELETE is a subsequent DELETE to a failed CREATE - // operation. - if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { - exports.external.log('ignoring DELETE event caused by a failed CREATE event'); - await submitResponse('SUCCESS', event); - return; - } - try { - // invoke the user handler. this is intentionally inside the try-catch to - // ensure that if there is an error it's reported as a failure to - // cloudformation (otherwise cfn waits). - // eslint-disable-next-line @typescript-eslint/no-require-imports - const userHandler = require(exports.external.userHandlerIndex).handler; - const result = await userHandler(event, context); - // validate user response and create the combined event - const responseEvent = renderResponse(event, result); - // submit to cfn as success - await submitResponse('SUCCESS', responseEvent); - } - catch (e) { - const resp = { - ...event, - Reason: exports.external.includeStackTraces ? e.stack : e.message, - }; - if (!resp.PhysicalResourceId) { - // special case: if CREATE fails, which usually implies, we usually don't - // have a physical resource id. in this case, the subsequent DELETE - // operation does not have any meaning, and will likely fail as well. to - // address this, we use a marker so the provider framework can simply - // ignore the subsequent DELETE. - if (event.RequestType === 'Create') { - exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); - resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; - } - else { - // otherwise, if PhysicalResourceId is not specified, something is - // terribly wrong because all other events should have an ID. - exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); - } - } - // this is an actual error, fail the activity altogether and exist. - await submitResponse('FAILED', resp); - } -} -exports.handler = handler; -function renderResponse(cfnRequest, handlerResponse = {}) { - var _a, _b; - // if physical ID is not returned, we have some defaults for you based - // on the request type. - const physicalResourceId = (_b = (_a = handlerResponse.PhysicalResourceId) !== null && _a !== void 0 ? _a : cfnRequest.PhysicalResourceId) !== null && _b !== void 0 ? _b : cfnRequest.RequestId; - // if we are in DELETE and physical ID was changed, it's an error. - if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { - throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); - } - // merge request event and result event (result prevails). - return { - ...cfnRequest, - ...handlerResponse, - PhysicalResourceId: physicalResourceId, - }; -} -async function submitResponse(status, event) { - var _a; - const json = { - Status: status, - Reason: (_a = event.Reason) !== null && _a !== void 0 ? _a : status, - StackId: event.StackId, - RequestId: event.RequestId, - PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, - LogicalResourceId: event.LogicalResourceId, - NoEcho: event.NoEcho, - Data: event.Data, - }; - exports.external.log('submit response to cloudformation', json); - const responseBody = JSON.stringify(json); - const parsedUrl = url.parse(event.ResponseURL); - const req = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: 'PUT', - headers: { 'content-type': '', 'content-length': responseBody.length }, - }; - await exports.external.sendHttpRequest(req, responseBody); -} -async function defaultSendHttpRequest(options, responseBody) { - return new Promise((resolve, reject) => { - try { - const request = https.request(options, _ => resolve()); - request.on('error', reject); - request.write(responseBody); - request.end(); - } - catch (e) { - reject(e); - } - }); -} -function defaultLog(fmt, ...params) { - // eslint-disable-next-line no-console - console.log(fmt, ...params); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFbEQsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFakQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbERELDBCQWtEQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRzs7SUFFN0Msc0VBQXNFO0lBQ3RFLHVCQUF1QjtJQUN2QixNQUFNLGtCQUFrQixlQUFHLGVBQWUsQ0FBQyxrQkFBa0IsbUNBQUksVUFBVSxDQUFDLGtCQUFrQixtQ0FBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7O0lBQ3pFLE1BQU0sSUFBSSxHQUFtRDtRQUMzRCxNQUFNLEVBQUUsTUFBTTtRQUNkLE1BQU0sUUFBRSxLQUFLLENBQUMsTUFBTSxtQ0FBSSxNQUFNO1FBQzlCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztRQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7UUFDMUIsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLDBCQUEwQjtRQUMxRSxpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1FBQzFDLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtRQUNwQixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7S0FDakIsQ0FBQztJQUVGLGdCQUFRLENBQUMsR0FBRyxDQUFDLG1DQUFtQyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBRXhELE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDMUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0MsTUFBTSxHQUFHLEdBQUc7UUFDVixRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVE7UUFDNUIsSUFBSSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1FBQ3BCLE1BQU0sRUFBRSxLQUFLO1FBQ2IsT0FBTyxFQUFFLEVBQUUsY0FBYyxFQUFFLEVBQUUsRUFBRSxnQkFBZ0IsRUFBRSxZQUFZLENBQUMsTUFBTSxFQUFFO0tBQ3ZFLENBQUM7SUFFRixNQUFNLGdCQUFRLENBQUMsZUFBZSxDQUFDLEdBQUcsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNwRCxDQUFDO0FBRUQsS0FBSyxVQUFVLHNCQUFzQixDQUFDLE9BQTZCLEVBQUUsWUFBb0I7SUFDdkYsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtRQUNyQyxJQUFJO1lBQ0YsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZELE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDNUIsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1NBQ2Y7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUNYO0lBQ0gsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsU0FBUyxVQUFVLENBQUMsR0FBVyxFQUFFLEdBQUcsTUFBYTtJQUMvQyxzQ0FBc0M7SUFDdEMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQztBQUM5QixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgaHR0cHMgZnJvbSAnaHR0cHMnO1xuaW1wb3J0ICogYXMgdXJsIGZyb20gJ3VybCc7XG5cbi8vIGZvciB1bml0IHRlc3RzXG5leHBvcnQgY29uc3QgZXh0ZXJuYWwgPSB7XG4gIHNlbmRIdHRwUmVxdWVzdDogZGVmYXVsdFNlbmRIdHRwUmVxdWVzdCxcbiAgbG9nOiBkZWZhdWx0TG9nLFxuICBpbmNsdWRlU3RhY2tUcmFjZXM6IHRydWUsXG4gIHVzZXJIYW5kbGVySW5kZXg6ICcuL2luZGV4Jyxcbn07XG5cbmNvbnN0IENSRUFURV9GQUlMRURfUEhZU0lDQUxfSURfTUFSS0VSID0gJ0FXU0NESzo6Q3VzdG9tUmVzb3VyY2VQcm92aWRlckZyYW1ld29yazo6Q1JFQVRFX0ZBSUxFRCc7XG5jb25zdCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6Ok1JU1NJTkdfUEhZU0lDQUxfSUQnO1xuXG5leHBvcnQgdHlwZSBSZXNwb25zZSA9IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQgJiBIYW5kbGVyUmVzcG9uc2U7XG5leHBvcnQgdHlwZSBIYW5kbGVyID0gKGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50LCBjb250ZXh0OiBBV1NMYW1iZGEuQ29udGV4dCkgPT4gUHJvbWlzZTxIYW5kbGVyUmVzcG9uc2UgfCB2b2lkPjtcbmV4cG9ydCB0eXBlIEhhbmRsZXJSZXNwb25zZSA9IHVuZGVmaW5lZCB8IHtcbiAgRGF0YT86IGFueTtcbiAgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nO1xuICBSZWFzb24/OiBzdHJpbmc7XG4gIE5vRWNobz86IGJvb2xlYW47XG59O1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpIHtcbiAgZXh0ZXJuYWwubG9nKEpTT04uc3RyaW5naWZ5KGV2ZW50LCB1bmRlZmluZWQsIDIpKTtcblxuICAvLyBpZ25vcmUgREVMRVRFIGV2ZW50IHdoZW4gdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGlzIHRoZSBtYXJrZXIgdGhhdFxuICAvLyBpbmRpY2F0ZXMgdGhhdCB0aGlzIERFTEVURSBpcyBhIHN1YnNlcXVlbnQgREVMRVRFIHRvIGEgZmFpbGVkIENSRUFURVxuICAvLyBvcGVyYXRpb24uXG4gIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkID09PSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUikge1xuICAgIGV4dGVybmFsLmxvZygnaWdub3JpbmcgREVMRVRFIGV2ZW50IGNhdXNlZCBieSBhIGZhaWxlZCBDUkVBVEUgZXZlbnQnKTtcbiAgICBhd2FpdCBzdWJtaXRSZXNwb25zZSgnU1VDQ0VTUycsIGV2ZW50KTtcbiAgICByZXR1cm47XG4gIH1cblxuICB0cnkge1xuICAgIC8vIGludm9rZSB0aGUgdXNlciBoYW5kbGVyLiB0aGlzIGlzIGludGVudGlvbmFsbHkgaW5zaWRlIHRoZSB0cnktY2F0Y2ggdG9cbiAgICAvLyBlbnN1cmUgdGhhdCBpZiB0aGVyZSBpcyBhbiBlcnJvciBpdCdzIHJlcG9ydGVkIGFzIGEgZmFpbHVyZSB0b1xuICAgIC8vIGNsb3VkZm9ybWF0aW9uIChvdGhlcndpc2UgY2ZuIHdhaXRzKS5cbiAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgIGNvbnN0IHVzZXJIYW5kbGVyOiBIYW5kbGVyID0gcmVxdWlyZShleHRlcm5hbC51c2VySGFuZGxlckluZGV4KS5oYW5kbGVyO1xuICAgIGNvbnN0IHJlc3VsdCA9IGF3YWl0IHVzZXJIYW5kbGVyKGV2ZW50LCBjb250ZXh0KTtcblxuICAgIC8vIHZhbGlkYXRlIHVzZXIgcmVzcG9uc2UgYW5kIGNyZWF0ZSB0aGUgY29tYmluZWQgZXZlbnRcbiAgICBjb25zdCByZXNwb25zZUV2ZW50ID0gcmVuZGVyUmVzcG9uc2UoZXZlbnQsIHJlc3VsdCk7XG5cbiAgICAvLyBzdWJtaXQgdG8gY2ZuIGFzIHN1Y2Nlc3NcbiAgICBhd2FpdCBzdWJtaXRSZXNwb25zZSgnU1VDQ0VTUycsIHJlc3BvbnNlRXZlbnQpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgY29uc3QgcmVzcDogUmVzcG9uc2UgPSB7XG4gICAgICAuLi5ldmVudCxcbiAgICAgIFJlYXNvbjogZXh0ZXJuYWwuaW5jbHVkZVN0YWNrVHJhY2VzID8gZS5zdGFjayA6IGUubWVzc2FnZSxcbiAgICB9O1xuXG4gICAgaWYgKCFyZXNwLlBoeXNpY2FsUmVzb3VyY2VJZCkge1xuICAgICAgLy8gc3BlY2lhbCBjYXNlOiBpZiBDUkVBVEUgZmFpbHMsIHdoaWNoIHVzdWFsbHkgaW1wbGllcywgd2UgdXN1YWxseSBkb24ndFxuICAgICAgLy8gaGF2ZSBhIHBoeXNpY2FsIHJlc291cmNlIGlkLiBpbiB0aGlzIGNhc2UsIHRoZSBzdWJzZXF1ZW50IERFTEVURVxuICAgICAgLy8gb3BlcmF0aW9uIGRvZXMgbm90IGhhdmUgYW55IG1lYW5pbmcsIGFuZCB3aWxsIGxpa2VseSBmYWlsIGFzIHdlbGwuIHRvXG4gICAgICAvLyBhZGRyZXNzIHRoaXMsIHdlIHVzZSBhIG1hcmtlciBzbyB0aGUgcHJvdmlkZXIgZnJhbWV3b3JrIGNhbiBzaW1wbHlcbiAgICAgIC8vIGlnbm9yZSB0aGUgc3Vic2VxdWVudCBERUxFVEUuXG4gICAgICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgICAgIGV4dGVybmFsLmxvZygnQ1JFQVRFIGZhaWxlZCwgcmVzcG9uZGluZyB3aXRoIGEgbWFya2VyIHBoeXNpY2FsIHJlc291cmNlIGlkIHNvIHRoYXQgdGhlIHN1YnNlcXVlbnQgREVMRVRFIHdpbGwgYmUgaWdub3JlZCcpO1xuICAgICAgICByZXNwLlBoeXNpY2FsUmVzb3VyY2VJZCA9IENSRUFURV9GQUlMRURfUEhZU0lDQUxfSURfTUFSS0VSO1xuICAgICAgfSBlbHNlIHtcbiAgICAgICAgLy8gb3RoZXJ3aXNlLCBpZiBQaHlzaWNhbFJlc291cmNlSWQgaXMgbm90IHNwZWNpZmllZCwgc29tZXRoaW5nIGlzXG4gICAgICAgIC8vIHRlcnJpYmx5IHdyb25nIGJlY2F1c2UgYWxsIG90aGVyIGV2ZW50cyBzaG91bGQgaGF2ZSBhbiBJRC5cbiAgICAgICAgZXh0ZXJuYWwubG9nKGBFUlJPUjogTWFsZm9ybWVkIGV2ZW50LiBcIlBoeXNpY2FsUmVzb3VyY2VJZFwiIGlzIHJlcXVpcmVkOiAke0pTT04uc3RyaW5naWZ5KGV2ZW50KX1gKTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyB0aGlzIGlzIGFuIGFjdHVhbCBlcnJvciwgZmFpbCB0aGUgYWN0aXZpdHkgYWx0b2dldGhlciBhbmQgZXhpc3QuXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ0ZBSUxFRCcsIHJlc3ApO1xuICB9XG59XG5cbmZ1bmN0aW9uIHJlbmRlclJlc3BvbnNlKFxuICBjZm5SZXF1ZXN0OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgeyBQaHlzaWNhbFJlc291cmNlSWQ/OiBzdHJpbmcgfSxcbiAgaGFuZGxlclJlc3BvbnNlOiB2b2lkIHwgSGFuZGxlclJlc3BvbnNlID0geyB9KTogUmVzcG9uc2Uge1xuXG4gIC8vIGlmIHBoeXNpY2FsIElEIGlzIG5vdCByZXR1cm5lZCwgd2UgaGF2ZSBzb21lIGRlZmF1bHRzIGZvciB5b3UgYmFzZWRcbiAgLy8gb24gdGhlIHJlcXVlc3QgdHlwZS5cbiAgY29uc3QgcGh5c2ljYWxSZXNvdXJjZUlkID0gaGFuZGxlclJlc3BvbnNlLlBoeXNpY2FsUmVzb3VyY2VJZCA/PyBjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZCA/PyBjZm5SZXF1ZXN0LlJlcXVlc3RJZDtcblxuICAvLyBpZiB3ZSBhcmUgaW4gREVMRVRFIGFuZCBwaHlzaWNhbCBJRCB3YXMgY2hhbmdlZCwgaXQncyBhbiBlcnJvci5cbiAgaWYgKGNmblJlcXVlc3QuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIHBoeXNpY2FsUmVzb3VyY2VJZCAhPT0gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYERFTEVURTogY2Fubm90IGNoYW5nZSB0aGUgcGh5c2ljYWwgcmVzb3VyY2UgSUQgZnJvbSBcIiR7Y2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgdG8gXCIke2hhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWR9XCIgZHVyaW5nIGRlbGV0aW9uYCk7XG4gIH1cblxuICAvLyBtZXJnZSByZXF1ZXN0IGV2ZW50IGFuZCByZXN1bHQgZXZlbnQgKHJlc3VsdCBwcmV2YWlscykuXG4gIHJldHVybiB7XG4gICAgLi4uY2ZuUmVxdWVzdCxcbiAgICAuLi5oYW5kbGVyUmVzcG9uc2UsXG4gICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbFJlc291cmNlSWQsXG4gIH07XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHN1Ym1pdFJlc3BvbnNlKHN0YXR1czogJ1NVQ0NFU1MnIHwgJ0ZBSUxFRCcsIGV2ZW50OiBSZXNwb25zZSkge1xuICBjb25zdCBqc29uOiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZVJlc3BvbnNlID0ge1xuICAgIFN0YXR1czogc3RhdHVzLFxuICAgIFJlYXNvbjogZXZlbnQuUmVhc29uID8/IHN0YXR1cyxcbiAgICBTdGFja0lkOiBldmVudC5TdGFja0lkLFxuICAgIFJlcXVlc3RJZDogZXZlbnQuUmVxdWVzdElkLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkIHx8IE1JU1NJTkdfUEhZU0lDQUxfSURfTUFSS0VSLFxuICAgIExvZ2ljYWxSZXNvdXJjZUlkOiBldmVudC5Mb2dpY2FsUmVzb3VyY2VJZCxcbiAgICBOb0VjaG86IGV2ZW50Lk5vRWNobyxcbiAgICBEYXRhOiBldmVudC5EYXRhLFxuICB9O1xuXG4gIGV4dGVybmFsLmxvZygnc3VibWl0IHJlc3BvbnNlIHRvIGNsb3VkZm9ybWF0aW9uJywganNvbik7XG5cbiAgY29uc3QgcmVzcG9uc2VCb2R5ID0gSlNPTi5zdHJpbmdpZnkoanNvbik7XG4gIGNvbnN0IHBhcnNlZFVybCA9IHVybC5wYXJzZShldmVudC5SZXNwb25zZVVSTCk7XG4gIGNvbnN0IHJlcSA9IHtcbiAgICBob3N0bmFtZTogcGFyc2VkVXJsLmhvc3RuYW1lLFxuICAgIHBhdGg6IHBhcnNlZFVybC5wYXRoLFxuICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgaGVhZGVyczogeyAnY29udGVudC10eXBlJzogJycsICdjb250ZW50LWxlbmd0aCc6IHJlc3BvbnNlQm9keS5sZW5ndGggfSxcbiAgfTtcblxuICBhd2FpdCBleHRlcm5hbC5zZW5kSHR0cFJlcXVlc3QocmVxLCByZXNwb25zZUJvZHkpO1xufVxuXG5hc3luYyBmdW5jdGlvbiBkZWZhdWx0U2VuZEh0dHBSZXF1ZXN0KG9wdGlvbnM6IGh0dHBzLlJlcXVlc3RPcHRpb25zLCByZXNwb25zZUJvZHk6IHN0cmluZyk6IFByb21pc2U8dm9pZD4ge1xuICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgIHRyeSB7XG4gICAgICBjb25zdCByZXF1ZXN0ID0gaHR0cHMucmVxdWVzdChvcHRpb25zLCBfID0+IHJlc29sdmUoKSk7XG4gICAgICByZXF1ZXN0Lm9uKCdlcnJvcicsIHJlamVjdCk7XG4gICAgICByZXF1ZXN0LndyaXRlKHJlc3BvbnNlQm9keSk7XG4gICAgICByZXF1ZXN0LmVuZCgpO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIHJlamVjdChlKTtcbiAgICB9XG4gIH0pO1xufVxuXG5mdW5jdGlvbiBkZWZhdWx0TG9nKGZtdDogc3RyaW5nLCAuLi5wYXJhbXM6IGFueVtdKSB7XG4gIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBuby1jb25zb2xlXG4gIGNvbnNvbGUubG9nKGZtdCwgLi4ucGFyYW1zKTtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/manifest.json index dd18b232b6944..3542fe30bdbf7 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,25 +19,25 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "id": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "path": "asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "id": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "packaging": "zip", - "sourceHash": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "s3BucketParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232", - "s3KeyParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE", - "artifactHashParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2" + "sourceHash": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "s3BucketParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2", + "s3KeyParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48", + "artifactHashParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB" } }, { "type": "aws:cdk:asset", "data": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "packaging": "file", - "sourceHash": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "s3BucketParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4", - "s3KeyParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0", - "artifactHashParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "sourceHash": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "s3BucketParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4", + "s3KeyParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764", + "artifactHashParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } }, { @@ -95,40 +95,40 @@ "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" } ], - "/test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3Bucket": [ + "/test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2" } ], - "/test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3VersionKey": [ + "/test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ], - "/test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/ArtifactHash": [ + "/test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB" } ], - "/test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket": [ + "/test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" } ], - "/test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey": [ + "/test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ], - "/test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash": [ + "/test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } ], "/test-bucket-deployments-1/AssetParameters/f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da/S3Bucket": [ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.assets.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.assets.json index cea6e6c783143..51fe8eb558b3a 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.assets.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.assets.json @@ -1,28 +1,28 @@ { - "version": "17.0.0", + "version": "20.0.0", "files": { - "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824": { + "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26": { "source": { - "path": "asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "path": "asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824.zip", + "objectKey": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { "source": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "objectKey": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } @@ -53,7 +53,7 @@ } } }, - "39a0b3ad336e3252b0c27b4a31a6e35e09d6de50d368545a5b8ec4abf560b90c": { + "4ede274a48c7a8a8140dd2d5dab420cc87a7fc5544ed203fc4399eb8b396ce9d": { "source": { "path": "test-bucket-deployments-1.template.json", "packaging": "file" @@ -61,7 +61,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "39a0b3ad336e3252b0c27b4a31a6e35e09d6de50d368545a5b8ec4abf560b90c.json", + "objectKey": "4ede274a48c7a8a8140dd2d5dab420cc87a7fc5544ed203fc4399eb8b396ce9d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.template.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.template.json index 64f79d32009bb..34de7f9a03ba5 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.template.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/test-bucket-deployments-1.template.json @@ -114,7 +114,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2" }, "S3Key": { "Fn::Join": [ @@ -127,7 +127,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ] } @@ -140,7 +140,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ] } @@ -230,7 +230,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -243,7 +243,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -256,7 +256,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -519,7 +519,7 @@ "Ref": "DeployWithInvalidationAwsCliLayerDEDD5787" } ], - "Runtime": "python3.7", + "Runtime": "python3.9", "Timeout": 900 }, "DependsOn": [ @@ -529,29 +529,29 @@ } }, "Parameters": { - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2": { "Type": "String", - "Description": "S3 bucket for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "S3 bucket for asset \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48": { "Type": "String", - "Description": "S3 key for asset version \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "S3 key for asset version \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB": { "Type": "String", - "Description": "Artifact hash for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "Artifact hash for asset \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4": { "Type": "String", - "Description": "S3 bucket for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 bucket for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764": { "Type": "String", - "Description": "S3 key for asset version \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 key for asset version \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685": { "Type": "String", - "Description": "Artifact hash for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "Artifact hash for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, "AssetParametersf98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711daS3BucketF23C0DE7": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/tree.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/tree.json index 10b4184a4dbc1..b0c465d283022 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-cloudfront.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "test-bucket-deployments-1": { @@ -174,13 +174,13 @@ "id": "AssetParameters", "path": "test-bucket-deployments-1/AssetParameters", "children": { - "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824": { - "id": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "path": "test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26": { + "id": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "path": "test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3Bucket", + "path": "test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -188,7 +188,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3VersionKey", + "path": "test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -196,7 +196,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "test-bucket-deployments-1/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/ArtifactHash", + "path": "test-bucket-deployments-1/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -205,16 +205,16 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "path": "test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "path": "test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket", + "path": "test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -222,7 +222,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey", + "path": "test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -230,7 +230,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "test-bucket-deployments-1/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash", + "path": "test-bucket-deployments-1/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -239,7 +239,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da": { @@ -273,7 +273,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "fc4481abf279255619ff7418faa5d24456fef3432ea0da59c95542578ff0222e": { @@ -307,13 +307,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "Distribution": { @@ -424,7 +424,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -437,7 +437,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -450,7 +450,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -787,7 +787,7 @@ "Ref": "DeployWithInvalidationAwsCliLayerDEDD5787" } ], - "runtime": "python3.7", + "runtime": "python3.9", "timeout": 900 } }, diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.assets.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.assets.json index 0a331d73a886e..27b342637d131 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.assets.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.assets.json @@ -1,15 +1,15 @@ { - "version": "17.0.0", + "version": "20.0.0", "files": { - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { "source": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "objectKey": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } @@ -66,7 +66,7 @@ } } }, - "a2502ee64d52a7e96ba5c899754aa37ed7c1254348a03fe90a51e6b9175b2300": { + "3ed0eab4bbbed28428c86b436726f701c9ddf664e0069753d3a5ebc00f0edcd9": { "source": { "path": "TestBucketDeploymentContent.template.json", "packaging": "file" @@ -74,7 +74,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a2502ee64d52a7e96ba5c899754aa37ed7c1254348a03fe90a51e6b9175b2300.json", + "objectKey": "3ed0eab4bbbed28428c86b436726f701c9ddf664e0069753d3a5ebc00f0edcd9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.template.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.template.json index 446bf4c05c8a3..c4c6e0603aeb3 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.template.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/TestBucketDeploymentContent.template.json @@ -18,7 +18,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -31,7 +31,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -44,7 +44,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -443,7 +443,7 @@ "Ref": "DeployMeAwsCliLayer5F9219E9" } ], - "Runtime": "python3.7", + "Runtime": "python3.9", "Timeout": 900 }, "DependsOn": [ @@ -453,17 +453,17 @@ } }, "Parameters": { - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4": { "Type": "String", - "Description": "S3 bucket for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 bucket for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764": { "Type": "String", - "Description": "S3 key for asset version \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 key for asset version \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685": { "Type": "String", - "Description": "Artifact hash for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "Artifact hash for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, "AssetParametersf98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711daS3BucketF23C0DE7": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip similarity index 69% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip index e478968fa8400..0e782f0e80200 100644 Binary files a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip and b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip differ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/manifest.json index 83d1462428de2..c1683f5aaebdc 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,13 +19,13 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "packaging": "file", - "sourceHash": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "s3BucketParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4", - "s3KeyParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0", - "artifactHashParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "sourceHash": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "s3BucketParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4", + "s3KeyParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764", + "artifactHashParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } }, { @@ -95,22 +95,22 @@ "data": "DeployMeCustomResource4455EE35" } ], - "/TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket": [ + "/TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" } ], - "/TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey": [ + "/TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ], - "/TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash": [ + "/TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } ], "/TestBucketDeploymentContent/AssetParameters/f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da/S3Bucket": [ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/tree.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/tree.json index e6dd6e531dbbd..c6d3babc7d412 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment-data.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "TestBucketDeploymentContent": { @@ -87,7 +87,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -100,7 +100,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -113,7 +113,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -251,13 +251,13 @@ "id": "AssetParameters", "path": "TestBucketDeploymentContent/AssetParameters", "children": { - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "path": "TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "path": "TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket", + "path": "TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -265,7 +265,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey", + "path": "TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -273,7 +273,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "TestBucketDeploymentContent/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash", + "path": "TestBucketDeploymentContent/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -282,7 +282,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da": { @@ -316,7 +316,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "d09271be89b6cb0398f793b40c1531fd9b076aa92ba80b5e436914b1808fe18d": { @@ -350,7 +350,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "0f14dedeaf4386031c978375cbda0f65d7b52b29452cabb8873eb8f0d0fa936b": { @@ -384,7 +384,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "0d7be86c2a7d62be64fcbe2cbaa36c912a72d445022cc17c37af4f99f1b97a5a": { @@ -418,13 +418,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C": { @@ -736,7 +736,7 @@ "Ref": "DeployMeAwsCliLayer5F9219E9" } ], - "runtime": "python3.7", + "runtime": "python3.9", "timeout": 900 } }, diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js new file mode 100644 index 0000000000000..9df94382cc74e --- /dev/null +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js @@ -0,0 +1,118 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = exports.external = void 0; +const https = require("https"); +const url = require("url"); +// for unit tests +exports.external = { + sendHttpRequest: defaultSendHttpRequest, + log: defaultLog, + includeStackTraces: true, + userHandlerIndex: './index', +}; +const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; +const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; +async function handler(event, context) { + const sanitizedEvent = { ...event, ResponseURL: '...' }; + exports.external.log(JSON.stringify(sanitizedEvent, undefined, 2)); + // ignore DELETE event when the physical resource ID is the marker that + // indicates that this DELETE is a subsequent DELETE to a failed CREATE + // operation. + if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { + exports.external.log('ignoring DELETE event caused by a failed CREATE event'); + await submitResponse('SUCCESS', event); + return; + } + try { + // invoke the user handler. this is intentionally inside the try-catch to + // ensure that if there is an error it's reported as a failure to + // cloudformation (otherwise cfn waits). + // eslint-disable-next-line @typescript-eslint/no-require-imports + const userHandler = require(exports.external.userHandlerIndex).handler; + const result = await userHandler(sanitizedEvent, context); + // validate user response and create the combined event + const responseEvent = renderResponse(event, result); + // submit to cfn as success + await submitResponse('SUCCESS', responseEvent); + } + catch (e) { + const resp = { + ...event, + Reason: exports.external.includeStackTraces ? e.stack : e.message, + }; + if (!resp.PhysicalResourceId) { + // special case: if CREATE fails, which usually implies, we usually don't + // have a physical resource id. in this case, the subsequent DELETE + // operation does not have any meaning, and will likely fail as well. to + // address this, we use a marker so the provider framework can simply + // ignore the subsequent DELETE. + if (event.RequestType === 'Create') { + exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); + resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; + } + else { + // otherwise, if PhysicalResourceId is not specified, something is + // terribly wrong because all other events should have an ID. + exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); + } + } + // this is an actual error, fail the activity altogether and exist. + await submitResponse('FAILED', resp); + } +} +exports.handler = handler; +function renderResponse(cfnRequest, handlerResponse = {}) { + // if physical ID is not returned, we have some defaults for you based + // on the request type. + const physicalResourceId = handlerResponse.PhysicalResourceId ?? cfnRequest.PhysicalResourceId ?? cfnRequest.RequestId; + // if we are in DELETE and physical ID was changed, it's an error. + if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); + } + // merge request event and result event (result prevails). + return { + ...cfnRequest, + ...handlerResponse, + PhysicalResourceId: physicalResourceId, + }; +} +async function submitResponse(status, event) { + const json = { + Status: status, + Reason: event.Reason ?? status, + StackId: event.StackId, + RequestId: event.RequestId, + PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, + LogicalResourceId: event.LogicalResourceId, + NoEcho: event.NoEcho, + Data: event.Data, + }; + exports.external.log('submit response to cloudformation', json); + const responseBody = JSON.stringify(json); + const parsedUrl = url.parse(event.ResponseURL); + const req = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + await exports.external.sendHttpRequest(req, responseBody); +} +async function defaultSendHttpRequest(options, responseBody) { + return new Promise((resolve, reject) => { + try { + const request = https.request(options, _ => resolve()); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); +} +function defaultLog(fmt, ...params) { + // eslint-disable-next-line no-console + console.log(fmt, ...params); +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsTUFBTSxjQUFjLEdBQUcsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUM7SUFDeEQsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFM0QsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFMUQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbkRELDBCQW1EQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRztJQUU3QyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsZUFBZSxDQUFDLGtCQUFrQixJQUFJLFVBQVUsQ0FBQyxrQkFBa0IsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7SUFDekUsTUFBTSxJQUFJLEdBQW1EO1FBQzNELE1BQU0sRUFBRSxNQUFNO1FBQ2QsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLElBQUksTUFBTTtRQUM5QixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87UUFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1FBQzFCLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSwwQkFBMEI7UUFDMUUsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtRQUMxQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07UUFDcEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO0tBQ2pCLENBQUM7SUFFRixnQkFBUSxDQUFDLEdBQUcsQ0FBQyxtQ0FBbUMsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUV4RCxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzFDLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLE1BQU0sR0FBRyxHQUFHO1FBQ1YsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1FBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtRQUNwQixNQUFNLEVBQUUsS0FBSztRQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtLQUN2RSxDQUFDO0lBRUYsTUFBTSxnQkFBUSxDQUFDLGVBQWUsQ0FBQyxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDcEQsQ0FBQztBQUVELEtBQUssVUFBVSxzQkFBc0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ3ZGLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RCxPQUFPLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztZQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxHQUFHLEVBQUUsQ0FBQztTQUNmO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDWDtJQUNILENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELFNBQVMsVUFBVSxDQUFDLEdBQVcsRUFBRSxHQUFHLE1BQWE7SUFDL0Msc0NBQXNDO0lBQ3RDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEdBQUcsTUFBTSxDQUFDLENBQUM7QUFDOUIsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGh0dHBzIGZyb20gJ2h0dHBzJztcbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuXG4vLyBmb3IgdW5pdCB0ZXN0c1xuZXhwb3J0IGNvbnN0IGV4dGVybmFsID0ge1xuICBzZW5kSHR0cFJlcXVlc3Q6IGRlZmF1bHRTZW5kSHR0cFJlcXVlc3QsXG4gIGxvZzogZGVmYXVsdExvZyxcbiAgaW5jbHVkZVN0YWNrVHJhY2VzOiB0cnVlLFxuICB1c2VySGFuZGxlckluZGV4OiAnLi9pbmRleCcsXG59O1xuXG5jb25zdCBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6OkNSRUFURV9GQUlMRUQnO1xuY29uc3QgTUlTU0lOR19QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpNSVNTSU5HX1BIWVNJQ0FMX0lEJztcblxuZXhwb3J0IHR5cGUgUmVzcG9uc2UgPSBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgSGFuZGxlclJlc3BvbnNlO1xuZXhwb3J0IHR5cGUgSGFuZGxlciA9IChldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpID0+IFByb21pc2U8SGFuZGxlclJlc3BvbnNlIHwgdm9pZD47XG5leHBvcnQgdHlwZSBIYW5kbGVyUmVzcG9uc2UgPSB1bmRlZmluZWQgfCB7XG4gIERhdGE/OiBhbnk7XG4gIFBoeXNpY2FsUmVzb3VyY2VJZD86IHN0cmluZztcbiAgUmVhc29uPzogc3RyaW5nO1xuICBOb0VjaG8/OiBib29sZWFuO1xufTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIGNvbnN0IHNhbml0aXplZEV2ZW50ID0geyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH07XG4gIGV4dGVybmFsLmxvZyhKU09OLnN0cmluZ2lmeShzYW5pdGl6ZWRFdmVudCwgdW5kZWZpbmVkLCAyKSk7XG5cbiAgLy8gaWdub3JlIERFTEVURSBldmVudCB3aGVuIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBpcyB0aGUgbWFya2VyIHRoYXRcbiAgLy8gaW5kaWNhdGVzIHRoYXQgdGhpcyBERUxFVEUgaXMgYSBzdWJzZXF1ZW50IERFTEVURSB0byBhIGZhaWxlZCBDUkVBVEVcbiAgLy8gb3BlcmF0aW9uLlxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9PT0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIpIHtcbiAgICBleHRlcm5hbC5sb2coJ2lnbm9yaW5nIERFTEVURSBldmVudCBjYXVzZWQgYnkgYSBmYWlsZWQgQ1JFQVRFIGV2ZW50Jyk7XG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgcmV0dXJuO1xuICB9XG5cbiAgdHJ5IHtcbiAgICAvLyBpbnZva2UgdGhlIHVzZXIgaGFuZGxlci4gdGhpcyBpcyBpbnRlbnRpb25hbGx5IGluc2lkZSB0aGUgdHJ5LWNhdGNoIHRvXG4gICAgLy8gZW5zdXJlIHRoYXQgaWYgdGhlcmUgaXMgYW4gZXJyb3IgaXQncyByZXBvcnRlZCBhcyBhIGZhaWx1cmUgdG9cbiAgICAvLyBjbG91ZGZvcm1hdGlvbiAob3RoZXJ3aXNlIGNmbiB3YWl0cykuXG4gICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICBjb25zdCB1c2VySGFuZGxlcjogSGFuZGxlciA9IHJlcXVpcmUoZXh0ZXJuYWwudXNlckhhbmRsZXJJbmRleCkuaGFuZGxlcjtcbiAgICBjb25zdCByZXN1bHQgPSBhd2FpdCB1c2VySGFuZGxlcihzYW5pdGl6ZWRFdmVudCwgY29udGV4dCk7XG5cbiAgICAvLyB2YWxpZGF0ZSB1c2VyIHJlc3BvbnNlIGFuZCBjcmVhdGUgdGhlIGNvbWJpbmVkIGV2ZW50XG4gICAgY29uc3QgcmVzcG9uc2VFdmVudCA9IHJlbmRlclJlc3BvbnNlKGV2ZW50LCByZXN1bHQpO1xuXG4gICAgLy8gc3VibWl0IHRvIGNmbiBhcyBzdWNjZXNzXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCByZXNwb25zZUV2ZW50KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGNvbnN0IHJlc3A6IFJlc3BvbnNlID0ge1xuICAgICAgLi4uZXZlbnQsXG4gICAgICBSZWFzb246IGV4dGVybmFsLmluY2x1ZGVTdGFja1RyYWNlcyA/IGUuc3RhY2sgOiBlLm1lc3NhZ2UsXG4gICAgfTtcblxuICAgIGlmICghcmVzcC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICAgIC8vIHNwZWNpYWwgY2FzZTogaWYgQ1JFQVRFIGZhaWxzLCB3aGljaCB1c3VhbGx5IGltcGxpZXMsIHdlIHVzdWFsbHkgZG9uJ3RcbiAgICAgIC8vIGhhdmUgYSBwaHlzaWNhbCByZXNvdXJjZSBpZC4gaW4gdGhpcyBjYXNlLCB0aGUgc3Vic2VxdWVudCBERUxFVEVcbiAgICAgIC8vIG9wZXJhdGlvbiBkb2VzIG5vdCBoYXZlIGFueSBtZWFuaW5nLCBhbmQgd2lsbCBsaWtlbHkgZmFpbCBhcyB3ZWxsLiB0b1xuICAgICAgLy8gYWRkcmVzcyB0aGlzLCB3ZSB1c2UgYSBtYXJrZXIgc28gdGhlIHByb3ZpZGVyIGZyYW1ld29yayBjYW4gc2ltcGx5XG4gICAgICAvLyBpZ25vcmUgdGhlIHN1YnNlcXVlbnQgREVMRVRFLlxuICAgICAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgICAgICBleHRlcm5hbC5sb2coJ0NSRUFURSBmYWlsZWQsIHJlc3BvbmRpbmcgd2l0aCBhIG1hcmtlciBwaHlzaWNhbCByZXNvdXJjZSBpZCBzbyB0aGF0IHRoZSBzdWJzZXF1ZW50IERFTEVURSB3aWxsIGJlIGlnbm9yZWQnKTtcbiAgICAgICAgcmVzcC5QaHlzaWNhbFJlc291cmNlSWQgPSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUjtcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIC8vIG90aGVyd2lzZSwgaWYgUGh5c2ljYWxSZXNvdXJjZUlkIGlzIG5vdCBzcGVjaWZpZWQsIHNvbWV0aGluZyBpc1xuICAgICAgICAvLyB0ZXJyaWJseSB3cm9uZyBiZWNhdXNlIGFsbCBvdGhlciBldmVudHMgc2hvdWxkIGhhdmUgYW4gSUQuXG4gICAgICAgIGV4dGVybmFsLmxvZyhgRVJST1I6IE1hbGZvcm1lZCBldmVudC4gXCJQaHlzaWNhbFJlc291cmNlSWRcIiBpcyByZXF1aXJlZDogJHtKU09OLnN0cmluZ2lmeShldmVudCl9YCk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgLy8gdGhpcyBpcyBhbiBhY3R1YWwgZXJyb3IsIGZhaWwgdGhlIGFjdGl2aXR5IGFsdG9nZXRoZXIgYW5kIGV4aXN0LlxuICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdGQUlMRUQnLCByZXNwKTtcbiAgfVxufVxuXG5mdW5jdGlvbiByZW5kZXJSZXNwb25zZShcbiAgY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCAmIHsgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nIH0sXG4gIGhhbmRsZXJSZXNwb25zZTogdm9pZCB8IEhhbmRsZXJSZXNwb25zZSA9IHsgfSk6IFJlc3BvbnNlIHtcblxuICAvLyBpZiBwaHlzaWNhbCBJRCBpcyBub3QgcmV0dXJuZWQsIHdlIGhhdmUgc29tZSBkZWZhdWx0cyBmb3IgeW91IGJhc2VkXG4gIC8vIG9uIHRoZSByZXF1ZXN0IHR5cGUuXG4gIGNvbnN0IHBoeXNpY2FsUmVzb3VyY2VJZCA9IGhhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5SZXF1ZXN0SWQ7XG5cbiAgLy8gaWYgd2UgYXJlIGluIERFTEVURSBhbmQgcGh5c2ljYWwgSUQgd2FzIGNoYW5nZWQsIGl0J3MgYW4gZXJyb3IuXG4gIGlmIChjZm5SZXF1ZXN0LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJyAmJiBwaHlzaWNhbFJlc291cmNlSWQgIT09IGNmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBERUxFVEU6IGNhbm5vdCBjaGFuZ2UgdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGZyb20gXCIke2NmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIHRvIFwiJHtoYW5kbGVyUmVzcG9uc2UuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIGR1cmluZyBkZWxldGlvbmApO1xuICB9XG5cbiAgLy8gbWVyZ2UgcmVxdWVzdCBldmVudCBhbmQgcmVzdWx0IGV2ZW50IChyZXN1bHQgcHJldmFpbHMpLlxuICByZXR1cm4ge1xuICAgIC4uLmNmblJlcXVlc3QsXG4gICAgLi4uaGFuZGxlclJlc3BvbnNlLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG5hc3luYyBmdW5jdGlvbiBzdWJtaXRSZXNwb25zZShzdGF0dXM6ICdTVUNDRVNTJyB8ICdGQUlMRUQnLCBldmVudDogUmVzcG9uc2UpIHtcbiAgY29uc3QganNvbjogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VSZXNwb25zZSA9IHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IGV2ZW50LlJlYXNvbiA/PyBzdGF0dXMsXG4gICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICBSZXF1ZXN0SWQ6IGV2ZW50LlJlcXVlc3RJZCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUixcbiAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgTm9FY2hvOiBldmVudC5Ob0VjaG8sXG4gICAgRGF0YTogZXZlbnQuRGF0YSxcbiAgfTtcblxuICBleHRlcm5hbC5sb2coJ3N1Ym1pdCByZXNwb25zZSB0byBjbG91ZGZvcm1hdGlvbicsIGpzb24pO1xuXG4gIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KGpzb24pO1xuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBjb25zdCByZXEgPSB7XG4gICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICBtZXRob2Q6ICdQVVQnLFxuICAgIGhlYWRlcnM6IHsgJ2NvbnRlbnQtdHlwZSc6ICcnLCAnY29udGVudC1sZW5ndGgnOiByZXNwb25zZUJvZHkubGVuZ3RoIH0sXG4gIH07XG5cbiAgYXdhaXQgZXh0ZXJuYWwuc2VuZEh0dHBSZXF1ZXN0KHJlcSwgcmVzcG9uc2VCb2R5KTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdFNlbmRIdHRwUmVxdWVzdChvcHRpb25zOiBodHRwcy5SZXF1ZXN0T3B0aW9ucywgcmVzcG9uc2VCb2R5OiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgcmV0dXJuIG5ldyBQcm9taXNlKChyZXNvbHZlLCByZWplY3QpID0+IHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgcmVxdWVzdCA9IGh0dHBzLnJlcXVlc3Qob3B0aW9ucywgXyA9PiByZXNvbHZlKCkpO1xuICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxuZnVuY3Rpb24gZGVmYXVsdExvZyhmbXQ6IHN0cmluZywgLi4ucGFyYW1zOiBhbnlbXSkge1xuICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgbm8tY29uc29sZVxuICBjb25zb2xlLmxvZyhmbXQsIC4uLnBhcmFtcyk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.d.ts b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.d.ts rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.js rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.ts b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts similarity index 100% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/index.ts rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip similarity index 69% rename from packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip rename to packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip index e478968fa8400..0e782f0e80200 100644 Binary files a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip and b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip differ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js deleted file mode 100644 index 3475719002c73..0000000000000 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/__entrypoint__.js +++ /dev/null @@ -1,119 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = exports.external = void 0; -const https = require("https"); -const url = require("url"); -// for unit tests -exports.external = { - sendHttpRequest: defaultSendHttpRequest, - log: defaultLog, - includeStackTraces: true, - userHandlerIndex: './index', -}; -const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; -const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; -async function handler(event, context) { - exports.external.log(JSON.stringify(event, undefined, 2)); - // ignore DELETE event when the physical resource ID is the marker that - // indicates that this DELETE is a subsequent DELETE to a failed CREATE - // operation. - if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { - exports.external.log('ignoring DELETE event caused by a failed CREATE event'); - await submitResponse('SUCCESS', event); - return; - } - try { - // invoke the user handler. this is intentionally inside the try-catch to - // ensure that if there is an error it's reported as a failure to - // cloudformation (otherwise cfn waits). - // eslint-disable-next-line @typescript-eslint/no-require-imports - const userHandler = require(exports.external.userHandlerIndex).handler; - const result = await userHandler(event, context); - // validate user response and create the combined event - const responseEvent = renderResponse(event, result); - // submit to cfn as success - await submitResponse('SUCCESS', responseEvent); - } - catch (e) { - const resp = { - ...event, - Reason: exports.external.includeStackTraces ? e.stack : e.message, - }; - if (!resp.PhysicalResourceId) { - // special case: if CREATE fails, which usually implies, we usually don't - // have a physical resource id. in this case, the subsequent DELETE - // operation does not have any meaning, and will likely fail as well. to - // address this, we use a marker so the provider framework can simply - // ignore the subsequent DELETE. - if (event.RequestType === 'Create') { - exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); - resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; - } - else { - // otherwise, if PhysicalResourceId is not specified, something is - // terribly wrong because all other events should have an ID. - exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); - } - } - // this is an actual error, fail the activity altogether and exist. - await submitResponse('FAILED', resp); - } -} -exports.handler = handler; -function renderResponse(cfnRequest, handlerResponse = {}) { - var _a, _b; - // if physical ID is not returned, we have some defaults for you based - // on the request type. - const physicalResourceId = (_b = (_a = handlerResponse.PhysicalResourceId) !== null && _a !== void 0 ? _a : cfnRequest.PhysicalResourceId) !== null && _b !== void 0 ? _b : cfnRequest.RequestId; - // if we are in DELETE and physical ID was changed, it's an error. - if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { - throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); - } - // merge request event and result event (result prevails). - return { - ...cfnRequest, - ...handlerResponse, - PhysicalResourceId: physicalResourceId, - }; -} -async function submitResponse(status, event) { - var _a; - const json = { - Status: status, - Reason: (_a = event.Reason) !== null && _a !== void 0 ? _a : status, - StackId: event.StackId, - RequestId: event.RequestId, - PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, - LogicalResourceId: event.LogicalResourceId, - NoEcho: event.NoEcho, - Data: event.Data, - }; - exports.external.log('submit response to cloudformation', json); - const responseBody = JSON.stringify(json); - const parsedUrl = url.parse(event.ResponseURL); - const req = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: 'PUT', - headers: { 'content-type': '', 'content-length': responseBody.length }, - }; - await exports.external.sendHttpRequest(req, responseBody); -} -async function defaultSendHttpRequest(options, responseBody) { - return new Promise((resolve, reject) => { - try { - const request = https.request(options, _ => resolve()); - request.on('error', reject); - request.write(responseBody); - request.end(); - } - catch (e) { - reject(e); - } - }); -} -function defaultLog(fmt, ...params) { - // eslint-disable-next-line no-console - console.log(fmt, ...params); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFbEQsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFakQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbERELDBCQWtEQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRzs7SUFFN0Msc0VBQXNFO0lBQ3RFLHVCQUF1QjtJQUN2QixNQUFNLGtCQUFrQixlQUFHLGVBQWUsQ0FBQyxrQkFBa0IsbUNBQUksVUFBVSxDQUFDLGtCQUFrQixtQ0FBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7O0lBQ3pFLE1BQU0sSUFBSSxHQUFtRDtRQUMzRCxNQUFNLEVBQUUsTUFBTTtRQUNkLE1BQU0sUUFBRSxLQUFLLENBQUMsTUFBTSxtQ0FBSSxNQUFNO1FBQzlCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztRQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7UUFDMUIsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLDBCQUEwQjtRQUMxRSxpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1FBQzFDLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtRQUNwQixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7S0FDakIsQ0FBQztJQUVGLGdCQUFRLENBQUMsR0FBRyxDQUFDLG1DQUFtQyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBRXhELE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDMUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0MsTUFBTSxHQUFHLEdBQUc7UUFDVixRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVE7UUFDNUIsSUFBSSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1FBQ3BCLE1BQU0sRUFBRSxLQUFLO1FBQ2IsT0FBTyxFQUFFLEVBQUUsY0FBYyxFQUFFLEVBQUUsRUFBRSxnQkFBZ0IsRUFBRSxZQUFZLENBQUMsTUFBTSxFQUFFO0tBQ3ZFLENBQUM7SUFFRixNQUFNLGdCQUFRLENBQUMsZUFBZSxDQUFDLEdBQUcsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNwRCxDQUFDO0FBRUQsS0FBSyxVQUFVLHNCQUFzQixDQUFDLE9BQTZCLEVBQUUsWUFBb0I7SUFDdkYsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtRQUNyQyxJQUFJO1lBQ0YsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZELE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDNUIsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1NBQ2Y7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUNYO0lBQ0gsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsU0FBUyxVQUFVLENBQUMsR0FBVyxFQUFFLEdBQUcsTUFBYTtJQUMvQyxzQ0FBc0M7SUFDdEMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQztBQUM5QixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgaHR0cHMgZnJvbSAnaHR0cHMnO1xuaW1wb3J0ICogYXMgdXJsIGZyb20gJ3VybCc7XG5cbi8vIGZvciB1bml0IHRlc3RzXG5leHBvcnQgY29uc3QgZXh0ZXJuYWwgPSB7XG4gIHNlbmRIdHRwUmVxdWVzdDogZGVmYXVsdFNlbmRIdHRwUmVxdWVzdCxcbiAgbG9nOiBkZWZhdWx0TG9nLFxuICBpbmNsdWRlU3RhY2tUcmFjZXM6IHRydWUsXG4gIHVzZXJIYW5kbGVySW5kZXg6ICcuL2luZGV4Jyxcbn07XG5cbmNvbnN0IENSRUFURV9GQUlMRURfUEhZU0lDQUxfSURfTUFSS0VSID0gJ0FXU0NESzo6Q3VzdG9tUmVzb3VyY2VQcm92aWRlckZyYW1ld29yazo6Q1JFQVRFX0ZBSUxFRCc7XG5jb25zdCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6Ok1JU1NJTkdfUEhZU0lDQUxfSUQnO1xuXG5leHBvcnQgdHlwZSBSZXNwb25zZSA9IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQgJiBIYW5kbGVyUmVzcG9uc2U7XG5leHBvcnQgdHlwZSBIYW5kbGVyID0gKGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50LCBjb250ZXh0OiBBV1NMYW1iZGEuQ29udGV4dCkgPT4gUHJvbWlzZTxIYW5kbGVyUmVzcG9uc2UgfCB2b2lkPjtcbmV4cG9ydCB0eXBlIEhhbmRsZXJSZXNwb25zZSA9IHVuZGVmaW5lZCB8IHtcbiAgRGF0YT86IGFueTtcbiAgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nO1xuICBSZWFzb24/OiBzdHJpbmc7XG4gIE5vRWNobz86IGJvb2xlYW47XG59O1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpIHtcbiAgZXh0ZXJuYWwubG9nKEpTT04uc3RyaW5naWZ5KGV2ZW50LCB1bmRlZmluZWQsIDIpKTtcblxuICAvLyBpZ25vcmUgREVMRVRFIGV2ZW50IHdoZW4gdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGlzIHRoZSBtYXJrZXIgdGhhdFxuICAvLyBpbmRpY2F0ZXMgdGhhdCB0aGlzIERFTEVURSBpcyBhIHN1YnNlcXVlbnQgREVMRVRFIHRvIGEgZmFpbGVkIENSRUFURVxuICAvLyBvcGVyYXRpb24uXG4gIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkID09PSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUikge1xuICAgIGV4dGVybmFsLmxvZygnaWdub3JpbmcgREVMRVRFIGV2ZW50IGNhdXNlZCBieSBhIGZhaWxlZCBDUkVBVEUgZXZlbnQnKTtcbiAgICBhd2FpdCBzdWJtaXRSZXNwb25zZSgnU1VDQ0VTUycsIGV2ZW50KTtcbiAgICByZXR1cm47XG4gIH1cblxuICB0cnkge1xuICAgIC8vIGludm9rZSB0aGUgdXNlciBoYW5kbGVyLiB0aGlzIGlzIGludGVudGlvbmFsbHkgaW5zaWRlIHRoZSB0cnktY2F0Y2ggdG9cbiAgICAvLyBlbnN1cmUgdGhhdCBpZiB0aGVyZSBpcyBhbiBlcnJvciBpdCdzIHJlcG9ydGVkIGFzIGEgZmFpbHVyZSB0b1xuICAgIC8vIGNsb3VkZm9ybWF0aW9uIChvdGhlcndpc2UgY2ZuIHdhaXRzKS5cbiAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgIGNvbnN0IHVzZXJIYW5kbGVyOiBIYW5kbGVyID0gcmVxdWlyZShleHRlcm5hbC51c2VySGFuZGxlckluZGV4KS5oYW5kbGVyO1xuICAgIGNvbnN0IHJlc3VsdCA9IGF3YWl0IHVzZXJIYW5kbGVyKGV2ZW50LCBjb250ZXh0KTtcblxuICAgIC8vIHZhbGlkYXRlIHVzZXIgcmVzcG9uc2UgYW5kIGNyZWF0ZSB0aGUgY29tYmluZWQgZXZlbnRcbiAgICBjb25zdCByZXNwb25zZUV2ZW50ID0gcmVuZGVyUmVzcG9uc2UoZXZlbnQsIHJlc3VsdCk7XG5cbiAgICAvLyBzdWJtaXQgdG8gY2ZuIGFzIHN1Y2Nlc3NcbiAgICBhd2FpdCBzdWJtaXRSZXNwb25zZSgnU1VDQ0VTUycsIHJlc3BvbnNlRXZlbnQpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgY29uc3QgcmVzcDogUmVzcG9uc2UgPSB7XG4gICAgICAuLi5ldmVudCxcbiAgICAgIFJlYXNvbjogZXh0ZXJuYWwuaW5jbHVkZVN0YWNrVHJhY2VzID8gZS5zdGFjayA6IGUubWVzc2FnZSxcbiAgICB9O1xuXG4gICAgaWYgKCFyZXNwLlBoeXNpY2FsUmVzb3VyY2VJZCkge1xuICAgICAgLy8gc3BlY2lhbCBjYXNlOiBpZiBDUkVBVEUgZmFpbHMsIHdoaWNoIHVzdWFsbHkgaW1wbGllcywgd2UgdXN1YWxseSBkb24ndFxuICAgICAgLy8gaGF2ZSBhIHBoeXNpY2FsIHJlc291cmNlIGlkLiBpbiB0aGlzIGNhc2UsIHRoZSBzdWJzZXF1ZW50IERFTEVURVxuICAgICAgLy8gb3BlcmF0aW9uIGRvZXMgbm90IGhhdmUgYW55IG1lYW5pbmcsIGFuZCB3aWxsIGxpa2VseSBmYWlsIGFzIHdlbGwuIHRvXG4gICAgICAvLyBhZGRyZXNzIHRoaXMsIHdlIHVzZSBhIG1hcmtlciBzbyB0aGUgcHJvdmlkZXIgZnJhbWV3b3JrIGNhbiBzaW1wbHlcbiAgICAgIC8vIGlnbm9yZSB0aGUgc3Vic2VxdWVudCBERUxFVEUuXG4gICAgICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgICAgIGV4dGVybmFsLmxvZygnQ1JFQVRFIGZhaWxlZCwgcmVzcG9uZGluZyB3aXRoIGEgbWFya2VyIHBoeXNpY2FsIHJlc291cmNlIGlkIHNvIHRoYXQgdGhlIHN1YnNlcXVlbnQgREVMRVRFIHdpbGwgYmUgaWdub3JlZCcpO1xuICAgICAgICByZXNwLlBoeXNpY2FsUmVzb3VyY2VJZCA9IENSRUFURV9GQUlMRURfUEhZU0lDQUxfSURfTUFSS0VSO1xuICAgICAgfSBlbHNlIHtcbiAgICAgICAgLy8gb3RoZXJ3aXNlLCBpZiBQaHlzaWNhbFJlc291cmNlSWQgaXMgbm90IHNwZWNpZmllZCwgc29tZXRoaW5nIGlzXG4gICAgICAgIC8vIHRlcnJpYmx5IHdyb25nIGJlY2F1c2UgYWxsIG90aGVyIGV2ZW50cyBzaG91bGQgaGF2ZSBhbiBJRC5cbiAgICAgICAgZXh0ZXJuYWwubG9nKGBFUlJPUjogTWFsZm9ybWVkIGV2ZW50LiBcIlBoeXNpY2FsUmVzb3VyY2VJZFwiIGlzIHJlcXVpcmVkOiAke0pTT04uc3RyaW5naWZ5KGV2ZW50KX1gKTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyB0aGlzIGlzIGFuIGFjdHVhbCBlcnJvciwgZmFpbCB0aGUgYWN0aXZpdHkgYWx0b2dldGhlciBhbmQgZXhpc3QuXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ0ZBSUxFRCcsIHJlc3ApO1xuICB9XG59XG5cbmZ1bmN0aW9uIHJlbmRlclJlc3BvbnNlKFxuICBjZm5SZXF1ZXN0OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgeyBQaHlzaWNhbFJlc291cmNlSWQ/OiBzdHJpbmcgfSxcbiAgaGFuZGxlclJlc3BvbnNlOiB2b2lkIHwgSGFuZGxlclJlc3BvbnNlID0geyB9KTogUmVzcG9uc2Uge1xuXG4gIC8vIGlmIHBoeXNpY2FsIElEIGlzIG5vdCByZXR1cm5lZCwgd2UgaGF2ZSBzb21lIGRlZmF1bHRzIGZvciB5b3UgYmFzZWRcbiAgLy8gb24gdGhlIHJlcXVlc3QgdHlwZS5cbiAgY29uc3QgcGh5c2ljYWxSZXNvdXJjZUlkID0gaGFuZGxlclJlc3BvbnNlLlBoeXNpY2FsUmVzb3VyY2VJZCA/PyBjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZCA/PyBjZm5SZXF1ZXN0LlJlcXVlc3RJZDtcblxuICAvLyBpZiB3ZSBhcmUgaW4gREVMRVRFIGFuZCBwaHlzaWNhbCBJRCB3YXMgY2hhbmdlZCwgaXQncyBhbiBlcnJvci5cbiAgaWYgKGNmblJlcXVlc3QuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIHBoeXNpY2FsUmVzb3VyY2VJZCAhPT0gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYERFTEVURTogY2Fubm90IGNoYW5nZSB0aGUgcGh5c2ljYWwgcmVzb3VyY2UgSUQgZnJvbSBcIiR7Y2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgdG8gXCIke2hhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWR9XCIgZHVyaW5nIGRlbGV0aW9uYCk7XG4gIH1cblxuICAvLyBtZXJnZSByZXF1ZXN0IGV2ZW50IGFuZCByZXN1bHQgZXZlbnQgKHJlc3VsdCBwcmV2YWlscykuXG4gIHJldHVybiB7XG4gICAgLi4uY2ZuUmVxdWVzdCxcbiAgICAuLi5oYW5kbGVyUmVzcG9uc2UsXG4gICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbFJlc291cmNlSWQsXG4gIH07XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHN1Ym1pdFJlc3BvbnNlKHN0YXR1czogJ1NVQ0NFU1MnIHwgJ0ZBSUxFRCcsIGV2ZW50OiBSZXNwb25zZSkge1xuICBjb25zdCBqc29uOiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZVJlc3BvbnNlID0ge1xuICAgIFN0YXR1czogc3RhdHVzLFxuICAgIFJlYXNvbjogZXZlbnQuUmVhc29uID8/IHN0YXR1cyxcbiAgICBTdGFja0lkOiBldmVudC5TdGFja0lkLFxuICAgIFJlcXVlc3RJZDogZXZlbnQuUmVxdWVzdElkLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkIHx8IE1JU1NJTkdfUEhZU0lDQUxfSURfTUFSS0VSLFxuICAgIExvZ2ljYWxSZXNvdXJjZUlkOiBldmVudC5Mb2dpY2FsUmVzb3VyY2VJZCxcbiAgICBOb0VjaG86IGV2ZW50Lk5vRWNobyxcbiAgICBEYXRhOiBldmVudC5EYXRhLFxuICB9O1xuXG4gIGV4dGVybmFsLmxvZygnc3VibWl0IHJlc3BvbnNlIHRvIGNsb3VkZm9ybWF0aW9uJywganNvbik7XG5cbiAgY29uc3QgcmVzcG9uc2VCb2R5ID0gSlNPTi5zdHJpbmdpZnkoanNvbik7XG4gIGNvbnN0IHBhcnNlZFVybCA9IHVybC5wYXJzZShldmVudC5SZXNwb25zZVVSTCk7XG4gIGNvbnN0IHJlcSA9IHtcbiAgICBob3N0bmFtZTogcGFyc2VkVXJsLmhvc3RuYW1lLFxuICAgIHBhdGg6IHBhcnNlZFVybC5wYXRoLFxuICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgaGVhZGVyczogeyAnY29udGVudC10eXBlJzogJycsICdjb250ZW50LWxlbmd0aCc6IHJlc3BvbnNlQm9keS5sZW5ndGggfSxcbiAgfTtcblxuICBhd2FpdCBleHRlcm5hbC5zZW5kSHR0cFJlcXVlc3QocmVxLCByZXNwb25zZUJvZHkpO1xufVxuXG5hc3luYyBmdW5jdGlvbiBkZWZhdWx0U2VuZEh0dHBSZXF1ZXN0KG9wdGlvbnM6IGh0dHBzLlJlcXVlc3RPcHRpb25zLCByZXNwb25zZUJvZHk6IHN0cmluZyk6IFByb21pc2U8dm9pZD4ge1xuICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgIHRyeSB7XG4gICAgICBjb25zdCByZXF1ZXN0ID0gaHR0cHMucmVxdWVzdChvcHRpb25zLCBfID0+IHJlc29sdmUoKSk7XG4gICAgICByZXF1ZXN0Lm9uKCdlcnJvcicsIHJlamVjdCk7XG4gICAgICByZXF1ZXN0LndyaXRlKHJlc3BvbnNlQm9keSk7XG4gICAgICByZXF1ZXN0LmVuZCgpO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIHJlamVjdChlKTtcbiAgICB9XG4gIH0pO1xufVxuXG5mdW5jdGlvbiBkZWZhdWx0TG9nKGZtdDogc3RyaW5nLCAuLi5wYXJhbXM6IGFueVtdKSB7XG4gIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBuby1jb25zb2xlXG4gIGNvbnNvbGUubG9nKGZtdCwgLi4ucGFyYW1zKTtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/cdk.out index 90bef2e09ad39..588d7b269d34f 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/manifest.json index 6ee81885a425c..3c1bdb7b9eee9 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "20.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -19,25 +19,25 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "id": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "path": "asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "id": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "packaging": "zip", - "sourceHash": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "s3BucketParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232", - "s3KeyParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE", - "artifactHashParameter": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2" + "sourceHash": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "s3BucketParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2", + "s3KeyParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48", + "artifactHashParameter": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB" } }, { "type": "aws:cdk:asset", "data": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "packaging": "file", - "sourceHash": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "s3BucketParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4", - "s3KeyParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0", - "artifactHashParameter": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "sourceHash": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "s3BucketParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4", + "s3KeyParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764", + "artifactHashParameter": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } }, { @@ -95,40 +95,40 @@ "data": "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F" } ], - "/test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3Bucket": [ + "/test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2" } ], - "/test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3VersionKey": [ + "/test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ], - "/test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/ArtifactHash": [ + "/test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2" + "data": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB" } ], - "/test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket": [ + "/test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" } ], - "/test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey": [ + "/test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ], - "/test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash": [ + "/test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C" + "data": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685" } ], "/test-bucket-deployments-2/AssetParameters/f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da/S3Bucket": [ @@ -350,10 +350,7 @@ "/test-bucket-deployments-2/BucketDeploymentEFS-VPC-c8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/Resource": [ { "type": "aws:cdk:logicalId", - "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faDE9EC34B", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faDE9EC34B" } ], "/test-bucket-deployments-2/BucketDeploymentEFS-VPC-c8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/EfsSecurityGroup/Resource": [ @@ -371,28 +368,19 @@ "/test-bucket-deployments-2/BucketDeploymentEFS-VPC-c8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/EfsMountTarget1": [ { "type": "aws:cdk:logicalId", - "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faEfsMountTarget140913EA1", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faEfsMountTarget140913EA1" } ], "/test-bucket-deployments-2/BucketDeploymentEFS-VPC-c8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/EfsMountTarget2": [ { "type": "aws:cdk:logicalId", - "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faEfsMountTarget215F1A11A", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faEfsMountTarget215F1A11A" } ], "/test-bucket-deployments-2/BucketDeploymentEFS-VPC-c8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/AccessPoint/Resource": [ { "type": "aws:cdk:logicalId", - "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faAccessPoint657AFA25", - "trace": [ - "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" - ] + "data": "BucketDeploymentEFSVPCc8e45d2d82aec23f89c7172e7e6f994ff3d9c444faAccessPoint657AFA25" } ], "/test-bucket-deployments-2/Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756Cc8e45d2d82aec23f89c7172e7e6f994ff3d9c444fa/ServiceRole/Resource": [ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.assets.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.assets.json index de4d05914f4cb..9c7d0a0a1f975 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.assets.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.assets.json @@ -1,28 +1,28 @@ { - "version": "17.0.0", + "version": "20.0.0", "files": { - "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824": { + "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26": { "source": { - "path": "asset.be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "path": "asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824.zip", + "objectKey": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { "source": { - "path": "asset.01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "path": "asset.672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476.zip", + "objectKey": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } @@ -53,7 +53,7 @@ } } }, - "f6506bf1bfd1e40d9a60935c1dbe4a74a017e7e403997c180c2e21e64216b781": { + "46faa5409c447e4540630ddb084f9f472119a53e65a106e997e36f8793275f73": { "source": { "path": "test-bucket-deployments-2.template.json", "packaging": "file" @@ -61,7 +61,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "f6506bf1bfd1e40d9a60935c1dbe4a74a017e7e403997c180c2e21e64216b781.json", + "objectKey": "46faa5409c447e4540630ddb084f9f472119a53e65a106e997e36f8793275f73.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.template.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.template.json index 591c155e21c80..853f5494c33a7 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.template.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/test-bucket-deployments-2.template.json @@ -129,7 +129,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2" }, "S3Key": { "Fn::Join": [ @@ -142,7 +142,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ] } @@ -155,7 +155,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE" + "Ref": "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48" } ] } @@ -197,7 +197,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -210,7 +210,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -223,7 +223,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -512,7 +512,7 @@ "Ref": "DeployMeAwsCliLayer5F9219E9" } ], - "Runtime": "python3.7", + "Runtime": "python3.9", "Timeout": 900 }, "DependsOn": [ @@ -908,7 +908,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -921,7 +921,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -934,7 +934,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1485,7 +1485,7 @@ "Ref": "DeployMeWithEfsStorageAwsCliLayer1619A3EE" } ], - "Runtime": "python3.7", + "Runtime": "python3.9", "Timeout": 900, "VpcConfig": { "SecurityGroupIds": [ @@ -1606,7 +1606,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -1619,7 +1619,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1632,7 +1632,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1796,7 +1796,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -1809,7 +1809,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1822,7 +1822,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1907,7 +1907,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -1920,7 +1920,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1933,7 +1933,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2009,7 +2009,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "S3Key": { "Fn::Join": [ @@ -2022,7 +2022,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2035,7 +2035,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2111,29 +2111,29 @@ } }, "Parameters": { - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3Bucket180EC6B2": { "Type": "String", - "Description": "S3 bucket for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "S3 bucket for asset \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26S3VersionKeyF1ADAF48": { "Type": "String", - "Description": "S3 key for asset version \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "S3 key for asset version \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2": { + "AssetParameters60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26ArtifactHashF709D3CB": { "Type": "String", - "Description": "Artifact hash for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\"" + "Description": "Artifact hash for asset \"60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4": { "Type": "String", - "Description": "S3 bucket for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 bucket for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764": { "Type": "String", - "Description": "S3 key for asset version \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "S3 key for asset version \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, - "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476ArtifactHash0FB7E57C": { + "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262ArtifactHash9E8C5685": { "Type": "String", - "Description": "Artifact hash for asset \"01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476\"" + "Description": "Artifact hash for asset \"672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262\"" }, "AssetParametersf98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711daS3BucketF23C0DE7": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/tree.json b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/tree.json index 596e9c91ff960..3c93181523f9e 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/bucket-deployment.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "test-bucket-deployments-2": { @@ -189,13 +189,13 @@ "id": "AssetParameters", "path": "test-bucket-deployments-2/AssetParameters", "children": { - "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824": { - "id": "be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", - "path": "test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824", + "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26": { + "id": "60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", + "path": "test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3Bucket", + "path": "test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -203,7 +203,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/S3VersionKey", + "path": "test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -211,7 +211,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "test-bucket-deployments-2/AssetParameters/be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824/ArtifactHash", + "path": "test-bucket-deployments-2/AssetParameters/60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -220,16 +220,16 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, - "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476": { - "id": "01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", - "path": "test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476", + "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262": { + "id": "672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", + "path": "test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3Bucket", + "path": "test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -237,7 +237,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/S3VersionKey", + "path": "test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -245,7 +245,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "test-bucket-deployments-2/AssetParameters/01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476/ArtifactHash", + "path": "test-bucket-deployments-2/AssetParameters/672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -254,7 +254,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "f98b78092dcdd31f5e6d47489beb5f804d4835ef86a8085d0a2053cb9ae711da": { @@ -288,7 +288,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "fc4481abf279255619ff7418faa5d24456fef3432ea0da59c95542578ff0222e": { @@ -322,13 +322,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "DeployMe": { @@ -373,7 +373,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -386,7 +386,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -399,7 +399,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -768,7 +768,7 @@ "Ref": "DeployMeAwsCliLayer5F9219E9" } ], - "runtime": "python3.7", + "runtime": "python3.9", "timeout": 900 } }, @@ -1468,7 +1468,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -1481,7 +1481,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -1494,7 +1494,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2152,7 +2152,7 @@ "Ref": "DeployMeWithEfsStorageAwsCliLayer1619A3EE" } ], - "runtime": "python3.7", + "runtime": "python3.9", "timeout": 900, "vpcConfig": { "subnetIds": [ @@ -2347,7 +2347,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -2360,7 +2360,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2373,7 +2373,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2617,7 +2617,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -2630,7 +2630,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2643,7 +2643,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2767,7 +2767,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -2780,7 +2780,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2793,7 +2793,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2917,7 +2917,7 @@ "aws:cdk:cloudformation:props": { "content": { "s3Bucket": { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3BucketC0D91AC4" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3Bucket2B5B33F4" }, "s3Key": { "Fn::Join": [ @@ -2930,7 +2930,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } @@ -2943,7 +2943,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters01e9cf93416a1f67b17dad851459445bdaaafcc2f3ab4390c03984fd57b2f476S3VersionKey26CFD1B0" + "Ref": "AssetParameters672cee2a3bc0f6f95dc287bbbcfca917f657efdac3d5cea83e0ceec6f1cdc262S3VersionKeyAD46A764" } ] } diff --git a/packages/@aws-cdk/aws-secretsmanager/README.md b/packages/@aws-cdk/aws-secretsmanager/README.md index 3b99e340cf970..0a86cc2ee2082 100644 --- a/packages/@aws-cdk/aws-secretsmanager/README.md +++ b/packages/@aws-cdk/aws-secretsmanager/README.md @@ -18,27 +18,35 @@ import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; ## Create a new Secret in a Stack -In order to have SecretsManager generate a new secret value automatically, -you can get started with the following: +To have SecretsManager generate a new secret value automatically, +follow this example: ```ts -// Default secret +declare const vpc: ec2.Vpc; + +// Simple secret const secret = new secretsmanager.Secret(this, 'Secret'); -// Using the default secret -new iam.User(this, 'User', { - password: secret.secretValue, +// Using the secret +const instance1 = new rds.DatabaseInstance(this, "PostgresInstance1", { + engine: rds.DatabaseInstanceEngine.POSTGRES, + credentials: rds.Credentials.fromSecret(secret), + vpc }); -// Templated secret +// Templated secret with username and password fields const templatedSecret = new secretsmanager.Secret(this, 'TemplatedSecret', { generateSecretString: { - secretStringTemplate: JSON.stringify({ username: 'user' }), + secretStringTemplate: JSON.stringify({ username: 'postgres' }), generateStringKey: 'password', }, }); -// Using the templated secret -new iam.User(this, 'OtherUser', { - userName: templatedSecret.secretValueFromJson('username').toString(), - password: templatedSecret.secretValueFromJson('password'), +// Using the templated secret as credentials +const instance2 = new rds.DatabaseInstance(this, "PostgresInstance2", { + engine: rds.DatabaseInstanceEngine.POSTGRES, + credentials: { + username: templatedSecret.secretValueFromJson('username').toString(), + password: templatedSecret.secretValueFromJson('password') + }, + vpc }); ``` @@ -58,7 +66,7 @@ const secret = secretsmanager.Secret.fromSecretAttributes(this, 'ImportedSecret' SecretsManager secret values can only be used in select set of properties. For the list of properties, see [the CloudFormation Dynamic References documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html). -A secret can set `RemovalPolicy`. If it set to `RETAIN`, that removing a secret will fail. +A secret can set `RemovalPolicy`. If it set to `RETAIN`, removing that secret will fail. ## Grant permission to use the secret to a role diff --git a/packages/@aws-cdk/aws-secretsmanager/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-secretsmanager/rosetta/default.ts-fixture index 64fc649d2d1c2..4e66468a44ec6 100644 --- a/packages/@aws-cdk/aws-secretsmanager/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-secretsmanager/rosetta/default.ts-fixture @@ -5,6 +5,7 @@ import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; import * as kms from '@aws-cdk/aws-kms'; import * as iam from '@aws-cdk/aws-iam'; import * as ec2 from '@aws-cdk/aws-ec2'; +import * as rds from '@aws-cdk/aws-rds'; class Fixture extends Stack { constructor(scope: Construct, id: string) { diff --git a/packages/@aws-cdk/aws-ses/lib/email-identity.ts b/packages/@aws-cdk/aws-ses/lib/email-identity.ts index ad905f5a5ed5c..fec5c2bcba0bd 100644 --- a/packages/@aws-cdk/aws-ses/lib/email-identity.ts +++ b/packages/@aws-cdk/aws-ses/lib/email-identity.ts @@ -218,22 +218,30 @@ class EasyDkim extends DkimIdentity { public bind(emailIdentity: EmailIdentity, hostedZone?: route53.IPublicHostedZone): DkimIdentityConfig | undefined { if (hostedZone) { - new route53.CnameRecord(emailIdentity, 'DkimDnsToken1', { - zone: hostedZone, - recordName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName1 }), - domainName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue1 }), + // Use CfnRecordSet instead of CnameRecord to avoid current bad handling of + // tokens in route53.determineFullyQualifiedDomainName() at https://github.com/aws/aws-cdk/blob/main/packages/%40aws-cdk/aws-route53/lib/util.ts + new route53.CfnRecordSet(emailIdentity, 'DkimDnsToken1', { + hostedZoneId: hostedZone.hostedZoneId, + name: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName1 }), + type: 'CNAME', + resourceRecords: [Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue1 })], + ttl: '1800', }); - new route53.CnameRecord(hostedZone, 'DkimDnsToken2', { - zone: hostedZone, - recordName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName2 }), - domainName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue2 }), + new route53.CfnRecordSet(emailIdentity, 'DkimDnsToken2', { + hostedZoneId: hostedZone.hostedZoneId, + name: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName2 }), + type: 'CNAME', + resourceRecords: [Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue2 })], + ttl: '1800', }); - new route53.CnameRecord(hostedZone, 'DkimDnsToken3', { - zone: hostedZone, - recordName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName3 }), - domainName: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue3 }), + new route53.CfnRecordSet(emailIdentity, 'DkimDnsToken3', { + hostedZoneId: hostedZone.hostedZoneId, + name: Lazy.string({ produce: () => emailIdentity.dkimDnsTokenName3 }), + type: 'CNAME', + resourceRecords: [Lazy.string({ produce: () => emailIdentity.dkimDnsTokenValue3 })], + ttl: '1800', }); } diff --git a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/cdk-ses-email-identity-integ.template.json b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/cdk-ses-email-identity-integ.template.json index 6f3239479a0e6..bd02c3bc647d4 100644 --- a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/cdk-ses-email-identity-integ.template.json +++ b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/cdk-ses-email-identity-integ.template.json @@ -6,21 +6,13 @@ "Name": "cdk.dev." } }, - "HostedZoneDkimDnsToken2A07BC1AD": { + "EmailIdentityDkimDnsToken1BA32ACB3": { "Type": "AWS::Route53::RecordSet", "Properties": { "Name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName2" - ] - }, - ".cdk.dev." - ] + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName1" ] }, "Type": "CNAME", @@ -31,28 +23,20 @@ { "Fn::GetAtt": [ "EmailIdentity7187767D", - "DkimDNSTokenValue2" + "DkimDNSTokenValue1" ] } ], "TTL": "1800" } }, - "HostedZoneDkimDnsToken34DA6A373": { + "EmailIdentityDkimDnsToken2BBEBB8EC": { "Type": "AWS::Route53::RecordSet", "Properties": { "Name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName3" - ] - }, - ".cdk.dev." - ] + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName2" ] }, "Type": "CNAME", @@ -63,28 +47,20 @@ { "Fn::GetAtt": [ "EmailIdentity7187767D", - "DkimDNSTokenValue3" + "DkimDNSTokenValue2" ] } ], "TTL": "1800" } }, - "EmailIdentityDkimDnsToken15F8EC787": { + "EmailIdentityDkimDnsToken3BB5E8A49": { "Type": "AWS::Route53::RecordSet", "Properties": { "Name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName1" - ] - }, - ".cdk.dev." - ] + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName3" ] }, "Type": "CNAME", @@ -95,7 +71,7 @@ { "Fn::GetAtt": [ "EmailIdentity7187767D", - "DkimDNSTokenValue1" + "DkimDNSTokenValue3" ] } ], diff --git a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/manifest.json index 787ac36f4d175..0b7575a360bb5 100644 --- a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/manifest.json @@ -21,22 +21,22 @@ "data": "HostedZoneDB99F866" } ], - "/cdk-ses-email-identity-integ/HostedZone/DkimDnsToken2/Resource": [ + "/cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken1": [ { "type": "aws:cdk:logicalId", - "data": "HostedZoneDkimDnsToken2A07BC1AD" + "data": "EmailIdentityDkimDnsToken1BA32ACB3" } ], - "/cdk-ses-email-identity-integ/HostedZone/DkimDnsToken3/Resource": [ + "/cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken2": [ { "type": "aws:cdk:logicalId", - "data": "HostedZoneDkimDnsToken34DA6A373" + "data": "EmailIdentityDkimDnsToken2BBEBB8EC" } ], - "/cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken1/Resource": [ + "/cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken3": [ { "type": "aws:cdk:logicalId", - "data": "EmailIdentityDkimDnsToken15F8EC787" + "data": "EmailIdentityDkimDnsToken3BB5E8A49" } ], "/cdk-ses-email-identity-integ/EmailIdentity/Resource": [ diff --git a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/tree.json index 477ac6f768970..eb0a6087523f3 100644 --- a/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ses/test/email-identity.integ.snapshot/tree.json @@ -33,106 +33,6 @@ "fqn": "@aws-cdk/aws-route53.CfnHostedZone", "version": "0.0.0" } - }, - "DkimDnsToken2": { - "id": "DkimDnsToken2", - "path": "cdk-ses-email-identity-integ/HostedZone/DkimDnsToken2", - "children": { - "Resource": { - "id": "Resource", - "path": "cdk-ses-email-identity-integ/HostedZone/DkimDnsToken2/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", - "aws:cdk:cloudformation:props": { - "name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName2" - ] - }, - ".cdk.dev." - ] - ] - }, - "type": "CNAME", - "hostedZoneId": { - "Ref": "HostedZoneDB99F866" - }, - "resourceRecords": [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenValue2" - ] - } - ], - "ttl": "1800" - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CfnRecordSet", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CnameRecord", - "version": "0.0.0" - } - }, - "DkimDnsToken3": { - "id": "DkimDnsToken3", - "path": "cdk-ses-email-identity-integ/HostedZone/DkimDnsToken3", - "children": { - "Resource": { - "id": "Resource", - "path": "cdk-ses-email-identity-integ/HostedZone/DkimDnsToken3/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", - "aws:cdk:cloudformation:props": { - "name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName3" - ] - }, - ".cdk.dev." - ] - ] - }, - "type": "CNAME", - "hostedZoneId": { - "Ref": "HostedZoneDB99F866" - }, - "resourceRecords": [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenValue3" - ] - } - ], - "ttl": "1800" - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CfnRecordSet", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CnameRecord", - "version": "0.0.0" - } } }, "constructInfo": { @@ -147,50 +47,96 @@ "DkimDnsToken1": { "id": "DkimDnsToken1", "path": "cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken1", - "children": { - "Resource": { - "id": "Resource", - "path": "cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken1/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", - "aws:cdk:cloudformation:props": { - "name": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenName1" - ] - }, - ".cdk.dev." - ] - ] - }, - "type": "CNAME", - "hostedZoneId": { - "Ref": "HostedZoneDB99F866" - }, - "resourceRecords": [ - { - "Fn::GetAtt": [ - "EmailIdentity7187767D", - "DkimDNSTokenValue1" - ] - } - ], - "ttl": "1800" + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", + "aws:cdk:cloudformation:props": { + "name": { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName1" + ] + }, + "type": "CNAME", + "hostedZoneId": { + "Ref": "HostedZoneDB99F866" + }, + "resourceRecords": [ + { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenValue1" + ] + } + ], + "ttl": "1800" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.CfnRecordSet", + "version": "0.0.0" + } + }, + "DkimDnsToken2": { + "id": "DkimDnsToken2", + "path": "cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken2", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", + "aws:cdk:cloudformation:props": { + "name": { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName2" + ] + }, + "type": "CNAME", + "hostedZoneId": { + "Ref": "HostedZoneDB99F866" + }, + "resourceRecords": [ + { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenValue2" + ] } + ], + "ttl": "1800" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-route53.CfnRecordSet", + "version": "0.0.0" + } + }, + "DkimDnsToken3": { + "id": "DkimDnsToken3", + "path": "cdk-ses-email-identity-integ/EmailIdentity/DkimDnsToken3", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Route53::RecordSet", + "aws:cdk:cloudformation:props": { + "name": { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenName3" + ] }, - "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CfnRecordSet", - "version": "0.0.0" - } + "type": "CNAME", + "hostedZoneId": { + "Ref": "HostedZoneDB99F866" + }, + "resourceRecords": [ + { + "Fn::GetAtt": [ + "EmailIdentity7187767D", + "DkimDNSTokenValue3" + ] + } + ], + "ttl": "1800" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-route53.CnameRecord", + "fqn": "@aws-cdk/aws-route53.CfnRecordSet", "version": "0.0.0" } }, diff --git a/packages/@aws-cdk/aws-ses/test/email-identity.test.ts b/packages/@aws-cdk/aws-ses/test/email-identity.test.ts index 1b15e9c3dbed2..9b8ac5ced9a5a 100644 --- a/packages/@aws-cdk/aws-ses/test/email-identity.test.ts +++ b/packages/@aws-cdk/aws-ses/test/email-identity.test.ts @@ -41,17 +41,9 @@ test('email identity from a hosted zone with easy dkim', () => { Template.fromStack(stack).hasResourceProperties('AWS::Route53::RecordSet', { Name: { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'Identity2D60E2CC', - 'DkimDNSTokenName1', - ], - }, - '.cdk.dev.', - ], + 'Fn::GetAtt': [ + 'Identity2D60E2CC', + 'DkimDNSTokenName1', ], }, Type: 'CNAME', @@ -70,17 +62,9 @@ test('email identity from a hosted zone with easy dkim', () => { Template.fromStack(stack).hasResourceProperties('AWS::Route53::RecordSet', { Name: { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'Identity2D60E2CC', - 'DkimDNSTokenName2', - ], - }, - '.cdk.dev.', - ], + 'Fn::GetAtt': [ + 'Identity2D60E2CC', + 'DkimDNSTokenName2', ], }, Type: 'CNAME', @@ -99,17 +83,9 @@ test('email identity from a hosted zone with easy dkim', () => { Template.fromStack(stack).hasResourceProperties('AWS::Route53::RecordSet', { Name: { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'Identity2D60E2CC', - 'DkimDNSTokenName3', - ], - }, - '.cdk.dev.', - ], + 'Fn::GetAtt': [ + 'Identity2D60E2CC', + 'DkimDNSTokenName3', ], }, Type: 'CNAME', diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 49f268612fc3d..29bad402afe6c 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,96 @@ +# CloudFormation Resource Specification v82.0.0 + +## New Resource Types + + +## Attribute Changes + +* AWS::ElasticBeanstalk::Application Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html +* AWS::RDS::OptionGroup OptionGroupName (__added__) + +## Property Changes + +* AWS::DocDB::DBCluster RestoreToTime (__added__) +* AWS::DocDB::DBCluster RestoreType (__added__) +* AWS::DocDB::DBCluster SourceDBClusterIdentifier (__added__) +* AWS::DocDB::DBCluster UseLatestRestorableTime (__added__) +* AWS::ElasticBeanstalk::Application ApplicationName.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-name + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-applicationname +* AWS::ElasticBeanstalk::Application Description.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-description + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-description +* AWS::ElasticBeanstalk::Application ResourceLifecycleConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-resourcelifecycleconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-resourcelifecycleconfig +* AWS::IoT::CACertificate RegistrationConfig.PrimitiveType (__deleted__) +* AWS::IoT::CACertificate RegistrationConfig.Type (__added__) +* AWS::IoT::ProvisioningTemplate TemplateType (__added__) +* AWS::RDS::OptionGroup OptionConfigurations.DuplicatesAllowed (__deleted__) +* AWS::RDS::OptionGroup OptionConfigurations.Required (__changed__) + * Old: true + * New: false +* AWS::RDS::OptionGroup OptionConfigurations.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::RDS::OptionGroup Tags.DuplicatesAllowed (__deleted__) + +## Property Type Changes + +* AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration (__added__) +* AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration (__added__) +* AWS::IoT::CACertificate.RegistrationConfig (__added__) +* AWS::DLM::LifecyclePolicy.Parameters ExcludeDataVolumeTags (__added__) +* AWS::GuardDuty::Detector.CFNDataSourceConfigurations MalwareProtection (__added__) +* AWS::Lex::Bot.PromptSpecification MessageSelectionStrategy (__added__) +* AWS::MediaPackage::OriginEndpoint.DashPackage IncludeIframeOnlyStream (__added__) +* AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage Mode.Required (__changed__) + * Old: false + * New: true +* AWS::RDS::OptionGroup.OptionConfiguration DBSecurityGroupMemberships.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-dbsecuritygroupmemberships + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-dbsecuritygroupmemberships +* AWS::RDS::OptionGroup.OptionConfiguration DBSecurityGroupMemberships.DuplicatesAllowed (__changed__) + * Old: true + * New: false +* AWS::RDS::OptionGroup.OptionConfiguration OptionName.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-optionname + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionname +* AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.DuplicatesAllowed (__deleted__) +* AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-optionsettings + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionsettings +* AWS::RDS::OptionGroup.OptionConfiguration OptionVersion.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfiguration-optionversion + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionversion +* AWS::RDS::OptionGroup.OptionConfiguration Port.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-port + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-port +* AWS::RDS::OptionGroup.OptionConfiguration VpcSecurityGroupMemberships.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-vpcsecuritygroupmemberships + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-vpcsecuritygroupmemberships +* AWS::RDS::OptionGroup.OptionConfiguration VpcSecurityGroupMemberships.DuplicatesAllowed (__changed__) + * Old: true + * New: false +* AWS::RDS::OptionGroup.OptionSetting Name.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations-optionsettings.html#cfn-rds-optiongroup-optionconfigurations-optionsettings-name + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionsetting.html#cfn-rds-optiongroup-optionsetting-name +* AWS::RDS::OptionGroup.OptionSetting Value.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations-optionsettings.html#cfn-rds-optiongroup-optionconfigurations-optionsettings-value + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionsetting.html#cfn-rds-optiongroup-optionsetting-value +* AWS::WAFv2::RuleGroup.SqliMatchStatement SensitivityLevel (__added__) +* AWS::WAFv2::WebACL.SqliMatchStatement SensitivityLevel (__added__) + +## Unapplied changes + +* AWS::ConnectCampaigns is at 0.0.0 +* AWS::DynamoDB is at 81.1.0 +* AWS::Rekognition is at 68.0.0 +* AWS::RolesAnywhere is at 0.0.0 +* AWS::SageMaker is at 72.0.0 + # CloudFormation Resource Specification v81.1.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 1c3cffa48f0b2..a195b86d77b8c 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -81.1.0 +82.0.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_ConnectCampaigns.rejected.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_ConnectCampaigns.rejected.json index 51503fb2ede81..673e289e643c4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_ConnectCampaigns.rejected.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_ConnectCampaigns.rejected.json @@ -27,7 +27,7 @@ } } }, - "ResourceSpecificationVersion": "81.1.0", + "ResourceSpecificationVersion": "82.0.0", "ResourceTypes": { "AWS::ConnectCampaigns::Campaign": { "Attributes": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_DynamoDB.rejected.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_DynamoDB.rejected.json new file mode 100644 index 0000000000000..1af115746c495 --- /dev/null +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_DynamoDB.rejected.json @@ -0,0 +1,779 @@ +{ + "PropertyTypes": { + "AWS::DynamoDB::GlobalTable.AttributeDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-attributedefinition.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-attributedefinition.html#cfn-dynamodb-globaltable-attributedefinition-attributename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "AttributeType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-attributedefinition.html#cfn-dynamodb-globaltable-attributedefinition-attributetype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-capacityautoscalingsettings.html", + "Properties": { + "MaxCapacity": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-capacityautoscalingsettings.html#cfn-dynamodb-globaltable-capacityautoscalingsettings-maxcapacity", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "MinCapacity": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-capacityautoscalingsettings.html#cfn-dynamodb-globaltable-capacityautoscalingsettings-mincapacity", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "SeedCapacity": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-capacityautoscalingsettings.html#cfn-dynamodb-globaltable-capacityautoscalingsettings-seedcapacity", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "TargetTrackingScalingPolicyConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-capacityautoscalingsettings.html#cfn-dynamodb-globaltable-capacityautoscalingsettings-targettrackingscalingpolicyconfiguration", + "Required": true, + "Type": "TargetTrackingScalingPolicyConfiguration", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-contributorinsightsspecification.html", + "Properties": { + "Enabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-contributorinsightsspecification.html#cfn-dynamodb-globaltable-contributorinsightsspecification-enabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-globalsecondaryindex.html", + "Properties": { + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-globalsecondaryindex.html#cfn-dynamodb-globaltable-globalsecondaryindex-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-globalsecondaryindex.html#cfn-dynamodb-globaltable-globalsecondaryindex-keyschema", + "DuplicatesAllowed": false, + "ItemType": "KeySchema", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-globalsecondaryindex.html#cfn-dynamodb-globaltable-globalsecondaryindex-projection", + "Required": true, + "Type": "Projection", + "UpdateType": "Mutable" + }, + "WriteProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-globalsecondaryindex.html#cfn-dynamodb-globaltable-globalsecondaryindex-writeprovisionedthroughputsettings", + "Required": false, + "Type": "WriteProvisionedThroughputSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-keyschema.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-keyschema.html#cfn-dynamodb-globaltable-keyschema-attributename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-keyschema.html#cfn-dynamodb-globaltable-keyschema-keytype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-localsecondaryindex.html", + "Properties": { + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-localsecondaryindex.html#cfn-dynamodb-globaltable-localsecondaryindex-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-localsecondaryindex.html#cfn-dynamodb-globaltable-localsecondaryindex-keyschema", + "DuplicatesAllowed": false, + "ItemType": "KeySchema", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-localsecondaryindex.html#cfn-dynamodb-globaltable-localsecondaryindex-projection", + "Required": true, + "Type": "Projection", + "UpdateType": "Immutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-pointintimerecoveryspecification.html", + "Properties": { + "PointInTimeRecoveryEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-pointintimerecoveryspecification.html#cfn-dynamodb-globaltable-pointintimerecoveryspecification-pointintimerecoveryenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-projection.html", + "Properties": { + "NonKeyAttributes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-projection.html#cfn-dynamodb-globaltable-projection-nonkeyattributes", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "ProjectionType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-projection.html#cfn-dynamodb-globaltable-projection-projectiontype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-readprovisionedthroughputsettings.html", + "Properties": { + "ReadCapacityAutoScalingSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-readprovisionedthroughputsettings.html#cfn-dynamodb-globaltable-readprovisionedthroughputsettings-readcapacityautoscalingsettings", + "Required": false, + "Type": "CapacityAutoScalingSettings", + "UpdateType": "Mutable" + }, + "ReadCapacityUnits": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-readprovisionedthroughputsettings.html#cfn-dynamodb-globaltable-readprovisionedthroughputsettings-readcapacityunits", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaglobalsecondaryindexspecification.html", + "Properties": { + "ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaglobalsecondaryindexspecification.html#cfn-dynamodb-globaltable-replicaglobalsecondaryindexspecification-contributorinsightsspecification", + "Required": false, + "Type": "ContributorInsightsSpecification", + "UpdateType": "Mutable" + }, + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaglobalsecondaryindexspecification.html#cfn-dynamodb-globaltable-replicaglobalsecondaryindexspecification-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ReadProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaglobalsecondaryindexspecification.html#cfn-dynamodb-globaltable-replicaglobalsecondaryindexspecification-readprovisionedthroughputsettings", + "Required": false, + "Type": "ReadProvisionedThroughputSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicassespecification.html", + "Properties": { + "KMSMasterKeyId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicassespecification.html#cfn-dynamodb-globaltable-replicassespecification-kmsmasterkeyid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html", + "Properties": { + "ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-contributorinsightsspecification", + "Required": false, + "Type": "ContributorInsightsSpecification", + "UpdateType": "Mutable" + }, + "GlobalSecondaryIndexes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-globalsecondaryindexes", + "DuplicatesAllowed": false, + "ItemType": "ReplicaGlobalSecondaryIndexSpecification", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "PointInTimeRecoverySpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-pointintimerecoveryspecification", + "Required": false, + "Type": "PointInTimeRecoverySpecification", + "UpdateType": "Mutable" + }, + "ReadProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-readprovisionedthroughputsettings", + "Required": false, + "Type": "ReadProvisionedThroughputSettings", + "UpdateType": "Mutable" + }, + "Region": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-region", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-ssespecification", + "Required": false, + "Type": "ReplicaSSESpecification", + "UpdateType": "Mutable" + }, + "TableClass": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-tableclass", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-replicaspecification.html#cfn-dynamodb-globaltable-replicaspecification-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.SSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-ssespecification.html", + "Properties": { + "SSEEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-ssespecification.html#cfn-dynamodb-globaltable-ssespecification-sseenabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + }, + "SSEType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-ssespecification.html#cfn-dynamodb-globaltable-ssespecification-ssetype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.StreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-streamspecification.html", + "Properties": { + "StreamViewType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-streamspecification.html#cfn-dynamodb-globaltable-streamspecification-streamviewtype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-targettrackingscalingpolicyconfiguration.html", + "Properties": { + "DisableScaleIn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-targettrackingscalingpolicyconfiguration.html#cfn-dynamodb-globaltable-targettrackingscalingpolicyconfiguration-disablescalein", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "ScaleInCooldown": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-targettrackingscalingpolicyconfiguration.html#cfn-dynamodb-globaltable-targettrackingscalingpolicyconfiguration-scaleincooldown", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "ScaleOutCooldown": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-targettrackingscalingpolicyconfiguration.html#cfn-dynamodb-globaltable-targettrackingscalingpolicyconfiguration-scaleoutcooldown", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "TargetValue": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-targettrackingscalingpolicyconfiguration.html#cfn-dynamodb-globaltable-targettrackingscalingpolicyconfiguration-targetvalue", + "PrimitiveType": "Double", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-timetolivespecification.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-timetolivespecification.html#cfn-dynamodb-globaltable-timetolivespecification-attributename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Enabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-timetolivespecification.html#cfn-dynamodb-globaltable-timetolivespecification-enabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-writeprovisionedthroughputsettings.html", + "Properties": { + "WriteCapacityAutoScalingSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-writeprovisionedthroughputsettings.html#cfn-dynamodb-globaltable-writeprovisionedthroughputsettings-writecapacityautoscalingsettings", + "Required": false, + "Type": "CapacityAutoScalingSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.AttributeDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-attributedefinition.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-attributedefinition.html#cfn-dynamodb-table-attributedefinition-attributename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "AttributeType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-attributedefinition.html#cfn-dynamodb-table-attributedefinition-attributetype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-contributorinsightsspecification.html", + "Properties": { + "Enabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-contributorinsightsspecification.html#cfn-dynamodb-table-contributorinsightsspecification-enabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html", + "Properties": { + "ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html#cfn-dynamodb-table-globalsecondaryindex-contributorinsightsspecification", + "Required": false, + "Type": "ContributorInsightsSpecification", + "UpdateType": "Mutable" + }, + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html#cfn-dynamodb-table-globalsecondaryindex-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html#cfn-dynamodb-table-globalsecondaryindex-keyschema", + "DuplicatesAllowed": false, + "ItemType": "KeySchema", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html#cfn-dynamodb-table-globalsecondaryindex-projection", + "Required": true, + "Type": "Projection", + "UpdateType": "Mutable" + }, + "ProvisionedThroughput": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-globalsecondaryindex.html#cfn-dynamodb-table-globalsecondaryindex-provisionedthroughput", + "Required": false, + "Type": "ProvisionedThroughput", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-keyschema.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-keyschema.html#cfn-dynamodb-table-keyschema-attributename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-keyschema.html#cfn-dynamodb-table-keyschema-keytype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.KinesisStreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-kinesisstreamspecification.html", + "Properties": { + "StreamArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-kinesisstreamspecification.html#cfn-dynamodb-table-kinesisstreamspecification-streamarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-localsecondaryindex.html", + "Properties": { + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-localsecondaryindex.html#cfn-dynamodb-table-localsecondaryindex-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-localsecondaryindex.html#cfn-dynamodb-table-localsecondaryindex-keyschema", + "DuplicatesAllowed": false, + "ItemType": "KeySchema", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-localsecondaryindex.html#cfn-dynamodb-table-localsecondaryindex-projection", + "Required": true, + "Type": "Projection", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html", + "Properties": { + "PointInTimeRecoveryEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html#cfn-dynamodb-table-pointintimerecoveryspecification-pointintimerecoveryenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.Projection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-projection.html", + "Properties": { + "NonKeyAttributes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-projection.html#cfn-dynamodb-table-projection-nonkeyattributes", + "DuplicatesAllowed": true, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "ProjectionType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-projection.html#cfn-dynamodb-table-projection-projectiontype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.ProvisionedThroughput": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-provisionedthroughput.html", + "Properties": { + "ReadCapacityUnits": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-provisionedthroughput.html#cfn-dynamodb-table-provisionedthroughput-readcapacityunits", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "WriteCapacityUnits": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-provisionedthroughput.html#cfn-dynamodb-table-provisionedthroughput-writecapacityunits", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.SSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html", + "Properties": { + "KMSMasterKeyId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html#cfn-dynamodb-table-ssespecification-kmsmasterkeyid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SSEEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html#cfn-dynamodb-table-ssespecification-sseenabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + }, + "SSEType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html#cfn-dynamodb-table-ssespecification-ssetype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.StreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-streamspecification.html", + "Properties": { + "StreamViewType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-streamspecification.html#cfn-dynamodb-table-streamspecification-streamviewtype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-timetolivespecification.html", + "Properties": { + "AttributeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-timetolivespecification.html#cfn-dynamodb-table-timetolivespecification-attributename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Enabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-timetolivespecification.html#cfn-dynamodb-table-timetolivespecification-enabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + } + } + } + }, + "ResourceSpecificationVersion": "82.0.0", + "ResourceTypes": { + "AWS::DynamoDB::GlobalTable": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "StreamArn": { + "PrimitiveType": "String" + }, + "TableId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html", + "Properties": { + "AttributeDefinitions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-attributedefinitions", + "DuplicatesAllowed": false, + "ItemType": "AttributeDefinition", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "BillingMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-billingmode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "GlobalSecondaryIndexes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-globalsecondaryindexes", + "DuplicatesAllowed": false, + "ItemType": "GlobalSecondaryIndex", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-keyschema", + "DuplicatesAllowed": false, + "ItemType": "KeySchema", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "LocalSecondaryIndexes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-localsecondaryindexes", + "DuplicatesAllowed": false, + "ItemType": "LocalSecondaryIndex", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, + "Replicas": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-replicas", + "DuplicatesAllowed": false, + "ItemType": "ReplicaSpecification", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "SSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-ssespecification", + "Required": false, + "Type": "SSESpecification", + "UpdateType": "Mutable" + }, + "StreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-streamspecification", + "Required": false, + "Type": "StreamSpecification", + "UpdateType": "Mutable" + }, + "TableName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-tablename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "TimeToLiveSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-timetolivespecification", + "Required": false, + "Type": "TimeToLiveSpecification", + "UpdateType": "Mutable" + }, + "WriteProvisionedThroughputSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html#cfn-dynamodb-globaltable-writeprovisionedthroughputsettings", + "Required": false, + "Type": "WriteProvisionedThroughputSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::DynamoDB::Table": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "StreamArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html", + "Properties": { + "AttributeDefinitions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-attributedefinitions", + "DuplicatesAllowed": false, + "ItemType": "AttributeDefinition", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "BillingMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-billingmode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ContributorInsightsSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-contributorinsightsspecification", + "Required": false, + "Type": "ContributorInsightsSpecification", + "UpdateType": "Mutable" + }, + "GlobalSecondaryIndexes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-globalsecondaryindexes", + "DuplicatesAllowed": true, + "ItemType": "GlobalSecondaryIndex", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "KeySchema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-keyschema", + "Required": true, + "Type": "Json", + "UpdateType": "Mutable" + }, + "KinesisStreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-kinesisstreamspecification", + "Required": false, + "Type": "KinesisStreamSpecification", + "UpdateType": "Mutable" + }, + "LocalSecondaryIndexes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-localsecondaryindexes", + "DuplicatesAllowed": true, + "ItemType": "LocalSecondaryIndex", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "PointInTimeRecoverySpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-pointintimerecoveryspecification", + "Required": false, + "Type": "PointInTimeRecoverySpecification", + "UpdateType": "Mutable" + }, + "ProvisionedThroughput": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-provisionedthroughput", + "Required": false, + "Type": "ProvisionedThroughput", + "UpdateType": "Mutable" + }, + "SSESpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-ssespecification", + "Required": false, + "Type": "SSESpecification", + "UpdateType": "Mutable" + }, + "StreamSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-streamspecification", + "Required": false, + "Type": "StreamSpecification", + "UpdateType": "Mutable" + }, + "TableClass": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-tableclass", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TableName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-tablename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-tags", + "DuplicatesAllowed": true, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "TimeToLiveSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-timetolivespecification", + "Required": false, + "Type": "TimeToLiveSpecification", + "UpdateType": "Mutable" + } + } + } + } +} diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_Rekognition.rejected.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_Rekognition.rejected.json index c352ffb6ad299..63839d4ede0f5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_Rekognition.rejected.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_Rekognition.rejected.json @@ -143,7 +143,7 @@ } } }, - "ResourceSpecificationVersion": "81.1.0", + "ResourceSpecificationVersion": "82.0.0", "ResourceTypes": { "AWS::Rekognition::Collection": { "Attributes": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_RolesAnywhere.rejected.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_RolesAnywhere.rejected.json index 310547ee9f1b6..b75435729f2ca 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_RolesAnywhere.rejected.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_RolesAnywhere.rejected.json @@ -20,7 +20,7 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rolesanywhere-trustanchor-sourcedata.html" } }, - "ResourceSpecificationVersion": "81.1.0", + "ResourceSpecificationVersion": "82.0.0", "ResourceTypes": { "AWS::RolesAnywhere::CRL": { "Attributes": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_SageMaker.rejected.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_SageMaker.rejected.json index 61f01716b68bf..c17c1bbbf4ada 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_SageMaker.rejected.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/.000_AWS_SageMaker.rejected.json @@ -3531,7 +3531,7 @@ } } }, - "ResourceSpecificationVersion": "81.1.0", + "ResourceSpecificationVersion": "82.0.0", "ResourceTypes": { "AWS::SageMaker::App": { "Attributes": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json index 0fd8310fc8fbd..bff7324e08304 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ACMPCA::Certificate.ApiPassthrough": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificate-apipassthrough.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json index 0e2b2fe9615fb..e5ff8509229fd 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::APS::RuleGroupsNamespace": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json index 5513f8c2e7540..cedca5b9cda45 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AccessAnalyzer::Analyzer.ArchiveRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-archiverule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json index 11095c7284048..21e7bd2f19026 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AmazonMQ::Broker.ConfigurationId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amazonmq-broker-configurationid.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json index f54e4f9635186..aa531d01e991a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Amplify::App.AutoBranchCreationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-autobranchcreationconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json index e76161993c5d4..6ddb638ac9369 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AmplifyUIBuilder::Component.ActionParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplifyuibuilder-component-actionparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json index d9b9308be377d..28bf37fdedb48 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ApiGateway::ApiKey.StageKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-apikey-stagekey.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json index 317adbb0fb435..a1d789ae5f245 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ApiGatewayV2::Api.BodyS3Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-api-bodys3location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json index 304847a15173d..04032301d5435 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppConfig::Application.Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appconfig-application-tags.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json index 2fbd6c391c995..d64f70dd24f33 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppFlow::ConnectorProfile.AmplitudeConnectorProfileCredentials": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appflow-connectorprofile-amplitudeconnectorprofilecredentials.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json index c11f78f57ed55..b9289ff12249c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppIntegrations::DataIntegration.ScheduleConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appintegrations-dataintegration-scheduleconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json index 4c4d221c5decb..653b10632df45 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppMesh::GatewayRoute.GatewayRouteHostnameMatch": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appmesh-gatewayroute-gatewayroutehostnamematch.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json index 6a15df7e6ce05..8602f8ff28721 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppRunner::ObservabilityConfiguration.TraceConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-observabilityconfiguration-traceconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json index 78732d04f0c8a..0306ecd75a725 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppStream::AppBlock.S3Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appstream-appblock-s3location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json index e0d67a2b32fe5..49745aa2ce4bf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AppSync::DataSource.AuthorizationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-datasource-authorizationconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json index e0d136822ee39..abe2751ba3adf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalabletarget-scalabletargetaction.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json index 294a8d4dd3d1f..a1fa2c218704a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ApplicationInsights::Application.Alarm": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationinsights-application-alarm.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json index 7f96d37d8430e..d56952c3705f0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Athena::WorkGroup.EncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-encryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json index 91cace0109fd6..36e83552cc95a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AuditManager::Assessment.AWSAccount": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json index bc816ace73004..3f17515c03859 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AutoScaling::AutoScalingGroup.AcceleratorCountRequest": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-acceleratorcountrequest.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json index 7f732a1744aab..8eeef3040d48d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::AutoScalingPlans::ScalingPlan.ApplicationSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscalingplans-scalingplan-applicationsource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json index 02da7a1ef5425..63852ef6a7db3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Backup::BackupPlan.AdvancedBackupSettingResourceType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-advancedbackupsettingresourcetype.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json index 4c0dc3f5493a1..6228e0e89ea19 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Batch::ComputeEnvironment.ComputeResources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json index 286ccf33748d7..e9c1e1e822899 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::BillingConductor::BillingGroup.AccountGrouping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-billingconductor-billinggroup-accountgrouping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json index c28ecd3a63808..23b1737c4ceab 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Budgets::Budget.BudgetData": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-budgets-budget-budgetdata.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json index 9a1990296dc72..5071f41d9145c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CE::AnomalyMonitor.ResourceTag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ce-anomalymonitor-resourcetag.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json index 5728591fd4d5e..3d9586edf08e2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CUR::ReportDefinition": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json index 65c03578275a6..f6b0820281535 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Cassandra::Table.BillingMode": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cassandra-table-billingmode.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json index cb14186d5f89f..687ab85f9672f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-account-expiryeventsconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json index b17d2c319e799..378b90ae9b503 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Chatbot::SlackChannelConfiguration": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json index b4ea5dd5754ac..d6de6ebc2fe4c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Cloud9::EnvironmentEC2.Repository": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloud9-environmentec2-repository.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json index 98e1dfa1d00df..af52e27669ee3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CloudFormation::HookVersion.LoggingConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-hookversion-loggingconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json index e46c56ca4e1f9..0b20c23f3fddd 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-cachepolicy-cachepolicyconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json index 84868cb4a6064..6de90820f4cd5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudtrail-eventdatastore-advancedeventselector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json index ba0ddacaf993b..72da820c8b3cc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CloudWatch::Alarm.Dimension": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-dimension.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json index 85d2519506a06..a878795346a61 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeArtifact::Domain": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json index 7c9585f06d000..9705e69f511ee 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeBuild::Project.Artifacts": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-artifacts.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json index 9a31f38f3127e..51fbb44837fad 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeCommit::Repository.Code": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codecommit-repository-code.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json index 609da73e9ef31..d62b5df2591b5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentconfig-minimumhealthyhosts.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json index 6c964b30d4a54..0bd77777dd82f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codeguruprofiler-profilinggroup-channel.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json index 50d842fc45ff3..8324bda093fd7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeGuruReviewer::RepositoryAssociation": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json index 68434295b77a0..d2d46b34e5843 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-customactiontype-artifactdetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json index e278b7ded9553..b49002272ed9c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeStar::GitHubRepository.Code": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codestar-githubrepository-code.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json index 5a79c60991e8f..24066d3c426d5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeStarConnections::Connection": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json index 73bf382fd6a5c..88c25e310b3bc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CodeStarNotifications::NotificationRule.Target": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codestarnotifications-notificationrule-target.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json index e8a8754d9ca85..a61e0321c5411 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json index 2978815f36799..11117e9767424 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Config::ConfigRule.CustomPolicyDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-custompolicydetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json index 3fb58e1b0c8d1..2347396241c8e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-hoursofoperation-hoursofoperationconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json index a8860bb4086d5..ff11e511e151b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::CustomerProfiles::Integration.ConnectorOperator": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-customerprofiles-integration-connectoroperator.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json index 79b81182ba3a2..354b12300a3cd 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DAX::Cluster.SSESpecification": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dax-cluster-ssespecification.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json index 728ba0af1e1e8..715c61586ac5b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DLM::LifecyclePolicy.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-action.html", @@ -279,6 +279,13 @@ "Required": false, "UpdateType": "Mutable" }, + "ExcludeDataVolumeTags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-parameters.html#cfn-dlm-lifecyclepolicy-parameters-excludedatavolumetags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "NoReboot": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-parameters.html#cfn-dlm-lifecyclepolicy-parameters-noreboot", "PrimitiveType": "Boolean", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json index bdbf540a2f737..4513dc6f2fb48 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DMS::Endpoint.DocDbSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-docdbsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json index bd2ebd7b33f8a..5ad66d818409f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DataBrew::Dataset.CsvOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-databrew-dataset-csvoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json index 9c2f5ec07f473..5b80df8ab65e8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DataPipeline::Pipeline.Field": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datapipeline-pipeline-pipelineobjects-fields.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json index c57a80a438b7c..a73aaa0976317 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DataSync::LocationEFS.Ec2Config": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json index e6277d5ed2dc6..f8b3b0c9e15f0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Detective::Graph": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json index 414458fd80dc3..8205e838f3b36 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-devopsguru-notificationchannel-notificationchannelconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json index 9f5725db78ca9..26c7fad1af3ca 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::DirectoryService::MicrosoftAD.VpcSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-directoryservice-microsoftad-vpcsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json index b2b7fb91d7290..56616cd919c37 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::DocDB::DBCluster": { @@ -111,12 +111,30 @@ "Required": false, "UpdateType": "Mutable" }, + "RestoreToTime": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-restoretotime", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RestoreType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-restoretype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "SnapshotIdentifier": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-snapshotidentifier", "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" }, + "SourceDBClusterIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-sourcedbclusteridentifier", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, "StorageEncrypted": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-storageencrypted", "PrimitiveType": "Boolean", @@ -130,6 +148,12 @@ "Type": "List", "UpdateType": "Mutable" }, + "UseLatestRestorableTime": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-uselatestrestorabletime", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "VpcSecurityGroupIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-docdb-dbcluster.html#cfn-docdb-dbcluster-vpcsecuritygroupids", "PrimitiveItemType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json index e047484358ba2..62fb9ab216aaf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EC2::CapacityReservation.TagSpecification": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-capacityreservation-tagspecification.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json index eff801a9dac80..96433b70b1d7d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json index 34cf68326a533..3ee751fe7f00a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-capacityprovider-autoscalinggroupprovider.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json index 6a6a0a06742d6..2cf2141d8261a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EFS::AccessPoint.AccessPointTag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-accesspoint-accesspointtag.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json index 7fccc63d0ad8b..266a318c2d94a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EKS::Cluster.ClusterLogging": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json index 1fe621b660d5e..b1d9b94ab6229 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EMR::Cluster.Application": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-application.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json index 4de31eb28b525..c3326f665564f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrcontainers-virtualcluster-containerinfo.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json index 45a68cc2f036f..325df4c50cb21 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EMRServerless::Application.AutoStartConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrserverless-application-autostartconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json index 79e7b46c57260..47f8a89f593d4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cachecluster-cloudwatchlogsdestinationdetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json index ebd9a133268b8..0848004553970 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticbeanstalk-application-applicationresourcelifecycleconfig.html", @@ -199,22 +199,22 @@ }, "ResourceTypes": { "AWS::ElasticBeanstalk::Application": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html", "Properties": { "ApplicationName": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-name", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-applicationname", "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" }, "Description": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-description", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-description", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, "ResourceLifecycleConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-beanstalk.html#cfn-elasticbeanstalk-application-resourcelifecycleconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticbeanstalk-application.html#cfn-elasticbeanstalk-application-resourcelifecycleconfig", "Required": false, "Type": "ApplicationResourceLifecycleConfig", "UpdateType": "Mutable" diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json index 35cc4bb0a7173..5ec7ad4a50f6a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json index 28dadf7a799d4..05a99ba7bff59 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ElasticLoadBalancingV2::Listener.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json index bc65c85b424cc..057994ec210ff 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-advancedsecurityoptionsinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json index 324882dc98a9c..7bf13b85e6620 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::EventSchemas::Discoverer.TagsEntry": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eventschemas-discoverer-tagsentry.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json index 088f52e3cddd3..6e3fba949fd93 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Events::Connection.ApiKeyAuthParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-connection-apikeyauthparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json index bbd13728b0612..b8f2fcdb70bc8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Evidently::Experiment.MetricGoalObject": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evidently-experiment-metricgoalobject.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json index e14ede453f6c3..8958fbaa56cad 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json index 9e162c2a42bd1..295a8181ae3d1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::FMS::Policy.IEMap": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-iemap.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json index 61a730ea4293b..84a4bee257c55 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::FSx::FileSystem.AuditLogConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fsx-filesystem-windowsconfiguration-auditlogconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json index 5f9b6fa78e0f2..c6ffe7817c3ce 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::FinSpace::Environment.FederationParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-finspace-environment-federationparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json index 4fddd89bcb011..778012c02175e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Forecast::Dataset": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json index aa107a4685d84..c7e4736fb55cc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::FraudDetector::Detector.EntityType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-frauddetector-detector-entitytype.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json index b98b3f6dc4d7b..7bb344af1d648 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::GameLift::Alias.RoutingStrategy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-alias-routingstrategy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json index 30492ef22d5fc..42219d7a6291e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-globalaccelerator-endpointgroup-endpointconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json index 84a8085ae968e..bf6afb12013e2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Glue::Classifier.CsvClassifier": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-classifier-csvclassifier.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json index aca2539650f49..68d212789fbf9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Greengrass::ConnectorDefinition.Connector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json index ad34486853c5f..ad6512c183587 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrassv2-componentversion-componentdependencyrequirement.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json index bf11c8a42e89a..c7846addeab9c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::GroundStation::Config.AntennaDownlinkConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-groundstation-config-antennadownlinkconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json index e2e098b93f42d..c6c9f5b4e8064 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html", @@ -10,6 +10,12 @@ "Type": "CFNKubernetesConfiguration", "UpdateType": "Mutable" }, + "MalwareProtection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-malwareprotection", + "Required": false, + "Type": "CFNMalwareProtectionConfiguration", + "UpdateType": "Mutable" + }, "S3Logs": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-s3logs", "Required": false, @@ -40,6 +46,17 @@ } } }, + "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnmalwareprotectionconfiguration.html", + "Properties": { + "ScanEc2InstanceWithFindings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnmalwareprotectionconfiguration.html#cfn-guardduty-detector-cfnmalwareprotectionconfiguration-scanec2instancewithfindings", + "Required": false, + "Type": "CFNScanEc2InstanceWithFindingsConfiguration", + "UpdateType": "Mutable" + } + } + }, "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfns3logsconfiguration.html", "Properties": { @@ -51,6 +68,17 @@ } } }, + "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnscanec2instancewithfindingsconfiguration.html", + "Properties": { + "EbsVolumes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnscanec2instancewithfindingsconfiguration.html#cfn-guardduty-detector-cfnscanec2instancewithfindingsconfiguration-ebsvolumes", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::GuardDuty::Filter.Condition": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html", "Properties": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json index 4778e0ef08573..1cb0ab2501e22 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-kmsencryptionconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json index 93e0e93d1bd93..3aec1374782fa 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IAM::Group.Policy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json index 4499e0a542de4..884580cca4b7d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-destinationconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json index 686c7fea12a79..9ba59784bf7ad 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-imagebuilder-containerrecipe-componentconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json index a5e828a0332d7..4f671a5776f9a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Inspector::AssessmentTarget": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json index 084167453cdc5..8e02a2213504d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::InspectorV2::Filter.DateFilter": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-inspectorv2-filter-datefilter.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json index bfd182530f1aa..85dfc0a3aee1b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfiguration.html", @@ -135,6 +135,29 @@ } } }, + "AWS::IoT::CACertificate.RegistrationConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-cacertificate-registrationconfig.html", + "Properties": { + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-cacertificate-registrationconfig.html#cfn-iot-cacertificate-registrationconfig-rolearn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TemplateBody": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-cacertificate-registrationconfig.html#cfn-iot-cacertificate-registrationconfig-templatebody", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TemplateName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-cacertificate-registrationconfig.html#cfn-iot-cacertificate-registrationconfig-templatename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-domainconfiguration-authorizerconfig.html", "Properties": { @@ -1686,8 +1709,8 @@ }, "RegistrationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-cacertificate.html#cfn-iot-cacertificate-registrationconfig", - "PrimitiveType": "Json", "Required": false, + "Type": "RegistrationConfig", "UpdateType": "Mutable" }, "Status": { @@ -2209,6 +2232,12 @@ "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" + }, + "TemplateType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-provisioningtemplate.html#cfn-iot-provisioningtemplate-templatetype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" } } }, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json index 40e13455b6083..4f5578749fa2e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoT1Click::Project.DeviceTemplate": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot1click-project-devicetemplate.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json index 516328311d635..bd3fa52b66d22 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTAnalytics::Channel.ChannelStorage": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotanalytics-channel-channelstorage.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json index 6653845933631..136633a7d974f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json index ccd33c3b34983..9575b8132d179 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotevents-alarmmodel-acknowledgeflow.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json index 1d8872e97b9ed..8cfa9f101f259 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::IoTFleetHub::Application": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json index 8f81de8fad627..ff14872b92db3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotsitewise-accesspolicy-accesspolicyidentity.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json index 37f8a15b8233e..fcd20faee992f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotthingsgraph-flowtemplate-definitiondocument.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json index 5bc6e9f814618..dee1111bf1a67 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTTwinMaker::ComponentType.DataConnector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iottwinmaker-componenttype-dataconnector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json index 3269f1046146c..d97e77006d0b0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-deviceprofile-lorawandeviceprofile.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json index eff3fd5e5442d..b740534553012 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::KMS::Alias": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json index e0f5392fcef0d..1e46600e6e24a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kafkaconnect-connector-apachekafkacluster.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json index 038bee465fd4b..83be733538b50 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Kendra::DataSource.AccessControlListConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-accesscontrollistconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json index 86ce0fd3715de..ecf71a4206b78 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Kinesis::Stream.StreamEncryption": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesis-stream-streamencryption.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json index 3053302e9b3a8..0cb644f089f73 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-csvmappingparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json index 347d958af9e3e..ee0650551d811 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationcodeconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json index cfb2129107440..1de4098ce75d3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json index d12a25ca1201c..6ec221a1f2071 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::KinesisVideo::SignalingChannel": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json index ff14174e35105..921715d4bfdbc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-columnwildcard.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json index 34d1e0dc5b0ff..ec62d77f08c22 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Lambda::Alias.AliasRoutingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-aliasroutingconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json index 91e6758b871ef..f69732458b356 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Lex::Bot.AdvancedRecognitionSetting": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lex-bot-advancedrecognitionsetting.html", @@ -742,6 +742,12 @@ "Required": true, "Type": "List", "UpdateType": "Mutable" + }, + "MessageSelectionStrategy": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lex-bot-promptspecification.html#cfn-lex-bot-promptspecification-messageselectionstrategy", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" } } }, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json index 3763f3362af43..9fdd52b612461 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::LicenseManager::License.BorrowConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-borrowconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json index 12a1305738e8c..40119cb517bf2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Lightsail::Bucket.AccessRules": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-bucket-accessrules.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json index 037c2352007e4..0d1adf3ae66a5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Location::Map.MapConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-location-map-mapconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json index ffac93759f4e0..7d88944235556 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Logs::MetricFilter.Dimension": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-logs-metricfilter-dimension.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json index 7a6aeb22821aa..23423f751b7ff 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::LookoutEquipment::InferenceScheduler": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json index 19077a5b6ddd7..033d076748907 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::LookoutMetrics::Alert.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lookoutmetrics-alert-action.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json index 825b5a776c545..28708cb2cc81a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::LookoutVision::Project": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json index 509799c8d8562..f8b5b293c2ec8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MSK::Cluster.BrokerLogs": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json index 3c6f6054f0c1e..eaa9287968185 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MWAA::Environment.LoggingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mwaa-environment-loggingconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json index bb097256183ee..91826e16ed095 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Macie::FindingsFilter.Criterion": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-macie-findingsfilter-criterion.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json index 3d1d13cae373e..d988063a1f747 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-managedblockchain-member-approvalthresholdpolicy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json index b3049ebb00469..917d69081a4f7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaConnect::Flow.Encryption": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json index 0c080ff3d9b61..dddc5dfaa1b25 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaConvert::JobTemplate.AccelerationSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconvert-jobtemplate-accelerationsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json index f5f4b94f01df2..6d2c7ef903270 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaLive::Channel.AacSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-aacsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json index 8895bc116bc08..fb2319d605b39 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaPackage::Asset.EgressEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-asset-egressendpoint.html", @@ -144,6 +144,12 @@ "Type": "DashEncryption", "UpdateType": "Mutable" }, + "IncludeIframeOnlyStream": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-originendpoint-dashpackage.html#cfn-mediapackage-originendpoint-dashpackage-includeiframeonlystream", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "ManifestLayout": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-originendpoint-dashpackage.html#cfn-mediapackage-originendpoint-dashpackage-manifestlayout", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json index 6ca41eb7d5cc2..8a98e53bdac7e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaStore::Container.CorsRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediastore-container-corsrule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json index b57888962242b..6ab7ee3cbfe04 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediatailor-playbackconfiguration-admarkerpassthrough.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json index f0ad0cbbb4caf..0ea36a7aa10e7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::MemoryDB::Cluster.Endpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-memorydb-cluster-endpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json index 926ea368d08e0..a53c81596400a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Neptune::DBCluster.DBClusterRole": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-neptune-dbcluster-dbclusterrole.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json index 4c551eac3283c..55a644ad4486a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::NetworkFirewall::Firewall.SubnetMapping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-subnetmapping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json index a89fab79fa242..f7f2aa70eb0cb 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-connectattachment-connectattachmentoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json index 99d83ea47670f..7ebe1cc80f80b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-nimblestudio-launchprofile-streamconfiguration.html", @@ -50,7 +50,7 @@ "Mode": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-nimblestudio-launchprofile-streamconfigurationsessionstorage.html#cfn-nimblestudio-launchprofile-streamconfigurationsessionstorage-mode", "PrimitiveItemType": "String", - "Required": false, + "Required": true, "Type": "List", "UpdateType": "Mutable" }, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json index 8e3b05732baf4..0820fbf503e6c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json index 8c96dd45c1e4c..8163c210c2f6c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::OpsWorks::App.DataSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opsworks-app-datasource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json index 746fb68dd445a..52cc484f6c1de 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::OpsWorksCM::Server.EngineAttribute": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opsworkscm-server-engineattribute.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json index 1ef4332ac61bd..89892a77f7e21 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-panorama-applicationinstance-manifestoverridespayload.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json index 4e9db56fd98d3..ed66e4412939f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Personalize::Dataset.DatasetImportJob": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-personalize-dataset-datasetimportjob.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json index 4fb639c4a6965..509a5d717490b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pinpoint-applicationsettings-campaignhook.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json index a132ef65964ca..f5d391df44434 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pinpointemail-configurationset-deliveryoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json index 16c34bf6ff9fb..ecfdc40c567a7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::QLDB::Stream.KinesisConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-qldb-stream-kinesisconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json index 9d000398f8e07..92f72f34b9c86 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::QuickSight::Analysis.AnalysisError": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-analysis-analysiserror.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json index ef827f2224354..6f35ae8dd69ea 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::RAM::ResourceShare": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json index a1356cd2ffade..df4cac83fe093 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::RDS::DBCluster.DBClusterRole": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-dbclusterrole.html", @@ -216,45 +216,44 @@ } }, "AWS::RDS::OptionGroup.OptionConfiguration": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html", "Properties": { "DBSecurityGroupMemberships": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-dbsecuritygroupmemberships", - "DuplicatesAllowed": true, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-dbsecuritygroupmemberships", + "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, "Type": "List", "UpdateType": "Mutable" }, "OptionName": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-optionname", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionname", "PrimitiveType": "String", "Required": true, "UpdateType": "Mutable" }, "OptionSettings": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-optionsettings", - "DuplicatesAllowed": false, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionsettings", "ItemType": "OptionSetting", "Required": false, "Type": "List", "UpdateType": "Mutable" }, "OptionVersion": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfiguration-optionversion", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-optionversion", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, "Port": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-port", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-port", "PrimitiveType": "Integer", "Required": false, "UpdateType": "Mutable" }, "VpcSecurityGroupMemberships": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations.html#cfn-rds-optiongroup-optionconfigurations-vpcsecuritygroupmemberships", - "DuplicatesAllowed": true, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfiguration.html#cfn-rds-optiongroup-optionconfiguration-vpcsecuritygroupmemberships", + "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, "Type": "List", @@ -263,16 +262,16 @@ } }, "AWS::RDS::OptionGroup.OptionSetting": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations-optionsettings.html", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionsetting.html", "Properties": { "Name": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations-optionsettings.html#cfn-rds-optiongroup-optionconfigurations-optionsettings-name", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionsetting.html#cfn-rds-optiongroup-optionsetting-name", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, "Value": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionconfigurations-optionsettings.html#cfn-rds-optiongroup-optionconfigurations-optionsettings-value", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-optiongroup-optionsetting.html#cfn-rds-optiongroup-optionsetting-value", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" @@ -1282,6 +1281,11 @@ } }, "AWS::RDS::OptionGroup": { + "Attributes": { + "OptionGroupName": { + "PrimitiveType": "String" + } + }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-optiongroup.html", "Properties": { "EngineName": { @@ -1298,11 +1302,10 @@ }, "OptionConfigurations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-optiongroup.html#cfn-rds-optiongroup-optionconfigurations", - "DuplicatesAllowed": true, "ItemType": "OptionConfiguration", - "Required": true, + "Required": false, "Type": "List", - "UpdateType": "Immutable" + "UpdateType": "Mutable" }, "OptionGroupDescription": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-optiongroup.html#cfn-rds-optiongroup-optiongroupdescription", @@ -1312,7 +1315,6 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-optiongroup.html#cfn-rds-optiongroup-tags", - "DuplicatesAllowed": true, "ItemType": "Tag", "Required": false, "Type": "List", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json index a9360acbd953d..baf1b37d411fa 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-appmonitorconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json index 269dcceb813db..34fcbce06f3a8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Redshift::Cluster.Endpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-redshift-cluster-endpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json index e5ce51054358f..f32b6beb7252d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::RedshiftServerless::Workgroup.ConfigParameter": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-redshiftserverless-workgroup-configparameter.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json index ce1217cb49b8e..c9b1e7d8b53ac 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-refactorspaces-application-apigatewayproxyinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json index d6e09e29b054f..0a54fb55ab9b4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ResilienceHub::App.PhysicalResourceId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resiliencehub-app-physicalresourceid.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json index 9d652986d6e20..e997a9683451f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ResourceGroups::Group.ConfigurationItem": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourcegroups-group-configurationitem.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json index 8dc54bd8e5478..3051c963965a2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-robomaker-robotapplication-robotsoftwaresuite.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json index 2573342419dab..cead2da5ed6d3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Route53::CidrCollection.Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-cidrcollection-location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json index 334889ab0db82..3c8b98c38fb3e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53recoverycontrol-cluster-clusterendpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json index 3b2bf96327ede..fdc2af6904efe 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53recoveryreadiness-resourceset-dnstargetresource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json index c0059d0582afe..f1451368e2076 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json index 4b5be2d77d088..7a9593a51af96 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-accesspoint-publicaccessblockconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json index 26b78d2052dea..b26eb316d440b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json index e694dea6f29b7..c718e80eb1c8f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3outposts-accesspoint-vpcconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json index 13dd6ad21a73a..196df6ad07f59 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SDB::Domain": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json index 6cbf41bb01b8c..e3ac24f05ee42 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SES::ConfigurationSet.DeliveryOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-configurationset-deliveryoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json index a4bee85d9c78d..47338edbe9bd3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SNS::Topic.Subscription": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-subscription.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json index 6588ee92b4575..95eae86ed054f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SQS::Queue": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json index 383383b2d1309..dfc16ae26a7b4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SSM::Association.InstanceAssociationOutputLocation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json index 1ea8571362cb7..7b9e9c30bfd57 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SSMContacts::Contact.ChannelTargetInfo": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmcontacts-contact-channeltargetinfo.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json index b36e7eba8baf9..23ab46547de2b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmincidents-replicationset-regionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json index 407fcfe0f41bc..540b6aeaf4af4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json index f6d66692e9886..54f8fb0a962e9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-secretsmanager-rotationschedule-hostedrotationlambda.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json index 391b956634b36..149875de6e9c1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SecurityHub::Hub": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json index bb819f0fe68ee..859cd8a4bba78 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicecatalog-cloudformationproduct-provisioningartifactproperties.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json index aeb55e4da9690..6e485d54f824a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::ServiceCatalogAppRegistry::Application": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json index b36b9285f592f..608b6d6f6b9fc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-privatednsnamespace-privatednspropertiesmutable.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json index 1bd5f0b182d35..9aa750f5bc94f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Signer::SigningProfile.SignatureValidityPeriod": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-signer-signingprofile-signaturevalidityperiod.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json index bb1474b76c2d5..3442d29f5bb8f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::StepFunctions::Activity.TagsEntry": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-activity-tagsentry.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json index 30d7b9b32a73b..d26cd0b5ff3ed 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Synthetics::Canary.ArtifactConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-artifactconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json index c9b10ab8b1b3d..484777a7ea02b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Timestream::ScheduledQuery.DimensionMapping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-timestream-scheduledquery-dimensionmapping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json index 8b92b3347c856..677f6d411283d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Transfer::Server.As2Transport": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-server-as2transport.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json index 29e210ca4168a..21b06c2daa430 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-voiceid-domain-serversideencryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json index a83d64bc5aaa3..74c8fdd384688 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::WAF::ByteMatchSet.ByteMatchTuple": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json index 9e317b01ce250..305f0b2738431 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-bytematchset-bytematchtuple.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json index ca09aa0494dc6..fdf4db1e0f7c2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-loggingconfiguration-fieldtomatch.html", @@ -672,6 +672,12 @@ "Type": "FieldToMatch", "UpdateType": "Mutable" }, + "SensitivityLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-sqlimatchstatement.html#cfn-wafv2-rulegroup-sqlimatchstatement-sensitivitylevel", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "TextTransformations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-sqlimatchstatement.html#cfn-wafv2-rulegroup-sqlimatchstatement-texttransformations", "ItemType": "TextTransformation", @@ -1696,6 +1702,12 @@ "Type": "FieldToMatch", "UpdateType": "Mutable" }, + "SensitivityLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-sqlimatchstatement.html#cfn-wafv2-webacl-sqlimatchstatement-sensitivitylevel", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "TextTransformations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-sqlimatchstatement.html#cfn-wafv2-webacl-sqlimatchstatement-texttransformations", "ItemType": "TextTransformation", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json index aa12c91ee2dbc..97049d964f2d7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wisdom-assistant-serversideencryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json index 7a5b7fceed1e6..f6111e25e379e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::WorkSpaces::ConnectionAlias.ConnectionAliasAssociation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspaces-connectionalias-connectionaliasassociation.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json index dfc8db3c0e7fa..b195584ed5ad2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "AWS::XRay::Group.InsightsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-xray-group-insightsconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json index 1fd644c8b612b..f585c9eb5b0c1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "Alexa::ASK::Skill.AuthenticationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ask-skill-authenticationconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json index e6f3b957da50b..f2ec566bc316e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json @@ -1,5 +1,5 @@ { - "$version": "81.1.0", + "$version": "82.0.0", "PropertyTypes": { "Tag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json index e9423069af2eb..56f2984022aae 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json @@ -1,3 +1,3 @@ { - "ResourceSpecificationVersion": "81.1.0" + "ResourceSpecificationVersion": "82.0.0" } diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 1b01367adbc2f..446602cbbddff 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -24,7 +24,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "chalk": "^4", "diff": "^5.1.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/core/README.md b/packages/@aws-cdk/core/README.md index 35785221ce946..2d0e0b9928b98 100644 --- a/packages/@aws-cdk/core/README.md +++ b/packages/@aws-cdk/core/README.md @@ -345,13 +345,13 @@ relationship between all resources in the scope of `constructA` and all resources in the scope of `constructB`. If you want a single object to represent a set of constructs that are not -necessarily in the same scope, you can use a `ConcreteDependable`. The +necessarily in the same scope, you can use a `DependencyGroup`. The following creates a single object that represents a dependency on two constructs, `constructB` and `constructC`: ```ts // Declare the dependable object -const bAndC = new ConcreteDependable(); +const bAndC = new DependencyGroup(); bAndC.add(constructB); bAndC.add(constructC); diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index 27045fd77c1e7..c496bf31d8672 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -95,6 +95,12 @@ export interface BundlingOptions { * @default - no security options */ readonly securityOpt?: string; + /** + * Docker [Networking options](https://docs.docker.com/engine/reference/commandline/run/#connect-a-container-to-a-network---network) + * + * @default - no networking options + */ + readonly network?: string; } /** @@ -198,6 +204,9 @@ export class BundlingDockerImage { ...options.securityOpt ? ['--security-opt', options.securityOpt] : [], + ...options.network + ? ['--network', options.network] + : [], ...options.user ? ['-u', options.user] : [], @@ -460,6 +469,13 @@ export interface DockerRunOptions { * @default - no security options */ readonly securityOpt?: string; + + /** + * Docker [Networking options](https://docs.docker.com/engine/reference/commandline/run/#connect-a-container-to-a-network---network) + * + * @default - no networking options + */ + readonly network?: string; } /** diff --git a/packages/@aws-cdk/core/lib/cfn-resource.ts b/packages/@aws-cdk/core/lib/cfn-resource.ts index 95a4d2991f6a5..94ae9c506e5e0 100644 --- a/packages/@aws-cdk/core/lib/cfn-resource.ts +++ b/packages/@aws-cdk/core/lib/cfn-resource.ts @@ -480,7 +480,7 @@ export enum TagType { export interface ICfnResourceOptions { /** * A condition to associate with this resource. This means that only if the condition evaluates to 'true' when the stack - * is deployed, the resource will be included. This is provided to allow CDK projects to produce legacy templates, but noramlly + * is deployed, the resource will be included. This is provided to allow CDK projects to produce legacy templates, but normally * there is no need to use it in CDK projects. */ condition?: CfnCondition; diff --git a/packages/@aws-cdk/core/lib/environment.ts b/packages/@aws-cdk/core/lib/environment.ts index 837d7546c46fb..a43ec37f3472c 100644 --- a/packages/@aws-cdk/core/lib/environment.ts +++ b/packages/@aws-cdk/core/lib/environment.ts @@ -5,28 +5,28 @@ export interface Environment { /** * The AWS account ID for this environment. * - * This can be either a concrete value such as `585191031104` or `Aws.accountId` which + * This can be either a concrete value such as `585191031104` or `Aws.ACCOUNT_ID` which * indicates that account ID will only be determined during deployment (it * will resolve to the CloudFormation intrinsic `{"Ref":"AWS::AccountId"}`). * Note that certain features, such as cross-stack references and * environmental context providers require concerete region information and * will cause this stack to emit synthesis errors. * - * @default Aws.accountId which means that the stack will be account-agnostic. + * @default Aws.ACCOUNT_ID which means that the stack will be account-agnostic. */ readonly account?: string; /** * The AWS region for this environment. * - * This can be either a concrete value such as `eu-west-2` or `Aws.region` + * This can be either a concrete value such as `eu-west-2` or `Aws.REGION` * which indicates that account ID will only be determined during deployment * (it will resolve to the CloudFormation intrinsic `{"Ref":"AWS::Region"}`). * Note that certain features, such as cross-stack references and - * environmental context providers require concerete region information and + * environmental context providers require concrete region information and * will cause this stack to emit synthesis errors. * - * @default Aws.region which means that the stack will be region-agnostic. + * @default Aws.REGION which means that the stack will be region-agnostic. */ readonly region?: string; } diff --git a/packages/@aws-cdk/core/lib/stack.ts b/packages/@aws-cdk/core/lib/stack.ts index 376e41ac1ddc2..debb99cc22f64 100644 --- a/packages/@aws-cdk/core/lib/stack.ts +++ b/packages/@aws-cdk/core/lib/stack.ts @@ -207,9 +207,9 @@ export class Stack extends Construct implements ITaggable { * This value is resolved according to the following rules: * * 1. The value provided to `env.region` when the stack is defined. This can - * either be a concerete region (e.g. `us-west-2`) or the `Aws.region` + * either be a concerete region (e.g. `us-west-2`) or the `Aws.REGION` * token. - * 3. `Aws.region`, which is represents the CloudFormation intrinsic reference + * 3. `Aws.REGION`, which is represents the CloudFormation intrinsic reference * `{ "Ref": "AWS::Region" }` encoded as a string token. * * Preferably, you should use the return value as an opaque string and not @@ -229,9 +229,9 @@ export class Stack extends Construct implements ITaggable { * This value is resolved according to the following rules: * * 1. The value provided to `env.account` when the stack is defined. This can - * either be a concerete account (e.g. `585695031111`) or the - * `Aws.accountId` token. - * 3. `Aws.accountId`, which represents the CloudFormation intrinsic reference + * either be a concrete account (e.g. `585695031111`) or the + * `Aws.ACCOUNT_ID` token. + * 3. `Aws.ACCOUNT_ID`, which represents the CloudFormation intrinsic reference * `{ "Ref": "AWS::AccountId" }` encoded as a string token. * * Preferably, you should use the return value as an opaque string and not @@ -254,7 +254,7 @@ export class Stack extends Construct implements ITaggable { * environment. * * If either `stack.account` or `stack.region` are not concrete values (e.g. - * `Aws.account` or `Aws.region`) the special strings `unknown-account` and/or + * `Aws.ACCOUNT_ID` or `Aws.REGION`) the special strings `unknown-account` and/or * `unknown-region` will be used respectively to indicate this stack is * region/account-agnostic. */ @@ -501,7 +501,7 @@ export class Stack extends Construct implements ITaggable { * scheme based on the construct path to ensure uniqueness. * * If you wish to obtain the deploy-time AWS::StackName intrinsic, - * you can use `Aws.stackName` directly. + * you can use `Aws.STACK_NAME` directly. */ public get stackName(): string { return this._stackName; diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index d61fba9001196..d42b2e2dd9230 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -189,7 +189,7 @@ "@types/jest": "^27.5.2", "@types/lodash": "^4.14.182", "@types/minimatch": "^3.0.5", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/sinon": "^9.0.11", "fast-check": "^2.25.0", "jest": "^27.5.1", diff --git a/packages/@aws-cdk/core/rosetta/default.ts-fixture b/packages/@aws-cdk/core/rosetta/default.ts-fixture index c1c9106b2fed7..23d992a8629a0 100644 --- a/packages/@aws-cdk/core/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/core/rosetta/default.ts-fixture @@ -18,8 +18,6 @@ import { CfnParameter, CfnResource, CfnResourceProps, - ConcreteDependable, - Construct, CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, @@ -36,6 +34,10 @@ import { Stage, Token, } from '@aws-cdk/core'; +import { + Construct, + DependencyGroup, +} from 'constructs'; declare const app: App; declare const arn: 'arn:partition:service:region:account-id:resource-id'; diff --git a/packages/@aws-cdk/core/test/bundling.test.ts b/packages/@aws-cdk/core/test/bundling.test.ts index 0752d346466da..49f26d8dab7b2 100644 --- a/packages/@aws-cdk/core/test/bundling.test.ts +++ b/packages/@aws-cdk/core/test/bundling.test.ts @@ -405,6 +405,39 @@ describe('bundling', () => { ], { stdio: ['ignore', process.stderr, 'inherit'] })).toEqual(true); }); + test('adding user provided network options', () => { + // GIVEN + sinon.stub(process, 'platform').value('darwin'); + const spawnSyncStub = sinon.stub(child_process, 'spawnSync').returns({ + status: 0, + stderr: Buffer.from('stderr'), + stdout: Buffer.from('stdout'), + pid: 123, + output: ['stdout', 'stderr'], + signal: null, + }); + const image = DockerImage.fromRegistry('alpine'); + + // GIVEN + image.run({ + command: ['cool', 'command'], + network: 'host', + volumes: [{ hostPath: '/host-path', containerPath: '/container-path' }], + workingDirectory: '/working-directory', + user: 'user:group', + }); + + expect(spawnSyncStub.calledWith('docker', [ + 'run', '--rm', + '--network', 'host', + '-u', 'user:group', + '-v', '/host-path:/container-path:delegated', + '-w', '/working-directory', + 'alpine', + 'cool', 'command', + ], { stdio: ['ignore', process.stderr, 'inherit'] })).toEqual(true); + }); + test('ensure selinux docker mount', () => { // GIVEN sinon.stub(process, 'platform').value('linux'); diff --git a/packages/@aws-cdk/custom-resources/README.md b/packages/@aws-cdk/custom-resources/README.md index d6f4f211964d6..d7f86bc11a01f 100644 --- a/packages/@aws-cdk/custom-resources/README.md +++ b/packages/@aws-cdk/custom-resources/README.md @@ -421,8 +421,9 @@ the `installLatestAwsSdk` prop to `false`. ### Custom Resource Execution Policy -You must provide the `policy` property defining the IAM Policy that will be applied to the API calls. -The library provides two factory methods to quickly configure this: +The `policy` property defines the IAM Policy that will be applied to the API calls. This must be provided +if an existing `role` is not specified and is optional otherwise. The library provides two factory methods +to quickly configure this: * **`AwsCustomResourcePolicy.fromSdkCalls`** - Use this to auto-generate IAM Policy statements based on the configured SDK calls. Keep two things in mind diff --git a/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts b/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts index bcf9bef839cee..21f1103caa2aa 100644 --- a/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts +++ b/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts @@ -260,10 +260,16 @@ export interface AwsCustomResourceProps { * to note the that function's role will eventually accumulate the * permissions/grants from all resources. * + * Note that a policy must be specified if `role` is not provided, as + * by default a new role is created which requires policy changes to access + * resources. + * + * @default - no policy added + * * @see Policy.fromStatements * @see Policy.fromSdkCalls */ - readonly policy: AwsCustomResourcePolicy; + readonly policy?: AwsCustomResourcePolicy; /** * The execution role for the singleton Lambda function implementing this custom @@ -344,6 +350,10 @@ export class AwsCustomResource extends Construct implements iam.IGrantable { throw new Error('At least `onCreate`, `onUpdate` or `onDelete` must be specified.'); } + if (!props.role && !props.policy) { + throw new Error('At least one of `policy` or `role` (or both) must be specified.'); + } + for (const call of [props.onCreate, props.onUpdate]) { if (call && !call.physicalResourceId) { throw new Error('`physicalResourceId` must be specified for onCreate and onUpdate calls.'); @@ -377,37 +387,6 @@ export class AwsCustomResource extends Construct implements iam.IGrantable { }); this.grantPrincipal = provider.grantPrincipal; - // Create the policy statements for the custom resource function role, or use the user-provided ones - const statements = []; - if (props.policy.statements.length !== 0) { - // Use custom statements provided by the user - for (const statement of props.policy.statements) { - statements.push(statement); - } - } else { - // Derive statements from AWS SDK calls - for (const call of [props.onCreate, props.onUpdate, props.onDelete]) { - if (call && call.assumedRoleArn == null) { - const statement = new iam.PolicyStatement({ - actions: [awsSdkToIamAction(call.service, call.action)], - resources: props.policy.resources, - }); - statements.push(statement); - } else if (call && call.assumedRoleArn != null) { - const statement = new iam.PolicyStatement({ - actions: ['sts:AssumeRole'], - resources: [call.assumedRoleArn], - }); - statements.push(statement); - } - } - } - const policy = new iam.Policy(this, 'CustomResourcePolicy', { - statements: statements, - }); - if (provider.role !== undefined) { - policy.attachToRole(provider.role); - } const create = props.onCreate || props.onUpdate; this.customResource = new cdk.CustomResource(this, 'Resource', { resourceType: props.resourceType || 'Custom::AWS', @@ -421,9 +400,43 @@ export class AwsCustomResource extends Construct implements iam.IGrantable { }, }); - // If the policy was deleted first, then the function might lose permissions to delete the custom resource - // This is here so that the policy doesn't get removed before onDelete is called - this.customResource.node.addDependency(policy); + // Create the policy statements for the custom resource function role, or use the user-provided ones + if (props.policy) { + const statements = []; + if (props.policy.statements.length !== 0) { + // Use custom statements provided by the user + for (const statement of props.policy.statements) { + statements.push(statement); + } + } else { + // Derive statements from AWS SDK calls + for (const call of [props.onCreate, props.onUpdate, props.onDelete]) { + if (call && call.assumedRoleArn == null) { + const statement = new iam.PolicyStatement({ + actions: [awsSdkToIamAction(call.service, call.action)], + resources: props.policy.resources, + }); + statements.push(statement); + } else if (call && call.assumedRoleArn != null) { + const statement = new iam.PolicyStatement({ + actions: ['sts:AssumeRole'], + resources: [call.assumedRoleArn], + }); + statements.push(statement); + } + } + } + const policy = new iam.Policy(this, 'CustomResourcePolicy', { + statements: statements, + }); + if (provider.role !== undefined) { + policy.attachToRole(provider.role); + } + + // If the policy was deleted first, then the function might lose permissions to delete the custom resource + // This is here so that the policy doesn't get removed before onDelete is called + this.customResource.node.addDependency(policy); + } } /** diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js new file mode 100644 index 0000000000000..7bae87b06d44d --- /dev/null +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/index.js @@ -0,0 +1,252 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = exports.forceSdkInstallation = exports.flatten = exports.PHYSICAL_RESOURCE_ID_REFERENCE = void 0; +/* eslint-disable no-console */ +const child_process_1 = require("child_process"); +const fs = require("fs"); +const path_1 = require("path"); +/** + * Serialized form of the physical resource id for use in the operation parameters + */ +exports.PHYSICAL_RESOURCE_ID_REFERENCE = 'PHYSICAL:RESOURCEID:'; +/** + * Flattens a nested object + * + * @param object the object to be flattened + * @returns a flat object with path as keys + */ +function flatten(object) { + return Object.assign({}, ...function _flatten(child, path = []) { + return [].concat(...Object.keys(child) + .map(key => { + const childKey = Buffer.isBuffer(child[key]) ? child[key].toString('utf8') : child[key]; + return typeof childKey === 'object' && childKey !== null + ? _flatten(childKey, path.concat([key])) + : ({ [path.concat([key]).join('.')]: childKey }); + })); + }(object)); +} +exports.flatten = flatten; +/** + * Decodes encoded special values (physicalResourceId) + */ +function decodeSpecialValues(object, physicalResourceId) { + return JSON.parse(JSON.stringify(object), (_k, v) => { + switch (v) { + case exports.PHYSICAL_RESOURCE_ID_REFERENCE: + return physicalResourceId; + default: + return v; + } + }); +} +/** + * Filters the keys of an object. + */ +function filterKeys(object, pred) { + return Object.entries(object) + .reduce((acc, [k, v]) => pred(k) + ? { ...acc, [k]: v } + : acc, {}); +} +let latestSdkInstalled = false; +function forceSdkInstallation() { + latestSdkInstalled = false; +} +exports.forceSdkInstallation = forceSdkInstallation; +/** + * Installs latest AWS SDK v2 + */ +function installLatestSdk() { + console.log('Installing latest AWS SDK v2'); + // Both HOME and --prefix are needed here because /tmp is the only writable location + child_process_1.execSync('HOME=/tmp npm install aws-sdk@2 --production --no-package-lock --no-save --prefix /tmp'); + latestSdkInstalled = true; +} +// no currently patched services +const patchedServices = []; +/** + * Patches the AWS SDK by loading service models in the same manner as the actual SDK + */ +function patchSdk(awsSdk) { + const apiLoader = awsSdk.apiLoader; + patchedServices.forEach(({ serviceName, apiVersions }) => { + const lowerServiceName = serviceName.toLowerCase(); + if (!awsSdk.Service.hasService(lowerServiceName)) { + apiLoader.services[lowerServiceName] = {}; + awsSdk[serviceName] = awsSdk.Service.defineService(lowerServiceName, apiVersions); + } + else { + awsSdk.Service.addVersions(awsSdk[serviceName], apiVersions); + } + apiVersions.forEach(apiVersion => { + Object.defineProperty(apiLoader.services[lowerServiceName], apiVersion, { + get: function get() { + const modelFilePrefix = `aws-sdk-patch/${lowerServiceName}-${apiVersion}`; + const model = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.service.json`), 'utf-8')); + model.paginators = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.paginators.json`), 'utf-8')).pagination; + return model; + }, + enumerable: true, + configurable: true, + }); + }); + }); + return awsSdk; +} +/* eslint-disable @typescript-eslint/no-require-imports, import/no-extraneous-dependencies */ +async function handler(event, context) { + try { + let AWS; + if (!latestSdkInstalled && event.ResourceProperties.InstallLatestAwsSdk === 'true') { + try { + installLatestSdk(); + AWS = require('/tmp/node_modules/aws-sdk'); + } + catch (e) { + console.log(`Failed to install latest AWS SDK v2: ${e}`); + AWS = require('aws-sdk'); // Fallback to pre-installed version + } + } + else if (latestSdkInstalled) { + AWS = require('/tmp/node_modules/aws-sdk'); + } + else { + AWS = require('aws-sdk'); + } + try { + AWS = patchSdk(AWS); + } + catch (e) { + console.log(`Failed to patch AWS SDK: ${e}. Proceeding with the installed copy.`); + } + console.log(JSON.stringify({ ...event, ResponseURL: '...' })); + console.log('AWS SDK VERSION: ' + AWS.VERSION); + event.ResourceProperties.Create = decodeCall(event.ResourceProperties.Create); + event.ResourceProperties.Update = decodeCall(event.ResourceProperties.Update); + event.ResourceProperties.Delete = decodeCall(event.ResourceProperties.Delete); + // Default physical resource id + let physicalResourceId; + switch (event.RequestType) { + case 'Create': + physicalResourceId = event.ResourceProperties.Create?.physicalResourceId?.id ?? + event.ResourceProperties.Update?.physicalResourceId?.id ?? + event.ResourceProperties.Delete?.physicalResourceId?.id ?? + event.LogicalResourceId; + break; + case 'Update': + case 'Delete': + physicalResourceId = event.ResourceProperties[event.RequestType]?.physicalResourceId?.id ?? event.PhysicalResourceId; + break; + } + let flatData = {}; + let data = {}; + const call = event.ResourceProperties[event.RequestType]; + if (call) { + let credentials; + if (call.assumedRoleArn) { + const timestamp = (new Date()).getTime(); + const params = { + RoleArn: call.assumedRoleArn, + RoleSessionName: `${timestamp}-${physicalResourceId}`.substring(0, 64), + }; + credentials = new AWS.ChainableTemporaryCredentials({ + params: params, + }); + } + if (!Object.prototype.hasOwnProperty.call(AWS, call.service)) { + throw Error(`Service ${call.service} does not exist in AWS SDK version ${AWS.VERSION}.`); + } + const awsService = new AWS[call.service]({ + apiVersion: call.apiVersion, + credentials: credentials, + region: call.region, + }); + try { + const response = await awsService[call.action](call.parameters && decodeSpecialValues(call.parameters, physicalResourceId)).promise(); + flatData = { + apiVersion: awsService.config.apiVersion, + region: awsService.config.region, + ...flatten(response), + }; + let outputPaths; + if (call.outputPath) { + outputPaths = [call.outputPath]; + } + else if (call.outputPaths) { + outputPaths = call.outputPaths; + } + if (outputPaths) { + data = filterKeys(flatData, startsWithOneOf(outputPaths)); + } + else { + data = flatData; + } + } + catch (e) { + if (!call.ignoreErrorCodesMatching || !new RegExp(call.ignoreErrorCodesMatching).test(e.code)) { + throw e; + } + } + if (call.physicalResourceId?.responsePath) { + physicalResourceId = flatData[call.physicalResourceId.responsePath]; + } + } + await respond('SUCCESS', 'OK', physicalResourceId, data); + } + catch (e) { + console.log(e); + await respond('FAILED', e.message || 'Internal Error', context.logStreamName, {}); + } + function respond(responseStatus, reason, physicalResourceId, data) { + const responseBody = JSON.stringify({ + Status: responseStatus, + Reason: reason, + PhysicalResourceId: physicalResourceId, + StackId: event.StackId, + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + NoEcho: false, + Data: data, + }); + console.log('Responding', responseBody); + // eslint-disable-next-line @typescript-eslint/no-require-imports + const parsedUrl = require('url').parse(event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + return new Promise((resolve, reject) => { + try { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const request = require('https').request(requestOptions, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); + } +} +exports.handler = handler; +function decodeCall(call) { + if (!call) { + return undefined; + } + return JSON.parse(call); +} +function startsWithOneOf(searchStrings) { + return function (string) { + for (const searchString of searchStrings) { + if (string.startsWith(searchString)) { + return true; + } + } + return false; + }; +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsaURBQXlDO0FBQ3pDLHlCQUF5QjtBQUN6QiwrQkFBNEI7QUFTNUI7O0dBRUc7QUFDVSxRQUFBLDhCQUE4QixHQUFHLHNCQUFzQixDQUFDO0FBRXJFOzs7OztHQUtHO0FBQ0gsU0FBZ0IsT0FBTyxDQUFDLE1BQWM7SUFDcEMsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUNsQixFQUFFLEVBQ0YsR0FBRyxTQUFTLFFBQVEsQ0FBQyxLQUFVLEVBQUUsT0FBaUIsRUFBRTtRQUNsRCxPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQzthQUNuQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDVCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDeEYsT0FBTyxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksUUFBUSxLQUFLLElBQUk7Z0JBQ3RELENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUN4QyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLENBQUMsQ0FBQztRQUNyRCxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUNWLENBQUM7QUFDSixDQUFDO0FBYkQsMEJBYUM7QUFFRDs7R0FFRztBQUNILFNBQVMsbUJBQW1CLENBQUMsTUFBYyxFQUFFLGtCQUEwQjtJQUNyRSxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLEVBQUUsRUFBRTtRQUNsRCxRQUFRLENBQUMsRUFBRTtZQUNULEtBQUssc0NBQThCO2dCQUNqQyxPQUFPLGtCQUFrQixDQUFDO1lBQzVCO2dCQUNFLE9BQU8sQ0FBQyxDQUFDO1NBQ1o7SUFDSCxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQVMsVUFBVSxDQUFDLE1BQWMsRUFBRSxJQUE4QjtJQUNoRSxPQUFPLE1BQU0sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDO1NBQzFCLE1BQU0sQ0FDTCxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUN0QixDQUFDLENBQUMsRUFBRSxHQUFHLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRTtRQUNwQixDQUFDLENBQUMsR0FBRyxFQUNQLEVBQUUsQ0FDSCxDQUFDO0FBQ04sQ0FBQztBQUVELElBQUksa0JBQWtCLEdBQUcsS0FBSyxDQUFDO0FBRS9CLFNBQWdCLG9CQUFvQjtJQUNsQyxrQkFBa0IsR0FBRyxLQUFLLENBQUM7QUFDN0IsQ0FBQztBQUZELG9EQUVDO0FBRUQ7O0dBRUc7QUFDSCxTQUFTLGdCQUFnQjtJQUN2QixPQUFPLENBQUMsR0FBRyxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDNUMsb0ZBQW9GO0lBQ3BGLHdCQUFRLENBQUMsd0ZBQXdGLENBQUMsQ0FBQztJQUNuRyxrQkFBa0IsR0FBRyxJQUFJLENBQUM7QUFDNUIsQ0FBQztBQUVELGdDQUFnQztBQUNoQyxNQUFNLGVBQWUsR0FBcUQsRUFBRSxDQUFDO0FBQzdFOztHQUVHO0FBQ0gsU0FBUyxRQUFRLENBQUMsTUFBVztJQUMzQixNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDO0lBQ25DLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLFdBQVcsRUFBRSxXQUFXLEVBQUUsRUFBRSxFQUFFO1FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ25ELElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFO1lBQ2hELFNBQVMsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDMUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFDLGdCQUFnQixFQUFFLFdBQVcsQ0FBQyxDQUFDO1NBQ25GO2FBQU07WUFDTCxNQUFNLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDOUQ7UUFDRCxXQUFXLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxFQUFFO1lBQy9CLE1BQU0sQ0FBQyxjQUFjLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLFVBQVUsRUFBRTtnQkFDdEUsR0FBRyxFQUFFLFNBQVMsR0FBRztvQkFDZixNQUFNLGVBQWUsR0FBRyxpQkFBaUIsZ0JBQWdCLElBQUksVUFBVSxFQUFFLENBQUM7b0JBQzFFLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxlQUFlLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDO29CQUN2RyxLQUFLLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxrQkFBa0IsQ0FBQyxFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDO29CQUMxSCxPQUFPLEtBQUssQ0FBQztnQkFDZixDQUFDO2dCQUNELFVBQVUsRUFBRSxJQUFJO2dCQUNoQixZQUFZLEVBQUUsSUFBSTthQUNuQixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0gsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVELDZGQUE2RjtBQUN0RixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsSUFBSTtRQUNGLElBQUksR0FBUSxDQUFDO1FBQ2IsSUFBSSxDQUFDLGtCQUFrQixJQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsS0FBSyxNQUFNLEVBQUU7WUFDbEYsSUFBSTtnQkFDRixnQkFBZ0IsRUFBRSxDQUFDO2dCQUNuQixHQUFHLEdBQUcsT0FBTyxDQUFDLDJCQUEyQixDQUFDLENBQUM7YUFDNUM7WUFBQyxPQUFPLENBQUMsRUFBRTtnQkFDVixPQUFPLENBQUMsR0FBRyxDQUFDLHdDQUF3QyxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUN6RCxHQUFHLEdBQUcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsb0NBQW9DO2FBQy9EO1NBQ0Y7YUFBTSxJQUFJLGtCQUFrQixFQUFFO1lBQzdCLEdBQUcsR0FBRyxPQUFPLENBQUMsMkJBQTJCLENBQUMsQ0FBQztTQUM1QzthQUFNO1lBQ0wsR0FBRyxHQUFHLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztTQUMxQjtRQUNELElBQUk7WUFDRixHQUFHLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1NBQ3JCO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixPQUFPLENBQUMsR0FBRyxDQUFDLDRCQUE0QixDQUFDLHVDQUF1QyxDQUFDLENBQUM7U0FDbkY7UUFFRCxPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzlELE9BQU8sQ0FBQyxHQUFHLENBQUMsbUJBQW1CLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRS9DLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM5RSxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUUsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzlFLCtCQUErQjtRQUMvQixJQUFJLGtCQUEwQixDQUFDO1FBQy9CLFFBQVEsS0FBSyxDQUFDLFdBQVcsRUFBRTtZQUN6QixLQUFLLFFBQVE7Z0JBQ1gsa0JBQWtCLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sRUFBRSxrQkFBa0IsRUFBRSxFQUFFO29CQUN2RCxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxFQUFFLGtCQUFrQixFQUFFLEVBQUU7b0JBQ3ZELEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEVBQUUsa0JBQWtCLEVBQUUsRUFBRTtvQkFDdkQsS0FBSyxDQUFDLGlCQUFpQixDQUFDO2dCQUM3QyxNQUFNO1lBQ1IsS0FBSyxRQUFRLENBQUM7WUFDZCxLQUFLLFFBQVE7Z0JBQ1gsa0JBQWtCLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsRUFBRSxrQkFBa0IsRUFBRSxFQUFFLElBQUksS0FBSyxDQUFDLGtCQUFrQixDQUFDO2dCQUNySCxNQUFNO1NBQ1Q7UUFFRCxJQUFJLFFBQVEsR0FBOEIsRUFBRSxDQUFDO1FBQzdDLElBQUksSUFBSSxHQUE4QixFQUFFLENBQUM7UUFDekMsTUFBTSxJQUFJLEdBQTJCLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFakYsSUFBSSxJQUFJLEVBQUU7WUFFUixJQUFJLFdBQVcsQ0FBQztZQUNoQixJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUU7Z0JBQ3ZCLE1BQU0sU0FBUyxHQUFHLENBQUMsSUFBSSxJQUFJLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUV6QyxNQUFNLE1BQU0sR0FBRztvQkFDYixPQUFPLEVBQUUsSUFBSSxDQUFDLGNBQWM7b0JBQzVCLGVBQWUsRUFBRSxHQUFHLFNBQVMsSUFBSSxrQkFBa0IsRUFBRSxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDO2lCQUN2RSxDQUFDO2dCQUVGLFdBQVcsR0FBRyxJQUFJLEdBQUcsQ0FBQyw2QkFBNkIsQ0FBQztvQkFDbEQsTUFBTSxFQUFFLE1BQU07aUJBQ2YsQ0FBQyxDQUFDO2FBQ0o7WUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQzVELE1BQU0sS0FBSyxDQUFDLFdBQVcsSUFBSSxDQUFDLE9BQU8sc0NBQXNDLEdBQUcsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxDQUFDO2FBQzFGO1lBQ0QsTUFBTSxVQUFVLEdBQUcsSUFBSyxHQUFXLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUNoRCxVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVU7Z0JBQzNCLFdBQVcsRUFBRSxXQUFXO2dCQUN4QixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07YUFDcEIsQ0FBQyxDQUFDO1lBRUgsSUFBSTtnQkFDRixNQUFNLFFBQVEsR0FBRyxNQUFNLFVBQVUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQzVDLElBQUksQ0FBQyxVQUFVLElBQUksbUJBQW1CLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQ3pGLFFBQVEsR0FBRztvQkFDVCxVQUFVLEVBQUUsVUFBVSxDQUFDLE1BQU0sQ0FBQyxVQUFVO29CQUN4QyxNQUFNLEVBQUUsVUFBVSxDQUFDLE1BQU0sQ0FBQyxNQUFNO29CQUNoQyxHQUFHLE9BQU8sQ0FBQyxRQUFRLENBQUM7aUJBQ3JCLENBQUM7Z0JBRUYsSUFBSSxXQUFpQyxDQUFDO2dCQUN0QyxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUU7b0JBQ25CLFdBQVcsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztpQkFDakM7cUJBQU0sSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFO29CQUMzQixXQUFXLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQztpQkFDaEM7Z0JBRUQsSUFBSSxXQUFXLEVBQUU7b0JBQ2YsSUFBSSxHQUFHLFVBQVUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7aUJBQzNEO3FCQUFNO29CQUNMLElBQUksR0FBRyxRQUFRLENBQUM7aUJBQ2pCO2FBQ0Y7WUFBQyxPQUFPLENBQUMsRUFBRTtnQkFDVixJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixJQUFJLENBQUMsSUFBSSxNQUFNLENBQUMsSUFBSSxDQUFDLHdCQUF3QixDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRTtvQkFDN0YsTUFBTSxDQUFDLENBQUM7aUJBQ1Q7YUFDRjtZQUVELElBQUksSUFBSSxDQUFDLGtCQUFrQixFQUFFLFlBQVksRUFBRTtnQkFDekMsa0JBQWtCLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxZQUFZLENBQUMsQ0FBQzthQUNyRTtTQUNGO1FBRUQsTUFBTSxPQUFPLENBQUMsU0FBUyxFQUFFLElBQUksRUFBRSxrQkFBa0IsRUFBRSxJQUFJLENBQUMsQ0FBQztLQUMxRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNmLE1BQU0sT0FBTyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsT0FBTyxJQUFJLGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxhQUFhLEVBQUUsRUFBRSxDQUFDLENBQUM7S0FDbkY7SUFFRCxTQUFTLE9BQU8sQ0FBQyxjQUFzQixFQUFFLE1BQWMsRUFBRSxrQkFBMEIsRUFBRSxJQUFTO1FBQzVGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUM7WUFDbEMsTUFBTSxFQUFFLGNBQWM7WUFDdEIsTUFBTSxFQUFFLE1BQU07WUFDZCxrQkFBa0IsRUFBRSxrQkFBa0I7WUFDdEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1lBQ3RCLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztZQUMxQixpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1lBQzFDLE1BQU0sRUFBRSxLQUFLO1lBQ2IsSUFBSSxFQUFFLElBQUk7U0FDWCxDQUFDLENBQUM7UUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRSxZQUFZLENBQUMsQ0FBQztRQUV4QyxpRUFBaUU7UUFDakUsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDMUQsTUFBTSxjQUFjLEdBQUc7WUFDckIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1lBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtZQUNwQixNQUFNLEVBQUUsS0FBSztZQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtTQUN2RSxDQUFDO1FBRUYsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtZQUNyQyxJQUFJO2dCQUNGLGlFQUFpRTtnQkFDakUsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDLE9BQU8sQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ2xFLE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO2dCQUM1QixPQUFPLENBQUMsR0FBRyxFQUFFLENBQUM7YUFDZjtZQUFDLE9BQU8sQ0FBQyxFQUFFO2dCQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQzthQUNYO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0FBQ0gsQ0FBQztBQWpKRCwwQkFpSkM7QUFFRCxTQUFTLFVBQVUsQ0FBQyxJQUF3QjtJQUMxQyxJQUFJLENBQUMsSUFBSSxFQUFFO1FBQUUsT0FBTyxTQUFTLENBQUM7S0FBRTtJQUNoQyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDMUIsQ0FBQztBQUVELFNBQVMsZUFBZSxDQUFDLGFBQXVCO0lBQzlDLE9BQU8sVUFBUyxNQUFjO1FBQzVCLEtBQUssTUFBTSxZQUFZLElBQUksYUFBYSxFQUFFO1lBQ3hDLElBQUksTUFBTSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsRUFBRTtnQkFDbkMsT0FBTyxJQUFJLENBQUM7YUFDYjtTQUNGO1FBQ0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDLENBQUM7QUFDSixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgbm8tY29uc29sZSAqL1xuaW1wb3J0IHsgZXhlY1N5bmMgfSBmcm9tICdjaGlsZF9wcm9jZXNzJztcbmltcG9ydCAqIGFzIGZzIGZyb20gJ2ZzJztcbmltcG9ydCB7IGpvaW4gfSBmcm9tICdwYXRoJztcbi8vIGltcG9ydCB0aGUgQVdTTGFtYmRhIHBhY2thZ2UgZXhwbGljaXRseSxcbi8vIHdoaWNoIGlzIGdsb2JhbGx5IGF2YWlsYWJsZSBpbiB0aGUgTGFtYmRhIHJ1bnRpbWUsXG4vLyBhcyBvdGhlcndpc2UgbGlua2luZyB0aGlzIHJlcG9zaXRvcnkgd2l0aCBsaW5rLWFsbC5zaFxuLy8gZmFpbHMgaW4gdGhlIENESyBhcHAgZXhlY3V0ZWQgd2l0aCB0cy1ub2RlXG4vKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzLGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBBd3NTZGtDYWxsIH0gZnJvbSAnLi4vYXdzLWN1c3RvbS1yZXNvdXJjZSc7XG5cbi8qKlxuICogU2VyaWFsaXplZCBmb3JtIG9mIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBpZCBmb3IgdXNlIGluIHRoZSBvcGVyYXRpb24gcGFyYW1ldGVyc1xuICovXG5leHBvcnQgY29uc3QgUEhZU0lDQUxfUkVTT1VSQ0VfSURfUkVGRVJFTkNFID0gJ1BIWVNJQ0FMOlJFU09VUkNFSUQ6JztcblxuLyoqXG4gKiBGbGF0dGVucyBhIG5lc3RlZCBvYmplY3RcbiAqXG4gKiBAcGFyYW0gb2JqZWN0IHRoZSBvYmplY3QgdG8gYmUgZmxhdHRlbmVkXG4gKiBAcmV0dXJucyBhIGZsYXQgb2JqZWN0IHdpdGggcGF0aCBhcyBrZXlzXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBmbGF0dGVuKG9iamVjdDogb2JqZWN0KTogeyBba2V5OiBzdHJpbmddOiBhbnkgfSB7XG4gIHJldHVybiBPYmplY3QuYXNzaWduKFxuICAgIHt9LFxuICAgIC4uLmZ1bmN0aW9uIF9mbGF0dGVuKGNoaWxkOiBhbnksIHBhdGg6IHN0cmluZ1tdID0gW10pOiBhbnkge1xuICAgICAgcmV0dXJuIFtdLmNvbmNhdCguLi5PYmplY3Qua2V5cyhjaGlsZClcbiAgICAgICAgLm1hcChrZXkgPT4ge1xuICAgICAgICAgIGNvbnN0IGNoaWxkS2V5ID0gQnVmZmVyLmlzQnVmZmVyKGNoaWxkW2tleV0pID8gY2hpbGRba2V5XS50b1N0cmluZygndXRmOCcpIDogY2hpbGRba2V5XTtcbiAgICAgICAgICByZXR1cm4gdHlwZW9mIGNoaWxkS2V5ID09PSAnb2JqZWN0JyAmJiBjaGlsZEtleSAhPT0gbnVsbFxuICAgICAgICAgICAgPyBfZmxhdHRlbihjaGlsZEtleSwgcGF0aC5jb25jYXQoW2tleV0pKVxuICAgICAgICAgICAgOiAoeyBbcGF0aC5jb25jYXQoW2tleV0pLmpvaW4oJy4nKV06IGNoaWxkS2V5IH0pO1xuICAgICAgICB9KSk7XG4gICAgfShvYmplY3QpLFxuICApO1xufVxuXG4vKipcbiAqIERlY29kZXMgZW5jb2RlZCBzcGVjaWFsIHZhbHVlcyAocGh5c2ljYWxSZXNvdXJjZUlkKVxuICovXG5mdW5jdGlvbiBkZWNvZGVTcGVjaWFsVmFsdWVzKG9iamVjdDogb2JqZWN0LCBwaHlzaWNhbFJlc291cmNlSWQ6IHN0cmluZykge1xuICByZXR1cm4gSlNPTi5wYXJzZShKU09OLnN0cmluZ2lmeShvYmplY3QpLCAoX2ssIHYpID0+IHtcbiAgICBzd2l0Y2ggKHYpIHtcbiAgICAgIGNhc2UgUEhZU0lDQUxfUkVTT1VSQ0VfSURfUkVGRVJFTkNFOlxuICAgICAgICByZXR1cm4gcGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgICAgZGVmYXVsdDpcbiAgICAgICAgcmV0dXJuIHY7XG4gICAgfVxuICB9KTtcbn1cblxuLyoqXG4gKiBGaWx0ZXJzIHRoZSBrZXlzIG9mIGFuIG9iamVjdC5cbiAqL1xuZnVuY3Rpb24gZmlsdGVyS2V5cyhvYmplY3Q6IG9iamVjdCwgcHJlZDogKGtleTogc3RyaW5nKSA9PiBib29sZWFuKSB7XG4gIHJldHVybiBPYmplY3QuZW50cmllcyhvYmplY3QpXG4gICAgLnJlZHVjZShcbiAgICAgIChhY2MsIFtrLCB2XSkgPT4gcHJlZChrKVxuICAgICAgICA/IHsgLi4uYWNjLCBba106IHYgfVxuICAgICAgICA6IGFjYyxcbiAgICAgIHt9LFxuICAgICk7XG59XG5cbmxldCBsYXRlc3RTZGtJbnN0YWxsZWQgPSBmYWxzZTtcblxuZXhwb3J0IGZ1bmN0aW9uIGZvcmNlU2RrSW5zdGFsbGF0aW9uKCkge1xuICBsYXRlc3RTZGtJbnN0YWxsZWQgPSBmYWxzZTtcbn1cblxuLyoqXG4gKiBJbnN0YWxscyBsYXRlc3QgQVdTIFNESyB2MlxuICovXG5mdW5jdGlvbiBpbnN0YWxsTGF0ZXN0U2RrKCk6IHZvaWQge1xuICBjb25zb2xlLmxvZygnSW5zdGFsbGluZyBsYXRlc3QgQVdTIFNESyB2MicpO1xuICAvLyBCb3RoIEhPTUUgYW5kIC0tcHJlZml4IGFyZSBuZWVkZWQgaGVyZSBiZWNhdXNlIC90bXAgaXMgdGhlIG9ubHkgd3JpdGFibGUgbG9jYXRpb25cbiAgZXhlY1N5bmMoJ0hPTUU9L3RtcCBucG0gaW5zdGFsbCBhd3Mtc2RrQDIgLS1wcm9kdWN0aW9uIC0tbm8tcGFja2FnZS1sb2NrIC0tbm8tc2F2ZSAtLXByZWZpeCAvdG1wJyk7XG4gIGxhdGVzdFNka0luc3RhbGxlZCA9IHRydWU7XG59XG5cbi8vIG5vIGN1cnJlbnRseSBwYXRjaGVkIHNlcnZpY2VzXG5jb25zdCBwYXRjaGVkU2VydmljZXM6IHsgc2VydmljZU5hbWU6IHN0cmluZzsgYXBpVmVyc2lvbnM6IHN0cmluZ1tdIH1bXSA9IFtdO1xuLyoqXG4gKiBQYXRjaGVzIHRoZSBBV1MgU0RLIGJ5IGxvYWRpbmcgc2VydmljZSBtb2RlbHMgaW4gdGhlIHNhbWUgbWFubmVyIGFzIHRoZSBhY3R1YWwgU0RLXG4gKi9cbmZ1bmN0aW9uIHBhdGNoU2RrKGF3c1NkazogYW55KTogYW55IHtcbiAgY29uc3QgYXBpTG9hZGVyID0gYXdzU2RrLmFwaUxvYWRlcjtcbiAgcGF0Y2hlZFNlcnZpY2VzLmZvckVhY2goKHsgc2VydmljZU5hbWUsIGFwaVZlcnNpb25zIH0pID0+IHtcbiAgICBjb25zdCBsb3dlclNlcnZpY2VOYW1lID0gc2VydmljZU5hbWUudG9Mb3dlckNhc2UoKTtcbiAgICBpZiAoIWF3c1Nkay5TZXJ2aWNlLmhhc1NlcnZpY2UobG93ZXJTZXJ2aWNlTmFtZSkpIHtcbiAgICAgIGFwaUxvYWRlci5zZXJ2aWNlc1tsb3dlclNlcnZpY2VOYW1lXSA9IHt9O1xuICAgICAgYXdzU2RrW3NlcnZpY2VOYW1lXSA9IGF3c1Nkay5TZXJ2aWNlLmRlZmluZVNlcnZpY2UobG93ZXJTZXJ2aWNlTmFtZSwgYXBpVmVyc2lvbnMpO1xuICAgIH0gZWxzZSB7XG4gICAgICBhd3NTZGsuU2VydmljZS5hZGRWZXJzaW9ucyhhd3NTZGtbc2VydmljZU5hbWVdLCBhcGlWZXJzaW9ucyk7XG4gICAgfVxuICAgIGFwaVZlcnNpb25zLmZvckVhY2goYXBpVmVyc2lvbiA9PiB7XG4gICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoYXBpTG9hZGVyLnNlcnZpY2VzW2xvd2VyU2VydmljZU5hbWVdLCBhcGlWZXJzaW9uLCB7XG4gICAgICAgIGdldDogZnVuY3Rpb24gZ2V0KCkge1xuICAgICAgICAgIGNvbnN0IG1vZGVsRmlsZVByZWZpeCA9IGBhd3Mtc2RrLXBhdGNoLyR7bG93ZXJTZXJ2aWNlTmFtZX0tJHthcGlWZXJzaW9ufWA7XG4gICAgICAgICAgY29uc3QgbW9kZWwgPSBKU09OLnBhcnNlKGZzLnJlYWRGaWxlU3luYyhqb2luKF9fZGlybmFtZSwgYCR7bW9kZWxGaWxlUHJlZml4fS5zZXJ2aWNlLmpzb25gKSwgJ3V0Zi04JykpO1xuICAgICAgICAgIG1vZGVsLnBhZ2luYXRvcnMgPSBKU09OLnBhcnNlKGZzLnJlYWRGaWxlU3luYyhqb2luKF9fZGlybmFtZSwgYCR7bW9kZWxGaWxlUHJlZml4fS5wYWdpbmF0b3JzLmpzb25gKSwgJ3V0Zi04JykpLnBhZ2luYXRpb247XG4gICAgICAgICAgcmV0dXJuIG1vZGVsO1xuICAgICAgICB9LFxuICAgICAgICBlbnVtZXJhYmxlOiB0cnVlLFxuICAgICAgICBjb25maWd1cmFibGU6IHRydWUsXG4gICAgICB9KTtcbiAgICB9KTtcbiAgfSk7XG4gIHJldHVybiBhd3NTZGs7XG59XG5cbi8qIGVzbGludC1kaXNhYmxlIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHMsIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llcyAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIHRyeSB7XG4gICAgbGV0IEFXUzogYW55O1xuICAgIGlmICghbGF0ZXN0U2RrSW5zdGFsbGVkICYmIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5JbnN0YWxsTGF0ZXN0QXdzU2RrID09PSAndHJ1ZScpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGluc3RhbGxMYXRlc3RTZGsoKTtcbiAgICAgICAgQVdTID0gcmVxdWlyZSgnL3RtcC9ub2RlX21vZHVsZXMvYXdzLXNkaycpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICBjb25zb2xlLmxvZyhgRmFpbGVkIHRvIGluc3RhbGwgbGF0ZXN0IEFXUyBTREsgdjI6ICR7ZX1gKTtcbiAgICAgICAgQVdTID0gcmVxdWlyZSgnYXdzLXNkaycpOyAvLyBGYWxsYmFjayB0byBwcmUtaW5zdGFsbGVkIHZlcnNpb25cbiAgICAgIH1cbiAgICB9IGVsc2UgaWYgKGxhdGVzdFNka0luc3RhbGxlZCkge1xuICAgICAgQVdTID0gcmVxdWlyZSgnL3RtcC9ub2RlX21vZHVsZXMvYXdzLXNkaycpO1xuICAgIH0gZWxzZSB7XG4gICAgICBBV1MgPSByZXF1aXJlKCdhd3Mtc2RrJyk7XG4gICAgfVxuICAgIHRyeSB7XG4gICAgICBBV1MgPSBwYXRjaFNkayhBV1MpO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIGNvbnNvbGUubG9nKGBGYWlsZWQgdG8gcGF0Y2ggQVdTIFNESzogJHtlfS4gUHJvY2VlZGluZyB3aXRoIHRoZSBpbnN0YWxsZWQgY29weS5gKTtcbiAgICB9XG5cbiAgICBjb25zb2xlLmxvZyhKU09OLnN0cmluZ2lmeSh7IC4uLmV2ZW50LCBSZXNwb25zZVVSTDogJy4uLicgfSkpO1xuICAgIGNvbnNvbGUubG9nKCdBV1MgU0RLIFZFUlNJT046ICcgKyBBV1MuVkVSU0lPTik7XG5cbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuQ3JlYXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuQ3JlYXRlKTtcbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXBkYXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXBkYXRlKTtcbiAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlID0gZGVjb2RlQ2FsbChldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlKTtcbiAgICAvLyBEZWZhdWx0IHBoeXNpY2FsIHJlc291cmNlIGlkXG4gICAgbGV0IHBoeXNpY2FsUmVzb3VyY2VJZDogc3RyaW5nO1xuICAgIHN3aXRjaCAoZXZlbnQuUmVxdWVzdFR5cGUpIHtcbiAgICAgIGNhc2UgJ0NyZWF0ZSc6XG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZCA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5DcmVhdGU/LnBoeXNpY2FsUmVzb3VyY2VJZD8uaWQgPz9cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLlVwZGF0ZT8ucGh5c2ljYWxSZXNvdXJjZUlkPy5pZCA/P1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuRGVsZXRlPy5waHlzaWNhbFJlc291cmNlSWQ/LmlkID8/XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgIGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkO1xuICAgICAgICBicmVhaztcbiAgICAgIGNhc2UgJ1VwZGF0ZSc6XG4gICAgICBjYXNlICdEZWxldGUnOlxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXNbZXZlbnQuUmVxdWVzdFR5cGVdPy5waHlzaWNhbFJlc291cmNlSWQ/LmlkID8/IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZDtcbiAgICAgICAgYnJlYWs7XG4gICAgfVxuXG4gICAgbGV0IGZsYXREYXRhOiB7IFtrZXk6IHN0cmluZ106IHN0cmluZyB9ID0ge307XG4gICAgbGV0IGRhdGE6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0gPSB7fTtcbiAgICBjb25zdCBjYWxsOiBBd3NTZGtDYWxsIHwgdW5kZWZpbmVkID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzW2V2ZW50LlJlcXVlc3RUeXBlXTtcblxuICAgIGlmIChjYWxsKSB7XG5cbiAgICAgIGxldCBjcmVkZW50aWFscztcbiAgICAgIGlmIChjYWxsLmFzc3VtZWRSb2xlQXJuKSB7XG4gICAgICAgIGNvbnN0IHRpbWVzdGFtcCA9IChuZXcgRGF0ZSgpKS5nZXRUaW1lKCk7XG5cbiAgICAgICAgY29uc3QgcGFyYW1zID0ge1xuICAgICAgICAgIFJvbGVBcm46IGNhbGwuYXNzdW1lZFJvbGVBcm4sXG4gICAgICAgICAgUm9sZVNlc3Npb25OYW1lOiBgJHt0aW1lc3RhbXB9LSR7cGh5c2ljYWxSZXNvdXJjZUlkfWAuc3Vic3RyaW5nKDAsIDY0KSxcbiAgICAgICAgfTtcblxuICAgICAgICBjcmVkZW50aWFscyA9IG5ldyBBV1MuQ2hhaW5hYmxlVGVtcG9yYXJ5Q3JlZGVudGlhbHMoe1xuICAgICAgICAgIHBhcmFtczogcGFyYW1zLFxuICAgICAgICB9KTtcbiAgICAgIH1cblxuICAgICAgaWYgKCFPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoQVdTLCBjYWxsLnNlcnZpY2UpKSB7XG4gICAgICAgIHRocm93IEVycm9yKGBTZXJ2aWNlICR7Y2FsbC5zZXJ2aWNlfSBkb2VzIG5vdCBleGlzdCBpbiBBV1MgU0RLIHZlcnNpb24gJHtBV1MuVkVSU0lPTn0uYCk7XG4gICAgICB9XG4gICAgICBjb25zdCBhd3NTZXJ2aWNlID0gbmV3IChBV1MgYXMgYW55KVtjYWxsLnNlcnZpY2VdKHtcbiAgICAgICAgYXBpVmVyc2lvbjogY2FsbC5hcGlWZXJzaW9uLFxuICAgICAgICBjcmVkZW50aWFsczogY3JlZGVudGlhbHMsXG4gICAgICAgIHJlZ2lvbjogY2FsbC5yZWdpb24sXG4gICAgICB9KTtcblxuICAgICAgdHJ5IHtcbiAgICAgICAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBhd3NTZXJ2aWNlW2NhbGwuYWN0aW9uXShcbiAgICAgICAgICBjYWxsLnBhcmFtZXRlcnMgJiYgZGVjb2RlU3BlY2lhbFZhbHVlcyhjYWxsLnBhcmFtZXRlcnMsIHBoeXNpY2FsUmVzb3VyY2VJZCkpLnByb21pc2UoKTtcbiAgICAgICAgZmxhdERhdGEgPSB7XG4gICAgICAgICAgYXBpVmVyc2lvbjogYXdzU2VydmljZS5jb25maWcuYXBpVmVyc2lvbiwgLy8gRm9yIHRlc3QgcHVycG9zZXM6IGNoZWNrIGlmIGFwaVZlcnNpb24gd2FzIGNvcnJlY3RseSBwYXNzZWQuXG4gICAgICAgICAgcmVnaW9uOiBhd3NTZXJ2aWNlLmNvbmZpZy5yZWdpb24sIC8vIEZvciB0ZXN0IHB1cnBvc2VzOiBjaGVjayBpZiByZWdpb24gd2FzIGNvcnJlY3RseSBwYXNzZWQuXG4gICAgICAgICAgLi4uZmxhdHRlbihyZXNwb25zZSksXG4gICAgICAgIH07XG5cbiAgICAgICAgbGV0IG91dHB1dFBhdGhzOiBzdHJpbmdbXSB8IHVuZGVmaW5lZDtcbiAgICAgICAgaWYgKGNhbGwub3V0cHV0UGF0aCkge1xuICAgICAgICAgIG91dHB1dFBhdGhzID0gW2NhbGwub3V0cHV0UGF0aF07XG4gICAgICAgIH0gZWxzZSBpZiAoY2FsbC5vdXRwdXRQYXRocykge1xuICAgICAgICAgIG91dHB1dFBhdGhzID0gY2FsbC5vdXRwdXRQYXRocztcbiAgICAgICAgfVxuXG4gICAgICAgIGlmIChvdXRwdXRQYXRocykge1xuICAgICAgICAgIGRhdGEgPSBmaWx0ZXJLZXlzKGZsYXREYXRhLCBzdGFydHNXaXRoT25lT2Yob3V0cHV0UGF0aHMpKTtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICBkYXRhID0gZmxhdERhdGE7XG4gICAgICAgIH1cbiAgICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgICAgaWYgKCFjYWxsLmlnbm9yZUVycm9yQ29kZXNNYXRjaGluZyB8fCAhbmV3IFJlZ0V4cChjYWxsLmlnbm9yZUVycm9yQ29kZXNNYXRjaGluZykudGVzdChlLmNvZGUpKSB7XG4gICAgICAgICAgdGhyb3cgZTtcbiAgICAgICAgfVxuICAgICAgfVxuXG4gICAgICBpZiAoY2FsbC5waHlzaWNhbFJlc291cmNlSWQ/LnJlc3BvbnNlUGF0aCkge1xuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQgPSBmbGF0RGF0YVtjYWxsLnBoeXNpY2FsUmVzb3VyY2VJZC5yZXNwb25zZVBhdGhdO1xuICAgICAgfVxuICAgIH1cblxuICAgIGF3YWl0IHJlc3BvbmQoJ1NVQ0NFU1MnLCAnT0snLCBwaHlzaWNhbFJlc291cmNlSWQsIGRhdGEpO1xuICB9IGNhdGNoIChlKSB7XG4gICAgY29uc29sZS5sb2coZSk7XG4gICAgYXdhaXQgcmVzcG9uZCgnRkFJTEVEJywgZS5tZXNzYWdlIHx8ICdJbnRlcm5hbCBFcnJvcicsIGNvbnRleHQubG9nU3RyZWFtTmFtZSwge30pO1xuICB9XG5cbiAgZnVuY3Rpb24gcmVzcG9uZChyZXNwb25zZVN0YXR1czogc3RyaW5nLCByZWFzb246IHN0cmluZywgcGh5c2ljYWxSZXNvdXJjZUlkOiBzdHJpbmcsIGRhdGE6IGFueSkge1xuICAgIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgIFN0YXR1czogcmVzcG9uc2VTdGF0dXMsXG4gICAgICBSZWFzb246IHJlYXNvbixcbiAgICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICAgICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICAgIFJlcXVlc3RJZDogZXZlbnQuUmVxdWVzdElkLFxuICAgICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgICAgTm9FY2hvOiBmYWxzZSxcbiAgICAgIERhdGE6IGRhdGEsXG4gICAgfSk7XG5cbiAgICBjb25zb2xlLmxvZygnUmVzcG9uZGluZycsIHJlc3BvbnNlQm9keSk7XG5cbiAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgIGNvbnN0IHBhcnNlZFVybCA9IHJlcXVpcmUoJ3VybCcpLnBhcnNlKGV2ZW50LlJlc3BvbnNlVVJMKTtcbiAgICBjb25zdCByZXF1ZXN0T3B0aW9ucyA9IHtcbiAgICAgIGhvc3RuYW1lOiBwYXJzZWRVcmwuaG9zdG5hbWUsXG4gICAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgICBoZWFkZXJzOiB7ICdjb250ZW50LXR5cGUnOiAnJywgJ2NvbnRlbnQtbGVuZ3RoJzogcmVzcG9uc2VCb2R5Lmxlbmd0aCB9LFxuICAgIH07XG5cbiAgICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgICAgdHJ5IHtcbiAgICAgICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICAgICAgY29uc3QgcmVxdWVzdCA9IHJlcXVpcmUoJ2h0dHBzJykucmVxdWVzdChyZXF1ZXN0T3B0aW9ucywgcmVzb2x2ZSk7XG4gICAgICAgIHJlcXVlc3Qub24oJ2Vycm9yJywgcmVqZWN0KTtcbiAgICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgICByZXF1ZXN0LmVuZCgpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICByZWplY3QoZSk7XG4gICAgICB9XG4gICAgfSk7XG4gIH1cbn1cblxuZnVuY3Rpb24gZGVjb2RlQ2FsbChjYWxsOiBzdHJpbmcgfCB1bmRlZmluZWQpIHtcbiAgaWYgKCFjYWxsKSB7IHJldHVybiB1bmRlZmluZWQ7IH1cbiAgcmV0dXJuIEpTT04ucGFyc2UoY2FsbCk7XG59XG5cbmZ1bmN0aW9uIHN0YXJ0c1dpdGhPbmVPZihzZWFyY2hTdHJpbmdzOiBzdHJpbmdbXSk6IChzdHJpbmc6IHN0cmluZykgPT4gYm9vbGVhbiB7XG4gIHJldHVybiBmdW5jdGlvbihzdHJpbmc6IHN0cmluZyk6IGJvb2xlYW4ge1xuICAgIGZvciAoY29uc3Qgc2VhcmNoU3RyaW5nIG9mIHNlYXJjaFN0cmluZ3MpIHtcbiAgICAgIGlmIChzdHJpbmcuc3RhcnRzV2l0aChzZWFyY2hTdHJpbmcpKSB7XG4gICAgICAgIHJldHVybiB0cnVlO1xuICAgICAgfVxuICAgIH1cbiAgICByZXR1cm4gZmFsc2U7XG4gIH07XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/index.js b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/index.js deleted file mode 100644 index ddf62f6363bf4..0000000000000 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/index.js +++ /dev/null @@ -1,250 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = exports.forceSdkInstallation = exports.flatten = exports.PHYSICAL_RESOURCE_ID_REFERENCE = void 0; -/* eslint-disable no-console */ -const child_process_1 = require("child_process"); -const fs = require("fs"); -const path_1 = require("path"); -/** - * Serialized form of the physical resource id for use in the operation parameters - */ -exports.PHYSICAL_RESOURCE_ID_REFERENCE = 'PHYSICAL:RESOURCEID:'; -/** - * Flattens a nested object - * - * @param object the object to be flattened - * @returns a flat object with path as keys - */ -function flatten(object) { - return Object.assign({}, ...function _flatten(child, path = []) { - return [].concat(...Object.keys(child) - .map(key => { - const childKey = Buffer.isBuffer(child[key]) ? child[key].toString('utf8') : child[key]; - return typeof childKey === 'object' && childKey !== null - ? _flatten(childKey, path.concat([key])) - : ({ [path.concat([key]).join('.')]: childKey }); - })); - }(object)); -} -exports.flatten = flatten; -/** - * Decodes encoded special values (physicalResourceId) - */ -function decodeSpecialValues(object, physicalResourceId) { - return JSON.parse(JSON.stringify(object), (_k, v) => { - switch (v) { - case exports.PHYSICAL_RESOURCE_ID_REFERENCE: - return physicalResourceId; - default: - return v; - } - }); -} -/** - * Filters the keys of an object. - */ -function filterKeys(object, pred) { - return Object.entries(object) - .reduce((acc, [k, v]) => pred(k) - ? { ...acc, [k]: v } - : acc, {}); -} -let latestSdkInstalled = false; -function forceSdkInstallation() { - latestSdkInstalled = false; -} -exports.forceSdkInstallation = forceSdkInstallation; -/** - * Installs latest AWS SDK v2 - */ -function installLatestSdk() { - console.log('Installing latest AWS SDK v2'); - // Both HOME and --prefix are needed here because /tmp is the only writable location - child_process_1.execSync('HOME=/tmp npm install aws-sdk@2 --production --no-package-lock --no-save --prefix /tmp'); - latestSdkInstalled = true; -} -// no currently patched services -const patchedServices = []; -/** - * Patches the AWS SDK by loading service models in the same manner as the actual SDK - */ -function patchSdk(awsSdk) { - const apiLoader = awsSdk.apiLoader; - patchedServices.forEach(({ serviceName, apiVersions }) => { - const lowerServiceName = serviceName.toLowerCase(); - if (!awsSdk.Service.hasService(lowerServiceName)) { - apiLoader.services[lowerServiceName] = {}; - awsSdk[serviceName] = awsSdk.Service.defineService(lowerServiceName, apiVersions); - } - else { - awsSdk.Service.addVersions(awsSdk[serviceName], apiVersions); - } - apiVersions.forEach(apiVersion => { - Object.defineProperty(apiLoader.services[lowerServiceName], apiVersion, { - get: function get() { - const modelFilePrefix = `aws-sdk-patch/${lowerServiceName}-${apiVersion}`; - const model = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.service.json`), 'utf-8')); - model.paginators = JSON.parse(fs.readFileSync(path_1.join(__dirname, `${modelFilePrefix}.paginators.json`), 'utf-8')).pagination; - return model; - }, - enumerable: true, - configurable: true, - }); - }); - }); - return awsSdk; -} -/* eslint-disable @typescript-eslint/no-require-imports, import/no-extraneous-dependencies */ -async function handler(event, context) { - var _a, _b, _c, _d, _e, _f, _g, _h, _j, _l, _m, _o, _p; - try { - let AWS; - if (!latestSdkInstalled && event.ResourceProperties.InstallLatestAwsSdk === 'true') { - try { - installLatestSdk(); - AWS = require('/tmp/node_modules/aws-sdk'); - } - catch (e) { - console.log(`Failed to install latest AWS SDK v2: ${e}`); - AWS = require('aws-sdk'); // Fallback to pre-installed version - } - } - else if (latestSdkInstalled) { - AWS = require('/tmp/node_modules/aws-sdk'); - } - else { - AWS = require('aws-sdk'); - } - try { - AWS = patchSdk(AWS); - } - catch (e) { - console.log(`Failed to patch AWS SDK: ${e}. Proceeding with the installed copy.`); - } - console.log(JSON.stringify(event)); - console.log('AWS SDK VERSION: ' + AWS.VERSION); - event.ResourceProperties.Create = decodeCall(event.ResourceProperties.Create); - event.ResourceProperties.Update = decodeCall(event.ResourceProperties.Update); - event.ResourceProperties.Delete = decodeCall(event.ResourceProperties.Delete); - // Default physical resource id - let physicalResourceId; - switch (event.RequestType) { - case 'Create': - physicalResourceId = (_j = (_f = (_c = (_b = (_a = event.ResourceProperties.Create) === null || _a === void 0 ? void 0 : _a.physicalResourceId) === null || _b === void 0 ? void 0 : _b.id) !== null && _c !== void 0 ? _c : (_e = (_d = event.ResourceProperties.Update) === null || _d === void 0 ? void 0 : _d.physicalResourceId) === null || _e === void 0 ? void 0 : _e.id) !== null && _f !== void 0 ? _f : (_h = (_g = event.ResourceProperties.Delete) === null || _g === void 0 ? void 0 : _g.physicalResourceId) === null || _h === void 0 ? void 0 : _h.id) !== null && _j !== void 0 ? _j : event.LogicalResourceId; - break; - case 'Update': - case 'Delete': - physicalResourceId = (_o = (_m = (_l = event.ResourceProperties[event.RequestType]) === null || _l === void 0 ? void 0 : _l.physicalResourceId) === null || _m === void 0 ? void 0 : _m.id) !== null && _o !== void 0 ? _o : event.PhysicalResourceId; - break; - } - let flatData = {}; - let data = {}; - const call = event.ResourceProperties[event.RequestType]; - if (call) { - let credentials; - if (call.assumedRoleArn) { - const timestamp = (new Date()).getTime(); - const params = { - RoleArn: call.assumedRoleArn, - RoleSessionName: `${timestamp}-${physicalResourceId}`.substring(0, 64), - }; - credentials = new AWS.ChainableTemporaryCredentials({ - params: params, - }); - } - if (!Object.prototype.hasOwnProperty.call(AWS, call.service)) { - throw Error(`Service ${call.service} does not exist in AWS SDK version ${AWS.VERSION}.`); - } - const awsService = new AWS[call.service]({ - apiVersion: call.apiVersion, - credentials: credentials, - region: call.region, - }); - try { - const response = await awsService[call.action](call.parameters && decodeSpecialValues(call.parameters, physicalResourceId)).promise(); - flatData = { - apiVersion: awsService.config.apiVersion, - region: awsService.config.region, - ...flatten(response), - }; - let outputPaths; - if (call.outputPath) { - outputPaths = [call.outputPath]; - } - else if (call.outputPaths) { - outputPaths = call.outputPaths; - } - if (outputPaths) { - data = filterKeys(flatData, startsWithOneOf(outputPaths)); - } - else { - data = flatData; - } - } - catch (e) { - if (!call.ignoreErrorCodesMatching || !new RegExp(call.ignoreErrorCodesMatching).test(e.code)) { - throw e; - } - } - if ((_p = call.physicalResourceId) === null || _p === void 0 ? void 0 : _p.responsePath) { - physicalResourceId = flatData[call.physicalResourceId.responsePath]; - } - } - await respond('SUCCESS', 'OK', physicalResourceId, data); - } - catch (e) { - console.log(e); - await respond('FAILED', e.message || 'Internal Error', context.logStreamName, {}); - } - function respond(responseStatus, reason, physicalResourceId, data) { - const responseBody = JSON.stringify({ - Status: responseStatus, - Reason: reason, - PhysicalResourceId: physicalResourceId, - StackId: event.StackId, - RequestId: event.RequestId, - LogicalResourceId: event.LogicalResourceId, - NoEcho: false, - Data: data, - }); - console.log('Responding', responseBody); - // eslint-disable-next-line @typescript-eslint/no-require-imports - const parsedUrl = require('url').parse(event.ResponseURL); - const requestOptions = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: 'PUT', - headers: { 'content-type': '', 'content-length': responseBody.length }, - }; - return new Promise((resolve, reject) => { - try { - // eslint-disable-next-line @typescript-eslint/no-require-imports - const request = require('https').request(requestOptions, resolve); - request.on('error', reject); - request.write(responseBody); - request.end(); - } - catch (e) { - reject(e); - } - }); - } -} -exports.handler = handler; -function decodeCall(call) { - if (!call) { - return undefined; - } - return JSON.parse(call); -} -function startsWithOneOf(searchStrings) { - return function (string) { - for (const searchString of searchStrings) { - if (string.startsWith(searchString)) { - return true; - } - } - return false; - }; -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsaURBQXlDO0FBQ3pDLHlCQUF5QjtBQUN6QiwrQkFBNEI7QUFTNUI7O0dBRUc7QUFDVSxRQUFBLDhCQUE4QixHQUFHLHNCQUFzQixDQUFDO0FBRXJFOzs7OztHQUtHO0FBQ0gsU0FBZ0IsT0FBTyxDQUFDLE1BQWM7SUFDcEMsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUNsQixFQUFFLEVBQ0YsR0FBRyxTQUFTLFFBQVEsQ0FBQyxLQUFVLEVBQUUsT0FBaUIsRUFBRTtRQUNsRCxPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQzthQUNuQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDVCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDeEYsT0FBTyxPQUFPLFFBQVEsS0FBSyxRQUFRLElBQUksUUFBUSxLQUFLLElBQUk7Z0JBQ3RELENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUN4QyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLENBQUMsQ0FBQztRQUNyRCxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUNWLENBQUM7QUFDSixDQUFDO0FBYkQsMEJBYUM7QUFFRDs7R0FFRztBQUNILFNBQVMsbUJBQW1CLENBQUMsTUFBYyxFQUFFLGtCQUEwQjtJQUNyRSxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLEVBQUUsRUFBRTtRQUNsRCxRQUFRLENBQUMsRUFBRTtZQUNULEtBQUssc0NBQThCO2dCQUNqQyxPQUFPLGtCQUFrQixDQUFDO1lBQzVCO2dCQUNFLE9BQU8sQ0FBQyxDQUFDO1NBQ1o7SUFDSCxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQVMsVUFBVSxDQUFDLE1BQWMsRUFBRSxJQUE4QjtJQUNoRSxPQUFPLE1BQU0sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDO1NBQzFCLE1BQU0sQ0FDTCxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUN0QixDQUFDLENBQUMsRUFBRSxHQUFHLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRTtRQUNwQixDQUFDLENBQUMsR0FBRyxFQUNQLEVBQUUsQ0FDSCxDQUFDO0FBQ04sQ0FBQztBQUVELElBQUksa0JBQWtCLEdBQUcsS0FBSyxDQUFDO0FBRS9CLFNBQWdCLG9CQUFvQjtJQUNsQyxrQkFBa0IsR0FBRyxLQUFLLENBQUM7QUFDN0IsQ0FBQztBQUZELG9EQUVDO0FBRUQ7O0dBRUc7QUFDSCxTQUFTLGdCQUFnQjtJQUN2QixPQUFPLENBQUMsR0FBRyxDQUFDLDhCQUE4QixDQUFDLENBQUM7SUFDNUMsb0ZBQW9GO0lBQ3BGLHdCQUFRLENBQUMsd0ZBQXdGLENBQUMsQ0FBQztJQUNuRyxrQkFBa0IsR0FBRyxJQUFJLENBQUM7QUFDNUIsQ0FBQztBQUVELGdDQUFnQztBQUNoQyxNQUFNLGVBQWUsR0FBcUQsRUFBRSxDQUFDO0FBQzdFOztHQUVHO0FBQ0gsU0FBUyxRQUFRLENBQUMsTUFBVztJQUMzQixNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDO0lBQ25DLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLFdBQVcsRUFBRSxXQUFXLEVBQUUsRUFBRSxFQUFFO1FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ25ELElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFO1lBQ2hELFNBQVMsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDMUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFDLGdCQUFnQixFQUFFLFdBQVcsQ0FBQyxDQUFDO1NBQ25GO2FBQU07WUFDTCxNQUFNLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDOUQ7UUFDRCxXQUFXLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxFQUFFO1lBQy9CLE1BQU0sQ0FBQyxjQUFjLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLFVBQVUsRUFBRTtnQkFDdEUsR0FBRyxFQUFFLFNBQVMsR0FBRztvQkFDZixNQUFNLGVBQWUsR0FBRyxpQkFBaUIsZ0JBQWdCLElBQUksVUFBVSxFQUFFLENBQUM7b0JBQzFFLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxlQUFlLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDO29CQUN2RyxLQUFLLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxXQUFJLENBQUMsU0FBUyxFQUFFLEdBQUcsZUFBZSxrQkFBa0IsQ0FBQyxFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDO29CQUMxSCxPQUFPLEtBQUssQ0FBQztnQkFDZixDQUFDO2dCQUNELFVBQVUsRUFBRSxJQUFJO2dCQUNoQixZQUFZLEVBQUUsSUFBSTthQUNuQixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0gsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVELDZGQUE2RjtBQUN0RixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7O0lBQzFHLElBQUk7UUFDRixJQUFJLEdBQVEsQ0FBQztRQUNiLElBQUksQ0FBQyxrQkFBa0IsSUFBSSxLQUFLLENBQUMsa0JBQWtCLENBQUMsbUJBQW1CLEtBQUssTUFBTSxFQUFFO1lBQ2xGLElBQUk7Z0JBQ0YsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDbkIsR0FBRyxHQUFHLE9BQU8sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO2FBQzVDO1lBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQ1YsT0FBTyxDQUFDLEdBQUcsQ0FBQyx3Q0FBd0MsQ0FBQyxFQUFFLENBQUMsQ0FBQztnQkFDekQsR0FBRyxHQUFHLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLG9DQUFvQzthQUMvRDtTQUNGO2FBQU0sSUFBSSxrQkFBa0IsRUFBRTtZQUM3QixHQUFHLEdBQUcsT0FBTyxDQUFDLDJCQUEyQixDQUFDLENBQUM7U0FDNUM7YUFBTTtZQUNMLEdBQUcsR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7U0FDMUI7UUFDRCxJQUFJO1lBQ0YsR0FBRyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztTQUNyQjtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsT0FBTyxDQUFDLEdBQUcsQ0FBQyw0QkFBNEIsQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO1NBQ25GO1FBRUQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7UUFDbkMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQkFBbUIsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFL0MsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzlFLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM5RSxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUUsK0JBQStCO1FBQy9CLElBQUksa0JBQTBCLENBQUM7UUFDL0IsUUFBUSxLQUFLLENBQUMsV0FBVyxFQUFFO1lBQ3pCLEtBQUssUUFBUTtnQkFDWCxrQkFBa0IsaUNBQUcsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sMENBQUUsa0JBQWtCLDBDQUFFLEVBQUUsK0NBQ3ZELEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLDBDQUFFLGtCQUFrQiwwQ0FBRSxFQUFFLCtDQUN2RCxLQUFLLENBQUMsa0JBQWtCLENBQUMsTUFBTSwwQ0FBRSxrQkFBa0IsMENBQUUsRUFBRSxtQ0FDdkQsS0FBSyxDQUFDLGlCQUFpQixDQUFDO2dCQUM3QyxNQUFNO1lBQ1IsS0FBSyxRQUFRLENBQUM7WUFDZCxLQUFLLFFBQVE7Z0JBQ1gsa0JBQWtCLHFCQUFHLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLDBDQUFFLGtCQUFrQiwwQ0FBRSxFQUFFLG1DQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQztnQkFDckgsTUFBTTtTQUNUO1FBRUQsSUFBSSxRQUFRLEdBQThCLEVBQUUsQ0FBQztRQUM3QyxJQUFJLElBQUksR0FBOEIsRUFBRSxDQUFDO1FBQ3pDLE1BQU0sSUFBSSxHQUEyQixLQUFLLENBQUMsa0JBQWtCLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRWpGLElBQUksSUFBSSxFQUFFO1lBRVIsSUFBSSxXQUFXLENBQUM7WUFDaEIsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFO2dCQUN2QixNQUFNLFNBQVMsR0FBRyxDQUFDLElBQUksSUFBSSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztnQkFFekMsTUFBTSxNQUFNLEdBQUc7b0JBQ2IsT0FBTyxFQUFFLElBQUksQ0FBQyxjQUFjO29CQUM1QixlQUFlLEVBQUUsR0FBRyxTQUFTLElBQUksa0JBQWtCLEVBQUUsQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQztpQkFDdkUsQ0FBQztnQkFFRixXQUFXLEdBQUcsSUFBSSxHQUFHLENBQUMsNkJBQTZCLENBQUM7b0JBQ2xELE1BQU0sRUFBRSxNQUFNO2lCQUNmLENBQUMsQ0FBQzthQUNKO1lBRUQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxFQUFFO2dCQUM1RCxNQUFNLEtBQUssQ0FBQyxXQUFXLElBQUksQ0FBQyxPQUFPLHNDQUFzQyxHQUFHLENBQUMsT0FBTyxHQUFHLENBQUMsQ0FBQzthQUMxRjtZQUNELE1BQU0sVUFBVSxHQUFHLElBQUssR0FBVyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDaEQsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO2dCQUMzQixXQUFXLEVBQUUsV0FBVztnQkFDeEIsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2FBQ3BCLENBQUMsQ0FBQztZQUVILElBQUk7Z0JBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxVQUFVLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUM1QyxJQUFJLENBQUMsVUFBVSxJQUFJLG1CQUFtQixDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUN6RixRQUFRLEdBQUc7b0JBQ1QsVUFBVSxFQUFFLFVBQVUsQ0FBQyxNQUFNLENBQUMsVUFBVTtvQkFDeEMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxNQUFNLENBQUMsTUFBTTtvQkFDaEMsR0FBRyxPQUFPLENBQUMsUUFBUSxDQUFDO2lCQUNyQixDQUFDO2dCQUVGLElBQUksV0FBaUMsQ0FBQztnQkFDdEMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFO29CQUNuQixXQUFXLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7aUJBQ2pDO3FCQUFNLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRTtvQkFDM0IsV0FBVyxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUM7aUJBQ2hDO2dCQUVELElBQUksV0FBVyxFQUFFO29CQUNmLElBQUksR0FBRyxVQUFVLENBQUMsUUFBUSxFQUFFLGVBQWUsQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDO2lCQUMzRDtxQkFBTTtvQkFDTCxJQUFJLEdBQUcsUUFBUSxDQUFDO2lCQUNqQjthQUNGO1lBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQ1YsSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsSUFBSSxDQUFDLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUU7b0JBQzdGLE1BQU0sQ0FBQyxDQUFDO2lCQUNUO2FBQ0Y7WUFFRCxVQUFJLElBQUksQ0FBQyxrQkFBa0IsMENBQUUsWUFBWSxFQUFFO2dCQUN6QyxrQkFBa0IsR0FBRyxRQUFRLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLFlBQVksQ0FBQyxDQUFDO2FBQ3JFO1NBQ0Y7UUFFRCxNQUFNLE9BQU8sQ0FBQyxTQUFTLEVBQUUsSUFBSSxFQUFFLGtCQUFrQixFQUFFLElBQUksQ0FBQyxDQUFDO0tBQzFEO0lBQUMsT0FBTyxDQUFDLEVBQUU7UUFDVixPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2YsTUFBTSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxPQUFPLElBQUksZ0JBQWdCLEVBQUUsT0FBTyxDQUFDLGFBQWEsRUFBRSxFQUFFLENBQUMsQ0FBQztLQUNuRjtJQUVELFNBQVMsT0FBTyxDQUFDLGNBQXNCLEVBQUUsTUFBYyxFQUFFLGtCQUEwQixFQUFFLElBQVM7UUFDNUYsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQztZQUNsQyxNQUFNLEVBQUUsY0FBYztZQUN0QixNQUFNLEVBQUUsTUFBTTtZQUNkLGtCQUFrQixFQUFFLGtCQUFrQjtZQUN0QyxPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87WUFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1lBQzFCLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7WUFDMUMsTUFBTSxFQUFFLEtBQUs7WUFDYixJQUFJLEVBQUUsSUFBSTtTQUNYLENBQUMsQ0FBQztRQUVILE9BQU8sQ0FBQyxHQUFHLENBQUMsWUFBWSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBRXhDLGlFQUFpRTtRQUNqRSxNQUFNLFNBQVMsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUMxRCxNQUFNLGNBQWMsR0FBRztZQUNyQixRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVE7WUFDNUIsSUFBSSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1lBQ3BCLE1BQU0sRUFBRSxLQUFLO1lBQ2IsT0FBTyxFQUFFLEVBQUUsY0FBYyxFQUFFLEVBQUUsRUFBRSxnQkFBZ0IsRUFBRSxZQUFZLENBQUMsTUFBTSxFQUFFO1NBQ3ZFLENBQUM7UUFFRixPQUFPLElBQUksT0FBTyxDQUFDLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQ3JDLElBQUk7Z0JBQ0YsaUVBQWlFO2dCQUNqRSxNQUFNLE9BQU8sR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsT0FBTyxDQUFDLGNBQWMsRUFBRSxPQUFPLENBQUMsQ0FBQztnQkFDbEUsT0FBTyxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7Z0JBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7Z0JBQzVCLE9BQU8sQ0FBQyxHQUFHLEVBQUUsQ0FBQzthQUNmO1lBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQ1YsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO2FBQ1g7UUFDSCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7QUFDSCxDQUFDO0FBakpELDBCQWlKQztBQUVELFNBQVMsVUFBVSxDQUFDLElBQXdCO0lBQzFDLElBQUksQ0FBQyxJQUFJLEVBQUU7UUFBRSxPQUFPLFNBQVMsQ0FBQztLQUFFO0lBQ2hDLE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUMxQixDQUFDO0FBRUQsU0FBUyxlQUFlLENBQUMsYUFBdUI7SUFDOUMsT0FBTyxVQUFTLE1BQWM7UUFDNUIsS0FBSyxNQUFNLFlBQVksSUFBSSxhQUFhLEVBQUU7WUFDeEMsSUFBSSxNQUFNLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FBQyxFQUFFO2dCQUNuQyxPQUFPLElBQUksQ0FBQzthQUNiO1NBQ0Y7UUFDRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUMsQ0FBQztBQUNKLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBuby1jb25zb2xlICovXG5pbXBvcnQgeyBleGVjU3luYyB9IGZyb20gJ2NoaWxkX3Byb2Nlc3MnO1xuaW1wb3J0ICogYXMgZnMgZnJvbSAnZnMnO1xuaW1wb3J0IHsgam9pbiB9IGZyb20gJ3BhdGgnO1xuLy8gaW1wb3J0IHRoZSBBV1NMYW1iZGEgcGFja2FnZSBleHBsaWNpdGx5LFxuLy8gd2hpY2ggaXMgZ2xvYmFsbHkgYXZhaWxhYmxlIGluIHRoZSBMYW1iZGEgcnVudGltZSxcbi8vIGFzIG90aGVyd2lzZSBsaW5raW5nIHRoaXMgcmVwb3NpdG9yeSB3aXRoIGxpbmstYWxsLnNoXG4vLyBmYWlscyBpbiB0aGUgQ0RLIGFwcCBleGVjdXRlZCB3aXRoIHRzLW5vZGVcbi8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMsaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbmltcG9ydCB7IEF3c1Nka0NhbGwgfSBmcm9tICcuLi9hd3MtY3VzdG9tLXJlc291cmNlJztcblxuLyoqXG4gKiBTZXJpYWxpemVkIGZvcm0gb2YgdGhlIHBoeXNpY2FsIHJlc291cmNlIGlkIGZvciB1c2UgaW4gdGhlIG9wZXJhdGlvbiBwYXJhbWV0ZXJzXG4gKi9cbmV4cG9ydCBjb25zdCBQSFlTSUNBTF9SRVNPVVJDRV9JRF9SRUZFUkVOQ0UgPSAnUEhZU0lDQUw6UkVTT1VSQ0VJRDonO1xuXG4vKipcbiAqIEZsYXR0ZW5zIGEgbmVzdGVkIG9iamVjdFxuICpcbiAqIEBwYXJhbSBvYmplY3QgdGhlIG9iamVjdCB0byBiZSBmbGF0dGVuZWRcbiAqIEByZXR1cm5zIGEgZmxhdCBvYmplY3Qgd2l0aCBwYXRoIGFzIGtleXNcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGZsYXR0ZW4ob2JqZWN0OiBvYmplY3QpOiB7IFtrZXk6IHN0cmluZ106IGFueSB9IHtcbiAgcmV0dXJuIE9iamVjdC5hc3NpZ24oXG4gICAge30sXG4gICAgLi4uZnVuY3Rpb24gX2ZsYXR0ZW4oY2hpbGQ6IGFueSwgcGF0aDogc3RyaW5nW10gPSBbXSk6IGFueSB7XG4gICAgICByZXR1cm4gW10uY29uY2F0KC4uLk9iamVjdC5rZXlzKGNoaWxkKVxuICAgICAgICAubWFwKGtleSA9PiB7XG4gICAgICAgICAgY29uc3QgY2hpbGRLZXkgPSBCdWZmZXIuaXNCdWZmZXIoY2hpbGRba2V5XSkgPyBjaGlsZFtrZXldLnRvU3RyaW5nKCd1dGY4JykgOiBjaGlsZFtrZXldO1xuICAgICAgICAgIHJldHVybiB0eXBlb2YgY2hpbGRLZXkgPT09ICdvYmplY3QnICYmIGNoaWxkS2V5ICE9PSBudWxsXG4gICAgICAgICAgICA/IF9mbGF0dGVuKGNoaWxkS2V5LCBwYXRoLmNvbmNhdChba2V5XSkpXG4gICAgICAgICAgICA6ICh7IFtwYXRoLmNvbmNhdChba2V5XSkuam9pbignLicpXTogY2hpbGRLZXkgfSk7XG4gICAgICAgIH0pKTtcbiAgICB9KG9iamVjdCksXG4gICk7XG59XG5cbi8qKlxuICogRGVjb2RlcyBlbmNvZGVkIHNwZWNpYWwgdmFsdWVzIChwaHlzaWNhbFJlc291cmNlSWQpXG4gKi9cbmZ1bmN0aW9uIGRlY29kZVNwZWNpYWxWYWx1ZXMob2JqZWN0OiBvYmplY3QsIHBoeXNpY2FsUmVzb3VyY2VJZDogc3RyaW5nKSB7XG4gIHJldHVybiBKU09OLnBhcnNlKEpTT04uc3RyaW5naWZ5KG9iamVjdCksIChfaywgdikgPT4ge1xuICAgIHN3aXRjaCAodikge1xuICAgICAgY2FzZSBQSFlTSUNBTF9SRVNPVVJDRV9JRF9SRUZFUkVOQ0U6XG4gICAgICAgIHJldHVybiBwaHlzaWNhbFJlc291cmNlSWQ7XG4gICAgICBkZWZhdWx0OlxuICAgICAgICByZXR1cm4gdjtcbiAgICB9XG4gIH0pO1xufVxuXG4vKipcbiAqIEZpbHRlcnMgdGhlIGtleXMgb2YgYW4gb2JqZWN0LlxuICovXG5mdW5jdGlvbiBmaWx0ZXJLZXlzKG9iamVjdDogb2JqZWN0LCBwcmVkOiAoa2V5OiBzdHJpbmcpID0+IGJvb2xlYW4pIHtcbiAgcmV0dXJuIE9iamVjdC5lbnRyaWVzKG9iamVjdClcbiAgICAucmVkdWNlKFxuICAgICAgKGFjYywgW2ssIHZdKSA9PiBwcmVkKGspXG4gICAgICAgID8geyAuLi5hY2MsIFtrXTogdiB9XG4gICAgICAgIDogYWNjLFxuICAgICAge30sXG4gICAgKTtcbn1cblxubGV0IGxhdGVzdFNka0luc3RhbGxlZCA9IGZhbHNlO1xuXG5leHBvcnQgZnVuY3Rpb24gZm9yY2VTZGtJbnN0YWxsYXRpb24oKSB7XG4gIGxhdGVzdFNka0luc3RhbGxlZCA9IGZhbHNlO1xufVxuXG4vKipcbiAqIEluc3RhbGxzIGxhdGVzdCBBV1MgU0RLIHYyXG4gKi9cbmZ1bmN0aW9uIGluc3RhbGxMYXRlc3RTZGsoKTogdm9pZCB7XG4gIGNvbnNvbGUubG9nKCdJbnN0YWxsaW5nIGxhdGVzdCBBV1MgU0RLIHYyJyk7XG4gIC8vIEJvdGggSE9NRSBhbmQgLS1wcmVmaXggYXJlIG5lZWRlZCBoZXJlIGJlY2F1c2UgL3RtcCBpcyB0aGUgb25seSB3cml0YWJsZSBsb2NhdGlvblxuICBleGVjU3luYygnSE9NRT0vdG1wIG5wbSBpbnN0YWxsIGF3cy1zZGtAMiAtLXByb2R1Y3Rpb24gLS1uby1wYWNrYWdlLWxvY2sgLS1uby1zYXZlIC0tcHJlZml4IC90bXAnKTtcbiAgbGF0ZXN0U2RrSW5zdGFsbGVkID0gdHJ1ZTtcbn1cblxuLy8gbm8gY3VycmVudGx5IHBhdGNoZWQgc2VydmljZXNcbmNvbnN0IHBhdGNoZWRTZXJ2aWNlczogeyBzZXJ2aWNlTmFtZTogc3RyaW5nOyBhcGlWZXJzaW9uczogc3RyaW5nW10gfVtdID0gW107XG4vKipcbiAqIFBhdGNoZXMgdGhlIEFXUyBTREsgYnkgbG9hZGluZyBzZXJ2aWNlIG1vZGVscyBpbiB0aGUgc2FtZSBtYW5uZXIgYXMgdGhlIGFjdHVhbCBTREtcbiAqL1xuZnVuY3Rpb24gcGF0Y2hTZGsoYXdzU2RrOiBhbnkpOiBhbnkge1xuICBjb25zdCBhcGlMb2FkZXIgPSBhd3NTZGsuYXBpTG9hZGVyO1xuICBwYXRjaGVkU2VydmljZXMuZm9yRWFjaCgoeyBzZXJ2aWNlTmFtZSwgYXBpVmVyc2lvbnMgfSkgPT4ge1xuICAgIGNvbnN0IGxvd2VyU2VydmljZU5hbWUgPSBzZXJ2aWNlTmFtZS50b0xvd2VyQ2FzZSgpO1xuICAgIGlmICghYXdzU2RrLlNlcnZpY2UuaGFzU2VydmljZShsb3dlclNlcnZpY2VOYW1lKSkge1xuICAgICAgYXBpTG9hZGVyLnNlcnZpY2VzW2xvd2VyU2VydmljZU5hbWVdID0ge307XG4gICAgICBhd3NTZGtbc2VydmljZU5hbWVdID0gYXdzU2RrLlNlcnZpY2UuZGVmaW5lU2VydmljZShsb3dlclNlcnZpY2VOYW1lLCBhcGlWZXJzaW9ucyk7XG4gICAgfSBlbHNlIHtcbiAgICAgIGF3c1Nkay5TZXJ2aWNlLmFkZFZlcnNpb25zKGF3c1Nka1tzZXJ2aWNlTmFtZV0sIGFwaVZlcnNpb25zKTtcbiAgICB9XG4gICAgYXBpVmVyc2lvbnMuZm9yRWFjaChhcGlWZXJzaW9uID0+IHtcbiAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShhcGlMb2FkZXIuc2VydmljZXNbbG93ZXJTZXJ2aWNlTmFtZV0sIGFwaVZlcnNpb24sIHtcbiAgICAgICAgZ2V0OiBmdW5jdGlvbiBnZXQoKSB7XG4gICAgICAgICAgY29uc3QgbW9kZWxGaWxlUHJlZml4ID0gYGF3cy1zZGstcGF0Y2gvJHtsb3dlclNlcnZpY2VOYW1lfS0ke2FwaVZlcnNpb259YDtcbiAgICAgICAgICBjb25zdCBtb2RlbCA9IEpTT04ucGFyc2UoZnMucmVhZEZpbGVTeW5jKGpvaW4oX19kaXJuYW1lLCBgJHttb2RlbEZpbGVQcmVmaXh9LnNlcnZpY2UuanNvbmApLCAndXRmLTgnKSk7XG4gICAgICAgICAgbW9kZWwucGFnaW5hdG9ycyA9IEpTT04ucGFyc2UoZnMucmVhZEZpbGVTeW5jKGpvaW4oX19kaXJuYW1lLCBgJHttb2RlbEZpbGVQcmVmaXh9LnBhZ2luYXRvcnMuanNvbmApLCAndXRmLTgnKSkucGFnaW5hdGlvbjtcbiAgICAgICAgICByZXR1cm4gbW9kZWw7XG4gICAgICAgIH0sXG4gICAgICAgIGVudW1lcmFibGU6IHRydWUsXG4gICAgICAgIGNvbmZpZ3VyYWJsZTogdHJ1ZSxcbiAgICAgIH0pO1xuICAgIH0pO1xuICB9KTtcbiAgcmV0dXJuIGF3c1Nkaztcbn1cblxuLyogZXNsaW50LWRpc2FibGUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0cywgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzICovXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpIHtcbiAgdHJ5IHtcbiAgICBsZXQgQVdTOiBhbnk7XG4gICAgaWYgKCFsYXRlc3RTZGtJbnN0YWxsZWQgJiYgZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkluc3RhbGxMYXRlc3RBd3NTZGsgPT09ICd0cnVlJykge1xuICAgICAgdHJ5IHtcbiAgICAgICAgaW5zdGFsbExhdGVzdFNkaygpO1xuICAgICAgICBBV1MgPSByZXF1aXJlKCcvdG1wL25vZGVfbW9kdWxlcy9hd3Mtc2RrJyk7XG4gICAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgIGNvbnNvbGUubG9nKGBGYWlsZWQgdG8gaW5zdGFsbCBsYXRlc3QgQVdTIFNESyB2MjogJHtlfWApO1xuICAgICAgICBBV1MgPSByZXF1aXJlKCdhd3Mtc2RrJyk7IC8vIEZhbGxiYWNrIHRvIHByZS1pbnN0YWxsZWQgdmVyc2lvblxuICAgICAgfVxuICAgIH0gZWxzZSBpZiAobGF0ZXN0U2RrSW5zdGFsbGVkKSB7XG4gICAgICBBV1MgPSByZXF1aXJlKCcvdG1wL25vZGVfbW9kdWxlcy9hd3Mtc2RrJyk7XG4gICAgfSBlbHNlIHtcbiAgICAgIEFXUyA9IHJlcXVpcmUoJ2F3cy1zZGsnKTtcbiAgICB9XG4gICAgdHJ5IHtcbiAgICAgIEFXUyA9IHBhdGNoU2RrKEFXUyk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgY29uc29sZS5sb2coYEZhaWxlZCB0byBwYXRjaCBBV1MgU0RLOiAke2V9LiBQcm9jZWVkaW5nIHdpdGggdGhlIGluc3RhbGxlZCBjb3B5LmApO1xuICAgIH1cblxuICAgIGNvbnNvbGUubG9nKEpTT04uc3RyaW5naWZ5KGV2ZW50KSk7XG4gICAgY29uc29sZS5sb2coJ0FXUyBTREsgVkVSU0lPTjogJyArIEFXUy5WRVJTSU9OKTtcblxuICAgIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5DcmVhdGUgPSBkZWNvZGVDYWxsKGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5DcmVhdGUpO1xuICAgIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5VcGRhdGUgPSBkZWNvZGVDYWxsKGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5VcGRhdGUpO1xuICAgIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5EZWxldGUgPSBkZWNvZGVDYWxsKGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5EZWxldGUpO1xuICAgIC8vIERlZmF1bHQgcGh5c2ljYWwgcmVzb3VyY2UgaWRcbiAgICBsZXQgcGh5c2ljYWxSZXNvdXJjZUlkOiBzdHJpbmc7XG4gICAgc3dpdGNoIChldmVudC5SZXF1ZXN0VHlwZSkge1xuICAgICAgY2FzZSAnQ3JlYXRlJzpcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkNyZWF0ZT8ucGh5c2ljYWxSZXNvdXJjZUlkPy5pZCA/P1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgICBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXBkYXRlPy5waHlzaWNhbFJlc291cmNlSWQ/LmlkID8/XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgIGV2ZW50LlJlc291cmNlUHJvcGVydGllcy5EZWxldGU/LnBoeXNpY2FsUmVzb3VyY2VJZD8uaWQgPz9cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXZlbnQuTG9naWNhbFJlc291cmNlSWQ7XG4gICAgICAgIGJyZWFrO1xuICAgICAgY2FzZSAnVXBkYXRlJzpcbiAgICAgIGNhc2UgJ0RlbGV0ZSc6XG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZCA9IGV2ZW50LlJlc291cmNlUHJvcGVydGllc1tldmVudC5SZXF1ZXN0VHlwZV0/LnBoeXNpY2FsUmVzb3VyY2VJZD8uaWQgPz8gZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgICAgICBicmVhaztcbiAgICB9XG5cbiAgICBsZXQgZmxhdERhdGE6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0gPSB7fTtcbiAgICBsZXQgZGF0YTogeyBba2V5OiBzdHJpbmddOiBzdHJpbmcgfSA9IHt9O1xuICAgIGNvbnN0IGNhbGw6IEF3c1Nka0NhbGwgfCB1bmRlZmluZWQgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXNbZXZlbnQuUmVxdWVzdFR5cGVdO1xuXG4gICAgaWYgKGNhbGwpIHtcblxuICAgICAgbGV0IGNyZWRlbnRpYWxzO1xuICAgICAgaWYgKGNhbGwuYXNzdW1lZFJvbGVBcm4pIHtcbiAgICAgICAgY29uc3QgdGltZXN0YW1wID0gKG5ldyBEYXRlKCkpLmdldFRpbWUoKTtcblxuICAgICAgICBjb25zdCBwYXJhbXMgPSB7XG4gICAgICAgICAgUm9sZUFybjogY2FsbC5hc3N1bWVkUm9sZUFybixcbiAgICAgICAgICBSb2xlU2Vzc2lvbk5hbWU6IGAke3RpbWVzdGFtcH0tJHtwaHlzaWNhbFJlc291cmNlSWR9YC5zdWJzdHJpbmcoMCwgNjQpLFxuICAgICAgICB9O1xuXG4gICAgICAgIGNyZWRlbnRpYWxzID0gbmV3IEFXUy5DaGFpbmFibGVUZW1wb3JhcnlDcmVkZW50aWFscyh7XG4gICAgICAgICAgcGFyYW1zOiBwYXJhbXMsXG4gICAgICAgIH0pO1xuICAgICAgfVxuXG4gICAgICBpZiAoIU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChBV1MsIGNhbGwuc2VydmljZSkpIHtcbiAgICAgICAgdGhyb3cgRXJyb3IoYFNlcnZpY2UgJHtjYWxsLnNlcnZpY2V9IGRvZXMgbm90IGV4aXN0IGluIEFXUyBTREsgdmVyc2lvbiAke0FXUy5WRVJTSU9OfS5gKTtcbiAgICAgIH1cbiAgICAgIGNvbnN0IGF3c1NlcnZpY2UgPSBuZXcgKEFXUyBhcyBhbnkpW2NhbGwuc2VydmljZV0oe1xuICAgICAgICBhcGlWZXJzaW9uOiBjYWxsLmFwaVZlcnNpb24sXG4gICAgICAgIGNyZWRlbnRpYWxzOiBjcmVkZW50aWFscyxcbiAgICAgICAgcmVnaW9uOiBjYWxsLnJlZ2lvbixcbiAgICAgIH0pO1xuXG4gICAgICB0cnkge1xuICAgICAgICBjb25zdCByZXNwb25zZSA9IGF3YWl0IGF3c1NlcnZpY2VbY2FsbC5hY3Rpb25dKFxuICAgICAgICAgIGNhbGwucGFyYW1ldGVycyAmJiBkZWNvZGVTcGVjaWFsVmFsdWVzKGNhbGwucGFyYW1ldGVycywgcGh5c2ljYWxSZXNvdXJjZUlkKSkucHJvbWlzZSgpO1xuICAgICAgICBmbGF0RGF0YSA9IHtcbiAgICAgICAgICBhcGlWZXJzaW9uOiBhd3NTZXJ2aWNlLmNvbmZpZy5hcGlWZXJzaW9uLCAvLyBGb3IgdGVzdCBwdXJwb3NlczogY2hlY2sgaWYgYXBpVmVyc2lvbiB3YXMgY29ycmVjdGx5IHBhc3NlZC5cbiAgICAgICAgICByZWdpb246IGF3c1NlcnZpY2UuY29uZmlnLnJlZ2lvbiwgLy8gRm9yIHRlc3QgcHVycG9zZXM6IGNoZWNrIGlmIHJlZ2lvbiB3YXMgY29ycmVjdGx5IHBhc3NlZC5cbiAgICAgICAgICAuLi5mbGF0dGVuKHJlc3BvbnNlKSxcbiAgICAgICAgfTtcblxuICAgICAgICBsZXQgb3V0cHV0UGF0aHM6IHN0cmluZ1tdIHwgdW5kZWZpbmVkO1xuICAgICAgICBpZiAoY2FsbC5vdXRwdXRQYXRoKSB7XG4gICAgICAgICAgb3V0cHV0UGF0aHMgPSBbY2FsbC5vdXRwdXRQYXRoXTtcbiAgICAgICAgfSBlbHNlIGlmIChjYWxsLm91dHB1dFBhdGhzKSB7XG4gICAgICAgICAgb3V0cHV0UGF0aHMgPSBjYWxsLm91dHB1dFBhdGhzO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKG91dHB1dFBhdGhzKSB7XG4gICAgICAgICAgZGF0YSA9IGZpbHRlcktleXMoZmxhdERhdGEsIHN0YXJ0c1dpdGhPbmVPZihvdXRwdXRQYXRocykpO1xuICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgIGRhdGEgPSBmbGF0RGF0YTtcbiAgICAgICAgfVxuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICBpZiAoIWNhbGwuaWdub3JlRXJyb3JDb2Rlc01hdGNoaW5nIHx8ICFuZXcgUmVnRXhwKGNhbGwuaWdub3JlRXJyb3JDb2Rlc01hdGNoaW5nKS50ZXN0KGUuY29kZSkpIHtcbiAgICAgICAgICB0aHJvdyBlO1xuICAgICAgICB9XG4gICAgICB9XG5cbiAgICAgIGlmIChjYWxsLnBoeXNpY2FsUmVzb3VyY2VJZD8ucmVzcG9uc2VQYXRoKSB7XG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZCA9IGZsYXREYXRhW2NhbGwucGh5c2ljYWxSZXNvdXJjZUlkLnJlc3BvbnNlUGF0aF07XG4gICAgICB9XG4gICAgfVxuXG4gICAgYXdhaXQgcmVzcG9uZCgnU1VDQ0VTUycsICdPSycsIHBoeXNpY2FsUmVzb3VyY2VJZCwgZGF0YSk7XG4gIH0gY2F0Y2ggKGUpIHtcbiAgICBjb25zb2xlLmxvZyhlKTtcbiAgICBhd2FpdCByZXNwb25kKCdGQUlMRUQnLCBlLm1lc3NhZ2UgfHwgJ0ludGVybmFsIEVycm9yJywgY29udGV4dC5sb2dTdHJlYW1OYW1lLCB7fSk7XG4gIH1cblxuICBmdW5jdGlvbiByZXNwb25kKHJlc3BvbnNlU3RhdHVzOiBzdHJpbmcsIHJlYXNvbjogc3RyaW5nLCBwaHlzaWNhbFJlc291cmNlSWQ6IHN0cmluZywgZGF0YTogYW55KSB7XG4gICAgY29uc3QgcmVzcG9uc2VCb2R5ID0gSlNPTi5zdHJpbmdpZnkoe1xuICAgICAgU3RhdHVzOiByZXNwb25zZVN0YXR1cyxcbiAgICAgIFJlYXNvbjogcmVhc29uLFxuICAgICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbFJlc291cmNlSWQsXG4gICAgICBTdGFja0lkOiBldmVudC5TdGFja0lkLFxuICAgICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgICBOb0VjaG86IGZhbHNlLFxuICAgICAgRGF0YTogZGF0YSxcbiAgICB9KTtcblxuICAgIGNvbnNvbGUubG9nKCdSZXNwb25kaW5nJywgcmVzcG9uc2VCb2R5KTtcblxuICAgIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tcmVxdWlyZS1pbXBvcnRzXG4gICAgY29uc3QgcGFyc2VkVXJsID0gcmVxdWlyZSgndXJsJykucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICAgIGNvbnN0IHJlcXVlc3RPcHRpb25zID0ge1xuICAgICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICAgIHBhdGg6IHBhcnNlZFVybC5wYXRoLFxuICAgICAgbWV0aG9kOiAnUFVUJyxcbiAgICAgIGhlYWRlcnM6IHsgJ2NvbnRlbnQtdHlwZSc6ICcnLCAnY29udGVudC1sZW5ndGgnOiByZXNwb25zZUJvZHkubGVuZ3RoIH0sXG4gICAgfTtcblxuICAgIHJldHVybiBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgICB0cnkge1xuICAgICAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXJlcXVpcmUtaW1wb3J0c1xuICAgICAgICBjb25zdCByZXF1ZXN0ID0gcmVxdWlyZSgnaHR0cHMnKS5yZXF1ZXN0KHJlcXVlc3RPcHRpb25zLCByZXNvbHZlKTtcbiAgICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgICByZXF1ZXN0LndyaXRlKHJlc3BvbnNlQm9keSk7XG4gICAgICAgIHJlcXVlc3QuZW5kKCk7XG4gICAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgIHJlamVjdChlKTtcbiAgICAgIH1cbiAgICB9KTtcbiAgfVxufVxuXG5mdW5jdGlvbiBkZWNvZGVDYWxsKGNhbGw6IHN0cmluZyB8IHVuZGVmaW5lZCkge1xuICBpZiAoIWNhbGwpIHsgcmV0dXJuIHVuZGVmaW5lZDsgfVxuICByZXR1cm4gSlNPTi5wYXJzZShjYWxsKTtcbn1cblxuZnVuY3Rpb24gc3RhcnRzV2l0aE9uZU9mKHNlYXJjaFN0cmluZ3M6IHN0cmluZ1tdKTogKHN0cmluZzogc3RyaW5nKSA9PiBib29sZWFuIHtcbiAgcmV0dXJuIGZ1bmN0aW9uKHN0cmluZzogc3RyaW5nKTogYm9vbGVhbiB7XG4gICAgZm9yIChjb25zdCBzZWFyY2hTdHJpbmcgb2Ygc2VhcmNoU3RyaW5ncykge1xuICAgICAgaWYgKHN0cmluZy5zdGFydHNXaXRoKHNlYXJjaFN0cmluZykpIHtcbiAgICAgICAgcmV0dXJuIHRydWU7XG4gICAgICB9XG4gICAgfVxuICAgIHJldHVybiBmYWxzZTtcbiAgfTtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.assets.json b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.assets.json index ffb59f08410a2..d81b1fcf638f5 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.assets.json +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.assets.json @@ -1,20 +1,20 @@ { "version": "20.0.0", "files": { - "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90": { + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { "source": { - "path": "asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90.zip", + "objectKey": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "e2171113a71c90af51e1d81ceac438f6d9e02bcc88b94a6a3a91685f4fa3dc59": { + "8f6951ad9bc39810d6e4a8eb249d085b8796a74fce45b0fc13a6fb609c1632ff": { "source": { "path": "aws-cdk-sdk-js.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "e2171113a71c90af51e1d81ceac438f6d9e02bcc88b94a6a3a91685f4fa3dc59.json", + "objectKey": "8f6951ad9bc39810d6e4a8eb249d085b8796a74fce45b0fc13a6fb609c1632ff.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.template.json b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.template.json index 98baeba631c8f..d8691f99cb121 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.template.json +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/aws-cdk-sdk-js.template.json @@ -3,27 +3,6 @@ "TopicBFC7AF6E": { "Type": "AWS::SNS::Topic" }, - "PublishCustomResourcePolicyDF696FCA": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "sns:Publish", - "Effect": "Allow", - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "PublishCustomResourcePolicyDF696FCA", - "Roles": [ - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" - } - ] - } - }, "Publish2E9BDF73": { "Type": "Custom::SNSPublisher", "Properties": { @@ -73,6 +52,27 @@ "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, + "PublishCustomResourcePolicyDF696FCA": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PublishCustomResourcePolicyDF696FCA", + "Roles": [ + { + "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + } + ] + } + }, "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { "Type": "AWS::IAM::Role", "Properties": { @@ -109,7 +109,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "S3Key": { "Fn::Join": [ @@ -122,7 +122,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -135,7 +135,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -159,6 +159,26 @@ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" ] }, + "ListTopicsCE1E0341": { + "Type": "Custom::AWS", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd22872D164C4C", + "Arn" + ] + }, + "Create": "{\"service\":\"SNS\",\"action\":\"listTopics\",\"physicalResourceId\":{\"responsePath\":\"Topics.0.TopicArn\"}}", + "Update": "{\"service\":\"SNS\",\"action\":\"listTopics\",\"physicalResourceId\":{\"responsePath\":\"Topics.0.TopicArn\"}}", + "InstallLatestAwsSdk": true + }, + "DependsOn": [ + "ListTopicsCustomResourcePolicy31A8396A", + "TopicBFC7AF6E" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, "ListTopicsCustomResourcePolicy31A8396A": { "Type": "AWS::IAM::Policy", "Properties": { @@ -183,8 +203,15 @@ "TopicBFC7AF6E" ] }, - "ListTopicsCE1E0341": { - "Type": "Custom::AWS", + "DummyParameter53662B67": { + "Type": "AWS::SSM::Parameter", + "Properties": { + "Type": "String", + "Value": "1337" + } + }, + "GetParameter42B0A00E": { + "Type": "Custom::SSMParameter", "Properties": { "ServiceToken": { "Fn::GetAtt": [ @@ -192,24 +219,38 @@ "Arn" ] }, - "Create": "{\"service\":\"SNS\",\"action\":\"listTopics\",\"physicalResourceId\":{\"responsePath\":\"Topics.0.TopicArn\"}}", - "Update": "{\"service\":\"SNS\",\"action\":\"listTopics\",\"physicalResourceId\":{\"responsePath\":\"Topics.0.TopicArn\"}}", + "Create": { + "Fn::Join": [ + "", + [ + "{\"service\":\"SSM\",\"action\":\"getParameter\",\"parameters\":{\"Name\":\"", + { + "Ref": "DummyParameter53662B67" + }, + "\",\"WithDecryption\":true},\"physicalResourceId\":{\"responsePath\":\"Parameter.ARN\"}}" + ] + ] + }, + "Update": { + "Fn::Join": [ + "", + [ + "{\"service\":\"SSM\",\"action\":\"getParameter\",\"parameters\":{\"Name\":\"", + { + "Ref": "DummyParameter53662B67" + }, + "\",\"WithDecryption\":true},\"physicalResourceId\":{\"responsePath\":\"Parameter.ARN\"}}" + ] + ] + }, "InstallLatestAwsSdk": true }, "DependsOn": [ - "ListTopicsCustomResourcePolicy31A8396A", - "TopicBFC7AF6E" + "GetParameterCustomResourcePolicyD8E5D455" ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "DummyParameter53662B67": { - "Type": "AWS::SSM::Parameter", - "Properties": { - "Type": "String", - "Value": "1337" - } - }, "GetParameterCustomResourcePolicyD8E5D455": { "Type": "AWS::IAM::Policy", "Properties": { @@ -231,7 +272,45 @@ ] } }, - "GetParameter42B0A00E": { + "CustomRole6D8E6809": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "CustomRoleDefaultPolicyC5C189DF": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "ssm:*", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "CustomRoleDefaultPolicyC5C189DF", + "Roles": [ + { + "Ref": "CustomRole6D8E6809" + } + ] + } + }, + "GetParameterNoPolicyFCF7AA3B": { "Type": "Custom::SSMParameter", "Properties": { "ServiceToken": { @@ -266,25 +345,22 @@ }, "InstallLatestAwsSdk": true }, - "DependsOn": [ - "GetParameterCustomResourcePolicyD8E5D455" - ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" } }, "Parameters": { - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A": { "Type": "String", - "Description": "S3 bucket for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 bucket for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5": { "Type": "String", - "Description": "S3 key for asset version \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "S3 key for asset version \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" }, - "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285": { + "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC": { "Type": "String", - "Description": "Artifact hash for asset \"9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90\"" + "Description": "Artifact hash for asset \"105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286\"" } }, "Outputs": { @@ -311,6 +387,14 @@ "Parameter.Value" ] } + }, + "ParameterValueNoPolicy": { + "Value": { + "Fn::GetAtt": [ + "GetParameterNoPolicyFCF7AA3B", + "Parameter.Value" + ] + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/manifest.json b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/manifest.json index c5a56ddc547b9..dd06cbabe10bc 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/manifest.json @@ -19,13 +19,13 @@ { "type": "aws:cdk:asset", "data": { - "path": "asset.9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "path": "asset.105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "packaging": "zip", - "sourceHash": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "s3BucketParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F", - "s3KeyParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058", - "artifactHashParameter": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "sourceHash": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "s3BucketParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A", + "s3KeyParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5", + "artifactHashParameter": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } } ], @@ -35,16 +35,16 @@ "data": "TopicBFC7AF6E" } ], - "/aws-cdk-sdk-js/Publish/CustomResourcePolicy/Resource": [ + "/aws-cdk-sdk-js/Publish/Resource/Default": [ { "type": "aws:cdk:logicalId", - "data": "PublishCustomResourcePolicyDF696FCA" + "data": "Publish2E9BDF73" } ], - "/aws-cdk-sdk-js/Publish/Resource/Default": [ + "/aws-cdk-sdk-js/Publish/CustomResourcePolicy/Resource": [ { "type": "aws:cdk:logicalId", - "data": "Publish2E9BDF73" + "data": "PublishCustomResourcePolicyDF696FCA" } ], "/aws-cdk-sdk-js/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole/Resource": [ @@ -59,34 +59,34 @@ "data": "AWS679f53fac002430cb0da5b7982bd22872D164C4C" } ], - "/aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket": [ + "/aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" } ], - "/aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey": [ + "/aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ], - "/aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash": [ + "/aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash": [ { "type": "aws:cdk:logicalId", - "data": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285" + "data": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286ArtifactHashC17A8FEC" } ], - "/aws-cdk-sdk-js/ListTopics/CustomResourcePolicy/Resource": [ + "/aws-cdk-sdk-js/ListTopics/Resource/Default": [ { "type": "aws:cdk:logicalId", - "data": "ListTopicsCustomResourcePolicy31A8396A" + "data": "ListTopicsCE1E0341" } ], - "/aws-cdk-sdk-js/ListTopics/Resource/Default": [ + "/aws-cdk-sdk-js/ListTopics/CustomResourcePolicy/Resource": [ { "type": "aws:cdk:logicalId", - "data": "ListTopicsCE1E0341" + "data": "ListTopicsCustomResourcePolicy31A8396A" } ], "/aws-cdk-sdk-js/DummyParameter/Resource": [ @@ -95,16 +95,34 @@ "data": "DummyParameter53662B67" } ], + "/aws-cdk-sdk-js/GetParameter/Resource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "GetParameter42B0A00E" + } + ], "/aws-cdk-sdk-js/GetParameter/CustomResourcePolicy/Resource": [ { "type": "aws:cdk:logicalId", "data": "GetParameterCustomResourcePolicyD8E5D455" } ], - "/aws-cdk-sdk-js/GetParameter/Resource/Default": [ + "/aws-cdk-sdk-js/CustomRole/Resource": [ { "type": "aws:cdk:logicalId", - "data": "GetParameter42B0A00E" + "data": "CustomRole6D8E6809" + } + ], + "/aws-cdk-sdk-js/CustomRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "CustomRoleDefaultPolicyC5C189DF" + } + ], + "/aws-cdk-sdk-js/GetParameterNoPolicy/Resource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "GetParameterNoPolicyFCF7AA3B" } ], "/aws-cdk-sdk-js/MessageId": [ @@ -124,6 +142,12 @@ "type": "aws:cdk:logicalId", "data": "ParameterValue" } + ], + "/aws-cdk-sdk-js/ParameterValueNoPolicy": [ + { + "type": "aws:cdk:logicalId", + "data": "ParameterValueNoPolicy" + } ] }, "displayName": "aws-cdk-sdk-js" diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/tree.json b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/tree.json index dc7d86c8bcd63..2de9ed7cf62af 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/tree.json +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "aws-cdk-sdk-js": { @@ -50,6 +50,24 @@ "version": "0.0.0" } }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-sdk-js/Publish/Resource", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-sdk-js/Publish/Resource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, "CustomResourcePolicy": { "id": "CustomResourcePolicy", "path": "aws-cdk-sdk-js/Publish/CustomResourcePolicy", @@ -88,24 +106,6 @@ "fqn": "@aws-cdk/aws-iam.Policy", "version": "0.0.0" } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-sdk-js/Publish/Resource", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-sdk-js/Publish/Resource/Default", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.CustomResource", - "version": "0.0.0" - } } }, "constructInfo": { @@ -200,7 +200,7 @@ "aws:cdk:cloudformation:props": { "code": { "s3Bucket": { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3BucketC526447A" }, "s3Key": { "Fn::Join": [ @@ -213,7 +213,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -226,7 +226,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058" + "Ref": "AssetParameters105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286S3VersionKey237620B5" } ] } @@ -262,13 +262,13 @@ "id": "AssetParameters", "path": "aws-cdk-sdk-js/AssetParameters", "children": { - "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90": { - "id": "9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", - "path": "aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90", + "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286": { + "id": "105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", + "path": "aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286", "children": { "S3Bucket": { "id": "S3Bucket", - "path": "aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3Bucket", + "path": "aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3Bucket", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -276,7 +276,7 @@ }, "S3VersionKey": { "id": "S3VersionKey", - "path": "aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/S3VersionKey", + "path": "aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/S3VersionKey", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -284,7 +284,7 @@ }, "ArtifactHash": { "id": "ArtifactHash", - "path": "aws-cdk-sdk-js/AssetParameters/9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90/ArtifactHash", + "path": "aws-cdk-sdk-js/AssetParameters/105b4f39ae68785e705640aa91919e412fcba2dd454aca53412747be8d955286/ArtifactHash", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -293,13 +293,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.0.9" + "version": "10.1.33" } }, "ListTopics": { @@ -314,6 +314,24 @@ "version": "0.0.0" } }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-sdk-js/ListTopics/Resource", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-sdk-js/ListTopics/Resource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, "CustomResourcePolicy": { "id": "CustomResourcePolicy", "path": "aws-cdk-sdk-js/ListTopics/CustomResourcePolicy", @@ -352,24 +370,6 @@ "fqn": "@aws-cdk/aws-iam.Policy", "version": "0.0.0" } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-sdk-js/ListTopics/Resource", - "children": { - "Default": { - "id": "Default", - "path": "aws-cdk-sdk-js/ListTopics/Resource/Default", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnResource", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.CustomResource", - "version": "0.0.0" - } } }, "constructInfo": { @@ -414,6 +414,24 @@ "version": "0.0.0" } }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-sdk-js/GetParameter/Resource", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-sdk-js/GetParameter/Resource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + }, "CustomResourcePolicy": { "id": "CustomResourcePolicy", "path": "aws-cdk-sdk-js/GetParameter/CustomResourcePolicy", @@ -452,14 +470,106 @@ "fqn": "@aws-cdk/aws-iam.Policy", "version": "0.0.0" } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/custom-resources.AwsCustomResource", + "version": "0.0.0" + } + }, + "CustomRole": { + "id": "CustomRole", + "path": "aws-cdk-sdk-js/CustomRole", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-sdk-js/CustomRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-sdk-js/CustomRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-sdk-js/CustomRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "ssm:*", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "CustomRoleDefaultPolicyC5C189DF", + "roles": [ + { + "Ref": "CustomRole6D8E6809" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "GetParameterNoPolicy": { + "id": "GetParameterNoPolicy", + "path": "aws-cdk-sdk-js/GetParameterNoPolicy", + "children": { + "Provider": { + "id": "Provider", + "path": "aws-cdk-sdk-js/GetParameterNoPolicy/Provider", + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.SingletonFunction", + "version": "0.0.0" + } }, "Resource": { "id": "Resource", - "path": "aws-cdk-sdk-js/GetParameter/Resource", + "path": "aws-cdk-sdk-js/GetParameterNoPolicy/Resource", "children": { "Default": { "id": "Default", - "path": "aws-cdk-sdk-js/GetParameter/Resource/Default", + "path": "aws-cdk-sdk-js/GetParameterNoPolicy/Resource/Default", "constructInfo": { "fqn": "@aws-cdk/core.CfnResource", "version": "0.0.0" @@ -500,6 +610,14 @@ "fqn": "@aws-cdk/core.CfnOutput", "version": "0.0.0" } + }, + "ParameterValueNoPolicy": { + "id": "ParameterValueNoPolicy", + "path": "aws-cdk-sdk-js/ParameterValueNoPolicy", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.test.ts b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.test.ts index c3df398f6f5dd..4d4d3cd749e13 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.test.ts +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource.test.ts @@ -742,4 +742,38 @@ test('assumedRoleArn adds statement for sts:assumeRole', () => { Version: '2012-10-17', }, }); -}); \ No newline at end of file +}); + +test('fails when at least one of policy or role is not specified', () => { + const stack = new cdk.Stack(); + expect(() => new AwsCustomResource(stack, 'AwsSdk', { + onUpdate: { + service: 'service', + action: 'action', + physicalResourceId: PhysicalResourceId.of('id'), + parameters: { + param: 'param', + }, + }, + })).toThrow(/`policy`.+`role`/); +}); + +test('can provide no policy if using existing role', () => { + // GIVEN + const stack = new cdk.Stack(); + const role = iam.Role.fromRoleArn(stack, 'Role', 'arn:aws:iam::123456789012:role/CoolRole'); + + // WHEN + new AwsCustomResource(stack, 'AwsSdk', { + onCreate: { + service: 'service', + action: 'action', + physicalResourceId: PhysicalResourceId.of('id'), + }, + role, + }); + + // THEN + Template.fromStack(stack).resourceCountIs('AWS::IAM::Role', 0); + Template.fromStack(stack).resourceCountIs('AWS::IAM::Policy', 0); +}); diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/integ.aws-custom-resource.ts b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/integ.aws-custom-resource.ts index 08b4b578d6ca5..58ee0bbae8172 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/integ.aws-custom-resource.ts +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/integ.aws-custom-resource.ts @@ -1,5 +1,6 @@ #!/usr/bin/env node /// !cdk-integ pragma:ignore-assets +import * as iam from '@aws-cdk/aws-iam'; import * as sns from '@aws-cdk/aws-sns'; import * as ssm from '@aws-cdk/aws-ssm'; import * as cdk from '@aws-cdk/core'; @@ -52,8 +53,35 @@ const getParameter = new AwsCustomResource(stack, 'GetParameter', { policy: AwsCustomResourcePolicy.fromSdkCalls({ resources: AwsCustomResourcePolicy.ANY_RESOURCE }), }); +const customRole = new iam.Role(stack, 'CustomRole', { + assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), +}); +customRole.addToPolicy( + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + resources: ['*'], + actions: [ + 'ssm:*', + ], + }), +); +const getParameterNoPolicy = new AwsCustomResource(stack, 'GetParameterNoPolicy', { + resourceType: 'Custom::SSMParameter', + onUpdate: { + service: 'SSM', + action: 'getParameter', + parameters: { + Name: ssmParameter.parameterName, + WithDecryption: true, + }, + physicalResourceId: PhysicalResourceId.fromResponse('Parameter.ARN'), + }, + role: customRole, +}); + new cdk.CfnOutput(stack, 'MessageId', { value: snsPublish.getResponseField('MessageId') }); new cdk.CfnOutput(stack, 'TopicArn', { value: listTopics.getResponseField('Topics.0.TopicArn') }); new cdk.CfnOutput(stack, 'ParameterValue', { value: getParameter.getResponseField('Parameter.Value') }); +new cdk.CfnOutput(stack, 'ParameterValueNoPolicy', { value: getParameterNoPolicy.getResponseField('Parameter.Value') }); app.synth(); diff --git a/packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES b/packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES index 5f824dd6fb769..c00f4f83b62f7 100644 --- a/packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES +++ b/packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES @@ -156,7 +156,7 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE ---------------- -** aws-sdk@2.1182.0 - https://www.npmjs.com/package/aws-sdk/v/2.1182.0 | Apache-2.0 +** aws-sdk@2.1187.0 - https://www.npmjs.com/package/aws-sdk/v/2.1187.0 | Apache-2.0 AWS SDK for JavaScript Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index e30ab10b8d5d3..446970a08c213 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -57,7 +57,7 @@ "@aws-cdk/pkglint": "0.0.0", "@types/fs-extra": "^8.1.2", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/workerpool": "^6.1.0", "@types/yargs": "^15.0.14", "jest": "^27.5.1" diff --git a/packages/@aws-cdk/integ-tests/package.json b/packages/@aws-cdk/integ-tests/package.json index 193e7042faf0d..9c57b9e58015f 100644 --- a/packages/@aws-cdk/integ-tests/package.json +++ b/packages/@aws-cdk/integ-tests/package.json @@ -67,7 +67,7 @@ "@aws-cdk/pkglint": "0.0.0", "@types/fs-extra": "^8.1.2", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "jest": "^27.5.1", "nock": "^13.2.9", "aws-sdk-mock": "5.6.0", diff --git a/packages/@aws-cdk/lambda-layer-awscli/layer/requirements.txt b/packages/@aws-cdk/lambda-layer-awscli/layer/requirements.txt index 2269eddadc76c..8dbb2659e19b1 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/layer/requirements.txt +++ b/packages/@aws-cdk/lambda-layer-awscli/layer/requirements.txt @@ -1 +1 @@ -awscli==1.25.36 +awscli==1.25.42 diff --git a/packages/@aws-cdk/pipelines/README.md b/packages/@aws-cdk/pipelines/README.md index f01d2edc840dc..7680f5437e982 100644 --- a/packages/@aws-cdk/pipelines/README.md +++ b/packages/@aws-cdk/pipelines/README.md @@ -835,6 +835,34 @@ class MyJenkinsStep extends pipelines.Step implements pipelines.ICodePipelineAct } ``` +### Using an existing AWS Codepipeline + +If you wish to use an existing `CodePipeline.Pipeline` while using the modern API's +methods and classes, you can pass in the existing `CodePipeline.Pipeline` to be built upon +instead of having the `pipelines.CodePipeline` construct create a new `CodePipeline.Pipeline`. +This also gives you more direct control over the underlying `CodePipeline.Pipeline` construct +if the way the modern API creates it doesn't allow for desired configurations. + +Here's an example of passing in an existing pipeline: + +```ts +declare const codePipeline: codepipeline.Pipeline; + +const pipeline = new pipelines.CodePipeline(this, 'Pipeline', { + synth: new pipelines.ShellStep('Synth', { + input: pipelines.CodePipelineSource.connection('my-org/my-app', 'main', { + connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', // Created using the AWS console * });', + }), + commands: ['npm ci','npm run build','npx cdk synth'], + }), + codePipeline: codePipeline, +}); +``` + +Note that if you provide an existing pipeline, you cannot provide values for +`pipelineName`, `crossAccountKeys`, `reuseCrossRegionSupportStacks`, or `role` +because those values are passed in directly to the underlying `codepipeline.Pipeline`. + ## Using Docker in the pipeline Docker can be used in 3 different places in the pipeline: diff --git a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts index 6b3dc3ff6d311..8d06e9bb1fa80 100644 --- a/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts +++ b/packages/@aws-cdk/pipelines/lib/codepipeline/codepipeline.ts @@ -207,6 +207,13 @@ export interface CodePipelineProps { * @default - true (Use the same support stack for all pipelines in App) */ readonly reuseCrossRegionSupportStacks?: boolean; + + /** + * The IAM role to be assumed by this Pipeline + * + * @default - A new role is created + */ + readonly role?: iam.IRole; } /** @@ -362,6 +369,9 @@ export class CodePipeline extends PipelineBase { if (this.props.reuseCrossRegionSupportStacks !== undefined) { throw new Error('Cannot set \'reuseCrossRegionSupportStacks\' if an existing CodePipeline is given using \'codePipeline\''); } + if (this.props.role !== undefined) { + throw new Error('Cannot set \'role\' if an existing CodePipeline is given using \'codePipeline\''); + } this._pipeline = this.props.codePipeline; } else { @@ -372,6 +382,7 @@ export class CodePipeline extends PipelineBase { // This is necessary to make self-mutation work (deployments are guaranteed // to happen only after the builds of the latest pipeline definition). restartExecutionOnUpdate: true, + role: this.props.role, }); } diff --git a/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts b/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts index 38aaa04abf802..f40222904346c 100644 --- a/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts +++ b/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts @@ -77,6 +77,7 @@ export class ApplicationSecurityCheck extends Construct { 'aws lambda invoke' + ` --function-name ${this.preApproveLambda.functionName}` + ' --invocation-type Event' + + ' --cli-binary-format raw-in-base64-out' + ' --payload "$payload"' + ' lambda.out'; diff --git a/packages/@aws-cdk/pipelines/package.json b/packages/@aws-cdk/pipelines/package.json index 0cb4789b7ab6f..8737aaf3b2008 100644 --- a/packages/@aws-cdk/pipelines/package.json +++ b/packages/@aws-cdk/pipelines/package.json @@ -47,6 +47,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", diff --git a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts index 8a6efac975888..5cc67f6debb7c 100644 --- a/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts +++ b/packages/@aws-cdk/pipelines/test/codepipeline/codepipeline.test.ts @@ -1,10 +1,13 @@ import { Template, Annotations, Match } from '@aws-cdk/assertions'; import * as ccommit from '@aws-cdk/aws-codecommit'; import { Pipeline } from '@aws-cdk/aws-codepipeline'; +import * as iam from '@aws-cdk/aws-iam'; import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; +import { Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import * as cdkp from '../../lib'; +import { CodePipeline } from '../../lib'; import { PIPELINE_ENV, TestApp, ModernTestGitHubNpmPipeline, FileAssetApp } from '../testhelpers'; let app: TestApp; @@ -88,6 +91,15 @@ describe('Providing codePipeline parameter and prop(s) of codePipeline parameter reuseCrossRegionSupportStacks: true, }).create()).toThrowError('Cannot set \'reuseCrossRegionSupportStacks\' if an existing CodePipeline is given using \'codePipeline\''); }); + test('Providing codePipeline parameter and role parameter should throw error', () => { + const stack = new Stack(app, 'Stack'); + + expect(() => new CodePipelinePropsCheckTest(stack, 'CodePipeline', { + role: new iam.Role(stack, 'Role', { + assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com'), + }), + }).create()).toThrowError('Cannot set \'role\' if an existing CodePipeline is given using \'codePipeline\''); + }); }); test('Policy sizes do not exceed the maximum size', () => { @@ -180,6 +192,51 @@ test('CodeBuild action role has the right AssumeRolePolicyDocument', () => { }); }); +test('CodePipeline supports use of existing role', () => { + const pipelineStack = new cdk.Stack(app, 'PipelineStack', { env: PIPELINE_ENV }); + const repo = new ccommit.Repository(pipelineStack, 'Repo', { + repositoryName: 'MyRepo', + }); + const cdkInput = cdkp.CodePipelineSource.codeCommit( + repo, + 'main', + ); + + new CodePipeline(pipelineStack, 'Pipeline', { + synth: new cdkp.ShellStep('Synth', { + input: cdkInput, + installCommands: ['npm ci'], + commands: [ + 'npm run build', + 'npx cdk synth', + ], + }), + role: new iam.Role(pipelineStack, 'CustomRole', { + assumedBy: new iam.ServicePrincipal('codepipeline.amazonaws.com'), + roleName: 'MyCustomPipelineRole', + }), + }); + + const template = Template.fromStack(pipelineStack); + template.hasResourceProperties('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'codepipeline.amazonaws.com', + }, + }, + ], + }, + RoleName: 'MyCustomPipelineRole', + }); + template.hasResourceProperties('AWS::CodePipeline::Pipeline', { + RoleArn: { 'Fn::GetAtt': ['CustomRole6D8E6809', 'Arn'] }, + }); +}); + interface ReuseCodePipelineStackProps extends cdk.StackProps { reuseCrossRegionSupportStacks?: boolean; } @@ -241,6 +298,7 @@ interface CodePipelineStackProps extends cdk.StackProps { pipelineName?: string; crossAccountKeys?: boolean; reuseCrossRegionSupportStacks?: boolean; + role?: iam.IRole; } class CodePipelinePropsCheckTest extends cdk.Stack { @@ -271,5 +329,12 @@ class CodePipelinePropsCheckTest extends cdk.Stack { synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), }).buildPipeline(); } + if (this.cProps.role !== undefined) { + new cdkp.CodePipeline(this, 'CodePipeline4', { + role: this.cProps.role, + codePipeline: new Pipeline(this, 'Pipline4'), + synth: new cdkp.ShellStep('Synth', { commands: ['ls'] }), + }).buildPipeline(); + } } } diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts index 2bcf8654368c1..736e984569577 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts @@ -5,7 +5,8 @@ import * as iam from '@aws-cdk/aws-iam'; import * as s3 from '@aws-cdk/aws-s3'; import * as sns from '@aws-cdk/aws-sns'; import * as subscriptions from '@aws-cdk/aws-sns-subscriptions'; -import { App, RemovalPolicy, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core'; +import { App, DefaultStackSynthesizer, RemovalPolicy, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; import { Construct } from 'constructs'; import * as cdkp from '../lib'; @@ -13,6 +14,7 @@ class MyStage extends Stage { constructor(scope: Construct, id: string, props?: StageProps) { super(scope, id, props); const stack = new Stack(this, 'MyStack', { + synthesizer: new DefaultStackSynthesizer(), }); const topic = new sns.Topic(stack, 'Topic'); topic.grantPublish(new iam.AccountPrincipal(stack.account)); @@ -23,6 +25,7 @@ class MySafeStage extends Stage { constructor(scope: Construct, id: string, props?: StageProps) { super(scope, id, props); const stack = new Stack(this, 'MySafeStack', { + synthesizer: new DefaultStackSynthesizer(), }); new sns.Topic(stack, 'MySafeTopic'); } @@ -98,5 +101,12 @@ const app = new App({ '@aws-cdk/core:newStyleStackSynthesis': 'true', }, }); -new TestCdkStack(app, 'PipelineSecurityStack'); +const stack = new TestCdkStack(app, 'PipelineSecurityStack', { + synthesizer: new DefaultStackSynthesizer(), +}); + +new integ.IntegTest(app, 'PipelineSecurityTest', { + testCases: [stack], +}); + app.synth(); diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.assets.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.assets.json index 63fc4ae8d98f1..af0cfd4ae145f 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.assets.json +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.assets.json @@ -27,7 +27,7 @@ } } }, - "ff8909e2b3e01298b53c87d97e8e745b4f0b2e4b6d29d5680c44e5da87a207a4": { + "db81913e08aad04a7b47fcf422f74cb3e791e1d9aba3a1d6f6c6b0b8b40b8f34": { "source": { "path": "PipelineSecurityStack.template.json", "packaging": "file" @@ -35,7 +35,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ff8909e2b3e01298b53c87d97e8e745b4f0b2e4b6d29d5680c44e5da87a207a4.json", + "objectKey": "db81913e08aad04a7b47fcf422f74cb3e791e1d9aba3a1d6f6c6b0b8b40b8f34.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.template.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.template.json index 532053325229d..56ef2b0ff02bb 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.template.json +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityStack.template.json @@ -2623,7 +2623,7 @@ { "Ref": "TestPipelinePipelineApplicationSecurityCheckCDKPipelinesAutoApprove1EE0AA81" }, - " --invocation-type Event --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" + " --invocation-type Event --cli-binary-format raw-in-base64-out --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" ] ] }, @@ -2967,7 +2967,7 @@ { "Ref": "UnattachedStageStageApplicationSecurityCheckCDKPipelinesAutoApprove249F82F9" }, - " --invocation-type Event --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" + " --invocation-type Event --cli-binary-format raw-in-base64-out --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" ] ] }, diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityTestDefaultTestDeployAssertEE246BCA.template.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityTestDefaultTestDeployAssertEE246BCA.template.json new file mode 100644 index 0000000000000..9e26dfeeb6e64 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/PipelineSecurityTestDefaultTestDeployAssertEE246BCA.template.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js new file mode 100644 index 0000000000000..9df94382cc74e --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/__entrypoint__.js @@ -0,0 +1,118 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = exports.external = void 0; +const https = require("https"); +const url = require("url"); +// for unit tests +exports.external = { + sendHttpRequest: defaultSendHttpRequest, + log: defaultLog, + includeStackTraces: true, + userHandlerIndex: './index', +}; +const CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; +const MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; +async function handler(event, context) { + const sanitizedEvent = { ...event, ResponseURL: '...' }; + exports.external.log(JSON.stringify(sanitizedEvent, undefined, 2)); + // ignore DELETE event when the physical resource ID is the marker that + // indicates that this DELETE is a subsequent DELETE to a failed CREATE + // operation. + if (event.RequestType === 'Delete' && event.PhysicalResourceId === CREATE_FAILED_PHYSICAL_ID_MARKER) { + exports.external.log('ignoring DELETE event caused by a failed CREATE event'); + await submitResponse('SUCCESS', event); + return; + } + try { + // invoke the user handler. this is intentionally inside the try-catch to + // ensure that if there is an error it's reported as a failure to + // cloudformation (otherwise cfn waits). + // eslint-disable-next-line @typescript-eslint/no-require-imports + const userHandler = require(exports.external.userHandlerIndex).handler; + const result = await userHandler(sanitizedEvent, context); + // validate user response and create the combined event + const responseEvent = renderResponse(event, result); + // submit to cfn as success + await submitResponse('SUCCESS', responseEvent); + } + catch (e) { + const resp = { + ...event, + Reason: exports.external.includeStackTraces ? e.stack : e.message, + }; + if (!resp.PhysicalResourceId) { + // special case: if CREATE fails, which usually implies, we usually don't + // have a physical resource id. in this case, the subsequent DELETE + // operation does not have any meaning, and will likely fail as well. to + // address this, we use a marker so the provider framework can simply + // ignore the subsequent DELETE. + if (event.RequestType === 'Create') { + exports.external.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); + resp.PhysicalResourceId = CREATE_FAILED_PHYSICAL_ID_MARKER; + } + else { + // otherwise, if PhysicalResourceId is not specified, something is + // terribly wrong because all other events should have an ID. + exports.external.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify(event)}`); + } + } + // this is an actual error, fail the activity altogether and exist. + await submitResponse('FAILED', resp); + } +} +exports.handler = handler; +function renderResponse(cfnRequest, handlerResponse = {}) { + // if physical ID is not returned, we have some defaults for you based + // on the request type. + const physicalResourceId = handlerResponse.PhysicalResourceId ?? cfnRequest.PhysicalResourceId ?? cfnRequest.RequestId; + // if we are in DELETE and physical ID was changed, it's an error. + if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${handlerResponse.PhysicalResourceId}" during deletion`); + } + // merge request event and result event (result prevails). + return { + ...cfnRequest, + ...handlerResponse, + PhysicalResourceId: physicalResourceId, + }; +} +async function submitResponse(status, event) { + const json = { + Status: status, + Reason: event.Reason ?? status, + StackId: event.StackId, + RequestId: event.RequestId, + PhysicalResourceId: event.PhysicalResourceId || MISSING_PHYSICAL_ID_MARKER, + LogicalResourceId: event.LogicalResourceId, + NoEcho: event.NoEcho, + Data: event.Data, + }; + exports.external.log('submit response to cloudformation', json); + const responseBody = JSON.stringify(json); + const parsedUrl = url.parse(event.ResponseURL); + const req = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { 'content-type': '', 'content-length': responseBody.length }, + }; + await exports.external.sendHttpRequest(req, responseBody); +} +async function defaultSendHttpRequest(options, responseBody) { + return new Promise((resolve, reject) => { + try { + const request = https.request(options, _ => resolve()); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); +} +function defaultLog(fmt, ...params) { + // eslint-disable-next-line no-console + console.log(fmt, ...params); +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9kZWpzLWVudHJ5cG9pbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJub2RlanMtZW50cnlwb2ludC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBRTNCLGlCQUFpQjtBQUNKLFFBQUEsUUFBUSxHQUFHO0lBQ3RCLGVBQWUsRUFBRSxzQkFBc0I7SUFDdkMsR0FBRyxFQUFFLFVBQVU7SUFDZixrQkFBa0IsRUFBRSxJQUFJO0lBQ3hCLGdCQUFnQixFQUFFLFNBQVM7Q0FDNUIsQ0FBQztBQUVGLE1BQU0sZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDbEcsTUFBTSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQVczRixLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQWtELEVBQUUsT0FBMEI7SUFDMUcsTUFBTSxjQUFjLEdBQUcsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUM7SUFDeEQsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFM0QsdUVBQXVFO0lBQ3ZFLHVFQUF1RTtJQUN2RSxhQUFhO0lBQ2IsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxLQUFLLENBQUMsa0JBQWtCLEtBQUssZ0NBQWdDLEVBQUU7UUFDbkcsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUN0RSxNQUFNLGNBQWMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO0lBRUQsSUFBSTtRQUNGLHlFQUF5RTtRQUN6RSxpRUFBaUU7UUFDakUsd0NBQXdDO1FBQ3hDLGlFQUFpRTtRQUNqRSxNQUFNLFdBQVcsR0FBWSxPQUFPLENBQUMsZ0JBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLFdBQVcsQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFMUQsdURBQXVEO1FBQ3ZELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFcEQsMkJBQTJCO1FBQzNCLE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztLQUNoRDtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxJQUFJLEdBQWE7WUFDckIsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLGdCQUFRLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPO1NBQzFELENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLHlFQUF5RTtZQUN6RSxtRUFBbUU7WUFDbkUsd0VBQXdFO1lBQ3hFLHFFQUFxRTtZQUNyRSxnQ0FBZ0M7WUFDaEMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtnQkFDbEMsZ0JBQVEsQ0FBQyxHQUFHLENBQUMsNEdBQTRHLENBQUMsQ0FBQztnQkFDM0gsSUFBSSxDQUFDLGtCQUFrQixHQUFHLGdDQUFnQyxDQUFDO2FBQzVEO2lCQUFNO2dCQUNMLGtFQUFrRTtnQkFDbEUsNkRBQTZEO2dCQUM3RCxnQkFBUSxDQUFDLEdBQUcsQ0FBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDcEc7U0FDRjtRQUVELG1FQUFtRTtRQUNuRSxNQUFNLGNBQWMsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDdEM7QUFDSCxDQUFDO0FBbkRELDBCQW1EQztBQUVELFNBQVMsY0FBYyxDQUNyQixVQUF5RixFQUN6RixrQkFBMEMsRUFBRztJQUU3QyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsZUFBZSxDQUFDLGtCQUFrQixJQUFJLFVBQVUsQ0FBQyxrQkFBa0IsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDO0lBRXZILGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRTtRQUMvRixNQUFNLElBQUksS0FBSyxDQUFDLHdEQUF3RCxVQUFVLENBQUMsa0JBQWtCLFNBQVMsZUFBZSxDQUFDLGtCQUFrQixtQkFBbUIsQ0FBQyxDQUFDO0tBQ3RLO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGVBQWU7UUFDbEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWU7SUFDekUsTUFBTSxJQUFJLEdBQW1EO1FBQzNELE1BQU0sRUFBRSxNQUFNO1FBQ2QsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLElBQUksTUFBTTtRQUM5QixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87UUFDdEIsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1FBQzFCLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSwwQkFBMEI7UUFDMUUsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtRQUMxQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07UUFDcEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO0tBQ2pCLENBQUM7SUFFRixnQkFBUSxDQUFDLEdBQUcsQ0FBQyxtQ0FBbUMsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUV4RCxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzFDLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLE1BQU0sR0FBRyxHQUFHO1FBQ1YsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1FBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtRQUNwQixNQUFNLEVBQUUsS0FBSztRQUNiLE9BQU8sRUFBRSxFQUFFLGNBQWMsRUFBRSxFQUFFLEVBQUUsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU0sRUFBRTtLQUN2RSxDQUFDO0lBRUYsTUFBTSxnQkFBUSxDQUFDLGVBQWUsQ0FBQyxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDcEQsQ0FBQztBQUVELEtBQUssVUFBVSxzQkFBc0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ3ZGLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RCxPQUFPLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztZQUM1QixPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxHQUFHLEVBQUUsQ0FBQztTQUNmO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDWDtJQUNILENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELFNBQVMsVUFBVSxDQUFDLEdBQVcsRUFBRSxHQUFHLE1BQWE7SUFDL0Msc0NBQXNDO0lBQ3RDLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEdBQUcsTUFBTSxDQUFDLENBQUM7QUFDOUIsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGh0dHBzIGZyb20gJ2h0dHBzJztcbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuXG4vLyBmb3IgdW5pdCB0ZXN0c1xuZXhwb3J0IGNvbnN0IGV4dGVybmFsID0ge1xuICBzZW5kSHR0cFJlcXVlc3Q6IGRlZmF1bHRTZW5kSHR0cFJlcXVlc3QsXG4gIGxvZzogZGVmYXVsdExvZyxcbiAgaW5jbHVkZVN0YWNrVHJhY2VzOiB0cnVlLFxuICB1c2VySGFuZGxlckluZGV4OiAnLi9pbmRleCcsXG59O1xuXG5jb25zdCBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6OkNSRUFURV9GQUlMRUQnO1xuY29uc3QgTUlTU0lOR19QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpNSVNTSU5HX1BIWVNJQ0FMX0lEJztcblxuZXhwb3J0IHR5cGUgUmVzcG9uc2UgPSBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50ICYgSGFuZGxlclJlc3BvbnNlO1xuZXhwb3J0IHR5cGUgSGFuZGxlciA9IChldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgY29udGV4dDogQVdTTGFtYmRhLkNvbnRleHQpID0+IFByb21pc2U8SGFuZGxlclJlc3BvbnNlIHwgdm9pZD47XG5leHBvcnQgdHlwZSBIYW5kbGVyUmVzcG9uc2UgPSB1bmRlZmluZWQgfCB7XG4gIERhdGE/OiBhbnk7XG4gIFBoeXNpY2FsUmVzb3VyY2VJZD86IHN0cmluZztcbiAgUmVhc29uPzogc3RyaW5nO1xuICBOb0VjaG8/OiBib29sZWFuO1xufTtcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIGNvbnRleHQ6IEFXU0xhbWJkYS5Db250ZXh0KSB7XG4gIGNvbnN0IHNhbml0aXplZEV2ZW50ID0geyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH07XG4gIGV4dGVybmFsLmxvZyhKU09OLnN0cmluZ2lmeShzYW5pdGl6ZWRFdmVudCwgdW5kZWZpbmVkLCAyKSk7XG5cbiAgLy8gaWdub3JlIERFTEVURSBldmVudCB3aGVuIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBpcyB0aGUgbWFya2VyIHRoYXRcbiAgLy8gaW5kaWNhdGVzIHRoYXQgdGhpcyBERUxFVEUgaXMgYSBzdWJzZXF1ZW50IERFTEVURSB0byBhIGZhaWxlZCBDUkVBVEVcbiAgLy8gb3BlcmF0aW9uLlxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9PT0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIpIHtcbiAgICBleHRlcm5hbC5sb2coJ2lnbm9yaW5nIERFTEVURSBldmVudCBjYXVzZWQgYnkgYSBmYWlsZWQgQ1JFQVRFIGV2ZW50Jyk7XG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgcmV0dXJuO1xuICB9XG5cbiAgdHJ5IHtcbiAgICAvLyBpbnZva2UgdGhlIHVzZXIgaGFuZGxlci4gdGhpcyBpcyBpbnRlbnRpb25hbGx5IGluc2lkZSB0aGUgdHJ5LWNhdGNoIHRvXG4gICAgLy8gZW5zdXJlIHRoYXQgaWYgdGhlcmUgaXMgYW4gZXJyb3IgaXQncyByZXBvcnRlZCBhcyBhIGZhaWx1cmUgdG9cbiAgICAvLyBjbG91ZGZvcm1hdGlvbiAob3RoZXJ3aXNlIGNmbiB3YWl0cykuXG4gICAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1yZXF1aXJlLWltcG9ydHNcbiAgICBjb25zdCB1c2VySGFuZGxlcjogSGFuZGxlciA9IHJlcXVpcmUoZXh0ZXJuYWwudXNlckhhbmRsZXJJbmRleCkuaGFuZGxlcjtcbiAgICBjb25zdCByZXN1bHQgPSBhd2FpdCB1c2VySGFuZGxlcihzYW5pdGl6ZWRFdmVudCwgY29udGV4dCk7XG5cbiAgICAvLyB2YWxpZGF0ZSB1c2VyIHJlc3BvbnNlIGFuZCBjcmVhdGUgdGhlIGNvbWJpbmVkIGV2ZW50XG4gICAgY29uc3QgcmVzcG9uc2VFdmVudCA9IHJlbmRlclJlc3BvbnNlKGV2ZW50LCByZXN1bHQpO1xuXG4gICAgLy8gc3VibWl0IHRvIGNmbiBhcyBzdWNjZXNzXG4gICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCByZXNwb25zZUV2ZW50KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIGNvbnN0IHJlc3A6IFJlc3BvbnNlID0ge1xuICAgICAgLi4uZXZlbnQsXG4gICAgICBSZWFzb246IGV4dGVybmFsLmluY2x1ZGVTdGFja1RyYWNlcyA/IGUuc3RhY2sgOiBlLm1lc3NhZ2UsXG4gICAgfTtcblxuICAgIGlmICghcmVzcC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICAgIC8vIHNwZWNpYWwgY2FzZTogaWYgQ1JFQVRFIGZhaWxzLCB3aGljaCB1c3VhbGx5IGltcGxpZXMsIHdlIHVzdWFsbHkgZG9uJ3RcbiAgICAgIC8vIGhhdmUgYSBwaHlzaWNhbCByZXNvdXJjZSBpZC4gaW4gdGhpcyBjYXNlLCB0aGUgc3Vic2VxdWVudCBERUxFVEVcbiAgICAgIC8vIG9wZXJhdGlvbiBkb2VzIG5vdCBoYXZlIGFueSBtZWFuaW5nLCBhbmQgd2lsbCBsaWtlbHkgZmFpbCBhcyB3ZWxsLiB0b1xuICAgICAgLy8gYWRkcmVzcyB0aGlzLCB3ZSB1c2UgYSBtYXJrZXIgc28gdGhlIHByb3ZpZGVyIGZyYW1ld29yayBjYW4gc2ltcGx5XG4gICAgICAvLyBpZ25vcmUgdGhlIHN1YnNlcXVlbnQgREVMRVRFLlxuICAgICAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgICAgICBleHRlcm5hbC5sb2coJ0NSRUFURSBmYWlsZWQsIHJlc3BvbmRpbmcgd2l0aCBhIG1hcmtlciBwaHlzaWNhbCByZXNvdXJjZSBpZCBzbyB0aGF0IHRoZSBzdWJzZXF1ZW50IERFTEVURSB3aWxsIGJlIGlnbm9yZWQnKTtcbiAgICAgICAgcmVzcC5QaHlzaWNhbFJlc291cmNlSWQgPSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUjtcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIC8vIG90aGVyd2lzZSwgaWYgUGh5c2ljYWxSZXNvdXJjZUlkIGlzIG5vdCBzcGVjaWZpZWQsIHNvbWV0aGluZyBpc1xuICAgICAgICAvLyB0ZXJyaWJseSB3cm9uZyBiZWNhdXNlIGFsbCBvdGhlciBldmVudHMgc2hvdWxkIGhhdmUgYW4gSUQuXG4gICAgICAgIGV4dGVybmFsLmxvZyhgRVJST1I6IE1hbGZvcm1lZCBldmVudC4gXCJQaHlzaWNhbFJlc291cmNlSWRcIiBpcyByZXF1aXJlZDogJHtKU09OLnN0cmluZ2lmeShldmVudCl9YCk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgLy8gdGhpcyBpcyBhbiBhY3R1YWwgZXJyb3IsIGZhaWwgdGhlIGFjdGl2aXR5IGFsdG9nZXRoZXIgYW5kIGV4aXN0LlxuICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdGQUlMRUQnLCByZXNwKTtcbiAgfVxufVxuXG5mdW5jdGlvbiByZW5kZXJSZXNwb25zZShcbiAgY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCAmIHsgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nIH0sXG4gIGhhbmRsZXJSZXNwb25zZTogdm9pZCB8IEhhbmRsZXJSZXNwb25zZSA9IHsgfSk6IFJlc3BvbnNlIHtcblxuICAvLyBpZiBwaHlzaWNhbCBJRCBpcyBub3QgcmV0dXJuZWQsIHdlIGhhdmUgc29tZSBkZWZhdWx0cyBmb3IgeW91IGJhc2VkXG4gIC8vIG9uIHRoZSByZXF1ZXN0IHR5cGUuXG4gIGNvbnN0IHBoeXNpY2FsUmVzb3VyY2VJZCA9IGhhbmRsZXJSZXNwb25zZS5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQgPz8gY2ZuUmVxdWVzdC5SZXF1ZXN0SWQ7XG5cbiAgLy8gaWYgd2UgYXJlIGluIERFTEVURSBhbmQgcGh5c2ljYWwgSUQgd2FzIGNoYW5nZWQsIGl0J3MgYW4gZXJyb3IuXG4gIGlmIChjZm5SZXF1ZXN0LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJyAmJiBwaHlzaWNhbFJlc291cmNlSWQgIT09IGNmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBERUxFVEU6IGNhbm5vdCBjaGFuZ2UgdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGZyb20gXCIke2NmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIHRvIFwiJHtoYW5kbGVyUmVzcG9uc2UuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIGR1cmluZyBkZWxldGlvbmApO1xuICB9XG5cbiAgLy8gbWVyZ2UgcmVxdWVzdCBldmVudCBhbmQgcmVzdWx0IGV2ZW50IChyZXN1bHQgcHJldmFpbHMpLlxuICByZXR1cm4ge1xuICAgIC4uLmNmblJlcXVlc3QsXG4gICAgLi4uaGFuZGxlclJlc3BvbnNlLFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG5hc3luYyBmdW5jdGlvbiBzdWJtaXRSZXNwb25zZShzdGF0dXM6ICdTVUNDRVNTJyB8ICdGQUlMRUQnLCBldmVudDogUmVzcG9uc2UpIHtcbiAgY29uc3QganNvbjogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VSZXNwb25zZSA9IHtcbiAgICBTdGF0dXM6IHN0YXR1cyxcbiAgICBSZWFzb246IGV2ZW50LlJlYXNvbiA/PyBzdGF0dXMsXG4gICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICBSZXF1ZXN0SWQ6IGV2ZW50LlJlcXVlc3RJZCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUixcbiAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgTm9FY2hvOiBldmVudC5Ob0VjaG8sXG4gICAgRGF0YTogZXZlbnQuRGF0YSxcbiAgfTtcblxuICBleHRlcm5hbC5sb2coJ3N1Ym1pdCByZXNwb25zZSB0byBjbG91ZGZvcm1hdGlvbicsIGpzb24pO1xuXG4gIGNvbnN0IHJlc3BvbnNlQm9keSA9IEpTT04uc3RyaW5naWZ5KGpzb24pO1xuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBjb25zdCByZXEgPSB7XG4gICAgaG9zdG5hbWU6IHBhcnNlZFVybC5ob3N0bmFtZSxcbiAgICBwYXRoOiBwYXJzZWRVcmwucGF0aCxcbiAgICBtZXRob2Q6ICdQVVQnLFxuICAgIGhlYWRlcnM6IHsgJ2NvbnRlbnQtdHlwZSc6ICcnLCAnY29udGVudC1sZW5ndGgnOiByZXNwb25zZUJvZHkubGVuZ3RoIH0sXG4gIH07XG5cbiAgYXdhaXQgZXh0ZXJuYWwuc2VuZEh0dHBSZXF1ZXN0KHJlcSwgcmVzcG9uc2VCb2R5KTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdFNlbmRIdHRwUmVxdWVzdChvcHRpb25zOiBodHRwcy5SZXF1ZXN0T3B0aW9ucywgcmVzcG9uc2VCb2R5OiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgcmV0dXJuIG5ldyBQcm9taXNlKChyZXNvbHZlLCByZWplY3QpID0+IHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgcmVxdWVzdCA9IGh0dHBzLnJlcXVlc3Qob3B0aW9ucywgXyA9PiByZXNvbHZlKCkpO1xuICAgICAgcmVxdWVzdC5vbignZXJyb3InLCByZWplY3QpO1xuICAgICAgcmVxdWVzdC53cml0ZShyZXNwb25zZUJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxuZnVuY3Rpb24gZGVmYXVsdExvZyhmbXQ6IHN0cmluZywgLi4ucGFyYW1zOiBhbnlbXSkge1xuICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgbm8tY29uc29sZVxuICBjb25zb2xlLmxvZyhmbXQsIC4uLnBhcmFtcyk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts new file mode 100644 index 0000000000000..3554dc94d4617 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.d.ts @@ -0,0 +1 @@ +export declare function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise; diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.207d1c59082dd1ab722c445b190e0c2cbb20d6c3e981cf674a60159b56338e86/index.js b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js similarity index 100% rename from packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.207d1c59082dd1ab722c445b190e0c2cbb20d6c3e981cf674a60159b56338e86/index.js rename to packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.js diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts new file mode 100644 index 0000000000000..2459d44ab1d18 --- /dev/null +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/asset.60767da3831353fede3cfe92efef10580a600592dec8ccbb06c051e95b9c1b26/index.ts @@ -0,0 +1,82 @@ +// eslint-disable-next-line import/no-extraneous-dependencies +import { S3 } from 'aws-sdk'; + +const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; + +const s3 = new S3(); + +export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { + switch (event.RequestType) { + case 'Create': + return; + case 'Update': + return onUpdate(event); + case 'Delete': + return onDelete(event.ResourceProperties?.BucketName); + } +} + +async function onUpdate(event: AWSLambda.CloudFormationCustomResourceEvent) { + const updateEvent = event as AWSLambda.CloudFormationCustomResourceUpdateEvent; + const oldBucketName = updateEvent.OldResourceProperties?.BucketName; + const newBucketName = updateEvent.ResourceProperties?.BucketName; + const bucketNameHasChanged = newBucketName != null && oldBucketName != null && newBucketName !== oldBucketName; + + /* If the name of the bucket has changed, CloudFormation will try to delete the bucket + and create a new one with the new name. So we have to delete the contents of the + bucket so that this operation does not fail. */ + if (bucketNameHasChanged) { + return onDelete(oldBucketName); + } +} + +/** + * Recursively delete all items in the bucket + * + * @param bucketName the bucket name + */ +async function emptyBucket(bucketName: string) { + const listedObjects = await s3.listObjectVersions({ Bucket: bucketName }).promise(); + const contents = [...listedObjects.Versions ?? [], ...listedObjects.DeleteMarkers ?? []]; + if (contents.length === 0) { + return; + } + + const records = contents.map((record: any) => ({ Key: record.Key, VersionId: record.VersionId })); + await s3.deleteObjects({ Bucket: bucketName, Delete: { Objects: records } }).promise(); + + if (listedObjects?.IsTruncated) { + await emptyBucket(bucketName); + } +} + +async function onDelete(bucketName?: string) { + if (!bucketName) { + throw new Error('No BucketName was provided.'); + } + if (!await isBucketTaggedForDeletion(bucketName)) { + process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); + return; + } + try { + await emptyBucket(bucketName); + } catch (e) { + if (e.code !== 'NoSuchBucket') { + throw e; + } + // Bucket doesn't exist. Ignoring + } +} + +/** + * The bucket will only be tagged for deletion if it's being deleted in the same + * deployment as this Custom Resource. + * + * If the Custom Resource is every deleted before the bucket, it must be because + * `autoDeleteObjects` has been switched to false, in which case the tag would have + * been removed before we get to this Delete event. + */ +async function isBucketTaggedForDeletion(bucketName: string) { + const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); + return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); +} \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/integ.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/integ.json index b4ffa25712780..686cdc6b4f734 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/integ.json +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/integ.json @@ -1,16 +1,11 @@ { "version": "20.0.0", "testCases": { - "integ.pipeline-security": { + "PipelineSecurityTest/DefaultTest": { "stacks": [ "PipelineSecurityStack" ], - "diffAssets": false, - "stackUpdateWorkflow": true + "assertionStack": "PipelineSecurityTestDefaultTestDeployAssertEE246BCA" } - }, - "synthContext": { - "@aws-cdk/core:newStyleStackSynthesis": "true" - }, - "enableLookups": false + } } \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/manifest.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/manifest.json index 5104a5d678640..f1d71d5748325 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/manifest.json @@ -65,7 +65,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ff8909e2b3e01298b53c87d97e8e745b4f0b2e4b6d29d5680c44e5da87a207a4.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/db81913e08aad04a7b47fcf422f74cb3e791e1d9aba3a1d6f6c6b0b8b40b8f34.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -365,6 +365,15 @@ ] }, "displayName": "PipelineSecurityStack" + }, + "PipelineSecurityTestDefaultTestDeployAssertEE246BCA": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "PipelineSecurityTestDefaultTestDeployAssertEE246BCA.template.json", + "validateOnSynth": false + }, + "displayName": "PipelineSecurityTest/DefaultTest/DeployAssert" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/tree.json b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/tree.json index 6a70ad206ee3f..36ee7b9a53b8a 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/tree.json +++ b/packages/@aws-cdk/pipelines/test/pipeline-security.integ.snapshot/tree.json @@ -9,7 +9,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "PipelineSecurityStack": { @@ -1826,13 +1826,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "Build": { @@ -2216,13 +2216,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "UnattachedStage": { @@ -2334,7 +2334,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SingleStageManualApproval": { @@ -2394,7 +2394,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SingleStage-MyStack.Deploy": { @@ -2402,7 +2402,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/UnattachedStage/SingleStage-MyStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SingleStage-MyStack.Prepare": { @@ -2410,13 +2410,13 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/UnattachedStage/SingleStage-MyStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "PreProduction": { @@ -2528,7 +2528,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "PreProductionManualApproval": { @@ -2588,7 +2588,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SafeProductionSecurityCheck": { @@ -2696,7 +2696,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SafeProductionManualApproval": { @@ -2756,7 +2756,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "MyStack.Deploy": { @@ -2764,7 +2764,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/MyStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "MyStack.Prepare": { @@ -2772,7 +2772,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/MyStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SafeProduction-MySafeStack.Deploy": { @@ -2780,7 +2780,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/SafeProduction-MySafeStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "SafeProduction-MySafeStack.Prepare": { @@ -2788,7 +2788,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/SafeProduction-MySafeStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "DisableSecurityCheck-MySafeStack.Deploy": { @@ -2796,7 +2796,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/DisableSecurityCheck-MySafeStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "DisableSecurityCheck-MySafeStack.Prepare": { @@ -2804,13 +2804,13 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/PreProduction/DisableSecurityCheck-MySafeStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "NoSecurityCheck": { @@ -2922,7 +2922,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "EnableSecurityCheckManualApproval": { @@ -2982,7 +2982,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "MyStack.Deploy": { @@ -2990,7 +2990,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/NoSecurityCheck/MyStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "MyStack.Prepare": { @@ -2998,7 +2998,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/NoSecurityCheck/MyStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "EnableSecurityCheck-MyStack.Deploy": { @@ -3006,7 +3006,7 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/NoSecurityCheck/EnableSecurityCheck-MyStack.Deploy", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "EnableSecurityCheck-MyStack.Prepare": { @@ -3014,13 +3014,13 @@ "path": "PipelineSecurityStack/TestPipeline/Pipeline/NoSecurityCheck/EnableSecurityCheck-MyStack.Prepare", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, @@ -3034,7 +3034,7 @@ "path": "PipelineSecurityStack/TestPipeline/Assets", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "PreProduction": { @@ -3058,7 +3058,7 @@ "path": "PipelineSecurityStack/TestPipeline/PreProduction/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}/8389e75f-0810-4838-bf64-d6f85a95cf83", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, @@ -3540,7 +3540,7 @@ { "Ref": "TestPipelinePipelineApplicationSecurityCheckCDKPipelinesAutoApprove1EE0AA81" }, - " --invocation-type Event --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" + " --invocation-type Event --cli-binary-format raw-in-base64-out --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" ] ] } @@ -3570,7 +3570,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "NoSecurityCheck": { @@ -3594,7 +3594,7 @@ "path": "PipelineSecurityStack/TestPipeline/NoSecurityCheck/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}/8389e75f-0810-4838-bf64-d6f85a95cf83", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, @@ -4086,7 +4086,7 @@ { "Ref": "UnattachedStageStageApplicationSecurityCheckCDKPipelinesAutoApprove249F82F9" }, - " --invocation-type Event --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" + " --invocation-type Event --cli-binary-format raw-in-base64-out --payload \\\"$payload\\\" lambda.out; export MESSAGE=\\\"No security-impacting changes detected.\\\"; else [ -z \\\"${NOTIFICATION_ARN}\\\" ] || aws sns publish --topic-arn $NOTIFICATION_ARN --subject \\\"$NOTIFICATION_SUBJECT\\\" --message \\\"An upcoming change would broaden security changes in $PIPELINE_NAME.\\nReview and approve the changes in CodePipeline to proceed with the deployment.\\n\\nReview the changes in CodeBuild:\\n\\n$LINK\\n\\nApprove the changes in CodePipeline (stage $STAGE_NAME, action $ACTION_NAME):\\n\\n$PIPELINE_LINK\\\"; export MESSAGE=\\\"Deployment would make security-impacting changes. Click the link below to inspect them, then click Approve if all changes are expected.\\\"; fi\"\n ]\n }\n },\n \"env\": {\n \"exported-variables\": [\n \"LINK\",\n \"MESSAGE\"\n ]\n }\n}" ] ] } @@ -4116,7 +4116,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } }, "MutableRolearn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}": { @@ -4136,7 +4136,7 @@ "path": "PipelineSecurityStack/UnattachedStage/arn:${AWS::Partition}:iam::${AWS::AccountId}:role--cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}/8389e75f-0810-4838-bf64-d6f85a95cf83", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.33" + "version": "10.1.65" } } }, @@ -4806,6 +4806,42 @@ "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" } + }, + "PipelineSecurityTest": { + "id": "PipelineSecurityTest", + "path": "PipelineSecurityTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "PipelineSecurityTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "PipelineSecurityTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.65" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "PipelineSecurityTest/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@monocdk-experiment/assert/package.json b/packages/@monocdk-experiment/assert/package.json index a2302c5fb6cfb..9660dc37e70a3 100644 --- a/packages/@monocdk-experiment/assert/package.json +++ b/packages/@monocdk-experiment/assert/package.json @@ -39,7 +39,7 @@ "devDependencies": { "@monocdk-experiment/rewrite-imports": "0.0.0", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@aws-cdk/cdk-build-tools": "0.0.0", "jest": "^27.5.1", "constructs": "^10.0.0", diff --git a/packages/@monocdk-experiment/rewrite-imports/package.json b/packages/@monocdk-experiment/rewrite-imports/package.json index b66f1eb4c76a2..a7584a65e45d5 100644 --- a/packages/@monocdk-experiment/rewrite-imports/package.json +++ b/packages/@monocdk-experiment/rewrite-imports/package.json @@ -38,7 +38,7 @@ "devDependencies": { "@types/glob": "^7.2.0", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/pkglint": "0.0.0" }, diff --git a/packages/aws-cdk-lib/README.md b/packages/aws-cdk-lib/README.md index 1fc08f146a00f..aa61a3f87d603 100644 --- a/packages/aws-cdk-lib/README.md +++ b/packages/aws-cdk-lib/README.md @@ -376,13 +376,13 @@ relationship between all resources in the scope of `constructA` and all resources in the scope of `constructB`. If you want a single object to represent a set of constructs that are not -necessarily in the same scope, you can use a `ConcreteDependable`. The +necessarily in the same scope, you can use a `DependencyGroup`. The following creates a single object that represents a dependency on two constructs, `constructB` and `constructC`: ```ts // Declare the dependable object -const bAndC = new ConcreteDependable(); +const bAndC = new DependencyGroup(); bAndC.add(constructB); bAndC.add(constructC); diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index af1a8d909bbd4..0ca06d90e2539 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -359,9 +359,9 @@ "@aws-cdk/triggers": "0.0.0", "@aws-cdk/ubergen": "0.0.0", "@types/fs-extra": "^8.1.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "constructs": "^10.0.0", - "esbuild": "^0.14.50", + "esbuild": "^0.14.53", "fs-extra": "^9.1.0", "ts-node": "^9.1.1", "typescript": "~3.8.3" diff --git a/packages/aws-cdk-migration/package.json b/packages/aws-cdk-migration/package.json index f4f465e849103..084c8f3a25aee 100644 --- a/packages/aws-cdk-migration/package.json +++ b/packages/aws-cdk-migration/package.json @@ -40,7 +40,7 @@ "devDependencies": { "@types/glob": "^7.2.0", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/pkglint": "0.0.0" }, diff --git a/packages/aws-cdk/THIRD_PARTY_LICENSES b/packages/aws-cdk/THIRD_PARTY_LICENSES index 1cc5324410c21..69a803d4f0d26 100644 --- a/packages/aws-cdk/THIRD_PARTY_LICENSES +++ b/packages/aws-cdk/THIRD_PARTY_LICENSES @@ -1,6 +1,6 @@ The aws-cdk package includes the following third-party software/licensing: -** @jsii/check-node@1.63.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.63.0 | Apache-2.0 +** @jsii/check-node@1.63.2 - https://www.npmjs.com/package/@jsii/check-node/v/1.63.2 | Apache-2.0 jsii Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -268,7 +268,7 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE ---------------- -** aws-sdk@2.1182.0 - https://www.npmjs.com/package/aws-sdk/v/2.1182.0 | Apache-2.0 +** aws-sdk@2.1187.0 - https://www.npmjs.com/package/aws-sdk/v/2.1187.0 | Apache-2.0 AWS SDK for JavaScript Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/aws-cdk/lib/api/hotswap-deployments.ts b/packages/aws-cdk/lib/api/hotswap-deployments.ts index f64e5c16eddfa..487d8a1dd2281 100644 --- a/packages/aws-cdk/lib/api/hotswap-deployments.ts +++ b/packages/aws-cdk/lib/api/hotswap-deployments.ts @@ -68,6 +68,11 @@ async function findAllHotswappableChanges( sdk: ISDK, nestedStackNames: { [nestedStackName: string]: NestedStackNames }, ): Promise { + // Skip hotswap if there is any change on stack outputs + if (stackChanges.outputs.differenceCount > 0) { + return undefined; + } + const resourceDifferences = getStackResourceDifferences(stackChanges); let foundNonHotswappableChange = false; diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 1b200168a7e04..a4c8238fbd091 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -67,7 +67,7 @@ "@types/jest": "^27.5.2", "@types/minimatch": "^3.0.5", "@types/mockery": "^1.4.30", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/promptly": "^3.0.2", "@types/semver": "^7.3.10", "@types/sinon": "^9.0.11", @@ -95,7 +95,7 @@ "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@jsii/check-node": "1.63.0", + "@jsii/check-node": "1.63.2", "archiver": "^5.3.1", "aws-sdk": "^2.1093.0", "camelcase": "^6.3.0", diff --git a/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts b/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts index e7436e8d127ec..4c3bd67ee764c 100644 --- a/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts +++ b/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts @@ -356,3 +356,61 @@ test('changing the type of a deployed resource always results in a full deployme expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); }); + +test('A change to both a hotswappable resource and a stack output results in a full deployment', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + FunctionName: 'my-function', + }, + Metadata: { + 'aws:asset:path': 'old-path', + }, + }, + }, + Outputs: { + SomeOutput: { + Value: 'old-value', + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }, + FunctionName: 'my-function', + }, + Metadata: { + 'aws:asset:path': 'new-path', + }, + }, + }, + Outputs: { + SomeOutput: { + Value: 'new-value', + }, + }, + }, + }); + + // WHEN + const deployStackResult = await hotswapMockSdkProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); diff --git a/packages/awslint/package.json b/packages/awslint/package.json index ecfde08531cc9..7d212a9272ac9 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -18,11 +18,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.63.0", + "@jsii/spec": "^1.63.2", "camelcase": "^6.3.0", "chalk": "^4", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.63.0", + "jsii-reflect": "^1.63.2", "yargs": "^16.2.0" }, "devDependencies": { diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 78ec5d636dce6..ecafa1959ef88 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -35,11 +35,11 @@ "@types/jest": "^27.5.2", "@types/mime": "^2.0.3", "@types/mock-fs": "^4.13.1", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/yargs": "^15.0.14", "@aws-cdk/cdk-build-tools": "0.0.0", "jest": "^27.5.1", - "jszip": "^3.10.0", + "jszip": "^3.10.1", "mock-fs": "^4.14.0", "@aws-cdk/pkglint": "0.0.0" }, diff --git a/packages/cdk-cli-wrapper/package.json b/packages/cdk-cli-wrapper/package.json index 482230716cafd..e9eb54289df6f 100644 --- a/packages/cdk-cli-wrapper/package.json +++ b/packages/cdk-cli-wrapper/package.json @@ -62,7 +62,7 @@ "license": "Apache-2.0", "devDependencies": { "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@aws-cdk/cdk-build-tools": "0.0.0", "jest": "^27.5.1", "@aws-cdk/pkglint": "0.0.0" diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index 6f1321232337a..c4967b57a4740 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -30,7 +30,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.63.0", + "codemaker": "^1.63.2", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index bed2b8fa85b56..b512979639719 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -359,7 +359,7 @@ "@aws-cdk/ubergen": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "constructs": "^10.0.0", "fs-extra": "^9.1.0", "ts-node": "^9.1.1", diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index ee0df7eaa9b4f..06ed9a255b881 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -57,9 +57,9 @@ "fs-extra": "^9.1.0", "jest": "^27.5.1", "jest-junit": "^13.2.0", - "jsii": "^1.63.0", - "jsii-pacmak": "^1.62.0", - "jsii-reflect": "^1.63.0", + "jsii": "^1.63.2", + "jsii-pacmak": "^1.63.2", + "jsii-reflect": "^1.63.2", "markdownlint-cli": "^0.32.1", "nyc": "^15.1.0", "semver": "^7.3.7", diff --git a/tools/@aws-cdk/cfn2ts/package.json b/tools/@aws-cdk/cfn2ts/package.json index 0761f9e9d28ff..296ea422cc399 100644 --- a/tools/@aws-cdk/cfn2ts/package.json +++ b/tools/@aws-cdk/cfn2ts/package.json @@ -32,7 +32,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.63.0", + "codemaker": "^1.63.2", "fast-json-patch": "^3.1.1", "fs-extra": "^9.1.0", "yargs": "^16.2.0" diff --git a/tools/@aws-cdk/eslint-plugin/package.json b/tools/@aws-cdk/eslint-plugin/package.json index fd7e9d546dcda..5bf3cce01aa4e 100644 --- a/tools/@aws-cdk/eslint-plugin/package.json +++ b/tools/@aws-cdk/eslint-plugin/package.json @@ -17,7 +17,7 @@ "@types/eslint": "^7.29.0", "@types/fs-extra": "^8.1.2", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/estree": "*", "eslint-plugin-rulesdir": "^0.2.1", "jest": "^27.5.1", diff --git a/tools/@aws-cdk/node-bundle/package.json b/tools/@aws-cdk/node-bundle/package.json index 1ea0975a099b4..9ff19321547c0 100644 --- a/tools/@aws-cdk/node-bundle/package.json +++ b/tools/@aws-cdk/node-bundle/package.json @@ -29,7 +29,7 @@ "@types/jest": "^27.5.2", "@types/license-checker": "^25.0.3", "@types/madge": "^5.0.0", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@typescript-eslint/eslint-plugin": "^5", "@typescript-eslint/parser": "^5", "eslint": "^8", @@ -40,13 +40,13 @@ "jest-junit": "^13", "json-schema": "^0.4.0", "npm-check-updates": "^12", - "projen": "^0.60.4", + "projen": "^0.60.14", "standard-version": "^9", "ts-jest": "^27", "typescript": "^4.5.5" }, "dependencies": { - "esbuild": "^0.14.50", + "esbuild": "^0.14.53", "fs-extra": "^10.1.0", "license-checker": "^25.0.1", "madge": "^5.0.1", diff --git a/tools/@aws-cdk/yarn-cling/package.json b/tools/@aws-cdk/yarn-cling/package.json index cc864cfd7bb84..5a204cc57e364 100644 --- a/tools/@aws-cdk/yarn-cling/package.json +++ b/tools/@aws-cdk/yarn-cling/package.json @@ -39,7 +39,7 @@ "devDependencies": { "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2", - "@types/node": "^14.18.22", + "@types/node": "^14.18.23", "@types/semver": "^7.3.10", "@types/yarnpkg__lockfile": "^1.1.5", "jest": "^27.5.1", diff --git a/version.v2.json b/version.v2.json index 7756ec057f0cd..a4993e99d49d2 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.34.2", - "alphaVersion": "2.34.2-alpha.0" + "version": "2.35.0", + "alphaVersion": "2.35.0-alpha.0" } \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index a117cfafa814e..96d7c3e3a35fc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -60,32 +60,32 @@ integrity sha512-HSmX4WZPPK3FUxYp7g2T6EyO8j96HlZJlxmKPSh6KAcqwyDrfx7hKjXpAW/0FhFfTJsR0Yt4lAjLI2coMptIHQ== "@babel/core@^7.1.0", "@babel/core@^7.12.3", "@babel/core@^7.7.2", "@babel/core@^7.7.5", "@babel/core@^7.8.0": - version "7.18.9" - resolved "https://registry.npmjs.org/@babel/core/-/core-7.18.9.tgz#805461f967c77ff46c74ca0460ccf4fe933ddd59" - integrity sha512-1LIb1eL8APMy91/IMW+31ckrfBM4yCoLaVzoDhZUKSM4cu1L1nIidyxkCgzPAgrC5WEz36IPEr/eSeSF9pIn+g== + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/core/-/core-7.18.10.tgz#39ad504991d77f1f3da91be0b8b949a5bc466fb8" + integrity sha512-JQM6k6ENcBFKVtWvLavlvi/mPcpYZ3+R+2EySDEMSMbp7Mn4FexlbbJVrx2R7Ijhr01T8gyqrOaABWIOgxeUyw== dependencies: "@ampproject/remapping" "^2.1.0" "@babel/code-frame" "^7.18.6" - "@babel/generator" "^7.18.9" + "@babel/generator" "^7.18.10" "@babel/helper-compilation-targets" "^7.18.9" "@babel/helper-module-transforms" "^7.18.9" "@babel/helpers" "^7.18.9" - "@babel/parser" "^7.18.9" - "@babel/template" "^7.18.6" - "@babel/traverse" "^7.18.9" - "@babel/types" "^7.18.9" + "@babel/parser" "^7.18.10" + "@babel/template" "^7.18.10" + "@babel/traverse" "^7.18.10" + "@babel/types" "^7.18.10" convert-source-map "^1.7.0" debug "^4.1.0" gensync "^1.0.0-beta.2" json5 "^2.2.1" semver "^6.3.0" -"@babel/generator@^7.18.9", "@babel/generator@^7.7.2": - version "7.18.9" - resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.18.9.tgz#68337e9ea8044d6ddc690fb29acae39359cca0a5" - integrity sha512-wt5Naw6lJrL1/SGkipMiFxJjtyczUWTP38deiP1PO60HsBjDeKk08CGC3S8iVuvf0FmTdgKwU1KIXzSKL1G0Ug== +"@babel/generator@^7.18.10", "@babel/generator@^7.7.2": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.18.10.tgz#794f328bfabdcbaf0ebf9bf91b5b57b61fa77a2a" + integrity sha512-0+sW7e3HjQbiHbj1NeU/vN8ornohYlacAfZIaXhdoGweQqgcNy69COVciYYqEXJ/v+9OBA7Frxm4CVAuNqKeNA== dependencies: - "@babel/types" "^7.18.9" + "@babel/types" "^7.18.10" "@jridgewell/gen-mapping" "^0.3.2" jsesc "^2.5.1" @@ -159,6 +159,11 @@ dependencies: "@babel/types" "^7.18.6" +"@babel/helper-string-parser@^7.18.10": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.18.10.tgz#181f22d28ebe1b3857fa575f5c290b1aaf659b56" + integrity sha512-XtIfWmeNY3i4t7t4D2t02q50HvqHybPqW2ki1kosnvWCwuCMeo81Jf0gwr85jy/neUdg5XDdeFE/80DXiO+njw== + "@babel/helper-validator-identifier@^7.18.6": version "7.18.6" resolved "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.18.6.tgz#9c97e30d31b2b8c72a1d08984f2ca9b574d7a076" @@ -187,10 +192,10 @@ chalk "^2.0.0" js-tokens "^4.0.0" -"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.14.7", "@babel/parser@^7.18.6", "@babel/parser@^7.18.9": - version "7.18.9" - resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.18.9.tgz#f2dde0c682ccc264a9a8595efd030a5cc8fd2539" - integrity sha512-9uJveS9eY9DJ0t64YbIBZICtJy8a5QrDEVdiLCG97fVLpDTpGX7t8mMSb6OWw6Lrnjqj4O8zwjELX3dhoMgiBg== +"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.14.7", "@babel/parser@^7.18.10": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.18.10.tgz#94b5f8522356e69e8277276adf67ed280c90ecc1" + integrity sha512-TYk3OA0HKL6qNryUayb5UUEhM/rkOQozIBEA5ITXh5DWrSp0TlUQXMyZmnWxG/DizSWBeeQ0Zbc5z8UGaaqoeg== "@babel/plugin-syntax-async-generators@^7.8.4": version "7.8.4" @@ -283,36 +288,37 @@ dependencies: "@babel/helper-plugin-utils" "^7.18.6" -"@babel/template@^7.18.6", "@babel/template@^7.3.3": - version "7.18.6" - resolved "https://registry.npmjs.org/@babel/template/-/template-7.18.6.tgz#1283f4993e00b929d6e2d3c72fdc9168a2977a31" - integrity sha512-JoDWzPe+wgBsTTgdnIma3iHNFC7YVJoPssVBDjiHfNlyt4YcunDtcDOUmfVDfCK5MfdsaIoX9PkijPhjH3nYUw== +"@babel/template@^7.18.10", "@babel/template@^7.18.6", "@babel/template@^7.3.3": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/template/-/template-7.18.10.tgz#6f9134835970d1dbf0835c0d100c9f38de0c5e71" + integrity sha512-TI+rCtooWHr3QJ27kJxfjutghu44DLnasDMwpDqCXVTal9RLp3RSYNh4NdBrRP2cQAoG9A8juOQl6P6oZG4JxA== dependencies: "@babel/code-frame" "^7.18.6" - "@babel/parser" "^7.18.6" - "@babel/types" "^7.18.6" + "@babel/parser" "^7.18.10" + "@babel/types" "^7.18.10" -"@babel/traverse@^7.18.9", "@babel/traverse@^7.7.2": - version "7.18.9" - resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.18.9.tgz#deeff3e8f1bad9786874cb2feda7a2d77a904f98" - integrity sha512-LcPAnujXGwBgv3/WHv01pHtb2tihcyW1XuL9wd7jqh1Z8AQkTd+QVjMrMijrln0T7ED3UXLIy36P9Ao7W75rYg== +"@babel/traverse@^7.18.10", "@babel/traverse@^7.18.9", "@babel/traverse@^7.7.2": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.18.10.tgz#37ad97d1cb00efa869b91dd5d1950f8a6cf0cb08" + integrity sha512-J7ycxg0/K9XCtLyHf0cz2DqDihonJeIo+z+HEdRe9YuT8TY4A66i+Ab2/xZCEW7Ro60bPCBBfqqboHSamoV3+g== dependencies: "@babel/code-frame" "^7.18.6" - "@babel/generator" "^7.18.9" + "@babel/generator" "^7.18.10" "@babel/helper-environment-visitor" "^7.18.9" "@babel/helper-function-name" "^7.18.9" "@babel/helper-hoist-variables" "^7.18.6" "@babel/helper-split-export-declaration" "^7.18.6" - "@babel/parser" "^7.18.9" - "@babel/types" "^7.18.9" + "@babel/parser" "^7.18.10" + "@babel/types" "^7.18.10" debug "^4.1.0" globals "^11.1.0" -"@babel/types@^7.0.0", "@babel/types@^7.18.6", "@babel/types@^7.18.9", "@babel/types@^7.3.0", "@babel/types@^7.3.3": - version "7.18.9" - resolved "https://registry.npmjs.org/@babel/types/-/types-7.18.9.tgz#7148d64ba133d8d73a41b3172ac4b83a1452205f" - integrity sha512-WwMLAg2MvJmt/rKEVQBBhIVffMmnilX4oe0sRe7iPOHIGsqpruFHHdrfj4O1CMMtgMtCU4oPafZjDPCRgO57Wg== +"@babel/types@^7.0.0", "@babel/types@^7.18.10", "@babel/types@^7.18.6", "@babel/types@^7.18.9", "@babel/types@^7.3.0", "@babel/types@^7.3.3": + version "7.18.10" + resolved "https://registry.npmjs.org/@babel/types/-/types-7.18.10.tgz#4908e81b6b339ca7c6b7a555a5fc29446f26dde6" + integrity sha512-MJvnbEiiNkpjo+LknnmRrqbY1GPUUggjv+wQVjetM/AONoupqRALB7I6jGqNUAZsKcRIEu2J6FRFvsczljjsaQ== dependencies: + "@babel/helper-string-parser" "^7.18.10" "@babel/helper-validator-identifier" "^7.18.6" to-fast-properties "^2.0.0" @@ -333,6 +339,11 @@ dependencies: "@jridgewell/trace-mapping" "0.3.9" +"@esbuild/linux-loong64@0.14.53": + version "0.14.53" + resolved "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.14.53.tgz#251b4cd6760fadb4d68a05815e6dc5e432d69cd6" + integrity sha512-W2dAL6Bnyn4xa/QRSU3ilIK4EzD5wgYXKXJiS1HDF5vU3675qc2bvFyLwbUcdmssDveyndy7FbitrCoiV/eMLg== + "@eslint/eslintrc@^0.4.3": version "0.4.3" resolved "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz#9e42981ef035beb3dd49add17acb96e8ff6f394c" @@ -368,6 +379,15 @@ resolved "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.3.tgz#555193ab2e3bb3b6adc3d551c9c030d9e860daf6" integrity sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw== +"@humanwhocodes/config-array@^0.10.4": + version "0.10.4" + resolved "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.10.4.tgz#01e7366e57d2ad104feea63e72248f22015c520c" + integrity sha512-mXAIHxZT3Vcpg83opl1wGlVZ9xydbfZO3r5YfRSH6Gpp2J/PfdBP0wbDa2sO6/qRbcalpoevVyW6A/fI6LfeMw== + dependencies: + "@humanwhocodes/object-schema" "^1.2.1" + debug "^4.1.1" + minimatch "^3.0.4" + "@humanwhocodes/config-array@^0.5.0": version "0.5.0" resolved "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz#1407967d4c6eecd7388f83acf1eaf4d0c6e58ef9" @@ -377,14 +397,10 @@ debug "^4.1.1" minimatch "^3.0.4" -"@humanwhocodes/config-array@^0.9.2": - version "0.9.5" - resolved "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.9.5.tgz#2cbaf9a89460da24b5ca6531b8bbfc23e1df50c7" - integrity sha512-ObyMyWxZiCu/yTisA7uzx81s40xR2fD5Cg/2Kq7G02ajkNubJf6BopgDTmDyc3U7sXpNKM8cYOw7s7Tyr+DnCw== - dependencies: - "@humanwhocodes/object-schema" "^1.2.1" - debug "^4.1.1" - minimatch "^3.0.4" +"@humanwhocodes/gitignore-to-minimatch@^1.0.2": + version "1.0.2" + resolved "https://registry.npmjs.org/@humanwhocodes/gitignore-to-minimatch/-/gitignore-to-minimatch-1.0.2.tgz#316b0a63b91c10e53f242efb4ace5c3b34e8728d" + integrity sha512-rSqmMJDdLFUsyxR6FMtD00nfQKKLFb1kv+qBbOVKqErvloEIJLo5bDTJTQNTYgeyp78JsA7u/NPi5jT1GR/MuA== "@humanwhocodes/object-schema@^1.2.0", "@humanwhocodes/object-schema@^1.2.1": version "1.2.1" @@ -645,41 +661,18 @@ "@jridgewell/resolve-uri" "^3.0.3" "@jridgewell/sourcemap-codec" "^1.4.10" -"@jsii/check-node@1.62.0": - version "1.62.0" - resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.62.0.tgz#3d3353d37ed1537acdfb63ea3e1506d82adb09b1" - integrity sha512-jYmY12Vrz3/0MJ9GTEfIxf4yh/7fsgYmuBp2UQfDLSfx+eaBvOG4xbjvsoa/AvfWF5VU95QqKAJLBDMOQK4z1g== - dependencies: - chalk "^4.1.2" - semver "^7.3.7" - -"@jsii/check-node@1.63.0": - version "1.63.0" - resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.63.0.tgz#e7f1a3a837107b1fd1b7060ee15e126bf9502375" - integrity sha512-6AEdoVj9PMZ/imZblz7dKZ8FNhyKFulmbnxSUpqqHYwFv9JVd9/UbghBnO+BmJrPAFH3hORjVgmIRkXQJQUOzw== - dependencies: - chalk "^4.1.2" - semver "^7.3.7" - -"@jsii/check-node@1.63.1": - version "1.63.1" - resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.63.1.tgz#90c983b2b69e58646013c1670875c237d7a41b5f" - integrity sha512-7XOFJQCIxq5Yh6ldFWCY/h3lh/7UCJRBiu6YZliUVudZAVc4vbKz3Z7fD7Ha2XRGC45zdeoOhO/9z2h6ri35Mg== +"@jsii/check-node@1.63.2": + version "1.63.2" + resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.63.2.tgz#009cd1a00023460634ccdf9680f19409810f204a" + integrity sha512-vTj8ZCXIUG0ciq0VX+yhWSyCNsFos9TJlQamZPSVATS23cfCav7HGyxA7bydeNML3sfN0MzFQ0OKYyjAMeFw5A== dependencies: chalk "^4.1.2" semver "^7.3.7" -"@jsii/spec@1.63.0", "@jsii/spec@^1.59.0", "@jsii/spec@^1.63.0": - version "1.63.0" - resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.63.0.tgz#23db14bf4670a9506e0d4bf86c80bc1f76c6311f" - integrity sha512-bOLbrvI7klkJXRruRyqfzKSUS0GhGXq0vMaCkYpexpiEOYscV1ui99n4h4XugpOBReSBngi27T3gIB8woD8ULg== - dependencies: - ajv "^8.11.0" - -"@jsii/spec@1.63.1", "@jsii/spec@^1.62.0", "@jsii/spec@^1.63.1": - version "1.63.1" - resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.63.1.tgz#eb36ca6d171cc06e6511be62bac0183259fd3b8a" - integrity sha512-XXbmiJK8Uk9Hfb7f3Q0NZX7ArLwoM0GGRrvghh6s9D+yQ1zS6Sj4ETO6A8sXE4tBEaqgFMKr/DDHIc/UuV30Fw== +"@jsii/spec@1.63.2", "@jsii/spec@^1.63.2": + version "1.63.2" + resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.63.2.tgz#36cdde3279ba8e1d212bbcba9b4766b1a3aaab95" + integrity sha512-zIFZDG/qtQJWa2I7W1cUXExeshr4WSSuMNHWGkJzIn4hFtYv4eQG7cP3gF2ToqAwS2WgsX7fQ7dDrLg0Pzfc2A== dependencies: ajv "^8.11.0" @@ -1484,9 +1477,9 @@ read-package-json-fast "^2.0.1" "@npmcli/run-script@^4.1.0": - version "4.1.7" - resolved "https://registry.npmjs.org/@npmcli/run-script/-/run-script-4.1.7.tgz#b1a2f57568eb738e45e9ea3123fb054b400a86f7" - integrity sha512-WXr/MyM4tpKA4BotB81NccGAv8B48lNH0gRoILucbcAhTQXLCoi6HflMV3KdXubIqvP9SuLsFn68Z7r4jl+ppw== + version "4.2.0" + resolved "https://registry.npmjs.org/@npmcli/run-script/-/run-script-4.2.0.tgz#2c25758f80831ba138afe25225d456e89acedac3" + integrity sha512-e/QgLg7j2wSJp1/7JRl0GC8c7PMX+uYlA/1Tb+IDOLdSM4T7K1VQ9mm9IGU3WRtY5vEIObpqCLb3aCNCug18DA== dependencies: "@npmcli/node-gyp" "^2.0.0" "@npmcli/promise-spawn" "^3.0.0" @@ -1532,10 +1525,10 @@ "@octokit/types" "^6.0.3" universal-user-agent "^6.0.0" -"@octokit/openapi-types@^12.10.0": - version "12.10.1" - resolved "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-12.10.1.tgz#57b5cc6c7b4e55d8642c93d06401fb1af4839899" - integrity sha512-P+SukKanjFY0ZhsK6wSVnQmxTP2eVPPE8OPSNuxaMYtgVzwJZgfGdwlYjf4RlRU4vLEw4ts2fsE2icG4nZ5ddQ== +"@octokit/openapi-types@^12.11.0": + version "12.11.0" + resolved "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-12.11.0.tgz#da5638d64f2b919bca89ce6602d059f1b52d3ef0" + integrity sha512-VsXyi8peyRq9PqIz/tpqiL2w3w80OgVMwBHltTml3LmVvXiphgeqmY9mvBw9Wu7e0QWk/fqD37ux8yP5uVekyQ== "@octokit/plugin-enterprise-rest@^6.0.1": version "6.0.1" @@ -1647,11 +1640,11 @@ "@types/node" ">= 8" "@octokit/types@^6.0.3", "@octokit/types@^6.16.1", "@octokit/types@^6.39.0", "@octokit/types@^6.40.0": - version "6.40.0" - resolved "https://registry.npmjs.org/@octokit/types/-/types-6.40.0.tgz#f2e665196d419e19bb4265603cf904a820505d0e" - integrity sha512-MFZOU5r8SwgJWDMhrLUSvyJPtVsqA6VnbVI3TNbsmw+Jnvrktzvq2fYES/6RiJA/5Ykdwq4mJmtlYUfW7CGjmw== + version "6.41.0" + resolved "https://registry.npmjs.org/@octokit/types/-/types-6.41.0.tgz#e58ef78d78596d2fb7df9c6259802464b5f84a04" + integrity sha512-eJ2jbzjdijiL3B4PrSQaSjuF2sPEQPVCPzBvTHJD9Nz+9dw2SGH4K4xeQJ77YfTq5bRQ+bD8wT11JbeDPmxmGg== dependencies: - "@octokit/openapi-types" "^12.10.0" + "@octokit/openapi-types" "^12.11.0" "@oozcitak/dom@1.15.8": version "1.15.8" @@ -1969,19 +1962,19 @@ integrity sha512-uv53RrNdhbkV/3VmVCtfImfYCWC3GTTRn3R11Whni3EJ+gb178tkZBVNj2edLY5CMrB749dQi+SJkg87jsN8UQ== "@types/node@*", "@types/node@>= 8": - version "18.6.1" - resolved "https://registry.npmjs.org/@types/node/-/node-18.6.1.tgz#828e4785ccca13f44e2fb6852ae0ef11e3e20ba5" - integrity sha512-z+2vB6yDt1fNwKOeGbckpmirO+VBDuQqecXkgeIqDlaOtmKn6hPR/viQ8cxCfqLU4fTlvM3+YjM367TukWdxpg== + version "18.6.3" + resolved "https://registry.npmjs.org/@types/node/-/node-18.6.3.tgz#4e4a95b6fe44014563ceb514b2598b3e623d1c98" + integrity sha512-6qKpDtoaYLM+5+AFChLhHermMQxc3TOEFIDzrZLPRGHPrLEwqFkkT5Kx3ju05g6X7uDPazz3jHbKPX0KzCjntg== -"@types/node@^14.18.22": - version "14.18.22" - resolved "https://registry.npmjs.org/@types/node/-/node-14.18.22.tgz#fd2a15dca290fc9ad565b672fde746191cd0c6e6" - integrity sha512-qzaYbXVzin6EPjghf/hTdIbnVW1ErMx8rPzwRNJhlbyJhu2SyqlvjGOY/tbUt6VFyzg56lROcOeSQRInpt63Yw== +"@types/node@^14.18.23": + version "14.18.23" + resolved "https://registry.npmjs.org/@types/node/-/node-14.18.23.tgz#70f5f20b0b1b38f696848c1d3647bb95694e615e" + integrity sha512-MhbCWN18R4GhO8ewQWAFK4TGQdBpXWByukz7cWyJmXhvRuCIaM/oWytGPqVmDzgEnnaIc9ss6HbU5mUi+vyZPA== "@types/node@^16.9.2": - version "16.11.45" - resolved "https://registry.npmjs.org/@types/node/-/node-16.11.45.tgz#155b13a33c665ef2b136f7f245fa525da419e810" - integrity sha512-3rKg/L5x0rofKuuUt5zlXzOnKyIHXmIu5R8A0TuNDMF2062/AOIDBciFIjToLEJ/9F9DzkHNot+BpNsMI1OLdQ== + version "16.11.47" + resolved "https://registry.npmjs.org/@types/node/-/node-16.11.47.tgz#efa9e3e0f72e7aa6a138055dace7437a83d9f91c" + integrity sha512-fpP+jk2zJ4VW66+wAMFoBJlx1bxmBKx4DUFf68UHgdGCOuyUTDlLWqsaNPJh7xhNDykyJ9eIzAygilP/4WoN8g== "@types/normalize-package-data@^2.4.0": version "2.4.1" @@ -2126,13 +2119,13 @@ tsutils "^3.21.0" "@typescript-eslint/eslint-plugin@^5": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.31.0.tgz#cae1967b1e569e6171bbc6bec2afa4e0c8efccfe" - integrity sha512-VKW4JPHzG5yhYQrQ1AzXgVgX8ZAJEvCz0QI6mLRX4tf7rnFfh5D8SKm0Pq6w5PyNfAWJk6sv313+nEt3ohWMBQ== + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.32.0.tgz#e27e38cffa4a61226327c874a7be965e9a861624" + integrity sha512-CHLuz5Uz7bHP2WgVlvoZGhf0BvFakBJKAD/43Ty0emn4wXWv5k01ND0C0fHcl/Im8Td2y/7h44E9pca9qAu2ew== dependencies: - "@typescript-eslint/scope-manager" "5.31.0" - "@typescript-eslint/type-utils" "5.31.0" - "@typescript-eslint/utils" "5.31.0" + "@typescript-eslint/scope-manager" "5.32.0" + "@typescript-eslint/type-utils" "5.32.0" + "@typescript-eslint/utils" "5.32.0" debug "^4.3.4" functional-red-black-tree "^1.0.1" ignore "^5.2.0" @@ -2163,13 +2156,13 @@ debug "^4.3.1" "@typescript-eslint/parser@^5": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.31.0.tgz#7f42d7dcc68a0a6d80a0f3d9a65063aee7bb8d2c" - integrity sha512-UStjQiZ9OFTFReTrN+iGrC6O/ko9LVDhreEK5S3edmXgR396JGq7CoX2TWIptqt/ESzU2iRKXAHfSF2WJFcWHw== + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.32.0.tgz#1de243443bc6186fb153b9e395b842e46877ca5d" + integrity sha512-IxRtsehdGV9GFQ35IGm5oKKR2OGcazUoiNBxhRV160iF9FoyuXxjY+rIqs1gfnd+4eL98OjeGnMpE7RF/NBb3A== dependencies: - "@typescript-eslint/scope-manager" "5.31.0" - "@typescript-eslint/types" "5.31.0" - "@typescript-eslint/typescript-estree" "5.31.0" + "@typescript-eslint/scope-manager" "5.32.0" + "@typescript-eslint/types" "5.32.0" + "@typescript-eslint/typescript-estree" "5.32.0" debug "^4.3.4" "@typescript-eslint/scope-manager@4.33.0": @@ -2180,20 +2173,20 @@ "@typescript-eslint/types" "4.33.0" "@typescript-eslint/visitor-keys" "4.33.0" -"@typescript-eslint/scope-manager@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.31.0.tgz#f47a794ba84d9b818ab7f8f44fff55a61016c606" - integrity sha512-8jfEzBYDBG88rcXFxajdVavGxb5/XKXyvWgvD8Qix3EEJLCFIdVloJw+r9ww0wbyNLOTYyBsR+4ALNGdlalLLg== +"@typescript-eslint/scope-manager@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.32.0.tgz#763386e963a8def470580cc36cf9228864190b95" + integrity sha512-KyAE+tUON0D7tNz92p1uetRqVJiiAkeluvwvZOqBmW9z2XApmk5WSMV9FrzOroAcVxJZB3GfUwVKr98Dr/OjOg== dependencies: - "@typescript-eslint/types" "5.31.0" - "@typescript-eslint/visitor-keys" "5.31.0" + "@typescript-eslint/types" "5.32.0" + "@typescript-eslint/visitor-keys" "5.32.0" -"@typescript-eslint/type-utils@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.31.0.tgz#70a0b7201360b5adbddb0c36080495aa08f6f3d9" - integrity sha512-7ZYqFbvEvYXFn9ax02GsPcEOmuWNg+14HIf4q+oUuLnMbpJ6eHAivCg7tZMVwzrIuzX3QCeAOqKoyMZCv5xe+w== +"@typescript-eslint/type-utils@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.32.0.tgz#45a14506fe3fb908600b4cef2f70778f7b5cdc79" + integrity sha512-0gSsIhFDduBz3QcHJIp3qRCvVYbqzHg8D6bHFsDMrm0rURYDj+skBK2zmYebdCp+4nrd9VWd13egvhYFJj/wZg== dependencies: - "@typescript-eslint/utils" "5.31.0" + "@typescript-eslint/utils" "5.32.0" debug "^4.3.4" tsutils "^3.21.0" @@ -2202,10 +2195,10 @@ resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz#a1e59036a3b53ae8430ceebf2a919dc7f9af6d72" integrity sha512-zKp7CjQzLQImXEpLt2BUw1tvOMPfNoTAfb8l51evhYbOEEzdWyQNmHWWGPR6hwKJDAi+1VXSBmnhL9kyVTTOuQ== -"@typescript-eslint/types@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.31.0.tgz#7aa389122b64b18e473c1672fb3b8310e5f07a9a" - integrity sha512-/f/rMaEseux+I4wmR6mfpM2wvtNZb1p9hAV77hWfuKc3pmaANp5dLAZSiE3/8oXTYTt3uV9KW5yZKJsMievp6g== +"@typescript-eslint/types@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.32.0.tgz#484273021eeeae87ddb288f39586ef5efeb6dcd8" + integrity sha512-EBUKs68DOcT/EjGfzywp+f8wG9Zw6gj6BjWu7KV/IYllqKJFPlZlLSYw/PTvVyiRw50t6wVbgv4p9uE2h6sZrQ== "@typescript-eslint/typescript-estree@4.33.0", "@typescript-eslint/typescript-estree@^4.33.0": version "4.33.0" @@ -2220,28 +2213,28 @@ semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/typescript-estree@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.31.0.tgz#eb92970c9d6e3946690d50c346fb9b1d745ee882" - integrity sha512-3S625TMcARX71wBc2qubHaoUwMEn+l9TCsaIzYI/ET31Xm2c9YQ+zhGgpydjorwQO9pLfR/6peTzS/0G3J/hDw== +"@typescript-eslint/typescript-estree@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.32.0.tgz#282943f34babf07a4afa7b0ff347a8e7b6030d12" + integrity sha512-ZVAUkvPk3ITGtCLU5J4atCw9RTxK+SRc6hXqLtllC2sGSeMFWN+YwbiJR9CFrSFJ3w4SJfcWtDwNb/DmUIHdhg== dependencies: - "@typescript-eslint/types" "5.31.0" - "@typescript-eslint/visitor-keys" "5.31.0" + "@typescript-eslint/types" "5.32.0" + "@typescript-eslint/visitor-keys" "5.32.0" debug "^4.3.4" globby "^11.1.0" is-glob "^4.0.3" semver "^7.3.7" tsutils "^3.21.0" -"@typescript-eslint/utils@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.31.0.tgz#e146fa00dca948bfe547d665b2138a2dc1b79acd" - integrity sha512-kcVPdQS6VIpVTQ7QnGNKMFtdJdvnStkqS5LeALr4rcwx11G6OWb2HB17NMPnlRHvaZP38hL9iK8DdE9Fne7NYg== +"@typescript-eslint/utils@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.32.0.tgz#eccb6b672b94516f1afc6508d05173c45924840c" + integrity sha512-W7lYIAI5Zlc5K082dGR27Fczjb3Q57ECcXefKU/f0ajM5ToM0P+N9NmJWip8GmGu/g6QISNT+K6KYB+iSHjXCQ== dependencies: "@types/json-schema" "^7.0.9" - "@typescript-eslint/scope-manager" "5.31.0" - "@typescript-eslint/types" "5.31.0" - "@typescript-eslint/typescript-estree" "5.31.0" + "@typescript-eslint/scope-manager" "5.32.0" + "@typescript-eslint/types" "5.32.0" + "@typescript-eslint/typescript-estree" "5.32.0" eslint-scope "^5.1.1" eslint-utils "^3.0.0" @@ -2253,12 +2246,12 @@ "@typescript-eslint/types" "4.33.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@5.31.0": - version "5.31.0" - resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.31.0.tgz#b0eca264df01ce85dceb76aebff3784629258f54" - integrity sha512-ZK0jVxSjS4gnPirpVjXHz7mgdOsZUHzNYSfTw2yPa3agfbt9YfqaBiBZFSSxeBWnpWkzCxTfUpnzA3Vily/CSg== +"@typescript-eslint/visitor-keys@5.32.0": + version "5.32.0" + resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.32.0.tgz#b9715d0b11fdb5dd10fd0c42ff13987470525394" + integrity sha512-S54xOHZgfThiZ38/ZGTgB2rqx51CMJ5MCfVT2IplK4Q7hgzGfe0nLzLCcenDnc/cSjP568hdeKfeDcBgqNHD/g== dependencies: - "@typescript-eslint/types" "5.31.0" + "@typescript-eslint/types" "5.32.0" eslint-visitor-keys "^3.3.0" "@xmldom/xmldom@^0.8.2": @@ -2317,7 +2310,7 @@ acorn@^7.1.1, acorn@^7.4.0: resolved "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa" integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A== -acorn@^8.2.4, acorn@^8.4.1, acorn@^8.7.0, acorn@^8.7.1: +acorn@^8.2.4, acorn@^8.4.1, acorn@^8.7.0, acorn@^8.8.0: version "8.8.0" resolved "https://registry.npmjs.org/acorn/-/acorn-8.8.0.tgz#88c0187620435c7f6015803f5539dae05a9dbea8" integrity sha512-QOxyigPVrpZ2GXT+PFyZTl6TtOFc5egxHIP9IlQ+RbupQuX4RkT/Bee4/kQuC02Xkzg84JcT7oLYtDIQxp+v7w== @@ -2489,9 +2482,9 @@ archy@^1.0.0: integrity sha512-Xg+9RwCg/0p32teKdGMPTPnVXKD0w3DfHnFTficozsAgsvq2XenPJq/MYpzzQ/v8zrOyJn6Ds39VA4JIDwFfqw== are-we-there-yet@^3.0.0: - version "3.0.0" - resolved "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-3.0.0.tgz#ba20bd6b553e31d62fc8c31bd23d22b95734390d" - integrity sha512-0GWpv50YSOcLXaN6/FAKY3vfRbllXWV2xvfA/oKJF8pzFhWXPV+yjhJXDBbjscDYowv7Yw1A3uigpzn5iEGTyw== + version "3.0.1" + resolved "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-3.0.1.tgz#679df222b278c64f2cdba1175cdc00b0d96164bd" + integrity sha512-QZW4EDmGwlYur0Yyf/b2uGucHQMa8aFUP7eu9ddR73vvhFyt4V0Vl3QHPcTNJ8l6qYOBdxgXdnBXQrHilfRQBg== dependencies: delegates "^1.0.0" readable-stream "^3.6.0" @@ -2657,9 +2650,9 @@ aws-sdk-mock@5.6.0: traverse "^0.6.6" aws-sdk@^2.1093.0, aws-sdk@^2.596.0, aws-sdk@^2.848.0, aws-sdk@^2.928.0: - version "2.1182.0" - resolved "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1182.0.tgz#7364e3e104f62b61018a00f19f2ffc989b1780ed" - integrity sha512-iemVvLTc2iy0rz3xTp8zc/kD27gIfDF/mk6bxY8/35xMulKCVANWUkAH8jWRKReHh5F/gX4bp33dnfG63ny1Ww== + version "2.1187.0" + resolved "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1187.0.tgz#eb928d64305630f53b8f6dad5c7b91fec8f04622" + integrity sha512-QcxQ3asIhH9QQnN/5JO3MaHRjwcy3/AsBzcAjPU+lHZGV0drnuDmg3ZkZuAa/mOgQ3MEi68G3gYD+481QJgnMg== dependencies: buffer "4.9.2" events "1.1.1" @@ -3027,9 +3020,9 @@ camelcase@^6.2.0, camelcase@^6.3.0: integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== caniuse-lite@^1.0.30001370: - version "1.0.30001370" - resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001370.tgz#0a30d4f20d38b9e108cc5ae7cc62df9fe66cd5ba" - integrity sha512-3PDmaP56wz/qz7G508xzjx8C+MC2qEm4SYhSEzC9IBROo+dGXFWRuaXkWti0A9tuI00g+toiriVqxtWMgl350g== + version "1.0.30001373" + resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001373.tgz#2dc3bc3bfcb5d5a929bec11300883040d7b4b4be" + integrity sha512-pJYArGHrPp3TUqQzFYRmP/lwJlj8RCbVe3Gd3eJQkAV8SAC6b19XS9BjMvRdvaS8RMkaTN8ZhoHP6S1y8zzwEQ== case@1.6.3, case@^1.6.3: version "1.6.3" @@ -3041,16 +3034,16 @@ caseless@~0.12.0: resolved "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" integrity sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw== -cdk-generate-synthetic-examples@^0.1.12: - version "0.1.12" - resolved "https://registry.npmjs.org/cdk-generate-synthetic-examples/-/cdk-generate-synthetic-examples-0.1.12.tgz#2b617559b06ab8ab584a8f419188926a4ecae2de" - integrity sha512-2zE3jjiXHohn4y171o3Cr5opp+G0fpIyCUmbr5PeNLQqBFKC0jOA3WxZStj1pcIjP6q6h13T47WYTsPeyznVzw== +cdk-generate-synthetic-examples@^0.1.14: + version "0.1.14" + resolved "https://registry.npmjs.org/cdk-generate-synthetic-examples/-/cdk-generate-synthetic-examples-0.1.14.tgz#2591f1b889182df9923c6e5206eff3af57f8ff68" + integrity sha512-VveJpeYdfVbh4sw7/FzOtggeUfSzTiAoI7MO4M3ZEcIZDZwIm6yGnX544zgS1+iH1bSyqrGPN8DArcQLftYByg== dependencies: - "@jsii/spec" "^1.59.0" + "@jsii/spec" "^1.63.2" fs-extra "^10.1.0" - jsii "^1.59.0" - jsii-reflect "^1.59.0" - jsii-rosetta "^1.59.0" + jsii "^1.63.2" + jsii-reflect "^1.63.2" + jsii-rosetta "^1.63.2" yargs "^17.5.1" cdk8s-plus-21@^2.0.0-beta.12: @@ -3061,10 +3054,10 @@ cdk8s-plus-21@^2.0.0-beta.12: minimatch "^3.1.2" safe-stable-stringify "*" -cdk8s@^2.3.67: - version "2.3.67" - resolved "https://registry.npmjs.org/cdk8s/-/cdk8s-2.3.67.tgz#7309ccb5f6aa2a87c4032d37894d247de723a433" - integrity sha512-v0UKulLRYP9JZseMOLQpTtcT27ooOgd88FrGF77w8ZF3g6vSNdGhK/xrQ7/g1u61uXmCC+vXZkncaUpF3cH4Vw== +cdk8s@^2.3.74: + version "2.3.74" + resolved "https://registry.npmjs.org/cdk8s/-/cdk8s-2.3.74.tgz#4166ccd5be22747f03e0960107d624aec2576f95" + integrity sha512-mlODV+rIIoxuywZYsxtPbpi8xzCEQ6v4nJkGIsSzMYiv0tXGuPCkzn309I8Q3vFH18VRxXPLrKkXcXnSe0+OEw== dependencies: fast-json-patch "^3.1.1" follow-redirects "^1.15.1" @@ -3256,19 +3249,10 @@ co@^4.6.0: resolved "https://registry.npmjs.org/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ== -codemaker@^1.62.0, codemaker@^1.63.1: - version "1.63.1" - resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.63.1.tgz#b3e4caa84d22d919097d167e96d2186309f2493e" - integrity sha512-DkWzb+gS5Khd8VvAgQqUDiT5XRCYiwD1UIkSuGlSTtEGVL5X1TlcQHs9pgmyFiCjTZXvZl4Ax0CSQs7iuibefA== - dependencies: - camelcase "^6.3.0" - decamelize "^5.0.1" - fs-extra "^10.1.0" - -codemaker@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.63.0.tgz#5bb481b88e19dcdd762d67f77124eb8e5811e064" - integrity sha512-W0IxJ5lUGLH3A3L1hGrNEh1zbAWa3xWnncF/WmO0+4uD+3+MvaNjvMH9PZ91GgsXeNPr2+vDYXvfihHOJ5AzZg== +codemaker@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.63.2.tgz#135ec2b19af1c21a522526f26f91bc37885cfd4b" + integrity sha512-cb0fQK8kHE7NVl4V98evbDhEwXsObujJLVGbQJXJ1W9O2c6DTKzJ0hct+NnQqAEaAgll9qUJbWxTsIlSoqLOsQ== dependencies: camelcase "^6.3.0" decamelize "^5.0.1" @@ -3417,9 +3401,9 @@ console-control-strings@^1.0.0, console-control-strings@^1.1.0, console-control- integrity sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ== constructs@^10.0.0: - version "10.1.58" - resolved "https://registry.npmjs.org/constructs/-/constructs-10.1.58.tgz#f52a545d425407dafc8540409f0f0c1a373cd443" - integrity sha512-34ehg9DBhjoWcaaehSn0B8V0U+wh9OO6sam/fiCxKdOsFw+sG3ZSsH1JU/mqlt+r01WTJrvc0aZ86GKItrM4LA== + version "10.1.65" + resolved "https://registry.npmjs.org/constructs/-/constructs-10.1.65.tgz#383ca30b71e6f47d7f6c66ac1389498a93e16c72" + integrity sha512-GTb1xCN4CcUW4UxMvEGqVpmOZsEZYaE3kFN/KHAGTX2eCbMwrJaruEURyB7yttAdkOTwCkmPPDoWhRUMerKDfw== conventional-changelog-angular@^5.0.12: version "5.0.13" @@ -4132,9 +4116,9 @@ ecc-jsbn@~0.1.1: safer-buffer "^2.1.0" electron-to-chromium@^1.4.202: - version "1.4.202" - resolved "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.202.tgz#0c2ed733f42b02ec49a955c5badfcc65888c390b" - integrity sha512-JYsK2ex9lmQD27kj19fhXYxzFJ/phLAkLKHv49A5UY6kMRV2xED3qMMLg/voW/+0AR6wMiI+VxlmK9NDtdxlPA== + version "1.4.210" + resolved "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.210.tgz#12611fe874b833a3bf3671438b5893aba7858980" + integrity sha512-kSiX4tuyZijV7Cz0MWVmGT8K2siqaOA4Z66K5dCttPPRh0HicOcOAEj1KlC8O8J1aOS/1M8rGofOzksLKaHWcQ== emittery@^0.8.1: version "0.8.1" @@ -4258,9 +4242,9 @@ es-to-primitive@^1.2.1: is-symbol "^1.0.2" es5-ext@^0.10.35, es5-ext@^0.10.46, es5-ext@^0.10.50, es5-ext@^0.10.53, es5-ext@^0.10.61, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46: - version "0.10.61" - resolved "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.61.tgz#311de37949ef86b6b0dcea894d1ffedb909d3269" - integrity sha512-yFhIqQAzu2Ca2I4SE2Au3rxVfmohU9Y7wqGR+s7+H7krk26NXhIRAZDgqd6xqjCEFUomDEA3/Bo/7fKmIkW1kA== + version "0.10.62" + resolved "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5" + integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA== dependencies: es6-iterator "^2.0.3" es6-symbol "^3.1.3" @@ -4298,131 +4282,132 @@ es6-weak-map@^2.0.3: es6-iterator "^2.0.3" es6-symbol "^3.1.1" -esbuild-android-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-android-64/-/esbuild-android-64-0.14.50.tgz#a46fc80fa2007690e647680d837483a750a3097f" - integrity sha512-H7iUEm7gUJHzidsBlFPGF6FTExazcgXL/46xxLo6i6bMtPim6ZmXyTccS8yOMpy6HAC6dPZ/JCQqrkkin69n6Q== - -esbuild-android-arm64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-android-arm64/-/esbuild-android-arm64-0.14.50.tgz#bdda7851fa7f5f770d6ff0ad593a8945d3a0fcdd" - integrity sha512-NFaoqEwa+OYfoYVpQWDMdKII7wZZkAjtJFo1WdnBeCYlYikvUhTnf2aPwPu5qEAw/ie1NYK0yn3cafwP+kP+OQ== - -esbuild-darwin-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-darwin-64/-/esbuild-darwin-64-0.14.50.tgz#f0535435f9760766f30db14a991ee5ca94c022a4" - integrity sha512-gDQsCvGnZiJv9cfdO48QqxkRV8oKAXgR2CGp7TdIpccwFdJMHf8hyIJhMW/05b/HJjET/26Us27Jx91BFfEVSA== - -esbuild-darwin-arm64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-darwin-arm64/-/esbuild-darwin-arm64-0.14.50.tgz#76a41a40e8947a15ae62970e9ed2853883c4b16c" - integrity sha512-36nNs5OjKIb/Q50Sgp8+rYW/PqirRiFN0NFc9hEvgPzNJxeJedktXwzfJSln4EcRFRh5Vz4IlqFRScp+aiBBzA== - -esbuild-freebsd-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-freebsd-64/-/esbuild-freebsd-64-0.14.50.tgz#2ed6633c17ed42c20a1bd68e82c4bbc75ea4fb57" - integrity sha512-/1pHHCUem8e/R86/uR+4v5diI2CtBdiWKiqGuPa9b/0x3Nwdh5AOH7lj+8823C6uX1e0ufwkSLkS+aFZiBCWxA== - -esbuild-freebsd-arm64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-freebsd-arm64/-/esbuild-freebsd-arm64-0.14.50.tgz#cb115f4cdafe9cdbe58875ba482fccc54d32aa43" - integrity sha512-iKwUVMQztnPZe5pUYHdMkRc9aSpvoV1mkuHlCoPtxZA3V+Kg/ptpzkcSY+fKd0kuom+l6Rc93k0UPVkP7xoqrw== - -esbuild-linux-32@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-32/-/esbuild-linux-32-0.14.50.tgz#fe2b724994dcf1d4e48dc4832ff008ad7d00bcfd" - integrity sha512-sWUwvf3uz7dFOpLzYuih+WQ7dRycrBWHCdoXJ4I4XdMxEHCECd8b7a9N9u7FzT6XR2gHPk9EzvchQUtiEMRwqw== - -esbuild-linux-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-64/-/esbuild-linux-64-0.14.50.tgz#7851ab5151df9501a2187bd4909c594ad232b623" - integrity sha512-u0PQxPhaeI629t4Y3EEcQ0wmWG+tC/LpP2K7yDFvwuPq0jSQ8SIN+ARNYfRjGW15O2we3XJvklbGV0wRuUCPig== - -esbuild-linux-arm64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-arm64/-/esbuild-linux-arm64-0.14.50.tgz#76a76afef484a0512f1fbbcc762edd705dee8892" - integrity sha512-ZyfoNgsTftD7Rp5S7La5auomKdNeB3Ck+kSKXC4pp96VnHyYGjHHXWIlcbH8i+efRn9brszo1/Thl1qn8RqmhQ== - -esbuild-linux-arm@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-arm/-/esbuild-linux-arm-0.14.50.tgz#6d7a8c0712091b0c3a668dd5d8b5c924adbaeb12" - integrity sha512-VALZq13bhmFJYFE/mLEb+9A0w5vo8z+YDVOWeaf9vOTrSC31RohRIwtxXBnVJ7YKLYfEMzcgFYf+OFln3Y0cWg== - -esbuild-linux-mips64le@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-mips64le/-/esbuild-linux-mips64le-0.14.50.tgz#43426909c1884c5dc6b40765673a08a7ec1d2064" - integrity sha512-ygo31Vxn/WrmjKCHkBoutOlFG5yM9J2UhzHb0oWD9O61dGg+Hzjz9hjf5cmM7FBhAzdpOdEWHIrVOg2YAi6rTw== - -esbuild-linux-ppc64le@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-ppc64le/-/esbuild-linux-ppc64le-0.14.50.tgz#c754ea3da1dd180c6e9b6b508dc18ce983d92b11" - integrity sha512-xWCKU5UaiTUT6Wz/O7GKP9KWdfbsb7vhfgQzRfX4ahh5NZV4ozZ4+SdzYG8WxetsLy84UzLX3Pi++xpVn1OkFQ== - -esbuild-linux-riscv64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-riscv64/-/esbuild-linux-riscv64-0.14.50.tgz#f3b2dd3c4c2b91bf191d3b98a9819c8aa6f5ad7f" - integrity sha512-0+dsneSEihZTopoO9B6Z6K4j3uI7EdxBP7YSF5rTwUgCID+wHD3vM1gGT0m+pjCW+NOacU9kH/WE9N686FHAJg== - -esbuild-linux-s390x@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-linux-s390x/-/esbuild-linux-s390x-0.14.50.tgz#3dfbc4578b2a81995caabb79df2b628ea86a5390" - integrity sha512-tVjqcu8o0P9H4StwbIhL1sQYm5mWATlodKB6dpEZFkcyTI8kfIGWiWcrGmkNGH2i1kBUOsdlBafPxR3nzp3TDA== - -esbuild-netbsd-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-netbsd-64/-/esbuild-netbsd-64-0.14.50.tgz#17dbf51eaa48d983e794b588d195415410ef8c85" - integrity sha512-0R/glfqAQ2q6MHDf7YJw/TulibugjizBxyPvZIcorH0Mb7vSimdHy0XF5uCba5CKt+r4wjax1mvO9lZ4jiAhEg== - -esbuild-openbsd-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-openbsd-64/-/esbuild-openbsd-64-0.14.50.tgz#cf6b1a50c8cf67b0725aaa4bce9773976168c50e" - integrity sha512-7PAtmrR5mDOFubXIkuxYQ4bdNS6XCK8AIIHUiZxq1kL8cFIH5731jPcXQ4JNy/wbj1C9sZ8rzD8BIM80Tqk29w== - -esbuild-sunos-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-sunos-64/-/esbuild-sunos-64-0.14.50.tgz#f705ae0dd914c3b45dc43319c4f532216c3d841f" - integrity sha512-gBxNY/wyptvD7PkHIYcq7se6SQEXcSC8Y7mE0FJB+CGgssEWf6vBPfTTZ2b6BWKnmaP6P6qb7s/KRIV5T2PxsQ== - -esbuild-windows-32@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-windows-32/-/esbuild-windows-32-0.14.50.tgz#6364905a99c1e6c1e2fe7bfccebd958131b1cd6c" - integrity sha512-MOOe6J9cqe/iW1qbIVYSAqzJFh0p2LBLhVUIWdMVnNUNjvg2/4QNX4oT4IzgDeldU+Bym9/Tn6+DxvUHJXL5Zw== - -esbuild-windows-64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-windows-64/-/esbuild-windows-64-0.14.50.tgz#56603cb6367e30d14098deb77de6aa18d76dd89b" - integrity sha512-r/qE5Ex3w1jjGv/JlpPoWB365ldkppUlnizhMxJgojp907ZF1PgLTuW207kgzZcSCXyquL9qJkMsY+MRtaZ5yQ== - -esbuild-windows-arm64@0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild-windows-arm64/-/esbuild-windows-arm64-0.14.50.tgz#e7ddde6a97194051a5a4ac05f4f5900e922a7ea5" - integrity sha512-EMS4lQnsIe12ZyAinOINx7eq2mjpDdhGZZWDwPZE/yUTN9cnc2Ze/xUTYIAyaJqrqQda3LnDpADKpvLvol6ENQ== - -esbuild@^0.14.50: - version "0.14.50" - resolved "https://registry.npmjs.org/esbuild/-/esbuild-0.14.50.tgz#7a665392c8df94bf6e1ae1e999966a5ee62c6cbc" - integrity sha512-SbC3k35Ih2IC6trhbMYW7hYeGdjPKf9atTKwBUHqMCYFZZ9z8zhuvfnZihsnJypl74FjiAKjBRqFkBkAd0rS/w== +esbuild-android-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-android-64/-/esbuild-android-64-0.14.53.tgz#259bc3ef1399a3cad8f4f67c40ee20779c4de675" + integrity sha512-fIL93sOTnEU+NrTAVMIKiAw0YH22HWCAgg4N4Z6zov2t0kY9RAJ50zY9ZMCQ+RT6bnOfDt8gCTnt/RaSNA2yRA== + +esbuild-android-arm64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-android-arm64/-/esbuild-android-arm64-0.14.53.tgz#2158253d4e8f9fdd2a081bbb4f73b8806178841e" + integrity sha512-PC7KaF1v0h/nWpvlU1UMN7dzB54cBH8qSsm7S9mkwFA1BXpaEOufCg8hdoEI1jep0KeO/rjZVWrsH8+q28T77A== + +esbuild-darwin-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-darwin-64/-/esbuild-darwin-64-0.14.53.tgz#b4681831fd8f8d06feb5048acbe90d742074cc2a" + integrity sha512-gE7P5wlnkX4d4PKvLBUgmhZXvL7lzGRLri17/+CmmCzfncIgq8lOBvxGMiQ4xazplhxq+72TEohyFMZLFxuWvg== + +esbuild-darwin-arm64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-darwin-arm64/-/esbuild-darwin-arm64-0.14.53.tgz#d267d957852d121b261b3f76ead86e5b5463acc9" + integrity sha512-otJwDU3hnI15Q98PX4MJbknSZ/WSR1I45il7gcxcECXzfN4Mrpft5hBDHXNRnCh+5858uPXBXA1Vaz2jVWLaIA== + +esbuild-freebsd-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-freebsd-64/-/esbuild-freebsd-64-0.14.53.tgz#aca2af6d72b537fe66a38eb8f374fb66d4c98ca0" + integrity sha512-WkdJa8iyrGHyKiPF4lk0MiOF87Q2SkE+i+8D4Cazq3/iqmGPJ6u49je300MFi5I2eUsQCkaOWhpCVQMTKGww2w== + +esbuild-freebsd-arm64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-freebsd-arm64/-/esbuild-freebsd-arm64-0.14.53.tgz#76282e19312d914c34343c8a7da6cc5f051580b9" + integrity sha512-9T7WwCuV30NAx0SyQpw8edbKvbKELnnm1FHg7gbSYaatH+c8WJW10g/OdM7JYnv7qkimw2ZTtSA+NokOLd2ydQ== + +esbuild-linux-32@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-32/-/esbuild-linux-32-0.14.53.tgz#1045d34cf7c5faaf2af3b29cc1573b06580c37e5" + integrity sha512-VGanLBg5en2LfGDgLEUxQko2lqsOS7MTEWUi8x91YmsHNyzJVT/WApbFFx3MQGhkf+XdimVhpyo5/G0PBY91zg== + +esbuild-linux-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-64/-/esbuild-linux-64-0.14.53.tgz#ab3f2ee2ebb5a6930c72d9539cb34b428808cbe4" + integrity sha512-pP/FA55j/fzAV7N9DF31meAyjOH6Bjuo3aSKPh26+RW85ZEtbJv9nhoxmGTd9FOqjx59Tc1ZbrJabuiXlMwuZQ== + +esbuild-linux-arm64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-arm64/-/esbuild-linux-arm64-0.14.53.tgz#1f5530412f6690949e78297122350488d3266cfe" + integrity sha512-GDmWITT+PMsjCA6/lByYk7NyFssW4Q6in32iPkpjZ/ytSyH+xeEx8q7HG3AhWH6heemEYEWpTll/eui3jwlSnw== + +esbuild-linux-arm@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-arm/-/esbuild-linux-arm-0.14.53.tgz#a44ec9b5b42007ab6c0d65a224ccc6bbd97c54cf" + integrity sha512-/u81NGAVZMopbmzd21Nu/wvnKQK3pT4CrvQ8BTje1STXcQAGnfyKgQlj3m0j2BzYbvQxSy+TMck4TNV2onvoPA== + +esbuild-linux-mips64le@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-mips64le/-/esbuild-linux-mips64le-0.14.53.tgz#a4d0b6b17cfdeea4e41b0b085a5f73d99311be9f" + integrity sha512-d6/XHIQW714gSSp6tOOX2UscedVobELvQlPMkInhx1NPz4ThZI9uNLQ4qQJHGBGKGfu+rtJsxM4NVHLhnNRdWQ== + +esbuild-linux-ppc64le@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-ppc64le/-/esbuild-linux-ppc64le-0.14.53.tgz#8c331822c85465434e086e3e6065863770c38139" + integrity sha512-ndnJmniKPCB52m+r6BtHHLAOXw+xBCWIxNnedbIpuREOcbSU/AlyM/2dA3BmUQhsHdb4w3amD5U2s91TJ3MzzA== + +esbuild-linux-riscv64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-riscv64/-/esbuild-linux-riscv64-0.14.53.tgz#36fd75543401304bea8a2d63bf8ea18aaa508e00" + integrity sha512-yG2sVH+QSix6ct4lIzJj329iJF3MhloLE6/vKMQAAd26UVPVkhMFqFopY+9kCgYsdeWvXdPgmyOuKa48Y7+/EQ== + +esbuild-linux-s390x@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-linux-s390x/-/esbuild-linux-s390x-0.14.53.tgz#1622677ab6824123f48f75d3afc031cd41936129" + integrity sha512-OCJlgdkB+XPYndHmw6uZT7jcYgzmx9K+28PVdOa/eLjdoYkeAFvH5hTwX4AXGLZLH09tpl4bVsEtvuyUldaNCg== + +esbuild-netbsd-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-netbsd-64/-/esbuild-netbsd-64-0.14.53.tgz#e86d0efd0116658be335492ed12e66b26b4baf52" + integrity sha512-gp2SB+Efc7MhMdWV2+pmIs/Ja/Mi5rjw+wlDmmbIn68VGXBleNgiEZG+eV2SRS0kJEUyHNedDtwRIMzaohWedQ== + +esbuild-openbsd-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-openbsd-64/-/esbuild-openbsd-64-0.14.53.tgz#9bcbbe6f86304872c6e91f64c8eb73fc29c3588b" + integrity sha512-eKQ30ZWe+WTZmteDYg8S+YjHV5s4iTxeSGhJKJajFfQx9TLZJvsJX0/paqwP51GicOUruFpSUAs2NCc0a4ivQQ== + +esbuild-sunos-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-sunos-64/-/esbuild-sunos-64-0.14.53.tgz#f7a872f7460bfb7b131f7188a95fbce3d1c577e8" + integrity sha512-OWLpS7a2FrIRukQqcgQqR1XKn0jSJoOdT+RlhAxUoEQM/IpytS3FXzCJM6xjUYtpO5GMY0EdZJp+ur2pYdm39g== + +esbuild-windows-32@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-windows-32/-/esbuild-windows-32-0.14.53.tgz#c5e3ca50e2d1439cc2c9fe4defa63bcd474ce709" + integrity sha512-m14XyWQP5rwGW0tbEfp95U6A0wY0DYPInWBB7D69FAXUpBpBObRoGTKRv36lf2RWOdE4YO3TNvj37zhXjVL5xg== + +esbuild-windows-64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-windows-64/-/esbuild-windows-64-0.14.53.tgz#ec2ab4a60c5215f092ffe1eab6d01319e88238af" + integrity sha512-s9skQFF0I7zqnQ2K8S1xdLSfZFsPLuOGmSx57h2btSEswv0N0YodYvqLcJMrNMXh6EynOmWD7rz+0rWWbFpIHQ== + +esbuild-windows-arm64@0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild-windows-arm64/-/esbuild-windows-arm64-0.14.53.tgz#f71d403806bdf9f4a1f9d097db9aec949bd675c8" + integrity sha512-E+5Gvb+ZWts+00T9II6wp2L3KG2r3iGxByqd/a1RmLmYWVsSVUjkvIxZuJ3hYTIbhLkH5PRwpldGTKYqVz0nzQ== + +esbuild@^0.14.53: + version "0.14.53" + resolved "https://registry.npmjs.org/esbuild/-/esbuild-0.14.53.tgz#20b1007f686e8584f2a01a1bec5a37aac9498ce4" + integrity sha512-ohO33pUBQ64q6mmheX1mZ8mIXj8ivQY/L4oVuAshr+aJI+zLl+amrp3EodrUNDNYVrKJXGPfIHFGhO8slGRjuw== optionalDependencies: - esbuild-android-64 "0.14.50" - esbuild-android-arm64 "0.14.50" - esbuild-darwin-64 "0.14.50" - esbuild-darwin-arm64 "0.14.50" - esbuild-freebsd-64 "0.14.50" - esbuild-freebsd-arm64 "0.14.50" - esbuild-linux-32 "0.14.50" - esbuild-linux-64 "0.14.50" - esbuild-linux-arm "0.14.50" - esbuild-linux-arm64 "0.14.50" - esbuild-linux-mips64le "0.14.50" - esbuild-linux-ppc64le "0.14.50" - esbuild-linux-riscv64 "0.14.50" - esbuild-linux-s390x "0.14.50" - esbuild-netbsd-64 "0.14.50" - esbuild-openbsd-64 "0.14.50" - esbuild-sunos-64 "0.14.50" - esbuild-windows-32 "0.14.50" - esbuild-windows-64 "0.14.50" - esbuild-windows-arm64 "0.14.50" + "@esbuild/linux-loong64" "0.14.53" + esbuild-android-64 "0.14.53" + esbuild-android-arm64 "0.14.53" + esbuild-darwin-64 "0.14.53" + esbuild-darwin-arm64 "0.14.53" + esbuild-freebsd-64 "0.14.53" + esbuild-freebsd-arm64 "0.14.53" + esbuild-linux-32 "0.14.53" + esbuild-linux-64 "0.14.53" + esbuild-linux-arm "0.14.53" + esbuild-linux-arm64 "0.14.53" + esbuild-linux-mips64le "0.14.53" + esbuild-linux-ppc64le "0.14.53" + esbuild-linux-riscv64 "0.14.53" + esbuild-linux-s390x "0.14.53" + esbuild-netbsd-64 "0.14.53" + esbuild-openbsd-64 "0.14.53" + esbuild-sunos-64 "0.14.53" + esbuild-windows-32 "0.14.53" + esbuild-windows-64 "0.14.53" + esbuild-windows-arm64 "0.14.53" escalade@^3.1.1: version "3.1.1" @@ -4658,12 +4643,13 @@ eslint@^7.32.0: v8-compile-cache "^2.0.3" eslint@^8: - version "8.20.0" - resolved "https://registry.npmjs.org/eslint/-/eslint-8.20.0.tgz#048ac56aa18529967da8354a478be4ec0a2bc81b" - integrity sha512-d4ixhz5SKCa1D6SCPrivP7yYVi7nyD6A4vs6HIAul9ujBzcEmZVM3/0NN/yu5nKhmO1wjp5xQ46iRfmDGlOviA== + version "8.21.0" + resolved "https://registry.npmjs.org/eslint/-/eslint-8.21.0.tgz#1940a68d7e0573cef6f50037addee295ff9be9ef" + integrity sha512-/XJ1+Qurf1T9G2M5IHrsjp+xrGT73RZf23xA1z5wB1ZzzEAWSZKvRwhWxTFp1rvkvCfwcvAUNAP31bhKTTGfDA== dependencies: "@eslint/eslintrc" "^1.3.0" - "@humanwhocodes/config-array" "^0.9.2" + "@humanwhocodes/config-array" "^0.10.4" + "@humanwhocodes/gitignore-to-minimatch" "^1.0.2" ajv "^6.10.0" chalk "^4.0.0" cross-spawn "^7.0.2" @@ -4673,14 +4659,17 @@ eslint@^8: eslint-scope "^7.1.1" eslint-utils "^3.0.0" eslint-visitor-keys "^3.3.0" - espree "^9.3.2" + espree "^9.3.3" esquery "^1.4.0" esutils "^2.0.2" fast-deep-equal "^3.1.3" file-entry-cache "^6.0.1" + find-up "^5.0.0" functional-red-black-tree "^1.0.1" glob-parent "^6.0.1" globals "^13.15.0" + globby "^11.1.0" + grapheme-splitter "^1.0.4" ignore "^5.2.0" import-fresh "^3.0.0" imurmurhash "^0.1.4" @@ -4707,12 +4696,12 @@ espree@^7.3.0, espree@^7.3.1: acorn-jsx "^5.3.1" eslint-visitor-keys "^1.3.0" -espree@^9.3.2: - version "9.3.2" - resolved "https://registry.npmjs.org/espree/-/espree-9.3.2.tgz#f58f77bd334731182801ced3380a8cc859091596" - integrity sha512-D211tC7ZwouTIuY5x9XnS0E9sWNChB7IYKX/Xp5eQj3nFXhqmiUDB9q27y76oFl8jTg3pXcQx/bpxMfs3CIZbA== +espree@^9.3.2, espree@^9.3.3: + version "9.3.3" + resolved "https://registry.npmjs.org/espree/-/espree-9.3.3.tgz#2dd37c4162bb05f433ad3c1a52ddf8a49dc08e9d" + integrity sha512-ORs1Rt/uQTqUKjDdGCyrtYxbazf5umATSf/K4qxjmZHORR6HJk+2s/2Pqe+Kk49HHINC/xNIrGfgh8sZcll0ng== dependencies: - acorn "^8.7.1" + acorn "^8.8.0" acorn-jsx "^5.3.2" eslint-visitor-keys "^3.3.0" @@ -5491,6 +5480,11 @@ graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6 resolved "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c" integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== +grapheme-splitter@^1.0.4: + version "1.0.4" + resolved "https://registry.npmjs.org/grapheme-splitter/-/grapheme-splitter-1.0.4.tgz#9cf3a665c6247479896834af35cf1dbb4400767e" + integrity sha512-bzh50DW9kTPM00T8y4o8vQg89Di9oLJVLW/KaOGIXJWP/iqCN6WKYkbNOF04vFLJhwcpYUh9ydh/+5vpOqV4YQ== + graphviz@0.0.9: version "0.0.9" resolved "https://registry.npmjs.org/graphviz/-/graphviz-0.0.9.tgz#0bbf1df588c6a92259282da35323622528c4bbc4" @@ -6786,73 +6780,61 @@ jsesc@^2.5.1: resolved "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.63.0.tgz#bf76ede5aab005d46fd1e41aabee8206fb256506" - integrity sha512-bk3gDnaytYuLX1WzuLRPmstHbYhqgLTpbh6uN9w3RG1xl04/mv/qsaIJT/JkQtcuQWdtDAfn7LWDvXzCLo+BSQ== +jsii-diff@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.63.2.tgz#94c9f474b31abde0da84b7d95a18c8b07e133515" + integrity sha512-kBOcFD+JBxZTWEx40VSL+0OmC8pmYe4zZ+OA+QvjVfYcfhpD8LUvMrJlSa6huO9vNVu8q9R6S6Lzt1F4jTsq8g== dependencies: - "@jsii/check-node" "1.63.0" - "@jsii/spec" "^1.63.0" + "@jsii/check-node" "1.63.2" + "@jsii/spec" "^1.63.2" fs-extra "^10.1.0" - jsii-reflect "^1.63.0" - log4js "^6.6.0" + jsii-reflect "^1.63.2" + log4js "^6.6.1" yargs "^16.2.0" -jsii-pacmak@1.62.0, jsii-pacmak@^1.62.0: - version "1.62.0" - resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.62.0.tgz#f95702c21555e66025a0c73ec43b3108b97d210b" - integrity sha512-WL0+QMJHtjaFrDRm8qiBcjUqG/Cio1QJa7up3WCHOFATMAyrpX+cGXA3nfPpTv1xq7nAA7XJgVQv2OIpBR0syQ== +jsii-pacmak@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.63.2.tgz#e42f62e2319c12049eafc669730ba0d37be47e81" + integrity sha512-pIHkmLXlLqaTdKW7ALzRrBXRkQayA5kQ8rAvbXu50C1UDPV0CIZuXftC1BeHgRqfQNmGluX0PsTcF0jF2zyfBw== dependencies: - "@jsii/check-node" "1.62.0" - "@jsii/spec" "^1.62.0" + "@jsii/check-node" "1.63.2" + "@jsii/spec" "^1.63.2" clone "^2.1.2" - codemaker "^1.62.0" + codemaker "^1.63.2" commonmark "^0.30.0" escape-string-regexp "^4.0.0" fs-extra "^10.1.0" - jsii-reflect "^1.62.0" - jsii-rosetta "^1.62.0" + jsii-reflect "^1.63.2" + jsii-rosetta "^1.63.2" semver "^7.3.7" spdx-license-list "^6.6.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.59.0, jsii-reflect@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.63.0.tgz#0cf669bbf85cba1a758f0ca4c56b074af2d47fe5" - integrity sha512-ToBZLo8r6HWER1NbKxwo4bZW1wWwW8YdCujBk2BBI48v5tpVStwSQqmUWKoVeuR4bjWPC9yccuAjtrfbxE2YaA== - dependencies: - "@jsii/check-node" "1.63.0" - "@jsii/spec" "^1.63.0" - chalk "^4" - fs-extra "^10.1.0" - oo-ascii-tree "^1.63.0" - yargs "^16.2.0" - -jsii-reflect@^1.62.0, jsii-reflect@^1.63.1: - version "1.63.1" - resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.63.1.tgz#f24b346ddc85b648eb80236e43efe7f18ec54f21" - integrity sha512-4tka0fPDR93UBXggTCyzKBJWsxjfV2lVcD6ulIODSLfXfHHc/0oAxEW7nbOJWA30LeUCuMMRvhGjLA0NO1A08Q== +jsii-reflect@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.63.2.tgz#1f8d130a1cb5a03b30651543dd52c77eb9f620fe" + integrity sha512-eawNN/ySYVznYY2ZJYe5FNcSly12KgC8/MBDl4qln3daag3Ts/d7ocfbS9sjFayn4AhBojq1h1DDs8sjoG38Kg== dependencies: - "@jsii/check-node" "1.63.1" - "@jsii/spec" "^1.63.1" + "@jsii/check-node" "1.63.2" + "@jsii/spec" "^1.63.2" chalk "^4" fs-extra "^10.1.0" - oo-ascii-tree "^1.63.1" + oo-ascii-tree "^1.63.2" yargs "^16.2.0" -jsii-rosetta@^1.59.0, jsii-rosetta@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.63.0.tgz#e491a3543601e9a5b5874fd5b44ab4b8233778c4" - integrity sha512-/p75Ev72M5dED3gaKLOfhLP2qM7FA2mlTjGoRQleYZS+D8GB7OsuFkGs8J4pKkfj2olOOvFYWnUaGPt28E8Oaw== +jsii-rosetta@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.63.2.tgz#42c1ee7a418392f0dcee8fa89277559871b76117" + integrity sha512-cBl8uAtNYuWqrwGue2Sr7cdgPhWx/QiAAE70lDec0OtBSNdGq0MUA04GD1/peQw4LPhE+1ikdeyspJYJaTtQgg== dependencies: - "@jsii/check-node" "1.63.0" - "@jsii/spec" "1.63.0" + "@jsii/check-node" "1.63.2" + "@jsii/spec" "1.63.2" "@xmldom/xmldom" "^0.8.2" commonmark "^0.30.0" fast-glob "^3.2.11" fs-extra "^10.1.0" - jsii "1.63.0" + jsii "1.63.2" semver "^7.3.7" semver-intersect "^1.4.0" sort-json "^2.0.1" @@ -6860,56 +6842,18 @@ jsii-rosetta@^1.59.0, jsii-rosetta@^1.63.0: workerpool "^6.2.1" yargs "^16.2.0" -jsii-rosetta@^1.62.0, jsii-rosetta@^1.63.1: - version "1.63.1" - resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.63.1.tgz#715aa0ca75ac9f972bf825bd55e024fac95a9238" - integrity sha512-IR9kLOmmnAiwNjrMIBNY/6SlomJOCsDpT6x9nDzaTQS6BojMsSSCQOz5dUboRUoAx19lbbCL7UMoE3/rwwzbcQ== +jsii@1.63.2, jsii@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/jsii/-/jsii-1.63.2.tgz#6042f7d1239f939ef0df28c41e090a3c221ac8f6" + integrity sha512-KHnsuTm4ErLiB4JNvPi/TzJuIXeqkMim95Qs9KG5M8tfDd/GHlsotwxNx9qfG2R7DdAWrH0MG+kd1wKIAl+GFw== dependencies: - "@jsii/check-node" "1.63.1" - "@jsii/spec" "1.63.1" - "@xmldom/xmldom" "^0.8.2" - commonmark "^0.30.0" - fast-glob "^3.2.11" - fs-extra "^10.1.0" - jsii "1.63.1" - semver "^7.3.7" - semver-intersect "^1.4.0" - sort-json "^2.0.1" - typescript "~3.9.10" - workerpool "^6.2.1" - yargs "^16.2.0" - -jsii@1.63.0, jsii@^1.59.0, jsii@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/jsii/-/jsii-1.63.0.tgz#b0b38166d34849ea91f7afeeb04ed46948fb1926" - integrity sha512-vQvl/ouRMLKVWDotM3aWgq6mLWa8DmMrSF0bH1qdS4nqc61el5O3GQ6bvjusgSisR2Z207tjg3b4NM6EUDvS0w== - dependencies: - "@jsii/check-node" "1.63.0" - "@jsii/spec" "^1.63.0" + "@jsii/check-node" "1.63.2" + "@jsii/spec" "^1.63.2" case "^1.6.3" chalk "^4" fast-deep-equal "^3.1.3" fs-extra "^10.1.0" - log4js "^6.6.0" - semver "^7.3.7" - semver-intersect "^1.4.0" - sort-json "^2.0.1" - spdx-license-list "^6.6.0" - typescript "~3.9.10" - yargs "^16.2.0" - -jsii@1.63.1: - version "1.63.1" - resolved "https://registry.npmjs.org/jsii/-/jsii-1.63.1.tgz#742c8659f171342d81a7786528fc7bc30052b1a3" - integrity sha512-5Y2hrG2UGT4PbmtdTOr9u36PyreTAtDDdTBjJyGv2v7T0bMKrVI3ZK4Z/v1UJllR/uxNnxY7eABULmSL4PrxJw== - dependencies: - "@jsii/check-node" "1.63.1" - "@jsii/spec" "^1.63.1" - case "^1.6.3" - chalk "^4" - fast-deep-equal "^3.1.3" - fs-extra "^10.1.0" - log4js "^6.6.0" + log4js "^6.6.1" semver "^7.3.7" semver-intersect "^1.4.0" sort-json "^2.0.1" @@ -7031,10 +6975,10 @@ jsprim@^1.2.2: json-schema "0.4.0" verror "1.10.0" -jszip@^3.10.0: - version "3.10.0" - resolved "https://registry.npmjs.org/jszip/-/jszip-3.10.0.tgz#faf3db2b4b8515425e34effcdbb086750a346061" - integrity sha512-LDfVtOLtOxb9RXkYOwPyNBTQDL4eUbqahtoY6x07GiDJHwSYvn8sHHIw8wINImV3MqbMNve2gSuM1DDqEKk09Q== +jszip@^3.10.1: + version "3.10.1" + resolved "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz#34aee70eb18ea1faec2f589208a157d1feb091c2" + integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g== dependencies: lie "~3.3.0" pako "~1.0.2" @@ -7365,7 +7309,7 @@ log-symbols@^4.1.0: chalk "^4.1.0" is-unicode-supported "^0.1.0" -log4js@^6.6.0: +log4js@^6.6.1: version "6.6.1" resolved "https://registry.npmjs.org/log4js/-/log4js-6.6.1.tgz#48f23de8a87d2f5ffd3d913f24ca9ce77895272f" integrity sha512-J8VYFH2UQq/xucdNu71io4Fo+purYYudyErgBbswWKO0MC6QVOERRomt5su/z6d3RJSmLyTGmXl3Q/XjKCf+/A== @@ -7401,9 +7345,9 @@ lru-cache@^6.0.0: yallist "^4.0.0" lru-cache@^7.4.4, lru-cache@^7.5.1, lru-cache@^7.7.1: - version "7.13.1" - resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-7.13.1.tgz#267a81fbd0881327c46a81c5922606a2cfe336c4" - integrity sha512-CHqbAq7NFlW3RSnoWXLJBxCWaZVBrfa9UEHId2M3AW8iEBurbqduNexEUCGc3SHc6iCYXNJCDi903LajSVAEPQ== + version "7.13.2" + resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-7.13.2.tgz#bb5d3f1deea3f3a7a35c1c44345566a612e09cd0" + integrity sha512-VJL3nIpA79TodY/ctmZEfhASgqekbT574/c4j3jn4bKXbSCnTTCH/KltZyvL2GlV+tGSMtsWyem8DCX7qKTMBA== lru-queue@^0.1.0: version "0.1.0" @@ -8421,15 +8365,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.63.0: - version "1.63.0" - resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.63.0.tgz#7983759d783c709b5f847622032690e453e8e3c5" - integrity sha512-Lo8oruFqEzVASt0zp1oGxJqzX0Rlz16tAHkm4Z8yypUdX+gGQXZiyvDcuyEu07QruZTEbdbLMsOu2npR5w5Qog== - -oo-ascii-tree@^1.63.1: - version "1.63.1" - resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.63.1.tgz#07bd598f05a82aa39b92482b472efebf16571ec7" - integrity sha512-ztZJV5TGPo+Q3mLMQgxa4l9hpGbO7KXY++sus51+JJjJNUI5aZ9qRsAEoi2LkgspN3cs9+sOq8KZN0e9a329YQ== +oo-ascii-tree@^1.63.2: + version "1.63.2" + resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.63.2.tgz#d7688b868daa361c5f0c328bb00bff626a7e0047" + integrity sha512-2bfZc5i6X1jt+ecaYdsr3Sl5LBnDhe32LXR6+UrHcqr3kG2JW4KIHpTP/Au6oksJnTXIgON1rJcbscVCVtR0cg== open@^7.4.2: version "7.4.2" @@ -9019,10 +8958,10 @@ progress@^2.0.0, progress@^2.0.3: resolved "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8" integrity sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA== -projen@^0.60.4: - version "0.60.4" - resolved "https://registry.npmjs.org/projen/-/projen-0.60.4.tgz#10661541b1d00b82c959b8ae550a023f8b9b3298" - integrity sha512-RaGrt8Cc+SwQ5UblReJPndJfyeJLml+GnMCP1+dCypn96OqxB9OJdT/BQriMVWeSZ9yBo+WSHm2GdKjY9c0XdA== +projen@^0.60.14: + version "0.60.14" + resolved "https://registry.npmjs.org/projen/-/projen-0.60.14.tgz#bc51ad43161745d928884b2ff68025c3ca3d1d9b" + integrity sha512-BrY9AgcUafK304wSinVUFr6mJ3cqGvRm2V/hZMUoFUka2bEgJXJNnY6VZEoLj5KRUarJZVvcoh8X6ckaFn44eA== dependencies: "@iarna/toml" "^2.2.5" case "^1.6.3" @@ -10659,9 +10598,9 @@ type@^1.0.1: integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg== type@^2.5.0: - version "2.6.0" - resolved "https://registry.npmjs.org/type/-/type-2.6.0.tgz#3ca6099af5981d36ca86b78442973694278a219f" - integrity sha512-eiDBDOmkih5pMbo9OqsqPRGMljLodLcwd5XD5JbtNB0o89xZAwynY9EdCDsJU7LtcVCClu9DvM7/0Ep1hYX3EQ== + version "2.6.1" + resolved "https://registry.npmjs.org/type/-/type-2.6.1.tgz#808f389ec777205cc3cd97c1c88ec1a913105aae" + integrity sha512-OvgH5rB0XM+iDZGQ1Eg/o7IZn0XYJFVrN/9FQ4OWIYILyJJgVP2s1hLTOFn6UOZoDUI/HctGa0PFlE2n2HW3NQ== typedarray-to-buffer@^3.1.5: version "3.1.5"