diff --git a/.github/ISSUE_TEMPLATE/bug.md b/.github/ISSUE_TEMPLATE/bug.md index b12a80d025350..286ca89cb1c53 100644 --- a/.github/ISSUE_TEMPLATE/bug.md +++ b/.github/ISSUE_TEMPLATE/bug.md @@ -1,7 +1,7 @@ --- name: "\U0001F41B Bug Report" about: Report a bug -title: "[module] " +title: "(module name): short issue description" labels: bug, needs-triage --- diff --git a/.github/ISSUE_TEMPLATE/doc.md b/.github/ISSUE_TEMPLATE/doc.md index 022c04c22ed80..3c8a1dc691d0e 100644 --- a/.github/ISSUE_TEMPLATE/doc.md +++ b/.github/ISSUE_TEMPLATE/doc.md @@ -1,7 +1,7 @@ --- name: "📕 Documentation Issue" about: Issue in the reference documentation or developer guide -title: "[module] " +title: "(module name): short issue description" labels: feature-request, documentation, needs-triage --- diff --git a/.github/ISSUE_TEMPLATE/feature-request.md b/.github/ISSUE_TEMPLATE/feature-request.md index c2d12b48d5750..163f2f54d0b88 100644 --- a/.github/ISSUE_TEMPLATE/feature-request.md +++ b/.github/ISSUE_TEMPLATE/feature-request.md @@ -1,7 +1,7 @@ --- name: "\U0001F680 Feature Request" about: Request a new feature -title: "[module] " +title: "(module name): short issue description" labels: feature-request, needs-triage --- diff --git a/.github/ISSUE_TEMPLATE/general-issues.md b/.github/ISSUE_TEMPLATE/general-issues.md index 372cb49eb540c..dcd6520c0cfda 100644 --- a/.github/ISSUE_TEMPLATE/general-issues.md +++ b/.github/ISSUE_TEMPLATE/general-issues.md @@ -1,7 +1,7 @@ --- name: "\U00002753 General Issue" about: Create a new issue -title: "[module] " +title: "(module name): short issue description" labels: needs-triage, guidance --- diff --git a/.github/workflows/issue-label-assign.yml b/.github/workflows/issue-label-assign.yml index 6184e7c0580f5..00e2ee1d2ecaf 100644 --- a/.github/workflows/issue-label-assign.yml +++ b/.github/workflows/issue-label-assign.yml @@ -2,6 +2,10 @@ name: "Set Issue Label and Assignee" on: issues: types: [opened, edited] + pull_request: + types: [opened, edited] + pull_request_target: + types: [opened, edited] jobs: test: @@ -13,170 +17,169 @@ jobs: title-or-body: 'title' parameters: > [ - {"keywords":["[cli]","[command line]"],"labels":["package/tools"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/alexa-ask]","[alexa-ask]","[alexa ask]"],"labels":["@aws-cdk/alexa-ask"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/app-delivery]","[app-delivery]","[app delivery]"],"labels":["@aws-cdk/app-delivery"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/assert]","[assert]"],"labels":["@aws-cdk/assert"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/assets]","[assets]"],"labels":["@aws-cdk/assets"],"assignees":["eladb"]}, - {"keywords":["[@aws-cdk/aws-accessanalyzer]","[aws-accessanalyzer]","[accessanalyzer]","[access analyzer]"],"labels":["@aws-cdk/aws-accessanalyzer"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-acmpca]","[aws-acmpca]","[acmpca]"],"labels":["@aws-cdk/aws-acmpca"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-amazonmq]","[aws-amazonmq]","[amazonmq]","[amazon mq]","[amazon-mq]"],"labels":["@aws-cdk/aws-amazonmq"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-amplify]","[aws-amplify]","[amplify]"],"labels":["@aws-cdk/aws-amplify"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-apigateway]","[aws-apigateway]","[apigateway]","[api gateway]","[api-gateway]"],"labels":["@aws-cdk/aws-apigateway"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-apigatewayv2]","[aws-apigatewayv2]","[apigatewayv2]","[apigateway v2]","[api-gateway-v2]"],"labels":["@aws-cdk/aws-apigatewayv2"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-apigatewayv2-integrations]","[aws-apigatewayv2-integrations]","[apigatewayv2-integrations]","[apigateway v2 integrations]","[api-gateway-v2-integrations]"],"labels":["@aws-cdk/aws-apigatewayv2-integrations"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-appconfig]","[aws-appconfig]","[appconfig]","[app config]","[app-config]"],"labels":["@aws-cdk/aws-appconfig"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-appflow]","[aws-appflow]","[appflow]","[app flow]","[app-flow]"],"labels":["@aws-cdk/aws-appflow"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-applicationautoscaling]","[aws-applicationautoscaling]","[applicationautoscaling]","[application autoscaling]","[application-autoscaling]"],"labels":["@aws-cdk/aws-applicationautoscaling"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-applicationinsights]","[aws-applicationinsights]","[applicationinsights]","[application insights]","[application-insights]"],"labels":["@aws-cdk/aws-applicationinsights"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-appmesh]","[aws-appmesh]","[appmesh]","[app mesh]","[app-mesh]"],"labels":["@aws-cdk/aws-appmesh"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-appstream]","[aws-appstream]","[appstream]","[app stream]","[app-stream]"],"labels":["@aws-cdk/aws-appstream"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-appsync]","[aws-appsync]","[appsync]","[app sync]","[app-sync]"],"labels":["@aws-cdk/aws-appsync"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-athena]","[aws-athena]","[athena]"],"labels":["@aws-cdk/aws-athena"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-autoscaling]","[aws-autoscaling]","[autoscaling]","[auto scaling]","[auto-scaling]"],"labels":["@aws-cdk/aws-autoscaling"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-autoscaling-api]","[aws-autoscaling-api]","[autoscaling-api]","[autoscaling api]","[autoscaling-api]"],"labels":["@aws-cdk/aws-autoscaling-api"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-autoscaling-common]","[aws-autoscaling-common]","[autoscaling-common]","[autoscaling common]","[autoscaling-common]"],"labels":["@aws-cdk/aws-autoscaling-common"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-autoscaling-hooktargets]","[aws-autoscaling-hooktargets]","[autoscaling-hooktargets]","[autoscaling hooktargets]"],"labels":["@aws-cdk/aws-autoscaling-hooktargets"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-autoscalingplans]","[aws-autoscalingplans]","[autoscalingplans]","[autoscaling plans]", "[autoscaling-plans]"],"labels":["@aws-cdk/aws-autoscalingplans"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-backup]","[aws-backup]","[backup]"],"labels":["@aws-cdk/aws-backup"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-batch]","[aws-batch]","[batch]"],"labels":["@aws-cdk/aws-batch"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-budgets]","[aws-budgets]","[budgets]"],"labels":["@aws-cdk/aws-budgets"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-cassandra]","[aws-cassandra]","[cassandra]"],"labels":["@aws-cdk/aws-cassandra"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-ce]","[aws-ce]","[ce]"],"labels":["@aws-cdk/aws-ce"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-certificatemanager]","[aws-certificatemanager]","[certificatemanager]","[certificate manager]","[certificate-manager]","[acm]"],"labels":["@aws-cdk/aws-certificatemanager"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-chatbot]","[aws-chatbot]","[chatbot]"],"labels":["@aws-cdk/aws-chatbot"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-cloud9]","[aws-cloud9]","[cloud9]","[cloud 9]"],"labels":["@aws-cdk/aws-cloud9"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-cloudformation]","[aws-cloudformation]","[cloudformation]","[cloud formation]"],"labels":["@aws-cdk/aws-cloudformation"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-cloudfront]","[aws-cloudfront]","[cloudfront]","[cloud front]"],"labels":["@aws-cdk/aws-cloudfront"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-cloudfront-origins]","[aws-cloudfront-origins]","[cloudfront-origins]","[cloudfront origins]"],"labels":["@aws-cdk/aws-cloudfront-origins"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-cloudtrail]","[aws-cloudtrail]","[cloudtrail]","[cloud trail]"],"labels":["@aws-cdk/aws-cloudtrail"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-cloudwatch]","[aws-cloudwatch]","[cloudwatch]","[cloud watch]"],"labels":["@aws-cdk/aws-cloudwatch"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-cloudwatch-actions]","[aws-cloudwatch-actions]","[cloudwatch-actions]","[cloudwatch actions]"],"labels":["@aws-cdk/aws-cloudwatch-actions"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-codeartifact]","[aws-codeartifact]","[codeartifact]","[code artifact]","[code-artifact]"],"labels":["@aws-cdk/aws-codeartifact"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-codebuild]","[aws-codebuild]","[codebuild]","[code build]","[code-build]"],"labels":["@aws-cdk/aws-codebuild"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codecommit]","[aws-codecommit]","[codecommit]","[code commit]", "[code-commit]"],"labels":["@aws-cdk/aws-codecommit"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codedeploy]","[aws-codedeploy]","[codedeploy]","[code deploy]","[code-deploy]"],"labels":["@aws-cdk/aws-codedeploy"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codeguruprofiler]","[aws-codeguruprofiler]","[codeguruprofiler]","[codeguru profiler]","[codeguru-profiler]"],"labels":["@aws-cdk/aws-codeguruprofiler"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codegurureviewer]","[aws-codegurureviewer]","[codegurureviewer]","[codeguru reviewer]","[codeguru-reviewer]"],"labels":["@aws-cdk/aws-codegurureviewer"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-codepipeline]","[aws-codepipeline]","[codepipeline]","[code pipeline]","[code-pipeline]"],"labels":["@aws-cdk/aws-codepipeline"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codepipeline-actions]","[aws-codepipeline-actions]","[codepipeline-actions]","[codepipeline actions]"],"labels":["@aws-cdk/aws-codepipeline-actions"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codestar]","[aws-codestar]","[codestar]"],"labels":["@aws-cdk/aws-codestar"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codestarconnections]","[aws-codestarconnections]","[codestarconnections]","[codestar connections]","[codestar-connections]"],"labels":["@aws-cdk/aws-codestarconnections"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-codestarnotifications]","[aws-codestarnotifications]","[codestarnotifications]","[codestar notifications]","[codestar-notifications]"],"labels":["@aws-cdk/aws-codestarnotifications"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-cognito]","[aws-cognito]","[cognito]"],"labels":["@aws-cdk/aws-cognito"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-config]","[aws-config]","[config]"],"labels":["@aws-cdk/aws-config"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-datapipeline]","[aws-datapipeline]","[datapipeline]","[data pipeline]","[data-pipeline]"],"labels":["@aws-cdk/aws-datapipeline"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-dax]","[aws-dax]","[dax]"],"labels":["@aws-cdk/aws-dax"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-detective]","[aws-detective]","[detective]"],"labels":["@aws-cdk/aws-detective"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-directoryservice]","[aws-directoryservice]","[directoryservice]","[directory service]","[directory-service]"],"labels":["@aws-cdk/aws-directoryservice"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-dlm]","[aws-dlm]","[dlm]"],"labels":["@aws-cdk/aws-dlm"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-dms]","[aws-dms]","[dms]"],"labels":["@aws-cdk/aws-dms"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-docdb]","[aws-docdb]","[docdb]","[doc db]","[doc-db]"],"labels":["@aws-cdk/aws-docdb"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-dynamodb]","[aws-dynamodb]","[dynamodb]","[dynamo db]","[dynamo-db]"],"labels":["@aws-cdk/aws-dynamodb"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-dynamodb-global]","[aws-dynamodb-global]","[dynamodb-global]","[dynamodb global]"],"labels":["@aws-cdk/aws-dynamodb-global"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-ec2]","[aws-ec2]","[ec2]","[vpc]"],"labels":["@aws-cdk/aws-ec2"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-ecr]","[aws-ecr]","[ecr]"],"labels":["@aws-cdk/aws-ecr"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-ecr-assets]","[aws-ecr-assets]","[ecr-assets]","[ecr assets]","[ecrassets]"],"labels":["@aws-cdk/aws-ecr-assets"],"assignees":["eladb"]}, - {"keywords":["[@aws-cdk/aws-efs]","[aws-efs]","[efs]"],"labels":["@aws-cdk/aws-efs"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-eks]","[aws-eks]","[eks]"],"labels":["@aws-cdk/aws-eks"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-elasticache]","[aws-elasticache]","[elasticache]","[elastic cache]","[elastic-cache]"],"labels":["@aws-cdk/aws-elasticache"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-elasticbeanstalk]","[aws-elasticbeanstalk]","[elasticbeanstalk]","[elastic beanstalk]","[elastic-beanstalk]"],"labels":["@aws-cdk/aws-elasticbeanstalk"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-elasticloadbalancing]","[aws-elasticloadbalancing]","[elasticloadbalancing]","[elastic loadbalancing]","[elastic-loadbalancing]","[elb]"],"labels":["@aws-cdk/aws-elasticloadbalancing"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-elasticloadbalancingv2]","[aws-elasticloadbalancingv2]","[elasticloadbalancingv2]","[elastic-loadbalancing-v2]","[elbv2]","[elb v2]"],"labels":["@aws-cdk/aws-elasticloadbalancingv2"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-elasticloadbalancingv2-targets]","[aws-elasticloadbalancingv2-targets]","[elasticloadbalancingv2-targets]","[elasticloadbalancingv2 targets]","[elbv2 targets]"],"labels":["@aws-cdk/aws-elasticloadbalancingv2-targets"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-elasticsearch]","[aws-elasticsearch]","[elasticsearch]","[elastic search]","[elastic-search]"],"labels":["@aws-cdk/aws-elasticsearch"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-emr]","[aws-emr]","[emr]"],"labels":["@aws-cdk/aws-emr"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-events]","[aws-events]","[events]","[eventbridge]","event-bridge]"],"labels":["@aws-cdk/aws-events"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-events-targets]","[aws-events-targets]","[events-targets]","[events targets]"],"labels":["@aws-cdk/aws-events-targets"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-eventschemas]","[aws-eventschemas]","[eventschemas]","[event schemas]"],"labels":["@aws-cdk/aws-eventschemas"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-fms]","[aws-fms]","[fms]"],"labels":["@aws-cdk/aws-fms"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-fsx]","[aws-fsx]","[fsx]"],"labels":["@aws-cdk/aws-fsx"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-gamelift]","[aws-gamelift]","[gamelift]","[game lift]"],"labels":["@aws-cdk/aws-gamelift"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-globalaccelerator]","[aws-globalaccelerator]","[globalaccelerator]","[global accelerator]","[global-accelerator]"],"labels":["@aws-cdk/aws-globalaccelerator"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-glue]","[aws-glue]","[glue]"],"labels":["@aws-cdk/aws-glue"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-greengrass]","[aws-greengrass]","[greengrass]","[green grass]","[green-grass]"],"labels":["@aws-cdk/aws-greengrass"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-guardduty]","[aws-guardduty]","[guardduty]","[guard duty]","[guard-duty]"],"labels":["@aws-cdk/aws-guardduty"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-iam]","[aws-iam]","[iam]"],"labels":["@aws-cdk/aws-iam"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/aws-imagebuilder]","[aws-imagebuilder]","[imagebuilder]","[image builder]","[image-builder]"],"labels":["@aws-cdk/aws-imagebuilder"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-inspector]","[aws-inspector]","[inspector]"],"labels":["@aws-cdk/aws-inspector"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iot]","[aws-iot]","[iot]"],"labels":["@aws-cdk/aws-iot"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iot1click]","[aws-iot1click]","[iot1click]","[iot 1click]"],"labels":["@aws-cdk/aws-iot1click"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iotanalytics]","[aws-iotanalytics]","[iotanalytics]","[iot analytics]","[iot-analytics]"],"labels":["@aws-cdk/aws-iotanalytics"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iotevents]","[aws-iotevents]","[iotevents]","[iot events]","[iot-events]"],"labels":["@aws-cdk/aws-iotevents"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iotsitewise]","[aws-iotsitewise]","[iotsitewise]","[iot sitewise]","[iot-sitewise]","[iot-site-wise]","[iot site wise]"],"labels":["@aws-cdk/aws-iotsitewise"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-iotthingsgraph]","[aws-iotthingsgraph]","[iotthingsgraph]","[iot things graph]","[iot-things-graph]"],"labels":["@aws-cdk/aws-iotthingsgraph"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-ivs]","[aws-ivs]","[Interactive Video Service]","[ivs]"],"labels":["@aws-cdk/aws-ivs"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-kendra]","[aws-kendra]","[kendra]"],"labels":["@aws-cdk/aws-kendra"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-kinesis]","[aws-kinesis]","[kinesis]"],"labels":["@aws-cdk/aws-kinesis"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-kinesisanalytics]","[aws-kinesisanalytics]","[kinesisanalytics]","[kinesis analytics]","[kinesis-analytics]"],"labels":["@aws-cdk/aws-kinesisanalytics"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-kinesisfirehose]","[aws-kinesisfirehose]","[kinesisfirehose]","[kinesis firehose]","[kinesis-firehose]"],"labels":["@aws-cdk/aws-kinesisfirehose"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-kms]","[aws-kms]","[kms]"],"labels":["@aws-cdk/aws-kms"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-lakeformation]","[aws-lakeformation]","[lakeformation]","[lake formation]","[lake-formation]"],"labels":["@aws-cdk/aws-lakeformation"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-lambda]","[aws-lambda]","[lambda]"],"labels":["@aws-cdk/aws-lambda"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-lambda-event-sources]","[aws-lambda-event-sources]","[lambda-event-sources]","[lambda event sources]"],"labels":["@aws-cdk/aws-lambda-event-sources"],"assignees":["nija-at"]}, - {"keywords":["[@aws-cdk/aws-lambda-nodejs]","[aws-lambda-nodejs]","[lambda-nodejs]","[lambda nodejs]"],"labels":["@aws-cdk/aws-lambda-nodejs"],"assignees":["eladb"]}, - {"keywords":["[@aws-cdk/aws-lambda-python]","[aws-lambda-python]","[lambda-python]","[lambda python]"],"labels":["@aws-cdk/aws-lambda-python"],"assignees":["eladb"]}, - {"keywords":["[@aws-cdk/aws-logs]","[aws-logs]","[logs]"],"labels":["@aws-cdk/aws-logs"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-logs-destinations]","[aws-logs-destinations]","[logs-destinations]","[logs destinations]"],"labels":["@aws-cdk/aws-logs-destinations"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-macie]","[aws-macie]","[macie]"],"labels":["@aws-cdk/aws-macie"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-managedblockchain]","[aws-managedblockchain]","[managedblockchain]","[managed blockchain]","[managed-blockchain]"],"labels":["@aws-cdk/aws-managedblockchain"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-mediaconvert]","[aws-mediaconvert]","[mediaconvert]","[media convert]","[media-convert]"],"labels":["@aws-cdk/aws-mediaconvert"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-medialive]","[aws-medialive]","[medialive]","[media live]","[media-live]"],"labels":["@aws-cdk/aws-medialive"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-mediastore]","[aws-mediastore]","[mediastore]","[media store]","[media-store]"],"labels":["@aws-cdk/aws-mediastore"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-mediapackage]","[aws-mediapackage]","[mediapackage]","[media package]","[media-package]"],"labels":["@aws-cdk/aws-mediapackage"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-msk]","[aws-msk]","[msk]"],"labels":["@aws-cdk/aws-msk"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-neptune]","[aws-neptune]","[neptune]"],"labels":["@aws-cdk/aws-neptune"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-networkmanager]","[aws-networkmanager]","[networkmanager]","[network manager]","[network-manager]"],"labels":["@aws-cdk/aws-networkmanager"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-opsworks]","[aws-opsworks]","[opsworks]","[ops works]","[ops-works]"],"labels":["@aws-cdk/aws-opsworks"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-opsworkscm]","[aws-opsworkscm]","[opsworkscm]","[opsworks cm]","[opsworks-cm]"],"labels":["@aws-cdk/aws-opsworkscm"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-personalize]","[aws-personalize]","[personalize]"],"labels":["@aws-cdk/aws-personalize"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-pinpoint]","[aws-pinpoint]","[pinpoint]"],"labels":["@aws-cdk/aws-pinpoint"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-pinpointemail]","[aws-pinpointemail]","[pinpointemail]","[pinpoint email]","[pinpoint-email]"],"labels":["@aws-cdk/aws-pinpointemail"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-qldb]","[aws-qldb]","[qldb]"],"labels":["@aws-cdk/aws-qldb"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-ram]","[aws-ram]","[ram]"],"labels":["@aws-cdk/aws-ram"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-rds]","[aws-rds]","[rds]"],"labels":["@aws-cdk/aws-rds"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-redshift]","[aws-redshift]","[redshift]","[red shift]","[red-shift]"],"labels":["@aws-cdk/aws-redshift"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-resourcegroups]","[aws-resourcegroups]","[resourcegroups]","[resource groups]","[resource-groups]"],"labels":["@aws-cdk/aws-resourcegroups"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-robomaker]","[aws-robomaker]","[robomaker]","[robo maker]","[robo-maker]"],"labels":["@aws-cdk/aws-robomaker"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-route53]","[aws-route53]","[route53]","[route 53]","[route-53]"],"labels":["@aws-cdk/aws-route53"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-route53-patterns]","[aws-route53-patterns]","[route53-patterns]","[route53 patterns]","[route-53-patterns]"],"labels":["@aws-cdk/aws-route53-patterns"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-route53-targets]","[aws-route53-targets]","[route53-targets]","[route53 targets]","[route-53-targets]"],"labels":["@aws-cdk/aws-route53-targets"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-route53resolver]","[aws-route53resolver]","[route53resolver]","[route53 resolver]","[route-53-resolver]"],"labels":["@aws-cdk/aws-route53resolver"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-s3]","[aws-s3]","[s3]"],"labels":["@aws-cdk/aws-s3"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-s3-assets]","[aws-s3-assets]","[s3-assets]","[s3 assets]"],"labels":["@aws-cdk/aws-s3-assets"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-s3-deployment]","[aws-s3-deployment]","[s3-deployment]","[s3 deployment]"],"labels":["@aws-cdk/aws-s3-deployment"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-s3-notifications]","[aws-s3-notifications]","[s3-notifications]","[s3 notifications]"],"labels":["@aws-cdk/aws-s3-notifications"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-sagemaker]","[aws-sagemaker]","[sagemaker]","[sage maker]","[sage-maker]"],"labels":["@aws-cdk/aws-sagemaker"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-sam]","[aws-sam]","[sam]"],"labels":["@aws-cdk/aws-sam"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-sdb]","[aws-sdb]","[sdb]"],"labels":["@aws-cdk/aws-sdb"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-secretsmanager]","[aws-secretsmanager]","[secretsmanager]","[secrets manager]","[secrets-manager]"],"labels":["@aws-cdk/aws-secretsmanager"],"assignees":["njlynch"]}, - {"keywords":["[@aws-cdk/aws-securityhub]","[aws-securityhub]","[securityhub]","[security hub]","[security-hub]"],"labels":["@aws-cdk/aws-securityhub"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-servicecatalog]","[aws-servicecatalog]","[servicecatalog]","[service catalog]","[service-catalog]"],"labels":["@aws-cdk/aws-servicecatalog"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-servicediscovery]","[aws-servicediscovery]","[servicediscovery]","[service discovery]","[service-discovery]"],"labels":["@aws-cdk/aws-servicediscovery"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-ses]","[aws-ses]","[ses]"],"labels":["@aws-cdk/aws-ses"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-ses-actions]","[aws-ses-actions]","[ses-actions]","[ses actions]"],"labels":["@aws-cdk/aws-ses-actions"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-sns]","[aws-sns]","[sns]"],"labels":["@aws-cdk/aws-sns"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-sns-subscriptions]","[aws-sns-subscriptions]","[sns-subscriptions]","[sns subscriptions]"],"labels":["@aws-cdk/aws-sns-subscriptions"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-sqs]","[aws-sqs]","[sqs]"],"labels":["@aws-cdk/aws-sqs"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-ssm]","[aws-ssm]","[ssm]"],"labels":["@aws-cdk/aws-ssm"],"assignees":["MrArnoldPalmer"]}, - {"keywords":["[@aws-cdk/aws-sso]","[aws-sso]","[sso]"],"labels":["@aws-cdk/aws-sso"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-stepfunctions]","[aws-stepfunctions]","[stepfunctions]","[step functions]","[step-functions]"],"labels":["@aws-cdk/aws-stepfunctions"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-stepfunctions-tasks]","[aws-stepfunctions-tasks]","[stepfunctions-tasks]","[stepfunctions tasks]"],"labels":["@aws-cdk/aws-stepfunctions-tasks"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-synthetics]","[aws-synthetics]","[synthetics]"],"labels":["@aws-cdk/aws-synthetics"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/aws-timestream]","[aws-timestream]","[timestream]"],"labels":["@aws-cdk/aws-timestream"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/aws-transfer]","[aws-transfer]","[transfer]"],"labels":["@aws-cdk/aws-transfer"],"assignees":["iliapolo"]}, - {"keywords":["[@aws-cdk/aws-waf]","[aws-waf]","[waf]"],"labels":["@aws-cdk/aws-waf"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-wafregional]","[aws-wafregional]","[wafregional]","[waf regional]","[waf-regional]"],"labels":["@aws-cdk/aws-wafregional"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-wafv2]","[aws-wafv2]","[wafv2]","[waf v2]","[waf-v2]"],"labels":["@aws-cdk/aws-wafv2"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/aws-workspaces]","[aws-workspaces]","[workspaces]"],"labels":["@aws-cdk/aws-workspaces"],"assignees":["NetaNir"]}, - {"keywords":["[@aws-cdk/cfnspec]","[cfnspec]","[cfn spec]","[cfn-spec]"],"labels":["@aws-cdk/cfnspec"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/cloud-assembly-schema]","[cloud-assembly-schema]","[cloud assembly schema]"],"labels":["@aws-cdk/cloud-assembly-schema"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/cloudformation-diff]","[cloudformation-diff]","[cloudformation diff]","[cfn diff]"],"labels":["@aws-cdk/cloudformation-diff"],"assignees":["shivlaks"]}, - {"keywords":["[@aws-cdk/cloudformation-include]","[cloudformation-include]","[cloudformation include]","[cfn include]","[cfn-include]"],"labels":["@aws-cdk/cloudformation-include"],"assignees":["skinny85"]}, - {"keywords":["[@aws-cdk/core]","[core]"],"labels":["@aws-cdk/core"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/custom-resources]","[custom-resources]","[custom resources]"],"labels":["@aws-cdk/custom-resources"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/cx-api]","[cx-api]","[cx api]"],"labels":["@aws-cdk/cx-api"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/pipelines]","[pipelines]","[cdk pipelines]","[cdk-pipelines]"],"labels":["@aws-cdk/pipelines"],"assignees":["rix0rrr"]}, - {"keywords":["[@aws-cdk/region-info]","[region-info]","[region info]"],"labels":["@aws-cdk/region-info"],"assignees":["RomainMuller"]} + {"keywords":["(cli)","(command line)"],"labels":["package/tools"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/alexa-ask)","(alexa-ask)","(alexa ask)"],"labels":["@aws-cdk/alexa-ask"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/app-delivery)","(app-delivery)","(app delivery)"],"labels":["@aws-cdk/app-delivery"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/assert)","(assert)"],"labels":["@aws-cdk/assert"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/assets)","(assets)"],"labels":["@aws-cdk/assets"],"assignees":["eladb"]}, + {"keywords":["(@aws-cdk/aws-accessanalyzer)","(aws-accessanalyzer)","(accessanalyzer)","(access analyzer)"],"labels":["@aws-cdk/aws-accessanalyzer"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-acmpca)","(aws-acmpca)","(acmpca)"],"labels":["@aws-cdk/aws-acmpca"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-amazonmq)","(aws-amazonmq)","(amazonmq)","(amazon mq)","(amazon-mq)"],"labels":["@aws-cdk/aws-amazonmq"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-amplify)","(aws-amplify)","(amplify)"],"labels":["@aws-cdk/aws-amplify"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-apigateway)","(aws-apigateway)","(apigateway)","(api gateway)","(api-gateway)"],"labels":["@aws-cdk/aws-apigateway"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-apigatewayv2)","(aws-apigatewayv2)","(apigatewayv2)","(apigateway v2)","(api-gateway-v2)"],"labels":["@aws-cdk/aws-apigatewayv2"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-apigatewayv2-integrations)","(aws-apigatewayv2-integrations)","(apigatewayv2-integrations)","(apigateway v2 integrations)","(api-gateway-v2-integrations)"],"labels":["@aws-cdk/aws-apigatewayv2-integrations"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-appconfig)","(aws-appconfig)","(appconfig)","(app config)","(app-config)"],"labels":["@aws-cdk/aws-appconfig"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-appflow)","(aws-appflow)","(appflow)","(app flow)","(app-flow)"],"labels":["@aws-cdk/aws-appflow"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-applicationautoscaling)","(aws-applicationautoscaling)","(applicationautoscaling)","(application autoscaling)","(application-autoscaling)"],"labels":["@aws-cdk/aws-applicationautoscaling"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-applicationinsights)","(aws-applicationinsights)","(applicationinsights)","(application insights)","(application-insights)"],"labels":["@aws-cdk/aws-applicationinsights"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-appmesh)","(aws-appmesh)","(appmesh)","(app mesh)","(app-mesh)"],"labels":["@aws-cdk/aws-appmesh"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-appstream)","(aws-appstream)","(appstream)","(app stream)","(app-stream)"],"labels":["@aws-cdk/aws-appstream"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-appsync)","(aws-appsync)","(appsync)","(app sync)","(app-sync)"],"labels":["@aws-cdk/aws-appsync"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-athena)","(aws-athena)","(athena)"],"labels":["@aws-cdk/aws-athena"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-autoscaling)","(aws-autoscaling)","(autoscaling)","(auto scaling)","(auto-scaling)"],"labels":["@aws-cdk/aws-autoscaling"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-autoscaling-api)","(aws-autoscaling-api)","(autoscaling-api)","(autoscaling api)","(autoscaling-api)"],"labels":["@aws-cdk/aws-autoscaling-api"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-autoscaling-common)","(aws-autoscaling-common)","(autoscaling-common)","(autoscaling common)","(autoscaling-common)"],"labels":["@aws-cdk/aws-autoscaling-common"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-autoscaling-hooktargets)","(aws-autoscaling-hooktargets)","(autoscaling-hooktargets)","(autoscaling hooktargets)"],"labels":["@aws-cdk/aws-autoscaling-hooktargets"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-autoscalingplans)","(aws-autoscalingplans)","(autoscalingplans)","(autoscaling plans)", "(autoscaling-plans)"],"labels":["@aws-cdk/aws-autoscalingplans"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-backup)","(aws-backup)","(backup)"],"labels":["@aws-cdk/aws-backup"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-batch)","(aws-batch)","(batch)"],"labels":["@aws-cdk/aws-batch"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-budgets)","(aws-budgets)","(budgets)"],"labels":["@aws-cdk/aws-budgets"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-cassandra)","(aws-cassandra)","(cassandra)"],"labels":["@aws-cdk/aws-cassandra"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-ce)","(aws-ce)","(ce)"],"labels":["@aws-cdk/aws-ce"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-certificatemanager)","(aws-certificatemanager)","(certificatemanager)","(certificate manager)","(certificate-manager)","(acm)"],"labels":["@aws-cdk/aws-certificatemanager"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-chatbot)","(aws-chatbot)","(chatbot)"],"labels":["@aws-cdk/aws-chatbot"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-cloud9)","(aws-cloud9)","(cloud9)","(cloud 9)"],"labels":["@aws-cdk/aws-cloud9"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-cloudformation)","(aws-cloudformation)","(cloudformation)","(cloud formation)"],"labels":["@aws-cdk/aws-cloudformation"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-cloudfront)","(aws-cloudfront)","(cloudfront)","(cloud front)"],"labels":["@aws-cdk/aws-cloudfront"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-cloudfront-origins)","(aws-cloudfront-origins)","(cloudfront-origins)","(cloudfront origins)"],"labels":["@aws-cdk/aws-cloudfront-origins"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-cloudtrail)","(aws-cloudtrail)","(cloudtrail)","(cloud trail)"],"labels":["@aws-cdk/aws-cloudtrail"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-cloudwatch)","(aws-cloudwatch)","(cloudwatch)","(cloud watch)"],"labels":["@aws-cdk/aws-cloudwatch"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-cloudwatch-actions)","(aws-cloudwatch-actions)","(cloudwatch-actions)","(cloudwatch actions)"],"labels":["@aws-cdk/aws-cloudwatch-actions"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-codeartifact)","(aws-codeartifact)","(codeartifact)","(code artifact)","(code-artifact)"],"labels":["@aws-cdk/aws-codeartifact"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-codebuild)","(aws-codebuild)","(codebuild)","(code build)","(code-build)"],"labels":["@aws-cdk/aws-codebuild"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codecommit)","(aws-codecommit)","(codecommit)","(code commit)", "(code-commit)"],"labels":["@aws-cdk/aws-codecommit"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codedeploy)","(aws-codedeploy)","(codedeploy)","(code deploy)","(code-deploy)"],"labels":["@aws-cdk/aws-codedeploy"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codeguruprofiler)","(aws-codeguruprofiler)","(codeguruprofiler)","(codeguru profiler)","(codeguru-profiler)"],"labels":["@aws-cdk/aws-codeguruprofiler"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codegurureviewer)","(aws-codegurureviewer)","(codegurureviewer)","(codeguru reviewer)","(codeguru-reviewer)"],"labels":["@aws-cdk/aws-codegurureviewer"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-codepipeline)","(aws-codepipeline)","(codepipeline)","(code pipeline)","(code-pipeline)"],"labels":["@aws-cdk/aws-codepipeline"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codepipeline-actions)","(aws-codepipeline-actions)","(codepipeline-actions)","(codepipeline actions)"],"labels":["@aws-cdk/aws-codepipeline-actions"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codestar)","(aws-codestar)","(codestar)"],"labels":["@aws-cdk/aws-codestar"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codestarconnections)","(aws-codestarconnections)","(codestarconnections)","(codestar connections)","(codestar-connections)"],"labels":["@aws-cdk/aws-codestarconnections"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-codestarnotifications)","(aws-codestarnotifications)","(codestarnotifications)","(codestar notifications)","(codestar-notifications)"],"labels":["@aws-cdk/aws-codestarnotifications"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-cognito)","(aws-cognito)","(cognito)"],"labels":["@aws-cdk/aws-cognito"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-config)","(aws-config)","(config)"],"labels":["@aws-cdk/aws-config"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-datapipeline)","(aws-datapipeline)","(datapipeline)","(data pipeline)","(data-pipeline)"],"labels":["@aws-cdk/aws-datapipeline"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-dax)","(aws-dax)","(dax)"],"labels":["@aws-cdk/aws-dax"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-detective)","(aws-detective)","(detective)"],"labels":["@aws-cdk/aws-detective"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-directoryservice)","(aws-directoryservice)","(directoryservice)","(directory service)","(directory-service)"],"labels":["@aws-cdk/aws-directoryservice"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-dlm)","(aws-dlm)","(dlm)"],"labels":["@aws-cdk/aws-dlm"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-dms)","(aws-dms)","(dms)"],"labels":["@aws-cdk/aws-dms"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-docdb)","(aws-docdb)","(docdb)","(doc db)","(doc-db)"],"labels":["@aws-cdk/aws-docdb"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-dynamodb)","(aws-dynamodb)","(dynamodb)","(dynamo db)","(dynamo-db)"],"labels":["@aws-cdk/aws-dynamodb"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-dynamodb-global)","(aws-dynamodb-global)","(dynamodb-global)","(dynamodb global)"],"labels":["@aws-cdk/aws-dynamodb-global"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-ec2)","(aws-ec2)","(ec2)","(vpc)"],"labels":["@aws-cdk/aws-ec2"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-ecr)","(aws-ecr)","(ecr)"],"labels":["@aws-cdk/aws-ecr"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-ecr-assets)","(aws-ecr-assets)","(ecr-assets)","(ecr assets)","(ecrassets)"],"labels":["@aws-cdk/aws-ecr-assets"],"assignees":["eladb"]}, + {"keywords":["(@aws-cdk/aws-efs)","(aws-efs)","(efs)"],"labels":["@aws-cdk/aws-efs"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-eks)","(aws-eks)","(eks)"],"labels":["@aws-cdk/aws-eks"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-elasticache)","(aws-elasticache)","(elasticache)","(elastic cache)","(elastic-cache)"],"labels":["@aws-cdk/aws-elasticache"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-elasticbeanstalk)","(aws-elasticbeanstalk)","(elasticbeanstalk)","(elastic beanstalk)","(elastic-beanstalk)"],"labels":["@aws-cdk/aws-elasticbeanstalk"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-elasticloadbalancing)","(aws-elasticloadbalancing)","(elasticloadbalancing)","(elastic loadbalancing)","(elastic-loadbalancing)","(elb)"],"labels":["@aws-cdk/aws-elasticloadbalancing"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-elasticloadbalancingv2)","(aws-elasticloadbalancingv2)","(elasticloadbalancingv2)","(elastic-loadbalancing-v2)","(elbv2)","(elb v2)"],"labels":["@aws-cdk/aws-elasticloadbalancingv2"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-elasticloadbalancingv2-targets)","(aws-elasticloadbalancingv2-targets)","(elasticloadbalancingv2-targets)","(elasticloadbalancingv2 targets)","(elbv2 targets)"],"labels":["@aws-cdk/aws-elasticloadbalancingv2-targets"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-elasticsearch)","(aws-elasticsearch)","(elasticsearch)","(elastic search)","(elastic-search)"],"labels":["@aws-cdk/aws-elasticsearch"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-emr)","(aws-emr)","(emr)"],"labels":["@aws-cdk/aws-emr"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-events)","(aws-events)","(events)","(eventbridge)","event-bridge)"],"labels":["@aws-cdk/aws-events"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-events-targets)","(aws-events-targets)","(events-targets)","(events targets)"],"labels":["@aws-cdk/aws-events-targets"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-eventschemas)","(aws-eventschemas)","(eventschemas)","(event schemas)"],"labels":["@aws-cdk/aws-eventschemas"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-fms)","(aws-fms)","(fms)"],"labels":["@aws-cdk/aws-fms"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-fsx)","(aws-fsx)","(fsx)"],"labels":["@aws-cdk/aws-fsx"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-gamelift)","(aws-gamelift)","(gamelift)","(game lift)"],"labels":["@aws-cdk/aws-gamelift"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-globalaccelerator)","(aws-globalaccelerator)","(globalaccelerator)","(global accelerator)","(global-accelerator)"],"labels":["@aws-cdk/aws-globalaccelerator"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-glue)","(aws-glue)","(glue)"],"labels":["@aws-cdk/aws-glue"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-greengrass)","(aws-greengrass)","(greengrass)","(green grass)","(green-grass)"],"labels":["@aws-cdk/aws-greengrass"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-guardduty)","(aws-guardduty)","(guardduty)","(guard duty)","(guard-duty)"],"labels":["@aws-cdk/aws-guardduty"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-iam)","(aws-iam)","(iam)"],"labels":["@aws-cdk/aws-iam"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/aws-imagebuilder)","(aws-imagebuilder)","(imagebuilder)","(image builder)","(image-builder)"],"labels":["@aws-cdk/aws-imagebuilder"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-inspector)","(aws-inspector)","(inspector)"],"labels":["@aws-cdk/aws-inspector"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iot)","(aws-iot)","(iot)"],"labels":["@aws-cdk/aws-iot"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iot1click)","(aws-iot1click)","(iot1click)","(iot 1click)"],"labels":["@aws-cdk/aws-iot1click"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iotanalytics)","(aws-iotanalytics)","(iotanalytics)","(iot analytics)","(iot-analytics)"],"labels":["@aws-cdk/aws-iotanalytics"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iotevents)","(aws-iotevents)","(iotevents)","(iot events)","(iot-events)"],"labels":["@aws-cdk/aws-iotevents"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iotsitewise)","(aws-iotsitewise)","(iotsitewise)","(iot sitewise)","(iot-sitewise)","(iot-site-wise)","(iot site wise)"],"labels":["@aws-cdk/aws-iotsitewise"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-iotthingsgraph)","(aws-iotthingsgraph)","(iotthingsgraph)","(iot things graph)","(iot-things-graph)"],"labels":["@aws-cdk/aws-iotthingsgraph"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-ivs)","(aws-ivs)","(Interactive Video Service)","(ivs)"],"labels":["@aws-cdk/aws-ivs"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-kendra)","(aws-kendra)","(kendra)"],"labels":["@aws-cdk/aws-kendra"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-kinesis)","(aws-kinesis)","(kinesis)"],"labels":["@aws-cdk/aws-kinesis"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-kinesisanalytics)","(aws-kinesisanalytics)","(kinesisanalytics)","(kinesis analytics)","(kinesis-analytics)"],"labels":["@aws-cdk/aws-kinesisanalytics"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-kinesisfirehose)","(aws-kinesisfirehose)","(kinesisfirehose)","(kinesis firehose)","(kinesis-firehose)"],"labels":["@aws-cdk/aws-kinesisfirehose"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-kms)","(aws-kms)","(kms)"],"labels":["@aws-cdk/aws-kms"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-lakeformation)","(aws-lakeformation)","(lakeformation)","(lake formation)","(lake-formation)"],"labels":["@aws-cdk/aws-lakeformation"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-lambda)","(aws-lambda)","(lambda)"],"labels":["@aws-cdk/aws-lambda"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-lambda-event-sources)","(aws-lambda-event-sources)","(lambda-event-sources)","(lambda event sources)"],"labels":["@aws-cdk/aws-lambda-event-sources"],"assignees":["nija-at"]}, + {"keywords":["(@aws-cdk/aws-lambda-nodejs)","(aws-lambda-nodejs)","(lambda-nodejs)","(lambda nodejs)"],"labels":["@aws-cdk/aws-lambda-nodejs"],"assignees":["eladb"]}, + {"keywords":["(@aws-cdk/aws-lambda-python)","(aws-lambda-python)","(lambda-python)","(lambda python)"],"labels":["@aws-cdk/aws-lambda-python"],"assignees":["eladb"]}, + {"keywords":["(@aws-cdk/aws-logs)","(aws-logs)","(logs)"],"labels":["@aws-cdk/aws-logs"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-logs-destinations)","(aws-logs-destinations)","(logs-destinations)","(logs destinations)"],"labels":["@aws-cdk/aws-logs-destinations"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-macie)","(aws-macie)","(macie)"],"labels":["@aws-cdk/aws-macie"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-managedblockchain)","(aws-managedblockchain)","(managedblockchain)","(managed blockchain)","(managed-blockchain)"],"labels":["@aws-cdk/aws-managedblockchain"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-mediaconvert)","(aws-mediaconvert)","(mediaconvert)","(media convert)","(media-convert)"],"labels":["@aws-cdk/aws-mediaconvert"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-medialive)","(aws-medialive)","(medialive)","(media live)","(media-live)"],"labels":["@aws-cdk/aws-medialive"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-mediastore)","(aws-mediastore)","(mediastore)","(media store)","(media-store)"],"labels":["@aws-cdk/aws-mediastore"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-mediapackage)","(aws-mediapackage)","(mediapackage)","(media package)","(media-package)"],"labels":["@aws-cdk/aws-mediapackage"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-msk)","(aws-msk)","(msk)"],"labels":["@aws-cdk/aws-msk"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-neptune)","(aws-neptune)","(neptune)"],"labels":["@aws-cdk/aws-neptune"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-networkmanager)","(aws-networkmanager)","(networkmanager)","(network manager)","(network-manager)"],"labels":["@aws-cdk/aws-networkmanager"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-opsworks)","(aws-opsworks)","(opsworks)","(ops works)","(ops-works)"],"labels":["@aws-cdk/aws-opsworks"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-opsworkscm)","(aws-opsworkscm)","(opsworkscm)","(opsworks cm)","(opsworks-cm)"],"labels":["@aws-cdk/aws-opsworkscm"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-personalize)","(aws-personalize)","(personalize)"],"labels":["@aws-cdk/aws-personalize"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-pinpoint)","(aws-pinpoint)","(pinpoint)"],"labels":["@aws-cdk/aws-pinpoint"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-pinpointemail)","(aws-pinpointemail)","(pinpointemail)","(pinpoint email)","(pinpoint-email)"],"labels":["@aws-cdk/aws-pinpointemail"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-qldb)","(aws-qldb)","(qldb)"],"labels":["@aws-cdk/aws-qldb"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-ram)","(aws-ram)","(ram)"],"labels":["@aws-cdk/aws-ram"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-rds)","(aws-rds)","(rds)"],"labels":["@aws-cdk/aws-rds"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-redshift)","(aws-redshift)","(redshift)","(red shift)","(red-shift)"],"labels":["@aws-cdk/aws-redshift"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-resourcegroups)","(aws-resourcegroups)","(resourcegroups)","(resource groups)","(resource-groups)"],"labels":["@aws-cdk/aws-resourcegroups"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-robomaker)","(aws-robomaker)","(robomaker)","(robo maker)","(robo-maker)"],"labels":["@aws-cdk/aws-robomaker"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-route53)","(aws-route53)","(route53)","(route 53)","(route-53)"],"labels":["@aws-cdk/aws-route53"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-route53-patterns)","(aws-route53-patterns)","(route53-patterns)","(route53 patterns)","(route-53-patterns)"],"labels":["@aws-cdk/aws-route53-patterns"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-route53-targets)","(aws-route53-targets)","(route53-targets)","(route53 targets)","(route-53-targets)"],"labels":["@aws-cdk/aws-route53-targets"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-route53resolver)","(aws-route53resolver)","(route53resolver)","(route53 resolver)","(route-53-resolver)"],"labels":["@aws-cdk/aws-route53resolver"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-s3)","(aws-s3)","(s3)"],"labels":["@aws-cdk/aws-s3"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-s3-assets)","(aws-s3-assets)","(s3-assets)","(s3 assets)"],"labels":["@aws-cdk/aws-s3-assets"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-s3-deployment)","(aws-s3-deployment)","(s3-deployment)","(s3 deployment)"],"labels":["@aws-cdk/aws-s3-deployment"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-s3-notifications)","(aws-s3-notifications)","(s3-notifications)","(s3 notifications)"],"labels":["@aws-cdk/aws-s3-notifications"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-sagemaker)","(aws-sagemaker)","(sagemaker)","(sage maker)","(sage-maker)"],"labels":["@aws-cdk/aws-sagemaker"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-sam)","(aws-sam)","(sam)"],"labels":["@aws-cdk/aws-sam"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-sdb)","(aws-sdb)","(sdb)"],"labels":["@aws-cdk/aws-sdb"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-secretsmanager)","(aws-secretsmanager)","(secretsmanager)","(secrets manager)","(secrets-manager)"],"labels":["@aws-cdk/aws-secretsmanager"],"assignees":["njlynch"]}, + {"keywords":["(@aws-cdk/aws-securityhub)","(aws-securityhub)","(securityhub)","(security hub)","(security-hub)"],"labels":["@aws-cdk/aws-securityhub"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-servicecatalog)","(aws-servicecatalog)","(servicecatalog)","(service catalog)","(service-catalog)"],"labels":["@aws-cdk/aws-servicecatalog"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-servicediscovery)","(aws-servicediscovery)","(servicediscovery)","(service discovery)","(service-discovery)"],"labels":["@aws-cdk/aws-servicediscovery"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-ses)","(aws-ses)","(ses)"],"labels":["@aws-cdk/aws-ses"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-ses-actions)","(aws-ses-actions)","(ses-actions)","(ses actions)"],"labels":["@aws-cdk/aws-ses-actions"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-sns)","(aws-sns)","(sns)"],"labels":["@aws-cdk/aws-sns"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-sns-subscriptions)","(aws-sns-subscriptions)","(sns-subscriptions)","(sns subscriptions)"],"labels":["@aws-cdk/aws-sns-subscriptions"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-sqs)","(aws-sqs)","(sqs)"],"labels":["@aws-cdk/aws-sqs"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-ssm)","(aws-ssm)","(ssm)"],"labels":["@aws-cdk/aws-ssm"],"assignees":["MrArnoldPalmer"]}, + {"keywords":["(@aws-cdk/aws-sso)","(aws-sso)","(sso)"],"labels":["@aws-cdk/aws-sso"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-stepfunctions)","(aws-stepfunctions)","(stepfunctions)","(step functions)","(step-functions)"],"labels":["@aws-cdk/aws-stepfunctions"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-stepfunctions-tasks)","(aws-stepfunctions-tasks)","(stepfunctions-tasks)","(stepfunctions tasks)"],"labels":["@aws-cdk/aws-stepfunctions-tasks"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-synthetics)","(aws-synthetics)","(synthetics)"],"labels":["@aws-cdk/aws-synthetics"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/aws-timestream)","(aws-timestream)","(timestream)"],"labels":["@aws-cdk/aws-timestream"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/aws-transfer)","(aws-transfer)","(transfer)"],"labels":["@aws-cdk/aws-transfer"],"assignees":["iliapolo"]}, + {"keywords":["(@aws-cdk/aws-waf)","(aws-waf)","(waf)"],"labels":["@aws-cdk/aws-waf"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-wafregional)","(aws-wafregional)","(wafregional)","(waf regional)","(waf-regional)"],"labels":["@aws-cdk/aws-wafregional"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-wafv2)","(aws-wafv2)","(wafv2)","(waf v2)","(waf-v2)"],"labels":["@aws-cdk/aws-wafv2"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/aws-workspaces)","(aws-workspaces)","(workspaces)"],"labels":["@aws-cdk/aws-workspaces"],"assignees":["NetaNir"]}, + {"keywords":["(@aws-cdk/cfnspec)","(cfnspec)","(cfn spec)","(cfn-spec)"],"labels":["@aws-cdk/cfnspec"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/cloud-assembly-schema)","(cloud-assembly-schema)","(cloud assembly schema)"],"labels":["@aws-cdk/cloud-assembly-schema"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/cloudformation-diff)","(cloudformation-diff)","(cloudformation diff)","(cfn diff)"],"labels":["@aws-cdk/cloudformation-diff"],"assignees":["shivlaks"]}, + {"keywords":["(@aws-cdk/cloudformation-include)","(cloudformation-include)","(cloudformation include)","(cfn include)","(cfn-include)"],"labels":["@aws-cdk/cloudformation-include"],"assignees":["skinny85"]}, + {"keywords":["(@aws-cdk/core)","(core)"],"labels":["@aws-cdk/core"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/custom-resources)","(custom-resources)","(custom resources)"],"labels":["@aws-cdk/custom-resources"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/cx-api)","(cx-api)","(cx api)"],"labels":["@aws-cdk/cx-api"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/pipelines)","(pipelines)","(cdk pipelines)","(cdk-pipelines)"],"labels":["@aws-cdk/pipelines"],"assignees":["rix0rrr"]}, + {"keywords":["(@aws-cdk/region-info)","(region-info)","(region info)"],"labels":["@aws-cdk/region-info"],"assignees":["RomainMuller"]} ] - diff --git a/.gitignore b/.gitignore index 03b7512a00c05..5f60eac749208 100644 --- a/.gitignore +++ b/.gitignore @@ -37,9 +37,6 @@ cdk.out/ # Yarn error log yarn-error.log -# Parcel default cache directory -.parcel-cache - # VSCode history plugin .vscode/.history/ diff --git a/CHANGELOG.md b/CHANGELOG.md index e3d66f8b2c4dd..24a5e76898065 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,57 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.77.0](https://github.com/aws/aws-cdk/compare/v1.76.0...v1.77.0) (2020-12-07) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **apigatewayv2:** The `VpcLink.fromVpcLinkId()` API has been +replaced with `VpcLink.fromVpcLinkAttributes()`. +* **secretsmanager:** (feature flag) Secret.secretName for owned secrets will now return +only the secret name (without suffix) and not the full resource name. This is +enabled through the `@aws-cdk/secretsmanager:parseOwnedSecretName` flag. +* **lambda-nodejs:** bundling customization options like `minify` or `sourceMap` are now gathered under a new `bundling` prop. +* **lambda-nodejs**: `bundlingEnvironment` is now `bundling.environment` +* **lambda-nodejs**: `bundlingDockerImage` is now `bundling.dockerImage` + +### Features + +* **apigatewayv2:** private integration with imported services ([#11661](https://github.com/aws/aws-cdk/issues/11661)) ([6bf0da0](https://github.com/aws/aws-cdk/commit/6bf0da05348557386a72af6323d0165c594caf6c)), closes [#11603](https://github.com/aws/aws-cdk/issues/11603) +* **cfn-include:** preserve properties of resources that are not in the current CFN schema ([#11822](https://github.com/aws/aws-cdk/issues/11822)) ([45677ca](https://github.com/aws/aws-cdk/commit/45677cac1b8a13d272c8e7ecea74b2beba590df7)), closes [#9717](https://github.com/aws/aws-cdk/issues/9717) +* **cfn-include:** the cloudformation-include module is now Generally Available (stable) ([#11882](https://github.com/aws/aws-cdk/issues/11882)) ([11df56b](https://github.com/aws/aws-cdk/commit/11df56b7fa1c976641da1a26f3c5ce012d9a92fa)) +* **cfnspec:** cloudformation spec v21.0.0 ([#11694](https://github.com/aws/aws-cdk/issues/11694)) ([d1d9fc4](https://github.com/aws/aws-cdk/commit/d1d9fc49afbd5bfde6b30bbfb92bb179e79d5743)) +* **cli:** support WebIdentityCredentials (as used by EKS) ([#11559](https://github.com/aws/aws-cdk/issues/11559)) ([5cfbe6c](https://github.com/aws/aws-cdk/commit/5cfbe6c96df5d590588337c1ca8e41272a8d09fb)), closes [#11543](https://github.com/aws/aws-cdk/issues/11543) +* **cloudfront:** Lambda@Edge construct ([#10500](https://github.com/aws/aws-cdk/issues/10500)) ([3b30123](https://github.com/aws/aws-cdk/commit/3b301231a2d28c3f46d22d44010eb75adc77bc6b)), closes [#9833](https://github.com/aws/aws-cdk/issues/9833) [#1575](https://github.com/aws/aws-cdk/issues/1575) [#9862](https://github.com/aws/aws-cdk/issues/9862) +* **codepipeline-actions:** support `executeBatchBuild` on `CodeBuildAction` ([#11741](https://github.com/aws/aws-cdk/issues/11741)) ([3dcd1a8](https://github.com/aws/aws-cdk/commit/3dcd1a8345a20caad5100f810517f8e742bd65e8)), closes [#11662](https://github.com/aws/aws-cdk/issues/11662) +* **cognito:** user pool client - token validity ([#11752](https://github.com/aws/aws-cdk/issues/11752)) ([78b3c39](https://github.com/aws/aws-cdk/commit/78b3c3934c054ef27dc0e164af88d83692ead91d)), closes [#11689](https://github.com/aws/aws-cdk/issues/11689) +* **ecr:** authorization token retrieval grants ([#11783](https://github.com/aws/aws-cdk/issues/11783)) ([c072981](https://github.com/aws/aws-cdk/commit/c072981c175bf0509e9c606ff9ed441a0c7aef31)) +* **ecs-patterns:** allow to select vpc subnets for LB fargate service ([#11823](https://github.com/aws/aws-cdk/issues/11823)) ([869c884](https://github.com/aws/aws-cdk/commit/869c884a9bd02a5fa116a8339ef7a6cedbeb33ac)), closes [#8621](https://github.com/aws/aws-cdk/issues/8621) +* **lambda-nodejs:** command hooks ([#11583](https://github.com/aws/aws-cdk/issues/11583)) ([0608670](https://github.com/aws/aws-cdk/commit/0608670f5a4d78c0de2e394b3dee8f87211a7c61)), closes [#11468](https://github.com/aws/aws-cdk/issues/11468) +* **lambda-python:** support poetry packaging for PythonFunction ([#11850](https://github.com/aws/aws-cdk/issues/11850)) ([c5c258a](https://github.com/aws/aws-cdk/commit/c5c258ac8c7cf24e541472d1fce1e971604e0aaa)), closes [#11753](https://github.com/aws/aws-cdk/issues/11753) + + +### Bug Fixes + +* **codebuild:** Project lacks permissions for SSM ParameterStore environment variables ([#11770](https://github.com/aws/aws-cdk/issues/11770)) ([3c5c2f4](https://github.com/aws/aws-cdk/commit/3c5c2f415dc1d8f2f5b4fe2e7668b76f155675c6)), closes [#11769](https://github.com/aws/aws-cdk/issues/11769) +* **codepipeline-actions:** incorrect IAM statement in StepFunctionInvokeAction ([#11728](https://github.com/aws/aws-cdk/issues/11728)) ([ece9b23](https://github.com/aws/aws-cdk/commit/ece9b237e7da4b493e34c801bb0f17b1a5edf68e)), closes [#11397](https://github.com/aws/aws-cdk/issues/11397) [#11688](https://github.com/aws/aws-cdk/issues/11688) +* **core:** custom resource providers cannot be used in CDK Pipelines ([#11807](https://github.com/aws/aws-cdk/issues/11807)) ([48b3fa9](https://github.com/aws/aws-cdk/commit/48b3fa95b3ce3c5843aa35d48772e31d8c85c505)), closes [#11760](https://github.com/aws/aws-cdk/issues/11760) +* **core:** floating list tokens synthesize to template ([#11899](https://github.com/aws/aws-cdk/issues/11899)) ([60875a5](https://github.com/aws/aws-cdk/commit/60875a5d6cd93b7d6f0f9b1b94153f6d1f4766b1)), closes [#11750](https://github.com/aws/aws-cdk/issues/11750) +* **core:** init templates not initialized when running the CLI from source ([#11731](https://github.com/aws/aws-cdk/issues/11731)) ([2e067d7](https://github.com/aws/aws-cdk/commit/2e067d7d00b10b4c5e26665386c0a86340a83379)), closes [#11665](https://github.com/aws/aws-cdk/issues/11665) +* **core:** regression: source directory is fingerprinted even if bundling is skipped ([#11440](https://github.com/aws/aws-cdk/issues/11440)) ([3cbc7fa](https://github.com/aws/aws-cdk/commit/3cbc7fa58a69330b82935f9d464446fb2d410344)), closes [#11008](https://github.com/aws/aws-cdk/issues/11008) [/github.com/aws/aws-cdk/pull/11008/files#diff-62eef996be8abeb157518522c3cbf84a33dd4751c103304df87b04eb6d7bbab6L160](https://github.com/aws//github.com/aws/aws-cdk/pull/11008/files/issues/diff-62eef996be8abeb157518522c3cbf84a33dd4751c103304df87b04eb6d7bbab6L160) [#11008](https://github.com/aws/aws-cdk/issues/11008) [40aws-cdk/core/lib/asset-staging.ts#L159-L160](https://github.com/40aws-cdk/core/lib/asset-staging.ts/issues/L159-L160) [#11459](https://github.com/aws/aws-cdk/issues/11459) [#11460](https://github.com/aws/aws-cdk/issues/11460) +* **ec2:** instance not replaced when changing asset in UserData ([#11780](https://github.com/aws/aws-cdk/issues/11780)) ([17bde5a](https://github.com/aws/aws-cdk/commit/17bde5a27983cff322edce8d7d0eab7f4551e553)), closes [#11704](https://github.com/aws/aws-cdk/issues/11704) +* **eks:** addManifest can accept `any` but only works if a map is passed ([#11768](https://github.com/aws/aws-cdk/issues/11768)) ([f85c08c](https://github.com/aws/aws-cdk/commit/f85c08cfcf0fd0d3c1f4a0e835787fd0c3de7b63)), closes [#11483](https://github.com/aws/aws-cdk/issues/11483) +* **events:** match values in event pattern array are not deduplicated ([#11744](https://github.com/aws/aws-cdk/issues/11744)) ([a07b987](https://github.com/aws/aws-cdk/commit/a07b98744c5050381a95467af9de79fe2aacdfaf)) +* **iam:** OIDC provider cannot be imported from parameter ([#11789](https://github.com/aws/aws-cdk/issues/11789)) ([cacb1d7](https://github.com/aws/aws-cdk/commit/cacb1d7fc3b0f299c17a86464c20e32a428e881d)), closes [#11705](https://github.com/aws/aws-cdk/issues/11705) +* **kinesis:** Unable to use retention periods longer than 7 days ([#11798](https://github.com/aws/aws-cdk/issues/11798)) ([80e5d90](https://github.com/aws/aws-cdk/commit/80e5d90c0cf7a5ed8f8bb1c37768be34efb32e01)) +* **lambda-nodejs:** automatic entry finding with compilerOptions.outDir ([#11729](https://github.com/aws/aws-cdk/issues/11729)) ([1000cf9](https://github.com/aws/aws-cdk/commit/1000cf9a56c7671ab954c35604f8c282a6263977)) +* **lambda-nodejs:** maximum call stack size exceeded or converting circular structure to JSON ([#11698](https://github.com/aws/aws-cdk/issues/11698)) ([4401725](https://github.com/aws/aws-cdk/commit/44017253483488fc7113301ffc184a4c6be497db)), closes [#11693](https://github.com/aws/aws-cdk/issues/11693) [#11726](https://github.com/aws/aws-cdk/issues/11726) [#11762](https://github.com/aws/aws-cdk/issues/11762) +* **lambda-nodejs:** yarn cannot find a writable cache ([#11656](https://github.com/aws/aws-cdk/issues/11656)) ([b16a8d3](https://github.com/aws/aws-cdk/commit/b16a8d3079d1d293ce127d616f82b54cb869f2e5)) +* **redshift:** multi-node redshift cluster not allowing parameter ([#11677](https://github.com/aws/aws-cdk/issues/11677)) ([13c05be](https://github.com/aws/aws-cdk/commit/13c05bee5882114ccdd4c917cb5cc0204ce15e49)), closes [#11610](https://github.com/aws/aws-cdk/issues/11610) +* **secretsmanager:** secretName for owned secrets includes suffix (under feature flag) ([#11736](https://github.com/aws/aws-cdk/issues/11736)) ([f6b4334](https://github.com/aws/aws-cdk/commit/f6b4334c59a1ac0bfb8b877baccb02b894ef24e4)), closes [#11202](https://github.com/aws/aws-cdk/issues/11202) [#11727](https://github.com/aws/aws-cdk/issues/11727) +* **sqs:** queueUrl property has incorrect region and account for imported queue ([#11651](https://github.com/aws/aws-cdk/issues/11651)) ([7b8b665](https://github.com/aws/aws-cdk/commit/7b8b6656f909a023d8d66445b58d2d5b9dde1c15)) +* **stepfunctions-tasks:** instance type cannot be provided to SageMakerCreateEndpointConfig as input path ([#11749](https://github.com/aws/aws-cdk/issues/11749)) ([5fb0ea6](https://github.com/aws/aws-cdk/commit/5fb0ea6276db26f76b99b1826d742eae979f4ed9)), closes [#11605](https://github.com/aws/aws-cdk/issues/11605) + ## [1.76.0](https://github.com/aws/aws-cdk/compare/v1.75.0...v1.76.0) (2020-12-01) @@ -17,6 +68,7 @@ All notable changes to this project will be documented in this file. See [standa * **appmesh:** renames gateway listener static methods to use shorter names * **appmesh:** renames gateway route static methods to use shorter names * **appmesh:** changes Route's spec to a union-like class. RouteSpec is now defined using protocol variant static methods +* **efs:** `keyId` property uses the ARN instead of the `keyId` to support cross-account encryption key usage. The filesystem will be replaced. * **lambda-nodejs:** local bundling now requires `esbuild` to be installed. * **lambda-nodejs**: `projectRoot` has been replaced by `depsLockFilePath`. It should point to your dependency lock file (`package-lock.json` or `yarn.lock`) * **lambda-nodejs**: `parcelEnvironment` has been renamed to `bundlingEnvironment` diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 364042c28ae18..3ccfe335daddf 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -173,6 +173,9 @@ Work your magic. Here are some guidelines: Feel free to start your contribution by copy&pasting files from that project, and then edit and rename them as appropriate - it might be easier to get started that way. +* If your change includes code examples (in the `README.md` file or as part of regular TSDoc tags), + you should probably validate those examples can be successfully compiled and trans-literated by + running `yarn rosetta:extract` (this requires other packages used by code examples are built). #### Integration Tests diff --git a/README.md b/README.md index 701efa30200be..79e66ffa1f12d 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ Modules in the AWS Construct Library are designated Experimental while we build them; experimental modules may have breaking API changes in any release. After a module is designated Stable, it adheres to [semantic versioning](https://semver.org/), and only major releases can have breaking changes. Each module's stability designation -is available on its Overview page in the [AWS CDK API Reference](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-construct-library.html). +is available on its Overview page in the [AWS CDK API Reference](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-construct-library.html). For more information, see [Versioning](https://docs.aws.amazon.com/cdk/latest/guide/reference.html#versioning) in the CDK Developer Guide. @@ -77,7 +77,7 @@ For a detailed walkthrough, see the [tutorial](https://docs.aws.amazon.com/cdk/l Install or update the [AWS CDK CLI] from npm (requires [Node.js ≥ 10.13.0](https://nodejs.org/download/release/latest-v10.x/)). We recommend using a version in [Active LTS](https://nodejs.org/en/about/releases/) ⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies. -```bash +```console $ npm i -g aws-cdk ``` @@ -85,7 +85,7 @@ $ npm i -g aws-cdk Initialize a project: -```bash +```console $ mkdir hello-cdk $ cd hello-cdk $ cdk init sample-app --language=typescript @@ -111,7 +111,7 @@ export class HelloCdkStack extends cdk.Stack { Deploy this to your account: -```bash +```console $ cdk deploy ``` @@ -148,4 +148,4 @@ environment and submit code. * [Examples](https://github.com/aws-samples/aws-cdk-examples) * [Changelog](./CHANGELOG.md) * [NOTICE](./NOTICE) -* [License](./LICENSE) +* [License](./LICENSE) diff --git a/build.sh b/build.sh index 13d525731b16e..14d8c27935405 100755 --- a/build.sh +++ b/build.sh @@ -56,7 +56,7 @@ fail() { # Verify all required tools are present before starting the build if [ "$check_prereqs" == "true" ]; then - /bin/bash ./scripts/check-prerequisites.sh + /bin/bash ./scripts/check-build-prerequisites.sh fi # Prepare for build with references diff --git a/pack.sh b/pack.sh index de48b7dea0c2f..727c6faaf63cd 100755 --- a/pack.sh +++ b/pack.sh @@ -19,6 +19,10 @@ distdir="$PWD/dist" rm -fr ${distdir} mkdir -p ${distdir} +if ${CHECK_PREREQS:-true}; then + /bin/bash ./scripts/check-pack-prerequisites.sh +fi + # Split out jsii and non-jsii packages. Jsii packages will be built all at once. # Non-jsii packages will be run individually. echo "Collecting package list..." >&2 diff --git a/package.json b/package.json index e3757fe3f77b9..aee0ccc3f2b6b 100644 --- a/package.json +++ b/package.json @@ -18,9 +18,9 @@ "fs-extra": "^9.0.1", "graceful-fs": "^4.2.4", "jest-junit": "^12.0.0", - "jsii-diff": "^1.14.1", - "jsii-pacmak": "^1.14.1", - "jsii-rosetta": "^1.14.1", + "jsii-diff": "^1.15.0", + "jsii-pacmak": "^1.15.0", + "jsii-rosetta": "^1.15.0", "lerna": "^3.22.1", "standard-version": "^9.0.0", "typescript": "~3.9.7" diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/README.md b/packages/@aws-cdk-containers/ecs-service-extensions/README.md index cbca327f0ee12..da884a7aa85bd 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/README.md +++ b/packages/@aws-cdk-containers/ecs-service-extensions/README.md @@ -1,10 +1,12 @@ # CDK Construct library for building ECS services + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library provides a high level, extensible pattern for constructing services @@ -182,34 +184,34 @@ requiring decentralized updates to many different services. Every `ServiceExtension` can implement the following hooks to modify the properties of constructs, or make use of the resulting constructs: -* `addHooks()` - This hook is called after all the extensions are added to a +- `addHooks()` - This hook is called after all the extensions are added to a ServiceDescription, but before any of the other extension hooks have been run. It gives each extension a chance to do some inspection of the overall ServiceDescription and see what other extensions have been added. Some extensions may want to register hooks on the other extensions to modify them. For example, the Firelens extension wants to be able to modify the settings of the application container to route logs through Firelens. -* `modifyTaskDefinitionProps()` - This is hook is passed the proposed +- `modifyTaskDefinitionProps()` - This is hook is passed the proposed ecs.TaskDefinitionProps for a TaskDefinition that is about to be created. This allows the extension to make modifications to the task definition props before the TaskDefinition is created. For example, the App Mesh extension modifies the proxy settings for the task. -* `useTaskDefinition()` - After the TaskDefinition is created, this hook is +- `useTaskDefinition()` - After the TaskDefinition is created, this hook is passed the actual TaskDefinition construct that was created. This allows the extension to add containers to the task, modify the task definition's IAM role, etc. -* `resolveContainerDependencies()` - Once all extensions have added their containers, +- `resolveContainerDependencies()` - Once all extensions have added their containers, each extension is given a chance to modify its container's `dependsOn` settings. Extensions need to check and see what other extensions were enabled and decide whether their container needs to wait on another container to start first. -* `modifyServiceProps()` - Before an Ec2Service or FargateService is created, this +- `modifyServiceProps()` - Before an Ec2Service or FargateService is created, this hook is passed a draft version of the service props to change. Each extension adds its own modifications to the service properties. For example, the App Mesh extension needs to modify the service settings to enable CloudMap service discovery. -* `useService()` - After the service is created, this hook is given a chance to +- `useService()` - After the service is created, this hook is given a chance to utilize that service. This is used by extensions like the load balancer or App Mesh extension, which create and link other AWS resources to the ECS extension. -* `connectToService()` - This hook is called when a user wants to connect one service +- `connectToService()` - This hook is called when a user wants to connect one service to another service. It allows an extension to implement logic about how to allow connections from one service to another. For example, the App Mesh extension implements this method in order to easily connect one service mesh service to another, which @@ -305,7 +307,7 @@ const environment = Environment.fromEnvironmentAttributes(stack, 'Environment', We encourage the development of Community Service Extensions that support advanced features. Here are some useful extensions that we have reviewed: -* [ListenerRulesExtension](https://www.npmjs.com/package/@wheatstalk/ecs-service-extension-listener-rules) for more precise control over Application Load Balancer rules +- [ListenerRulesExtension](https://www.npmjs.com/package/@wheatstalk/ecs-service-extension-listener-rules) for more precise control over Application Load Balancer rules > Please submit a pull request so that we can review your service extension and > list it here. diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/package.json b/packages/@aws-cdk-containers/ecs-service-extensions/package.json index e33dc561b65b8..d5249726f297e 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/package.json +++ b/packages/@aws-cdk-containers/ecs-service-extensions/package.json @@ -101,4 +101,4 @@ }, "maturity": "stable", "stability": "stable" -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/alexa-ask/README.md b/packages/@aws-cdk/alexa-ask/README.md index fcf3976ab1057..125b909867ec7 100644 --- a/packages/@aws-cdk/alexa-ask/README.md +++ b/packages/@aws-cdk/alexa-ask/README.md @@ -1,18 +1,26 @@ -## Alexa Skills Kit Construct Library +# Alexa Skills Kit Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ```ts import * as alexaAsk from '@aws-cdk/alexa-ask'; -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/alexa-ask/package.json b/packages/@aws-cdk/alexa-ask/package.json index eff6618e6bfb8..1233a4a1993ea 100644 --- a/packages/@aws-cdk/alexa-ask/package.json +++ b/packages/@aws-cdk/alexa-ask/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "Alexa::ASK", diff --git a/packages/@aws-cdk/app-delivery/README.md b/packages/@aws-cdk/app-delivery/README.md index 949cf90b6c714..a60f4590dc39f 100644 --- a/packages/@aws-cdk/app-delivery/README.md +++ b/packages/@aws-cdk/app-delivery/README.md @@ -1,5 +1,6 @@ -## Continuous Integration / Continuous Delivery for CDK Applications +# Continuous Integration / Continuous Delivery for CDK Applications + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -7,6 +8,7 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + This library includes a *CodePipeline* composite Action for deploying AWS CDK Applications. @@ -14,27 +16,31 @@ This library includes a *CodePipeline* composite Action for deploying AWS CDK Ap This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -# Replacement recommended +## Replacement recommended This library has been deprecated. We recommend you use the [@aws-cdk/pipelines](https://docs.aws.amazon.com/cdk/api/latest/docs/pipelines-readme.html) module instead. -### Limitations +## Limitations + The construct library in it's current form has the following limitations: + 1. It can only deploy stacks that are hosted in the same AWS account and region as the *CodePipeline* is. 2. Stacks that make use of `Asset`s cannot be deployed successfully. -### Getting Started +## Getting Started + In order to add the `PipelineDeployStackAction` to your *CodePipeline*, you need to have a *CodePipeline* artifact that contains the result of invoking `cdk synth -o ` on your *CDK App*. You can for example achieve this using a *CodeBuild* project. The example below defines a *CDK App* that contains 3 stacks: + * `CodePipelineStack` manages the *CodePipeline* resources, and self-updates before deploying any other stack * `ServiceStackA` and `ServiceStackB` are service infrastructure stacks, and need to be deployed in this order -``` +```plaintext ┏━━━━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Source ┃ ┃ Build ┃ ┃ Self-Update ┃ ┃ Deploy ┃ ┃ ┃ ┃ ┃ ┃ ┃ ┃ ┃ @@ -45,9 +51,9 @@ The example below defines a *CDK App* that contains 3 stacks: ┗━━━━━━━━━━━━━━━━┛ ┗━━━━━━━━━━━━━━━━┛ ┗━━━━━━━━━━━━━━━━━┛ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛ ``` -#### `index.ts` +### `index.ts` -```typescript +```ts import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; import * as codepipeline_actions from '@aws-cdk/aws-codepipeline-actions'; @@ -138,7 +144,8 @@ deployStage.addAction(new cicd.PipelineDeployStackAction({ })); ``` -#### `buildspec.yml` +### `buildspec.yml` + The repository can contain a file at the root level named `buildspec.yml`, or you can in-line the buildspec. Note that `buildspec.yaml` is not compatible. diff --git a/packages/@aws-cdk/app-delivery/package.json b/packages/@aws-cdk/app-delivery/package.json index d860fe435fd24..b8ca6275939df 100644 --- a/packages/@aws-cdk/app-delivery/package.json +++ b/packages/@aws-cdk/app-delivery/package.json @@ -43,7 +43,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "dependencies": { "@aws-cdk/aws-cloudformation": "0.0.0", diff --git a/packages/@aws-cdk/assert/README.md b/packages/@aws-cdk/assert/README.md index 1c8eb3bd30c05..9256b46d2b154 100644 --- a/packages/@aws-cdk/assert/README.md +++ b/packages/@aws-cdk/assert/README.md @@ -1,17 +1,23 @@ -## Testing utilities and assertions for CDK libraries +# Testing utilities and assertions for CDK libraries + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This library contains helpers for writing unit tests and integration tests for CDK libraries -### Unit tests +## Unit tests Write your unit tests like this: @@ -27,7 +33,7 @@ expect(stack).to(someExpectation(...)); Here are the expectations you can use: -### Verify (parts of) a template +## Verify (parts of) a template Check that the synthesized stack template looks like the given template, or is a superset of it. These functions match logical IDs and all properties of a resource. @@ -57,7 +63,7 @@ expect(stack).to(beASupersetOfTemplate({ ``` -### Check existence of a resource +## Check existence of a resource If you only care that a resource of a particular type exists (regardless of its logical identifier), and that *some* of its properties are set to specific values: @@ -114,13 +120,13 @@ expect(stack).to(haveResourceLike('AWS::IAM::Policy', { })); ``` -### Capturing values from a match +## Capturing values from a match Special `Capture` matchers exist to capture values encountered during a match. These can be used for two typical purposes: -* Apply additional assertions to the values found during a matching operation. -* Use the value found during a matching operation in a new matching operation. +- Apply additional assertions to the values found during a matching operation. +- Use the value found during a matching operation in a new matching operation. `Capture` matchers take an inner matcher as an argument, and will only capture the value if the inner matcher succeeds in matching the given value. @@ -173,7 +179,7 @@ same value: the last value encountered by the `Capture` (as determined by the behavior of the matchers around it) is stored into it and will be the one available after the match has completed. -### Check number of resources +## Check number of resources If you want to assert that `n` number of resources of a particular type exist, with or without specific properties: @@ -194,9 +200,11 @@ expect(stack).to(countResourcesLike('AWS::ApiGateway::Method', 1, { })); ``` -### Check existence of an output +## Check existence of an output + `haveOutput` assertion can be used to check that a stack contains specific output. Parameters to check against can be: + - `outputName` - `outputValue` - `exportName` @@ -204,6 +212,7 @@ Parameters to check against can be: If `outputValue` is provided, at least one of `outputName`, `exportName` should be provided as well Example + ```ts expect(synthStack).to(haveOutput({ outputName: 'TestOutputName', diff --git a/packages/@aws-cdk/assert/lib/assertions/have-resource.ts b/packages/@aws-cdk/assert/lib/assertions/have-resource.ts index 2ea670b9c394d..2f3352bee16ef 100644 --- a/packages/@aws-cdk/assert/lib/assertions/have-resource.ts +++ b/packages/@aws-cdk/assert/lib/assertions/have-resource.ts @@ -32,7 +32,7 @@ export function haveResource( } /** - * Sugar for calling ``haveResources`` with ``allowValueExtension`` set to ``true``. + * Sugar for calling ``haveResource`` with ``allowValueExtension`` set to ``true``. */ export function haveResourceLike( resourceType: string, diff --git a/packages/@aws-cdk/assets/README.md b/packages/@aws-cdk/assets/README.md index 6ebca5ae0d9e6..aac70ac108a12 100644 --- a/packages/@aws-cdk/assets/README.md +++ b/packages/@aws-cdk/assets/README.md @@ -1,5 +1,6 @@ -## AWS CDK Assets +# AWS CDK Assets + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -7,6 +8,7 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + -All types moved to @aws-cdk/core. \ No newline at end of file +All types moved to @aws-cdk/core. diff --git a/packages/@aws-cdk/assets/package.json b/packages/@aws-cdk/assets/package.json index 52575038b862b..901bd0454e9c4 100644 --- a/packages/@aws-cdk/assets/package.json +++ b/packages/@aws-cdk/assets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "pre": [ diff --git a/packages/@aws-cdk/aws-accessanalyzer/README.md b/packages/@aws-cdk/aws-accessanalyzer/README.md index a18f912d84f4b..c17d07f97b27d 100644 --- a/packages/@aws-cdk/aws-accessanalyzer/README.md +++ b/packages/@aws-cdk/aws-accessanalyzer/README.md @@ -1,12 +1,16 @@ -## AWS::AccessAnalyzer Construct Library +# AWS::AccessAnalyzer Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-accessanalyzer/package.json b/packages/@aws-cdk/aws-accessanalyzer/package.json index 3db4d7267fd55..e955f78425632 100644 --- a/packages/@aws-cdk/aws-accessanalyzer/package.json +++ b/packages/@aws-cdk/aws-accessanalyzer/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AccessAnalyzer", diff --git a/packages/@aws-cdk/aws-acmpca/README.md b/packages/@aws-cdk/aws-acmpca/README.md index 75c12e4a771eb..fd3c39c9f5e4c 100644 --- a/packages/@aws-cdk/aws-acmpca/README.md +++ b/packages/@aws-cdk/aws-acmpca/README.md @@ -1,12 +1,16 @@ -## AWS::ACMPCA Construct Library +# AWS::ACMPCA Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-acmpca/package.json b/packages/@aws-cdk/aws-acmpca/package.json index 65d4aa11c2b73..3baab6e8894b3 100644 --- a/packages/@aws-cdk/aws-acmpca/package.json +++ b/packages/@aws-cdk/aws-acmpca/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ACMPCA", diff --git a/packages/@aws-cdk/aws-amazonmq/README.md b/packages/@aws-cdk/aws-amazonmq/README.md index 11d878559a571..db1446c38060c 100644 --- a/packages/@aws-cdk/aws-amazonmq/README.md +++ b/packages/@aws-cdk/aws-amazonmq/README.md @@ -1,12 +1,16 @@ -## Amazon MQ Construct Library +# Amazon MQ Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-amazonmq/package.json b/packages/@aws-cdk/aws-amazonmq/package.json index 1274402c9872e..81d725a784638 100644 --- a/packages/@aws-cdk/aws-amazonmq/package.json +++ b/packages/@aws-cdk/aws-amazonmq/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AmazonMQ", diff --git a/packages/@aws-cdk/aws-amplify/README.md b/packages/@aws-cdk/aws-amplify/README.md index 49f8f5028c5ab..7c15079d914d6 100644 --- a/packages/@aws-cdk/aws-amplify/README.md +++ b/packages/@aws-cdk/aws-amplify/README.md @@ -1,22 +1,32 @@ -## AWS Amplify Construct Library +# AWS Amplify Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + The AWS Amplify Console provides a Git-based workflow for deploying and hosting fullstack serverless web applications. A fullstack serverless app consists of a backend built with cloud resources such as GraphQL or REST APIs, file and data storage, and a frontend built with single page application frameworks such as React, Angular, Vue, or Gatsby. -### Setting up an app with branches, custom rules and a domain +## Setting up an app with branches, custom rules and a domain + To set up an Amplify Console app, define an `App`: + ```ts import * as codebuild from '@aws-cdk/aws-codebuild'; import * as amplify from '@aws-cdk/aws-amplify'; @@ -53,6 +63,7 @@ const amplifyApp = new amplify.App(this, 'MyApp', { ``` To connect your `App` to GitLab, use the `GitLabSourceCodeProvider`: + ```ts const amplifyApp = new amplify.App(this, 'MyApp', { sourceCodeProvider: new amplify.GitLabSourceCodeProvider({ @@ -64,6 +75,7 @@ const amplifyApp = new amplify.App(this, 'MyApp', { ``` To connect your `App` to CodeCommit, use the `CodeCommitSourceCodeProvider`: + ```ts const repository = new codecommit.Repository(this, 'Repo', { repositoryName: 'my-repo' @@ -78,14 +90,17 @@ The IAM role associated with the `App` will automatically be granted the permiss to pull the CodeCommit repository. Add branches: + ```ts const master = amplifyApp.addBranch('master'); // `id` will be used as repo branch name const dev = amplifyApp.addBranch('dev'); dev.addEnvironment('STAGE', 'dev'); ``` + Auto build and pull request preview are enabled by default. Add custom rules for redirection: + ```ts amplifyApp.addCustomRule({ source: '/docs/specific-filename.html', @@ -105,6 +120,7 @@ mySinglePageApp.addCustomRule(amplify.CustomRule.SINGLE_PAGE_APPLICATION_REDIREC ``` Add a domain and map sub domains to branches: + ```ts const domain = amplifyApp.addDomain('example.com'); domain.mapRoot(master); // map master branch to domain root @@ -112,10 +128,12 @@ domain.mapSubDomain(master, 'www'); domain.mapSubDomain(dev); // sub domain prefix defaults to branch name ``` -### Restricting access +## Restricting access + Password protect the app with basic auth by specifying the `basicAuth` prop. Use `BasicAuth.fromCredentials` when referencing an existing secret: + ```ts const amplifyApp = new amplify.App(this, 'MyApp', { repository: 'https://github.com//', @@ -125,6 +143,7 @@ const amplifyApp = new amplify.App(this, 'MyApp', { ``` Use `BasicAuth.fromGeneratedPassword` to generate a password in Secrets Manager: + ```ts const amplifyApp = new amplify.App(this, 'MyApp', { repository: 'https://github.com//', @@ -134,13 +153,15 @@ const amplifyApp = new amplify.App(this, 'MyApp', { ``` Basic auth can be added to specific branches: + ```ts app.addBranch('feature/next', { basicAuth: amplify.BasicAuth.fromGeneratedPassword('username') }); ``` -### Automatically creating and deleting branches +## Automatically creating and deleting branches + Use the `autoBranchCreation` and `autoBranchDeletion` props to control creation/deletion of branches: diff --git a/packages/@aws-cdk/aws-amplify/package.json b/packages/@aws-cdk/aws-amplify/package.json index 63aa08a0d5189..7008e08ae00f6 100644 --- a/packages/@aws-cdk/aws-amplify/package.json +++ b/packages/@aws-cdk/aws-amplify/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Amplify", diff --git a/packages/@aws-cdk/aws-apigateway/README.md b/packages/@aws-cdk/aws-apigateway/README.md index 12313ade8dfb3..875ed1df174c3 100644 --- a/packages/@aws-cdk/aws-apigateway/README.md +++ b/packages/@aws-cdk/aws-apigateway/README.md @@ -1,6 +1,6 @@ -## Amazon API Gateway Construct Library - +# Amazon API Gateway Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,8 +8,10 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. Create an API to access data, business logic, or functionality from your back-end services, such @@ -121,11 +123,11 @@ The following example uses sets up two Resources '/pets' and '/books' in separat Methods are associated with backend integrations, which are invoked when this method is called. API Gateway supports the following integrations: -* `MockIntegration` - can be used to test APIs. This is the default +- `MockIntegration` - can be used to test APIs. This is the default integration if one is not specified. -* `LambdaIntegration` - can be used to invoke an AWS Lambda function. -* `AwsIntegration` - can be used to invoke arbitrary AWS service APIs. -* `HttpIntegration` - can be used to invoke HTTP endpoints. +- `LambdaIntegration` - can be used to invoke an AWS Lambda function. +- `AwsIntegration` - can be used to invoke arbitrary AWS service APIs. +- `HttpIntegration` - can be used to invoke HTTP endpoints. The following example shows how to integrate the `GET /book/{book_id}` method to an AWS Lambda function: @@ -587,7 +589,7 @@ new apigw.DomainName(this, 'domain-name', { domainName: 'example.com', certificate: acm.Certificate.fromCertificateArn(this, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'), mtls: { - bucket: new Bucket(this, 'bucket')), + bucket: new Bucket(this, 'bucket'), key: 'truststore.pem', version: 'version', }, @@ -607,7 +609,7 @@ The URL of your API can be obtained from the attribute `restApi.url`, and is also exported as an `Output` from your stack, so it's printed when you `cdk deploy` your app: -``` +```console $ cdk deploy ... books.booksapiEndpointE230E8D5 = https://6lyktd4lpk.execute-api.us-east-1.amazonaws.com/prod/ @@ -932,7 +934,7 @@ const api = new apigw.RestApi(stack, 'api', { By performing this association, we can invoke the API gateway using the following format: -``` +```plaintext https://{rest-api-id}-{vpce-id}.execute-api.{region}.amazonaws.com/{stage} ``` @@ -1032,7 +1034,7 @@ to configure these. There are a number of limitations in using OpenAPI definitions in API Gateway. Read the [Amazon API Gateway important notes for REST APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-known-issues.html#api-gateway-known-issues-rest-apis) for more details. - + **Note:** When starting off with an OpenAPI definition using `SpecRestApi`, it is not possible to configure some properties that can be configured directly in the OpenAPI specification file. This is to prevent people duplication of these properties and potential confusion. @@ -1050,10 +1052,10 @@ const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', { }); ``` -**Note:** For private endpoints you will still need to provide the -[`x-amazon-apigateway-policy`](https://docs.aws.amazon.com/apigateway/latest/developerguide/openapi-extensions-policy.html) and -[`x-amazon-apigateway-endpoint-configuration`](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html) -in your openApi file. +**Note:** For private endpoints you will still need to provide the +[`x-amazon-apigateway-policy`](https://docs.aws.amazon.com/apigateway/latest/developerguide/openapi-extensions-policy.html) and +[`x-amazon-apigateway-endpoint-configuration`](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html) +in your openApi file. ## Metrics diff --git a/packages/@aws-cdk/aws-apigateway/package.json b/packages/@aws-cdk/aws-apigateway/package.json index 38cd21c58f19b..ad1bda1d82227 100644 --- a/packages/@aws-cdk/aws-apigateway/package.json +++ b/packages/@aws-cdk/aws-apigateway/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ApiGateway", diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/README.md b/packages/@aws-cdk/aws-apigatewayv2-integrations/README.md index 5aa7f03dc3c26..6dd9de9e4e475 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/README.md @@ -1,12 +1,18 @@ -## AWS APIGatewayv2 Integrations +# AWS APIGatewayv2 Integrations + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ## Table of Contents @@ -91,12 +97,14 @@ listener.addTargets('target', { }); const httpEndpoint = new HttpApi(stack, 'HttpProxyPrivateApi', { - defaultIntegration: new HttpAlbIntegrationProps({ + defaultIntegration: new HttpAlbIntegration({ listener, }), }); ``` +When an imported load balancer is used, the `vpc` option must be specified for `HttpAlbIntegration`. + #### Network Load Balancer The following code is a basic network load balancer private integration of HTTP API: @@ -110,12 +118,14 @@ listener.addTargets('target', { }); const httpEndpoint = new HttpApi(stack, 'HttpProxyPrivateApi', { - defaultIntegration: new HttpNlbIntegrationProps({ + defaultIntegration: new HttpNlbIntegration({ listener, }), }); ``` +When an imported load balancer is used, the `vpc` option must be specified for `HttpNlbIntegration`. + #### Cloud Map Service Discovery The following code is a basic discovery service private integration of HTTP API: diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/alb.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/alb.ts index 2d35f89e8206e..b6afd1cc76450 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/alb.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/alb.ts @@ -1,4 +1,5 @@ import { HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig } from '@aws-cdk/aws-apigatewayv2'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import { HttpPrivateIntegrationOptions } from './base-types'; import { HttpPrivateIntegration } from './private/integration'; @@ -10,7 +11,7 @@ export interface HttpAlbIntegrationProps extends HttpPrivateIntegrationOptions { /** * The listener to the application load balancer used for the integration */ - readonly listener: elbv2.ApplicationListener; + readonly listener: elbv2.IApplicationListener; } /** @@ -22,9 +23,17 @@ export class HttpAlbIntegration extends HttpPrivateIntegration { } public bind(options: HttpRouteIntegrationBindOptions): HttpRouteIntegrationConfig { + let vpc: ec2.IVpc | undefined = this.props.vpcLink?.vpc; + if (!vpc && (this.props.listener instanceof elbv2.ApplicationListener)) { + vpc = this.props.listener.loadBalancer.vpc; + } + if (!vpc) { + throw new Error('The vpcLink property must be specified when using an imported Application Listener.'); + } + const vpcLink = this._configureVpcLink(options, { vpcLink: this.props.vpcLink, - vpc: this.props.listener.loadBalancer.vpc, + vpc, }); return { diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/nlb.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/nlb.ts index 1ee7ce4f208ed..85e3f3773d1c4 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/nlb.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/nlb.ts @@ -1,4 +1,5 @@ import { HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig } from '@aws-cdk/aws-apigatewayv2'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import { HttpPrivateIntegrationOptions } from './base-types'; import { HttpPrivateIntegration } from './private/integration'; @@ -8,9 +9,9 @@ import { HttpPrivateIntegration } from './private/integration'; */ export interface HttpNlbIntegrationProps extends HttpPrivateIntegrationOptions { /** - * The listener to the netwwork load balancer used for the integration + * The listener to the network load balancer used for the integration */ - readonly listener: elbv2.NetworkListener; + readonly listener: elbv2.INetworkListener; } /** @@ -22,9 +23,17 @@ export class HttpNlbIntegration extends HttpPrivateIntegration { } public bind(options: HttpRouteIntegrationBindOptions): HttpRouteIntegrationConfig { + let vpc: ec2.IVpc | undefined = this.props.vpcLink?.vpc; + if (!vpc && (this.props.listener instanceof elbv2.NetworkListener)) { + vpc = this.props.listener.loadBalancer.vpc; + } + if (!vpc) { + throw new Error('The vpcLink property must be specified when using an imported Network Listener.'); + } + const vpcLink = this._configureVpcLink(options, { vpcLink: this.props.vpcLink, - vpc: this.props.listener.loadBalancer.vpc, + vpc, }); return { diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/service-discovery.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/service-discovery.ts index 96e13d0a03273..44e8b148754dd 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/service-discovery.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/lib/http/service-discovery.ts @@ -1,26 +1,16 @@ -import { HttpMethod, IVpcLink, HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig } from '@aws-cdk/aws-apigatewayv2'; +import { HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig } from '@aws-cdk/aws-apigatewayv2'; import * as servicediscovery from '@aws-cdk/aws-servicediscovery'; +import { HttpPrivateIntegrationOptions } from './base-types'; import { HttpPrivateIntegration } from './private/integration'; /** * Properties to initialize `HttpServiceDiscoveryIntegration`. */ -export interface HttpServiceDiscoveryIntegrationProps { +export interface HttpServiceDiscoveryIntegrationProps extends HttpPrivateIntegrationOptions { /** * The discovery service used for the integration */ - readonly service: servicediscovery.Service; - - /** - * The vpc link to be used for the private integration - */ - readonly vpcLink: IVpcLink; - - /** - * The HTTP method that must be used to invoke the underlying HTTP proxy. - * @default HttpMethod.ANY - */ - readonly method?: HttpMethod; + readonly service: servicediscovery.IService; } /** @@ -32,6 +22,10 @@ export class HttpServiceDiscoveryIntegration extends HttpPrivateIntegration { } public bind(_: HttpRouteIntegrationBindOptions): HttpRouteIntegrationConfig { + if (!this.props.vpcLink) { + throw new Error('The vpcLink property is mandatory'); + } + return { method: this.props.method ?? this.httpMethod, payloadFormatVersion: this.payloadFormatVersion, diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json index b233b0db9d9a1..bf769841adbd8 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json @@ -49,7 +49,8 @@ "watch": "cdk-watch", "compat": "cdk-compat", "build+test": "npm run build && npm test", - "build+test+package": "npm run build+test && npm run package" + "build+test+package": "npm run build+test && npm run package", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "jest": true, diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/alb.test.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/alb.test.ts index 691da1e4c3b9f..aa2c2fe3e4c4c 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/alb.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/alb.test.ts @@ -98,4 +98,22 @@ describe('HttpAlbIntegration', () => { IntegrationMethod: 'PATCH', }); }); + + test('fails when imported ALB is used without specifying load balancer', () => { + const stack = new Stack(); + const securityGroup = ec2.SecurityGroup.fromSecurityGroupId(stack, 'MySecurityGroup', 'sg-903004f8'); + const listener = elbv2.ApplicationListener.fromApplicationListenerAttributes(stack, 'Listener', { + listenerArn: 'arn:aws:elasticloadbalancing:us-east-1:012345655:listener/app/myloadbalancer/lb-12345/listener-12345', + securityGroup, + }); + const api = new HttpApi(stack, 'HttpApi'); + + expect(() => new HttpRoute(stack, 'HttpProxyPrivateRoute', { + httpApi: api, + integration: new HttpAlbIntegration({ + listener, + }), + routeKey: HttpRouteKey.with('/pets'), + })).toThrow(/vpcLink property must be specified/); + }); }); diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/nlb.test.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/nlb.test.ts index ec537cfedb311..13d25f0cd896f 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/nlb.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/nlb.test.ts @@ -74,7 +74,6 @@ describe('HttpNlbIntegration', () => { }); }); - test('method option is correctly recognized', () => { // GIVEN const stack = new Stack(); @@ -99,4 +98,19 @@ describe('HttpNlbIntegration', () => { IntegrationMethod: 'PATCH', }); }); + + test('fails when imported NLB is used without specifying vpcLink', () => { + const stack = new Stack(); + const listener = elbv2.NetworkListener.fromNetworkListenerArn(stack, 'Listener', + 'arn:aws:elasticloadbalancing:us-east-1:012345655:listener/net/myloadbalancer/lb-12345/listener-12345'); + const api = new HttpApi(stack, 'HttpApi'); + + expect(() => new HttpRoute(stack, 'HttpProxyPrivateRoute', { + httpApi: api, + integration: new HttpNlbIntegration({ + listener, + }), + routeKey: HttpRouteKey.with('/pets'), + })).toThrow(/vpcLink property must be specified/); + }); }); diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/service-discovery.test.ts b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/service-discovery.test.ts index 62097b9d0a3c0..ebd491e2c2ab8 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/service-discovery.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/service-discovery.test.ts @@ -74,4 +74,24 @@ describe('HttpServiceDiscoveryIntegration', () => { IntegrationMethod: 'PATCH', }); }); + + test('fails if vpcLink is not specified', () => { + const stack = new Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + const namespace = new servicediscovery.PrivateDnsNamespace(stack, 'Namespace', { + name: 'foobar.com', + vpc, + }); + const service = namespace.createService('Service'); + const api = new HttpApi(stack, 'HttpApi'); + + expect(() => new HttpRoute(stack, 'HttpProxyPrivateRoute', { + httpApi: api, + integration: new HttpServiceDiscoveryIntegration({ + service, + method: HttpMethod.PATCH, + }), + routeKey: HttpRouteKey.with('/pets'), + })).toThrow(/vpcLink property is mandatory/); + }); }); diff --git a/packages/@aws-cdk/aws-apigatewayv2/README.md b/packages/@aws-cdk/aws-apigatewayv2/README.md index ea93eda2149ed..297ec5ce2bfdb 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2/README.md @@ -1,18 +1,29 @@ -## AWS::APIGatewayv2 Construct Library +# AWS::APIGatewayv2 Construct Library + --- -| Features | Stability | -| --- | --- | -| CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for HTTP APIs | ![Experimental](https://img.shields.io/badge/experimental-important.svg?style=for-the-badge) | -| Higher level constructs for Websocket APIs | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) | +Features | Stability +-------------------------------------------|-------------------------------------------------------- +CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for HTTP APIs | ![Experimental](https://img.shields.io/badge/experimental-important.svg?style=for-the-badge) +Higher level constructs for Websocket APIs | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) + +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. + -> **Experimental:** Higher level constructs in this module that are marked as experimental are under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> **Experimental:** Higher level constructs in this module that are marked as experimental are +> under active development. They are subject to non-backward compatible changes or removal in any +> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and +> breaking changes will be announced in the release notes. This means that while you may use them, +> you may need to update your source code when upgrading to a newer version of this package. --- + ## Table of Contents @@ -212,16 +223,15 @@ These metrics can be referred to using the metric APIs available on the `HttpApi The APIs with the `metric` prefix can be used to get reference to specific metrics for this API. For example, the method below refers to the client side errors metric for this API. -``` +```ts const api = new apigw.HttpApi(stack, 'my-api'); const clientErrorMetric = api.metricClientError(); - ``` Please note that this will return a metric for all the stages defined in the api. It is also possible to refer to metrics for a specific Stage using the `metric` methods from the `Stage` construct. -``` +```ts const api = new apigw.HttpApi(stack, 'my-api'); const stage = new HttpStage(stack, 'Stage', { httpApi: api, diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts index ac832a730e62c..27d478c335963 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts @@ -12,6 +12,11 @@ export interface IVpcLink extends IResource { * @attribute */ readonly vpcLinkId: string; + + /** + * The VPC to which this VPC Link is associated with. + */ + readonly vpc: ec2.IVpc; } /** @@ -44,6 +49,20 @@ export interface VpcLinkProps { readonly securityGroups?: ec2.ISecurityGroup[]; } +/** + * Attributes when importing a new VpcLink + */ +export interface VpcLinkAttributes { + /** + * The VPC Link id + */ + readonly vpcLinkId: string; + /** + * The VPC to which this VPC link is associated with. + */ + readonly vpc: ec2.IVpc; +} + /** * Define a new VPC Link @@ -51,27 +70,26 @@ export interface VpcLinkProps { */ export class VpcLink extends Resource implements IVpcLink { /** - * Import a VPC Link by its Id + * Import a VPC Link by specifying its attributes. */ - public static fromVpcLinkId(scope: Construct, id: string, vpcLinkId: string): IVpcLink { + public static fromVpcLinkAttributes(scope: Construct, id: string, attrs: VpcLinkAttributes): IVpcLink { class Import extends Resource implements IVpcLink { - public vpcLinkId = vpcLinkId; + public vpcLinkId = attrs.vpcLinkId; + public vpc = attrs.vpc; } return new Import(scope, id); } - /** - * Physical ID of the VpcLink resource - * @attribute - */ public readonly vpcLinkId: string; + public readonly vpc: ec2.IVpc; private readonly subnets = new Array(); private readonly securityGroups = new Array(); constructor(scope: Construct, id: string, props: VpcLinkProps) { super(scope, id); + this.vpc = props.vpc; const cfnResource = new CfnVpcLink(this, 'Resource', { name: props.vpcLinkName || Lazy.stringValue({ produce: () => this.node.uniqueId }), diff --git a/packages/@aws-cdk/aws-apigatewayv2/package.json b/packages/@aws-cdk/aws-apigatewayv2/package.json index 126cbc4143d00..c701baf1a8023 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ApiGatewayV2", diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/http/vpc-link.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/http/vpc-link.test.ts index b5f7dc178e458..1571ceef39f6d 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/http/vpc-link.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/http/vpc-link.test.ts @@ -180,7 +180,13 @@ describe('VpcLink', () => { const stack = new Stack(); // WHEN - VpcLink.fromVpcLinkId(stack, 'ImportedVpcLink', 'vpclink-id'); + VpcLink.fromVpcLinkAttributes(stack, 'ImportedVpcLink', { + vpcLinkId: 'vpclink-id', + vpc: ec2.Vpc.fromVpcAttributes(stack, 'ImportedVpc', { + vpcId: 'vpc-12345', + availabilityZones: ['us-east-1'], + }), + }); // THEN expect(stack).not.toHaveResource('AWS::ApiGatewayV2::VpcLink'); diff --git a/packages/@aws-cdk/aws-appconfig/README.md b/packages/@aws-cdk/aws-appconfig/README.md index 869c384f0ece1..946842bae0410 100644 --- a/packages/@aws-cdk/aws-appconfig/README.md +++ b/packages/@aws-cdk/aws-appconfig/README.md @@ -1,12 +1,16 @@ -## AWS::AppConfig Construct Library +# AWS::AppConfig Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-appconfig/package.json b/packages/@aws-cdk/aws-appconfig/package.json index 56ce44e9543cf..43c2433d295fb 100644 --- a/packages/@aws-cdk/aws-appconfig/package.json +++ b/packages/@aws-cdk/aws-appconfig/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AppConfig", diff --git a/packages/@aws-cdk/aws-appflow/README.md b/packages/@aws-cdk/aws-appflow/README.md index 42a3530881326..6c9ad8badf2ac 100644 --- a/packages/@aws-cdk/aws-appflow/README.md +++ b/packages/@aws-cdk/aws-appflow/README.md @@ -1,12 +1,16 @@ -## AWS::AppFlow Construct Library +# AWS::AppFlow Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-appflow/package.json b/packages/@aws-cdk/aws-appflow/package.json index 446d4c0787e03..983ec73f62e09 100644 --- a/packages/@aws-cdk/aws-appflow/package.json +++ b/packages/@aws-cdk/aws-appflow/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AppFlow", diff --git a/packages/@aws-cdk/aws-applicationautoscaling/README.md b/packages/@aws-cdk/aws-applicationautoscaling/README.md index 9f7d979a9fa86..c00dac29ece2c 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/README.md +++ b/packages/@aws-cdk/aws-applicationautoscaling/README.md @@ -1,5 +1,6 @@ -## AWS Auto Scaling Construct Library +# AWS Auto Scaling Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + **Application AutoScaling** is used to configure autoscaling for all @@ -20,7 +22,7 @@ offer AutoScaling features for their own constructs. This document will describe the general autoscaling features and concepts; your particular service may offer only a subset of these. -### AutoScaling basics +## AutoScaling basics Resources can offer one or more **attributes** to autoscale, typically representing some capacity dimension of the underlying service. For example, @@ -60,13 +62,13 @@ capacity.scaleToTrackMetric(...); capacity.scaleOnSchedule(...); ``` -### Step Scaling +## Step Scaling This type of scaling scales in and out in deterministic steps that you configure, in response to metric values. For example, your scaling strategy to scale in response to CPU usage might look like this: -``` +```plaintext Scaling -1 (no change) +1 +3 │ │ │ │ │ ├────────┼───────────────────────┼────────┼────────┤ @@ -97,7 +99,7 @@ capacity.scaleOnMetric('ScaleToCPU', { The AutoScaling construct library will create the required CloudWatch alarms and AutoScaling policies for you. -### Target Tracking Scaling +## Target Tracking Scaling This type of scaling scales in and out in order to keep a metric (typically representing utilization) around a value you prefer. This type of scaling is @@ -118,7 +120,7 @@ readCapacity.scaleOnUtilization({ }); ``` -### Scheduled Scaling +## Scheduled Scaling This type of scaling is used to change capacities based on time. It works by changing the `minCapacity` and `maxCapacity` of the attribute, and so @@ -177,7 +179,7 @@ def handler(event, context): }`), reservedConcurrentExecutions: 2, }); - + const fnVer = handler.addVersion('CDKLambdaVersion', undefined, 'demo alias', 10); new apigateway.LambdaRestApi(this, 'API', { handler: fnVer }) diff --git a/packages/@aws-cdk/aws-applicationautoscaling/package.json b/packages/@aws-cdk/aws-applicationautoscaling/package.json index 39693f2db0d30..9089e16947251 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/package.json +++ b/packages/@aws-cdk/aws-applicationautoscaling/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ApplicationAutoScaling", diff --git a/packages/@aws-cdk/aws-applicationinsights/README.md b/packages/@aws-cdk/aws-applicationinsights/README.md index b4e6e05197b26..24c74eacaf545 100644 --- a/packages/@aws-cdk/aws-applicationinsights/README.md +++ b/packages/@aws-cdk/aws-applicationinsights/README.md @@ -1,12 +1,16 @@ -## AWS::ApplicationInsights Construct Library +# AWS::ApplicationInsights Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-applicationinsights/package.json b/packages/@aws-cdk/aws-applicationinsights/package.json index 8b59f2cd18ea9..541919b17dffd 100644 --- a/packages/@aws-cdk/aws-applicationinsights/package.json +++ b/packages/@aws-cdk/aws-applicationinsights/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ApplicationInsights", diff --git a/packages/@aws-cdk/aws-appmesh/README.md b/packages/@aws-cdk/aws-appmesh/README.md index 7de09d776eff5..c417378403c24 100644 --- a/packages/@aws-cdk/aws-appmesh/README.md +++ b/packages/@aws-cdk/aws-appmesh/README.md @@ -1,16 +1,24 @@ -## AWS App Mesh Construct Library +# AWS App Mesh Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + AWS App Mesh is a service mesh based on the [Envoy](https://www.envoyproxy.io/) proxy that makes it easy to monitor and control microservices. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications. @@ -23,7 +31,7 @@ For futher information on **AWS AppMesh** visit the [AWS Docs for AppMesh](https ## Create the App and Stack -```typescript +```ts const app = new cdk.App(); const stack = new cdk.Stack(app, 'stack'); ``` @@ -36,7 +44,7 @@ After you create your service mesh, you can create virtual services, virtual nod The following example creates the `AppMesh` service mesh with the default filter of `DROP_ALL`, see [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appmesh-mesh-egressfilter.html) here for more info on egress filters. -```typescript +```ts const mesh = new Mesh(stack, 'AppMesh', { meshName: 'myAwsmMesh', }); @@ -44,7 +52,7 @@ const mesh = new Mesh(stack, 'AppMesh', { The mesh can also be created with the "ALLOW_ALL" egress filter by overwritting the property. -```typescript +```ts const mesh = new Mesh(stack, 'AppMesh', { meshName: 'myAwsmMesh', egressFilter: MeshFilterType.ALLOW_ALL, @@ -58,7 +66,7 @@ The _Mesh_ needs _VirtualRouters_ as logical units to route requests to _Virtual Virtual routers handle traffic for one or more virtual services within your mesh. After you create a virtual router, you can create and associate routes to your virtual router that direct incoming requests to different virtual nodes. -```typescript +```ts const router = mesh.addVirtualRouter('router', { listeners: [ appmesh.VirtualRouterListener.http(8080) ], }); @@ -69,7 +77,7 @@ The same pattern applies to all constructs within the appmesh library, for any m This is particularly useful for cross stack resources are required. Where creating the `mesh` as part of an infrastructure stack and creating the `resources` such as `nodes` is more useful to keep in the application stack. -```typescript +```ts const mesh = new Mesh(stack, 'AppMesh', { meshName: 'myAwsmMesh', egressFilter: MeshFilterType.Allow_All, @@ -100,7 +108,7 @@ When creating a virtual service: Adding a virtual router as the provider: -```typescript +```ts mesh.addVirtualService('virtual-service', { virtualRouter: router, virtualServiceName: 'my-service.default.svc.cluster.local', @@ -109,7 +117,7 @@ mesh.addVirtualService('virtual-service', { Adding a virtual node as the provider: -```typescript +```ts mesh.addVirtualService('virtual-service', { virtualNode: node, virtualServiceName: `my-service.default.svc.cluster.local`, @@ -129,7 +137,7 @@ The response metadata for your new `virtual node` contains the Amazon Resource N > Note > If you require your Envoy stats or tracing to use a different name, you can override the node.cluster value that is set by APPMESH_VIRTUAL_NODE_NAME with the APPMESH_VIRTUAL_NODE_CLUSTER environment variable. -```typescript +```ts const vpc = new ec2.Vpc(stack, 'vpc'); const namespace = new servicediscovery.PrivateDnsNamespace(this, 'test-namespace', { vpc, @@ -157,7 +165,7 @@ const node = mesh.addVirtualNode('virtual-node', { Create a `VirtualNode` with the the constructor and add tags. -```typescript +```ts const node = new VirtualNode(this, 'node', { mesh, cloudMapService: service, @@ -171,7 +179,7 @@ const node = new VirtualNode(this, 'node', { protocol: Protocol.HTTP, timeout: Duration.seconds(2), // min unhealthyThreshold: 2, - }, + }, timeout: { idle: cdk.Duration.seconds(5), }, @@ -190,7 +198,7 @@ A `route` is associated with a virtual router, and it's used to match requests f If your `route` matches a request, you can distribute traffic to one or more target virtual nodes with relative weighting. -```typescript +```ts router.addRoute('route-http', { routeSpec: appmesh.RouteSpec.http({ weightedTargets: [ @@ -207,7 +215,7 @@ router.addRoute('route-http', { Add a single route with multiple targets and split traffic 50/50 -```typescript +```ts router.addRoute('route-http', { routeSpec: appmesh.RouteSpec.http({ weightedTargets: [ @@ -233,7 +241,7 @@ The `tcp()`, `http()` and `http2()` methods provide the spec necessary to define For HTTP based routes, the match field can be used to match on a route prefix. By default, an HTTP based route will match on `/`. All matches must start with a leading `/`. -```typescript +```ts router.addRoute('route-http', { routeSpec: appmesh.RouteSpec.grpc({ weightedTargets: [ @@ -260,7 +268,7 @@ using rules defined in gateway routes which can be added to your virtual gateway Create a virtual gateway with the constructor: -```typescript +```ts const gateway = new appmesh.VirtualGateway(stack, 'gateway', { mesh: mesh, listeners: [appmesh.VirtualGatewayListener.http({ @@ -276,7 +284,7 @@ const gateway = new appmesh.VirtualGateway(stack, 'gateway', { Add a virtual gateway directly to the mesh: -```typescript +```ts const gateway = mesh.addVirtualGateway('gateway', { accessLog: appmesh.AccessLog.fromFilePath('/dev/stdout'), virtualGatewayName: 'virtualGateway', @@ -300,7 +308,7 @@ If a route matches a request, it can distribute traffic to a target virtual serv For HTTP based routes, the match field can be used to match on a route prefix. By default, an HTTP based route will match on `/`. All matches must start with a leading `/`. -```typescript +```ts gateway.addGatewayRoute('gateway-route-http', { routeSpec: appmesh.GatewayRouteSpec.http({ routeTarget: virtualService, @@ -314,7 +322,7 @@ gateway.addGatewayRoute('gateway-route-http', { For GRPC based routes, the match field can be used to match on service names. You cannot omit the field, and must specify a match for these routes. -```typescript +```ts gateway.addGatewayRoute('gateway-route-grpc', { routeSpec: appmesh.GatewayRouteSpec.grpc({ routeTarget: virtualService, @@ -331,12 +339,12 @@ Each mesh resource comes with two static methods for importing a reference to an These imported resources can be used as references for other resources in your mesh. There are two static methods, `fromArn` and `fromAttributes` where the `` is replaced with the resource name. -```typescript +```ts const arn = "arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh/virtualNode/testNode"; appmesh.VirtualNode.fromVirtualNodeArn(stack, 'importedVirtualNode', arn); ``` -```typescript +```ts appmesh.VirtualNode.fromVirtualNodeAttributes(stack, 'imported-virtual-node', { mesh: appmesh.Mesh.fromMeshName(stack, 'Mesh', 'testMesh'), virtualNodeName: virtualNodeName, @@ -345,11 +353,11 @@ appmesh.VirtualNode.fromVirtualNodeAttributes(stack, 'imported-virtual-node', { To import a mesh, there are two static methods, `fromMeshArn` and `fromMeshName`. -```typescript +```ts const arn = 'arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh'; appmesh.Mesh.fromMeshArn(stack, 'imported-mesh', arn); ``` -```typescript +```ts appmesh.Mesh.fromMeshName(stack, 'imported-mesh', 'abc'); ``` diff --git a/packages/@aws-cdk/aws-appmesh/package.json b/packages/@aws-cdk/aws-appmesh/package.json index 6b58c9981965a..f200312093d3a 100644 --- a/packages/@aws-cdk/aws-appmesh/package.json +++ b/packages/@aws-cdk/aws-appmesh/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AppMesh", diff --git a/packages/@aws-cdk/aws-appstream/README.md b/packages/@aws-cdk/aws-appstream/README.md index e7e274eebe21d..34f0ffafdb52f 100644 --- a/packages/@aws-cdk/aws-appstream/README.md +++ b/packages/@aws-cdk/aws-appstream/README.md @@ -1,12 +1,16 @@ -## Amazon AppStream 2.0 Construct Library +# Amazon AppStream 2.0 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-appstream/package.json b/packages/@aws-cdk/aws-appstream/package.json index f7c04b6c363f4..d016bfd710ea9 100644 --- a/packages/@aws-cdk/aws-appstream/package.json +++ b/packages/@aws-cdk/aws-appstream/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AppStream", diff --git a/packages/@aws-cdk/aws-appsync/README.md b/packages/@aws-cdk/aws-appsync/README.md index 56c4cf6e0504a..ddd947cf0ab83 100644 --- a/packages/@aws-cdk/aws-appsync/README.md +++ b/packages/@aws-cdk/aws-appsync/README.md @@ -1,24 +1,32 @@ -## AWS AppSync Construct Library +# AWS AppSync Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + The `@aws-cdk/aws-appsync` package contains constructs for building flexible -APIs that use GraphQL. +APIs that use GraphQL. -### Example +## Example -### DynamoDB +## DynamoDB Example of a GraphQL API with `AWS_IAM` authorization resolving into a DynamoDb backend data source. @@ -147,7 +155,8 @@ rdsDS.createResolver({ }); ``` -#### HTTP Endpoints +### HTTP Endpoints + GraphQL schema file `schema.graphql`: ```gql @@ -167,7 +176,7 @@ type Mutation { GraphQL request mapping template `request.vtl`: -``` +```json { "version": "2018-05-29", "method": "POST", @@ -187,7 +196,7 @@ GraphQL request mapping template `request.vtl`: GraphQL response mapping template `response.vtl`: -``` +```json { "id": "${context.result.id}" } @@ -204,8 +213,8 @@ const api = new appsync.GraphqlApi(scope, 'api', { }); const httpDs = api.addHttpDataSource( - 'ds', - 'https://states.amazonaws.com', + 'ds', + 'https://states.amazonaws.com', { name: 'httpDsWithStepF', description: 'from appsync to StepFunctions Workflow', @@ -233,7 +242,7 @@ or schema-first. #### Code-First When declaring your GraphQL Api, CDK defaults to a code-first approach if the -`schema` property is not configured. +`schema` property is not configured. ```ts const api = new appsync.GraphqlApi(stack, 'api', { name: 'myApi' }); @@ -271,8 +280,9 @@ const api = appsync.GraphqlApi(stack, 'api', { ``` ### Imports -Any GraphQL Api that has been created outside the stack can be imported from -another stack into your CDK app. Utilizing the `fromXxx` function, you have + +Any GraphQL Api that has been created outside the stack can be imported from +another stack into your CDK app. Utilizing the `fromXxx` function, you have the ability to add data sources and resolvers through a `IGraphqlApi` interface. ```ts @@ -284,7 +294,7 @@ importedApi.addDynamoDbDataSource('TableDataSource', table); ``` If you don't specify `graphqlArn` in `fromXxxAttributes`, CDK will autogenerate -the expected `arn` for the imported api, given the `apiId`. For creating data +the expected `arn` for the imported api, given the `apiId`. For creating data sources and resolvers, an `apiId` is sufficient. ### Permissions @@ -297,6 +307,7 @@ accessible by `IAM` authorization. For example, if you want to only allow mutabi for `IAM` authorized access you would configure the following. In `schema.graphql`: + ```ts type Mutation { updateExample(...): ... @@ -305,6 +316,7 @@ type Mutation { ``` In `IAM`: + ```json { "Version": "2012-10-17", @@ -354,6 +366,7 @@ In order to use the `grant` functions, you need to use the class `IamResource`. Alternatively, you can use more generic `grant` functions to accomplish the same usage. These include: + - grantMutation (use to grant access to Mutation fields) - grantQuery (use to grant access to Query fields) - grantSubscription (use to grant access to Subscription fields) @@ -368,8 +381,9 @@ api.grant(role, appsync.IamResource.ofType('Mutation', 'updateExample'), 'appsyn ### Code-First Schema -CDK offers the ability to generate your schema in a code-first approach. +CDK offers the ability to generate your schema in a code-first approach. A code-first approach offers a developer workflow with: + - **modularity**: organizing schema type definitions into different files - **reusability**: simplifying down boilerplate/repetitive code - **consistency**: resolvers and schema definition will always be synced @@ -400,7 +414,7 @@ type FilmConnection { } type FilmEdge { - node: Film + node: Film cursor: String } ``` @@ -420,7 +434,7 @@ export const int = appsync.GraphqlType.int(); In another separate file, we can declare our object types and related functions. We will call this file `object-types.ts` and we will have created it in a way that -allows us to generate other `XxxConnection` and `XxxEdges` in the future. +allows us to generate other `XxxConnection` and `XxxEdges` in the future. ```ts const pluralize = require('pluralize'); @@ -428,7 +442,7 @@ import * as scalar from './scalar-types.ts'; import * as appsync from '@aws-cdk/aws-appsync'; export const args = { - after: scalar.string, + after: scalar.string, first: scalar.int, before: scalar.string, last: scalar.int, @@ -494,18 +508,19 @@ Check out a more in-depth example [here](https://github.com/BryanPan342/starwars #### GraphQL Types -One of the benefits of GraphQL is its strongly typed nature. We define the -types within an object, query, mutation, interface, etc. as **GraphQL Types**. +One of the benefits of GraphQL is its strongly typed nature. We define the +types within an object, query, mutation, interface, etc. as **GraphQL Types**. -GraphQL Types are the building blocks of types, whether they are scalar, objects, +GraphQL Types are the building blocks of types, whether they are scalar, objects, interfaces, etc. GraphQL Types can be: -- [**Scalar Types**](https://docs.aws.amazon.com/appsync/latest/devguide/scalars.html): Id, Int, String, AWSDate, etc. + +- [**Scalar Types**](https://docs.aws.amazon.com/appsync/latest/devguide/scalars.html): Id, Int, String, AWSDate, etc. - [**Object Types**](#Object-Types): types that you generate (i.e. `demo` from the example above) -- [**Interface Types**](#Interface-Types): abstract types that define the base implementation of other +- [**Interface Types**](#Interface-Types): abstract types that define the base implementation of other Intermediate Types -More concretely, GraphQL Types are simply the types appended to variables. -Referencing the object type `Demo` in the previous example, the GraphQL Types +More concretely, GraphQL Types are simply the types appended to variables. +Referencing the object type `Demo` in the previous example, the GraphQL Types is `String!` and is applied to both the names `id` and `version`. #### Directives @@ -573,7 +588,7 @@ The CDK code required would be: ```ts const info = new appsync.ObjectType('Info', { - definition: { + definition: { node: new appsync.ResolvableField({ returnType: appsync.GraphqlType.string(), args: { @@ -601,7 +616,7 @@ The CDK code required would be: ```ts const query = new appsync.ObjectType('Query', { - definition: { + definition: { get: new appsync.ResolvableField({ returnType: appsync.GraphqlType.string(), args: { @@ -619,11 +634,12 @@ Learn more about fields and resolvers [here](https://docs.aws.amazon.com/appsync #### Intermediate Types -Intermediate Types are defined by Graphql Types and Fields. They have a set of defined -fields, where each field corresponds to another type in the system. Intermediate +Intermediate Types are defined by Graphql Types and Fields. They have a set of defined +fields, where each field corresponds to another type in the system. Intermediate Types will be the meat of your GraphQL Schema as they are the types defined by you. Intermediate Types include: + - [**Interface Types**](#Interface-Types) - [**Object Types**](#Object-Types) - [**Enum Types**](#Enum-Types) @@ -637,6 +653,7 @@ intermediate types. They are useful for eliminating duplication and can be used to generate Object Types with less work. You can create Interface Types ***externally***. + ```ts const node = new appsync.InterfaceType('Node', { definition: { @@ -650,12 +667,13 @@ To learn more about **Interface Types**, read the docs [here](https://graphql.or ##### Object Types **Object Types** are types that you declare. For example, in the [code-first example](#code-first-example) -the `demo` variable is an **Object Type**. **Object Types** are defined by +the `demo` variable is an **Object Type**. **Object Types** are defined by GraphQL Types and are only usable when linked to a GraphQL Api. You can create Object Types in three ways: 1. Object Types can be created ***externally***. + ```ts const api = new appsync.GraphqlApi(stack, 'Api', { name: 'demo', @@ -669,15 +687,18 @@ You can create Object Types in three ways: api.addType(object); ``` - > This method allows for reusability and modularity, ideal for larger projects. + + > This method allows for reusability and modularity, ideal for larger projects. For example, imagine moving all Object Type definition outside the stack. `scalar-types.ts` - a file for scalar type definitions + ```ts export const required_string = appsync.GraphqlType.string({ isRequired: true }); ``` `object-types.ts` - a file for object type definitions + ```ts import { required_string } from './scalar-types'; export const demo = new appsync.ObjectType('Demo', { @@ -689,12 +710,14 @@ You can create Object Types in three ways: ``` `cdk-stack.ts` - a file containing our cdk stack + ```ts import { demo } from './object-types'; api.addType(demo); ``` 2. Object Types can be created ***externally*** from an Interface Type. + ```ts const node = new appsync.InterfaceType('Node', { definition: { @@ -708,6 +731,7 @@ You can create Object Types in three ways: }, }); ``` + > This method allows for reusability and modularity, ideal for reducing code duplication. To learn more about **Object Types**, read the docs [here](https://graphql.org/learn/schema/#object-types-and-fields). @@ -737,13 +761,13 @@ const episode = new appsync.EnumType('Episode', { 'EMPIRE', 'JEDI', ], -}); +}); api.addType(episode); ``` To learn more about **Enum Types**, read the docs [here](https://graphql.org/learn/schema/#enumeration-types). -##### Input Types +#### Input Types **Input Types** are special types of Intermediate Types. They give users an easy way to pass complex objects for top level Mutation and Queries. @@ -763,7 +787,7 @@ const review = new appsync.InputType('Review', { stars: GraphqlType.int({ isRequired: true }), commentary: GraphqlType.string(), }, -}); +}); api.addType(review); ``` @@ -791,7 +815,7 @@ const droid = new appsync.ObjectType('Droid', { definition: { name: string } }); const starship = new appsync.ObjectType('Starship', { definition: { name: string } });); const search = new appsync.UnionType('Search', { definition: [ human, droid, starship ], -}); +}); api.addType(search); ``` @@ -818,7 +842,7 @@ api.addQuery('allFilms', new appsync.ResolvableField({ })); ``` -To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-overview.html). +To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-overview.html). #### Mutation @@ -841,14 +865,14 @@ api.addMutation('addFilm', new appsync.ResolvableField({ })); ``` -To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-overview.html). +To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-overview.html). #### Subscription Every schema **can** have a top level Subscription type. The top level `Subscription` Type is the only exposed type that users can access to invoke a response to a mutation. `Subscriptions` notify users when a mutation specific mutation is called. This means you can make any data source -real time by specify a GraphQL Schema directive on a mutation. +real time by specify a GraphQL Schema directive on a mutation. **Note**: The AWS AppSync client SDK automatically handles subscription connection management. @@ -863,4 +887,4 @@ api.addSubscription('addedFilm', new appsync.ResolvableField({ })); ``` -To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/real-time-data.html). +To learn more about top level operations, check out the docs [here](https://docs.aws.amazon.com/appsync/latest/devguide/real-time-data.html). diff --git a/packages/@aws-cdk/aws-appsync/package.json b/packages/@aws-cdk/aws-appsync/package.json index e68c325f6dd6b..906bf0f2ef751 100644 --- a/packages/@aws-cdk/aws-appsync/package.json +++ b/packages/@aws-cdk/aws-appsync/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AppSync", diff --git a/packages/@aws-cdk/aws-athena/README.md b/packages/@aws-cdk/aws-athena/README.md index 0bda8c19ea85e..60b234d13f16a 100644 --- a/packages/@aws-cdk/aws-athena/README.md +++ b/packages/@aws-cdk/aws-athena/README.md @@ -1,12 +1,16 @@ -## Amazon Athena Construct Library +# Amazon Athena Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-athena/package.json b/packages/@aws-cdk/aws-athena/package.json index 275f1a4936bb0..31a915a4e3c28 100644 --- a/packages/@aws-cdk/aws-athena/package.json +++ b/packages/@aws-cdk/aws-athena/package.json @@ -57,7 +57,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-autoscaling-common/README.md b/packages/@aws-cdk/aws-autoscaling-common/README.md index a9e20cab39d00..83b483af43573 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/README.md +++ b/packages/@aws-cdk/aws-autoscaling-common/README.md @@ -1,16 +1,22 @@ -## AWS AutoScaling Common Library +# AWS AutoScaling Common Library + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This is a sister package to `@aws-cdk/aws-autoscaling` and `@aws-cdk/aws-applicationautoscaling`. It contains shared implementation details between them. -It does not need to be used directly. \ No newline at end of file +It does not need to be used directly. diff --git a/packages/@aws-cdk/aws-autoscaling-common/package.json b/packages/@aws-cdk/aws-autoscaling-common/package.json index aa66b53be704c..eb987c30fd0f4 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/package.json +++ b/packages/@aws-cdk/aws-autoscaling-common/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-autoscaling-hooktargets/README.md b/packages/@aws-cdk/aws-autoscaling-hooktargets/README.md index b4e70cd38f6e4..806170e6fd167 100644 --- a/packages/@aws-cdk/aws-autoscaling-hooktargets/README.md +++ b/packages/@aws-cdk/aws-autoscaling-hooktargets/README.md @@ -1,10 +1,12 @@ # Lifecycle Hook for the CDK AWS AutoScaling Library + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library contains integration classes for AutoScaling lifecycle hooks. diff --git a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json index fa2b3589acd92..8b248b409edc1 100644 --- a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json +++ b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-autoscaling/README.md b/packages/@aws-cdk/aws-autoscaling/README.md index cdddcfbe55ba6..95e1a25963afe 100644 --- a/packages/@aws-cdk/aws-autoscaling/README.md +++ b/packages/@aws-cdk/aws-autoscaling/README.md @@ -1,6 +1,6 @@ -## Amazon EC2 Auto Scaling Construct Library - +# Amazon EC2 Auto Scaling Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,11 +8,13 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Auto Scaling Group +## Auto Scaling Group An `AutoScalingGroup` represents a number of instances on which you run your code. You pick the size of the fleet, the instance type and the OS image: @@ -43,7 +45,7 @@ new autoscaling.AutoScalingGroup(this, 'ASG', { }); ``` -### Machine Images (AMIs) +## Machine Images (AMIs) AMIs control the OS that gets launched when you start your EC2 instance. The EC2 library contains constructs to select the AMI you want to use. @@ -62,7 +64,7 @@ selectable by instantiating one of these classes: > > We will add command-line options to make this step easier in the future. -### AutoScaling Instance Counts +## AutoScaling Instance Counts AutoScalingGroups make it possible to raise and lower the number of instances in the group, in response to (or in advance of) changes in workload. @@ -107,14 +109,14 @@ autoScalingGroup.scaleToTrackMetric(...); autoScalingGroup.scaleOnSchedule(...); ``` -#### Step Scaling +### Step Scaling This type of scaling scales in and out in deterministics steps that you configure, in response to metric values. For example, your scaling strategy to scale in response to a metric that represents your average worker pool usage might look like this: -``` +```plaintext Scaling -1 (no change) +1 +3 │ │ │ │ │ ├────────┼───────────────────────┼────────┼────────┤ @@ -152,7 +154,7 @@ capacity.scaleOnMetric('ScaleToCPU', { The AutoScaling construct library will create the required CloudWatch alarms and AutoScaling policies for you. -#### Target Tracking Scaling +### Target Tracking Scaling This type of scaling scales in and out in order to keep a metric around a value you prefer. There are four types of predefined metrics you can track, or you can @@ -194,7 +196,7 @@ autoScalingGroup.scaleOnRequestCount('LimitRPS', { }); ``` -#### Scheduled Scaling +### Scheduled Scaling This type of scaling is used to change capacities based on time. It works by changing `minCapacity`, `maxCapacity` and `desiredCapacity` of the @@ -223,7 +225,7 @@ autoScalingGroup.scaleOnSchedule('AllowDownscalingAtNight', { }); ``` -### Configuring Instances using CloudFormation Init +## Configuring Instances using CloudFormation Init It is possible to use the CloudFormation Init mechanism to configure the instances in the AutoScalingGroup. You can write files to it, run commands, @@ -256,7 +258,7 @@ new autoscaling.AutoScalingGroup(this, 'ASG', { }); ``` -### Signals +## Signals In normal operation, CloudFormation will send a Create or Update command to an AutoScalingGroup and proceed with the rest of the deployment without waiting @@ -292,7 +294,7 @@ There are two `options` you can configure: update to succeed. If you set this value lower than 100, some percentage of hosts may report failure, while still considering the deployment a success. Default is 100%. -### Update Policy +## Update Policy The *update policy* describes what should happen to running instances when the definition of the AutoScalingGroup is changed. For example, if you add a command to the UserData @@ -318,24 +320,24 @@ The following update policies are available: If the deployment needs to be rolled back, the new AutoScalingGroup is deleted and the old one is left unchanged. -### Allowing Connections +## Allowing Connections See the documentation of the `@aws-cdk/aws-ec2` package for more information about allowing connections between resources backed by instances. -### Max Instance Lifetime +## Max Instance Lifetime To enable the max instance lifetime support, specify `maxInstanceLifetime` property for the `AutoscalingGroup` resource. The value must be between 7 and 365 days(inclusive). To clear a previously set value, leave this property undefined. -### Instance Monitoring +## Instance Monitoring To disable detailed instance monitoring, specify `instanceMonitoring` property for the `AutoscalingGroup` resource as `Monitoring.BASIC`. Otherwise detailed monitoring will be enabled. -### Monitoring Group Metrics +## Monitoring Group Metrics Group metrics are used to monitor group level properties; they describe the group rather than any of its instances (e.g GroupMaxSize, the group maximum size). To enable group metrics monitoring, use the `groupMetrics` property. All group metrics are reported in a granularity of 1 minute at no additional charge. @@ -358,7 +360,7 @@ new autoscaling.AutoScalingGroup(stack, 'ASG', { }); ``` -### Future work +## Future work -- [ ] CloudWatch Events (impossible to add currently as the AutoScalingGroup ARN is +* [ ] CloudWatch Events (impossible to add currently as the AutoScalingGroup ARN is necessary to make this rule and this cannot be accessed from CloudFormation). diff --git a/packages/@aws-cdk/aws-autoscaling/package.json b/packages/@aws-cdk/aws-autoscaling/package.json index 745c087e45ebb..dae1b16cd2ef7 100644 --- a/packages/@aws-cdk/aws-autoscaling/package.json +++ b/packages/@aws-cdk/aws-autoscaling/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AutoScaling", diff --git a/packages/@aws-cdk/aws-autoscalingplans/README.md b/packages/@aws-cdk/aws-autoscalingplans/README.md index 7b55756246b51..72bc8e028968f 100644 --- a/packages/@aws-cdk/aws-autoscalingplans/README.md +++ b/packages/@aws-cdk/aws-autoscalingplans/README.md @@ -1,12 +1,16 @@ -## AWS Auto Scaling Plans Construct Library +# AWS Auto Scaling Plans Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-autoscalingplans/package.json b/packages/@aws-cdk/aws-autoscalingplans/package.json index f66e661ed1ccf..b759ade9a0f5d 100644 --- a/packages/@aws-cdk/aws-autoscalingplans/package.json +++ b/packages/@aws-cdk/aws-autoscalingplans/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::AutoScalingPlans", diff --git a/packages/@aws-cdk/aws-backup/README.md b/packages/@aws-cdk/aws-backup/README.md index 57e47aee1081a..47b54313a8fc9 100644 --- a/packages/@aws-cdk/aws-backup/README.md +++ b/packages/@aws-cdk/aws-backup/README.md @@ -1,21 +1,29 @@ -## AWS Backup Construct Library +# AWS Backup Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + AWS Backup is a fully managed backup service that makes it easy to centralize and automate the backup of data across AWS services in the cloud and on premises. Using AWS Backup, you can configure backup policies and monitor backup activity for your AWS resources in one place. -### Backup plan and selection +## Backup plan and selection In AWS Backup, a *backup plan* is a policy expression that defines when and how you want to back up your AWS resources, such as Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file systems. You can assign resources to backup plans, and AWS Backup automatically backs up and retains backups for those resources according to the backup plan. You can create multiple backup plans if you have workloads with different backup requirements. @@ -74,7 +82,8 @@ const plan = backup.BackupPlan.daily35DayRetention(this, 'Plan', myVault); // Us plan.addRule(BackupPlanRule.monthly1Year(otherVault)); // Use `otherVault` for this specific rule ``` -### Backup vault +## Backup vault + In AWS Backup, a *backup vault* is a container that you organize your backups in. You can use backup vaults to set the AWS Key Management Service (AWS KMS) encryption key that is used to encrypt backups in the backup vault and to control access to the backups in the backup vault. If you require different encryption keys or access policies for different groups of backups, you can optionally create multiple backup vaults. ```ts diff --git a/packages/@aws-cdk/aws-backup/package.json b/packages/@aws-cdk/aws-backup/package.json index 99d4faa6366a5..93a382bfb6188 100644 --- a/packages/@aws-cdk/aws-backup/package.json +++ b/packages/@aws-cdk/aws-backup/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Backup", diff --git a/packages/@aws-cdk/aws-batch/README.md b/packages/@aws-cdk/aws-batch/README.md index c4a818e7abc6a..da6edc3d55998 100644 --- a/packages/@aws-cdk/aws-batch/README.md +++ b/packages/@aws-cdk/aws-batch/README.md @@ -1,17 +1,24 @@ -## AWS Batch Construct Library - +# AWS Batch Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. @@ -71,14 +78,14 @@ const spotEnvironment = new batch.ComputeEnvironment(stack, 'MySpotEnvironment', AWS Batch uses an [allocation strategy](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) to determine what compute resource will efficiently handle incoming job requests. By default, **BEST_FIT** will pick an available compute instance based on vCPU requirements. If none exist, the job will wait until resources become available. However, with this strategy, you may have jobs waiting in the queue unnecessarily despite having more powerful instances available. Below is an example of how that situation might look like: -``` +```plaintext Compute Environment: 1. m5.xlarge => 4 vCPU 2. m5.2xlarge => 8 vCPU ``` -``` +```plaintext Job Queue: --------- | A | B | @@ -96,7 +103,8 @@ The alternative would be to use the `BEST_FIT_PROGRESSIVE` strategy in order for ### Launch template support Simply define your Launch Template: -```typescript + +```ts const myLaunchTemplate = new ec2.CfnLaunchTemplate(this, 'LaunchTemplate', { launchTemplateName: 'extra-storage-template', launchTemplateData: { @@ -116,7 +124,7 @@ const myLaunchTemplate = new ec2.CfnLaunchTemplate(this, 'LaunchTemplate', { and use it: -```typescript +```ts const myComputeEnv = new batch.ComputeEnvironment(this, 'ComputeEnv', { computeResources: { launchTemplate: { diff --git a/packages/@aws-cdk/aws-batch/package.json b/packages/@aws-cdk/aws-batch/package.json index e9a73189f0716..042c700c214d7 100644 --- a/packages/@aws-cdk/aws-batch/package.json +++ b/packages/@aws-cdk/aws-batch/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Batch", diff --git a/packages/@aws-cdk/aws-budgets/README.md b/packages/@aws-cdk/aws-budgets/README.md index 8458bff0dea78..90c1e8567a673 100644 --- a/packages/@aws-cdk/aws-budgets/README.md +++ b/packages/@aws-cdk/aws-budgets/README.md @@ -1,12 +1,16 @@ -## AWS Budgets Construct Library +# AWS Budgets Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-budgets/package.json b/packages/@aws-cdk/aws-budgets/package.json index 24ae856195ad4..88615407e5a16 100644 --- a/packages/@aws-cdk/aws-budgets/package.json +++ b/packages/@aws-cdk/aws-budgets/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Budgets", diff --git a/packages/@aws-cdk/aws-cassandra/README.md b/packages/@aws-cdk/aws-cassandra/README.md index c616a9e89e55d..50e34cd63ba9d 100644 --- a/packages/@aws-cdk/aws-cassandra/README.md +++ b/packages/@aws-cdk/aws-cassandra/README.md @@ -1,12 +1,16 @@ -## AWS::Cassandra Construct Library +# AWS::Cassandra Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-cassandra/package.json b/packages/@aws-cdk/aws-cassandra/package.json index c047c535fad5a..dbf22f7b0acf4 100644 --- a/packages/@aws-cdk/aws-cassandra/package.json +++ b/packages/@aws-cdk/aws-cassandra/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Cassandra", diff --git a/packages/@aws-cdk/aws-ce/README.md b/packages/@aws-cdk/aws-ce/README.md index f2236a104f111..c5723bd9714db 100644 --- a/packages/@aws-cdk/aws-ce/README.md +++ b/packages/@aws-cdk/aws-ce/README.md @@ -1,12 +1,16 @@ -## AWS::CE Construct Library +# AWS::CE Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-ce/package.json b/packages/@aws-cdk/aws-ce/package.json index b34e30b82ca4b..323ca8cceb82f 100644 --- a/packages/@aws-cdk/aws-ce/package.json +++ b/packages/@aws-cdk/aws-ce/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CE", diff --git a/packages/@aws-cdk/aws-certificatemanager/README.md b/packages/@aws-cdk/aws-certificatemanager/README.md index f90edaf1ef9bf..5c27597f6701b 100644 --- a/packages/@aws-cdk/aws-certificatemanager/README.md +++ b/packages/@aws-cdk/aws-certificatemanager/README.md @@ -1,6 +1,6 @@ -## AWS Certificate Manager Construct Library - +# AWS Certificate Manager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,8 +8,10 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications. ACM certificates can secure singular domain names, multiple specific domain names, wildcard domains, or combinations of these. ACM wildcard certificates can protect an unlimited number of subdomains. @@ -28,7 +30,7 @@ service, or provision them manually and import them into your CDK application. The default limit is 2000, but this limit may be (much) lower on new AWS accounts. See https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html for more information. -### DNS validation +## DNS validation DNS validation is the preferred method to validate domain ownership, as it has a number of advantages over email validation. See also [Validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) @@ -81,7 +83,7 @@ const cert = new acm.Certificate(this, 'Certificate', { }); ``` -### Email validation +## Email validation Email-validated certificates (the default) are validated by receiving an email on one of a number of predefined domains and following the instructions @@ -97,7 +99,7 @@ new acm.Certificate(this, 'Certificate', { }); ``` -### Cross-region Certificates +## Cross-region Certificates ACM certificates that are used with CloudFront -- or higher-level constructs which rely on CloudFront -- must be in the `us-east-1` region. The `DnsValidatedCertificate` construct exists to faciliate creating these certificates cross-region. This resource can only be used with @@ -111,7 +113,7 @@ new acm.DnsValidatedCertificate(this, 'CrossRegionCertificate', { }); ``` -### Importing +## Importing If you want to import an existing certificate, you can do so from its ARN: @@ -120,7 +122,7 @@ const arn = 'arn:aws:...'; const certificate = Certificate.fromCertificateArn(this, 'Certificate', arn); ``` -### Sharing between Stacks +## Sharing between Stacks To share the certificate between stacks in the same CDK application, simply pass the `Certificate` object between the stacks. diff --git a/packages/@aws-cdk/aws-certificatemanager/package.json b/packages/@aws-cdk/aws-certificatemanager/package.json index 48bd42cdf9a37..5ef9c714cde23 100644 --- a/packages/@aws-cdk/aws-certificatemanager/package.json +++ b/packages/@aws-cdk/aws-certificatemanager/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CertificateManager", diff --git a/packages/@aws-cdk/aws-chatbot/README.md b/packages/@aws-cdk/aws-chatbot/README.md index 27954ad252d9d..d46f0e704110e 100644 --- a/packages/@aws-cdk/aws-chatbot/README.md +++ b/packages/@aws-cdk/aws-chatbot/README.md @@ -1,16 +1,24 @@ -## AWS::Chatbot Construct Library +# AWS::Chatbot Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + AWS Chatbot is an AWS service that enables DevOps and software development teams to use Slack chat rooms to monitor and respond to operational events in their AWS Cloud. AWS Chatbot processes AWS service notifications from Amazon Simple Notification Service (Amazon SNS), and forwards them to Slack chat rooms so teams can analyze and act on them immediately, regardless of location. @@ -40,7 +48,7 @@ slackChannel.addToPrincipalPolicy(new iam.PolicyStatement({ })); ``` -### Log Group +## Log Group Slack channel configuration automatically create a log group with the name `/aws/chatbot/` in `us-east-1` upon first execution with log data set to never expire. diff --git a/packages/@aws-cdk/aws-chatbot/package.json b/packages/@aws-cdk/aws-chatbot/package.json index e3ead040537d9..eb4c05bdcdab2 100644 --- a/packages/@aws-cdk/aws-chatbot/package.json +++ b/packages/@aws-cdk/aws-chatbot/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Chatbot", diff --git a/packages/@aws-cdk/aws-cloud9/README.md b/packages/@aws-cdk/aws-cloud9/README.md index 6f7ca79297807..36bdc6d4a3d4c 100644 --- a/packages/@aws-cdk/aws-cloud9/README.md +++ b/packages/@aws-cdk/aws-cloud9/README.md @@ -1,16 +1,24 @@ -## AWS Cloud9 Construct Library +# AWS Cloud9 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. @@ -18,7 +26,7 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser. It includes a code editor, debugger, and terminal. Cloud9 comes prepackaged with essential tools for popular programming languages, including JavaScript, Python, PHP, and more, so you don’t need to install files or configure your development machine to start new projects. Since your Cloud9 IDE is cloud-based, you can work on your projects from your office, home, or anywhere using an internet-connected machine. Cloud9 also provides a seamless experience for developing serverless applications enabling you to easily define resources, debug, and switch between local and remote execution of serverless applications. With Cloud9, you can quickly share your development environment with your team, enabling you to pair program and track each other's inputs in real time. -### Creating EC2 Environment +## Creating EC2 Environment EC2 Environments are defined with `Ec2Environment`. To create an EC2 environment in the private subnet, specify `subnetSelection` with private `subnetType`. @@ -49,7 +57,7 @@ const c9env = new cloud9.Ec2Environment(this, 'Cloud9Env3', { new cdk.CfnOutput(this, 'URL', { value: c9env.ideUrl }); ``` -### Cloning Repositories +## Cloning Repositories Use `clonedRepositories` to clone one or multiple AWS Codecommit repositories into the environment: diff --git a/packages/@aws-cdk/aws-cloud9/package.json b/packages/@aws-cdk/aws-cloud9/package.json index eb83f5a4e7544..ba53213d22aac 100644 --- a/packages/@aws-cdk/aws-cloud9/package.json +++ b/packages/@aws-cdk/aws-cloud9/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Cloud9", diff --git a/packages/@aws-cdk/aws-cloudformation/README.md b/packages/@aws-cdk/aws-cloudformation/README.md index b9106ce98a114..f37db8ba71325 100644 --- a/packages/@aws-cdk/aws-cloudformation/README.md +++ b/packages/@aws-cdk/aws-cloudformation/README.md @@ -1,5 +1,6 @@ -## AWS CloudFormation Construct Library +# AWS CloudFormation Construct Library + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -7,6 +8,7 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-cloudformation/package.json b/packages/@aws-cdk/aws-cloudformation/package.json index 1c8a3abc64568..299816954909b 100644 --- a/packages/@aws-cdk/aws-cloudformation/package.json +++ b/packages/@aws-cdk/aws-cloudformation/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CloudFormation" diff --git a/packages/@aws-cdk/aws-cloudfront-origins/README.md b/packages/@aws-cdk/aws-cloudfront-origins/README.md index 8047fd612b814..b795fe6bc86b8 100644 --- a/packages/@aws-cdk/aws-cloudfront-origins/README.md +++ b/packages/@aws-cdk/aws-cloudfront-origins/README.md @@ -1,13 +1,18 @@ # CloudFront Origins for the CDK CloudFront Library - + --- ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + This library contains convenience methods for defining origins for a CloudFront distribution. You can use this library to create origins from diff --git a/packages/@aws-cdk/aws-cloudfront-origins/package.json b/packages/@aws-cdk/aws-cloudfront-origins/package.json index 53bcd522450fc..212652a19cb89 100644 --- a/packages/@aws-cdk/aws-cloudfront-origins/package.json +++ b/packages/@aws-cdk/aws-cloudfront-origins/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "jest": true, @@ -72,7 +73,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "pkglint": "0.0.0" diff --git a/packages/@aws-cdk/aws-cloudfront/.gitignore b/packages/@aws-cdk/aws-cloudfront/.gitignore index 832d814be5d7a..e65361cd8269a 100644 --- a/packages/@aws-cdk/aws-cloudfront/.gitignore +++ b/packages/@aws-cdk/aws-cloudfront/.gitignore @@ -15,4 +15,6 @@ nyc.config.js !.eslintrc.js !jest.config.js -junit.xml \ No newline at end of file +!lib/experimental/edge-function/index.js + +junit.xml diff --git a/packages/@aws-cdk/aws-cloudfront/README.md b/packages/@aws-cdk/aws-cloudfront/README.md index a75dc7aa9dce4..689cb77945452 100644 --- a/packages/@aws-cdk/aws-cloudfront/README.md +++ b/packages/@aws-cdk/aws-cloudfront/README.md @@ -1,21 +1,35 @@ -## Amazon CloudFront Construct Library - +# Amazon CloudFront Construct Library + --- -| Features | Stability | -| --- | --- | -| CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for Distribution | ![Developer Preview](https://img.shields.io/badge/developer--preview-informational.svg?style=for-the-badge) | -| Higher level constructs for CloudFrontWebDistribution | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | +Features | Stability +------------------------------------------------------|--------------------------------------------- +CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for Distribution | ![Developer Preview](https://img.shields.io/badge/developer--preview-informational.svg?style=for-the-badge) +Higher level constructs for CloudFrontWebDistribution | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) + +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + + -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> **Developer Preview:** Higher level constructs in this module that are marked as developer +> preview have completed their phase of active development and are looking for adoption and +> feedback. While the same caveats around non-backward compatible as Experimental constructs apply, +> they will undergo fewer breaking changes. Just as with Experimental constructs, these are not +> subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. -> **Developer Preview:** Higher level constructs in this module that are marked as developer preview have completed their phase of active development and are looking for adoption and feedback. While the same caveats around non-backward compatible as Experimental constructs apply, they will undergo fewer breaking changes. Just as with Experimental constructs, these are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. + -> **Stable:** Higher level constructs in this module that are marked stable will not undergo any breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any +> breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. --- + Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to @@ -251,8 +265,12 @@ or authorize requests based on headers or authorization tokens. The following shows a Lambda@Edge function added to the default behavior and triggered on every request: -```typescript -const myFunc = new lambda.Function(...); +```ts +const myFunc = new cloudfront.experimental.EdgeFunction(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), +}); new cloudfront.Distribution(this, 'myDist', { defaultBehavior: { origin: new origins.S3Origin(myBucket), @@ -266,11 +284,25 @@ new cloudfront.Distribution(this, 'myDist', { }); ``` +> **Note:** Lambda@Edge functions must be created in the `us-east-1` region, regardless of the region of the CloudFront distribution and stack. +> To make it easier to request functions for Lambda@Edge, the `EdgeFunction` construct can be used. +> The `EdgeFunction` construct will automatically request a function in `us-east-1`, regardless of the region of the current stack. +> `EdgeFunction` has the same interface as `Function` and can be created and used interchangably. + +If the stack is in `us-east-1`, a "normal" `lambda.Function` can be used instead of an `EdgeFunction`. + +```ts +const myFunc = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), +}); +``` + Lambda@Edge functions can also be associated with additional behaviors, -either at Distribution creation time, -or after. +either at or after Distribution creation time. -```typescript +```ts // assigning at Distribution creation const myOrigin = new origins.S3Origin(myBucket); new cloudfront.Distribution(this, 'myDist', { diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts new file mode 100644 index 0000000000000..1a93ec84c0584 --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts @@ -0,0 +1,262 @@ +import * as crypto from 'crypto'; +import * as path from 'path'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as ssm from '@aws-cdk/aws-ssm'; +import { + BootstraplessSynthesizer, CfnResource, ConstructNode, + CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, + DefaultStackSynthesizer, IStackSynthesizer, Resource, Stack, Stage, Token, +} from '@aws-cdk/core'; +import { Construct } from 'constructs'; + +/** + * Properties for creating a Lambda@Edge function + * @experimental + */ +export interface EdgeFunctionProps extends lambda.FunctionProps { } + +/** + * A Lambda@Edge function. + * + * Convenience resource for requesting a Lambda function in the 'us-east-1' region for use with Lambda@Edge. + * Implements several restrictions enforced by Lambda@Edge. + * + * @resource AWS::Lambda::Function + * @experimental + */ +export class EdgeFunction extends Resource implements lambda.IVersion { + + private static readonly EDGE_REGION: string = 'us-east-1'; + + public readonly edgeArn: string; + public readonly functionName: string; + public readonly functionArn: string; + public readonly grantPrincipal: iam.IPrincipal; + public readonly isBoundToVpc = false; + public readonly permissionsNode: ConstructNode; + public readonly role?: iam.IRole; + public readonly version: string; + + // functionStack needed for `addAlias`. + private readonly functionStack: Stack; + private readonly _edgeFunction: lambda.Function; + + constructor(scope: Construct, id: string, props: EdgeFunctionProps) { + super(scope, id); + + // Create a simple Function if we're already in us-east-1; otherwise create a cross-region stack. + const regionIsUsEast1 = !Token.isUnresolved(this.stack.region) && this.stack.region === 'us-east-1'; + const { functionStack, edgeFunction, edgeArn } = regionIsUsEast1 + ? this.createInRegionFunction(props) + : this.createCrossRegionFunction(id, props); + + this.functionStack = functionStack; + this.edgeArn = edgeArn; + + this.functionArn = edgeArn; + this._edgeFunction = edgeFunction; + this.functionName = this._edgeFunction.functionName; + this.grantPrincipal = this._edgeFunction.role!; + this.permissionsNode = this._edgeFunction.permissionsNode; + this.version = lambda.extractQualifierFromArn(this.functionArn); + + this.node.defaultChild = this._edgeFunction; + } + + public get lambda(): lambda.IFunction { + return this._edgeFunction; + } + + /** + * Convenience method to make `EdgeFunction` conform to the same interface as `Function`. + */ + public get currentVersion(): lambda.IVersion { + return this; + } + + public addAlias(aliasName: string, options: lambda.AliasOptions = {}): lambda.Alias { + return new lambda.Alias(this.functionStack, `Alias${aliasName}`, { + aliasName, + version: this._edgeFunction.currentVersion, + ...options, + }); + } + + /** + * Not supported. Connections are only applicable to VPC-enabled functions. + */ + public get connections(): ec2.Connections { + throw new Error('Lambda@Edge does not support connections'); + } + public get latestVersion(): lambda.IVersion { + throw new Error('$LATEST function version cannot be used for Lambda@Edge'); + } + + public addEventSourceMapping(id: string, options: lambda.EventSourceMappingOptions): lambda.EventSourceMapping { + return this.lambda.addEventSourceMapping(id, options); + } + public addPermission(id: string, permission: lambda.Permission): void { + return this.lambda.addPermission(id, permission); + } + public addToRolePolicy(statement: iam.PolicyStatement): void { + return this.lambda.addToRolePolicy(statement); + } + public grantInvoke(identity: iam.IGrantable): iam.Grant { + return this.lambda.grantInvoke(identity); + } + public metric(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.lambda.metric(metricName, { ...props, region: EdgeFunction.EDGE_REGION }); + } + public metricDuration(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.lambda.metricDuration({ ...props, region: EdgeFunction.EDGE_REGION }); + } + public metricErrors(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.lambda.metricErrors({ ...props, region: EdgeFunction.EDGE_REGION }); + } + public metricInvocations(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.lambda.metricInvocations({ ...props, region: EdgeFunction.EDGE_REGION }); + } + public metricThrottles(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + return this.lambda.metricThrottles({ ...props, region: EdgeFunction.EDGE_REGION }); + } + /** Adds an event source to this function. */ + public addEventSource(source: lambda.IEventSource): void { + return this.lambda.addEventSource(source); + } + public configureAsyncInvoke(options: lambda.EventInvokeConfigOptions): void { + return this.lambda.configureAsyncInvoke(options); + } + + /** Create a function in-region */ + private createInRegionFunction(props: lambda.FunctionProps): FunctionConfig { + const edgeFunction = new lambda.Function(this, 'Fn', props); + addEdgeLambdaToRoleTrustStatement(edgeFunction.role!); + + return { edgeFunction, edgeArn: edgeFunction.currentVersion.edgeArn, functionStack: this.stack }; + } + + /** Create a support stack and function in us-east-1, and a SSM reader in-region */ + private createCrossRegionFunction(id: string, props: lambda.FunctionProps): FunctionConfig { + const parameterNamePrefix = 'EdgeFunctionArn'; + const parameterName = `${parameterNamePrefix}${id}`; + const functionStack = this.edgeStack(); + + const edgeFunction = new lambda.Function(functionStack, id, props); + addEdgeLambdaToRoleTrustStatement(edgeFunction.role!); + + // Store the current version's ARN to be retrieved by the cross region reader below. + new ssm.StringParameter(edgeFunction, 'Parameter', { + parameterName, + stringValue: edgeFunction.currentVersion.edgeArn, + }); + + const edgeArn = this.createCrossRegionArnReader(parameterNamePrefix, parameterName, edgeFunction); + + return { edgeFunction, edgeArn, functionStack }; + } + + private createCrossRegionArnReader(parameterNamePrefix: string, parameterName: string, edgeFunction: lambda.Function): string { + // Prefix of the parameter ARN that applies to all EdgeFunctions. + // This is necessary because the `CustomResourceProvider` is a singleton, and the `policyStatement` + // must work for multiple EdgeFunctions. + const parameterArnPrefix = this.stack.formatArn({ + service: 'ssm', + region: EdgeFunction.EDGE_REGION, + resource: 'parameter', + resourceName: parameterNamePrefix + '*', + }); + + const resourceType = 'Custom::CrossRegionStringParameterReader'; + const serviceToken = CustomResourceProvider.getOrCreate(this, resourceType, { + codeDirectory: path.join(__dirname, 'edge-function'), + runtime: CustomResourceProviderRuntime.NODEJS_12, + policyStatements: [{ + Effect: 'Allow', + Resource: parameterArnPrefix, + Action: ['ssm:GetParameter'], + }], + }); + const resource = new CustomResource(this, 'ArnReader', { + resourceType: resourceType, + serviceToken, + properties: { + Region: EdgeFunction.EDGE_REGION, + ParameterName: parameterName, + // This is used to determine when the function has changed, to refresh the ARN from the custom resource. + RefreshToken: calculateFunctionHash(edgeFunction), + }, + }); + + return resource.getAttString('FunctionArn'); + } + + private edgeStack(): Stack { + const stage = this.node.root; + if (!stage || !Stage.isStage(stage)) { + throw new Error('stacks which use EdgeFunctions must be part of a CDK app or stage'); + } + const region = this.env.region; + if (Token.isUnresolved(region)) { + throw new Error('stacks which use EdgeFunctions must have an explicitly set region'); + } + + const edgeStackId = `edge-lambda-stack-${region}`; + let edgeStack = stage.node.tryFindChild(edgeStackId) as Stack; + if (!edgeStack) { + edgeStack = new Stack(stage, edgeStackId, { + synthesizer: crossRegionSupportSynthesizer(this.stack), + env: { region: EdgeFunction.EDGE_REGION }, + }); + } + this.stack.addDependency(edgeStack); + return edgeStack; + } +} + +/** Result of creating an in-region or cross-region function */ +interface FunctionConfig { + readonly edgeFunction: lambda.Function; + readonly edgeArn: string; + readonly functionStack: Stack; +} + +// Stolen (and modified) from `@aws-cdk/aws-codepipeline`'s `Pipeline`. +function crossRegionSupportSynthesizer(stack: Stack): IStackSynthesizer | undefined { + // If we have the new synthesizer we need a bootstrapless copy of it, + // because we don't want to require bootstrapping the environment + // of the account in this replication region. + // Otherwise, return undefined to use the default. + const scopeStackSynthesizer = stack.synthesizer; + return (scopeStackSynthesizer instanceof DefaultStackSynthesizer) + ? new BootstraplessSynthesizer({ + deployRoleArn: scopeStackSynthesizer.deployRoleArn, + cloudFormationExecutionRoleArn: scopeStackSynthesizer.cloudFormationExecutionRoleArn, + }) + : undefined; +} + +function addEdgeLambdaToRoleTrustStatement(role: iam.IRole) { + if (role instanceof iam.Role && role.assumeRolePolicy) { + const statement = new iam.PolicyStatement(); + const edgeLambdaServicePrincipal = new iam.ServicePrincipal('edgelambda.amazonaws.com'); + statement.addPrincipals(edgeLambdaServicePrincipal); + statement.addActions(edgeLambdaServicePrincipal.assumeRoleAction); + role.assumeRolePolicy.addStatements(statement); + } +} + +// Stolen from @aws-lambda/lib/function-hash.ts, which isn't currently exported. +// This should be DRY'ed up (exported by @aws-lambda) before this is marked as stable. +function calculateFunctionHash(fn: lambda.Function) { + const stack = Stack.of(fn); + const functionResource = fn.node.defaultChild as CfnResource; + // render the cloudformation resource from this function + const config = stack.resolve((functionResource as any)._toCloudFormation()); + + const hash = crypto.createHash('md5'); + hash.update(JSON.stringify(config)); + return hash.digest('hex'); +} diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function/index.js b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function/index.js new file mode 100644 index 0000000000000..b3bf920efd2e3 --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function/index.js @@ -0,0 +1,19 @@ +var AWS = require('aws-sdk'); + +exports.handler = async function (event) { + const props = event.ResourceProperties; + + console.info(`Reading function ARN from SSM parameter ${props.ParameterName} in region ${props.Region}`); + + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + const ssm = new AWS.SSM({ region: props.Region }); + const ssmParameter = await ssm.getParameter({ Name: props.ParameterName }).promise(); + console.info('Response: %j', ssmParameter); + const functionArn = ssmParameter.Parameter.Value; + return { + Data: { + FunctionArn: functionArn, + }, + }; + } +}; diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/index.ts b/packages/@aws-cdk/aws-cloudfront/lib/experimental/index.ts new file mode 100644 index 0000000000000..a1362556b10ea --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/index.ts @@ -0,0 +1 @@ +export * from './edge-function'; diff --git a/packages/@aws-cdk/aws-cloudfront/lib/index.ts b/packages/@aws-cdk/aws-cloudfront/lib/index.ts index e04d76a72e48d..b0bd550231be3 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/index.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/index.ts @@ -6,5 +6,7 @@ export * from './origin_access_identity'; export * from './origin-request-policy'; export * from './web_distribution'; +export * as experimental from './experimental'; + // AWS::CloudFront CloudFormation Resources: export * from './cloudfront.generated'; diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index 0ff97a8f23c3b..a47d074758e54 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CloudFront", @@ -73,7 +74,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -82,20 +83,26 @@ }, "dependencies": { "@aws-cdk/aws-certificatemanager": "0.0.0", + "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", + "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^3.2.0" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-certificatemanager": "0.0.0", + "@aws-cdk/aws-cloudwatch": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", + "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^3.2.0" }, diff --git a/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts new file mode 100644 index 0000000000000..faeffde9edc51 --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts @@ -0,0 +1,202 @@ +import '@aws-cdk/assert/jest'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as cdk from '@aws-cdk/core'; +import * as cloudfront from '../../lib'; + +let app: cdk.App; +let stack: cdk.Stack; + +beforeEach(() => { + app = new cdk.App(); + stack = new cdk.Stack(app, 'Stack', { + env: { account: '111111111111', region: 'testregion' }, + }); +}); + +describe('stacks', () => { + test('creates a custom resource and supporting resources in main stack', () => { + new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + expect(stack).toHaveResource('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [{ + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'lambda.amazonaws.com' }, + }], + Version: '2012-10-17', + }, + ManagedPolicyArns: [ + { 'Fn::Sub': 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole' }, + ], + Policies: [{ + PolicyName: 'Inline', + PolicyDocument: { + Version: '2012-10-17', + Statement: [{ + Effect: 'Allow', + Resource: { + 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':ssm:us-east-1:111111111111:parameter/EdgeFunctionArn*']], + }, + Action: ['ssm:GetParameter'], + }], + }, + }], + }); + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Handler: '__entrypoint__.handler', + Role: { + 'Fn::GetAtt': ['CustomCrossRegionStringParameterReaderCustomResourceProviderRole71CD6825', 'Arn'], + }, + }); + expect(stack).toHaveResource('Custom::CrossRegionStringParameterReader', { + ServiceToken: { + 'Fn::GetAtt': ['CustomCrossRegionStringParameterReaderCustomResourceProviderHandler65B5F33A', 'Arn'], + }, + Region: 'us-east-1', + ParameterName: 'EdgeFunctionArnMyFn', + }); + }); + + test('creates the actual function and supporting resources in us-east-1 stack', () => { + new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + const fnStack = getFnStack(); + + expect(fnStack).toHaveResource('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'lambda.amazonaws.com' }, + }, + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'edgelambda.amazonaws.com' }, + }, + ], + Version: '2012-10-17', + }, + ManagedPolicyArns: [ + { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/service-role/AWSLambdaBasicExecutionRole']] }, + ], + }); + expect(fnStack).toHaveResource('AWS::Lambda::Function', { + Code: { ZipFile: 'foo' }, + Handler: 'index.handler', + Role: { 'Fn::GetAtt': ['MyFnServiceRoleF3016589', 'Arn'] }, + Runtime: 'nodejs12.x', + }); + expect(fnStack).toHaveResource('AWS::Lambda::Version', { + FunctionName: { Ref: 'MyFn6F8F742F' }, + }); + expect(fnStack).toHaveResource('AWS::SSM::Parameter', { + Type: 'String', + Value: { Ref: 'MyFnCurrentVersion309B29FC29686ce94039b6e08d1645be854b3ac9' }, + Name: 'EdgeFunctionArnMyFn', + }); + }); + + test('creates minimal constructs if scope region is us-east-1', () => { + app = new cdk.App(); + stack = new cdk.Stack(app, 'Stack', { + env: { account: '111111111111', region: 'us-east-1' }, + }); + new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + expect(stack).toHaveResource('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'lambda.amazonaws.com' }, + }, + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'edgelambda.amazonaws.com' }, + }, + ], + Version: '2012-10-17', + }, + ManagedPolicyArns: [ + { 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/service-role/AWSLambdaBasicExecutionRole']] }, + ], + }); + expect(stack).toHaveResource('AWS::Lambda::Function', { + Code: { ZipFile: 'foo' }, + Handler: 'index.handler', + Role: { 'Fn::GetAtt': ['MyFnServiceRole3F9D41E1', 'Arn'] }, + Runtime: 'nodejs12.x', + }); + expect(stack).toHaveResource('AWS::Lambda::Version', { + FunctionName: { Ref: 'MyFn223608AD' }, + }); + }); + + test('only one cross-region stack is created for multiple functions', () => { + new cloudfront.experimental.EdgeFunction(stack, 'MyFn1', defaultEdgeFunctionProps()); + new cloudfront.experimental.EdgeFunction(stack, 'MyFn2', defaultEdgeFunctionProps()); + + const fnStack = getFnStack(); + expect(fnStack).toCountResources('AWS::Lambda::Function', 2); + }); +}); + +test('addAlias() creates alias in function stack', () => { + const fn = new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + fn.addAlias('MyCurrentAlias'); + + const fnStack = getFnStack(); + expect(fnStack).toHaveResourceLike('AWS::Lambda::Alias', { + Name: 'MyCurrentAlias', + }); +}); + +test('addPermission() creates permissions in function stack', () => { + const fn = new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + fn.addPermission('MyPerms', { + action: 'lambda:InvokeFunction', + principal: new iam.AccountPrincipal('123456789012'), + }); + + const fnStack = getFnStack(); + expect(fnStack).toHaveResourceLike('AWS::Lambda::Permission', { + Action: 'lambda:InvokeFunction', + Principal: '123456789012', + }); +}); + +test('metric methods', () => { + const fn = new cloudfront.experimental.EdgeFunction(stack, 'MyFn', defaultEdgeFunctionProps()); + + const metrics = new Array(); + metrics.push(fn.metricDuration()); + metrics.push(fn.metricErrors()); + metrics.push(fn.metricInvocations()); + metrics.push(fn.metricThrottles()); + + for (const metric of metrics) { + expect(metric.namespace).toEqual('AWS/Lambda'); + expect(metric.region).toEqual('us-east-1'); + } +}); + +function defaultEdgeFunctionProps() { + return { + code: lambda.Code.fromInline('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_12_X, + }; +} + +function getFnStack(region: string = 'testregion'): cdk.Stack { + return app.node.findChild(`edge-lambda-stack-${region}`) as cdk.Stack; +} diff --git a/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json new file mode 100644 index 0000000000000..aafb7b7e3982f --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json @@ -0,0 +1,261 @@ +[ + { + "Resources": { + "LambdaArnReaderAB4FC772": { + "Type": "Custom::CrossRegionStringParameterReader", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomCrossRegionStringParameterReaderCustomResourceProviderHandler65B5F33A", + "Arn" + ] + }, + "Region": "us-east-1", + "ParameterName": "EdgeFunctionArnLambda", + "RefreshToken": "4412ddb0ae449da20173ca211c51fddc" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "CustomCrossRegionStringParameterReaderCustomResourceProviderRole71CD6825": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":ssm:us-east-1:", + { + "Ref": "AWS::AccountId" + }, + ":parameter/EdgeFunctionArn*" + ] + ] + }, + "Action": [ + "ssm:GetParameter" + ] + } + ] + } + } + ] + } + }, + "CustomCrossRegionStringParameterReaderCustomResourceProviderHandler65B5F33A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241S3BucketF1BC72A7" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241S3VersionKey7AD83AC7" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241S3VersionKey7AD83AC7" + } + ] + } + ] + } + ] + ] + } + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "__entrypoint__.handler", + "Role": { + "Fn::GetAtt": [ + "CustomCrossRegionStringParameterReaderCustomResourceProviderRole71CD6825", + "Arn" + ] + }, + "Runtime": "nodejs12.x" + }, + "DependsOn": [ + "CustomCrossRegionStringParameterReaderCustomResourceProviderRole71CD6825" + ] + }, + "DistB3B78991": { + "Type": "AWS::CloudFront::Distribution", + "Properties": { + "DistributionConfig": { + "DefaultCacheBehavior": { + "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", + "Compress": true, + "LambdaFunctionAssociations": [ + { + "EventType": "origin-request", + "LambdaFunctionARN": { + "Fn::GetAtt": [ + "LambdaArnReaderAB4FC772", + "FunctionArn" + ] + } + } + ], + "TargetOriginId": "integdistributionlambdacrossregionDistOrigin167A054D5", + "ViewerProtocolPolicy": "allow-all" + }, + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Origins": [ + { + "CustomOriginConfig": { + "OriginProtocolPolicy": "https-only" + }, + "DomainName": "www.example.com", + "Id": "integdistributionlambdacrossregionDistOrigin167A054D5" + } + ] + } + } + } + }, + "Parameters": { + "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241S3BucketF1BC72A7": { + "Type": "String", + "Description": "S3 bucket for asset \"45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241\"" + }, + "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241S3VersionKey7AD83AC7": { + "Type": "String", + "Description": "S3 key for asset version \"45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241\"" + }, + "AssetParameters45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241ArtifactHash1B3D1B80": { + "Type": "String", + "Description": "Artifact hash for asset \"45b7ed524ce2b119dd4f2b8642ae8bfaf0df45bc6bd705072ae4ee6d1a999241\"" + } + } + }, + { + "Resources": { + "LambdaServiceRoleA8ED4D3B": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + }, + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "edgelambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaD247545B": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "LambdaServiceRoleA8ED4D3B", + "Arn" + ] + }, + "Runtime": "nodejs10.x" + }, + "DependsOn": [ + "LambdaServiceRoleA8ED4D3B" + ] + }, + "LambdaCurrentVersionDF706F6A97fb843e9bd06fcd2bb15eeace80e13e": { + "Type": "AWS::Lambda::Version", + "Properties": { + "FunctionName": { + "Ref": "LambdaD247545B" + } + } + }, + "LambdaParameterCDCFFB68": { + "Type": "AWS::SSM::Parameter", + "Properties": { + "Type": "String", + "Value": { + "Ref": "LambdaCurrentVersionDF706F6A97fb843e9bd06fcd2bb15eeace80e13e" + }, + "Name": "EdgeFunctionArnLambda" + } + } + } + } +] \ No newline at end of file diff --git a/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.ts b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.ts new file mode 100644 index 0000000000000..5814ab3d6ce59 --- /dev/null +++ b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.ts @@ -0,0 +1,27 @@ +/// !cdk-integ * +import * as lambda from '@aws-cdk/aws-lambda'; +import * as cdk from '@aws-cdk/core'; +import * as cloudfront from '../lib'; +import { TestOrigin } from './test-origin'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'integ-distribution-lambda-cross-region', { env: { region: 'eu-west-1' } }); + +const lambdaFunction = new cloudfront.experimental.EdgeFunction(stack, 'Lambda', { + code: lambda.Code.fromInline('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_10_X, +}); + +new cloudfront.Distribution(stack, 'Dist', { + defaultBehavior: { + origin: new TestOrigin('www.example.com'), + cachePolicy: cloudfront.CachePolicy.CACHING_DISABLED, + edgeLambdas: [{ + functionVersion: lambdaFunction.currentVersion, + eventType: cloudfront.LambdaEdgeEventType.ORIGIN_REQUEST, + }], + }, +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-cloudtrail/README.md b/packages/@aws-cdk/aws-cloudtrail/README.md index 358eb9c5a796b..2e4f38576b540 100644 --- a/packages/@aws-cdk/aws-cloudtrail/README.md +++ b/packages/@aws-cdk/aws-cloudtrail/README.md @@ -1,5 +1,6 @@ -## AWS CloudTrail Construct Library +# AWS CloudTrail Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + ## Trail @@ -180,4 +182,4 @@ const amazingFunction = new lambda.Function(stack, 'AnAmazingFunction', { // Add an event selector to log data events for the provided Lambda functions. trail.addLambdaEventSelector([ lambdaFunction ]); -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index 3155decd9f212..2d8379f1c8844 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CloudTrail", @@ -73,7 +74,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-cloudwatch-actions/README.md b/packages/@aws-cdk/aws-cloudwatch-actions/README.md index 73f541d4a47b9..03d84220c5c08 100644 --- a/packages/@aws-cdk/aws-cloudwatch-actions/README.md +++ b/packages/@aws-cdk/aws-cloudwatch-actions/README.md @@ -1,12 +1,14 @@ # CloudWatch Alarm Actions library + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library contains a set of classes which can be used as CloudWatch Alarm actions. -See `@aws-cdk/aws-cloudwatch` for more information. \ No newline at end of file +See `@aws-cdk/aws-cloudwatch` for more information. diff --git a/packages/@aws-cdk/aws-cloudwatch-actions/package.json b/packages/@aws-cdk/aws-cloudwatch-actions/package.json index 8d845afd8eff9..7955ca032bef2 100644 --- a/packages/@aws-cdk/aws-cloudwatch-actions/package.json +++ b/packages/@aws-cdk/aws-cloudwatch-actions/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-cloudwatch/README.md b/packages/@aws-cdk/aws-cloudwatch/README.md index e1a120a085b4a..77ee7844757be 100644 --- a/packages/@aws-cdk/aws-cloudwatch/README.md +++ b/packages/@aws-cdk/aws-cloudwatch/README.md @@ -1,5 +1,6 @@ -## Amazon CloudWatch Construct Library +# Amazon CloudWatch Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + ## Metric objects diff --git a/packages/@aws-cdk/aws-cloudwatch/package.json b/packages/@aws-cdk/aws-cloudwatch/package.json index e2a716c4fbda8..5a90a27f7e2ea 100644 --- a/packages/@aws-cdk/aws-cloudwatch/package.json +++ b/packages/@aws-cdk/aws-cloudwatch/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CloudWatch", diff --git a/packages/@aws-cdk/aws-codeartifact/README.md b/packages/@aws-cdk/aws-codeartifact/README.md index f86672c07c50a..3e65e5cb8dbaf 100644 --- a/packages/@aws-cdk/aws-codeartifact/README.md +++ b/packages/@aws-cdk/aws-codeartifact/README.md @@ -1,12 +1,16 @@ -## AWS::CodeArtifact Construct Library +# AWS::CodeArtifact Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-codeartifact/package.json b/packages/@aws-cdk/aws-codeartifact/package.json index b34c43c558a78..32bcd12d1a022 100644 --- a/packages/@aws-cdk/aws-codeartifact/package.json +++ b/packages/@aws-cdk/aws-codeartifact/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeArtifact", diff --git a/packages/@aws-cdk/aws-codebuild/README.md b/packages/@aws-cdk/aws-codebuild/README.md index 8dc9d1db9f9ec..83b1977014074 100644 --- a/packages/@aws-cdk/aws-codebuild/README.md +++ b/packages/@aws-cdk/aws-codebuild/README.md @@ -1,5 +1,6 @@ -## AWS CodeBuild Construct Library +# AWS CodeBuild Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + AWS CodeBuild is a fully managed continuous integration service that compiles @@ -85,7 +87,7 @@ new codebuild.Project(this, 'MyProject', { These source types can be used to build code from a GitHub repository. Example: -```typescript +```ts const gitHubSource = codebuild.Source.gitHub({ owner: 'awslabs', repo: 'aws-cdk', @@ -103,7 +105,7 @@ To provide GitHub credentials, please either go to AWS CodeBuild Console to conn or call `ImportSourceCredentials` to persist your personal access token. Example: -``` +```console aws codebuild import-source-credentials --server-type GITHUB --auth-type PERSONAL_ACCESS_TOKEN --token ``` @@ -122,7 +124,7 @@ const bbSource = codebuild.Source.bitBucket({ For all Git sources, you can fetch submodules while cloing git repo. -```typescript +```ts const gitHubSource = codebuild.Source.gitHub({ owner: 'awslabs', repo: 'aws-cdk', @@ -163,7 +165,7 @@ It's a simple class that doesn't allow you to specify `sources`, as these are handled by setting input and output CodePipeline `Artifact` instances on the Action, instead of setting them on the Project. -```typescript +```ts const project = new codebuild.PipelineProject(this, 'Project', { // properties as above... }) @@ -179,7 +181,7 @@ You can save time when your project builds by using a cache. A cache can store r With S3 caching, the cache is stored in an S3 bucket which is available from multiple hosts. -```typescript +```ts new codebuild.Project(this, 'Project', { source: codebuild.Source.bitBucket({ owner: 'awslabs', @@ -199,7 +201,7 @@ guarantee cache hits. For example, when a build starts and caches files locally, * `LocalCacheMode.DOCKER_LAYER` caches existing Docker layers. * `LocalCacheMode.CUSTOM` caches directories you specify in the buildspec file. -```typescript +```ts new codebuild.Project(this, 'Project', { source: codebuild.Source.gitHubEnterprise({ httpsCloneUrl: 'https://my-github-enterprise.com/owner/repo', @@ -247,10 +249,10 @@ or one of the corresponding methods on `WindowsBuildImage`: * `WindowsBuildImage.fromEcrRepository(repo[, tag, imageType])` * `WindowsBuildImage.fromAsset(parent, id, props, [, imageType])` -Note that the `WindowsBuildImage` version of the static methods accepts an optional parameter of type `WindowsImageType`, +Note that the `WindowsBuildImage` version of the static methods accepts an optional parameter of type `WindowsImageType`, which can be either `WindowsImageType.STANDARD`, the default, or `WindowsImageType.SERVER_2019`: -```typescript +```ts new codebuild.Project(this, 'Project', { environment: { buildImage: codebuild.WindowsBuildImage.fromEcrRepository(ecrRepository, 'v1.0', codebuild.WindowsImageType.SERVER_2019), @@ -277,7 +279,7 @@ The class `LinuxGpuBuildImage` contains constants for working with [AWS Deep Learning Container images](https://aws.amazon.com/releasenotes/available-deep-learning-containers-images): -```typescript +```ts new codebuild.Project(this, 'Project', { environment: { buildImage: codebuild.LinuxGpuBuildImage.DLC_TENSORFLOW_2_1_0_INFERENCE, @@ -295,7 +297,7 @@ you can always specify the account (along with the repository name and tag) explicitly using the `awsDeepLearningContainersImage` method: -```typescript +```ts new codebuild.Project(this, 'Project', { environment: { buildImage: codebuild.LinuxGpuBuildImage.awsDeepLearningContainersImage( @@ -313,7 +315,7 @@ By default, logs will go to cloudwatch. ### CloudWatch Logs Example -```typescript +```ts new codebuild.Project(this, 'Project', { logging: { cloudWatch: { @@ -326,7 +328,7 @@ new codebuild.Project(this, 'Project', { ### S3 Logs Example -```typescript +```ts new codebuild.Project(this, 'Project', { logging: { s3: { @@ -342,7 +344,7 @@ new codebuild.Project(this, 'Project', { CodeBuild allows you to store credentials used when communicating with various sources, like GitHub: -```typescript +```ts new codebuild.GitHubSourceCredentials(this, 'CodeBuildGitHubCreds', { accessToken: cdk.SecretValue.secretsManager('my-token'), }); @@ -352,7 +354,7 @@ new codebuild.GitHubSourceCredentials(this, 'CodeBuildGitHubCreds', { and BitBucket: -```typescript +```ts new codebuild.BitBucketSourceCredentials(this, 'CodeBuildBitBucketCreds', { username: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'username' }), password: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'password' }), @@ -372,7 +374,7 @@ to inspect what credentials are stored in your account. You can specify a test report in your buildspec: -```typescript +```ts const project = new codebuild.Project(this, 'Project', { buildSpec: codebuild.BuildSpec.fromObject({ // ... @@ -394,7 +396,7 @@ with names starting with the project's name; if you'd rather not have those permissions added, you can opt out of it when creating the project: -```typescript +```ts const project = new codebuild.Project(this, 'Project', { // ... grantReportGroupPermissions: false, @@ -404,7 +406,7 @@ const project = new codebuild.Project(this, 'Project', { Alternatively, you can specify an ARN of an existing resource group, instead of a simple name, in your buildspec: -```typescript +```ts // create a new ReportGroup const reportGroup = new codebuild.ReportGroup(this, 'ReportGroup'); @@ -423,7 +425,7 @@ const project = new codebuild.Project(this, 'Project', { If you do that, you need to grant the project's role permissions to write reports to that report group: -```typescript +```ts reportGroup.grantWrite(project); ``` @@ -498,7 +500,7 @@ with their identifier. So, a buildspec for the above Project could look something like this: -```typescript +```ts const project = new codebuild.Project(this, 'MyProject', { // secondary sources and artifacts as above... buildSpec: codebuild.BuildSpec.fromObject({ diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 7810c82287f4c..75c3b79f76b66 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -792,6 +792,7 @@ export class Project extends ProjectBase { this.projectName = this.getResourceNameAttribute(resource.ref); this.addToRolePolicy(this.createLoggingPermission()); + this.addParameterStorePermission(props); // add permissions to create and use test report groups // with names starting with the project's name, // unless the customer explicitly opts out of it @@ -923,6 +924,30 @@ export class Project extends ProjectBase { }); } + private addParameterStorePermission(props: ProjectProps) { + if (!props.environmentVariables) { + return; + } + + const resources = Object.values(props.environmentVariables) + .filter(envVariable => envVariable.type === BuildEnvironmentVariableType.PARAMETER_STORE) + .map(envVariable => Stack.of(this).formatArn({ + service: 'ssm', + resource: 'parameter', + sep: ':', + resourceName: envVariable.value, + })); + + if (resources.length === 0) { + return; + } + + this.addToRolePolicy(new iam.PolicyStatement({ + actions: ['ssm:GetParameters'], + resources, + })); + } + private renderEnvironment( env: BuildEnvironment = {}, projectVars: { [name: string]: BuildEnvironmentVariable } = {}): CfnProject.EnvironmentProperty { diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 00f01bede7afe..eee1dd901175d 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeBuild", @@ -79,7 +80,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index 439427588afdb..ba7b804d779f1 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -1,4 +1,4 @@ -import { countResources, expect, haveResource, haveResourceLike, objectLike, not, ResourcePart } from '@aws-cdk/assert'; +import { countResources, expect, haveResource, haveResourceLike, objectLike, not, ResourcePart, arrayWith } from '@aws-cdk/assert'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; @@ -738,4 +738,156 @@ export = { test.done(); }, }, + + 'EnvironmentVariables': { + 'can use environment variables from parameter store'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), + }, + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: '/params/param1', + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + Environment: objectLike({ + EnvironmentVariables: [{ + Name: 'ENV_VAR1', + Type: 'PARAMETER_STORE', + Value: '/params/param1', + }], + }), + })); + + test.done(); + }, + + + 'grant read permission for parameter store variables'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), + }, + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: '/params/param1', + }, + 'ENV_VAR2': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: '/params/param2', + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith(objectLike({ + 'Action': 'ssm:GetParameters', + 'Effect': 'Allow', + 'Resource': [{ + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter:/params/param1', + ], + ], + }, + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter:/params/param2', + ], + ], + }], + })), + }, + })); + + + test.done(); + }, + + 'should not grant read permission when variables are not from parameter store'(test: Test) { + + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), + }, + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PLAINTEXT, + value: 'var1-value', + }, + }, + }); + + // THEN + expect(stack).notTo(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith(objectLike({ + 'Action': 'ssm:GetParameters', + 'Effect': 'Allow', + })), + }, + })); + + test.done(); + }, + }, }; diff --git a/packages/@aws-cdk/aws-codecommit/README.md b/packages/@aws-cdk/aws-codecommit/README.md index 856111b6a1626..e52d3cdc834e7 100644 --- a/packages/@aws-cdk/aws-codecommit/README.md +++ b/packages/@aws-cdk/aws-codecommit/README.md @@ -1,5 +1,6 @@ -## AWS CodeCommit Construct Library +# AWS CodeCommit Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + AWS CodeCommit is a version control service that enables you to privately store and manage Git repositories in the AWS cloud. diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index 34141449edc58..346cb4b594477 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeCommit", @@ -79,7 +80,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codedeploy/README.md b/packages/@aws-cdk/aws-codedeploy/README.md index 972ca7ef0a523..e8f878973ee6a 100644 --- a/packages/@aws-cdk/aws-codedeploy/README.md +++ b/packages/@aws-cdk/aws-codedeploy/README.md @@ -1,5 +1,6 @@ -## AWS CodeDeploy Construct Library +# AWS CodeDeploy Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + AWS CodeDeploy is a deployment service that automates application deployments to @@ -15,7 +17,7 @@ Amazon ECS services. The CDK currently supports Amazon EC2, on-premise and AWS Lambda applications. -### EC2/on-premise Applications +## EC2/on-premise Applications To create a new CodeDeploy Application that deploys to EC2/on-premise instances: @@ -35,7 +37,7 @@ const application = codedeploy.ServerApplication.fromServerApplicationName( ); ``` -### EC2/on-premise Deployment Groups +## EC2/on-premise Deployment Groups To create a new CodeDeploy Deployment Group that deploys to EC2/on-premise instances: @@ -96,7 +98,7 @@ const deploymentGroup = codedeploy.ServerDeploymentGroup.fromLambdaDeploymentGro }); ``` -#### Load balancers +### Load balancers You can [specify a load balancer](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) with the `loadBalancer` property when creating a Deployment Group. @@ -142,7 +144,7 @@ const deploymentGroup = new codedeploy.ServerDeploymentGroup(this, 'DeploymentGr }); ``` -### Deployment Configurations +## Deployment Configurations You can also pass a Deployment Configuration when creating the Deployment Group: @@ -173,7 +175,7 @@ const deploymentConfig = codedeploy.ServerDeploymentConfig.fromServerDeploymentC ); ``` -### Lambda Applications +## Lambda Applications To create a new CodeDeploy Application that deploys to a Lambda function: @@ -193,7 +195,7 @@ const application = codedeploy.LambdaApplication.fromLambdaApplicationName( ); ``` -### Lambda Deployment Groups +## Lambda Deployment Groups To enable traffic shifting deployments for Lambda functions, CodeDeploy uses Lambda Aliases, which can balance incoming traffic between two different versions of your function. Before deployment, the alias sends 100% of invokes to the version used in production. @@ -221,12 +223,13 @@ const deploymentGroup = new codedeploy.LambdaDeploymentGroup(stack, 'BlueGreenDe ``` In order to deploy a new version of this function: + 1. Increment the version, e.g. `const version = func.addVersion('2')`. 2. Re-deploy the stack (this will trigger a deployment). 3. Monitor the CodeDeploy deployment as traffic shifts between the versions. -#### Create a custom Deployment Config +### Create a custom Deployment Config CodeDeploy for Lambda comes with built-in configurations for traffic shifting. If you want to specify your own strategy, @@ -247,6 +250,7 @@ const deploymentGroup = new codedeploy.LambdaDeploymentGroup(stack, 'BlueGreenDe ``` You can specify a custom name for your deployment config, but if you do you will not be able to update the interval/percentage through CDK. + ```ts const config = new codedeploy.CustomLambdaDeploymentConfig(stack, 'CustomConfig', { type: codedeploy.CustomLambdaDeploymentConfigType.CANARY, @@ -255,7 +259,8 @@ const config = new codedeploy.CustomLambdaDeploymentConfig(stack, 'CustomConfig' deploymentConfigName: 'MyDeploymentConfig', }); ``` -#### Rollbacks and Alarms + +### Rollbacks and Alarms CodeDeploy will roll back if the deployment fails. You can optionally trigger a rollback when one or more alarms are in a failed state: @@ -283,7 +288,7 @@ deploymentGroup.addAlarm(new cloudwatch.Alarm(stack, 'BlueGreenErrors', { })); ``` -#### Pre and Post Hooks +### Pre and Post Hooks CodeDeploy allows you to run an arbitrary Lambda function before traffic shifting actually starts (PreTraffic Hook) and after it completes (PostTraffic Hook). With either hook, you have the opportunity to run logic that determines whether the deployment must succeed or fail. @@ -304,7 +309,7 @@ const deploymentGroup = new codedeploy.LambdaDeploymentGroup(stack, 'BlueGreenDe deploymentGroup.onPostHook(endToEndValidation); ``` -#### Import an existing Deployment Group +### Import an existing Deployment Group To import an already existing Deployment Group: diff --git a/packages/@aws-cdk/aws-codedeploy/package.json b/packages/@aws-cdk/aws-codedeploy/package.json index 23cf8b8f1242a..2214d3414ee72 100644 --- a/packages/@aws-cdk/aws-codedeploy/package.json +++ b/packages/@aws-cdk/aws-codedeploy/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeDeploy", diff --git a/packages/@aws-cdk/aws-codeguruprofiler/README.md b/packages/@aws-cdk/aws-codeguruprofiler/README.md index b4d97ceb8921b..3d7fb906f537e 100644 --- a/packages/@aws-cdk/aws-codeguruprofiler/README.md +++ b/packages/@aws-cdk/aws-codeguruprofiler/README.md @@ -1,21 +1,29 @@ -## AWS::CodeGuruProfiler Construct Library +# AWS::CodeGuruProfiler Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + Amazon CodeGuru Profiler collects runtime performance data from your live applications, and provides recommendations that can help you fine-tune your application performance. -### Installation +## Installation Import to your project: @@ -23,7 +31,7 @@ Import to your project: import * as codeguruprofiler from '@aws-cdk/aws-codeguruprofiler'; ``` -### Basic usage +## Basic usage Here's how to setup a profiling group and give your compute role permissions to publish to the profiling group to the profiling agent can publish profiling information: @@ -37,7 +45,7 @@ const profilingGroup = new ProfilingGroup(stack, 'MyProfilingGroup'); profilingGroup.grantPublish(publishAppRole); ``` -### Compute Platform configuration +## Compute Platform configuration Code Guru Profiler supports multiple compute environments. They can be configured when creating a Profiling Group by using the `computePlatform` property: diff --git a/packages/@aws-cdk/aws-codeguruprofiler/package.json b/packages/@aws-cdk/aws-codeguruprofiler/package.json index 835e78d5b9882..7a14730452868 100644 --- a/packages/@aws-cdk/aws-codeguruprofiler/package.json +++ b/packages/@aws-cdk/aws-codeguruprofiler/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeGuruProfiler", diff --git a/packages/@aws-cdk/aws-codegurureviewer/README.md b/packages/@aws-cdk/aws-codegurureviewer/README.md index cd8ce1a29a9cc..d0bfe0650fe69 100644 --- a/packages/@aws-cdk/aws-codegurureviewer/README.md +++ b/packages/@aws-cdk/aws-codegurureviewer/README.md @@ -1,12 +1,16 @@ -## AWS::CodeGuruReviewer Construct Library +# AWS::CodeGuruReviewer Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-codegurureviewer/package.json b/packages/@aws-cdk/aws-codegurureviewer/package.json index ab40869eed2a8..b41bb825eed97 100644 --- a/packages/@aws-cdk/aws-codegurureviewer/package.json +++ b/packages/@aws-cdk/aws-codegurureviewer/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeGuruReviewer", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/README.md b/packages/@aws-cdk/aws-codepipeline-actions/README.md index 12e2bfa5437cf..ac6db2b9fab00 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/README.md +++ b/packages/@aws-cdk/aws-codepipeline-actions/README.md @@ -1,15 +1,17 @@ -## AWS CodePipeline Actions +# AWS CodePipeline Actions + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This package contains Actions that can be used in a CodePipeline. -```typescript +```ts import * as codepipeline from '@aws-cdk/aws-codepipeline'; import * as codepipeline_actions from '@aws-cdk/aws-codepipeline-actions'; ``` @@ -57,7 +59,7 @@ const sourceAction = new codepipeline_actions.CodeCommitSourceAction({ The CodeCommit source action emits variables: -```typescript +```ts const sourceAction = new codepipeline_actions.CodeCommitSourceAction({ // ... variablesNamespace: 'MyNamespace', // optional - by default, a name will be generated for you @@ -83,15 +85,15 @@ If you want to use a GitHub repository as the source, you must create: with scopes **repo** and **admin:repo_hook**. * A [Secrets Manager Secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) with the value of the **GitHub Access Token**. Pick whatever name you want (for example `my-github-token`). - This token can be stored either as Plaintext or as a Secret key/value. - If you stored the token as Plaintext, - set `cdk.SecretValue.secretsManager('my-github-token')` as the value of `oauthToken`. - If you stored it as a Secret key/value, + This token can be stored either as Plaintext or as a Secret key/value. + If you stored the token as Plaintext, + set `cdk.SecretValue.secretsManager('my-github-token')` as the value of `oauthToken`. + If you stored it as a Secret key/value, you must set `cdk.SecretValue.secretsManager('my-github-token', { jsonField : 'my-github-token' })` as the value of `oauthToken`. To use GitHub as the source of a CodePipeline: -```typescript +```ts // Read the secret from Secrets Manager const sourceOutput = new codepipeline.Artifact(); const sourceAction = new codepipeline_actions.GitHubSourceAction({ @@ -110,7 +112,7 @@ pipeline.addStage({ The GitHub source action emits variables: -```typescript +```ts const sourceAction = new codepipeline_actions.GitHubSourceAction({ // ... variablesNamespace: 'MyNamespace', // optional - by default, a name will be generated for you @@ -144,7 +146,7 @@ to find it. After that, you can safely abort creating or editing the pipeline - the connection has already been created. -```typescript +```ts const sourceOutput = new codepipeline.Artifact(); const sourceAction = new codepipeline_actions.BitBucketSourceAction({ actionName: 'BitBucket_Source', @@ -159,7 +161,7 @@ const sourceAction = new codepipeline_actions.BitBucketSourceAction({ the above class `BitBucketSourceAction` is experimental - we reserve the right to make breaking changes to it. -### AWS S3 +### AWS S3 Source To use an S3 Bucket as a source in CodePipeline: @@ -205,7 +207,7 @@ otherwise, the CloudWatch Events will not be emitted, and your Pipeline will not react to changes in the Bucket. You can do it through the CDK: -```typescript +```ts import * as cloudtrail from '@aws-cdk/aws-cloudtrail'; const key = 'some/key.zip'; @@ -224,7 +226,7 @@ const sourceAction = new codepipeline_actions.S3SourceAction({ The S3 source action emits variables: -```typescript +```ts const sourceAction = new codepipeline_actions.S3SourceAction({ // ... variablesNamespace: 'MyNamespace', // optional - by default, a name will be generated for you @@ -265,7 +267,7 @@ pipeline.addStage({ The ECR source action emits variables: -```typescript +```ts const sourceAction = new codepipeline_actions.EcrSourceAction({ // ... variablesNamespace: 'MyNamespace', // optional - by default, a name will be generated for you @@ -289,7 +291,7 @@ new codepipeline_actions.CodeBuildAction({ Example of a CodeBuild Project used in a Pipeline, alongside CodeCommit: -```typescript +```ts import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codecommit from '@aws-cdk/aws-codecommit'; @@ -309,6 +311,7 @@ const buildAction = new codepipeline_actions.CodeBuildAction({ project, input: sourceOutput, outputs: [new codepipeline.Artifact()], // optional + executeBatchBuild: true // optional, defaults to false }); new codepipeline.Pipeline(this, 'MyPipeline', { @@ -329,7 +332,7 @@ The default category of the CodeBuild Action is `Build`; if you want a `Test` Action instead, override the `type` property: -```typescript +```ts const testAction = new codepipeline_actions.CodeBuildAction({ actionName: 'IntegrationTest', project, @@ -420,7 +423,7 @@ but dynamic, defined in the buildspec, in the 'exported-variables' subsection of the 'env' section. Example: -```typescript +```ts const buildAction = new codepipeline_actions.CodeBuildAction({ actionName: 'Build1', input: sourceOutput, @@ -510,7 +513,7 @@ directly from a CodeCommit repository, with a manual approval step in between to See [the AWS documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline.html) for more details about using CloudFormation in CodePipeline. -##### Actions defined by this package +#### Actions defined by this package This package defines the following actions: @@ -523,7 +526,7 @@ This package defines the following actions: changes from the people (or system) applying the changes. * **CloudFormationExecuteChangeSetAction** - Execute a change set prepared previously. -##### Lambda deployed through CodePipeline +#### Lambda deployed through CodePipeline If you want to deploy your Lambda through CodePipeline, and you don't use assets (for example, because your CDK code and Lambda code are separate), @@ -539,7 +542,7 @@ using a CloudFormation CodePipeline Action. Example: If you want to update stacks in a different account, pass the `account` property when creating the action: -```typescript +```ts new codepipeline_actions.CloudFormationCreateUpdateStackAction({ // ... account: '123456789012', @@ -554,7 +557,7 @@ You can also pass a role explicitly when creating the action - in that case, the `account` property is ignored, and the action will operate in the same account the role belongs to: -```typescript +```ts import { PhysicalName } from '@aws-cdk/core'; // in stack for account 123456789012... @@ -601,7 +604,7 @@ pipeline.addStage({ To use CodeDeploy for blue-green Lambda deployments in a Pipeline: -```typescript +```ts const lambdaCode = lambda.Code.fromCfnParameters(); const func = new lambda.Function(lambdaStack, 'Lambda', { code: lambdaCode, @@ -631,7 +634,7 @@ and deploy the `lambdaStack` using a CloudFormation CodePipeline Action CodePipeline can deploy an ECS service. The deploy Action receives one input Artifact which contains the [image definition file]: -```typescript +```ts const deployStage = pipeline.addStage({ stageName: 'Deploy', actions: [ @@ -654,7 +657,7 @@ const deployStage = pipeline.addStage({ [image definition file]: https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-create.html#pipelines-create-image-definitions -### AWS S3 +### AWS S3 Deployment To use an S3 Bucket as a deployment target in CodePipeline: @@ -754,7 +757,7 @@ new codepipeline.Pipeline(this, 'Pipeline', { This package contains an Action that stops the Pipeline until someone manually clicks the approve button: -```typescript +```ts const manualApprovalAction = new codepipeline_actions.ManualApprovalAction({ actionName: 'Approve', notificationTopic: new sns.Topic(this, 'Topic'), // optional @@ -794,7 +797,7 @@ pipeline.addStage({ The Lambda Action can have up to 5 inputs, and up to 5 outputs: -```typescript +```ts const lambdaAction = new codepipeline_actions.LambdaInvokeAction({ actionName: 'Lambda', @@ -816,7 +819,7 @@ but dynamic, defined by the function calling the `PutJobSuccessResult` API with the `outputVariables` property filled with the map of variables Example: -```typescript +```ts import * as lambda from '@aws-cdk/aws-lambda'; const lambdaInvokeAction = new codepipeline_actions.LambdaInvokeAction({ diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts index cedc1db5ca90b..e81095b746eee 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts @@ -77,6 +77,13 @@ export interface CodeBuildActionProps extends codepipeline.CommonAwsActionProps * @default - No additional environment variables are specified. */ readonly environmentVariables?: { [name: string]: codebuild.BuildEnvironmentVariable }; + + /** + * Trigger a batch build. + * + * @default false + */ + readonly executeBatchBuild?: boolean; } /** @@ -176,6 +183,9 @@ export class CodeBuildAction extends Action { // lazy, because the Artifact name might be generated lazily configuration.PrimarySource = cdk.Lazy.string({ produce: () => this.props.input.artifactName }); } + if (this.props.executeBatchBuild) { + configuration.BatchEnabled = 'true'; + } return { configuration, }; diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/stepfunctions/invoke-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/stepfunctions/invoke-action.ts index 8d8ff55a69334..ae05cd093892f 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/stepfunctions/invoke-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/stepfunctions/invoke-action.ts @@ -135,7 +135,7 @@ export class StepFunctionInvokeAction extends Action { resources: [cdk.Stack.of(this.props.stateMachine).formatArn({ service: 'states', resource: 'execution', - resourceName: `${this.props.stateMachine.stateMachineArn}:${this.props.executionNamePrefix ?? ''}*`, + resourceName: `${cdk.Stack.of(this.props.stateMachine).parseArn(this.props.stateMachine.stateMachineArn, ':').resourceName}:${this.props.executionNamePrefix ?? ''}*`, sep: ':', })], })); diff --git a/packages/@aws-cdk/aws-codepipeline-actions/package.json b/packages/@aws-cdk/aws-codepipeline-actions/package.json index 6cf31932d7c31..bb959f76910bb 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/package.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "nyc": { "statements": 70 diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/codebuild/test.codebuild-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/codebuild/test.codebuild-action.ts index 3dc54909d8f53..f5d5abaeb4934 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/codebuild/test.codebuild-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/codebuild/test.codebuild-action.ts @@ -202,5 +202,60 @@ export = { test.done(); }, + + 'sets the BatchEnabled configuration'(test: Test) { + const stack = new Stack(); + + const codeBuildProject = new codebuild.PipelineProject(stack, 'CodeBuild'); + + const sourceOutput = new codepipeline.Artifact(); + new codepipeline.Pipeline(stack, 'Pipeline', { + stages: [ + { + stageName: 'Source', + actions: [ + new cpactions.S3SourceAction({ + actionName: 'S3_Source', + bucket: new s3.Bucket(stack, 'Bucket'), + bucketKey: 'key', + output: sourceOutput, + }), + ], + }, + { + stageName: 'Build', + actions: [ + new cpactions.CodeBuildAction({ + actionName: 'CodeBuild', + input: sourceOutput, + project: codeBuildProject, + executeBatchBuild: true, + }), + ], + }, + ], + }); + + expect(stack).to(haveResourceLike('AWS::CodePipeline::Pipeline', { + 'Stages': [ + { + 'Name': 'Source', + }, + { + 'Name': 'Build', + 'Actions': [ + { + 'Name': 'CodeBuild', + 'Configuration': { + 'BatchEnabled': 'true', + }, + }, + ], + }, + ], + })); + + test.done(); + }, }, }; diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.expected.json index c56170c78f20d..2d7df75522359 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-stepfunctions.expected.json @@ -559,7 +559,17 @@ }, ":execution:", { - "Ref": "SimpleStateMachineE8E2CF40" + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "SimpleStateMachineE8E2CF40" + } + ] + } + ] }, ":*" ] diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/stepfunctions/test.stepfunctions-invoke-actions.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/stepfunctions/test.stepfunctions-invoke-actions.ts index 752285231087a..af9bf28b90640 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/stepfunctions/test.stepfunctions-invoke-actions.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/stepfunctions/test.stepfunctions-invoke-actions.ts @@ -86,6 +86,63 @@ export = { test.done(); }, + + 'Allows the pipeline to describe this stepfunction execution'(test: Test) { + const stack = new Stack(); + + minimalPipeline(stack); + + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + {}, + { + Action: 'states:DescribeExecution', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':execution:', + { + 'Fn::Select': [ + 6, + { + 'Fn::Split': [ + ':', + { + Ref: 'SimpleStateMachineE8E2CF40', + }, + ], + }, + ], + }, + ':*', + ], + ], + }, + Effect: 'Allow', + }, + ], + }, + })); + + expect(stack).to(haveResourceLike('AWS::IAM::Role')); + + test.done(); + }, + }, }; diff --git a/packages/@aws-cdk/aws-codepipeline/README.md b/packages/@aws-cdk/aws-codepipeline/README.md index e32f07f486c0f..6a1731b614131 100644 --- a/packages/@aws-cdk/aws-codepipeline/README.md +++ b/packages/@aws-cdk/aws-codepipeline/README.md @@ -1,5 +1,6 @@ -## AWS CodePipeline Construct Library +# AWS CodePipeline Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,9 +8,10 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + -### Pipeline +## Pipeline To construct an empty Pipeline: @@ -43,11 +45,11 @@ const pipeline = new codepipeline.Pipeline(this, 'MyFirstPipeline', { }); ``` -### Stages +## Stages You can provide Stages when creating the Pipeline: -```typescript +```ts const pipeline = new codepipeline.Pipeline(this, 'MyFirstPipeline', { stages: [ { @@ -84,7 +86,7 @@ const someStage = pipeline.addStage({ }); ``` -### Actions +## Actions Actions live in a separate package, `@aws-cdk/aws-codepipeline-actions`. @@ -96,7 +98,7 @@ or you can use the `IStage.addAction()` method to mutate an existing Stage: sourceStage.addAction(someAction); ``` -### Cross-account CodePipelines +## Cross-account CodePipelines > Cross-account Pipeline actions require that the Pipeline has *not* been > created with `crossAccountKeys: false`. @@ -115,7 +117,7 @@ These resources can be in different accounts than the pipeline itself. For example, the following action deploys to an imported S3 bucket from a different account: -```typescript +```ts stage.addAction(new codepipeline_actions.S3DeployAction({ bucket: s3.Bucket.fromBucketAttributes(this, 'Bucket', { account: '123456789012', @@ -127,7 +129,7 @@ stage.addAction(new codepipeline_actions.S3DeployAction({ Actions that don't accept a resource object accept an explicit `account` parameter: -```typescript +```ts stage.addAction(new codepipeline_actions.CloudFormationCreateUpdateStackAction({ account: '123456789012', // ... @@ -151,13 +153,13 @@ stage.addAction(new codepipeline_actions.CloudFormationCreateUpdateStackAction({ })); ``` -### Cross-region CodePipelines +## Cross-region CodePipelines Similar to how you set up a cross-account Action, the AWS resource object you pass to actions can also be in different *Regions*. For example, the following Action deploys to an imported S3 bucket from a different Region: -```typescript +```ts stage.addAction(new codepipeline_actions.S3DeployAction({ bucket: s3.Bucket.fromBucketAttributes(this, 'Bucket', { region: 'us-west-1', @@ -170,7 +172,7 @@ stage.addAction(new codepipeline_actions.S3DeployAction({ Actions that don't take an AWS resource will accept an explicit `region` parameter: -```typescript +```ts stage.addAction(new codepipeline_actions.CloudFormationCreateUpdateStackAction({ // ... region: 'us-west-1', @@ -207,12 +209,12 @@ const pipeline = new codepipeline.Pipeline(this, 'MyFirstPipeline', { /* ... */ See [the AWS docs here](https://docs.aws.amazon.com/codepipeline/latest/userguide/actions-create-cross-region.html) for more information on cross-region CodePipelines. -#### Creating an encrypted replication bucket +### Creating an encrypted replication bucket If you're passing a replication bucket created in a different stack, like this: -```typescript +```ts const replicationStack = new Stack(app, 'ReplicationStack', { env: { region: 'us-west-1', @@ -241,7 +243,7 @@ and so you can't reference them across environments. In this case, you need to use an alias in place of the key when creating the bucket: -```typescript +```ts const key = new kms.Key(replicationStack, 'ReplicationKey'); const alias = new kms.Alias(replicationStack, 'ReplicationAlias', { // aliasName is required @@ -254,7 +256,7 @@ const replicationBucket = new s3.Bucket(replicationStack, 'ReplicationBucket', { }); ``` -### Variables +## Variables The library supports the CodePipeline Variables feature. Each action class that emits variables has a separate variables interface, @@ -265,7 +267,7 @@ you access the appropriate property of the interface returned from `variables`, which represents a single variable. Example: -```typescript +```ts // MyAction is some action type that produces variables const myAction = new MyAction({ // ... @@ -280,7 +282,7 @@ The namespace name that will be used will be automatically generated by the pipe based on the stage and action name; you can pass a custom name when creating the action instance: -```typescript +```ts const myAction = new MyAction({ // ... variablesNamespace: 'MyNamespace', @@ -291,7 +293,7 @@ There are also global variables available, not tied to any action; these are accessed through static properties of the `GlobalVariables` class: -```typescript +```ts new OtherAction({ // ... config: codepipeline.GlobalVariables.executionId, @@ -304,9 +306,9 @@ for details on how to use the variables for each action class. See the [CodePipeline documentation](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html) for more details on how to use the variables feature. -### Events +## Events -#### Using a pipeline as an event target +### Using a pipeline as an event target A pipeline can be used as a target for a CloudWatch event rule: @@ -326,7 +328,7 @@ When a pipeline is used as an event target, the "codepipeline:StartPipelineExecution" permission is granted to the AWS CloudWatch Events service. -#### Event sources +### Event sources Pipelines emit CloudWatch events. To define event rules for events emitted by the pipeline, stages or action, use the `onXxx` methods on the respective diff --git a/packages/@aws-cdk/aws-codepipeline/package.json b/packages/@aws-cdk/aws-codepipeline/package.json index 343c87745cfc5..c5cd1428b32ad 100644 --- a/packages/@aws-cdk/aws-codepipeline/package.json +++ b/packages/@aws-cdk/aws-codepipeline/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodePipeline", diff --git a/packages/@aws-cdk/aws-codestar/README.md b/packages/@aws-cdk/aws-codestar/README.md index 87c1685ad6ffd..e9c6ec2e4bf75 100644 --- a/packages/@aws-cdk/aws-codestar/README.md +++ b/packages/@aws-cdk/aws-codestar/README.md @@ -1,16 +1,24 @@ -## AWS::CodeStar Construct Library +# AWS::CodeStar Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ## GitHub Repository diff --git a/packages/@aws-cdk/aws-codestar/package.json b/packages/@aws-cdk/aws-codestar/package.json index 760a231f1b03b..81e22a59fa6d6 100644 --- a/packages/@aws-cdk/aws-codestar/package.json +++ b/packages/@aws-cdk/aws-codestar/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeStar", diff --git a/packages/@aws-cdk/aws-codestarconnections/README.md b/packages/@aws-cdk/aws-codestarconnections/README.md index 0f231a3fbfceb..5f6e7e73fc163 100644 --- a/packages/@aws-cdk/aws-codestarconnections/README.md +++ b/packages/@aws-cdk/aws-codestarconnections/README.md @@ -1,12 +1,16 @@ -## AWS::CodeStarConnections Construct Library +# AWS::CodeStarConnections Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-codestarconnections/package.json b/packages/@aws-cdk/aws-codestarconnections/package.json index 872b1eef71c7a..6f2bcef93d1de 100644 --- a/packages/@aws-cdk/aws-codestarconnections/package.json +++ b/packages/@aws-cdk/aws-codestarconnections/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeStarConnections", diff --git a/packages/@aws-cdk/aws-codestarnotifications/README.md b/packages/@aws-cdk/aws-codestarnotifications/README.md index 9352d8f188b7c..cc63ebe8ecd28 100644 --- a/packages/@aws-cdk/aws-codestarnotifications/README.md +++ b/packages/@aws-cdk/aws-codestarnotifications/README.md @@ -1,12 +1,16 @@ -## AWS::CodeStarNotifications Construct Library +# AWS::CodeStarNotifications Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-codestarnotifications/package.json b/packages/@aws-cdk/aws-codestarnotifications/package.json index 2e66c6d5cfc88..6175bb8240cfc 100644 --- a/packages/@aws-cdk/aws-codestarnotifications/package.json +++ b/packages/@aws-cdk/aws-codestarnotifications/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CodeStarNotifications", diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md index 881db02148556..f139f9e7b55bc 100644 --- a/packages/@aws-cdk/aws-cognito/README.md +++ b/packages/@aws-cdk/aws-cognito/README.md @@ -1,18 +1,26 @@ -## Amazon Cognito Construct Library +# Amazon Cognito Construct Library + --- -| Features | Stability | -| --- | --- | -| CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for User Pools | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for Identity Pools | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) | +Features | Stability +-------------------------------------------|-------------------------------------------------------- +CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for User Pools | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for Identity Pools | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) + +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. + -> **Stable:** Higher level constructs in this module that are marked stable will not undergo any breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any +> breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. --- + [Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html) provides @@ -113,10 +121,10 @@ here](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-poo Users registering or signing in into your application can do so with multiple identifiers. There are 4 options available: -* `username`: Allow signing in using the one time immutable user name that the user chose at the time of sign up. -* `email`: Allow signing in using the email address that is associated with the account. -* `phone`: Allow signing in using the phone number that is associated with the account. -* `preferredUsername`: Allow signing in with an alternate user name that the user can change at any time. However, this +- `username`: Allow signing in using the one time immutable user name that the user chose at the time of sign up. +- `email`: Allow signing in using the email address that is associated with the account. +- `phone`: Allow signing in using the phone number that is associated with the account. +- `preferredUsername`: Allow signing in with an alternate user name that the user can change at any time. However, this is not available if the `username` option is not chosen. The following code sets up a user pool so that the user can sign in with either their username or their email address - @@ -407,9 +415,9 @@ Party](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-po The following third-party identity providers are currently supported in the CDK - -* [Login With Amazon](https://developer.amazon.com/apps-and-games/login-with-amazon) -* [Facebook Login](https://developers.facebook.com/docs/facebook-login/) -* [Google Login](https://developers.google.com/identity/sign-in/web/sign-in) +- [Login With Amazon](https://developer.amazon.com/apps-and-games/login-with-amazon) +- [Facebook Login](https://developers.facebook.com/docs/facebook-login/) +- [Google Login](https://developers.google.com/identity/sign-in/web/sign-in) The following code configures a user pool to federate with the third party provider, 'Login with Amazon'. The identity provider needs to be configured with a set of credentials that the Cognito backend can use to federate with the @@ -550,6 +558,20 @@ pool.addClient('app-client', { }); ``` +In accordance with the OIDC open standard, Cognito user pool clients provide access tokens, ID tokens and refresh tokens. +More information is available at [Using Tokens with User Pools](https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html). +The expiration time for these tokens can be configured as shown below. + +```ts +const pool = new cognito.UserPool(this, 'Pool'); +pool.addClient('app-client', { + // ... + accessTokenValidity: Duration.minutes(60), + idTokenValidity: Duration.minutes(60), + refreshTokenValidity: Duration.days(30), +}); +``` + ### Resource Servers A resource server is a server for access-protected resources. It handles authenticated requests from an app that has an diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts index 34e6f13f75cae..d8c8ae2d946bf 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts @@ -1,4 +1,4 @@ -import { IResource, Resource } from '@aws-cdk/core'; +import { IResource, Resource, Duration } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnUserPoolClient } from './cognito.generated'; import { IUserPool } from './user-pool'; @@ -248,6 +248,30 @@ export interface UserPoolClientOptions { * registered with the user pool using the `UserPool.registerIdentityProvider()` API. */ readonly supportedIdentityProviders?: UserPoolClientIdentityProvider[]; + + /** + * Validity of the ID token. + * Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity. + * @see https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-id-token + * @default Duration.minutes(60) + */ + readonly idTokenValidity?: Duration; + + /** + * Validity of the refresh token. + * Values between 60 minutes and 10 years are valid. + * @see https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-refresh-token + * @default Duration.days(30) + */ + readonly refreshTokenValidity?: Duration; + + /** + * Validity of the access token. + * Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity. + * @see https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-access-token + * @default Duration.minutes(60) + */ + readonly accessTokenValidity?: Duration; } /** @@ -335,6 +359,7 @@ export class UserPoolClient extends Resource implements IUserPoolClient { preventUserExistenceErrors: this.configurePreventUserExistenceErrors(props.preventUserExistenceErrors), supportedIdentityProviders: this.configureIdentityProviders(props), }); + this.configureTokenValidity(resource, props); this.userPoolClientId = resource.ref; this._userPoolClientName = props.userPoolClientName; @@ -416,4 +441,33 @@ export class UserPoolClient extends Resource implements IUserPoolClient { if (providers.length === 0) { return undefined; } return Array.from(providers); } + + private configureTokenValidity(resource: CfnUserPoolClient, props: UserPoolClientProps) { + this.validateDuration('idTokenValidity', Duration.minutes(5), Duration.days(1), props.idTokenValidity); + this.validateDuration('accessTokenValidity', Duration.minutes(5), Duration.days(1), props.accessTokenValidity); + this.validateDuration('refreshTokenValidity', Duration.minutes(60), Duration.days(10 * 365), props.refreshTokenValidity); + if (props.refreshTokenValidity) { + this.validateDuration('idTokenValidity', Duration.minutes(5), props.refreshTokenValidity, props.idTokenValidity); + this.validateDuration('accessTokenValidity', Duration.minutes(5), props.refreshTokenValidity, props.accessTokenValidity); + } + + if (props.accessTokenValidity || props.idTokenValidity || props.refreshTokenValidity) { + resource.tokenValidityUnits = { + idToken: props.idTokenValidity ? 'minutes' : undefined, + accessToken: props.accessTokenValidity ? 'minutes' : undefined, + refreshToken: props.refreshTokenValidity ? 'minutes' : undefined, + }; + }; + + resource.idTokenValidity = props.idTokenValidity ? props.idTokenValidity.toMinutes() : undefined; + resource.refreshTokenValidity = props.refreshTokenValidity ? props.refreshTokenValidity.toMinutes() : undefined; + resource.accessTokenValidity = props.accessTokenValidity ? props.accessTokenValidity.toMinutes() : undefined; + } + + private validateDuration(name: string, min: Duration, max: Duration, value?: Duration) { + if (value === undefined) { return; } + if (value.toMilliseconds() < min.toMilliseconds() || value.toMilliseconds() > max.toMilliseconds()) { + throw new Error(`${name}: Must be a duration between ${min.toHumanString()} and ${max.toHumanString()} (inclusive); received ${value.toHumanString()}.`); + } + } } diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts index 3730c7c97a301..960d14bb8b426 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts @@ -34,7 +34,7 @@ export interface SignInAliases { readonly phone?: boolean; /** - * Whether a user is allowed to ign in with a secondary username, that can be set and modified after sign up. + * Whether a user is allowed to sign in with a secondary username, that can be set and modified after sign up. * Can only be used in conjunction with `USERNAME`. * @default false */ diff --git a/packages/@aws-cdk/aws-cognito/package.json b/packages/@aws-cdk/aws-cognito/package.json index 137a8335d8300..a258cec6a5828 100644 --- a/packages/@aws-cdk/aws-cognito/package.json +++ b/packages/@aws-cdk/aws-cognito/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Cognito", @@ -88,7 +89,6 @@ "@aws-cdk/custom-resources": "0.0.0", "constructs": "^3.2.0", "punycode": "^2.1.1" - }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts index 93c8937dba68b..1f961616b095b 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts @@ -1,6 +1,6 @@ import { ABSENT } from '@aws-cdk/assert'; import '@aws-cdk/assert/jest'; -import { Stack } from '@aws-cdk/core'; +import { Stack, Duration } from '@aws-cdk/core'; import { OAuthScope, ResourceServerScope, UserPool, UserPoolClient, UserPoolClientIdentityProvider, UserPoolIdentityProvider } from '../lib'; describe('User Pool Client', () => { @@ -540,4 +540,291 @@ describe('User Pool Client', () => { }, })).toThrow(/disableOAuth is set/); }); + + describe('token validity', () => { + test('default', () => { + // GIVEN + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + accessTokenValidity: Duration.minutes(60), + idTokenValidity: Duration.minutes(60), + refreshTokenValidity: Duration.days(30), + }); + pool.addClient('Client2', { + userPoolClientName: 'Client2', + accessTokenValidity: Duration.minutes(60), + }); + pool.addClient('Client3', { + userPoolClientName: 'Client3', + idTokenValidity: Duration.minutes(60), + }); + pool.addClient('Client4', { + userPoolClientName: 'Client4', + refreshTokenValidity: Duration.days(30), + }); + pool.addClient('Client5', { + userPoolClientName: 'Client5', + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + AccessTokenValidity: 60, + IdTokenValidity: 60, + RefreshTokenValidity: 43200, + TokenValidityUnits: { + AccessToken: 'minutes', + IdToken: 'minutes', + RefreshToken: 'minutes', + }, + }); + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client2', + AccessTokenValidity: 60, + IdTokenValidity: ABSENT, + RefreshTokenValidity: ABSENT, + TokenValidityUnits: { + AccessToken: 'minutes', + IdToken: ABSENT, + RefreshToken: ABSENT, + }, + }); + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client3', + AccessTokenValidity: ABSENT, + IdTokenValidity: 60, + RefreshTokenValidity: ABSENT, + TokenValidityUnits: { + AccessToken: ABSENT, + IdToken: 'minutes', + RefreshToken: ABSENT, + }, + }); + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client4', + AccessTokenValidity: ABSENT, + IdTokenValidity: ABSENT, + RefreshTokenValidity: 43200, + TokenValidityUnits: { + AccessToken: ABSENT, + IdToken: ABSENT, + RefreshToken: 'minutes', + }, + }); + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client5', + TokenValidityUnits: ABSENT, + IdTokenValidity: ABSENT, + RefreshTokenValidity: ABSENT, + AccessTokenValidity: ABSENT, + }); + }); + + test.each([ + Duration.minutes(0), + Duration.minutes(4), + Duration.days(1).plus(Duration.minutes(1)), + Duration.days(2), + ])('validates accessTokenValidity is a duration between 5 minutes and 1 day', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + expect(() => { + pool.addClient('Client1', { + userPoolClientName: 'Client1', + accessTokenValidity: validity, + }); + }).toThrow(`accessTokenValidity: Must be a duration between 5 minutes and 1 day (inclusive); received ${validity.toHumanString()}.`); + }); + + test.each([ + Duration.minutes(0), + Duration.minutes(4), + Duration.days(1).plus(Duration.minutes(1)), + Duration.days(2), + ])('validates idTokenValidity is a duration between 5 minutes and 1 day', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + expect(() => { + pool.addClient('Client1', { + userPoolClientName: 'Client1', + idTokenValidity: validity, + }); + }).toThrow(`idTokenValidity: Must be a duration between 5 minutes and 1 day (inclusive); received ${validity.toHumanString()}.`); + }); + + test.each([ + Duration.hours(1).plus(Duration.minutes(1)), + Duration.hours(12), + Duration.days(1), + ])('validates accessTokenValidity is not greater than refresh token expiration', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + expect(() => { + pool.addClient('Client1', { + userPoolClientName: 'Client1', + accessTokenValidity: validity, + refreshTokenValidity: Duration.hours(1), + }); + }).toThrow(`accessTokenValidity: Must be a duration between 5 minutes and 60 minutes (inclusive); received ${validity.toHumanString()}.`); + }); + + test.each([ + Duration.hours(1).plus(Duration.minutes(1)), + Duration.hours(12), + Duration.days(1), + ])('validates idTokenValidity is not greater than refresh token expiration', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + expect(() => { + pool.addClient('Client1', { + userPoolClientName: 'Client1', + idTokenValidity: validity, + refreshTokenValidity: Duration.hours(1), + }); + }).toThrow(`idTokenValidity: Must be a duration between 5 minutes and 60 minutes (inclusive); received ${validity.toHumanString()}.`); + }); + + test.each([ + Duration.minutes(0), + Duration.minutes(59), + Duration.days(10 * 365).plus(Duration.minutes(1)), + Duration.days(10 * 365 + 1), + ])('validates refreshTokenValidity is a duration between 60 minutes and 10 years', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + expect(() => { + pool.addClient('Client1', { + userPoolClientName: 'Client1', + refreshTokenValidity: validity, + }); + }).toThrow(`refreshTokenValidity: Must be a duration between 60 minutes and 3650 days (inclusive); received ${validity.toHumanString()}.`); + }); + + test.each([ + Duration.minutes(5), + Duration.minutes(60), + Duration.days(1), + ])('validates accessTokenValidity is a duration between 5 minutes and 1 day (valid)', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + accessTokenValidity: validity, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + AccessTokenValidity: validity.toMinutes(), + TokenValidityUnits: { + AccessToken: 'minutes', + }, + }); + }); + + test.each([ + Duration.minutes(5), + Duration.minutes(60), + Duration.days(1), + ])('validates idTokenValidity is a duration between 5 minutes and 1 day (valid)', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + idTokenValidity: validity, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + IdTokenValidity: validity.toMinutes(), + TokenValidityUnits: { + IdToken: 'minutes', + }, + }); + }); + + test.each([ + Duration.minutes(60), + Duration.minutes(120), + Duration.days(365), + Duration.days(10 * 365), + ])('validates refreshTokenValidity is a duration between 60 minutes and 10 years (valid)', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + refreshTokenValidity: validity, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + RefreshTokenValidity: validity.toMinutes(), + TokenValidityUnits: { + RefreshToken: 'minutes', + }, + }); + }); + + test.each([ + Duration.minutes(5), + Duration.minutes(60), + Duration.hours(1), + ])('validates accessTokenValidity is not greater than refresh token expiration (valid)', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + accessTokenValidity: validity, + refreshTokenValidity: Duration.hours(1), + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + AccessTokenValidity: validity.toMinutes(), + TokenValidityUnits: { + AccessToken: 'minutes', + }, + }); + }); + + test.each([ + Duration.minutes(5), + Duration.minutes(60), + Duration.hours(1), + ])('validates idTokenValidity is not greater than refresh token expiration (valid)', (validity) => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + + // WHEN + pool.addClient('Client1', { + userPoolClientName: 'Client1', + idTokenValidity: validity, + refreshTokenValidity: Duration.hours(1), + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Cognito::UserPoolClient', { + ClientName: 'Client1', + IdTokenValidity: validity.toMinutes(), + TokenValidityUnits: { + IdToken: 'minutes', + }, + }); + }); + }); }); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-config/README.md b/packages/@aws-cdk/aws-config/README.md index 50aec9900ce8a..3d3e24f361549 100644 --- a/packages/@aws-cdk/aws-config/README.md +++ b/packages/@aws-cdk/aws-config/README.md @@ -1,18 +1,26 @@ -## AWS Config Construct Library +# AWS Config Construct Library + --- -| Features | Stability | -| --- | --- | -| CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for Config Rules | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for initial set-up (delivery channel & configuration recorder) | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) | +Features | Stability +---------------------------------------------------------------------------------------|------------ +CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for Config Rules | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for initial set-up (delivery channel & configuration recorder) | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) + +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. + -> **Stable:** Higher level constructs in this module that are marked stable will not undergo any breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any +> breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. --- + [AWS Config](https://docs.aws.amazon.com/config/latest/developerguide/WhatIsConfig.html) provides a detailed view of the configuration of AWS resources in your AWS account. @@ -21,7 +29,7 @@ past so that you can see how the configurations and relationships change over ti This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Initial Setup +## Initial Setup Before using the constructs provided in this module, you need to set up AWS Config in the region in which it will be used. This setup includes the one-time creation of the @@ -35,14 +43,14 @@ The following guides provide the steps for getting started with AWS Config: - [Using the AWS Console](https://docs.aws.amazon.com/config/latest/developerguide/gs-console.html) - [Using the AWS CLI](https://docs.aws.amazon.com/config/latest/developerguide/gs-cli.html) -### Rules +## Rules AWS Config can evaluate the configuration settings of your AWS resources by creating AWS Config rules, which represent your ideal configuration settings. See [Evaluating Resources with AWS Config Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) to learn more about AWS Config rules. -#### AWS Managed Rules +### AWS Managed Rules AWS Config provides AWS managed rules, which are predefined, customizable rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices. @@ -69,7 +77,7 @@ You can find supported input parameters in the [List of AWS Config Managed Rules The following higher level constructs for AWS managed rules are available. -##### Access Key rotation +#### Access Key rotation Checks whether your active access keys are rotated within the number of days specified. @@ -81,7 +89,7 @@ import * as cdk from '@aws-cdk/aws-cdk'; new config.AccessKeysRotated(this, 'AccessKeyRotated'); ``` -##### CloudFormation Stack drift detection +#### CloudFormation Stack drift detection Checks whether your CloudFormation stack's actual configuration differs, or has drifted, from it's expected configuration. @@ -97,7 +105,7 @@ new config.CloudFormationStackDriftDetectionCheck(stack, 'Drift', { }); ``` -##### CloudFormation Stack notifications +#### CloudFormation Stack notifications Checks whether your CloudFormation stacks are sending event notifications to a SNS topic. @@ -115,13 +123,13 @@ new config.CloudFormationStackNotificationCheck(this, 'NotificationCheck', { }) ``` -#### Custom rules +### Custom rules You can develop custom rules and add them to AWS Config. You associate each custom rule with an AWS Lambda function, which contains the logic that evaluates whether your AWS resources comply with the rule. -#### Triggers +### Triggers AWS Lambda executes functions in response to events that are published by AWS Services. The function for a custom Config rule receives an event that is published by AWS Config, @@ -149,7 +157,7 @@ The AWS documentation has examples of Lambda functions for evaluations that are [triggered by configuration changes](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules_nodejs-sample.html#event-based-example-rule) and [triggered periodically](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules_nodejs-sample.html#periodic-example-rule) -#### Scope +### Scope By default rules are triggered by changes to all [resources](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources). @@ -177,7 +185,7 @@ const tagRule = new config.CustomRule(this, 'CostCenterTagRule', { }); ``` -#### Events +### Events You can define Amazon EventBridge event rules which trigger when a compliance check fails or when a rule is re-evaluated. @@ -214,7 +222,7 @@ rule.onReEvaluationStatus('ReEvaluationEvent', { }) ``` -#### Example +### Example The following example creates a custom rule that evaluates whether EC2 instances are compliant. Compliance events are published to an SNS topic. diff --git a/packages/@aws-cdk/aws-config/package.json b/packages/@aws-cdk/aws-config/package.json index f0a2b099aeb38..b804ca3107272 100644 --- a/packages/@aws-cdk/aws-config/package.json +++ b/packages/@aws-cdk/aws-config/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Config", diff --git a/packages/@aws-cdk/aws-databrew/README.md b/packages/@aws-cdk/aws-databrew/README.md index d3ad1b0618ed8..66ed60292f316 100644 --- a/packages/@aws-cdk/aws-databrew/README.md +++ b/packages/@aws-cdk/aws-databrew/README.md @@ -1,12 +1,16 @@ -## AWS::DataBrew Construct Library +# AWS::DataBrew Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-databrew/package.json b/packages/@aws-cdk/aws-databrew/package.json index 4fe82b685a9fc..206ef596eddc4 100644 --- a/packages/@aws-cdk/aws-databrew/package.json +++ b/packages/@aws-cdk/aws-databrew/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DataBrew", diff --git a/packages/@aws-cdk/aws-datapipeline/README.md b/packages/@aws-cdk/aws-datapipeline/README.md index e0dfce4b998fd..6f0564d8a12aa 100644 --- a/packages/@aws-cdk/aws-datapipeline/README.md +++ b/packages/@aws-cdk/aws-datapipeline/README.md @@ -1,12 +1,16 @@ -## AWS Data Pipeline Construct Library +# AWS Data Pipeline Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-datapipeline/package.json b/packages/@aws-cdk/aws-datapipeline/package.json index 2616e75f0ae50..1d06793bc468d 100644 --- a/packages/@aws-cdk/aws-datapipeline/package.json +++ b/packages/@aws-cdk/aws-datapipeline/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DataPipeline", diff --git a/packages/@aws-cdk/aws-dax/README.md b/packages/@aws-cdk/aws-dax/README.md index 9bb7cb14d9e86..5b0287374de26 100644 --- a/packages/@aws-cdk/aws-dax/README.md +++ b/packages/@aws-cdk/aws-dax/README.md @@ -1,12 +1,16 @@ -## Amazon DynamoDB Accelerator Construct Library +# Amazon DynamoDB Accelerator Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-dax/package.json b/packages/@aws-cdk/aws-dax/package.json index ff9f670d9342d..fda4919536bda 100644 --- a/packages/@aws-cdk/aws-dax/package.json +++ b/packages/@aws-cdk/aws-dax/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DAX", diff --git a/packages/@aws-cdk/aws-detective/README.md b/packages/@aws-cdk/aws-detective/README.md index e8381d86bdf35..af4fca54d905d 100644 --- a/packages/@aws-cdk/aws-detective/README.md +++ b/packages/@aws-cdk/aws-detective/README.md @@ -1,12 +1,16 @@ -## AWS::Detective Construct Library +# AWS::Detective Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-detective/package.json b/packages/@aws-cdk/aws-detective/package.json index fce28548ba5ff..4ba81cd9cfe6d 100644 --- a/packages/@aws-cdk/aws-detective/package.json +++ b/packages/@aws-cdk/aws-detective/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Detective", diff --git a/packages/@aws-cdk/aws-directoryservice/README.md b/packages/@aws-cdk/aws-directoryservice/README.md index 7375c912fc652..5e7a656ebb37d 100644 --- a/packages/@aws-cdk/aws-directoryservice/README.md +++ b/packages/@aws-cdk/aws-directoryservice/README.md @@ -1,12 +1,16 @@ -## AWS Directory Service Construct Library +# AWS Directory Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-directoryservice/package.json b/packages/@aws-cdk/aws-directoryservice/package.json index a18dc6e3e7c44..cef38d0658370 100644 --- a/packages/@aws-cdk/aws-directoryservice/package.json +++ b/packages/@aws-cdk/aws-directoryservice/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DirectoryService", diff --git a/packages/@aws-cdk/aws-dlm/README.md b/packages/@aws-cdk/aws-dlm/README.md index 7174b307064f4..c6172c8f0f683 100644 --- a/packages/@aws-cdk/aws-dlm/README.md +++ b/packages/@aws-cdk/aws-dlm/README.md @@ -1,12 +1,16 @@ -## Amazon Data Lifecycle Manager Construct Library +# Amazon Data Lifecycle Manager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-dlm/package.json b/packages/@aws-cdk/aws-dlm/package.json index 0d53f1fef19b8..6dbd27a82fd13 100644 --- a/packages/@aws-cdk/aws-dlm/package.json +++ b/packages/@aws-cdk/aws-dlm/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DLM", diff --git a/packages/@aws-cdk/aws-dms/README.md b/packages/@aws-cdk/aws-dms/README.md index 97b6e6567f363..3df28c7cf517b 100644 --- a/packages/@aws-cdk/aws-dms/README.md +++ b/packages/@aws-cdk/aws-dms/README.md @@ -1,12 +1,16 @@ -## AWS Database Migration Service Construct Library +# AWS Database Migration Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-dms/package.json b/packages/@aws-cdk/aws-dms/package.json index d66461f0de8ef..d8b4006f21b2b 100644 --- a/packages/@aws-cdk/aws-dms/package.json +++ b/packages/@aws-cdk/aws-dms/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DMS", diff --git a/packages/@aws-cdk/aws-docdb/README.md b/packages/@aws-cdk/aws-docdb/README.md index a2d38da952212..826033de4c134 100644 --- a/packages/@aws-cdk/aws-docdb/README.md +++ b/packages/@aws-cdk/aws-docdb/README.md @@ -1,19 +1,27 @@ -## Amazon DocumentDB Construct Library +# Amazon DocumentDB Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + -### Starting a Clustered Database +## Starting a Clustered Database To set up a clustered DocumentDB database, define a `DatabaseCluster`. You must always launch a database in a VPC. Use the `vpcSubnets` attribute to control whether @@ -33,11 +41,12 @@ const cluster = new DatabaseCluster(this, 'Database', { } }); ``` + By default, the master password will be generated and stored in AWS Secrets Manager with auto-generated description. Your cluster will be empty by default. -### Connecting +## Connecting To control who can access the cluster, use the `.connections` attribute. DocumentDB databases have a default port, so you don't need to specify the port: @@ -53,8 +62,10 @@ attributes: const writeAddress = cluster.clusterEndpoint.socketAddress; // "HOSTNAME:PORT" ``` -### Rotating credentials +## Rotating credentials + When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically: + ```ts cluster.addRotationSingleUser(); // Will rotate automatically after 30 days ``` @@ -62,6 +73,7 @@ cluster.addRotationSingleUser(); // Will rotate automatically after 30 days [example of setting up master password rotation for a cluster](test/integ.cluster-rotation.lit.ts) The multi user rotation scheme is also available: + ```ts cluster.addRotationMultiUser('MyUser', { secret: myImportedSecret // This secret must have the `masterarn` key @@ -69,6 +81,7 @@ cluster.addRotationMultiUser('MyUser', { ``` It's also possible to create user credentials together with the cluster and add rotation: + ```ts const myUserSecret = new docdb.DatabaseSecret(this, 'MyUserSecret', { username: 'myuser', @@ -80,6 +93,7 @@ cluster.addRotationMultiUser('MyUser', { // Add rotation using the multi user sc secret: myUserSecretAttached // This secret must have the `masterarn` key }); ``` + **Note**: This user must be created manually in the database using the master credentials. The rotation will start as soon as this user exists. diff --git a/packages/@aws-cdk/aws-docdb/package.json b/packages/@aws-cdk/aws-docdb/package.json index 7cf1e49c2755d..8f094c3a7afa2 100644 --- a/packages/@aws-cdk/aws-docdb/package.json +++ b/packages/@aws-cdk/aws-docdb/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DocDB", diff --git a/packages/@aws-cdk/aws-dynamodb-global/README.md b/packages/@aws-cdk/aws-dynamodb-global/README.md index 5883da00b0423..a31c37eb3e114 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/README.md +++ b/packages/@aws-cdk/aws-dynamodb-global/README.md @@ -1,5 +1,6 @@ -## @aws-cdk/aws-dynamodb-global +# @aws-cdk/aws-dynamodb-global + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -7,9 +8,10 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + -### NOTICE: This module has been deprecated in favor of `@aws-cdk/aws-dynamodb.Table.replicationRegions` +## NOTICE: This module has been deprecated in favor of `@aws-cdk/aws-dynamodb.Table.replicationRegions` --- @@ -17,7 +19,7 @@ Global Tables builds upon DynamoDB’s global footprint to provide you with a fu Here is a minimal deployable Global DynamoDB tables definition: -```typescript +```ts import { AttributeType } from '@aws-cdk/aws-dynamodb'; import { GlobalTable } from '@aws-cdk/aws-dynamodb-global'; import { App } from '@aws-cdk/core'; @@ -32,6 +34,7 @@ app.synth(); ``` ## Implementation Notes + AWS Global DynamoDB Tables is an odd case currently. The way this package works - * Creates a DynamoDB table in a separate stack in each `DynamoDBGlobalStackProps.region` specified diff --git a/packages/@aws-cdk/aws-dynamodb-global/package.json b/packages/@aws-cdk/aws-dynamodb-global/package.json index d7d968eb2d007..0c320e49802cf 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/package.json +++ b/packages/@aws-cdk/aws-dynamodb-global/package.json @@ -83,7 +83,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-dynamodb/README.md b/packages/@aws-cdk/aws-dynamodb/README.md index de76cdb238b81..72d10f35c1c15 100644 --- a/packages/@aws-cdk/aws-dynamodb/README.md +++ b/packages/@aws-cdk/aws-dynamodb/README.md @@ -1,5 +1,6 @@ -## Amazon DynamoDB Construct Library +# Amazon DynamoDB Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Here is a minimal deployable DynamoDB table definition: @@ -19,7 +21,7 @@ const table = new dynamodb.Table(this, 'Table', { }); ``` -### Importing existing tables +## Importing existing tables To import an existing table into your CDK application, use the `Table.fromTableName`, `Table.fromTableArn` or `Table.fromTableAttributes` factory method. This method accepts table name or table ARN which describes the properties of an already @@ -35,14 +37,15 @@ If you intend to use the `tableStreamArn` (including indirectly, for example by `@aws-cdk/aws-lambda-event-source.DynamoEventSource` on the imported table), you *must* use the `Table.fromTableAttributes` method and the `tableStreamArn` property *must* be populated. -### Keys +## Keys When a table is defined, you must define it's schema using the `partitionKey` (required) and `sortKey` (optional) properties. -### Billing Mode +## Billing Mode DynamoDB supports two billing modes: + * PROVISIONED - the default mode where the table and global secondary indexes have configured read and write capacity. * PAY_PER_REQUEST - on-demand pricing and scaling. You only pay for what you use and there is no read and write capacity for the table or its global secondary indexes. @@ -58,7 +61,7 @@ const table = new dynamodb.Table(this, 'Table', { Further reading: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode. -### Configure AutoScaling for your table +## Configure AutoScaling for your table You can have DynamoDB automatically raise and lower the read and write capacities of your table by setting up autoscaling. You can use this to either keep your @@ -73,7 +76,7 @@ Further reading: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/AutoScaling.html https://aws.amazon.com/blogs/database/how-to-use-aws-cloudformation-to-configure-auto-scaling-for-amazon-dynamodb-tables-and-indexes/ -### Amazon DynamoDB Global Tables +## Amazon DynamoDB Global Tables You can create DynamoDB Global Tables by setting the `replicationRegions` property on a `Table`: @@ -89,9 +92,10 @@ const globalTable = new dynamodb.Table(this, 'Table', { When doing so, a CloudFormation Custom Resource will be added to the stack in order to create the replica tables in the selected regions. -### Encryption +## Encryption All user data stored in Amazon DynamoDB is fully encrypted at rest. When creating a new table, you can choose to encrypt using the following customer master keys (CMK) to encrypt your table: + * AWS owned CMK - By default, all tables are encrypted under an AWS owned customer master key (CMK) in the DynamoDB service account (no additional charges apply). * AWS managed CMK - AWS KMS keys (one per region) are created in your account, managed, and used on your behalf by AWS DynamoDB (AWS KMS chages apply). * Customer managed CMK - You have full control over the KMS key used to encrypt the DynamoDB Table (AWS KMS charges apply). diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index 90252f3b5c127..25dd08d054ce4 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::DynamoDB", @@ -74,7 +75,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/jest": "^26.0.15", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-ec2/README.md b/packages/@aws-cdk/aws-ec2/README.md index 0a3114dc34d27..664f3c2b2eff2 100644 --- a/packages/@aws-cdk/aws-ec2/README.md +++ b/packages/@aws-cdk/aws-ec2/README.md @@ -1,6 +1,6 @@ -## Amazon EC2 Construct Library - +# Amazon EC2 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,8 +8,10 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + The `@aws-cdk/aws-ec2` package contains primitives for setting up networking and instances. diff --git a/packages/@aws-cdk/aws-ec2/lib/instance.ts b/packages/@aws-cdk/aws-ec2/lib/instance.ts index a7e56280fa4dd..22c4fa7cf880f 100644 --- a/packages/@aws-cdk/aws-ec2/lib/instance.ts +++ b/packages/@aws-cdk/aws-ec2/lib/instance.ts @@ -384,16 +384,27 @@ export class Instance extends Resource implements IInstance { this.applyUpdatePolicies(props); // Trigger replacement (via new logical ID) on user data change, if specified or cfn-init is being used. + // + // This is slightly tricky -- we need to resolve the UserData string (in order to get at actual Asset hashes, + // instead of the Token stringifications of them ('${Token[1234]}'). However, in the case of CFN Init usage, + // a UserData is going to contain the logicalID of the resource itself, which means infinite recursion if we + // try to naively resolve. We need a recursion breaker in this. const originalLogicalId = Stack.of(this).getLogicalId(this.instance); + let recursing = false; this.instance.overrideLogicalId(Lazy.uncachedString({ - produce: () => { - let logicalId = originalLogicalId; - if (props.userDataCausesReplacement ?? props.initOptions) { - const md5 = crypto.createHash('md5'); - md5.update(this.userData.render()); - logicalId += md5.digest('hex').substr(0, 16); + produce: (context) => { + if (recursing) { return originalLogicalId; } + if (!(props.userDataCausesReplacement ?? props.initOptions)) { return originalLogicalId; } + + const md5 = crypto.createHash('md5'); + recursing = true; + try { + md5.update(JSON.stringify(context.resolve(this.userData.render()))); + } finally { + recursing = false; } - return logicalId; + const digest = md5.digest('hex').substr(0, 16); + return `${originalLogicalId}${digest}`; }, })); } diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index c12df7e9f0688..a875368de30d9 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EC2", diff --git a/packages/@aws-cdk/aws-ec2/test/instance.test.ts b/packages/@aws-cdk/aws-ec2/test/instance.test.ts index dea92b5b3d8cd..6d002e38af568 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/instance.test.ts @@ -1,20 +1,26 @@ -import { arrayWith, expect as cdkExpect, haveResource, ResourcePart, stringLike } from '@aws-cdk/assert'; +import * as path from 'path'; +import { arrayWith, expect as cdkExpect, haveResource, ResourcePart, stringLike, SynthUtils } from '@aws-cdk/assert'; import '@aws-cdk/assert/jest'; +import { Asset } from '@aws-cdk/aws-s3-assets'; import { StringParameter } from '@aws-cdk/aws-ssm'; import * as cxschema from '@aws-cdk/cloud-assembly-schema'; import { Stack } from '@aws-cdk/core'; import { nodeunitShim, Test } from 'nodeunit-shim'; import { AmazonLinuxImage, BlockDeviceVolume, CloudFormationInit, - EbsDeviceVolumeType, InitCommand, Instance, InstanceClass, InstanceSize, InstanceType, Vpc, + EbsDeviceVolumeType, InitCommand, Instance, InstanceClass, InstanceSize, InstanceType, UserData, Vpc, } from '../lib'; + +let stack: Stack; +let vpc: Vpc; +beforeEach(() => { + stack = new Stack(); + vpc = new Vpc(stack, 'VPC'); +}); + nodeunitShim({ 'instance is created correctly'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // WHEN new Instance(stack, 'Instance', { vpc, @@ -30,10 +36,6 @@ nodeunitShim({ test.done(); }, 'instance is created with source/dest check switched off'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // WHEN new Instance(stack, 'Instance', { vpc, @@ -52,8 +54,6 @@ nodeunitShim({ }, 'instance is grantable'(test: Test) { // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); const param = new StringParameter(stack, 'Param', { stringValue: 'Foobar' }); const instance = new Instance(stack, 'Instance', { vpc, @@ -110,10 +110,6 @@ nodeunitShim({ blockDeviceMappings: { 'can set blockDeviceMappings'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // WHEN new Instance(stack, 'Instance', { vpc, @@ -176,10 +172,6 @@ nodeunitShim({ }, 'throws if ephemeral volumeIndex < 0'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // THEN test.throws(() => { new Instance(stack, 'Instance', { @@ -197,10 +189,6 @@ nodeunitShim({ }, 'throws if volumeType === IO1 without iops'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // THEN test.throws(() => { new Instance(stack, 'Instance', { @@ -222,10 +210,6 @@ nodeunitShim({ }, 'warning if iops without volumeType'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - const instance = new Instance(stack, 'Instance', { vpc, machineImage: new AmazonLinuxImage(), @@ -248,10 +232,6 @@ nodeunitShim({ }, 'warning if iops and volumeType !== IO1'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - const instance = new Instance(stack, 'Instance', { vpc, machineImage: new AmazonLinuxImage(), @@ -276,10 +256,6 @@ nodeunitShim({ }, 'instance can be created with Private IP Address'(test: Test) { - // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); - // WHEN new Instance(stack, 'Instance', { vpc, @@ -300,8 +276,6 @@ nodeunitShim({ test('add CloudFormation Init to instance', () => { // GIVEN - const stack = new Stack(); - const vpc = new Vpc(stack, 'VPC'); new Instance(stack, 'Instance', { vpc, machineImage: new AmazonLinuxImage(), @@ -347,4 +321,46 @@ test('add CloudFormation Init to instance', () => { }, }, }, ResourcePart.CompleteDefinition)); +}); + +test('cause replacement from s3 asset in userdata', () => { + // GIVEN + const userData1 = UserData.forLinux(); + const asset1 = new Asset(stack, 'UserDataAssets1', { + path: path.join(__dirname, 'asset-fixture', 'data.txt'), + }); + userData1.addS3DownloadCommand({ bucket: asset1.bucket, bucketKey: asset1.s3ObjectKey }); + + const userData2 = UserData.forLinux(); + const asset2 = new Asset(stack, 'UserDataAssets2', { + path: path.join(__dirname, 'asset-fixture', 'data.txt'), + }); + userData2.addS3DownloadCommand({ bucket: asset2.bucket, bucketKey: asset2.s3ObjectKey }); + + // WHEN + new Instance(stack, 'InstanceOne', { + vpc, + machineImage: new AmazonLinuxImage(), + instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.LARGE), + userData: userData1, + userDataCausesReplacement: true, + }); + new Instance(stack, 'InstanceTwo', { + vpc, + machineImage: new AmazonLinuxImage(), + instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.LARGE), + userData: userData2, + userDataCausesReplacement: true, + }); + + // THEN -- both instances have the same userData hash, telling us the hash is based + // on the actual asset hash and not accidentally on the token stringification of them. + // (which would base the hash on '${Token[1234.bla]}' + const hash = 'f88eace39faf39d7'; + expect(SynthUtils.toCloudFormation(stack)).toEqual(expect.objectContaining({ + Resources: expect.objectContaining({ + [`InstanceOne5B821005${hash}`]: expect.objectContaining({ Type: 'AWS::EC2::Instance', Properties: expect.anything() }), + [`InstanceTwoDC29A7A7${hash}`]: expect.objectContaining({ Type: 'AWS::EC2::Instance', Properties: expect.anything() }), + }), + })); }); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.instance-init.expected.json b/packages/@aws-cdk/aws-ec2/test/integ.instance-init.expected.json index e9be6df6f6c76..2b736d3961b4c 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.instance-init.expected.json +++ b/packages/@aws-cdk/aws-ec2/test/integ.instance-init.expected.json @@ -130,7 +130,7 @@ ] } }, - "Instance255F352658ec7e53daf15a1c6": { + "Instance255F352654dd5de862574bd14": { "Type": "AWS::EC2::Instance", "Properties": { "AvailabilityZone": "us-east-1a", @@ -169,7 +169,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F352658ec7e53daf15a1c6 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", + " --resource Instance255F352654dd5de862574bd14 -c default\n /opt/aws/bin/cfn-signal -e $? --region ", { "Ref": "AWS::Region" }, @@ -177,7 +177,7 @@ { "Ref": "AWS::StackName" }, - " --resource Instance255F352658ec7e53daf15a1c6\n cat /var/log/cfn-init.log >&2\n)" + " --resource Instance255F352654dd5de862574bd14\n cat /var/log/cfn-init.log >&2\n)" ] ] } @@ -319,4 +319,4 @@ "Description": "Artifact hash for asset \"f8a1af398dac2fad92eeea4fb7620be1c4f504e23e3bfcd859fbb5744187930b\"" } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-ecr-assets/README.md b/packages/@aws-cdk/aws-ecr-assets/README.md index 5334028d15664..dc621f942b430 100644 --- a/packages/@aws-cdk/aws-ecr-assets/README.md +++ b/packages/@aws-cdk/aws-ecr-assets/README.md @@ -1,12 +1,18 @@ # AWS CDK Docker Image Assets + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module allows bundling Docker images as assets. @@ -15,7 +21,7 @@ Images are built from a local Docker context directory (with a `Dockerfile`), uploaded to ECR by the CDK toolkit and/or your app's CI-CD pipeline, and can be naturally referenced in your CDK app. -```typescript +```ts import { DockerImageAsset } from '@aws-cdk/aws-ecr-assets'; const asset = new DockerImageAsset(this, 'MyBuildImage', { @@ -50,7 +56,7 @@ and tag. You can optionally pass build args to the `docker build` command by specifying the `buildArgs` property: -```typescript +```ts const asset = new DockerImageAsset(this, 'MyBuildImage', { directory: path.join(__dirname, 'my-image'), buildArgs: { @@ -62,13 +68,14 @@ const asset = new DockerImageAsset(this, 'MyBuildImage', { You can optionally pass a target to the `docker build` command by specifying the `target` property: -```typescript +```ts const asset = new DockerImageAsset(this, 'MyBuildImage', { directory: path.join(__dirname, 'my-image'), target: 'a-target' }) ``` -### Pull Permissions + +## Pull Permissions Depending on the consumer of your image asset, you will need to make sure the principal has permissions to pull the image. diff --git a/packages/@aws-cdk/aws-ecr-assets/package.json b/packages/@aws-cdk/aws-ecr-assets/package.json index 093fecd65c662..fa6016506e107 100644 --- a/packages/@aws-cdk/aws-ecr-assets/package.json +++ b/packages/@aws-cdk/aws-ecr-assets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-ecr/README.md b/packages/@aws-cdk/aws-ecr/README.md index 97115adc5f647..0a2ef76458ac3 100644 --- a/packages/@aws-cdk/aws-ecr/README.md +++ b/packages/@aws-cdk/aws-ecr/README.md @@ -1,5 +1,6 @@ -## Amazon ECR Construct Library +# Amazon ECR Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,11 +8,12 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This package contains constructs for working with Amazon Elastic Container Registry. -### Repositories +## Repositories Define a repository by creating a new instance of `Repository`. A repository holds multiple verions of a single container image. @@ -20,7 +22,7 @@ holds multiple verions of a single container image. const repository = new ecr.Repository(this, 'Repository'); ``` -### Image scanning +## Image scanning Amazon ECR image scanning helps in identifying software vulnerabilities in your container images. You can manually scan container images stored in Amazon ECR, or you can configure your repositories to scan images when you push them to a repository. To create a new repository to scan on push, simply enable `imageScanOnPush` in the properties @@ -37,8 +39,24 @@ repository.onImageScanCompleted('ImageScanComplete') .addTarget(...) ``` +### Authorization Token + +Besides the Amazon ECR APIs, ECR also allows the Docker CLI or a language-specific Docker library to push and pull +images from an ECR repository. However, the Docker CLI does not support native IAM authentication methods and +additional steps must be taken so that Amazon ECR can authenticate and authorize Docker push and pull requests. +More information can be found at at [Registry Authentication](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth). + +A Docker authorization token can be obtained using the `GetAuthorizationToken` ECR API. The following code snippets +grants an IAM user access to call this API. + +```ts +import * as iam from '@aws-cdk/aws-iam'; + +const user = new iam.User(this, 'User', { ... }); +AuthorizationToken.grantRead(user); +``` -### Automatically clean up repositories +## Automatically clean up repositories You can set life cycle rules to automatically clean up old images from your repository. The first life cycle rule that matches an image will be applied diff --git a/packages/@aws-cdk/aws-ecr/lib/auth-token.ts b/packages/@aws-cdk/aws-ecr/lib/auth-token.ts new file mode 100644 index 0000000000000..52c10cc513d0a --- /dev/null +++ b/packages/@aws-cdk/aws-ecr/lib/auth-token.ts @@ -0,0 +1,20 @@ +import * as iam from '@aws-cdk/aws-iam'; + +/** + * Authorization token to access ECR repositories via Docker CLI. + */ +export class AuthorizationToken { + /** + * Grant access to retrieve an authorization token. + */ + public static grantRead(grantee: iam.IGrantable) { + grantee.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ + actions: ['ecr:GetAuthorizationToken'], + // GetAuthorizationToken only allows '*'. See https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistry.html#amazonelasticcontainerregistry-actions-as-permissions + resources: ['*'], + })); + } + + private constructor() { + } +} diff --git a/packages/@aws-cdk/aws-ecr/lib/index.ts b/packages/@aws-cdk/aws-ecr/lib/index.ts index bfeae449ded7c..63fff9b49a1c4 100644 --- a/packages/@aws-cdk/aws-ecr/lib/index.ts +++ b/packages/@aws-cdk/aws-ecr/lib/index.ts @@ -3,3 +3,4 @@ export * from './ecr.generated'; export * from './repository'; export * from './lifecycle'; +export * from './auth-token'; diff --git a/packages/@aws-cdk/aws-ecr/package.json b/packages/@aws-cdk/aws-ecr/package.json index 76833c3af96af..670fa0ef23d8d 100644 --- a/packages/@aws-cdk/aws-ecr/package.json +++ b/packages/@aws-cdk/aws-ecr/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ECR", diff --git a/packages/@aws-cdk/aws-ecr/test/test.auth-token.ts b/packages/@aws-cdk/aws-ecr/test/test.auth-token.ts new file mode 100644 index 0000000000000..4e9e12e4fb078 --- /dev/null +++ b/packages/@aws-cdk/aws-ecr/test/test.auth-token.ts @@ -0,0 +1,31 @@ +import { expect, haveResourceLike } from '@aws-cdk/assert'; +import * as iam from '@aws-cdk/aws-iam'; +import { Stack } from '@aws-cdk/core'; +import { Test } from 'nodeunit'; +import { AuthorizationToken } from '../lib'; + +export = { + 'grant()'(test: Test) { + // GIVEN + const stack = new Stack(); + const user = new iam.User(stack, 'User'); + + // WHEN + AuthorizationToken.grantRead(user); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 'ecr:GetAuthorizationToken', + Effect: 'Allow', + Resource: '*', + }, + ], + }, + })); + + test.done(); + }, +}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/README.md b/packages/@aws-cdk/aws-ecs-patterns/README.md index df15fed648e21..33fef16ac9865 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/README.md +++ b/packages/@aws-cdk/aws-ecs-patterns/README.md @@ -1,10 +1,12 @@ # CDK Construct library for higher-level ECS Constructs + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library provides higher-level Amazon ECS constructs which follow common architectural patterns. It contains: @@ -387,3 +389,19 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' }); ``` +### Select specific vpc subnets for ApplicationLoadBalancedFargateService + +```ts +const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { + cluster, + memoryLimitMiB: 1024, + desiredCount: 1, + cpu: 512, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"), + }, + vpcSubnets: { + subnets: [ec2.Subnet.fromSubnetId(stack, 'subnet', 'VpcISOLATEDSubnet1Subnet80F07FA0')], + }, +}); +``` diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts index 79aa89524756b..a8a43a6736326 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts @@ -1,4 +1,4 @@ -import { ISecurityGroup } from '@aws-cdk/aws-ec2'; +import { ISecurityGroup, SubnetSelection } from '@aws-cdk/aws-ec2'; import { FargatePlatformVersion, FargateService, FargateTaskDefinition } from '@aws-cdk/aws-ecs'; import { Construct } from 'constructs'; import { ApplicationLoadBalancedServiceBase, ApplicationLoadBalancedServiceBaseProps } from '../base/application-load-balanced-service-base'; @@ -66,6 +66,13 @@ export interface ApplicationLoadBalancedFargateServiceProps extends ApplicationL */ readonly assignPublicIp?: boolean; + /** + * The subnets to associate with the service. + * + * @default - Public subnets if `assignPublicIp` is set, otherwise the first available one of Private, Isolated, Public, in that order. + */ + readonly taskSubnets?: SubnetSelection; + /** * The platform version on which to run your service. * @@ -160,6 +167,7 @@ export class ApplicationLoadBalancedFargateService extends ApplicationLoadBalanc cloudMapOptions: props.cloudMapOptions, platformVersion: props.platformVersion, securityGroups: props.securityGroups, + vpcSubnets: props.taskSubnets, }); this.addServiceAsTarget(this.service); } diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts index 3111ccf8d2746..6246cc3d23c45 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts @@ -1,3 +1,4 @@ +import { SubnetSelection } from '@aws-cdk/aws-ec2'; import { FargatePlatformVersion, FargateService, FargateTaskDefinition } from '@aws-cdk/aws-ecs'; import { Construct } from 'constructs'; import { NetworkLoadBalancedServiceBase, NetworkLoadBalancedServiceBaseProps } from '../base/network-load-balanced-service-base'; @@ -65,6 +66,13 @@ export interface NetworkLoadBalancedFargateServiceProps extends NetworkLoadBalan */ readonly assignPublicIp?: boolean; + /** + * The subnets to associate with the service. + * + * @default - Public subnets if `assignPublicIp` is set, otherwise the first available one of Private, Isolated, Public, in that order. + */ + readonly taskSubnets?: SubnetSelection; + /** * The platform version on which to run your service. * @@ -147,6 +155,7 @@ export class NetworkLoadBalancedFargateService extends NetworkLoadBalancedServic enableECSManagedTags: props.enableECSManagedTags, cloudMapOptions: props.cloudMapOptions, platformVersion: props.platformVersion, + vpcSubnets: props.taskSubnets, }); this.addServiceAsTarget(this.service); } diff --git a/packages/@aws-cdk/aws-ecs-patterns/package.json b/packages/@aws-cdk/aws-ecs-patterns/package.json index c18883a851c19..87077ba19645b 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/package.json +++ b/packages/@aws-cdk/aws-ecs-patterns/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts index 0f6be905dca30..84ee226b7e805 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts @@ -229,6 +229,52 @@ export = { test.done(); }, + 'selecting correct vpcSubnets'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'Vpc', { + maxAzs: 2, + subnetConfiguration: [ + { + subnetType: ec2.SubnetType.PUBLIC, + cidrMask: 20, + name: 'Public', + }, + { + subnetType: ec2.SubnetType.ISOLATED, + cidrMask: 20, + name: 'ISOLATED', + }, + ], + }); + // WHEN + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', { + vpc, + taskImageOptions: { + image: ecs.ContainerImage.fromRegistry('/aws/aws-example-app'), + }, + taskSubnets: { + subnetType: ec2.SubnetType.ISOLATED, + }, + }); + // THEN + expect(stack).to(haveResourceLike('AWS::ECS::Service', { + NetworkConfiguration: { + AwsvpcConfiguration: { + Subnets: [ + { + Ref: 'VpcISOLATEDSubnet1Subnet80F07FA0', + }, + { + Ref: 'VpcISOLATEDSubnet2SubnetB0B548C3', + }, + ], + }, + }, + })); + test.done(); + }, + 'target group uses HTTP/80 as default'(test: Test) { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-ecs/README.md b/packages/@aws-cdk/aws-ecs/README.md index ae5e085018f46..a5f2b09e8e92b 100644 --- a/packages/@aws-cdk/aws-ecs/README.md +++ b/packages/@aws-cdk/aws-ecs/README.md @@ -1,5 +1,6 @@ -## Amazon ECS Construct Library +# Amazon ECS Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This package contains constructs for working with **Amazon Elastic Container @@ -207,6 +209,7 @@ const fargateTaskDefinition = new ecs.FargateTaskDefinition(this, 'TaskDef', { cpu: 256 }); ``` + To add containers to a task definition, call `addContainer()`: ```ts @@ -276,13 +279,13 @@ const taskDefinition = new ecs.TaskDefinition(this, 'TaskDef', { Images supply the software that runs inside the container. Images can be obtained from either DockerHub or from ECR repositories, or built directly from a local Dockerfile. -* `ecs.ContainerImage.fromRegistry(imageName)`: use a public image. -* `ecs.ContainerImage.fromRegistry(imageName, { credentials: mySecret })`: use a private image that requires credentials. -* `ecs.ContainerImage.fromEcrRepository(repo, tag)`: use the given ECR repository as the image +- `ecs.ContainerImage.fromRegistry(imageName)`: use a public image. +- `ecs.ContainerImage.fromRegistry(imageName, { credentials: mySecret })`: use a private image that requires credentials. +- `ecs.ContainerImage.fromEcrRepository(repo, tag)`: use the given ECR repository as the image to start. If no tag is provided, "latest" is assumed. -* `ecs.ContainerImage.fromAsset('./image')`: build and upload an +- `ecs.ContainerImage.fromAsset('./image')`: build and upload an image directly from a `Dockerfile` in your source directory. -* `ecs.ContainerImage.fromDockerImageAsset(asset)`: uses an existing +- `ecs.ContainerImage.fromDockerImageAsset(asset)`: uses an existing `@aws-cdk/aws-ecr-assets.DockerImageAsset` as a container image. ### Environment variables @@ -328,6 +331,7 @@ const service = new ecs.FargateService(this, 'Service', { desiredCount: 5 }); ``` + `Services` by default will create a security group if not provided. If you'd like to specify which security groups to use you can override the `securityGroups` property. @@ -394,6 +398,7 @@ See the [ecs/cross-stack-load-balancer example](https://github.com/aws-samples/a for the alternatives. ### Include a classic load balancer + `Services` can also be directly attached to a classic load balancer as targets: ```ts @@ -423,8 +428,8 @@ lb.addTarget(service.loadBalancerTarget{ There are two higher-level constructs available which include a load balancer for you that can be found in the aws-ecs-patterns module: -* `LoadBalancedFargateService` -* `LoadBalancedEc2Service` +- `LoadBalancedFargateService` +- `LoadBalancedEc2Service` ## Task Auto-Scaling diff --git a/packages/@aws-cdk/aws-ecs/package.json b/packages/@aws-cdk/aws-ecs/package.json index 40e368ebdf905..41f459b775c7f 100644 --- a/packages/@aws-cdk/aws-ecs/package.json +++ b/packages/@aws-cdk/aws-ecs/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ECS", diff --git a/packages/@aws-cdk/aws-efs/README.md b/packages/@aws-cdk/aws-efs/README.md index 6a598f1146624..16e04aa27462b 100644 --- a/packages/@aws-cdk/aws-efs/README.md +++ b/packages/@aws-cdk/aws-efs/README.md @@ -1,16 +1,24 @@ -## Amazon Elastic File System Construct Library +# Amazon Elastic File System Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This construct library allows you to set up AWS Elastic File System (EFS). @@ -37,7 +45,7 @@ const fileSystem = new FileSystem(this, 'EfsFileSystem', { }); ``` -### Access Point +## Access Point An access point is an application-specific view into an EFS file system that applies an operating system user and group, and a file system path, to any file system request made through the access point. The operating system user @@ -75,7 +83,7 @@ efs.AccessPoint.fromAccessPointAttributes(this, 'ap', { mount targets created in all availability zones the function will execute in, but not all are in the available life cycle state yet. Please wait for them to become available and try the request again. -### Connecting +## Connecting To control who can access the EFS, use the `.connections` attribute. EFS has a fixed default port, so you don't need to specify the port: @@ -83,10 +91,12 @@ a fixed default port, so you don't need to specify the port: ```ts fileSystem.connections.allowDefaultPortFrom(instance); ``` -### Mounting the file system using User Data + +## Mounting the file system using User Data In order to automatically mount this file system during instance launch, following code can be used as reference: + ```ts const vpc = new ec2.Vpc(this, 'VPC'); diff --git a/packages/@aws-cdk/aws-efs/package.json b/packages/@aws-cdk/aws-efs/package.json index fcfe0e162c926..5594f391a0065 100644 --- a/packages/@aws-cdk/aws-efs/package.json +++ b/packages/@aws-cdk/aws-efs/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EFS", diff --git a/packages/@aws-cdk/aws-eks-legacy/README.md b/packages/@aws-cdk/aws-eks-legacy/README.md index 73d34d7a9b624..35db7f23efb1e 100644 --- a/packages/@aws-cdk/aws-eks-legacy/README.md +++ b/packages/@aws-cdk/aws-eks-legacy/README.md @@ -1,6 +1,6 @@ -## Amazon EKS Construct Library - +# Amazon EKS Construct Library + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -8,11 +8,14 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + + **This module is available for backwards compatibility purposes only ([details](https://github.com/aws/aws-cdk/pull/5540)). It will no longer be released with the CDK starting March 1st, 2020. See [issue -# 5544](https://github.com/aws/aws-cdk/issues/5544) for upgrade instructions.** + +## 5544](https://github.com/aws/aws-cdk/issues/5544) for upgrade instructions.** --- @@ -165,7 +168,7 @@ with the `update-kubeconfig` command. Something like this: -``` +```plaintext Outputs: eks-integ-defaults.ClusterConfigCommand43AAE40F = aws eks update-kubeconfig --name cluster-ba7c166b-c4f3-421c-bf8a-6812e4036a33 --role-arn arn:aws:iam::112233445566:role/eks-integ-defaults-Role1ABCC5F0-1EFK2W5ZJD98Y ``` diff --git a/packages/@aws-cdk/aws-eks-legacy/package.json b/packages/@aws-cdk/aws-eks-legacy/package.json index 08b032f34503d..2ce08cf6d1da2 100644 --- a/packages/@aws-cdk/aws-eks-legacy/package.json +++ b/packages/@aws-cdk/aws-eks-legacy/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EKS" diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md index ad39037e100f7..1b09a3ac995e5 100644 --- a/packages/@aws-cdk/aws-eks/README.md +++ b/packages/@aws-cdk/aws-eks/README.md @@ -1,24 +1,30 @@ -## Amazon EKS Construct Library - +# Amazon EKS Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + This construct library allows you to define [Amazon Elastic Container Service for Kubernetes (EKS)](https://aws.amazon.com/eks/) clusters. In addition, the library also supports defining Kubernetes resource manifests within EKS clusters. -Table Of Contents -================= +## Table Of Contents * [Quick Start](#quick-start) * [API Reference](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-eks-readme.html) @@ -47,8 +53,8 @@ Table Of Contents This example defines an Amazon EKS cluster with the following configuration: -- Dedicated VPC with default configuration (Implicitly created using [ec2.Vpc](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ec2-readme.html#vpc)) -- A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image. +* Dedicated VPC with default configuration (Implicitly created using [ec2.Vpc](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ec2-readme.html#vpc)) +* A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image. ```ts // provisiong a cluster @@ -76,7 +82,7 @@ cluster.addManifest('mypod', { In order to interact with your cluster through `kubectl`, you can use the `aws eks update-kubeconfig` [AWS CLI command](https://docs.aws.amazon.com/cli/latest/reference/eks/update-kubeconfig.html) to configure your local kubeconfig. The EKS module will define a CloudFormation output in your stack which contains the command to run. For example: -``` +```plaintext Outputs: ClusterConfigCommand43AAE40F = aws eks update-kubeconfig --name cluster-xxxxx --role-arn arn:aws:iam::112233445566:role/yyyyy ``` @@ -131,12 +137,12 @@ The following is a qualitative diagram of the various possible components involv In a nutshell: -- `EKS Cluster` - The cluster endpoint created by EKS. -- `Managed Node Group` - EC2 worker nodes managed by EKS. -- `Fargate Profile` - Fargate worker nodes managed by EKS. -- `Auto Scaling Group` - EC2 worker nodes managed by the user. -- `KubectlHandler` - Lambda function for invoking `kubectl` commands on the cluster - created by CDK. -- `ClusterHandler` - Lambda function for interacting with EKS API to manage the cluster lifecycle - created by CDK. +* `EKS Cluster` - The cluster endpoint created by EKS. +* `Managed Node Group` - EC2 worker nodes managed by EKS. +* `Fargate Profile` - Fargate worker nodes managed by EKS. +* `Auto Scaling Group` - EC2 worker nodes managed by the user. +* `KubectlHandler` - Lambda function for invoking `kubectl` commands on the cluster - created by CDK. +* `ClusterHandler` - Lambda function for interacting with EKS API to manage the cluster lifecycle - created by CDK. A more detailed breakdown of each is provided further down this README. @@ -144,7 +150,7 @@ A more detailed breakdown of each is provided further down this README. Creating a new cluster is done using the `Cluster` or `FargateCluster` constructs. The only required property is the kubernetes `version`. -```typescript +```ts new eks.Cluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_18, }); @@ -152,7 +158,7 @@ new eks.Cluster(this, 'HelloEKS', { You can also use `FargateCluster` to provision a cluster that uses only fargate workers. -```typescript +```ts new eks.FargateCluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_18, }); @@ -176,7 +182,7 @@ By default, this library will allocate a managed node group with 2 *m5.large* in At cluster instantiation time, you can customize the number of instances and their type: -```typescript +```ts new eks.Cluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_18, defaultCapacity: 5, @@ -188,7 +194,7 @@ To access the node group that was created on your behalf, you can use `cluster.d Additional customizations are available post instantiation. To apply them, set the default capacity to 0, and use the `cluster.addNodegroupCapacity` method: -```typescript +```ts const cluster = new eks.Cluster(this, 'HelloEKS', { version: eks.KubernetesVersion.V1_18, defaultCapacity: 0, @@ -393,7 +399,7 @@ AWS Identity and Access Management (IAM) and native Kubernetes [Role Based Acces You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) by using the `endpointAccess` property: -```typescript +```ts const cluster = new eks.Cluster(this, 'hello-eks', { version: eks.KubernetesVersion.V1_18, endpointAccess: eks.EndpointAccess.PRIVATE // No access outside of your VPC. @@ -446,7 +452,7 @@ The `ClusterHandler` is a Lambda function responsible to interact the EKS API in The resources are created in the cluster by running `kubectl apply` from a python lambda function. You can configure the environment of this function by specifying it at cluster instantiation. For example, this can be useful in order to configure an http proxy: -```typescript +```ts const cluster = new eks.Cluster(this, 'hello-eks', { version: eks.KubernetesVersion.V1_18, kubectlEnvironment: { @@ -643,8 +649,9 @@ new cdk.CfnOutput(this, 'ServiceAccountIamRole', { value: sa.role.roleArn }) Note that using `sa.serviceAccountName` above **does not** translate into a resource dependency. This is why an explicit dependency is needed. See for more details. -You can also add service accounts to existing clusters. +You can also add service accounts to existing clusters. To do so, pass the `openIdConnectProvider` property when you import the cluster into the application. + ```ts // you can import an existing provider const provider = eks.OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, 'Provider', 'arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC'); @@ -664,9 +671,10 @@ const bucket = new Bucket(this, 'Bucket'); bucket.grantReadWrite(serviceAccount); // ... -``` +``` + Note that adding service accounts requires running `kubectl` commands against the cluster. -This means you must also pass the `kubectlRoleArn` when importing the cluster. +This means you must also pass the `kubectlRoleArn` when importing the cluster. See [Using existing Clusters](https://github.com/aws/aws-cdk/tree/master/packages/@aws-cdk/aws-eks#using-existing-clusters). ## Applying Kubernetes Resources @@ -985,12 +993,12 @@ and use that as part of your CDK application. For example, you can fetch the address of a [`LoadBalancer`](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer) type service: -```typescript +```ts // query the load balancer address const myServiceAddress = new KubernetesObjectValue(this, 'LoadBalancerAttribute', { cluster: cluster, - resourceType: 'service', - resourceName: 'my-service', + objectType: 'service', + objectName: 'my-service', jsonPath: '.status.loadBalancer.ingress[0].hostname', // https://kubernetes.io/docs/reference/kubectl/jsonpath/ }); @@ -1005,7 +1013,7 @@ const proxyFunction = new lambda.Function(this, 'ProxyFunction', { Specifically, since the above use-case is quite common, there is an easier way to access that information: -```typescript +```ts const loadBalancerAddress = cluster.getServiceLoadBalancerAddress('my-service'); ``` @@ -1045,8 +1053,8 @@ cluster.addManifest('Test', { At the minimum, when importing clusters for `kubectl` management, you will need to specify: -- `clusterName` - the name of the cluster. -- `kubectlRoleArn` - the ARN of an IAM role mapped to the `system:masters` RBAC +* `clusterName` - the name of the cluster. +* `kubectlRoleArn` - the ARN of an IAM role mapped to the `system:masters` RBAC role. If the cluster you are importing was created using the AWS CDK, the CloudFormation stack has an output that includes an IAM role that can be used. Otherwise, you can create an IAM role and map it to `system:masters` manually. @@ -1057,14 +1065,14 @@ to specify: If the cluster is configured with private-only or private and restricted public Kubernetes [endpoint access](#endpoint-access), you must also specify: -- `kubectlSecurityGroupId` - the ID of an EC2 security group that is allowed +* `kubectlSecurityGroupId` - the ID of an EC2 security group that is allowed connections to the cluster's control security group. For example, the EKS managed [cluster security group](#cluster-security-group). -- `kubectlPrivateSubnetIds` - a list of private VPC subnets IDs that will be used +* `kubectlPrivateSubnetIds` - a list of private VPC subnets IDs that will be used to access the Kubernetes endpoint. ## Known Issues and Limitations -- [One cluster per stack](https://github.com/aws/aws-cdk/issues/10073) -- [Object pruning](https://github.com/aws/aws-cdk/issues/10495) -- [Service Account dependencies](https://github.com/aws/aws-cdk/issues/9910) -- [Attach all Lambda Functions to VPC](https://github.com/aws/aws-cdk/issues/9509) +* [One cluster per stack](https://github.com/aws/aws-cdk/issues/10073) +* [Object pruning](https://github.com/aws/aws-cdk/issues/10495) +* [Service Account dependencies](https://github.com/aws/aws-cdk/issues/9910) +* [Attach all Lambda Functions to VPC](https://github.com/aws/aws-cdk/issues/9509) diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 7974f988aff33..54cbeb9379d02 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -136,7 +136,7 @@ export interface ICluster extends IResource, ec2.IConnectable { * @param manifest a list of Kubernetes resource specifications * @returns a `KubernetesManifest` object. */ - addManifest(id: string, ...manifest: any[]): KubernetesManifest; + addManifest(id: string, ...manifest: Record[]): KubernetesManifest; /** * Defines a Helm chart in this cluster. @@ -641,7 +641,7 @@ abstract class ClusterBase extends Resource implements ICluster { * @param manifest a list of Kubernetes resource specifications * @returns a `KubernetesResource` object. */ - public addManifest(id: string, ...manifest: any[]): KubernetesManifest { + public addManifest(id: string, ...manifest: Record[]): KubernetesManifest { return new KubernetesManifest(this, `manifest-${id}`, { cluster: this, manifest }); } diff --git a/packages/@aws-cdk/aws-eks/lib/k8s-manifest.ts b/packages/@aws-cdk/aws-eks/lib/k8s-manifest.ts index a82104e07e322..fa7ec654d3d77 100644 --- a/packages/@aws-cdk/aws-eks/lib/k8s-manifest.ts +++ b/packages/@aws-cdk/aws-eks/lib/k8s-manifest.ts @@ -39,7 +39,7 @@ export interface KubernetesManifestProps { * }] * */ - readonly manifest: any[]; + readonly manifest: Record[]; } /** diff --git a/packages/@aws-cdk/aws-eks/lib/legacy-cluster.ts b/packages/@aws-cdk/aws-eks/lib/legacy-cluster.ts index e19540cf7c3d4..27014e73871ef 100644 --- a/packages/@aws-cdk/aws-eks/lib/legacy-cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/legacy-cluster.ts @@ -376,7 +376,7 @@ export class LegacyCluster extends Resource implements ICluster { }); } - public addManifest(_id: string, ..._manifest: any[]): KubernetesManifest { + public addManifest(_id: string, ..._manifest: Record[]): KubernetesManifest { throw new Error('legacy cluster does not support adding kubernetes manifests'); } @@ -438,7 +438,7 @@ class ImportedCluster extends Resource implements ICluster { } } - public addManifest(_id: string, ..._manifest: any[]): KubernetesManifest { + public addManifest(_id: string, ..._manifest: Record[]): KubernetesManifest { throw new Error('legacy cluster does not support adding kubernetes manifests'); } diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index ab5512f0ce049..a57aaa253db2f 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EKS", @@ -74,7 +75,7 @@ "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", "@types/yaml": "1.9.6", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json index 3cccffb7a31e3..7e5d81152c4d8 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json @@ -3530,7 +3530,7 @@ 1, { "Fn::Split": [ - "oidc-provider/", + ":oidc-provider/", { "Ref": "ClusterOpenIdConnectProviderE7EB0530" } @@ -3544,7 +3544,7 @@ 1, { "Fn::Split": [ - "oidc-provider/", + ":oidc-provider/", { "Ref": "ClusterOpenIdConnectProviderE7EB0530" } diff --git a/packages/@aws-cdk/aws-elasticache/README.md b/packages/@aws-cdk/aws-elasticache/README.md index 90826ef92f1c1..486be94c97bdb 100644 --- a/packages/@aws-cdk/aws-elasticache/README.md +++ b/packages/@aws-cdk/aws-elasticache/README.md @@ -1,12 +1,16 @@ -## Amazon ElastiCache Construct Library +# Amazon ElastiCache Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-elasticache/package.json b/packages/@aws-cdk/aws-elasticache/package.json index 7374b48deed67..c56a2e4d94129 100644 --- a/packages/@aws-cdk/aws-elasticache/package.json +++ b/packages/@aws-cdk/aws-elasticache/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ElastiCache", diff --git a/packages/@aws-cdk/aws-elasticbeanstalk/README.md b/packages/@aws-cdk/aws-elasticbeanstalk/README.md index 5131196b64725..e8e2b25ec2c49 100644 --- a/packages/@aws-cdk/aws-elasticbeanstalk/README.md +++ b/packages/@aws-cdk/aws-elasticbeanstalk/README.md @@ -1,12 +1,16 @@ -## AWS Elastic Beanstalk Construct Library +# AWS Elastic Beanstalk Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-elasticbeanstalk/package.json b/packages/@aws-cdk/aws-elasticbeanstalk/package.json index 1fc91742b9ff8..397a0727a0c79 100644 --- a/packages/@aws-cdk/aws-elasticbeanstalk/package.json +++ b/packages/@aws-cdk/aws-elasticbeanstalk/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ElasticBeanstalk", diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/README.md b/packages/@aws-cdk/aws-elasticloadbalancing/README.md index 8188658ccdb0d..6d66ca5965c69 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancing/README.md @@ -1,5 +1,6 @@ -## Amazon Elastic Load Balancing Construct Library +# Amazon Elastic Load Balancing Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,12 +8,13 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + The `@aws-cdk/aws-elasticloadbalancing` package provides constructs for configuring classic load balancers. -### Configuring a Load Balancer +## Configuring a Load Balancer Load balancers send traffic to one or more AutoScalingGroups. Create a load balancer, set up listeners and a health check, and supply the fleet(s) you want diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/package.json b/packages/@aws-cdk/aws-elasticloadbalancing/package.json index a84ca148bb138..67dad28cdc322 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ElasticLoadBalancing", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/README.md index 874938a793b90..456473576fe33 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/README.md @@ -1,10 +1,12 @@ # Actions for AWS Elastic Load Balancing V2 + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This package contains integration actions for ELBv2. See the README of the `@aws-cdk/aws-elasticloadbalancingv2` library. diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json index 3d2ad11bd8a9f..b96e5ad634f5c 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md index 9e64b505478aa..9b3a3745cb679 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md @@ -1,12 +1,18 @@ # Targets for AWS Elastic Load Balancing V2 + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This package contains targets for ELBv2. See the README of the `@aws-cdk/aws-elasticloadbalancingv2` library. diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json index 242f294ad02f1..a0bc55a5ddc2f 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md index 49cfd5dc5db81..ac397ba62bd94 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md @@ -1,6 +1,6 @@ -## Amazon Elastic Load Balancing V2 Construct Library - +# Amazon Elastic Load Balancing V2 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,8 +8,10 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + The `@aws-cdk/aws-elasticloadbalancingv2` package provides constructs for configuring application and network load balancers. @@ -17,7 +19,7 @@ For more information, see the AWS documentation for [Application Load Balancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html) and [Network Load Balancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html). -### Defining an Application Load Balancer +## Defining an Application Load Balancer You define an application load balancer by creating an instance of `ApplicationLoadBalancer`, adding a Listener to the load balancer @@ -77,7 +79,7 @@ const securityGroup2 = new ec2.SecurityGroup(stack, 'SecurityGroup2', { vpc }); lb.addSecurityGroup(securityGroup2); ``` -#### Conditions +### Conditions It's possible to route traffic to targets based on conditions in the incoming HTTP request. For example, the following will route requests to the indicated @@ -104,7 +106,7 @@ targets with conditions. The lowest number wins. Every listener must have at least one target without conditions, which is where all requests that didn't match any of the conditions will be sent. -#### Convenience methods and more complex Actions +### Convenience methods and more complex Actions Routing traffic from a Load Balancer to a Target involves the following steps: @@ -180,7 +182,7 @@ lb.addRedirect({ If you do not provide any options for this method, it redirects HTTP port 80 to HTTPS port 443. -### Defining a Network Load Balancer +## Defining a Network Load Balancer Network Load Balancers are defined in a similar way to Application Load Balancers: @@ -219,7 +221,7 @@ and [Register targets with your Target Group](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-register-targets.html) for more information. -### Targets and Target Groups +## Targets and Target Groups Application and Network Load Balancers organize load balancing targets in Target Groups. If you add your balancing targets (such as AutoScalingGroups, ECS @@ -241,7 +243,7 @@ const group = listener.addTargets('AppFleet', { group.addTarget(asg2); ``` -### Using Lambda Targets +## Using Lambda Targets To use a Lambda Function as a target, use the integration class in the `@aws-cdk/aws-elasticloadbalancingv2-targets` package: @@ -268,7 +270,7 @@ listener.addTargets('Targets', { Only a single Lambda function can be added to a single listener rule. -### Configuring Health Checks +## Configuring Health Checks Health checks are configured upon creation of a target group: @@ -303,7 +305,7 @@ listener.addTargets('AppFleet', { listener.connections.allowFrom(lb, ec2.Port.tcp(8088)); ``` -### Using a Load Balancer from a different Stack +## Using a Load Balancer from a different Stack If you want to put your Load Balancer and the Targets it is load balancing to in different stacks, you may not be able to use the convenience methods @@ -319,7 +321,7 @@ For an example of the alternatives while load balancing to an ECS service, see t [ecs/cross-stack-load-balancer example](https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/ecs/cross-stack-load-balancer/). -### Protocol for Load Balancer Targets +## Protocol for Load Balancer Targets Constructs that want to be a load balancer target should implement `IApplicationLoadBalancerTarget` and/or `INetworkLoadBalancerTarget`, and @@ -380,6 +382,7 @@ than one load balancer matches, CDK will throw an error requesting that you provide more specific criteria. **Look up a Application Load Balancer by ARN** + ```ts const loadBalancer = ApplicationLoadBalancer.fromLookup(stack, 'ALB', { loadBalancerArn: YOUR_ALB_ARN, @@ -387,6 +390,7 @@ const loadBalancer = ApplicationLoadBalancer.fromLookup(stack, 'ALB', { ``` **Look up an Application Load Balancer by tags** + ```ts const loadBalancer = ApplicationLoadBalancer.fromLookup(stack, 'ALB', { loadBalancerTags: { diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index d65911b6abd7f..974ddc9b78c0d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ElasticLoadBalancingV2", diff --git a/packages/@aws-cdk/aws-elasticsearch/README.md b/packages/@aws-cdk/aws-elasticsearch/README.md index b7902ed654392..502085c85d9c5 100644 --- a/packages/@aws-cdk/aws-elasticsearch/README.md +++ b/packages/@aws-cdk/aws-elasticsearch/README.md @@ -1,20 +1,32 @@ -## Amazon Elasticsearch Service Construct Library - +# Amazon Elasticsearch Service Construct Library + --- -| Features | Stability | -| --- | --- | -| CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for Domain | ![Experimental](https://img.shields.io/badge/experimental-important.svg?style=for-the-badge) | +Features | Stability +-----------------------------------|---------------------------------------------------------------- +CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) +Higher level constructs for Domain | ![Experimental](https://img.shields.io/badge/experimental-important.svg?style=for-the-badge) + +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. + -> **Experimental:** Higher level constructs in this module that are marked as experimental are under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> **Experimental:** Higher level constructs in this module that are marked as experimental are +> under active development. They are subject to non-backward compatible changes or removal in any +> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and +> breaking changes will be announced in the release notes. This means that while you may use them, +> you may need to update your source code when upgrading to a newer version of this package. --- + +## Quick start + Create a development cluster by simply specifying the version: ```ts @@ -51,7 +63,7 @@ const prodDomain = new es.Domain(this, 'Domain', { This creates an Elasticsearch cluster and automatically sets up log groups for logging the domain logs and slow search logs. -### Importing existing domains +## Importing existing domains To import an existing domain into your CDK application, use the `Domain.fromDomainEndpoint` factory method. This method accepts a domain endpoint of an already existing domain: @@ -61,9 +73,9 @@ const domainEndpoint = 'https://my-domain-jcjotrt6f7otem4sqcwbch3c4u.us-east-1.e const domain = Domain.fromDomainEndpoint(this, 'ImportedDomain', domainEndpoint); ``` -### Permissions +## Permissions -#### IAM +### IAM Helper methods also exist for managing access to the domain. @@ -77,7 +89,7 @@ domain.grantIndexWrite('app-search', lambda); domain.grantPathRead('app-search/_search', lambda); ``` -### Encryption +## Encryption The domain can also be created with encryption enabled: @@ -99,7 +111,7 @@ This sets up the domain with node to node encryption and encryption at rest. You can also choose to supply your own KMS key to use for encryption at rest. -### Metrics +## Metrics Helper methods exist to access common domain metrics for example: @@ -110,7 +122,7 @@ const masterSysMemoryUtilization = domain.metric('MasterSysMemoryUtilization'); This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Fine grained access control +## Fine grained access control The domain can also be created with a master user configured. The password can be supplied or dynamically created if not supplied. @@ -131,7 +143,7 @@ const domain = new es.Domain(this, 'Domain', { const masterUserPassword = domain.masterUserPassword; ``` -### Using unsigned basic auth +## Using unsigned basic auth For convenience, the domain can be configured to allow unsigned HTTP requests that use basic auth. Unless the domain is configured to be part of a VPC this diff --git a/packages/@aws-cdk/aws-elasticsearch/package.json b/packages/@aws-cdk/aws-elasticsearch/package.json index 36235fb85ccdc..c8844413e9853 100644 --- a/packages/@aws-cdk/aws-elasticsearch/package.json +++ b/packages/@aws-cdk/aws-elasticsearch/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Elasticsearch", diff --git a/packages/@aws-cdk/aws-emr/README.md b/packages/@aws-cdk/aws-emr/README.md index eb97e0086c75a..3cf2fe80fd10d 100644 --- a/packages/@aws-cdk/aws-emr/README.md +++ b/packages/@aws-cdk/aws-emr/README.md @@ -1,12 +1,16 @@ -## Amazon EMR Construct Library +# Amazon EMR Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-emr/package.json b/packages/@aws-cdk/aws-emr/package.json index 896d8f27486f7..82653f7f15f3d 100644 --- a/packages/@aws-cdk/aws-emr/package.json +++ b/packages/@aws-cdk/aws-emr/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EMR", diff --git a/packages/@aws-cdk/aws-events-targets/README.md b/packages/@aws-cdk/aws-events-targets/README.md index c99441f05d32a..787bfcc433d30 100644 --- a/packages/@aws-cdk/aws-events-targets/README.md +++ b/packages/@aws-cdk/aws-events-targets/README.md @@ -1,10 +1,12 @@ # Event Targets for Amazon EventBridge + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library contains integration classes to send Amazon EventBridge to any diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index fa17eec28f293..8412ba1ed7adf 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -49,7 +49,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "node ./build-tools/gen.js" + "gen": "node ./build-tools/gen.js", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "jest": true, @@ -75,7 +76,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-events/README.md b/packages/@aws-cdk/aws-events/README.md index 77263d685eb67..d19309455559d 100644 --- a/packages/@aws-cdk/aws-events/README.md +++ b/packages/@aws-cdk/aws-events/README.md @@ -1,5 +1,6 @@ -## Amazon EventBridge Construct Library +# Amazon EventBridge Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Amazon EventBridge delivers a near real-time stream of system events that @@ -80,7 +82,7 @@ onCommitRule.addTarget(new targets.SnsTopic(topic, { ## Scheduling -You can configure a Rule to run on a schedule (cron or rate). +You can configure a Rule to run on a schedule (cron or rate). The following example runs a task every day at 4am: @@ -98,6 +100,7 @@ new Rule(this, 'ScheduleRule', { ``` If you want to specify Fargate platform version, set `platformVersion` in EcsTask's props like the following example: + ```ts const platformVersion = ecs.FargatePlatformVersion.VERSION1_4; const ecsTaskTarget = new EcsTask({ cluster, taskDefinition, role, platformVersion }); @@ -124,7 +127,7 @@ The following targets are supported: It's possible to have the source of the event and a target in separate AWS accounts: -```typescript +```ts import { App, Stack } from '@aws-cdk/core'; import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codecommit from '@aws-cdk/aws-codecommit'; diff --git a/packages/@aws-cdk/aws-events/lib/util.ts b/packages/@aws-cdk/aws-events/lib/util.ts index 1b1c860d7850d..345bfda4ff89e 100644 --- a/packages/@aws-cdk/aws-events/lib/util.ts +++ b/packages/@aws-cdk/aws-events/lib/util.ts @@ -38,9 +38,11 @@ export function mergeEventPattern(dest: any, src: any) { `Type mismatch between existing pattern ${JSON.stringify(destValue)} and added pattern ${JSON.stringify(srcValue)}`); } - // if this is an array, concat the values + // if this is an array, concat and deduplicate the values if (Array.isArray(srcValue)) { - destObj[field] = destValue.concat(srcValue); + const result = [...destValue, ...srcValue]; + const resultJson = result.map(i => JSON.stringify(i)); + destObj[field] = result.filter((value, index) => resultJson.indexOf(JSON.stringify(value)) === index); continue; } diff --git a/packages/@aws-cdk/aws-events/package.json b/packages/@aws-cdk/aws-events/package.json index 30a4c1ec88641..084f246783f23 100644 --- a/packages/@aws-cdk/aws-events/package.json +++ b/packages/@aws-cdk/aws-events/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Events", diff --git a/packages/@aws-cdk/aws-events/test/test.rule.ts b/packages/@aws-cdk/aws-events/test/test.rule.ts index 991d2e83d0249..80cf91948f5fa 100644 --- a/packages/@aws-cdk/aws-events/test/test.rule.ts +++ b/packages/@aws-cdk/aws-events/test/test.rule.ts @@ -126,14 +126,14 @@ export = { rule.addEventPattern({ account: ['12345'], detail: { - foo: ['hello'], + foo: ['hello', 'bar', 'hello'], }, }); rule.addEventPattern({ source: ['aws.source'], detail: { - foo: ['bar'], + foo: ['bar', 'hello'], goo: { hello: ['world'], }, @@ -172,6 +172,37 @@ export = { test.done(); }, + 'addEventPattern can de-duplicate filters and keep the order'(test: Test) { + const stack = new cdk.Stack(); + + const rule = new Rule(stack, 'MyRule'); + rule.addEventPattern({ + detailType: ['AWS API Call via CloudTrail', 'AWS API Call via CloudTrail'], + }); + + rule.addEventPattern({ + detailType: ['EC2 Instance State-change Notification', 'AWS API Call via CloudTrail'], + }); + + expect(stack).toMatch({ + 'Resources': { + 'MyRuleA44AB831': { + 'Type': 'AWS::Events::Rule', + 'Properties': { + 'EventPattern': { + 'detail-type': [ + 'AWS API Call via CloudTrail', + 'EC2 Instance State-change Notification', + ], + }, + 'State': 'ENABLED', + }, + }, + }, + }); + test.done(); + }, + 'targets can be added via props or addTarget with input transformer'(test: Test) { const stack = new cdk.Stack(); const t1: IRuleTarget = { diff --git a/packages/@aws-cdk/aws-events/test/test.util.ts b/packages/@aws-cdk/aws-events/test/test.util.ts index 4c81ab07c2da4..80cbe36ddbba4 100644 --- a/packages/@aws-cdk/aws-events/test/test.util.ts +++ b/packages/@aws-cdk/aws-events/test/test.util.ts @@ -55,5 +55,43 @@ export = { }), /Invalid event pattern field array. Type mismatch between existing pattern \[1\] and added pattern \{"value":\["hello"\]\}/); test.done(); }, + + 'deduplicate match values in pattern array'(test: Test) { + test.deepEqual(mergeEventPattern({ + 'detail-type': ['AWS API Call via CloudTrail'], + }, { + 'detail-type': ['AWS API Call via CloudTrail'], + }), { + 'detail-type': ['AWS API Call via CloudTrail'], + }); + test.deepEqual(mergeEventPattern({ + time: [{ prefix: '2017-10-02' }], + }, { + time: [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }], + }), { + time: [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }], + }); + test.deepEqual(mergeEventPattern({ + 'detail-type': ['AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }], + }, { + 'detail-type': ['AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }], + }), { + 'detail-type': ['AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }], + }); + test.deepEqual(mergeEventPattern({ + 'detail-type': ['AWS API Call via CloudTrail', 'AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }], + }, { + 'detail-type': ['AWS API Call via CloudTrail', 'AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }, { prefix: '2017-10-02' }], + }), { + 'detail-type': ['AWS API Call via CloudTrail'], + 'time': [{ prefix: '2017-10-02' }, { prefix: '2017-10-03' }], + }); + test.done(); + }, }, }; diff --git a/packages/@aws-cdk/aws-eventschemas/README.md b/packages/@aws-cdk/aws-eventschemas/README.md index f20b96e145ca5..84b02b1657fa4 100644 --- a/packages/@aws-cdk/aws-eventschemas/README.md +++ b/packages/@aws-cdk/aws-eventschemas/README.md @@ -1,12 +1,16 @@ -## AWS::EventSchemas Construct Library +# AWS::EventSchemas Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-eventschemas/package.json b/packages/@aws-cdk/aws-eventschemas/package.json index 4d349d1430de6..fe4e491a8ace9 100644 --- a/packages/@aws-cdk/aws-eventschemas/package.json +++ b/packages/@aws-cdk/aws-eventschemas/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::EventSchemas", diff --git a/packages/@aws-cdk/aws-fms/README.md b/packages/@aws-cdk/aws-fms/README.md index 90008887dd6ed..a96ed41040664 100644 --- a/packages/@aws-cdk/aws-fms/README.md +++ b/packages/@aws-cdk/aws-fms/README.md @@ -1,12 +1,16 @@ -## AWS::FMS Construct Library +# AWS::FMS Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-fms/package.json b/packages/@aws-cdk/aws-fms/package.json index 03f60d20301ae..2414df6719d2e 100644 --- a/packages/@aws-cdk/aws-fms/package.json +++ b/packages/@aws-cdk/aws-fms/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::FMS", diff --git a/packages/@aws-cdk/aws-fsx/README.md b/packages/@aws-cdk/aws-fsx/README.md index 7a6ce6d03c502..bcb2497f145ff 100644 --- a/packages/@aws-cdk/aws-fsx/README.md +++ b/packages/@aws-cdk/aws-fsx/README.md @@ -1,16 +1,24 @@ -## Amazon FSx Construct Library +# Amazon FSx Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + [Amazon FSx](https://docs.aws.amazon.com/fsx/?id=docs_gateway) provides fully managed third-party file systems with the diff --git a/packages/@aws-cdk/aws-fsx/package.json b/packages/@aws-cdk/aws-fsx/package.json index c68f58d37b967..485a1f3c330f4 100644 --- a/packages/@aws-cdk/aws-fsx/package.json +++ b/packages/@aws-cdk/aws-fsx/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::FSx", diff --git a/packages/@aws-cdk/aws-gamelift/README.md b/packages/@aws-cdk/aws-gamelift/README.md index 1f4430ef14d1d..2c912d4a2f830 100644 --- a/packages/@aws-cdk/aws-gamelift/README.md +++ b/packages/@aws-cdk/aws-gamelift/README.md @@ -1,12 +1,16 @@ -## Amazon GameLift Construct Library +# Amazon GameLift Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-gamelift/package.json b/packages/@aws-cdk/aws-gamelift/package.json index 34a9f1cfed840..a43def9979e29 100644 --- a/packages/@aws-cdk/aws-gamelift/package.json +++ b/packages/@aws-cdk/aws-gamelift/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::GameLift", diff --git a/packages/@aws-cdk/aws-globalaccelerator/README.md b/packages/@aws-cdk/aws-globalaccelerator/README.md index 7d32fc8c72bae..d959a2e9238ad 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/README.md +++ b/packages/@aws-cdk/aws-globalaccelerator/README.md @@ -1,27 +1,35 @@ -## AWS::GlobalAccelerator Construct Library +# AWS::GlobalAccelerator Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ## Introduction AWS Global Accelerator (AGA) is a service that improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers or Amazon EC2 instances. -This module supports features under [AWS Global Accelerator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_GlobalAccelerator.html) that allows users set up resources using the `@aws-cdk/aws-globalaccelerator` module. +This module supports features under [AWS Global Accelerator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_GlobalAccelerator.html) that allows users set up resources using the `@aws-cdk/aws-globalaccelerator` module. ## Accelerator -The `Accelerator` resource is a Global Accelerator resource type that contains information about how you create an accelerator. An accelerator includes one or more listeners that process inbound connections and direct traffic to one or more endpoint groups, each of which includes endpoints, such as Application Load Balancers, Network Load Balancers, and Amazon EC2 instances. +The `Accelerator` resource is a Global Accelerator resource type that contains information about how you create an accelerator. An accelerator includes one or more listeners that process inbound connections and direct traffic to one or more endpoint groups, each of which includes endpoints, such as Application Load Balancers, Network Load Balancers, and Amazon EC2 instances. To create the `Accelerator`: @@ -34,7 +42,7 @@ new globalaccelerator.Accelerator(stack, 'Accelerator'); ## Listener -The `Listener` resource is a Global Accelerator resource type that contains information about how you create a listener to process inbound connections from clients to an accelerator. Connections arrive to assigned static IP addresses on a port, port range, or list of port ranges that you specify. +The `Listener` resource is a Global Accelerator resource type that contains information about how you create a listener to process inbound connections from clients to an accelerator. Connections arrive to assigned static IP addresses on a port, port range, or list of port ranges that you specify. To create the `Listener` listening on TCP 80: @@ -53,7 +61,7 @@ new globalaccelerator.Listener(stack, 'Listener', { ## EndpointGroup -The `EndpointGroup` resource is a Global Accelerator resource type that contains information about how you create an endpoint group for the specified listener. An endpoint group is a collection of endpoints in one AWS Region. +The `EndpointGroup` resource is a Global Accelerator resource type that contains information about how you create an endpoint group for the specified listener. An endpoint group is a collection of endpoints in one AWS Region. To create the `EndpointGroup`: @@ -97,15 +105,15 @@ endpointGroup.addEndpoint('InstanceEndpoint2', instances[1].instanceId); ## Accelerator Security Groups When using certain AGA features (client IP address preservation), AGA creates elastic network interfaces (ENI) in your AWS account which are -associated with a Security Group, and which are reused for all AGAs associated with that VPC. Per the -[best practices](https://docs.aws.amazon.com/global-accelerator/latest/dg/best-practices-aga.html) page, AGA creates a specific security group -called `GlobalAccelerator` for each VPC it has an ENI in. You can use the security group created by AGA as a source group in other security +associated with a Security Group, and which are reused for all AGAs associated with that VPC. Per the +[best practices](https://docs.aws.amazon.com/global-accelerator/latest/dg/best-practices-aga.html) page, AGA creates a specific security group +called `GlobalAccelerator` for each VPC it has an ENI in. You can use the security group created by AGA as a source group in other security groups, such as those for EC2 instances or Elastic Load Balancers, in order to implement least-privilege security group rules. CloudFormation doesn't support referencing the security group created by AGA. CDK has a library that enables you to reference the AGA security group for a VPC using an AwsCustomResource. -``` +```ts const vpc = new Vpc(stack, 'VPC', {}); const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: false }); const accelerator = new ga.Accelerator(stack, 'Accelerator'); @@ -127,4 +135,4 @@ const agaSg = ga.AcceleratorSecurityGroup.fromVpc(stack, 'GlobalAcceleratorSG', // Allow connections from the AGA to the ALB alb.connections.allowFrom(agaSg, Port.tcp(443)); -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/aws-globalaccelerator/package.json b/packages/@aws-cdk/aws-globalaccelerator/package.json index 8809ee1ada608..945d312b2dc02 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/package.json +++ b/packages/@aws-cdk/aws-globalaccelerator/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::GlobalAccelerator", diff --git a/packages/@aws-cdk/aws-glue/README.md b/packages/@aws-cdk/aws-glue/README.md index d7bb3cad73639..77ee00834ddd7 100644 --- a/packages/@aws-cdk/aws-glue/README.md +++ b/packages/@aws-cdk/aws-glue/README.md @@ -1,21 +1,29 @@ -## AWS Glue Construct Library +# AWS Glue Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Database +## Database A `Database` is a logical grouping of `Tables` in the Glue Catalog. @@ -25,7 +33,7 @@ new glue.Database(stack, 'MyDatabase', { }); ``` -### Table +## Table A Glue table describes a table of data in S3: its structure (column names and types), location of data (S3 objects with a common prefix in a S3 bucket), and format for the files (Json, Avro, Parquet, etc.): @@ -40,7 +48,7 @@ new glue.Table(stack, 'MyTable', { name: 'col2', type: glue.Schema.array(Schema.STRING), comment: 'col2 is an array of strings' // comment is optional - }] + }], dataFormat: glue.DataFormat.JSON }); ``` @@ -57,7 +65,7 @@ new glue.Table(stack, 'MyTable', { By default, an S3 bucket will be created to store the table's data and stored in the bucket root. You can also manually pass the `bucket` and `s3Prefix`: -#### Partitions +### Partitions To improve query performance, a table can specify `partitionKeys` on which data is stored and queried separately. For example, you might partition a table by `year` and `month` to optimize queries based on a time window: @@ -80,17 +88,20 @@ new glue.Table(stack, 'MyTable', { }); ``` -### [Encryption](https://docs.aws.amazon.com/athena/latest/ug/encryption.html) +## [Encryption](https://docs.aws.amazon.com/athena/latest/ug/encryption.html) You can enable encryption on a Table's data: + * `Unencrypted` - files are not encrypted. The default encryption setting. * [S3Managed](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) - Server side encryption (`SSE-S3`) with an Amazon S3-managed key. + ```ts new glue.Table(stack, 'MyTable', { encryption: glue.TableEncryption.S3_MANAGED ... }); ``` + * [Kms](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) - Server-side encryption (`SSE-KMS`) with an AWS KMS Key managed by the account owner. ```ts @@ -107,14 +118,18 @@ new glue.Table(stack, 'MyTable', { ... }); ``` + * [KmsManaged](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) - Server-side encryption (`SSE-KMS`), like `Kms`, except with an AWS KMS Key managed by the AWS Key Management Service. + ```ts new glue.Table(stack, 'MyTable', { encryption: glue.TableEncryption.KMS_MANAGED ... }); ``` + * [ClientSideKms](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html#client-side-encryption-kms-managed-master-key-intro) - Client-side encryption (`CSE-KMS`) with an AWS KMS Key managed by the account owner. + ```ts // KMS key is created automatically new glue.Table(stack, 'MyTable', { @@ -132,7 +147,7 @@ new glue.Table(stack, 'MyTable', { *Note: you cannot provide a `Bucket` when creating the `Table` if you wish to use server-side encryption (`KMS`, `KMS_MANAGED` or `S3_MANAGED`)*. -### Types +## Types A table's schema is a collection of columns, each of which have a `name` and a `type`. Types are recursive structures, consisting of primitive and complex types: @@ -163,9 +178,10 @@ new glue.Table(stack, 'MyTable', { ... ``` -#### Primitives +### Primitives + +#### Numeric -##### Numeric | Name | Type | Comments | |----------- |---------- |------------------------------------------------------------------------------------------------------------------ | | FLOAT | Constant | A 32-bit single-precision floating point number | @@ -175,14 +191,14 @@ new glue.Table(stack, 'MyTable', { | SMALL_INT | Constant | A 16-bit signed INTEGER in two’s complement format, with a minimum value of -2^15 and a maximum value of 2^15-1 | | TINY_INT | Constant | A 8-bit signed INTEGER in two’s complement format, with a minimum value of -2^7 and a maximum value of 2^7-1 | -##### Date and time +#### Date and time | Name | Type | Comments | |----------- |---------- |------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | DATE | Constant | A date in UNIX format, such as YYYY-MM-DD. | | TIMESTAMP | Constant | Date and time instant in the UNiX format, such as yyyy-mm-dd hh:mm:ss[.f...]. For example, TIMESTAMP '2008-09-15 03:04:05.324'. This format uses the session time zone. | -##### String +#### String | Name | Type | Comments | |-------------------------------------------- |---------- |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -191,14 +207,14 @@ new glue.Table(stack, 'MyTable', { | char(length: number) | Function | Fixed length character data, with a specified length between 1 and 255, such as char(10) | | varchar(length: number) | Function | Variable length character data, with a specified length between 1 and 65535, such as varchar(10) | -##### Miscellaneous +#### Miscellaneous | Name | Type | Comments | |--------- |---------- |------------------------------- | | BOOLEAN | Constant | Values are `true` and `false` | | BINARY | Constant | Value is in binary | -#### Complex +### Complex | Name | Type | Comments | |------------------------------------- |---------- |------------------------------------------------------------------- | diff --git a/packages/@aws-cdk/aws-glue/package.json b/packages/@aws-cdk/aws-glue/package.json index f8d190cad4a41..53071428690fb 100644 --- a/packages/@aws-cdk/aws-glue/package.json +++ b/packages/@aws-cdk/aws-glue/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Glue", diff --git a/packages/@aws-cdk/aws-greengrass/README.md b/packages/@aws-cdk/aws-greengrass/README.md index af3bf2cee4f42..ca6177fcab834 100644 --- a/packages/@aws-cdk/aws-greengrass/README.md +++ b/packages/@aws-cdk/aws-greengrass/README.md @@ -1,12 +1,16 @@ -## AWS IoT Greengrass Construct Library +# AWS IoT Greengrass Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-greengrass/package.json b/packages/@aws-cdk/aws-greengrass/package.json index 8a7c7a23426a4..9ac1e1e9bcfe8 100644 --- a/packages/@aws-cdk/aws-greengrass/package.json +++ b/packages/@aws-cdk/aws-greengrass/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Greengrass", diff --git a/packages/@aws-cdk/aws-guardduty/README.md b/packages/@aws-cdk/aws-guardduty/README.md index 09b39f85698d4..aa7ad63e9bef0 100644 --- a/packages/@aws-cdk/aws-guardduty/README.md +++ b/packages/@aws-cdk/aws-guardduty/README.md @@ -1,12 +1,16 @@ -## Amazon GuardDuty Construct Library +# Amazon GuardDuty Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-guardduty/package.json b/packages/@aws-cdk/aws-guardduty/package.json index 3a6f77234396e..e4008753c6578 100644 --- a/packages/@aws-cdk/aws-guardduty/package.json +++ b/packages/@aws-cdk/aws-guardduty/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::GuardDuty", diff --git a/packages/@aws-cdk/aws-iam/README.md b/packages/@aws-cdk/aws-iam/README.md index 1cc8740b89927..a676af6352cf2 100644 --- a/packages/@aws-cdk/aws-iam/README.md +++ b/packages/@aws-cdk/aws-iam/README.md @@ -1,5 +1,6 @@ -## AWS Identity and Access Management Construct Library +# AWS Identity and Access Management Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Define a role and add permissions to it. This will automatically create and @@ -23,22 +25,22 @@ Managed policies can be attached using `xxx.addManagedPolicy(ManagedPolicy.fromA [attaching managed policies](test/example.managedpolicy.lit.ts) -### Granting permissions to resources +## Granting permissions to resources Many of the AWS CDK resources have `grant*` methods that allow you to grant other resources access to that resource. As an example, the following code gives a Lambda function write permissions (Put, Update, Delete) to a DynamoDB table. -```typescript -const fn = new lambda.Function(...); -const table = new dynamodb.Table(...); +```ts +const fn = new lambda.Function(this, 'Function', functionProps); +const table = new dynamodb.Table(this, 'Table', tableProps); table.grantWriteData(fn); ``` The more generic `grant` method allows you to give specific permissions to a resource: -```typescript -const fn = new lambda.Function(...); -const table = new dynamodb.Table(...); +```ts +const fn = new lambda.Function(this, 'Function', functionProps); +const table = new dynamodb.Table(this, 'Table', tableProps); table.grant(fn, 'dynamodb:PutItem'); ``` @@ -47,7 +49,7 @@ The `grant*` methods accept an `IGrantable` object. This interface is implemente You can find which `grant*` methods exist for a resource in the [AWS CDK API Reference](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-construct-library.html). -### Roles +## Roles Many AWS resources require *Roles* to operate. These Roles define the AWS API calls an instance or other AWS service is allowed to make. @@ -66,7 +68,7 @@ an *AWS Lambda Function*, the Pipeline's Role will automatically get or if you explicitly grant permissions using `grant` functions (see the previous section). -#### Opting out of automatic permissions management +### Opting out of automatic permissions management You may prefer to manage a Role's permissions yourself instead of having the CDK automatically manage them for you. This may happen in one of the @@ -98,12 +100,12 @@ new codepipeline.Pipeline(this, 'Pipeline', { // You now have to manage the Role policies yourself role.addToPolicy(new iam.PolicyStatement({ - action: [/* whatever actions you want */], - resource: [/* whatever resources you intend to touch */], -}); + actions: [/* whatever actions you want */], + resources: [/* whatever resources you intend to touch */], +})); ``` -#### Using existing roles +### Using existing roles If there are Roles in your account that have already been created which you would like to use in your CDK application, you can use `Role.fromRoleArn` to @@ -118,7 +120,7 @@ const role = iam.Role.fromRoleArn(this, 'Role', 'arn:aws:iam::123456789012:role/ }); ``` -### Configuring an ExternalId +## Configuring an ExternalId If you need to create Roles that will be assumed by third parties, it is generally a good idea to [require an `ExternalId` to assume them](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html). Configuring @@ -126,7 +128,7 @@ an `ExternalId` works like this: [supplying an external ID](test/example.external-id.lit.ts) -### Principals vs Identities +## Principals vs Identities When we say *Principal*, we mean an entity you grant permissions to. This entity can be an AWS Service, a Role, or something more abstract such as "all @@ -134,7 +136,7 @@ users in this account" or even "all users in this organization". An *Identity* is an IAM representing a single IAM entity that can have a policy attached, one of `Role`, `User`, or `Group`. -### IAM Principals +## IAM Principals When defining policy statements as part of an AssumeRole policy or as part of a resource policy, statements would usually refer to a specific IAM principal @@ -160,7 +162,7 @@ To add a principal to a policy statement you can either use the abstract If multiple principals are added to the policy statement, they will be merged together: ```ts -const statement = new PolicyStatement(); +const statement = new iam.PolicyStatement(); statement.addServicePrincipal('cloudwatch.amazonaws.com'); statement.addServicePrincipal('ec2.amazonaws.com'); statement.addArnPrincipal('arn:aws:boom:boom'); @@ -214,7 +216,7 @@ const principal = new iam.WebIdentityPrincipal('cognito-identity.amazonaws.com') }); ``` -### Parsing JSON Policy Documents +## Parsing JSON Policy Documents The `PolicyDocument.fromJson` and `PolicyStatement.fromJson` static methods can be used to parse JSON objects. For example: @@ -250,19 +252,19 @@ const policyDocument = { ] }; -const customPolicyDocument = PolicyDocument.fromJson(policyDocument); +const customPolicyDocument = iam.PolicyDocument.fromJson(policyDocument); // You can pass this document as an initial document to a ManagedPolicy // or inline Policy. -const newManagedPolicy = new ManagedPolicy(stack, 'MyNewManagedPolicy', { +const newManagedPolicy = new ManagedPolicy(stack, 'MyNewManagedPolicy', { document: customPolicyDocument }); -const newPolicy = new Policy(stack, 'MyNewPolicy', { +const newPolicy = new Policy(stack, 'MyNewPolicy', { document: customPolicyDocument }); ``` -### OpenID Connect Providers +## OpenID Connect Providers OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the [OpenID Connect] (OIDC) standard, such @@ -283,9 +285,9 @@ The following examples defines an OpenID Connect provider. Two client IDs https://openid/connect. ```ts -const provider = new OpenIdConnectProvider(this, 'MyProvider', { +const provider = new iam.OpenIdConnectProvider(this, 'MyProvider', { url: 'https://openid/connect', - clients: [ 'myclient1', 'myclient2' ] + clientIds: [ 'myclient1', 'myclient2' ], }); ``` @@ -302,21 +304,23 @@ you can reference the provider's ARN as follows: ```ts new cognito.CfnIdentityPool(this, 'IdentityPool', { - openIdConnectProviderARNs: [ provider.openIdConnectProviderArn ] + openIdConnectProviderArns: [myProvider.openIdConnectProviderArn], + // And the other properties for your identity pool + allowUnauthenticatedIdentities, }); ``` The `OpenIdConnectPrincipal` class can be used as a principal used with a `OpenIdConnectProvider`, for example: ```ts -const provider = new OpenIdConnectProvider(this, 'MyProvider', { +const provider = new iam.OpenIdConnectProvider(this, 'MyProvider', { url: 'https://openid/connect', - clients: [ 'myclient1', 'myclient2' ] + clientIds: [ 'myclient1', 'myclient2' ] }); const principal = new iam.OpenIdConnectPrincipal(provider); ``` -### Features +## Features * Policy name uniqueness is enforced. If two policies by the same name are attached to the same principal, the attachment will fail. diff --git a/packages/@aws-cdk/aws-iam/lib/oidc-provider.ts b/packages/@aws-cdk/aws-iam/lib/oidc-provider.ts index ba2ebc880893d..91c221ec55652 100644 --- a/packages/@aws-cdk/aws-iam/lib/oidc-provider.ts +++ b/packages/@aws-cdk/aws-iam/lib/oidc-provider.ts @@ -1,13 +1,12 @@ import * as path from 'path'; import { + Arn, CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, IResource, Resource, - Stack, Token, - Fn, } from '@aws-cdk/core'; import { Construct } from 'constructs'; @@ -113,15 +112,7 @@ export class OpenIdConnectProvider extends Resource implements IOpenIdConnectPro * @param openIdConnectProviderArn the ARN to import */ public static fromOpenIdConnectProviderArn(scope: Construct, id: string, openIdConnectProviderArn: string): IOpenIdConnectProvider { - const parsedResourceName = Stack.of(scope).parseArn(openIdConnectProviderArn).resourceName; - if (!parsedResourceName) { - throw new Error(`Invalid arn: ${openIdConnectProviderArn}. Unable to extract issuer url`); - } - - // this needed because TS don't understand that prev. condition - // actually does mutate the type from "string | undefined" to "string" - // inside class definition, - const resourceName = parsedResourceName; + const resourceName = Arn.extractResourceName(openIdConnectProviderArn, 'oidc-provider'); class Import extends Resource implements IOpenIdConnectProvider { public readonly openIdConnectProviderArn = openIdConnectProviderArn; @@ -158,7 +149,7 @@ export class OpenIdConnectProvider extends Resource implements IOpenIdConnectPro }); this.openIdConnectProviderArn = Token.asString(resource.ref); - this.openIdConnectProviderIssuer = Fn.select(1, Fn.split('oidc-provider/', this.openIdConnectProviderArn)); + this.openIdConnectProviderIssuer = Arn.extractResourceName(this.openIdConnectProviderArn, 'oidc-provider'); } private getOrCreateProvider() { diff --git a/packages/@aws-cdk/aws-iam/package.json b/packages/@aws-cdk/aws-iam/package.json index 5f8eb193f2539..aca4f4a77e613 100644 --- a/packages/@aws-cdk/aws-iam/package.json +++ b/packages/@aws-cdk/aws-iam/package.json @@ -30,7 +30,14 @@ ] } }, - "projectReferences": true + "projectReferences": true, + "metadata": { + "jsii": { + "rosetta": { + "strict": true + } + } + } }, "repository": { "type": "git", @@ -50,7 +57,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IAM", diff --git a/packages/@aws-cdk/aws-iam/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-iam/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..a76493f53c694 --- /dev/null +++ b/packages/@aws-cdk/aws-iam/rosetta/default.ts-fixture @@ -0,0 +1,19 @@ +import { Construct } from '@aws-cdk/core'; +import * as codepipeline from '@aws-cdk/aws-codepipeline'; +import * as cognito from '@aws-cdk/aws-cognito'; +import * as dynamodb from '@aws-cdk/aws-dynamodb'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as iam from '@aws-cdk/aws-iam'; + +declare const allowUnauthenticatedIdentities: boolean; +declare const functionProps: lambda.FunctionProps; +declare const myProvider: iam.OpenIdConnectProvider; +declare const tableProps: dynamodb.TableProps; + +class fixture$construct extends Construct { + public constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/@aws-cdk/aws-iam/test/oidc-provider.test.ts b/packages/@aws-cdk/aws-iam/test/oidc-provider.test.ts index 4f157be9ab191..b0beb5d5843f1 100644 --- a/packages/@aws-cdk/aws-iam/test/oidc-provider.test.ts +++ b/packages/@aws-cdk/aws-iam/test/oidc-provider.test.ts @@ -1,5 +1,5 @@ import '@aws-cdk/assert/jest'; -import { App, Stack } from '@aws-cdk/core'; +import { App, Stack, Token } from '@aws-cdk/core'; import * as sinon from 'sinon'; import * as iam from '../lib'; import { arrayDiff } from '../lib/oidc-provider/diff'; @@ -402,11 +402,11 @@ describe('OIDC issuer', () => { // THEN expect(stack.resolve(provider.openIdConnectProviderIssuer)).toStrictEqual( - { 'Fn::Select': [1, { 'Fn::Split': ['oidc-provider/', { Ref: 'MyProvider730BA1C8' }] }] }, + { 'Fn::Select': [1, { 'Fn::Split': [':oidc-provider/', { Ref: 'MyProvider730BA1C8' }] }] }, ); }); - test('extract issuer properly in the imported provider', () => { + test('extract issuer properly in a literal imported provider', () => { // GIVEN const stack = new Stack(); @@ -416,6 +416,19 @@ describe('OIDC issuer', () => { // THEN expect(stack.resolve(provider.openIdConnectProviderIssuer)).toStrictEqual('oidc.eks.us-east-1.amazonaws.com/id/someid'); }); + + test('extract issuer properly in a Token imported provider', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const provider = iam.OpenIdConnectProvider.fromOpenIdConnectProviderArn(stack, 'MyProvider', Token.asString({ Ref: 'ARN' })); + + // THEN + expect(stack.resolve(provider.openIdConnectProviderIssuer)).toStrictEqual({ + 'Fn::Select': [1, { 'Fn::Split': [':oidc-provider/', { Ref: 'ARN' }] }], + }); + }); }); async function invokeHandler(event: Partial) { diff --git a/packages/@aws-cdk/aws-imagebuilder/README.md b/packages/@aws-cdk/aws-imagebuilder/README.md index ef5f4bc99f7fa..0d2596a505862 100644 --- a/packages/@aws-cdk/aws-imagebuilder/README.md +++ b/packages/@aws-cdk/aws-imagebuilder/README.md @@ -1,12 +1,16 @@ -## AWS::ImageBuilder Construct Library +# AWS::ImageBuilder Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-imagebuilder/package.json b/packages/@aws-cdk/aws-imagebuilder/package.json index 656f94b3a8c38..2742ce7697bf3 100644 --- a/packages/@aws-cdk/aws-imagebuilder/package.json +++ b/packages/@aws-cdk/aws-imagebuilder/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ImageBuilder", diff --git a/packages/@aws-cdk/aws-inspector/README.md b/packages/@aws-cdk/aws-inspector/README.md index ac5d983c2ce08..52406518d3f50 100644 --- a/packages/@aws-cdk/aws-inspector/README.md +++ b/packages/@aws-cdk/aws-inspector/README.md @@ -1,12 +1,16 @@ -## Amazon Inspector Construct Library +# Amazon Inspector Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-inspector/package.json b/packages/@aws-cdk/aws-inspector/package.json index 942136fe80fe9..86170a7e0c04c 100644 --- a/packages/@aws-cdk/aws-inspector/package.json +++ b/packages/@aws-cdk/aws-inspector/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Inspector", diff --git a/packages/@aws-cdk/aws-iot/README.md b/packages/@aws-cdk/aws-iot/README.md index 14195b08d2692..7334c9d4e108e 100644 --- a/packages/@aws-cdk/aws-iot/README.md +++ b/packages/@aws-cdk/aws-iot/README.md @@ -1,12 +1,16 @@ -## AWS IoT Construct Library +# AWS IoT Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-iot/package.json b/packages/@aws-cdk/aws-iot/package.json index bed4728e5c214..be216a8faee2d 100644 --- a/packages/@aws-cdk/aws-iot/package.json +++ b/packages/@aws-cdk/aws-iot/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoT", diff --git a/packages/@aws-cdk/aws-iot1click/README.md b/packages/@aws-cdk/aws-iot1click/README.md index 59528dce9dc3b..91c7751093fe1 100644 --- a/packages/@aws-cdk/aws-iot1click/README.md +++ b/packages/@aws-cdk/aws-iot1click/README.md @@ -1,12 +1,16 @@ -## AWS IoT 1-Click Construct Library +# AWS IoT 1-Click Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-iot1click/package.json b/packages/@aws-cdk/aws-iot1click/package.json index 432f684d92488..335455eb17d37 100644 --- a/packages/@aws-cdk/aws-iot1click/package.json +++ b/packages/@aws-cdk/aws-iot1click/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoT1Click", diff --git a/packages/@aws-cdk/aws-iotanalytics/README.md b/packages/@aws-cdk/aws-iotanalytics/README.md index 866f2024bebd0..f618a736f9c63 100644 --- a/packages/@aws-cdk/aws-iotanalytics/README.md +++ b/packages/@aws-cdk/aws-iotanalytics/README.md @@ -1,12 +1,16 @@ -## AWS IoT Analytics Construct Library +# AWS IoT Analytics Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-iotanalytics/package.json b/packages/@aws-cdk/aws-iotanalytics/package.json index 8060f4bf31e3f..3339cb21c96a5 100644 --- a/packages/@aws-cdk/aws-iotanalytics/package.json +++ b/packages/@aws-cdk/aws-iotanalytics/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoTAnalytics", diff --git a/packages/@aws-cdk/aws-iotevents/README.md b/packages/@aws-cdk/aws-iotevents/README.md index 6c06b5936c778..e750952ae5550 100644 --- a/packages/@aws-cdk/aws-iotevents/README.md +++ b/packages/@aws-cdk/aws-iotevents/README.md @@ -1,12 +1,16 @@ -## AWS::IoTEvents Construct Library +# AWS::IoTEvents Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-iotevents/package.json b/packages/@aws-cdk/aws-iotevents/package.json index 93e91d3009149..894a4444c427b 100644 --- a/packages/@aws-cdk/aws-iotevents/package.json +++ b/packages/@aws-cdk/aws-iotevents/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoTEvents", diff --git a/packages/@aws-cdk/aws-iotsitewise/README.md b/packages/@aws-cdk/aws-iotsitewise/README.md index c92df247f85b4..a793ab3aa3f8e 100644 --- a/packages/@aws-cdk/aws-iotsitewise/README.md +++ b/packages/@aws-cdk/aws-iotsitewise/README.md @@ -1,12 +1,16 @@ -## AWS::IoTSiteWise Construct Library +# AWS::IoTSiteWise Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-iotsitewise/package.json b/packages/@aws-cdk/aws-iotsitewise/package.json index 8291616094fca..08126c3b4a3fe 100644 --- a/packages/@aws-cdk/aws-iotsitewise/package.json +++ b/packages/@aws-cdk/aws-iotsitewise/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoTSiteWise", diff --git a/packages/@aws-cdk/aws-iotthingsgraph/README.md b/packages/@aws-cdk/aws-iotthingsgraph/README.md index dc14e05f30879..a8f6689bbd794 100644 --- a/packages/@aws-cdk/aws-iotthingsgraph/README.md +++ b/packages/@aws-cdk/aws-iotthingsgraph/README.md @@ -1,12 +1,16 @@ -## AWS IoT Things Graph Construct Library +# AWS IoT Things Graph Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-iotthingsgraph/package.json b/packages/@aws-cdk/aws-iotthingsgraph/package.json index 4ab7df4c160e2..2e9108ec10b42 100644 --- a/packages/@aws-cdk/aws-iotthingsgraph/package.json +++ b/packages/@aws-cdk/aws-iotthingsgraph/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IoTThingsGraph", diff --git a/packages/@aws-cdk/aws-ivs/README.md b/packages/@aws-cdk/aws-ivs/README.md index 0e8b591f39c21..8ebb729640cf4 100644 --- a/packages/@aws-cdk/aws-ivs/README.md +++ b/packages/@aws-cdk/aws-ivs/README.md @@ -1,12 +1,16 @@ -## AWS::IVS Construct Library +# AWS::IVS Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-ivs/package.json b/packages/@aws-cdk/aws-ivs/package.json index ea872b6960b3f..e45a537ce9e02 100644 --- a/packages/@aws-cdk/aws-ivs/package.json +++ b/packages/@aws-cdk/aws-ivs/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::IVS", diff --git a/packages/@aws-cdk/aws-kendra/README.md b/packages/@aws-cdk/aws-kendra/README.md index 8a71d718fa68a..32663d6737fe4 100644 --- a/packages/@aws-cdk/aws-kendra/README.md +++ b/packages/@aws-cdk/aws-kendra/README.md @@ -1,12 +1,16 @@ -## AWS::Kendra Construct Library +# AWS::Kendra Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-kendra/package.json b/packages/@aws-cdk/aws-kendra/package.json index 17008caafbb38..27fe34bbe973b 100644 --- a/packages/@aws-cdk/aws-kendra/package.json +++ b/packages/@aws-cdk/aws-kendra/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Kendra", diff --git a/packages/@aws-cdk/aws-kinesis/README.md b/packages/@aws-cdk/aws-kinesis/README.md index ec0a4eb19b3bc..ebf5bdb74e3ae 100644 --- a/packages/@aws-cdk/aws-kinesis/README.md +++ b/packages/@aws-cdk/aws-kinesis/README.md @@ -1,5 +1,6 @@ -## Amazon Kinesis Construct Library +# Amazon Kinesis Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + [Amazon Kinesis](https://docs.aws.amazon.com/streams/latest/dev/introduction.html) provides collection and processing of large diff --git a/packages/@aws-cdk/aws-kinesis/lib/stream.ts b/packages/@aws-cdk/aws-kinesis/lib/stream.ts index 90263b9d0286a..a0e7acef57594 100644 --- a/packages/@aws-cdk/aws-kinesis/lib/stream.ts +++ b/packages/@aws-cdk/aws-kinesis/lib/stream.ts @@ -263,8 +263,8 @@ export class Stream extends StreamBase { const shardCount = props.shardCount || 1; const retentionPeriodHours = props.retentionPeriod?.toHours() ?? 24; if (!Token.isUnresolved(retentionPeriodHours)) { - if (retentionPeriodHours < 24 || retentionPeriodHours > 168) { - throw new Error(`retentionPeriod must be between 24 and 168 hours. Received ${retentionPeriodHours}`); + if (retentionPeriodHours < 24 || retentionPeriodHours > 8760) { + throw new Error(`retentionPeriod must be between 24 and 8760 hours. Received ${retentionPeriodHours}`); } } diff --git a/packages/@aws-cdk/aws-kinesis/package.json b/packages/@aws-cdk/aws-kinesis/package.json index 26afdf4601d49..3fa0c93ec77f1 100644 --- a/packages/@aws-cdk/aws-kinesis/package.json +++ b/packages/@aws-cdk/aws-kinesis/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Kinesis", diff --git a/packages/@aws-cdk/aws-kinesis/test/stream.test.ts b/packages/@aws-cdk/aws-kinesis/test/stream.test.ts index c4b5556ce3c99..b9bcf8b92bca8 100644 --- a/packages/@aws-cdk/aws-kinesis/test/stream.test.ts +++ b/packages/@aws-cdk/aws-kinesis/test/stream.test.ts @@ -250,18 +250,18 @@ describe('Kinesis data streams', () => { }); }), - test('retention period must be between 24 and 168 hours', () => { + test('retention period must be between 24 and 8760 hours', () => { expect(() => { new Stream(new Stack(), 'MyStream', { - retentionPeriod: Duration.hours(169), + retentionPeriod: Duration.hours(8761), }); - }).toThrow(/retentionPeriod must be between 24 and 168 hours. Received 169/); + }).toThrow(/retentionPeriod must be between 24 and 8760 hours. Received 8761/); expect(() => { new Stream(new Stack(), 'MyStream', { retentionPeriod: Duration.hours(23), }); - }).toThrow(/retentionPeriod must be between 24 and 168 hours. Received 23/); + }).toThrow(/retentionPeriod must be between 24 and 8760 hours. Received 23/); }), test('uses Kinesis master key if MANAGED encryption type is provided', () => { @@ -1292,7 +1292,7 @@ describe('Kinesis data streams', () => { type: 'Number', default: 48, minValue: 24, - maxValue: 168, + maxValue: 8760, }); new Stream(stack, 'MyStream', { @@ -1304,7 +1304,7 @@ describe('Kinesis data streams', () => { myretentionperiod: { Type: 'Number', Default: 48, - MaxValue: 168, + MaxValue: 8760, MinValue: 24, }, }, diff --git a/packages/@aws-cdk/aws-kinesisanalytics/README.md b/packages/@aws-cdk/aws-kinesisanalytics/README.md index 53c28c92ab5d9..e65b812cefc97 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics/README.md +++ b/packages/@aws-cdk/aws-kinesisanalytics/README.md @@ -1,12 +1,16 @@ -## Amazon Kinesis Data Analytics Construct Library +# Amazon Kinesis Data Analytics Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-kinesisanalytics/package.json b/packages/@aws-cdk/aws-kinesisanalytics/package.json index db138e371caff..2488c436bd3c3 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics/package.json +++ b/packages/@aws-cdk/aws-kinesisanalytics/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": [ diff --git a/packages/@aws-cdk/aws-kinesisfirehose/README.md b/packages/@aws-cdk/aws-kinesisfirehose/README.md index a9ff58880ad98..9c4d9f96c6f36 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose/README.md +++ b/packages/@aws-cdk/aws-kinesisfirehose/README.md @@ -1,12 +1,16 @@ -## Amazon Kinesis Data Firehose Construct Library +# Amazon Kinesis Data Firehose Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-kinesisfirehose/package.json b/packages/@aws-cdk/aws-kinesisfirehose/package.json index 8ee3142abb608..69c3ac1385552 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose/package.json +++ b/packages/@aws-cdk/aws-kinesisfirehose/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::KinesisFirehose", diff --git a/packages/@aws-cdk/aws-kms/README.md b/packages/@aws-cdk/aws-kms/README.md index 5bd6f5e6f1474..0f9c4c6df67cc 100644 --- a/packages/@aws-cdk/aws-kms/README.md +++ b/packages/@aws-cdk/aws-kms/README.md @@ -1,5 +1,6 @@ -## AWS Key Management Service Construct Library +# AWS Key Management Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Define a KMS key: @@ -27,7 +29,7 @@ key.addAlias('alias/foo'); key.addAlias('alias/bar'); ``` -### Sharing keys between stacks +## Sharing keys between stacks > see Trust Account Identities for additional details @@ -37,7 +39,7 @@ pass the construct to the other stack: [sharing key between stacks](test/integ.key-sharing.lit.ts) -### Importing existing keys +## Importing existing keys > see Trust Account Identities for additional details @@ -70,7 +72,7 @@ Note that calls to `addToResourcePolicy` and `grant*` methods on `myKeyAlias` wi no-ops, and `addAlias` and `aliasTargetKey` will fail, as the imported alias does not have a reference to the underlying KMS Key. -### Trust Account Identities +## Trust Account Identities KMS keys can be created to trust IAM policies. This is the default behavior in the console and is described diff --git a/packages/@aws-cdk/aws-kms/package.json b/packages/@aws-cdk/aws-kms/package.json index a4c21a6c4ae03..d9c0c40fc3239 100644 --- a/packages/@aws-cdk/aws-kms/package.json +++ b/packages/@aws-cdk/aws-kms/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::KMS", diff --git a/packages/@aws-cdk/aws-lakeformation/README.md b/packages/@aws-cdk/aws-lakeformation/README.md index b8f496983be3b..d2e2e6c205e98 100644 --- a/packages/@aws-cdk/aws-lakeformation/README.md +++ b/packages/@aws-cdk/aws-lakeformation/README.md @@ -1,12 +1,16 @@ -## AWS::LakeFormation Construct Library +# AWS::LakeFormation Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-lakeformation/package.json b/packages/@aws-cdk/aws-lakeformation/package.json index ada1aff6d4701..22b480da5f72b 100644 --- a/packages/@aws-cdk/aws-lakeformation/package.json +++ b/packages/@aws-cdk/aws-lakeformation/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::LakeFormation", diff --git a/packages/@aws-cdk/aws-lambda-destinations/README.md b/packages/@aws-cdk/aws-lambda-destinations/README.md index d1a03a4ba5bdd..8459820e9686e 100644 --- a/packages/@aws-cdk/aws-lambda-destinations/README.md +++ b/packages/@aws-cdk/aws-lambda-destinations/README.md @@ -1,10 +1,12 @@ -## Amazon Lambda Destinations Library +# Amazon Lambda Destinations Library + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library provides constructs for adding destinations to a Lambda function. @@ -37,6 +39,7 @@ const myFn = new lambda.Function(this, 'Fn', { See also [Configuring Destinations for Asynchronous Invocation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations). ### Invocation record + When a lambda function is configured with a destination, an invocation record is created by the Lambda service when the lambda function completes. The invocation record contains the details of the function, its context, and the request and response payloads. @@ -93,6 +96,7 @@ In case of failure, the record contains the reason and error object: ``` #### Destination-specific JSON format + * For SNS/SQS (`SnsDestionation`/`SqsDestination`), the invocation record JSON is passed as the `Message` to the destination. * For Lambda (`LambdaDestination`), the invocation record JSON is passed as the payload to the function. * For EventBridge (`EventBridgeDestination`), the invocation record JSON is passed as the `detail` in the PutEvents call. @@ -103,6 +107,7 @@ contains the function and destination ARNs. See [AWS Events](https://docs.aws.am for the different event fields. ### Auto-extract response payload with lambda destination + The `responseOnly` option of `LambdaDestination` allows to auto-extract the response payload from the invocation record: diff --git a/packages/@aws-cdk/aws-lambda-destinations/package.json b/packages/@aws-cdk/aws-lambda-destinations/package.json index 3f073267b5d75..701f56d4b33f1 100644 --- a/packages/@aws-cdk/aws-lambda-destinations/package.json +++ b/packages/@aws-cdk/aws-lambda-destinations/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-lambda-event-sources/README.md b/packages/@aws-cdk/aws-lambda-event-sources/README.md index 656d09f56f448..5e1578d9aefd4 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/README.md +++ b/packages/@aws-cdk/aws-lambda-event-sources/README.md @@ -1,10 +1,12 @@ -## AWS Lambda Event Sources +# AWS Lambda Event Sources + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + An event source mapping is an AWS Lambda resource that reads from an event source and invokes a Lambda function. @@ -34,7 +36,7 @@ The `eventSourceId` property contains the event source id. This will be a [token](https://docs.aws.amazon.com/cdk/latest/guide/tokens.html) that will resolve to the final value at the time of deployment. -### SQS +## SQS Amazon Simple Queue Service (Amazon SQS) allows you to build asynchronous workflows. For more information about Amazon SQS, see Amazon Simple Queue @@ -68,7 +70,7 @@ lambda.addEventSource(new SqsEventSource(queue, { })); ``` -### S3 +## S3 You can write Lambda functions to process S3 bucket events, such as the object-created or object-deleted events. For example, when a user uploads a @@ -91,7 +93,7 @@ lambda.addEventSource(new S3EventSource(bucket, { })); ``` -### SNS +## SNS You can write Lambda functions to process Amazon Simple Notification Service notifications. When a message is published to an Amazon SNS topic, the service @@ -130,7 +132,7 @@ times. After three tries, if Amazon SNS still could not successfully invoke the Lambda function, then Amazon SNS will send a delivery status failure message to CloudWatch. -### DynamoDB Streams +## DynamoDB Streams You can write Lambda functions to process change events from a DynamoDB Table. An event is emitted to a DynamoDB stream (if configured) whenever a write (Put, Delete, Update) operation is performed against the table. See [Using AWS Lambda with Amazon DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) for more information about configuring Lambda function event sources with DynamoDB. @@ -171,7 +173,7 @@ function.addEventSource(new DynamoEventSource(table, { })); ``` -### Kinesis +## Kinesis You can write Lambda functions to process streaming data in Amazon Kinesis Streams. For more information about Amazon Kinesis, see [Amazon Kinesis Service](https://aws.amazon.com/kinesis/data-streams/). To learn more about configuring Lambda function event sources with kinesis and view a sample event, diff --git a/packages/@aws-cdk/aws-lambda-event-sources/package.json b/packages/@aws-cdk/aws-lambda-event-sources/package.json index f67c62815bb04..603f3c8b82626 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/package.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-lambda-nodejs/README.md b/packages/@aws-cdk/aws-lambda-nodejs/README.md index 2797329f7de35..66e1a4bcbbcd0 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/README.md +++ b/packages/@aws-cdk/aws-lambda-nodejs/README.md @@ -1,19 +1,26 @@ -## Amazon Lambda Node.js Library +# Amazon Lambda Node.js Library + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This library provides constructs for Node.js Lambda functions. To use this module, you will need to have Docker installed. -### Node.js Function +## Node.js Function + Define a `NodejsFunction`: ```ts @@ -22,7 +29,8 @@ new lambda.NodejsFunction(this, 'my-handler'); By default, the construct will use the name of the defining file and the construct's id to look up the entry file: -``` + +```plaintext . ├── stack.ts # defines a 'NodejsFunction' with 'my-handler' as id ├── stack.my-handler.ts # exports a function named 'handler' @@ -44,31 +52,37 @@ All other properties of `lambda.Function` are supported, see also the [AWS Lambd The `NodejsFunction` construct automatically [reuses existing connections](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-reusing-connections.html) when working with the AWS SDK for JavaScript. Set the `awsSdkConnectionReuse` prop to `false` to disable it. -Use the `bundlingEnvironment` prop to define environments variables when esbuild runs: +Use the `environment` prop under `bundling` to define environments variables when esbuild runs: ```ts new lambda.NodejsFunction(this, 'my-handler', { - bundlingEnvironment: { - NODE_ENV: 'production', + bundling: { + environment: { + NODE_ENV: 'production', + }, }, }); ``` -Use the `buildArgs` prop to pass build arguments when building the bundling image: +Use the `buildArgs` under `bundling` prop to pass build arguments when building the bundling image: ```ts new lambda.NodejsFunction(this, 'my-handler', { - buildArgs: { - HTTPS_PROXY: 'https://127.0.0.1:3001', - }, + bundling: { + buildArgs: { + HTTPS_PROXY: 'https://127.0.0.1:3001', + }, + } }); ``` -Use the `bundlingDockerImage` prop to use a custom bundling image: +Use the `dockerImage` prop under `bundling` to use a custom bundling image: ```ts new lambda.NodejsFunction(this, 'my-handler', { - bundlingDockerImage: dk.BundlingDockerImage.fromAsset('/path/to/Dockerfile'), + bundling: { + dockerImage: cdk.BundlingDockerImage.fromAsset('/path/to/Dockerfile'), + }, }); ``` @@ -78,7 +92,8 @@ should also have `npm` or `yarn` depending on the lock file you're using. Use the [default image provided by `@aws-cdk/aws-lambda-nodejs`](https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-lambda-nodejs/lib/Dockerfile) as a source of inspiration. -### Lock file +## Lock file + The `NodejsFunction` requires a dependencies lock file (`yarn.lock` or `package-lock.json`). When bundling in a Docker container, the path containing this lock file is used as the source (`/asset-input`) for the volume mounted in the @@ -90,32 +105,52 @@ case you need to ensure that this path includes `entry` and any module/dependenc used by your function. Otherwise bundling will fail. ### Configuring esbuild -The `NodejsFunction` construct exposes some [esbuild](https://esbuild.github.io/) options via properties: `minify`, `sourceMaps` and `target`. -### Working with modules +The `NodejsFunction` construct exposes some [esbuild](https://esbuild.github.io/) options via properties under `bundling`: `minify`, `sourceMap`, `target` and `loader`. + +```ts +new lambda.NodejsFunction(this, 'my-handler', { + bundling: { + minify: true, // minify code, defaults to false + sourceMap: true, // include source map, defaults to false + target: 'es2020', // target environment for the generated JavaScript code + loader: { // Use the 'dataurl' loader for '.png' files + '.png': 'dataurl', + }, + }, +}); +``` + +## Working with modules + +### Externals -#### Externals By default, all node modules are bundled except for `aws-sdk`. This can be configured by specifying -the `externalModules` prop. +the `externalModules` prop under `bundling`. ```ts new lambda.NodejsFunction(this, 'my-handler', { - externalModules: [ - 'aws-sdk', // Use the 'aws-sdk' available in the Lambda runtime - 'cool-module', // 'cool-module' is already available in a Layer - ], + bundling: { + externalModules: [ + 'aws-sdk', // Use the 'aws-sdk' available in the Lambda runtime + 'cool-module', // 'cool-module' is already available in a Layer + ], + }, }); ``` -#### Install modules +### Install modules + By default, all node modules referenced in your Lambda code will be bundled by esbuild. -Use the `nodeModules` prop to specify a list of modules that should not be bundled -but instead included in the `node_modules` folder of the Lambda package. This is useful +Use the `nodeModules` prop under `bundling` to specify a list of modules that should not be +bundled but instead included in the `node_modules` folder of the Lambda package. This is useful when working with native dependencies or when esbuild fails to bundle a module. ```ts new lambda.NodejsFunction(this, 'my-handler', { - nodeModules: ['native-module', 'other-module'] + bundling: { + nodeModules: ['native-module', 'other-module'], + }, }); ``` @@ -123,7 +158,8 @@ The modules listed in `nodeModules` must be present in the `package.json`'s depe same version will be used for installation. The lock file (`yarn.lock` or `package-lock.json`) will be used along with the right installer (`yarn` or `npm`). -### Local bundling +## Local bundling + If esbuild is available it will be used to bundle your code in your environment. Otherwise, bundling will happen in a [Lambda compatible Docker container](https://hub.docker.com/r/amazon/aws-sam-cli-build-image-nodejs12.x). @@ -131,16 +167,45 @@ For macOS the recommendend approach is to install esbuild as Docker volume perfo esbuild can be installed with: -```bash +```console $ npm install --save-dev esbuild@0 ``` OR -```bash +```console $ yarn add --dev esbuild@0 ``` To force bundling in a Docker container, set the `forceDockerBundling` prop to `true`. This is useful if your function relies on node modules that should be installed (`nodeModules` prop, see [above](#install-modules)) in a Lambda compatible environment. This is usually the case with modules using native dependencies. + +### Command hooks + +It is possible to run additional commands by specifying the `commandHooks` prop: + +```ts +new lambda.NodejsFunction(this, 'my-handler-with-commands', { + commandHooks: { + // Copy a file so that it will be included in the bundled asset + afterBundling(inputDir: string, outputDir: string): string[] { + return [`cp ${inputDir}/my-binary.node ${outputDir}`]; + } + // ... + } +}); +``` + +The following hooks are available: + +- `beforeBundling`: runs before all bundling commands +- `beforeInstall`: runs before node modules installation +- `afterBundling`: runs after all bundling commands + +They all receive the directory containing the lock file (`inputDir`) and the +directory where the bundled asset will be output (`outputDir`). They must return +an array of commands to run. Commands are chained with `&&`. + +The commands will run in the environment in which bundling occurs: inside the +container for Docker bundling or on the host OS for local bundling. diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile b/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile index 1ae008af898bb..a92d2fd2092cc 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile @@ -16,6 +16,11 @@ RUN mkdir /tmp/npm-cache && \ chmod -R 777 /tmp/npm-cache && \ npm config --global set cache /tmp/npm-cache +# Ensure all users can write to yarn cache +RUN mkdir /tmp/yarn-cache && \ + chmod -R 777 /tmp/yarn-cache && \ + yarn config set cache-folder /tmp/yarn-cache + # Disable npm update notifications RUN npm config --global set update-notifier false diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts index be6789a1b3226..404a29b2fae60 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts @@ -65,14 +65,14 @@ export class Bundling implements cdk.BundlingOptions { this.relativeEntryPath = path.relative(projectRoot, path.resolve(props.entry)); this.externals = [ - ...this.props.externalModules ?? ['aws-sdk'], // Mark aws-sdk as external by default (available in the runtime) - ...this.props.nodeModules ?? [], // Mark the modules that we are going to install as externals also + ...props.externalModules ?? ['aws-sdk'], // Mark aws-sdk as external by default (available in the runtime) + ...props.nodeModules ?? [], // Mark the modules that we are going to install as externals also ]; // Docker bundling const shouldBuildImage = props.forceDockerBundling || !Bundling.runsLocally; this.image = shouldBuildImage - ? props.bundlingDockerImage ?? cdk.BundlingDockerImage.fromAsset(path.join(__dirname, '../lib'), { + ? props.dockerImage ?? cdk.BundlingDockerImage.fromAsset(path.join(__dirname, '../lib'), { buildArgs: { ...props.buildArgs ?? {}, IMAGE: props.runtime.bundlingDockerImage.image, @@ -83,7 +83,7 @@ export class Bundling implements cdk.BundlingOptions { const bundlingCommand = this.createBundlingCommand(cdk.AssetStaging.BUNDLING_INPUT_DIR, cdk.AssetStaging.BUNDLING_OUTPUT_DIR); this.command = ['bash', '-c', bundlingCommand]; - this.environment = props.bundlingEnvironment; + this.environment = props.environment; // Local bundling if (!props.forceDockerBundling) { // only if Docker is not forced @@ -106,7 +106,7 @@ export class Bundling implements cdk.BundlingOptions { localCommand, ], { - env: { ...process.env, ...props.bundlingEnvironment ?? {} }, + env: { ...process.env, ...props.environment ?? {} }, stdio: [ // show output 'ignore', // ignore stdio process.stderr, // redirect stdout to stderr @@ -169,7 +169,13 @@ export class Bundling implements cdk.BundlingOptions { ]); } - return chain([esbuildCommand, depsCommand]); + return chain([ + ...this.props.commandHooks?.beforeBundling(inputDir, outputDir) ?? [], + esbuildCommand, + ...(this.props.nodeModules && this.props.commandHooks?.beforeInstall(inputDir, outputDir)) ?? [], + depsCommand, + ...this.props.commandHooks?.afterBundling(inputDir, outputDir) ?? [], + ]); } } diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/function.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/function.ts index 4145757cfcfb4..a1c7611e64825 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/function.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/function.ts @@ -4,12 +4,12 @@ import * as lambda from '@aws-cdk/aws-lambda'; import * as cdk from '@aws-cdk/core'; import { Bundling } from './bundling'; import { BundlingOptions } from './types'; -import { findUp, LockFile, nodeMajorVersion, parseStackTrace } from './util'; +import { callsites, findUp, LockFile, nodeMajorVersion } from './util'; /** * Properties for a NodejsFunction */ -export interface NodejsFunctionProps extends lambda.FunctionOptions, BundlingOptions { +export interface NodejsFunctionProps extends lambda.FunctionOptions { /** * Path to the entry file (JavaScript or TypeScript). * @@ -62,6 +62,14 @@ export interface NodejsFunctionProps extends lambda.FunctionOptions, BundlingOpt * a `yarn.lock` or `package-lock.json` file */ readonly depsLockFilePath?: string; + + /** + * Bundling options + * + * @default - use default bundling options: no minify, no sourcemap, all + * modules are bundled. + */ + readonly bundling?: BundlingOptions; } /** @@ -100,7 +108,7 @@ export class NodejsFunction extends lambda.Function { ...props, runtime, code: Bundling.bundle({ - ...props, + ...props.bundling ?? {}, entry, runtime, depsLockFilePath, @@ -152,12 +160,19 @@ function findEntry(id: string, entry?: string): string { * Finds the name of the file where the `NodejsFunction` is defined */ function findDefiningFile(): string { - const stackTrace = parseStackTrace(); - const functionIndex = stackTrace.findIndex(s => /NodejsFunction/.test(s.methodName || '')); + let definingIndex; + const sites = callsites(); + for (const [index, site] of sites.entries()) { + if (site.getFunctionName() === 'NodejsFunction') { + // The next site is the site where the NodejsFunction was created + definingIndex = index + 1; + break; + } + } - if (functionIndex === -1 || !stackTrace[functionIndex + 1]) { + if (!definingIndex || !sites[definingIndex]) { throw new Error('Cannot find defining file.'); } - return stackTrace[functionIndex + 1].file; + return sites[definingIndex].getFileName(); } diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts index 78bc72d40df22..4f7b6505facfa 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts @@ -46,7 +46,7 @@ export interface BundlingOptions { * * @default - no environment variables are defined. */ - readonly bundlingEnvironment?: { [key: string]: string; }; + readonly environment?: { [key: string]: string; }; /** * A list of modules that should be considered as externals (already available @@ -100,5 +100,55 @@ export interface BundlingOptions { * * @default - use the Docker image provided by @aws-cdk/aws-lambda-nodejs */ - readonly bundlingDockerImage?: BundlingDockerImage; + readonly dockerImage?: BundlingDockerImage; + + /** + * Command hooks + * + * @default - do not run additional commands + */ + readonly commandHooks?: ICommandHooks; +} + +/** + * Command hooks + * + * These commands will run in the environment in which bundling occurs: inside + * the container for Docker bundling or on the host OS for local bundling. + * + * Commands are chained with `&&`. + * + * @example + * { + * // Copy a file from the input directory to the output directory + * // to include it in the bundled asset + * afterBundling(inputDir: string, outputDir: string): string[] { + * return [`cp ${inputDir}/my-binary.node ${outputDir}`]; + * } + * // ... + * } + */ +export interface ICommandHooks { + /** + * Returns commands to run before bundling. + * + * Commands are chained with `&&`. + */ + beforeBundling(inputDir: string, outputDir: string): string[]; + + /** + * Returns commands to run before installing node modules. + * + * This hook only runs when node modules are installed. + * + * Commands are chained with `&&`. + */ + beforeInstall(inputDir: string, outputDir: string): string[]; + + /** + * Returns commands to run after bundling. + * + * Commands are chained with `&&`. + */ + afterBundling(inputDir: string, outputDir: string): string[]; } diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts index afc370fcb200c..f74030f7376d1 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts @@ -3,46 +3,33 @@ import * as fs from 'fs'; import * as os from 'os'; import * as path from 'path'; -// From https://github.com/errwischt/stacktrace-parser/blob/master/src/stack-trace-parser.js -const STACK_RE = /^\s*at (?:((?:\[object object\])?[^\\/]+(?: \[as \S+\])?) )?\(?(.*?):(\d+)(?::(\d+))?\)?\s*$/i; - -/** - * A parsed stack trace line - */ -export interface StackTrace { - readonly file: string; - readonly methodName?: string; - readonly lineNumber: number; - readonly column: number; +export interface CallSite { + getThis(): any; + getTypeName(): string; + getFunctionName(): string; + getMethodName(): string; + getFileName(): string; + getLineNumber(): number; + getColumnNumber(): number; + getFunction(): Function; + getEvalOrigin(): string; + isNative(): boolean; + isToplevel(): boolean; + isEval(): boolean; + isConstructor(): boolean; } /** - * Parses the stack trace of an error + * Get callsites from the V8 stack trace API + * + * https://github.com/sindresorhus/callsites */ -export function parseStackTrace(error?: Error): StackTrace[] { - const err = error || new Error(); - - if (!err.stack) { - return []; - } - - const lines = err.stack.split('\n'); - - const stackTrace: StackTrace[] = []; - - for (const line of lines) { - const results = STACK_RE.exec(line); - if (results) { - stackTrace.push({ - file: results[2], - methodName: results[1], - lineNumber: parseInt(results[3], 10), - column: parseInt(results[4], 10), - }); - } - } - - return stackTrace; +export function callsites(): CallSite[] { + const _prepareStackTrace = Error.prepareStackTrace; + Error.prepareStackTrace = (_, stack) => stack; + const stack = new Error().stack?.slice(1); + Error.prepareStackTrace = _prepareStackTrace; + return stack as unknown as CallSite[]; } /** diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index cf4f5aad77ce7..6baff764219f4 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", @@ -64,10 +65,11 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "4.4.0", - "esbuild": "^0.8.9", + "esbuild": "^0.8.20", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts index a88f55a41e842..741501afd9551 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts @@ -33,7 +33,7 @@ test('esbuild bundling in Docker', () => { entry, depsLockFilePath, runtime: Runtime.NODEJS_12_X, - bundlingEnvironment: { + environment: { KEY: 'value', }, loader: { @@ -200,7 +200,7 @@ test('Local bundling', () => { entry, depsLockFilePath, runtime: Runtime.NODEJS_12_X, - bundlingEnvironment: { + environment: { KEY: 'value', }, }); @@ -244,7 +244,7 @@ test('Custom bundling docker image', () => { entry, depsLockFilePath, runtime: Runtime.NODEJS_12_X, - bundlingDockerImage: BundlingDockerImage.fromRegistry('my-custom-image'), + dockerImage: BundlingDockerImage.fromRegistry('my-custom-image'), forceDockerBundling: true, }); @@ -255,3 +255,36 @@ test('Custom bundling docker image', () => { }), }); }); + +test('with command hooks', () => { + Bundling.bundle({ + entry, + depsLockFilePath, + runtime: Runtime.NODEJS_12_X, + commandHooks: { + beforeBundling(inputDir: string, outputDir: string): string[] { + return [ + `echo hello > ${inputDir}/a.txt`, + `cp ${inputDir}/a.txt ${outputDir}`, + ]; + }, + afterBundling(inputDir: string, outputDir: string): string[] { + return [`cp ${inputDir}/b.txt ${outputDir}/txt`]; + }, + beforeInstall() { + return []; + }, + }, + forceDockerBundling: true, + }); + + expect(Code.fromAsset).toHaveBeenCalledWith(path.dirname(depsLockFilePath), { + assetHashType: AssetHashType.OUTPUT, + bundling: expect.objectContaining({ + command: [ + 'bash', '-c', + expect.stringMatching(/^echo hello > \/asset-input\/a.txt && cp \/asset-input\/a.txt \/asset-output && .+ && cp \/asset-input\/b.txt \/asset-output\/txt$/), + ], + }), + }); +}); diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts index 8dc9177cffd44..efdbd8b8aa4cc 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/docker.test.ts @@ -5,7 +5,7 @@ beforeAll(() => { spawnSync('docker', ['build', '-t', 'esbuild', path.join(__dirname, '../lib')]); }); -test('esbuild is available', async () => { +test('esbuild is available', () => { const proc = spawnSync('docker', [ 'run', 'esbuild', 'esbuild', '--version', @@ -13,7 +13,7 @@ test('esbuild is available', async () => { expect(proc.status).toEqual(0); }); -test('can npm install with non root user', async () => { +test('can npm install with non root user', () => { const proc = spawnSync('docker', [ 'run', '-u', '1000:1000', 'esbuild', @@ -26,7 +26,7 @@ test('can npm install with non root user', async () => { expect(proc.status).toEqual(0); }); -test('can yarn install with non root user', async () => { +test('can yarn install with non root user', () => { const proc = spawnSync('docker', [ 'run', '-u', '500:500', 'esbuild', @@ -38,3 +38,14 @@ test('can yarn install with non root user', async () => { ]); expect(proc.status).toEqual(0); }); + +test('cache folders have the right permissions', () => { + const proc = spawnSync('docker', [ + 'run', 'esbuild', + 'bash', '-c', [ + 'stat -c \'%a\' /tmp/npm-cache', + 'stat -c \'%a\' /tmp/yarn-cache', + ].join(' && '), + ]); + expect(proc.stdout.toString()).toMatch('777\n777'); +}); diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts index 0769f86ba7dc9..743526d0e3899 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts @@ -2,6 +2,7 @@ import '@aws-cdk/assert/jest'; import * as fs from 'fs'; import * as path from 'path'; import { ABSENT } from '@aws-cdk/assert'; +import { Vpc } from '@aws-cdk/aws-ec2'; import { Runtime } from '@aws-cdk/aws-lambda'; import { Stack } from '@aws-cdk/core'; import { NodejsFunction } from '../lib'; @@ -52,13 +53,15 @@ test('NodejsFunction with .js handler', () => { test('NodejsFunction with container env vars', () => { // WHEN new NodejsFunction(stack, 'handler1', { - bundlingEnvironment: { - KEY: 'VALUE', + bundling: { + environment: { + KEY: 'VALUE', + }, }, }); expect(Bundling.bundle).toHaveBeenCalledWith(expect.objectContaining({ - bundlingEnvironment: { + environment: { KEY: 'VALUE', }, })); @@ -138,3 +141,33 @@ test('can opt-out of connection reuse for aws sdk', () => { Environment: ABSENT, }); }); + +test('NodejsFunction in a VPC', () => { + // GIVEN + const vpc = new Vpc(stack, 'Vpc'); + + // WHEN + new NodejsFunction(stack, 'handler1', { vpc }); + + // THEN + expect(stack).toHaveResource('AWS::Lambda::Function', { + VpcConfig: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'handler1SecurityGroup30688A62', + 'GroupId', + ], + }, + ], + SubnetIds: [ + { + Ref: 'VpcPrivateSubnet1Subnet536B997A', + }, + { + Ref: 'VpcPrivateSubnet2Subnet3788AAA1', + }, + ], + }, + }); +}); diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json index 89a8de563b17f..75ecb420e7ef5 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1S3Bucket70E87BF4" + "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3BucketF29906B2" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1S3VersionKey888B2605" + "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1S3VersionKey888B2605" + "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12" } ] } @@ -92,17 +92,17 @@ } }, "Parameters": { - "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1S3Bucket70E87BF4": { + "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3BucketF29906B2": { "Type": "String", - "Description": "S3 bucket for asset \"a366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1\"" + "Description": "S3 bucket for asset \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" }, - "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1S3VersionKey888B2605": { + "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12": { "Type": "String", - "Description": "S3 key for asset version \"a366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1\"" + "Description": "S3 key for asset version \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" }, - "AssetParametersa366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1ArtifactHash01A9D743": { + "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835ArtifactHash9E439F77": { "Type": "String", - "Description": "Artifact hash for asset \"a366acc095e9c09f74bf0dd7cd338214dc3b201ad849c56e33912eb3c85785e1\"" + "Description": "Artifact hash for asset \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.ts index 2fe38367a1347..a4418867356e7 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.ts @@ -1,3 +1,4 @@ +/// !cdk-integ pragma:ignore-assets import * as path from 'path'; import { Runtime } from '@aws-cdk/aws-lambda'; import { App, Stack, StackProps } from '@aws-cdk/core'; @@ -12,12 +13,14 @@ class TestStack extends Stack { new lambda.NodejsFunction(this, 'external', { entry: path.join(__dirname, 'integ-handlers/dependencies.ts'), runtime: Runtime.NODEJS_12_X, - minify: true, - // Will be installed, not bundled - // (delay is a zero dependency package and its version is fixed - // in the package.json to ensure a stable hash for this integ test) - nodeModules: ['delay'], - forceDockerBundling: true, + bundling: { + minify: true, + // Will be installed, not bundled + // (delay is a zero dependency package and its version is fixed + // in the package.json to ensure a stable hash for this integ test) + nodeModules: ['delay'], + forceDockerBundling: true, + }, }); } } diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json index 121b96533388e..e41f6a5cc565e 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eS3BucketDF2E98AE" + "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3Bucket499E594B" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eS3VersionKey240B23FB" + "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eS3VersionKey240B23FB" + "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516" } ] } @@ -179,20 +179,673 @@ "DependsOn": [ "jshandlerServiceRole781AF366" ] + }, + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.32.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet3SubnetBE12F0B6": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.64.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1c", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3RouteTable93458DBB": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3RouteTableAssociation1F1EDF02": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet3RouteTable93458DBB" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet3SubnetBE12F0B6" + } + } + }, + "VpcPublicSubnet3DefaultRoute4697774F": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet3RouteTable93458DBB" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet3EIP3A666A23": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3NATGateway7640CD1D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet3EIP3A666A23", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet3SubnetBE12F0B6" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.96.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.128.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcPrivateSubnet3SubnetF258B56E": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.160.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1c", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet3" + } + ] + } + }, + "VpcPrivateSubnet3RouteTableD98824C7": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc/PrivateSubnet3" + } + ] + } + }, + "VpcPrivateSubnet3RouteTableAssociation16BDDC43": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet3RouteTableD98824C7" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet3SubnetF258B56E" + } + } + }, + "VpcPrivateSubnet3DefaultRoute94B74F0D": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet3RouteTableD98824C7" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet3NATGateway7640CD1D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-lambda-nodejs/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "tshandlervpcServiceRoleF6D326A3": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + ] + ] + } + ] + } + }, + "tshandlervpcSecurityGroup587CC215": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatic security group for Lambda Function cdkinteglambdanodejstshandlervpcAAE6104A", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "tshandlervpcA502E26A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3Bucket42C3CE17" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "tshandlervpcServiceRoleF6D326A3", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Environment": { + "Variables": { + "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" + } + }, + "VpcConfig": { + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "tshandlervpcSecurityGroup587CC215", + "GroupId" + ] + } + ], + "SubnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + }, + { + "Ref": "VpcPrivateSubnet3SubnetF258B56E" + } + ] + } + }, + "DependsOn": [ + "tshandlervpcServiceRoleF6D326A3" + ] } }, "Parameters": { - "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eS3BucketDF2E98AE": { + "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3Bucket499E594B": { "Type": "String", - "Description": "S3 bucket for asset \"87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756e\"" + "Description": "S3 bucket for asset \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" }, - "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eS3VersionKey240B23FB": { + "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516": { "Type": "String", - "Description": "S3 key for asset version \"87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756e\"" + "Description": "S3 key for asset version \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" }, - "AssetParameters87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756eArtifactHashC957048B": { + "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcArtifactHashECB545C0": { "Type": "String", - "Description": "Artifact hash for asset \"87629d6d123a6c9871926864abde04a406be93834dc008b18672bd287d37756e\"" + "Description": "Artifact hash for asset \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" }, "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3BucketDFAA619E": { "Type": "String", @@ -205,6 +858,18 @@ "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaArtifactHashF74A21AB": { "Type": "String", "Description": "Artifact hash for asset \"565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfa\"" + }, + "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3Bucket42C3CE17": { + "Type": "String", + "Description": "S3 bucket for asset \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" + }, + "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827": { + "Type": "String", + "Description": "S3 key for asset version \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" + }, + "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2ArtifactHash7EA2459D": { + "Type": "String", + "Description": "Artifact hash for asset \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.ts index 1befb89d3af9b..f08a041178e5e 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.ts @@ -1,4 +1,6 @@ +/// !cdk-integ pragma:ignore-assets import * as path from 'path'; +import { Vpc } from '@aws-cdk/aws-ec2'; import { Runtime } from '@aws-cdk/aws-lambda'; import { App, Stack, StackProps } from '@aws-cdk/core'; import { Construct } from 'constructs'; @@ -11,13 +13,19 @@ class TestStack extends Stack { new lambda.NodejsFunction(this, 'ts-handler', { entry: path.join(__dirname, 'integ-handlers/ts-handler.ts'), runtime: Runtime.NODEJS_12_X, - minify: true, + bundling: { minify: true }, }); new lambda.NodejsFunction(this, 'js-handler', { entry: path.join(__dirname, 'integ-handlers/js-handler.js'), runtime: Runtime.NODEJS_12_X, }); + + new lambda.NodejsFunction(this, 'ts-handler-vpc', { + entry: path.join(__dirname, 'integ-handlers/ts-handler.ts'), + runtime: Runtime.NODEJS_12_X, + vpc: new Vpc(this, 'Vpc'), + }); } } diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts index 6319008d9f2ec..df91c4433f153 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts @@ -1,12 +1,16 @@ import * as child_process from 'child_process'; import * as os from 'os'; import * as path from 'path'; -import { exec, extractDependencies, findUp, getEsBuildVersion } from '../lib/util'; +import { callsites, exec, extractDependencies, findUp, getEsBuildVersion } from '../lib/util'; beforeEach(() => { jest.clearAllMocks(); }); +describe('callsites', () => { + expect(callsites()[0].getFileName()).toMatch(/\/test\/util.test.js$/); +}); + describe('findUp', () => { test('Starting at process.cwd()', () => { expect(findUp('README.md')).toMatch(/aws-lambda-nodejs\/README.md$/); diff --git a/packages/@aws-cdk/aws-lambda-python/README.md b/packages/@aws-cdk/aws-lambda-python/README.md index 97229dc225fe3..7f9afc15072b9 100644 --- a/packages/@aws-cdk/aws-lambda-python/README.md +++ b/packages/@aws-cdk/aws-lambda-python/README.md @@ -1,60 +1,79 @@ -## Amazon Lambda Python Library +# Amazon Lambda Python Library + + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This library provides constructs for Python Lambda functions. To use this module, you will need to have Docker installed. -### Python Function +## Python Function + Define a `PythonFunction`: ```ts import * as lambda from "@aws-cdk/aws-lambda"; -import { PythonFunction } from "@aws-cdk/aws-lambda-python" +import { PythonFunction } from "@aws-cdk/aws-lambda-python"; new PythonFunction(this, 'MyFunction', { entry: '/path/to/my/function', // required index: 'my_index.py', // optional, defaults to 'index.py' handler: 'my_exported_func', // optional, defaults to 'handler' - runtime: lambda.Runtime.PYTHON_3_6 // optional, defaults to lambda.Runtime.PYTHON_3_7 + runtime: lambda.Runtime.PYTHON_3_6, // optional, defaults to lambda.Runtime.PYTHON_3_7 }); ``` All other properties of `lambda.Function` are supported, see also the [AWS Lambda construct library](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda). -### Module Dependencies +## Module Dependencies If `requirements.txt` or `Pipfile` exists at the entry path, the construct will handle installing all required modules in a [Lambda compatible Docker container](https://hub.docker.com/r/amazon/aws-sam-cli-build-image-python3.7) according to the `runtime`. **Lambda with a requirements.txt** -``` + +```plaintext . ├── lambda_function.py # exports a function named 'handler' ├── requirements.txt # has to be present at the entry path ``` **Lambda with a Pipfile** -``` + +```plaintext . ├── lambda_function.py # exports a function named 'handler' ├── Pipfile # has to be present at the entry path ├── Pipfile.lock # your lock file ``` +**Lambda with a poetry.lock** + +```plaintext +. +├── lambda_function.py # exports a function named 'handler' +├── pyproject.toml # has to be present at the entry path +├── poetry.lock # your poetry lock file +``` + **Lambda Layer Support** You may create a python-based lambda layer with `PythonLayerVersion`. If `PythonLayerVersion` detects a `requirements.txt` -or `Pipfile` at the entry path, then `PythonLayerVersion` will include the dependencies inline with your code in the +or `Pipfile` or `poetry.lock` with the associated `pyproject.toml` at the entry path, then `PythonLayerVersion` will include the dependencies inline with your code in the layer. ```ts diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies index 4d02d028b187b..bfdb9e093ed4a 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies +++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies @@ -6,13 +6,14 @@ FROM $IMAGE # Ensure rsync is installed RUN yum -q list installed rsync &>/dev/null || yum install -y rsync -# Install pipenv so we can create a requirements.txt if we detect pipfile -RUN pip install pipenv +# Install pipenv and poetry so we can create a requirements.txt if we detect pipfile or poetry.lock respectively +RUN pip install pipenv poetry # Install the dependencies in a cacheable layer WORKDIR /var/dependencies -COPY Pipfile* requirements.tx[t] ./ +COPY Pipfile* pyproject* poetry* requirements.tx[t] ./ RUN [ -f 'Pipfile' ] && pipenv lock -r >requirements.txt; \ + [ -f 'poetry.lock' ] && poetry export --with-credentials --format requirements.txt --output requirements.txt; \ [ -f 'requirements.txt' ] && pip install -r requirements.txt -t .; CMD [ "python" ] diff --git a/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts b/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts index 937d420397773..d5747e169abb2 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts +++ b/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts @@ -80,6 +80,10 @@ export function hasDependencies(entry: string): boolean { return true; } + if (fs.existsSync(path.join(entry, 'poetry.lock'))) { + return true; + } + if (fs.existsSync(path.join(entry, 'requirements.txt'))) { return true; } diff --git a/packages/@aws-cdk/aws-lambda-python/package.json b/packages/@aws-cdk/aws-lambda-python/package.json index abd231096a979..15a41e3b22806 100644 --- a/packages/@aws-cdk/aws-lambda-python/package.json +++ b/packages/@aws-cdk/aws-lambda-python/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-lambda-python/test/bundling.test.ts b/packages/@aws-cdk/aws-lambda-python/test/bundling.test.ts index ca415f60e5476..4286d092adf8f 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/bundling.test.ts +++ b/packages/@aws-cdk/aws-lambda-python/test/bundling.test.ts @@ -140,6 +140,17 @@ describe('Dependency detection', () => { expect(hasDependencies('/asset-input')).toEqual(true); }); + test('Detects poetry', () => { + existsSyncMock.mockImplementation((p: fs.PathLike) => { + if (/poetry.lock/.test(p.toString())) { + return true; + } + return existsSyncOriginal(p); + }); + + expect(hasDependencies('/asset-input')).toEqual(true); + }); + test('Detects requirements.txt', () => { existsSyncMock.mockImplementation((p: fs.PathLike) => { if (/requirements.txt/.test(p.toString())) { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.expected.json deleted file mode 100644 index 19cc6231599e4..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.expected.json +++ /dev/null @@ -1,110 +0,0 @@ -{ - "Resources": { - "myhandlerServiceRole77891068": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "myhandlerD202FA8E": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D" - }, - "S3Key": { - "Fn::Join": [ - "", - [ - { - "Fn::Select": [ - 0, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" - } - ] - } - ] - }, - { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" - } - ] - } - ] - } - ] - ] - } - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "myhandlerServiceRole77891068", - "Arn" - ] - }, - "Runtime": "python3.6" - }, - "DependsOn": [ - "myhandlerServiceRole77891068" - ] - } - }, - "Parameters": { - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D": { - "Type": "String", - "Description": "S3 bucket for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" - }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0": { - "Type": "String", - "Description": "S3 key for asset version \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" - }, - "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bArtifactHashEE8E0CE9": { - "Type": "String", - "Description": "Artifact hash for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" - } - }, - "Outputs": { - "FunctionName": { - "Value": { - "Ref": "myhandlerD202FA8E" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.ts deleted file mode 100644 index ad5db171f719a..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv-inline.ts +++ /dev/null @@ -1,30 +0,0 @@ -/// !cdk-integ pragma:ignore-assets -import * as path from 'path'; -import { Runtime } from '@aws-cdk/aws-lambda'; -import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; -import { Construct } from 'constructs'; -import * as lambda from '../lib'; - -/* - * Stack verification steps: - * aws lambda invoke --function-name --invocation-type Event --payload $(base64 <<<'"OK"') response.json - */ - -class TestStack extends Stack { - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - - const fn = new lambda.PythonFunction(this, 'my_handler', { - entry: path.join(__dirname, 'lambda-handler-pipenv'), - runtime: Runtime.PYTHON_3_6, - }); - - new CfnOutput(this, 'FunctionName', { - value: fn.functionName, - }); - } -} - -const app = new App(); -new TestStack(app, 'cdk-integ-lambda-python-inline'); -app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json new file mode 100644 index 0000000000000..0c310b5f52e7e --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json @@ -0,0 +1,314 @@ +{ + "Resources": { + "myhandlerinlineServiceRole10C681F6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerinline53D120C7": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerinlineServiceRole10C681F6", + "Arn" + ] + }, + "Runtime": "python3.6" + }, + "DependsOn": [ + "myhandlerinlineServiceRole10C681F6" + ] + }, + "myhandlerpython27ServiceRole2ED49C06": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerpython274D7465EA": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerpython27ServiceRole2ED49C06", + "Arn" + ] + }, + "Runtime": "python2.7" + }, + "DependsOn": [ + "myhandlerpython27ServiceRole2ED49C06" + ] + }, + "myhandlerpython38ServiceRole2049AFF7": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerpython384D62BBB5": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerpython38ServiceRole2049AFF7", + "Arn" + ] + }, + "Runtime": "python3.8" + }, + "DependsOn": [ + "myhandlerpython38ServiceRole2049AFF7" + ] + } + }, + "Parameters": { + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D": { + "Type": "String", + "Description": "S3 bucket for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0": { + "Type": "String", + "Description": "S3 key for asset version \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bArtifactHashEE8E0CE9": { + "Type": "String", + "Description": "Artifact hash for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8": { + "Type": "String", + "Description": "S3 bucket for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C": { + "Type": "String", + "Description": "S3 key for asset version \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014ArtifactHash7768674B": { + "Type": "String", + "Description": "Artifact hash for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813": { + "Type": "String", + "Description": "S3 bucket for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383": { + "Type": "String", + "Description": "S3 key for asset version \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aArtifactHash652F614E": { + "Type": "String", + "Description": "Artifact hash for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + } + }, + "Outputs": { + "InlineFunctionName": { + "Value": { + "Ref": "myhandlerinline53D120C7" + } + }, + "Python27FunctionName": { + "Value": { + "Ref": "myhandlerpython274D7465EA" + } + }, + "Python38FunctionName": { + "Value": { + "Ref": "myhandlerpython384D62BBB5" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.expected.json deleted file mode 100644 index c0cb2b260d146..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.expected.json +++ /dev/null @@ -1,110 +0,0 @@ -{ - "Resources": { - "myhandlerServiceRole77891068": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "myhandlerD202FA8E": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8" - }, - "S3Key": { - "Fn::Join": [ - "", - [ - { - "Fn::Select": [ - 0, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" - } - ] - } - ] - }, - { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" - } - ] - } - ] - } - ] - ] - } - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "myhandlerServiceRole77891068", - "Arn" - ] - }, - "Runtime": "python2.7" - }, - "DependsOn": [ - "myhandlerServiceRole77891068" - ] - } - }, - "Parameters": { - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8": { - "Type": "String", - "Description": "S3 bucket for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" - }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C": { - "Type": "String", - "Description": "S3 key for asset version \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" - }, - "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014ArtifactHash7768674B": { - "Type": "String", - "Description": "Artifact hash for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" - } - }, - "Outputs": { - "FunctionName": { - "Value": { - "Ref": "myhandlerD202FA8E" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.ts deleted file mode 100644 index e97ca65f8d035..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py27.ts +++ /dev/null @@ -1,30 +0,0 @@ -/// !cdk-integ pragma:ignore-assets -import * as path from 'path'; -import { Runtime } from '@aws-cdk/aws-lambda'; -import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; -import { Construct } from 'constructs'; -import * as lambda from '../lib'; - -/* - * Stack verification steps: - * aws lambda invoke --function-name --invocation-type Event --payload $(base64 <<<'"OK"') response.json - */ - -class TestStack extends Stack { - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - - const fn = new lambda.PythonFunction(this, 'my_handler', { - entry: path.join(__dirname, 'lambda-handler-pipenv'), - runtime: Runtime.PYTHON_2_7, - }); - - new CfnOutput(this, 'FunctionName', { - value: fn.functionName, - }); - } -} - -const app = new App(); -new TestStack(app, 'cdk-integ-lambda-python-pipenv-py27'); -app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.expected.json deleted file mode 100644 index 07e4ea8cf45f9..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.expected.json +++ /dev/null @@ -1,110 +0,0 @@ -{ - "Resources": { - "myhandlerServiceRole77891068": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "myhandlerD202FA8E": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813" - }, - "S3Key": { - "Fn::Join": [ - "", - [ - { - "Fn::Select": [ - 0, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" - } - ] - } - ] - }, - { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "||", - { - "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" - } - ] - } - ] - } - ] - ] - } - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "myhandlerServiceRole77891068", - "Arn" - ] - }, - "Runtime": "python3.8" - }, - "DependsOn": [ - "myhandlerServiceRole77891068" - ] - } - }, - "Parameters": { - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813": { - "Type": "String", - "Description": "S3 bucket for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" - }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383": { - "Type": "String", - "Description": "S3 key for asset version \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" - }, - "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aArtifactHash652F614E": { - "Type": "String", - "Description": "Artifact hash for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" - } - }, - "Outputs": { - "FunctionName": { - "Value": { - "Ref": "myhandlerD202FA8E" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.ts deleted file mode 100644 index 75538599ca463..0000000000000 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.py38.ts +++ /dev/null @@ -1,30 +0,0 @@ -/// !cdk-integ pragma:ignore-assets -import * as path from 'path'; -import { Runtime } from '@aws-cdk/aws-lambda'; -import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; -import { Construct } from 'constructs'; -import * as lambda from '../lib'; - -/* - * Stack verification steps: - * aws lambda invoke --function-name --invocation-type Event --payload $(base64 <<<'"OK"') response.json - */ - -class TestStack extends Stack { - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - - const fn = new lambda.PythonFunction(this, 'my_handler', { - entry: path.join(__dirname, 'lambda-handler-pipenv'), - runtime: Runtime.PYTHON_3_8, - }); - - new CfnOutput(this, 'FunctionName', { - value: fn.functionName, - }); - } -} - -const app = new App(); -new TestStack(app, 'cdk-integ-lambda-python-pipenv-py38'); -app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.ts new file mode 100644 index 0000000000000..2b51c5d1efc67 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.ts @@ -0,0 +1,45 @@ +/// !cdk-integ pragma:ignore-assets +import * as path from 'path'; +import { Runtime } from '@aws-cdk/aws-lambda'; +import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as lambda from '../lib'; + +/* + * Stack verification steps: + * aws lambda invoke --function-name --invocation-type Event --payload $(base64 <<<''OK'') response.json + */ + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const pythonFunctionInline = new lambda.PythonFunction(this, 'my_handler_inline', { + entry: path.join(__dirname, 'lambda-handler-pipenv'), + runtime: Runtime.PYTHON_3_6, + }); + new CfnOutput(this, 'InlineFunctionName', { + value: pythonFunctionInline.functionName, + }); + + const pythonFunction27 = new lambda.PythonFunction(this, 'my_handler_python_27', { + entry: path.join(__dirname, 'lambda-handler-pipenv'), + runtime: Runtime.PYTHON_2_7, + }); + new CfnOutput(this, 'Python27FunctionName', { + value: pythonFunction27.functionName, + }); + + const pythonFunction38 = new lambda.PythonFunction(this, 'my_handler_python_38', { + entry: path.join(__dirname, 'lambda-handler-pipenv'), + runtime: Runtime.PYTHON_3_8, + }); + new CfnOutput(this, 'Python38FunctionName', { + value: pythonFunction38.functionName, + }); + } +} + +const app = new App(); +new TestStack(app, 'cdk-integ-lambda-python'); +app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json new file mode 100644 index 0000000000000..0c310b5f52e7e --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json @@ -0,0 +1,314 @@ +{ + "Resources": { + "myhandlerinlineServiceRole10C681F6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerinline53D120C7": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerinlineServiceRole10C681F6", + "Arn" + ] + }, + "Runtime": "python3.6" + }, + "DependsOn": [ + "myhandlerinlineServiceRole10C681F6" + ] + }, + "myhandlerpython27ServiceRole2ED49C06": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerpython274D7465EA": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerpython27ServiceRole2ED49C06", + "Arn" + ] + }, + "Runtime": "python2.7" + }, + "DependsOn": [ + "myhandlerpython27ServiceRole2ED49C06" + ] + }, + "myhandlerpython38ServiceRole2049AFF7": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myhandlerpython384D62BBB5": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "myhandlerpython38ServiceRole2049AFF7", + "Arn" + ] + }, + "Runtime": "python3.8" + }, + "DependsOn": [ + "myhandlerpython38ServiceRole2049AFF7" + ] + } + }, + "Parameters": { + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3BucketDF70124D": { + "Type": "String", + "Description": "S3 bucket for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bS3VersionKey530C68B0": { + "Type": "String", + "Description": "S3 key for asset version \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParameterseef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255bArtifactHashEE8E0CE9": { + "Type": "String", + "Description": "Artifact hash for asset \"eef17c074659b655f9b413019323db3976d06067e78d53c4e609ebe177ce255b\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3BucketB5A59BD8": { + "Type": "String", + "Description": "S3 bucket for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014S3VersionKey7657015C": { + "Type": "String", + "Description": "S3 key for asset version \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParametersf37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014ArtifactHash7768674B": { + "Type": "String", + "Description": "Artifact hash for asset \"f37a4de97ca8831930cd2d0dc3f0962e653d756a118ce33271752a745489c014\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3Bucket31144813": { + "Type": "String", + "Description": "S3 bucket for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aS3VersionKeyB48E8383": { + "Type": "String", + "Description": "S3 key for asset version \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + }, + "AssetParameters3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846aArtifactHash652F614E": { + "Type": "String", + "Description": "Artifact hash for asset \"3eb927f8df31281e22c710f842018fa10b0dde86f74f89313c9a27db6e75846a\"" + } + }, + "Outputs": { + "InlineFunctionName": { + "Value": { + "Ref": "myhandlerinline53D120C7" + } + }, + "Python27FunctionName": { + "Value": { + "Ref": "myhandlerpython274D7465EA" + } + }, + "Python38FunctionName": { + "Value": { + "Ref": "myhandlerpython384D62BBB5" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts new file mode 100644 index 0000000000000..d3eaafe75a120 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.ts @@ -0,0 +1,45 @@ +/// !cdk-integ pragma:ignore-assets +import * as path from 'path'; +import { Runtime } from '@aws-cdk/aws-lambda'; +import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as lambda from '../lib'; + +/* + * Stack verification steps: + * aws lambda invoke --function-name --invocation-type Event --payload $(base64 <<<''OK'') response.json + */ + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const pythonFunctionInline = new lambda.PythonFunction(this, 'my_handler_inline', { + entry: path.join(__dirname, 'lambda-handler-poetry'), + runtime: Runtime.PYTHON_3_6, + }); + new CfnOutput(this, 'InlineFunctionName', { + value: pythonFunctionInline.functionName, + }); + + const pythonFunction27 = new lambda.PythonFunction(this, 'my_handler_python_27', { + entry: path.join(__dirname, 'lambda-handler-poetry'), + runtime: Runtime.PYTHON_2_7, + }); + new CfnOutput(this, 'Python27FunctionName', { + value: pythonFunction27.functionName, + }); + + const pythonFunction38 = new lambda.PythonFunction(this, 'my_handler_python_38', { + entry: path.join(__dirname, 'lambda-handler-poetry'), + runtime: Runtime.PYTHON_3_8, + }); + new CfnOutput(this, 'Python38FunctionName', { + value: pythonFunction38.functionName, + }); + } +} + +const app = new App(); +new TestStack(app, 'cdk-integ-lambda-python'); +app.synth(); diff --git a/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/index.py b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/index.py new file mode 100644 index 0000000000000..c033f37560534 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/index.py @@ -0,0 +1,11 @@ +import requests +from PIL import Image + +def handler(event, context): + response = requests.get('https://a0.awsstatic.com/main/images/logos/aws_smile-header-desktop-en-white_59x35.png', stream=True) + img = Image.open(response.raw) + + print(response.status_code) + print(img.size) + + return response.status_code diff --git a/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/poetry.lock b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/poetry.lock new file mode 100644 index 0000000000000..3d343fcf061a2 --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/poetry.lock @@ -0,0 +1,122 @@ +[[package]] +name = "certifi" +version = "2020.11.8" +description = "Python package for providing Mozilla's CA Bundle." +category = "main" +optional = false +python-versions = "*" + +[[package]] +name = "chardet" +version = "3.0.4" +description = "Universal encoding detector for Python 2 and 3" +category = "main" +optional = false +python-versions = "*" + +[[package]] +name = "idna" +version = "2.10" +description = "Internationalized Domain Names in Applications (IDNA)" +category = "main" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" + +[[package]] +name = "pillow" +version = "6.2.2" +description = "Python Imaging Library (Fork)" +category = "main" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" + +[[package]] +name = "requests" +version = "2.23.0" +description = "Python HTTP for Humans." +category = "main" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" + +[package.dependencies] +certifi = ">=2017.4.17" +chardet = ">=3.0.2,<4" +idna = ">=2.5,<3" +urllib3 = ">=1.21.1,<1.25.0 || >1.25.0,<1.25.1 || >1.25.1,<1.26" + +[package.extras] +security = ["pyOpenSSL (>=0.14)", "cryptography (>=1.3.4)"] +socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"] + +[[package]] +name = "urllib3" +version = "1.25.11" +description = "HTTP library with thread-safe connection pooling, file post, and more." +category = "main" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4" + +[package.extras] +brotli = ["brotlipy (>=0.6.0)"] +secure = ["pyOpenSSL (>=0.14)", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "certifi", "ipaddress"] +socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"] + +[metadata] +lock-version = "1.1" +python-versions = "^2.7" +content-hash = "033798f820d979d69232ab05eb36fb9d517a49e5a6887c6d0e709aea9671464d" + +[metadata.files] +certifi = [ + {file = "certifi-2020.11.8-py2.py3-none-any.whl", hash = "sha256:1f422849db327d534e3d0c5f02a263458c3955ec0aae4ff09b95f195c59f4edd"}, + {file = "certifi-2020.11.8.tar.gz", hash = "sha256:f05def092c44fbf25834a51509ef6e631dc19765ab8a57b4e7ab85531f0a9cf4"}, +] +chardet = [ + {file = "chardet-3.0.4-py2.py3-none-any.whl", hash = "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"}, + {file = "chardet-3.0.4.tar.gz", hash = "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae"}, +] +idna = [ + {file = "idna-2.10-py2.py3-none-any.whl", hash = "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"}, + {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, +] +pillow = [ + {file = "Pillow-6.2.2-cp27-cp27m-macosx_10_6_intel.whl", hash = "sha256:834dd023b7f987d6b700ad93dc818098d7eb046bd445e9992b3093c6f9d7a95f"}, + {file = "Pillow-6.2.2-cp27-cp27m-manylinux1_i686.whl", hash = "sha256:d3a98444a00b4643b22b0685dbf9e0ddcaf4ebfd4ea23f84f228adf5a0765bb2"}, + {file = "Pillow-6.2.2-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:2b4a94be53dff02af90760c10a2e3634c3c7703410f38c98154d5ce71fe63d20"}, + {file = "Pillow-6.2.2-cp27-cp27m-win32.whl", hash = "sha256:87ef0eca169f7f0bc050b22f05c7e174a65c36d584428431e802c0165c5856ea"}, + {file = "Pillow-6.2.2-cp27-cp27m-win_amd64.whl", hash = "sha256:cbd5647097dc55e501f459dbac7f1d0402225636deeb9e0a98a8d2df649fc19d"}, + {file = "Pillow-6.2.2-cp27-cp27mu-manylinux1_i686.whl", hash = "sha256:4adc3302df4faf77c63ab3a83e1a3e34b94a6a992084f4aa1cb236d1deaf4b39"}, + {file = "Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:e3a797a079ce289e59dbd7eac9ca3bf682d52687f718686857281475b7ca8e6a"}, + {file = "Pillow-6.2.2-cp35-cp35m-macosx_10_6_intel.whl", hash = "sha256:bb7861e4618a0c06c40a2e509c1bea207eea5fd4320d486e314e00745a402ca5"}, + {file = "Pillow-6.2.2-cp35-cp35m-manylinux1_i686.whl", hash = "sha256:535e8e0e02c9f1fc2e307256149d6ee8ad3aa9a6e24144b7b6e6fb6126cb0e99"}, + {file = "Pillow-6.2.2-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:bc149dab804291a18e1186536519e5e122a2ac1316cb80f506e855a500b1cdd4"}, + {file = "Pillow-6.2.2-cp35-cp35m-win32.whl", hash = "sha256:1a3bc8e1db5af40a81535a62a591fafdb30a8a1b319798ea8052aa65ef8f06d2"}, + {file = "Pillow-6.2.2-cp35-cp35m-win_amd64.whl", hash = "sha256:d6b4dc325170bee04ca8292bbd556c6f5398d52c6149ca881e67daf62215426f"}, + {file = "Pillow-6.2.2-cp36-cp36m-macosx_10_6_intel.whl", hash = "sha256:43ef1cff7ee57f9c8c8e6fa02a62eae9fa23a7e34418c7ce88c0e3fe09d1fb38"}, + {file = "Pillow-6.2.2-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:900de1fdc93764be13f6b39dc0dd0207d9ff441d87ad7c6e97e49b81987dc0f3"}, + {file = "Pillow-6.2.2-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:92b83b380f9181cacc994f4c983d95a9c8b00b50bf786c66d235716b526a3332"}, + {file = "Pillow-6.2.2-cp36-cp36m-win32.whl", hash = "sha256:00e0bbe9923adc5cc38a8da7d87d4ce16cde53b8d3bba8886cb928e84522d963"}, + {file = "Pillow-6.2.2-cp36-cp36m-win_amd64.whl", hash = "sha256:5ccfcb0a34ad9b77ad247c231edb781763198f405a5c8dc1b642449af821fb7f"}, + {file = "Pillow-6.2.2-cp37-cp37m-macosx_10_6_intel.whl", hash = "sha256:5dcbbaa3a24d091a64560d3c439a8962866a79a033d40eb1a75f1b3413bfc2bc"}, + {file = "Pillow-6.2.2-cp37-cp37m-manylinux1_i686.whl", hash = "sha256:6e2a7e74d1a626b817ecb7a28c433b471a395c010b2a1f511f976e9ea4363e64"}, + {file = "Pillow-6.2.2-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:c424d35a5259be559b64490d0fd9e03fba81f1ce8e5b66e0a59de97547351d80"}, + {file = "Pillow-6.2.2-cp37-cp37m-win32.whl", hash = "sha256:aa4792ab056f51b49e7d59ce5733155e10a918baf8ce50f64405db23d5627fa2"}, + {file = "Pillow-6.2.2-cp37-cp37m-win_amd64.whl", hash = "sha256:0d5c99f80068f13231ac206bd9b2e80ea357f5cf9ae0fa97fab21e32d5b61065"}, + {file = "Pillow-6.2.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:03457e439d073770d88afdd90318382084732a5b98b0eb6f49454746dbaae701"}, + {file = "Pillow-6.2.2-cp38-cp38-manylinux1_i686.whl", hash = "sha256:ccf16fe444cc43800eeacd4f4769971200982200a71b1368f49410d0eb769543"}, + {file = "Pillow-6.2.2-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:b72c39585f1837d946bd1a829a4820ccf86e361f28cbf60f5d646f06318b61e2"}, + {file = "Pillow-6.2.2-cp38-cp38-win32.whl", hash = "sha256:3ba7d8f1d962780f86aa747fef0baf3211b80cb13310fff0c375da879c0656d4"}, + {file = "Pillow-6.2.2-cp38-cp38-win_amd64.whl", hash = "sha256:3e81485cec47c24f5fb27acb485a4fc97376b2b332ed633867dc68ac3077998c"}, + {file = "Pillow-6.2.2-pp273-pypy_73-win32.whl", hash = "sha256:aa1b0297e352007ec781a33f026afbb062a9a9895bb103c8f49af434b1666880"}, + {file = "Pillow-6.2.2-pp373-pypy36_pp73-win32.whl", hash = "sha256:82859575005408af81b3e9171ae326ff56a69af5439d3fc20e8cb76cd51c8246"}, + {file = "Pillow-6.2.2.tar.gz", hash = "sha256:db9ff0c251ed066d367f53b64827cc9e18ccea001b986d08c265e53625dab950"}, +] +requests = [ + {file = "requests-2.23.0-py2.7.egg", hash = "sha256:5d2d0ffbb515f39417009a46c14256291061ac01ba8f875b90cad137de83beb4"}, + {file = "requests-2.23.0-py2.py3-none-any.whl", hash = "sha256:43999036bfa82904b6af1d99e4882b560e5e2c68e5c4b0aa03b655f3d7d73fee"}, + {file = "requests-2.23.0.tar.gz", hash = "sha256:b3f43d496c6daba4493e7c431722aeb7dbc6288f52a6e04e7b6023b0247817e6"}, +] +urllib3 = [ + {file = "urllib3-1.25.11-py2.py3-none-any.whl", hash = "sha256:f5321fbe4bf3fefa0efd0bfe7fb14e90909eb62a48ccda331726b4319897dd5e"}, + {file = "urllib3-1.25.11.tar.gz", hash = "sha256:8d7eaa5a82a1cac232164990f04874c594c9453ec55eef02eab885aa02fc17a2"}, +] diff --git a/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/pyproject.toml b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/pyproject.toml new file mode 100644 index 0000000000000..15fec8cc54bec --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-python/test/lambda-handler-poetry/pyproject.toml @@ -0,0 +1,16 @@ +[tool.poetry] +name = "lambda-handler-poetry" +version = "0.1.0" +description = "" +authors = ["Your Name "] + +[tool.poetry.dependencies] +python = "^2.7" +requests = "2.23.0" +pillow = "6.2.2" + +[tool.poetry.dev-dependencies] + +[build-system] +requires = ["poetry-core>=1.0.0"] +build-backend = "poetry.core.masonry.api" diff --git a/packages/@aws-cdk/aws-lambda/README.md b/packages/@aws-cdk/aws-lambda/README.md index ea1d256c976bc..54e7811688134 100644 --- a/packages/@aws-cdk/aws-lambda/README.md +++ b/packages/@aws-cdk/aws-lambda/README.md @@ -1,5 +1,6 @@ -## AWS Lambda Construct Library +# AWS Lambda Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This construct library allows you to define AWS Lambda Functions. @@ -22,7 +24,7 @@ const fn = new lambda.Function(this, 'MyFunction', { }); ``` -### Handler Code +## Handler Code The `lambda.Code` class includes static convenience methods for various types of runtime code. @@ -33,7 +35,7 @@ runtime code. limited to supported runtimes and the code cannot exceed 4KiB. * `lambda.Code.fromAsset(path)` - specify a directory or a .zip file in the local filesystem which will be zipped and uploaded to S3 before deployment. See also - [bundling asset code](#Bundling-Asset-Code). + [bundling asset code](#bundling-asset-code). The following example shows how to define a Python function and deploy the code from the local directory `my-lambda-handler` to it: @@ -50,7 +52,7 @@ to our CDK project directory. This is especially important when we want to share this construct through a library. Different programming languages will have different techniques for bundling resources into libraries. -### Docker Images +## Docker Images Lambda functions allow specifying their handlers within docker images. The docker image can be an image from ECR or a local asset that the CDK will package and load @@ -61,7 +63,7 @@ Dockerfile as the asset that will be used as the function handler. ```ts new lambda.DockerImageFunction(this, 'AssetFunction', { - code: DockerImageCode.fromAssetImage(path.join(__dirname, 'docker-handler')), + code: lambda.DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-handler')), }); ``` @@ -72,11 +74,11 @@ import * as ecr from '@aws-cdk/aws-ecr'; const repo = new ecr.Repository(this, 'Repository'); new lambda.DockerImageFunction(this, 'ECRFunction', { - code: DockerImageCode.fromEcrImage(repo), + code: lambda.DockerImageCode.fromEcr(repo), }); ``` -### Execution Role +## Execution Role Lambda functions assume an IAM role during execution. In CDK by default, Lambda functions will use an autogenerated Role if one is not provided. @@ -109,7 +111,7 @@ myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWS myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaVPCAccessExecutionRole")); // only required if your function lives in a VPC ``` -### Versions and Aliases +## Versions and Aliases You can use [versions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html) @@ -119,10 +121,10 @@ the stable production version. The function version includes the following information: -- The function code and all associated dependencies. -- The Lambda runtime that executes the function. -- All of the function settings, including the environment variables. -- A unique Amazon Resource Name (ARN) to identify this version of the function. +* The function code and all associated dependencies. +* The Lambda runtime that executes the function. +* All of the function settings, including the environment variables. +* A unique Amazon Resource Name (ARN) to identify this version of the function. You can define one or more [aliases](https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html) @@ -167,14 +169,14 @@ fn.currentVersion.addAlias('live'); > AWS Lambda version, and won't allow you to use `$LATEST`. Therefore, you would > normally want to use `lambda.currentVersion`. -### Layers +## Layers The `lambda.LayerVersion` class can be used to define Lambda layers and manage granting permissions to other AWS accounts or organizations. [Example of Lambda Layer usage](test/integ.layer-version.lit.ts) -### Event Rule Target +## Event Rule Target You can use an AWS Lambda function as a target for an Amazon CloudWatch event rule: @@ -184,7 +186,7 @@ import * as targets from '@aws-cdk/aws-events-targets'; rule.addTarget(new targets.LambdaFunction(myFunction)); ``` -### Event Sources +## Event Sources AWS Lambda supports a [variety of event sources](https://docs.aws.amazon.com/lambda/latest/dg/invoking-lambda-function.html). @@ -216,7 +218,7 @@ fn.addEventSource(new S3EventSource(bucket, { See the documentation for the __@aws-cdk/aws-lambda-event-sources__ module for more details. -### Lambda with DLQ +## Lambda with DLQ A dead-letter queue can be automatically created for a Lambda function by setting the `deadLetterQueueEnabled: true` configuration. @@ -250,7 +252,7 @@ const fn = new lambda.Function(this, 'MyFunction', { See [the AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/dlq.html) to learn more about AWS Lambdas and DLQs. -### Lambda with X-Ray Tracing +## Lambda with X-Ray Tracing ```ts import * as lambda from '@aws-cdk/aws-lambda'; @@ -266,7 +268,7 @@ const fn = new lambda.Function(this, 'MyFunction', { See [the AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-x-ray.html) to learn more about AWS Lambda's X-Ray support. -### Lambda with Profiling +## Lambda with Profiling ```ts import * as lambda from '@aws-cdk/aws-lambda'; @@ -282,7 +284,7 @@ const fn = new lambda.Function(this, 'MyFunction', { See [the AWS documentation](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html) to learn more about AWS Lambda's Profiling support. -### Lambda with Reserved Concurrent Executions +## Lambda with Reserved Concurrent Executions ```ts import * as lambda from '@aws-cdk/aws-lambda'; @@ -298,7 +300,7 @@ const fn = new lambda.Function(this, 'MyFunction', { See [the AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html) managing concurrency. -### AutoScaling +## AutoScaling You can use Application AutoScaling to automatically configure the provisioned concurrency for your functions. AutoScaling can be set to track utilization or be based on a schedule. To configure AutoScaling on a function alias: @@ -327,7 +329,7 @@ as.scaleOnSchedule('ScaleUpInTheMorning', { See [the AWS documentation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-scaling.html) on autoscaling lambda functions. -### Log Group +## Log Group Lambda functions automatically create a log group with the name `/aws/lambda/` upon first execution with log data set to never expire. @@ -348,7 +350,7 @@ correct log retention period (never expire, by default). *Further note* that, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention to never expire even if it was configured with a different value. -### FileSystem Access +## FileSystem Access You can configure a function to mount an Amazon Elastic File System (Amazon EFS) to a directory in your runtime environment with the `filesystem` property. To access Amazon EFS @@ -388,7 +390,7 @@ const fn = new lambda.Function(stack, 'MyLambda', { ``` -### Singleton Function +## Singleton Function The `SingletonFunction` construct is a way to guarantee that a lambda function will be guaranteed to be part of the stack, once and only once, irrespective of how many times the construct is declared to be part of the stack. This is guaranteed @@ -402,13 +404,15 @@ number of times and with different properties. Using `SingletonFunction` here wi For example, the `LogRetention` construct requires only one single lambda function for all different log groups whose retention it seeks to manage. -### Bundling Asset Code +## Bundling Asset Code + When using `lambda.Code.fromAsset(path)` it is possible to bundle the code by running a command in a Docker container. The asset path will be mounted at `/asset-input`. The Docker container is responsible for putting content at `/asset-output`. The content at `/asset-output` will be zipped and used as Lambda code. Example with Python: + ```ts new lambda.Function(this, 'Function', { code: lambda.Code.fromAsset(path.join(__dirname, 'my-python-handler'), { @@ -426,6 +430,7 @@ new lambda.Function(this, 'Function', { handler: 'index.handler', }); ``` + Runtimes expose a `bundlingDockerImage` property that points to the [AWS SAM](https://github.com/awslabs/aws-sam-cli) build image. Use `cdk.BundlingDockerImage.fromRegistry(image)` to use an existing image or @@ -449,7 +454,8 @@ new lambda.Function(this, 'Function', { }); ``` -### Language-specific APIs +## Language-specific APIs + Language-specific higher level constructs are provided in separate modules: * Node.js: [`@aws-cdk/aws-lambda-nodejs`](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda-nodejs) diff --git a/packages/@aws-cdk/aws-lambda/lib/function-base.ts b/packages/@aws-cdk/aws-lambda/lib/function-base.ts index d02f355f0c5f3..8b8dd585c21c2 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function-base.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function-base.ts @@ -106,6 +106,17 @@ export interface IFunction extends IResource, ec2.IConnectable, iam.IGrantable { */ metricThrottles(props?: cloudwatch.MetricOptions): cloudwatch.Metric; + /** + * Adds an event source to this function. + * + * Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module. + * + * The following example adds an SQS Queue as an event source: + * ``` + * import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources'; + * myFunction.addEventSource(new SqsEventSource(myQueue)); + * ``` + */ addEventSource(source: IEventSource): void; /** @@ -329,18 +340,6 @@ export abstract class FunctionBase extends Resource implements IFunction { return grant; } - /** - * Adds an event source to this function. - * - * Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module. - * - * The following example adds an SQS Queue as an event source: - * - * import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources'; - * myFunction.addEventSource(new SqsEventSource(myQueue)); - * - * @param source The event source to bind to this function - */ public addEventSource(source: IEventSource) { source.bind(this); } diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 475f864d4c7b4..85cb64f0e1a17 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Lambda", @@ -158,7 +159,6 @@ "docs-public-apis:@aws-cdk/aws-lambda.FunctionProps", "docs-public-apis:@aws-cdk/aws-lambda.IAlias", "docs-public-apis:@aws-cdk/aws-lambda.IFunction", - "docs-public-apis:@aws-cdk/aws-lambda.IFunction.addEventSource", "docs-public-apis:@aws-cdk/aws-lambda.ILayerVersion", "docs-public-apis:@aws-cdk/aws-lambda.IVersion", "docs-public-apis:@aws-cdk/aws-lambda.LambdaRuntimeProps", diff --git a/packages/@aws-cdk/aws-logs-destinations/README.md b/packages/@aws-cdk/aws-logs-destinations/README.md index ea1c68ca1c0e2..28d124c669017 100644 --- a/packages/@aws-cdk/aws-logs-destinations/README.md +++ b/packages/@aws-cdk/aws-logs-destinations/README.md @@ -1,10 +1,12 @@ # CDK Construct Libray for AWS XXX + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + A short description here. diff --git a/packages/@aws-cdk/aws-logs-destinations/package.json b/packages/@aws-cdk/aws-logs-destinations/package.json index 088d42b51feeb..fb995e0755637 100644 --- a/packages/@aws-cdk/aws-logs-destinations/package.json +++ b/packages/@aws-cdk/aws-logs-destinations/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-logs/README.md b/packages/@aws-cdk/aws-logs/README.md index 880113852e355..497526ca6ec60 100644 --- a/packages/@aws-cdk/aws-logs/README.md +++ b/packages/@aws-cdk/aws-logs/README.md @@ -1,5 +1,6 @@ -## Amazon CloudWatch Logs Construct Library +# Amazon CloudWatch Logs Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,11 +8,12 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library supplies constructs for working with CloudWatch Logs. -### Log Groups/Streams +## Log Groups/Streams The basic unit of CloudWatch is a *Log Group*. Every log group typically has the same kind of data logged to it, in the same format. If there are multiple @@ -32,7 +34,7 @@ retention period (including infinite retention). [retention example](test/example.retention.lit.ts) -### LogRetention +## LogRetention The `LogRetention` construct is a way to control the retention period of log groups that are created outside of the CDK. The construct is usually used on log groups that are auto created by AWS services, such as [AWS @@ -46,7 +48,7 @@ By default, the log group will be created in the same region as the stack. The ` log groups in other regions. This is typically useful when controlling retention for log groups auto-created by global services that publish their log group to a specific region, such as AWS Chatbot creating a log group in `us-east-1`. -### Encrypting Log Groups +## Encrypting Log Groups By default, log group data is always encrypted in CloudWatch Logs. You have the option to encrypt log group data using a AWS KMS customer master key (CMK) should @@ -67,7 +69,7 @@ new LogGroup(this, 'LogGroup', { See the AWS documentation for more detailed information about [encrypting CloudWatch Logs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html). -### Subscriptions and Destinations +## Subscriptions and Destinations Log events matching a particular filter can be sent to either a Lambda function or a Kinesis stream. @@ -91,7 +93,7 @@ new SubscriptionFilter(this, 'Subscription', { }); ``` -### Metric Filters +## Metric Filters CloudWatch Logs can extract and emit metrics based on a textual log stream. Depending on your needs, this may be a more convenient way of generating metrics @@ -119,7 +121,7 @@ Will extract the value of `jsonField` wherever it occurs in JSON-structed log records in the LogGroup, and emit them to CloudWatch Metrics under the name `Namespace/MetricName`. -#### Exposing Metric on a Metric Filter +### Exposing Metric on a Metric Filter You can expose a metric on a metric filter by calling the `MetricFilter.metric()` API. This has a default of `statistic = 'avg'` if the statistic is not set in the `props`. @@ -144,7 +146,7 @@ new Alarm(this, 'alarm from metric filter', { }); ``` -### Patterns +## Patterns Patterns describe which log events match a subscription or metric filter. There are three types of patterns: @@ -164,7 +166,7 @@ In addition to the patterns above, the following special patterns exist: more information, see the [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). -#### Text Patterns +### Text Patterns Text patterns match if the literal strings appear in the text form of the log line. @@ -192,7 +194,7 @@ const pattern2 = FilterPattern.anyGroup( ); ``` -### JSON Patterns +## JSON Patterns JSON patterns apply if the log event is the JSON representation of an object (without any other characters, so it cannot include a prefix such as timestamp @@ -241,7 +243,7 @@ const pattern = FilterPattern.all( )); ``` -### Space-delimited table patterns +## Space-delimited table patterns If the log events are rows of a space-delimited table, this pattern can be used to identify the columns in that structure and add conditions on any of them. The @@ -277,7 +279,7 @@ const pattern = FilterPattern.spaceDelimited('time', 'component', '...', 'result .whereNumber('result_code', '!=', 200); ``` -### Notes +## Notes Be aware that Log Group ARNs will always have the string `:*` appended to them, to match the behavior of [the CloudFormation `AWS::Logs::LogGroup` diff --git a/packages/@aws-cdk/aws-logs/package.json b/packages/@aws-cdk/aws-logs/package.json index d354ff00e1d24..487f538d138cb 100644 --- a/packages/@aws-cdk/aws-logs/package.json +++ b/packages/@aws-cdk/aws-logs/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Logs", @@ -73,7 +74,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-macie/README.md b/packages/@aws-cdk/aws-macie/README.md index 9f4352257b41e..d4154b38a9d9b 100644 --- a/packages/@aws-cdk/aws-macie/README.md +++ b/packages/@aws-cdk/aws-macie/README.md @@ -1,12 +1,16 @@ -## AWS::Macie Construct Library +# AWS::Macie Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-macie/package.json b/packages/@aws-cdk/aws-macie/package.json index 31cadb759a266..8e09af4e347ff 100644 --- a/packages/@aws-cdk/aws-macie/package.json +++ b/packages/@aws-cdk/aws-macie/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Macie", diff --git a/packages/@aws-cdk/aws-managedblockchain/README.md b/packages/@aws-cdk/aws-managedblockchain/README.md index 3836525debc28..bc8534fd8bf22 100644 --- a/packages/@aws-cdk/aws-managedblockchain/README.md +++ b/packages/@aws-cdk/aws-managedblockchain/README.md @@ -1,12 +1,16 @@ -## AWS::ManagedBlockchain Construct Library +# AWS::ManagedBlockchain Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-managedblockchain/package.json b/packages/@aws-cdk/aws-managedblockchain/package.json index de565cc79d2f6..a5bda96e3e0c4 100644 --- a/packages/@aws-cdk/aws-managedblockchain/package.json +++ b/packages/@aws-cdk/aws-managedblockchain/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ManagedBlockchain", diff --git a/packages/@aws-cdk/aws-mediaconvert/README.md b/packages/@aws-cdk/aws-mediaconvert/README.md index 9d9620c86bcae..c58e480114a6d 100644 --- a/packages/@aws-cdk/aws-mediaconvert/README.md +++ b/packages/@aws-cdk/aws-mediaconvert/README.md @@ -1,12 +1,16 @@ -## AWS::MediaConvert Construct Library +# AWS::MediaConvert Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-mediaconvert/package.json b/packages/@aws-cdk/aws-mediaconvert/package.json index 76d41d8590466..1e87cc0db2737 100644 --- a/packages/@aws-cdk/aws-mediaconvert/package.json +++ b/packages/@aws-cdk/aws-mediaconvert/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::MediaConvert", diff --git a/packages/@aws-cdk/aws-medialive/README.md b/packages/@aws-cdk/aws-medialive/README.md index fcf8befcf1e06..6a13191e2a7bc 100644 --- a/packages/@aws-cdk/aws-medialive/README.md +++ b/packages/@aws-cdk/aws-medialive/README.md @@ -1,12 +1,16 @@ -## AWS Elemental MediaLive Construct Library +# AWS Elemental MediaLive Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-medialive/package.json b/packages/@aws-cdk/aws-medialive/package.json index 55abb694dbb84..5931e3d7ed57c 100644 --- a/packages/@aws-cdk/aws-medialive/package.json +++ b/packages/@aws-cdk/aws-medialive/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::MediaLive", diff --git a/packages/@aws-cdk/aws-mediapackage/README.md b/packages/@aws-cdk/aws-mediapackage/README.md index 11d84261af563..f49ba1fb5fd87 100644 --- a/packages/@aws-cdk/aws-mediapackage/README.md +++ b/packages/@aws-cdk/aws-mediapackage/README.md @@ -1,12 +1,16 @@ -## AWS::MediaPackage Construct Library +# AWS::MediaPackage Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-mediapackage/package.json b/packages/@aws-cdk/aws-mediapackage/package.json index c3561ae1027bf..adba0df0f44f9 100644 --- a/packages/@aws-cdk/aws-mediapackage/package.json +++ b/packages/@aws-cdk/aws-mediapackage/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::MediaPackage", diff --git a/packages/@aws-cdk/aws-mediastore/README.md b/packages/@aws-cdk/aws-mediastore/README.md index edc56812b49d6..f420f2299d899 100644 --- a/packages/@aws-cdk/aws-mediastore/README.md +++ b/packages/@aws-cdk/aws-mediastore/README.md @@ -1,12 +1,16 @@ -## AWS Elemental MediaStore Construct Library +# AWS Elemental MediaStore Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-mediastore/package.json b/packages/@aws-cdk/aws-mediastore/package.json index bcdcfd25ee3cd..ecfc189e69e82 100644 --- a/packages/@aws-cdk/aws-mediastore/package.json +++ b/packages/@aws-cdk/aws-mediastore/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::MediaStore", diff --git a/packages/@aws-cdk/aws-msk/README.md b/packages/@aws-cdk/aws-msk/README.md index a4e00a5f29fa5..1de05861fc74f 100644 --- a/packages/@aws-cdk/aws-msk/README.md +++ b/packages/@aws-cdk/aws-msk/README.md @@ -1,12 +1,16 @@ -## Amazon Managed Streaming for Apache Kafka Construct Library +# Amazon Managed Streaming for Apache Kafka Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-msk/package.json b/packages/@aws-cdk/aws-msk/package.json index fe11ccb745bdf..af31390fd9492 100644 --- a/packages/@aws-cdk/aws-msk/package.json +++ b/packages/@aws-cdk/aws-msk/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::MSK", diff --git a/packages/@aws-cdk/aws-neptune/README.md b/packages/@aws-cdk/aws-neptune/README.md index 069e0feb746af..6b2eddde67362 100644 --- a/packages/@aws-cdk/aws-neptune/README.md +++ b/packages/@aws-cdk/aws-neptune/README.md @@ -1,12 +1,16 @@ -## Amazon Neptune Construct Library +# Amazon Neptune Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-neptune/package.json b/packages/@aws-cdk/aws-neptune/package.json index e979f191033aa..a8957ab3c5597 100644 --- a/packages/@aws-cdk/aws-neptune/package.json +++ b/packages/@aws-cdk/aws-neptune/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Neptune", diff --git a/packages/@aws-cdk/aws-networkfirewall/.eslintrc.js b/packages/@aws-cdk/aws-networkfirewall/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-networkfirewall/.gitignore b/packages/@aws-cdk/aws-networkfirewall/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-networkfirewall/.npmignore b/packages/@aws-cdk/aws-networkfirewall/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-networkfirewall/LICENSE b/packages/@aws-cdk/aws-networkfirewall/LICENSE new file mode 100644 index 0000000000000..b71ec1688783a --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-networkfirewall/NOTICE b/packages/@aws-cdk/aws-networkfirewall/NOTICE new file mode 100644 index 0000000000000..bfccac9a7f69c --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-networkfirewall/README.md b/packages/@aws-cdk/aws-networkfirewall/README.md new file mode 100644 index 0000000000000..9b6dc5712e4de --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/README.md @@ -0,0 +1,20 @@ +# AWS::NetworkFirewall Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import networkfirewall = require('@aws-cdk/aws-networkfirewall'); +``` diff --git a/packages/@aws-cdk/aws-networkfirewall/jest.config.js b/packages/@aws-cdk/aws-networkfirewall/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-networkfirewall/lib/index.ts b/packages/@aws-cdk/aws-networkfirewall/lib/index.ts new file mode 100644 index 0000000000000..1aa22b2582738 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::NetworkFirewall CloudFormation Resources: +export * from './networkfirewall.generated'; diff --git a/packages/@aws-cdk/aws-networkfirewall/package.json b/packages/@aws-cdk/aws-networkfirewall/package.json new file mode 100644 index 0000000000000..4244a68ab8977 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/package.json @@ -0,0 +1,97 @@ +{ + "name": "@aws-cdk/aws-networkfirewall", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::NetworkFirewall", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.NetworkFirewall", + "packageId": "Amazon.CDK.AWS.NetworkFirewall", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.networkfirewall", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "networkfirewall" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-networkfirewall", + "module": "aws_cdk.aws_networkfirewall" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-networkfirewall" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test+package": "npm run build+test && npm run package", + "build+test": "npm run build && npm test", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::NetworkFirewall", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::NetworkFirewall", + "aws-networkfirewall" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + } +} diff --git a/packages/@aws-cdk/aws-networkfirewall/test/networkfirewall.test.ts b/packages/@aws-cdk/aws-networkfirewall/test/networkfirewall.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-networkfirewall/test/networkfirewall.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-networkmanager/README.md b/packages/@aws-cdk/aws-networkmanager/README.md index 898602195a05a..0cee3e1290f04 100644 --- a/packages/@aws-cdk/aws-networkmanager/README.md +++ b/packages/@aws-cdk/aws-networkmanager/README.md @@ -1,12 +1,16 @@ -## AWS::NetworkManager Construct Library +# AWS::NetworkManager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-networkmanager/package.json b/packages/@aws-cdk/aws-networkmanager/package.json index c37cae4a92c20..6384bf99c98d3 100644 --- a/packages/@aws-cdk/aws-networkmanager/package.json +++ b/packages/@aws-cdk/aws-networkmanager/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::NetworkManager", diff --git a/packages/@aws-cdk/aws-opsworks/README.md b/packages/@aws-cdk/aws-opsworks/README.md index 228ba9a58e9d1..f5cc663c1b4d9 100644 --- a/packages/@aws-cdk/aws-opsworks/README.md +++ b/packages/@aws-cdk/aws-opsworks/README.md @@ -1,12 +1,16 @@ -## AWS OpsWorks Construct Library +# AWS OpsWorks Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-opsworks/package.json b/packages/@aws-cdk/aws-opsworks/package.json index c37aa3b6a6193..f4522ff87d766 100644 --- a/packages/@aws-cdk/aws-opsworks/package.json +++ b/packages/@aws-cdk/aws-opsworks/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::OpsWorks", diff --git a/packages/@aws-cdk/aws-opsworkscm/README.md b/packages/@aws-cdk/aws-opsworkscm/README.md index ed16e51350cb6..84a537a7012ad 100644 --- a/packages/@aws-cdk/aws-opsworkscm/README.md +++ b/packages/@aws-cdk/aws-opsworkscm/README.md @@ -1,12 +1,16 @@ -## AWS OpsWorks CM Construct Library +# AWS OpsWorks CM Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-opsworkscm/package.json b/packages/@aws-cdk/aws-opsworkscm/package.json index 475d423a77936..10eda477f9572 100644 --- a/packages/@aws-cdk/aws-opsworkscm/package.json +++ b/packages/@aws-cdk/aws-opsworkscm/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::OpsWorksCM", diff --git a/packages/@aws-cdk/aws-pinpoint/README.md b/packages/@aws-cdk/aws-pinpoint/README.md index d127f147031ce..3f2622e8063ca 100644 --- a/packages/@aws-cdk/aws-pinpoint/README.md +++ b/packages/@aws-cdk/aws-pinpoint/README.md @@ -1,12 +1,16 @@ -## Amazon Pinpoint Construct Library +# Amazon Pinpoint Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-pinpoint/package.json b/packages/@aws-cdk/aws-pinpoint/package.json index 355a2622af74b..17191f2fef2b3 100644 --- a/packages/@aws-cdk/aws-pinpoint/package.json +++ b/packages/@aws-cdk/aws-pinpoint/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Pinpoint", diff --git a/packages/@aws-cdk/aws-pinpointemail/README.md b/packages/@aws-cdk/aws-pinpointemail/README.md index 77f4461014e52..c2a0bf252be8f 100644 --- a/packages/@aws-cdk/aws-pinpointemail/README.md +++ b/packages/@aws-cdk/aws-pinpointemail/README.md @@ -1,12 +1,16 @@ -## Amazon Pinpoint Email Construct Library +# Amazon Pinpoint Email Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-pinpointemail/package.json b/packages/@aws-cdk/aws-pinpointemail/package.json index 291a9753a446b..d18a2055e9c9d 100644 --- a/packages/@aws-cdk/aws-pinpointemail/package.json +++ b/packages/@aws-cdk/aws-pinpointemail/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::PinpointEmail", diff --git a/packages/@aws-cdk/aws-qldb/README.md b/packages/@aws-cdk/aws-qldb/README.md index ec2a460377447..3df572f4dfcae 100644 --- a/packages/@aws-cdk/aws-qldb/README.md +++ b/packages/@aws-cdk/aws-qldb/README.md @@ -1,12 +1,16 @@ -## AWS::QLDB Construct Library +# AWS::QLDB Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-qldb/package.json b/packages/@aws-cdk/aws-qldb/package.json index 0a9efbca21d0c..dc8e42e6eb538 100644 --- a/packages/@aws-cdk/aws-qldb/package.json +++ b/packages/@aws-cdk/aws-qldb/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::QLDB", diff --git a/packages/@aws-cdk/aws-ram/README.md b/packages/@aws-cdk/aws-ram/README.md index c7a0e83c0dfc0..a2099d1f65a47 100644 --- a/packages/@aws-cdk/aws-ram/README.md +++ b/packages/@aws-cdk/aws-ram/README.md @@ -1,12 +1,16 @@ -## AWS Resource Access Manager Construct Library +# AWS Resource Access Manager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-ram/package.json b/packages/@aws-cdk/aws-ram/package.json index 29044fca0770f..f0ae21655882d 100644 --- a/packages/@aws-cdk/aws-ram/package.json +++ b/packages/@aws-cdk/aws-ram/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::RAM", diff --git a/packages/@aws-cdk/aws-rds/README.md b/packages/@aws-cdk/aws-rds/README.md index 4b5683d2dc37f..dc38706bc94eb 100644 --- a/packages/@aws-cdk/aws-rds/README.md +++ b/packages/@aws-cdk/aws-rds/README.md @@ -1,6 +1,6 @@ -## Amazon Relational Database Service Construct Library - +# Amazon Relational Database Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,13 +8,15 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + -```typescript + +```ts import * as rds from '@aws-cdk/aws-rds'; ``` -### Starting a clustered database +## Starting a clustered database To set up a clustered database (like Aurora), define a `DatabaseCluster`. You must always launch a database in a VPC. Use the `vpcSubnets` attribute to control whether @@ -59,7 +61,7 @@ new rds.DatabaseClusterFromSnapshot(stack, 'Database', { }); ``` -### Starting an instance database +## Starting an instance database To set up a instance database, define a `DatabaseInstance`. You must always launch a database in a VPC. Use the `vpcSubnets` attribute to control whether @@ -125,7 +127,7 @@ Creating a "production" Oracle database instance with option and parameter group [example of setting up a production oracle instance](test/integ.instance.lit.ts) -### Instance events +## Instance events To define Amazon CloudWatch event rules for database instances, use the `onEvent` method: @@ -134,7 +136,7 @@ method: const rule = instance.onEvent('InstanceEvent', { target: new targets.LambdaFunction(fn) }); ``` -### Login credentials +## Login credentials By default, database instances and clusters will have `admin` user with an auto-generated password. An alternative username (and password) may be specified for the admin user instead of the default. @@ -163,7 +165,7 @@ new rds.DatabaseInstance(this, 'InstanceWithSecretLogin', { }); ``` -### Connecting +## Connecting To control who can access the cluster or instance, use the `.connections` attribute. RDS databases have a default port, so you don't need to specify the port: @@ -185,7 +187,7 @@ For an instance database: const address = instance.instanceEndpoint.socketAddress; // "HOSTNAME:PORT" ``` -### Rotating credentials +## Rotating credentials When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically: @@ -226,7 +228,7 @@ The rotation will start as soon as this user exists. See also [@aws-cdk/aws-secretsmanager](https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-secretsmanager/README.md) for credentials rotation of existing clusters/instances. -### IAM Authentication +## IAM Authentication You can also authenticate to a database instance using AWS Identity and Access Management (IAM) database authentication; See for more information @@ -247,7 +249,7 @@ instance.grantConnect(role); // Grant the role connection access to the DB. **Note**: In addition to the setup above, a database user will need to be created to support IAM auth. See for setup instructions. -### Kerberos Authentication +## Kerberos Authentication You can also authenticate using Kerberos to a database instance using AWS Managed Microsoft AD for authentication; See for more information @@ -277,7 +279,7 @@ appropriate security groups/network ACL to allow traffic between the database in Once configured, see for details on configuring users for each available database engine. -### Metrics +## Metrics Database instances and clusters both expose metrics (`cloudwatch.Metric`): @@ -292,7 +294,7 @@ const cpuUtilization = cluster.metricCPUUtilization(); const readLatency = instance.metric('ReadLatency', { statistic: 'Average', periodSec: 60 }); ``` -### Enabling S3 integration +## Enabling S3 integration Data in S3 buckets can be imported to and exported from certain database engines using SQL queries. To enable this functionality, set the `s3ImportBuckets` and `s3ExportBuckets` properties for import and export respectively. When @@ -323,7 +325,7 @@ new rds.DatabaseCluster(this, 'dbcluster', { }); ``` -### Creating a Database Proxy +## Creating a Database Proxy Amazon RDS Proxy sits between your application and your relational database to efficiently manage connections to the database and improve scalability of the application. Learn more about at [Amazon RDS Proxy](https://aws.amazon.com/rds/proxy/) @@ -349,7 +351,7 @@ const proxy = dbInstance.addProxy('proxy', { }); ``` -### Exporting Logs +## Exporting Logs You can publish database logs to Amazon CloudWatch Logs. With CloudWatch Logs, you can perform real-time analysis of the log data, store the data in highly durable storage, and manage the data with the CloudWatch Logs Agent. This is available for both database @@ -379,7 +381,7 @@ const instance = new rds.DatabaseInstance(this, 'Instance', { }); ``` -### Option Groups +## Option Groups Some DB engines offer additional features that make it easier to manage data and databases, and to provide additional security for your database. Amazon RDS uses option groups to enable and configure these features. An option group can specify features, called options, @@ -403,7 +405,7 @@ new rds.OptionGroup(stack, 'Options', { }); ``` -### Serverless +## Serverless [Amazon Aurora Serverless]((https://aws.amazon.com/rds/aurora/serverless/)) is an on-demand, auto-scaling configuration for Amazon Aurora. The database will automatically start up, shut down, and scale capacity @@ -451,7 +453,7 @@ Read more about the [limitations of Aurora Serverless](https://docs.aws.amazon.c Learn more about using Amazon Aurora Serverless by reading the [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) -#### Data API +### Data API You can access your Aurora Serverless DB cluster using the built-in Data API. The Data API doesn't require a persistent connection to the DB cluster. Instead, it provides a secure HTTP endpoint and integration with AWS SDKs. diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index 564ff3e89b77e..82e3e67bd09ea 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::RDS", diff --git a/packages/@aws-cdk/aws-redshift/README.md b/packages/@aws-cdk/aws-redshift/README.md index 8ecdd21f72ca8..576068b02f818 100644 --- a/packages/@aws-cdk/aws-redshift/README.md +++ b/packages/@aws-cdk/aws-redshift/README.md @@ -1,20 +1,27 @@ -## Amazon Redshift Construct Library - +# Amazon Redshift Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + -### Starting a Redshift Cluster Database +## Starting a Redshift Cluster Database To set up a Redshift cluster, define a `Cluster`. It will be launched in a VPC. You can specify a VPC, otherwise one will be created. The nodes are always launched in private subnets and are encrypted by default. @@ -37,7 +44,7 @@ A default database named `default_db` will be created in the cluster. To change By default, the cluster will not be publicly accessible. Depending on your use case, you can make the cluster publicly accessible with the `publiclyAccessible` property. -### Connecting +## Connecting To control who can access the cluster, use the `.connections` attribute. Redshift Clusters have a default port, so you don't need to specify the port: @@ -52,7 +59,7 @@ The endpoint to access your database cluster will be available as the `.clusterE cluster.clusterEndpoint.socketAddress; // "HOSTNAME:PORT" ``` -### Rotating credentials +## Rotating credentials When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically: diff --git a/packages/@aws-cdk/aws-redshift/lib/cluster.ts b/packages/@aws-cdk/aws-redshift/lib/cluster.ts index 098055ada1042..9126ef4fda737 100644 --- a/packages/@aws-cdk/aws-redshift/lib/cluster.ts +++ b/packages/@aws-cdk/aws-redshift/lib/cluster.ts @@ -553,6 +553,9 @@ export class Cluster extends ClusterBase { } return undefined; } else { + if (Token.isUnresolved(numberOfNodes)) { + return numberOfNodes; + } const nodeCount = numberOfNodes ?? 2; if (nodeCount < 2 || nodeCount > 100) { throw new Error('Number of nodes for cluster type multi-node must be at least 2 and no more than 100'); diff --git a/packages/@aws-cdk/aws-redshift/package.json b/packages/@aws-cdk/aws-redshift/package.json index dbdc8994c5894..dd45d0f4c0984 100644 --- a/packages/@aws-cdk/aws-redshift/package.json +++ b/packages/@aws-cdk/aws-redshift/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Redshift", diff --git a/packages/@aws-cdk/aws-redshift/test/cluster.test.ts b/packages/@aws-cdk/aws-redshift/test/cluster.test.ts index e8c38692dcb45..bb6c966fed284 100644 --- a/packages/@aws-cdk/aws-redshift/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-redshift/test/cluster.test.ts @@ -210,6 +210,30 @@ describe('node count', () => { }); }).toThrow(/Number of nodes for cluster type multi-node must be at least 2 and no more than 100/); }); + + test('Multi-Node Clusters should allow input parameter for number of nodes', () => { + // WHEN + const numberOfNodesParam = new cdk.CfnParameter(stack, 'numberOfNodes', { + type: 'Number', + }); + + new Cluster(stack, 'Redshift', { + masterUser: { + masterUsername: 'admin', + }, + vpc, + clusterType: ClusterType.MULTI_NODE, + numberOfNodes: numberOfNodesParam.valueAsNumber, + }); + + // THEN + cdkExpect(stack).to(haveResource('AWS::Redshift::Cluster', { + ClusterType: 'multi-node', + NumberOfNodes: { + Ref: 'numberOfNodes', + }, + })); + }); }); test('create an encrypted cluster with custom KMS key', () => { diff --git a/packages/@aws-cdk/aws-resourcegroups/README.md b/packages/@aws-cdk/aws-resourcegroups/README.md index 736924d3b4d08..b24c366c8a3ca 100644 --- a/packages/@aws-cdk/aws-resourcegroups/README.md +++ b/packages/@aws-cdk/aws-resourcegroups/README.md @@ -1,12 +1,16 @@ -## AWS::ResourceGroups Construct Library +# AWS::ResourceGroups Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-resourcegroups/package.json b/packages/@aws-cdk/aws-resourcegroups/package.json index 1e0965bc9bbd3..fa6436b9696ca 100644 --- a/packages/@aws-cdk/aws-resourcegroups/package.json +++ b/packages/@aws-cdk/aws-resourcegroups/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ResourceGroups", diff --git a/packages/@aws-cdk/aws-robomaker/README.md b/packages/@aws-cdk/aws-robomaker/README.md index 0141c367bfdb8..4951007e3c051 100644 --- a/packages/@aws-cdk/aws-robomaker/README.md +++ b/packages/@aws-cdk/aws-robomaker/README.md @@ -1,12 +1,16 @@ -## AWS RoboMaker Construct Library +# AWS RoboMaker Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-robomaker/package.json b/packages/@aws-cdk/aws-robomaker/package.json index 5a95df9dce868..556ab61ddf960 100644 --- a/packages/@aws-cdk/aws-robomaker/package.json +++ b/packages/@aws-cdk/aws-robomaker/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::RoboMaker", diff --git a/packages/@aws-cdk/aws-route53-patterns/README.md b/packages/@aws-cdk/aws-route53-patterns/README.md index 0b21ed1340580..4fa852aaad777 100644 --- a/packages/@aws-cdk/aws-route53-patterns/README.md +++ b/packages/@aws-cdk/aws-route53-patterns/README.md @@ -1,10 +1,12 @@ # CDK Construct library for higher-level Route 53 Constructs + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library provides higher-level Amazon Route 53 constructs which follow common diff --git a/packages/@aws-cdk/aws-route53-patterns/package.json b/packages/@aws-cdk/aws-route53-patterns/package.json index e5db2082593d0..0390f220803d5 100644 --- a/packages/@aws-cdk/aws-route53-patterns/package.json +++ b/packages/@aws-cdk/aws-route53-patterns/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-route53-targets/README.md b/packages/@aws-cdk/aws-route53-targets/README.md index 06d7dd6568255..5270482564ee8 100644 --- a/packages/@aws-cdk/aws-route53-targets/README.md +++ b/packages/@aws-cdk/aws-route53-targets/README.md @@ -1,14 +1,18 @@ # Route53 Alias Record Targets for the CDK Route53 Library + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library contains Route53 Alias Record targets for: + * API Gateway custom domains + ```ts new route53.ARecord(this, 'AliasRecord', { zone, @@ -16,21 +20,27 @@ This library contains Route53 Alias Record targets for: // or - route53.RecordTarget.fromAlias(new alias.ApiGatewayDomain(domainName)), }); ``` + * API Gateway V2 custom domains + ```ts new route53.ARecord(this, 'AliasRecord', { zone, target: route53.RecordTarget.fromAlias(new alias.ApiGatewayv2Domain(domainName)), }); ``` + * CloudFront distributions + ```ts new route53.ARecord(this, 'AliasRecord', { zone, target: route53.RecordTarget.fromAlias(new alias.CloudFrontTarget(distribution)), }); ``` + * ELBv2 load balancers + ```ts new route53.ARecord(this, 'AliasRecord', { zone, @@ -38,7 +48,9 @@ This library contains Route53 Alias Record targets for: // or - route53.RecordTarget.fromAlias(new alias.ApiGatewayDomain(domainName)), }); ``` + * Classic load balancers + ```ts new route53.ARecord(this, 'AliasRecord', { zone, @@ -54,16 +66,19 @@ For example, if the Amazon-provided DNS for the load balancer is `ALB-xxxxxxx.us * InterfaceVpcEndpoints **Important:** Based on the CFN docs for VPCEndpoints - [see here](attrDnsEntries) - the attributes returned for DnsEntries in CloudFormation is a combination of the hosted zone ID and the DNS name. The entries are ordered as follows: regional public DNS, zonal public DNS, private DNS, and wildcard DNS. This order is not enforced for AWS Marketplace services, and therefore this CDK construct is ONLY guaranteed to work with non-marketplace services. + ```ts new route53.ARecord(stack, "AliasRecord", { zone, target: route53.RecordTarget.fromAlias(new alias.InterfaceVpcEndpointTarget(interfaceVpcEndpoint)) }); ``` + * S3 Bucket Website: **Important:** The Bucket name must strictly match the full DNS name. See [the Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) for more info. + ```ts const [recordName, domainName] = ['www', 'example.com']; @@ -81,7 +96,9 @@ See [the Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGu target: route53.RecordTarget.fromAlias(new alias.BucketWebsiteTarget(bucket)), }); ``` + * User pool domain + ```ts new route53.ARecord(this, 'AliasRecord', { zone, diff --git a/packages/@aws-cdk/aws-route53-targets/package.json b/packages/@aws-cdk/aws-route53-targets/package.json index 52e3e252fb960..c106bcdfec9d2 100644 --- a/packages/@aws-cdk/aws-route53-targets/package.json +++ b/packages/@aws-cdk/aws-route53-targets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-route53/README.md b/packages/@aws-cdk/aws-route53/README.md index cb88a5a8f16d8..d83ba3a547915 100644 --- a/packages/@aws-cdk/aws-route53/README.md +++ b/packages/@aws-cdk/aws-route53/README.md @@ -1,5 +1,6 @@ -## Amazon Route53 Construct Library +# Amazon Route53 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + To add a public hosted zone: @@ -37,9 +39,10 @@ const zone = new route53.PrivateHostedZone(this, 'HostedZone', { Additional VPCs can be added with `zone.addVpc()`. -### Adding Records +## Adding Records To add a TXT record to your zone: + ```ts import * as route53 from '@aws-cdk/aws-route53'; @@ -58,6 +61,7 @@ new route53.TxtRecord(this, 'TXTRecord', { ``` To add a A record to your zone: + ```ts import * as route53 from '@aws-cdk/aws-route53'; @@ -68,6 +72,7 @@ new route53.ARecord(this, 'ARecord', { ``` To add a AAAA record pointing to a CloudFront distribution: + ```ts import * as route53 from '@aws-cdk/aws-route53'; import * as targets from '@aws-cdk/aws-route53-targets'; @@ -83,7 +88,7 @@ Constructs are available for A, AAAA, CAA, CNAME, MX, NS, SRV and TXT records. Use the `CaaAmazonRecord` construct to easily restrict certificate authorities allowed to issue certificates for a domain to Amazon only. -### Imports +## Imports If you don't know the ID of the Hosted Zone to import, you can use the `HostedZone.fromLookup`: @@ -123,4 +128,4 @@ you know the ID and the retrieval for the `zoneName` is undesirable. const zone = HostedZone.fromHostedZoneId(this, 'MyZone', { hostedZoneId: 'ZOJJZC49E0EPZ', }); -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index 47358c707f4ce..c7cdda9c49f38 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Route53", @@ -73,7 +74,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-route53resolver/README.md b/packages/@aws-cdk/aws-route53resolver/README.md index 3afc83c252d8f..f6eea77064f22 100644 --- a/packages/@aws-cdk/aws-route53resolver/README.md +++ b/packages/@aws-cdk/aws-route53resolver/README.md @@ -1,16 +1,24 @@ -## Amazon Route53 Resolver Construct Library +# Amazon Route53 Resolver Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ```ts diff --git a/packages/@aws-cdk/aws-route53resolver/package.json b/packages/@aws-cdk/aws-route53resolver/package.json index ecd376d8b0873..027c64fba0408 100644 --- a/packages/@aws-cdk/aws-route53resolver/package.json +++ b/packages/@aws-cdk/aws-route53resolver/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Route53Resolver", diff --git a/packages/@aws-cdk/aws-s3-assets/README.md b/packages/@aws-cdk/aws-s3-assets/README.md index 287406b534559..3d508070d6a50 100644 --- a/packages/@aws-cdk/aws-s3-assets/README.md +++ b/packages/@aws-cdk/aws-s3-assets/README.md @@ -1,12 +1,18 @@ -## AWS CDK Assets +# AWS CDK Assets + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + Assets are local files or directories which are needed by a CDK app. A common @@ -50,7 +56,7 @@ The following examples grants an IAM group read permissions on an asset: [Example of granting read access to an asset](./test/integ.assets.permissions.lit.ts) -## How does it work? +## How does it work When an asset is defined in a construct, a construct metadata entry `aws:cdk:asset` is emitted with instructions on where to find the asset and what @@ -128,8 +134,8 @@ locally for debugging purposes. To enable such use cases, external tools will consult a set of metadata entries on AWS CloudFormation resources: -- `aws:asset:path` points to the local path of the asset. -- `aws:asset:property` is the name of the resource property where the asset is used +* `aws:asset:path` points to the local path of the asset. +* `aws:asset:property` is the name of the resource property where the asset is used Using these two metadata entries, tools will be able to identify that assets are used by a certain resource, and enable advanced local experiences. diff --git a/packages/@aws-cdk/aws-s3-assets/package.json b/packages/@aws-cdk/aws-s3-assets/package.json index 46eacfbb32c84..d85639e72166b 100644 --- a/packages/@aws-cdk/aws-s3-assets/package.json +++ b/packages/@aws-cdk/aws-s3-assets/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "jest": true, diff --git a/packages/@aws-cdk/aws-s3-deployment/README.md b/packages/@aws-cdk/aws-s3-deployment/README.md index 9c922719e5e96..9530ca3b61c34 100644 --- a/packages/@aws-cdk/aws-s3-deployment/README.md +++ b/packages/@aws-cdk/aws-s3-deployment/README.md @@ -1,13 +1,18 @@ -## AWS S3 Deployment Construct Library - +# AWS S3 Deployment Construct Library + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + > __Status: Experimental__ @@ -71,7 +76,7 @@ By default, files in the destination bucket that don't exist in the source will when the `BucketDeployment` resource is created or updated. You can use the option `prune: false` to disable this behavior, in which case the files will not be deleted. -```typescript +```ts new s3deploy.BucketDeployment(this, 'DeployMeWithoutDeletingFilesOnDestination', { sources: [s3deploy.Source.asset(path.join(__dirname, 'my-website'))], destinationBucket, @@ -83,7 +88,7 @@ This option also enables you to specify multiple bucket deployments for the same each with its own characteristics. For example, you can set different cache-control headers based on file extensions: -```typescript +```ts new BucketDeployment(this, 'BucketDeployment', { sources: [Source.asset('./website', { exclude: ['index.html' })], destinationBucket: bucket, @@ -199,18 +204,18 @@ size of the AWS Lambda resource handler. ## Notes - * This library uses an AWS CloudFormation custom resource which about 10MiB in - size. The code of this resource is bundled with this library. - * AWS Lambda execution time is limited to 15min. This limits the amount of data which can - be deployed into the bucket by this timeout. - * When the `BucketDeployment` is removed from the stack, the contents are retained - in the destination bucket ([#952](https://github.com/aws/aws-cdk/issues/952)). - * Bucket deployment _only happens_ during stack create/update. This means that - if you wish to update the contents of the destination, you will need to - change the source s3 key (or bucket), so that the resource will be updated. - This is inline with best practices. If you use local disk assets, this will - happen automatically whenever you modify the asset, since the S3 key is based - on a hash of the asset contents. +- This library uses an AWS CloudFormation custom resource which about 10MiB in + size. The code of this resource is bundled with this library. +- AWS Lambda execution time is limited to 15min. This limits the amount of data + which can be deployed into the bucket by this timeout. +- When the `BucketDeployment` is removed from the stack, the contents are retained + in the destination bucket ([#952](https://github.com/aws/aws-cdk/issues/952)). +- Bucket deployment _only happens_ during stack create/update. This means that + if you wish to update the contents of the destination, you will need to + change the source s3 key (or bucket), so that the resource will be updated. + This is inline with best practices. If you use local disk assets, this will + happen automatically whenever you modify the asset, since the S3 key is based + on a hash of the asset contents. ## Development diff --git a/packages/@aws-cdk/aws-s3-deployment/package.json b/packages/@aws-cdk/aws-s3-deployment/package.json index fa62ca2e0f789..696bdf08cd5b3 100644 --- a/packages/@aws-cdk/aws-s3-deployment/package.json +++ b/packages/@aws-cdk/aws-s3-deployment/package.json @@ -49,7 +49,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "/bin/bash lambda/build.sh" + "gen": "/bin/bash lambda/build.sh", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "test": [ diff --git a/packages/@aws-cdk/aws-s3-notifications/README.md b/packages/@aws-cdk/aws-s3-notifications/README.md index 0fbf2e68ab9c9..8efbb5149f627 100644 --- a/packages/@aws-cdk/aws-s3-notifications/README.md +++ b/packages/@aws-cdk/aws-s3-notifications/README.md @@ -1,10 +1,12 @@ -## S3 Bucket Notifications Destinations +# S3 Bucket Notifications Destinations + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This module includes integration classes for using Topics, Queues or Lambdas @@ -22,4 +24,4 @@ const bucket = new s3.Bucket(stack, 'Bucket'); const topic = new sns.Topic(stack, 'Topic'); bucket.addEventNotification(s3.EventType.OBJECT_CREATED_PUT, new s3n.SnsDestination(topic)); -``` \ No newline at end of file +``` diff --git a/packages/@aws-cdk/aws-s3-notifications/package.json b/packages/@aws-cdk/aws-s3-notifications/package.json index e78e96ff53d62..5615003d2434a 100644 --- a/packages/@aws-cdk/aws-s3-notifications/package.json +++ b/packages/@aws-cdk/aws-s3-notifications/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-s3/README.md b/packages/@aws-cdk/aws-s3/README.md index b3eb2e1a4707d..f453a84daa447 100644 --- a/packages/@aws-cdk/aws-s3/README.md +++ b/packages/@aws-cdk/aws-s3/README.md @@ -1,5 +1,6 @@ -## Amazon S3 Construct Library +# Amazon S3 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Define an unencrypted S3 bucket. @@ -36,7 +38,7 @@ new Bucket(this, 'MyFirstBucket'); * `s3UrlForObject(key)` - the S3 URL of an object within the bucket (i.e. `s3://bucket/mykey`) -### Encryption +## Encryption Define a KMS-encrypted bucket: @@ -72,7 +74,7 @@ const bucket = new Bucket(this, 'Buck', { assert(bucket.encryptionKey == null); ``` -### Permissions +## Permissions A bucket policy will be automatically created for the bucket upon the first call to `addToResourcePolicy(statement)`: @@ -107,13 +109,13 @@ bucket.grantReadWrite(lambda); Will give the Lambda's execution role permissions to read and write from the bucket. -### Sharing buckets between stacks +## Sharing buckets between stacks To use a bucket in a different stack in the same CDK application, pass the object to the other stack: [sharing bucket between stacks](test/integ.bucket-sharing.lit.ts) -### Importing existing buckets +## Importing existing buckets To import an existing bucket into your CDK application, use the `Bucket.fromBucketAttributes` factory method. This method accepts `BucketAttributes` which describes the properties of an already @@ -148,7 +150,7 @@ const myCrossRegionBucket = Bucket.fromBucketAttributes(this, 'CrossRegionImport // myCrossRegionBucket.bucketRegionalDomainName === 'my-bucket.s3.us-east-1.amazonaws.com' ``` -### Bucket Notifications +## Bucket Notifications The Amazon S3 notification feature enables you to receive notifications when certain events happen in your bucket as described under [S3 Bucket @@ -185,11 +187,12 @@ bucket.addEventNotification(s3.EventType.OBJECT_REMOVED, [S3 Bucket Notifications]: https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html -### Block Public Access +## Block Public Access Use `blockPublicAccess` to specify [block public access settings] on the bucket. Enable all block public access settings: + ```ts const bucket = new Bucket(this, 'MyBlockedBucket', { blockPublicAccess: BlockPublicAccess.BLOCK_ALL @@ -197,6 +200,7 @@ const bucket = new Bucket(this, 'MyBlockedBucket', { ``` Block and ignore public ACLs: + ```ts const bucket = new Bucket(this, 'MyBlockedBucket', { blockPublicAccess: BlockPublicAccess.BLOCK_ACLS @@ -204,6 +208,7 @@ const bucket = new Bucket(this, 'MyBlockedBucket', { ``` Alternatively, specify the settings manually: + ```ts const bucket = new Bucket(this, 'MyBlockedBucket', { blockPublicAccess: new BlockPublicAccess({ blockPublicPolicy: true }) @@ -214,7 +219,7 @@ When `blockPublicPolicy` is set to `true`, `grantPublicRead()` throws an error. [block public access settings]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html -### Logging configuration +## Logging configuration Use `serverAccessLogsBucket` to describe where server access logs are to be stored. @@ -237,7 +242,7 @@ const bucket = new Bucket(this, 'MyBucket', { [S3 Server access logging]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html -### S3 Inventory +## S3 Inventory An [inventory](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) contains a list of the objects in the source bucket and metadata for each object. The inventory lists are stored in the destination bucket as a CSV file compressed with GZIP, as an Apache optimized row columnar (ORC) file compressed with ZLIB, or as an Apache Parquet (Parquet) file compressed with Snappy. @@ -270,7 +275,7 @@ const dataBucket = new s3.Bucket(this, 'DataBucket', { If the destination bucket is created as part of the same CDK application, the necessary permissions will be automatically added to the bucket policy. However, if you use an imported bucket (i.e `Bucket.fromXXX()`), you'll have to make sure it contains the following policy document: -``` +```json { "Version": "2012-10-17", "Statement": [ @@ -285,13 +290,13 @@ However, if you use an imported bucket (i.e `Bucket.fromXXX()`), you'll have to } ``` -### Website redirection +## Website redirection You can use the two following properties to specify the bucket [redirection policy]. Please note that these methods cannot both be applied to the same bucket. [redirection policy]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects -#### Static redirection +### Static redirection You can statically redirect a to a given Bucket URL or any other host name with `websiteRedirect`: @@ -301,7 +306,7 @@ const bucket = new Bucket(this, 'MyRedirectedBucket', { }); ``` -#### Routing rules +### Routing rules Alternatively, you can also define multiple `websiteRoutingRules`, to define complex, conditional redirections: @@ -320,13 +325,13 @@ const bucket = new Bucket(this, 'MyRedirectedBucket', { }); ``` -### Filling the bucket as part of deployment +## Filling the bucket as part of deployment To put files into a bucket as part of a deployment (for example, to host a website), see the `@aws-cdk/aws-s3-deployment` package, which provides a resource that can do just that. -### The URL for objects +## The URL for objects S3 provides two types of URLs for accessing objects via HTTP(S). Path-Style and [Virtual Hosted-Style](https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) diff --git a/packages/@aws-cdk/aws-s3/package.json b/packages/@aws-cdk/aws-s3/package.json index c886e31837d75..02da965202f64 100644 --- a/packages/@aws-cdk/aws-s3/package.json +++ b/packages/@aws-cdk/aws-s3/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::S3", diff --git a/packages/@aws-cdk/aws-s3/test/util.test.ts b/packages/@aws-cdk/aws-s3/test/util.test.ts index 13a6376847ee9..528b83b10404b 100644 --- a/packages/@aws-cdk/aws-s3/test/util.test.ts +++ b/packages/@aws-cdk/aws-s3/test/util.test.ts @@ -61,7 +61,7 @@ nodeunitShim({ 'fails if ARN has invalid format'(test: Test) { const stack = new cdk.Stack(); const bucketArn = 'invalid-arn'; - test.throws(() => parseBucketName(stack, { bucketArn }), /ARNs must have at least 6 components/); + test.throws(() => parseBucketName(stack, { bucketArn }), /ARNs must/); test.done(); }, }, diff --git a/packages/@aws-cdk/aws-sagemaker/README.md b/packages/@aws-cdk/aws-sagemaker/README.md index 52ccd036c1cf5..b3e6c5c20fbe3 100644 --- a/packages/@aws-cdk/aws-sagemaker/README.md +++ b/packages/@aws-cdk/aws-sagemaker/README.md @@ -1,12 +1,16 @@ -## Amazon SageMaker Construct Library +# Amazon SageMaker Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + ```ts diff --git a/packages/@aws-cdk/aws-sagemaker/package.json b/packages/@aws-cdk/aws-sagemaker/package.json index 5d0e892ab9c59..a88ab5c1bd71f 100644 --- a/packages/@aws-cdk/aws-sagemaker/package.json +++ b/packages/@aws-cdk/aws-sagemaker/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SageMaker", diff --git a/packages/@aws-cdk/aws-sam/README.md b/packages/@aws-cdk/aws-sam/README.md index 8e4c28bed41de..caf5119f08c7e 100644 --- a/packages/@aws-cdk/aws-sam/README.md +++ b/packages/@aws-cdk/aws-sam/README.md @@ -1,12 +1,16 @@ -## AWS Serverless Application Model Construct Library +# AWS Serverless Application Model Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module includes low-level constructs that synthesize into `AWS::Serverless` resources. @@ -15,7 +19,7 @@ This module includes low-level constructs that synthesize into `AWS::Serverless` import * as sam from '@aws-cdk/aws-sam'; ``` -### Related +## Related The following AWS CDK modules include constructs that can be used to work with Amazon API Gateway and AWS Lambda: diff --git a/packages/@aws-cdk/aws-sam/package.json b/packages/@aws-cdk/aws-sam/package.json index 7a788ee71a606..05e50e259af14 100644 --- a/packages/@aws-cdk/aws-sam/package.json +++ b/packages/@aws-cdk/aws-sam/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Serverless", diff --git a/packages/@aws-cdk/aws-sdb/README.md b/packages/@aws-cdk/aws-sdb/README.md index 89ea4107fec62..228ed6b04074a 100644 --- a/packages/@aws-cdk/aws-sdb/README.md +++ b/packages/@aws-cdk/aws-sdb/README.md @@ -1,12 +1,16 @@ -## Amazon SimpleDB Construct Library +# Amazon SimpleDB Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-sdb/package.json b/packages/@aws-cdk/aws-sdb/package.json index 2afed44232898..8168f1103341d 100644 --- a/packages/@aws-cdk/aws-sdb/package.json +++ b/packages/@aws-cdk/aws-sdb/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SDB", diff --git a/packages/@aws-cdk/aws-secretsmanager/README.md b/packages/@aws-cdk/aws-secretsmanager/README.md index 383a4ff2870c1..959b73e12a669 100644 --- a/packages/@aws-cdk/aws-secretsmanager/README.md +++ b/packages/@aws-cdk/aws-secretsmanager/README.md @@ -1,6 +1,6 @@ -## AWS Secrets Manager Construct Library - +# AWS Secrets Manager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -8,13 +8,15 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + + ```ts import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; ``` -### Create a new Secret in a Stack +## Create a new Secret in a Stack In order to have SecretsManager generate a new secret value automatically, you can get started with the following: @@ -43,7 +45,7 @@ list of properties, see [the CloudFormation Dynamic References documentation](ht A secret can set `RemovalPolicy`. If it set to `RETAIN`, that removing a secret will fail. -### Grant permission to use the secret to a role +## Grant permission to use the secret to a role You must grant permission to a resource for that resource to be allowed to use a secret. This can be achieved with the `Secret.grantRead` and/or `Secret.grantUpdate` @@ -69,9 +71,9 @@ then `Secret.grantRead` and `Secret.grantWrite` will also grant the role the relevant encrypt and decrypt permissions to the KMS key through the SecretsManager service principal. -### Rotating a Secret +## Rotating a Secret -#### Using a Custom Lambda Function +### Using a Custom Lambda Function A rotation schedule can be added to a Secret using a custom Lambda function: @@ -87,7 +89,7 @@ secret.addRotationSchedule('RotationSchedule', { See [Overview of the Lambda Rotation Function](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-lambda-function-overview.html) on how to implement a Lambda Rotation Function. -#### Using a Hosted Lambda Function +### Using a Hosted Lambda Function Use the `hostedRotation` prop to rotate a secret with a hosted Lambda function: @@ -112,7 +114,7 @@ dbConnections.allowDefaultPortFrom(hostedRotation); See also [Automating secret creation in AWS CloudFormation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/integrating_cloudformation.html). -### Rotating database credentials +## Rotating database credentials Define a `SecretRotation` to rotate database credentials: @@ -157,7 +159,7 @@ new secretsmanager.SecretRotation(stack, 'SecretRotation', { See also [aws-rds](https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-rds/README.md) where credentials generation and rotation is integrated. -### Importing Secrets +## Importing Secrets Existing secrets can be imported by ARN, name, and other attributes (including the KMS key used to encrypt the secret). Secrets imported by name should use the short-form of the name (without the SecretsManager-provided suffx); diff --git a/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts b/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts index 33bc8a709efcf..2b5361572e804 100644 --- a/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts +++ b/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts @@ -1,6 +1,7 @@ import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; -import { IResource, RemovalPolicy, Resource, SecretValue, Stack, Token } from '@aws-cdk/core'; +import { FeatureFlags, Fn, IResource, RemovalPolicy, Resource, SecretValue, Stack, Token } from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { IConstruct, Construct } from 'constructs'; import { ResourcePolicy } from './policy'; import { RotationSchedule, RotationScheduleOptions } from './rotation-schedule'; @@ -30,7 +31,10 @@ export interface ISecret extends IResource { readonly secretFullArn?: string; /** - * The name of the secret + * The name of the secret. + * + * For "owned" secrets, this will be the full resource name (secret name + suffix), unless the + * '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set. */ readonly secretName: string; @@ -437,7 +441,10 @@ export class Secret extends SecretBase { }); this.encryptionKey = props.encryptionKey; - this.secretName = parseSecretName(this, this.secretArn); + const parseOwnedSecretName = FeatureFlags.of(this).isEnabled(cxapi.SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME); + this.secretName = parseOwnedSecretName + ? parseSecretNameForOwnedSecret(this, this.secretArn, props.secretName) + : parseSecretName(this, this.secretArn); // @see https://docs.aws.amazon.com/kms/latest/developerguide/services-secrets-manager.html#asm-authz const principal = @@ -707,6 +714,39 @@ function parseSecretName(construct: IConstruct, secretArn: string) { throw new Error('invalid ARN format; no secret name provided'); } +/** + * Parses the secret name from the ARN of an owned secret. With owned secrets we know a few things we don't with imported secrets: + * - The ARN is guaranteed to be a full ARN, with suffix. + * - The name -- if provided -- will tell us how many hyphens to expect in the final secret name. + * - If the name is not provided, we know the format used by CloudFormation for auto-generated names. + * + * Note: This is done rather than just returning the secret name passed in by the user to keep the relationship + * explicit between the Secret and wherever the secretName might be used (i.e., using Tokens). + */ +function parseSecretNameForOwnedSecret(construct: Construct, secretArn: string, secretName?: string) { + const resourceName = Stack.of(construct).parseArn(secretArn, ':').resourceName; + if (!resourceName) { + throw new Error('invalid ARN format; no secret name provided'); + } + + // Secret name was explicitly provided, but is unresolved; best option is to use it directly. + // If it came from another Secret, it should (hopefully) already be properly formatted. + if (secretName && Token.isUnresolved(secretName)) { + return secretName; + } + + // If no secretName was provided, the name will be automatically generated by CloudFormation. + // The autogenerated names have the form of `${logicalID}-${random}`. + // Otherwise, we can use the existing secretName to determine how to parse the resulting resourceName. + const secretNameHyphenatedSegments = secretName ? secretName.split('-').length : 2; + // 2 => [0, 1] + const segmentIndexes = [...new Array(secretNameHyphenatedSegments)].map((_, i) => i); + + // Create the secret name from the resource name by joining all the known segments together. + // This should have the effect of stripping the final hyphen and SecretManager suffix. + return Fn.join('-', segmentIndexes.map(i => Fn.select(i, Fn.split('-', resourceName)))); +} + /** Performs a best guess if an ARN is complete, based on if it ends with a 6-character suffix. */ function arnIsComplete(secretArn: string): boolean { return Token.isUnresolved(secretArn) || /-[a-z0-9]{6}$/i.test(secretArn); diff --git a/packages/@aws-cdk/aws-secretsmanager/package.json b/packages/@aws-cdk/aws-secretsmanager/package.json index 9cf9e71ee87e7..1a95dd50304ea 100644 --- a/packages/@aws-cdk/aws-secretsmanager/package.json +++ b/packages/@aws-cdk/aws-secretsmanager/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SecretsManager", @@ -86,6 +87,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/cx-api": "0.0.0", "constructs": "^3.2.0" }, "peerDependencies": { @@ -95,6 +97,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/cx-api": "0.0.0", "constructs": "^3.2.0" }, "engines": { diff --git a/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.expected.json b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.expected.json new file mode 100644 index 0000000000000..b1b91a239d649 --- /dev/null +++ b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.expected.json @@ -0,0 +1,392 @@ +{ + "Resources": { + "DefaultSecret67034726": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {} + } + }, + "NamedSecret7CD5422D": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {}, + "Name": "namedSecret" + } + }, + "NamedSecretWithHyphen6DC9716A": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {}, + "Name": "named-secret-1" + } + }, + "AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName83476586": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {} + } + }, + "CustomIntegVerificationSecretNameMatchesCustomResourceProviderRole4A6F8B2A": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Resource": [ + { + "Ref": "DefaultSecret67034726" + }, + { + "Ref": "NamedSecret7CD5422D" + }, + { + "Ref": "NamedSecretWithHyphen6DC9716A" + }, + { + "Ref": "AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName83476586" + } + ], + "Action": [ + "secretsmanager:DescribeSecret" + ] + } + ] + } + } + ] + } + }, + "CustomIntegVerificationSecretNameMatchesCustomResourceProviderHandler2A57F6AE": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9S3BucketED542E1C" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9S3VersionKey10487FD6" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9S3VersionKey10487FD6" + } + ] + } + ] + } + ] + ] + } + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "__entrypoint__.handler", + "Role": { + "Fn::GetAtt": [ + "CustomIntegVerificationSecretNameMatchesCustomResourceProviderRole4A6F8B2A", + "Arn" + ] + }, + "Runtime": "nodejs12.x" + }, + "DependsOn": [ + "CustomIntegVerificationSecretNameMatchesCustomResourceProviderRole4A6F8B2A" + ] + }, + "SecretNameVerification": { + "Type": "Custom::IntegVerificationSecretNameMatches", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomIntegVerificationSecretNameMatchesCustomResourceProviderHandler2A57F6AE", + "Arn" + ] + }, + "Secrets": [ + { + "secretArn": { + "Ref": "DefaultSecret67034726" + }, + "secretName": { + "Fn::Join": [ + "-", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "DefaultSecret67034726" + } + ] + } + ] + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "DefaultSecret67034726" + } + ] + } + ] + } + ] + } + ] + } + ] + ] + } + }, + { + "secretArn": { + "Ref": "NamedSecret7CD5422D" + }, + "secretName": { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "NamedSecret7CD5422D" + } + ] + } + ] + } + ] + } + ] + } + }, + { + "secretArn": { + "Ref": "NamedSecretWithHyphen6DC9716A" + }, + "secretName": { + "Fn::Join": [ + "-", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "NamedSecretWithHyphen6DC9716A" + } + ] + } + ] + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "NamedSecretWithHyphen6DC9716A" + } + ] + } + ] + } + ] + } + ] + }, + { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "NamedSecretWithHyphen6DC9716A" + } + ] + } + ] + } + ] + } + ] + } + ] + ] + } + }, + { + "secretArn": { + "Ref": "AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName83476586" + }, + "secretName": { + "Fn::Join": [ + "-", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName83476586" + } + ] + } + ] + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "-", + { + "Fn::Select": [ + 6, + { + "Fn::Split": [ + ":", + { + "Ref": "AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName83476586" + } + ] + } + ] + } + ] + } + ] + } + ] + ] + } + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9S3BucketED542E1C": { + "Type": "String", + "Description": "S3 bucket for asset \"2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9\"" + }, + "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9S3VersionKey10487FD6": { + "Type": "String", + "Description": "S3 key for asset version \"2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9\"" + }, + "AssetParameters2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9ArtifactHashB26239A1": { + "Type": "String", + "Description": "Artifact hash for asset \"2a2da33f11dc6085a4843d85898c13b2798393e7650fbb994d866555e23f79e9\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/.gitignore b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/.gitignore new file mode 100644 index 0000000000000..033e6722bb6e0 --- /dev/null +++ b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/.gitignore @@ -0,0 +1 @@ +!index.js diff --git a/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/index.js b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/index.js new file mode 100644 index 0000000000000..758813d070cc5 --- /dev/null +++ b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.handler/index.js @@ -0,0 +1,21 @@ +/* eslint-disable no-console */ +var AWS = require('aws-sdk'); + +exports.handler = async function (event) { + const props = event.ResourceProperties; + + if (event.RequestType === 'Create' || event.RequestType === 'Update') { + const secretsmanager = new AWS.SecretsManager(); + console.log(`Secrets to validate: ${props.Secrets}`); + for (const secret of props.Secrets) { + await validateSecretNameMatchesExpected(secretsmanager, secret); + } + } +} + +async function validateSecretNameMatchesExpected(secretsmanager, secretInfo) { + const secret = await secretsmanager.describeSecret({ SecretId: secretInfo.secretArn }).promise(); + if (secretInfo.secretName !== secret.Name) { + throw new Error(`Actual secret name doesn't match expected. Actual: (${secret.Name}), Expected: (${secretInfo.secretName})`); + } +} diff --git a/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.ts b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.ts new file mode 100644 index 0000000000000..49dde40e8b9f4 --- /dev/null +++ b/packages/@aws-cdk/aws-secretsmanager/test/integ.secret-name-parsed.ts @@ -0,0 +1,47 @@ +import * as path from 'path'; +import * as cdk from '@aws-cdk/core'; +import * as secretsmanager from '../lib'; + +/** + * Creates several secrets, with varying names and IDs, with the parseOwnedSecretName feature flag set, + * to verify the secretName returned by `Secret.secretName` matches the `Name` returned by `DescribeSecrets`. + */ + +class SecretsManagerStack extends cdk.Stack { + constructor(scope: cdk.App, id: string) { + super(scope, id); + + const defaultSecret = new secretsmanager.Secret(this, 'DefaultSecret'); + const namedSecret = new secretsmanager.Secret(this, 'NamedSecret', { secretName: 'namedSecret' }); + const namedSecretWithHyphen = new secretsmanager.Secret(this, 'NamedSecretWithHyphen', { secretName: 'named-secret-1' }); + const longSecret = new secretsmanager.Secret(this, 'AReallyLongLogicalIThatWillBeTrimmedBeforeItsUsedInTheName'); + + const secrets = [defaultSecret, namedSecret, namedSecretWithHyphen, longSecret]; + + const resourceType = 'Custom::IntegVerificationSecretNameMatches'; + const serviceToken = cdk.CustomResourceProvider.getOrCreate(this, resourceType, { + codeDirectory: path.join(__dirname, 'integ.secret-name-parsed.handler'), + runtime: cdk.CustomResourceProviderRuntime.NODEJS_12, + policyStatements: [{ + Effect: 'Allow', + Resource: secrets.map(s => s.secretArn), + Action: ['secretsmanager:DescribeSecret'], + }], + }); + new cdk.CustomResource(this, 'SecretNameVerification', { + resourceType: resourceType, + serviceToken, + properties: { + Secrets: secrets.map(s => ({ secretArn: s.secretArn, secretName: s.secretName })), + }, + }); + } +} + +const app = new cdk.App({ + context: { + '@aws-cdk/aws-secretsmanager:parseOwnedSecretName': 'true', + }, +}); +new SecretsManagerStack(app, 'Integ-SecretsManager-ParsedSecretName'); +app.synth(); diff --git a/packages/@aws-cdk/aws-secretsmanager/test/secret.test.ts b/packages/@aws-cdk/aws-secretsmanager/test/secret.test.ts index 0e56a72bc3c54..22dae639500dd 100644 --- a/packages/@aws-cdk/aws-secretsmanager/test/secret.test.ts +++ b/packages/@aws-cdk/aws-secretsmanager/test/secret.test.ts @@ -1,14 +1,16 @@ import '@aws-cdk/assert/jest'; -import { ResourcePart } from '@aws-cdk/assert'; +import { expect as assertExpect, ResourcePart } from '@aws-cdk/assert'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as lambda from '@aws-cdk/aws-lambda'; import * as cdk from '@aws-cdk/core'; import * as secretsmanager from '../lib'; +let app: cdk.App; let stack: cdk.Stack; beforeEach(() => { - stack = new cdk.Stack(); + app = new cdk.App(); + stack = new cdk.Stack(app); }); test('default secret', () => { @@ -426,18 +428,106 @@ test('secretValue', () => { }); describe('secretName', () => { - test.each([undefined, 'mySecret'])('when secretName is %s', (secretName) => { - const secret = new secretsmanager.Secret(stack, 'Secret', { - secretName, + describe('without @aws-cdk/aws-secretsmanager:parseOwnedSecretName set', () => { + test.each([undefined, 'mySecret'])('when secretName is %s', (secretName) => { + const secret = new secretsmanager.Secret(stack, 'Secret', { + secretName, + }); + new cdk.CfnOutput(stack, 'MySecretName', { + value: secret.secretName, + }); + + // Creates secret name by parsing ARN. + expect(stack).toHaveOutput({ + outputName: 'MySecretName', + outputValue: { 'Fn::Select': [6, { 'Fn::Split': [':', { Ref: 'SecretA720EF05' }] }] }, + }); }); - new cdk.CfnOutput(stack, 'MySecretName', { - value: secret.secretName, + }); + + describe('with @aws-cdk/aws-secretsmanager:parseOwnedSecretName set', () => { + beforeEach(() => { + app = new cdk.App({ + context: { + '@aws-cdk/aws-secretsmanager:parseOwnedSecretName': 'true', + }, + }); + stack = new cdk.Stack(app); + }); + + test('selects the first two parts of the resource name when the name is auto-generated', () => { + const secret = new secretsmanager.Secret(stack, 'Secret'); + new cdk.CfnOutput(stack, 'MySecretName', { + value: secret.secretName, + }); + + const resourceName = { 'Fn::Select': [6, { 'Fn::Split': [':', { Ref: 'SecretA720EF05' }] }] }; + + expect(stack).toHaveOutput({ + outputName: 'MySecretName', + outputValue: { + 'Fn::Join': ['-', [ + { 'Fn::Select': [0, { 'Fn::Split': ['-', resourceName] }] }, + { 'Fn::Select': [1, { 'Fn::Split': ['-', resourceName] }] }, + ]], + }, + }); + }); + + test('is simply the first segment when the provided secret name has no hyphens', () => { + const secret = new secretsmanager.Secret(stack, 'Secret', { secretName: 'mySecret' }); + new cdk.CfnOutput(stack, 'MySecretName', { + value: secret.secretName, + }); + + const resourceName = { 'Fn::Select': [6, { 'Fn::Split': [':', { Ref: 'SecretA720EF05' }] }] }; + + expect(stack).toHaveOutput({ + outputName: 'MySecretName', + outputValue: { + 'Fn::Select': [0, { 'Fn::Split': ['-', resourceName] }], + }, + }); + }); + + test.each([ + [2, 'my-secret'], + [3, 'my-secret-hyphenated'], + [4, 'my-secret-with-hyphens'], + ])('selects the %n parts of the resource name when the secret name is provided', (segments, secretName) => { + const secret = new secretsmanager.Secret(stack, 'Secret', { secretName }); + new cdk.CfnOutput(stack, 'MySecretName', { + value: secret.secretName, + }); + + const resourceName = { 'Fn::Select': [6, { 'Fn::Split': [':', { Ref: 'SecretA720EF05' }] }] }; + const secretNameSegments = []; + for (let i = 0; i < segments; i++) { + secretNameSegments.push({ 'Fn::Select': [i, { 'Fn::Split': ['-', resourceName] }] }); + } + + expect(stack).toHaveOutput({ + outputName: 'MySecretName', + outputValue: { + 'Fn::Join': ['-', secretNameSegments], + }, + }); }); - // Creates secret name by parsing ARN. - expect(stack).toHaveOutput({ - outputName: 'MySecretName', - outputValue: { 'Fn::Select': [6, { 'Fn::Split': [':', { Ref: 'SecretA720EF05' }] }] }, + test('uses existing Tokens as secret names as-is', () => { + const secret1 = new secretsmanager.Secret(stack, 'Secret1'); + const secret2 = new secretsmanager.Secret(stack, 'Secret2', { + secretName: secret1.secretName, + }); + new cdk.CfnOutput(stack, 'MySecretName1', { + value: secret1.secretName, + }); + new cdk.CfnOutput(stack, 'MySecretName2', { + value: secret2.secretName, + }); + + const outputs = assertExpect(stack).value.Outputs; + expect(outputs.MySecretName1).toEqual(outputs.MySecretName2); }); }); }); @@ -492,7 +582,6 @@ test('import by secretArn does not strip suffixes unless the suffix length is si test('import by secretArn supports tokens for ARNs', () => { // GIVEN - const app = new cdk.App(); const stackA = new cdk.Stack(app, 'StackA'); const stackB = new cdk.Stack(app, 'StackB'); const secretA = new secretsmanager.Secret(stackA, 'SecretA'); @@ -862,7 +951,6 @@ test('can add to the resource policy of a secret', () => { test('fails if secret policy has no actions', () => { // GIVEN - const app = new cdk.App(); stack = new cdk.Stack(app, 'my-stack'); const secret = new secretsmanager.Secret(stack, 'Secret'); @@ -878,7 +966,6 @@ test('fails if secret policy has no actions', () => { test('fails if secret policy has no IAM principals', () => { // GIVEN - const app = new cdk.App(); stack = new cdk.Stack(app, 'my-stack'); const secret = new secretsmanager.Secret(stack, 'Secret'); diff --git a/packages/@aws-cdk/aws-securityhub/README.md b/packages/@aws-cdk/aws-securityhub/README.md index 602d90dffb1c1..831f2af57d18b 100644 --- a/packages/@aws-cdk/aws-securityhub/README.md +++ b/packages/@aws-cdk/aws-securityhub/README.md @@ -1,12 +1,16 @@ -## AWS Security Hub Construct Library +# AWS Security Hub Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-securityhub/package.json b/packages/@aws-cdk/aws-securityhub/package.json index b1df45f5c5f26..9df5bf63185d8 100644 --- a/packages/@aws-cdk/aws-securityhub/package.json +++ b/packages/@aws-cdk/aws-securityhub/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SecurityHub", diff --git a/packages/@aws-cdk/aws-servicecatalog/README.md b/packages/@aws-cdk/aws-servicecatalog/README.md index c3ca1c57aeeb9..b3f20916fcac4 100644 --- a/packages/@aws-cdk/aws-servicecatalog/README.md +++ b/packages/@aws-cdk/aws-servicecatalog/README.md @@ -1,12 +1,16 @@ -## AWS Service Catalog Construct Library +# AWS Service Catalog Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-servicecatalog/package.json b/packages/@aws-cdk/aws-servicecatalog/package.json index 3b499afb13861..5ef00dcabb7a7 100644 --- a/packages/@aws-cdk/aws-servicecatalog/package.json +++ b/packages/@aws-cdk/aws-servicecatalog/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ServiceCatalog", diff --git a/packages/@aws-cdk/aws-servicediscovery/README.md b/packages/@aws-cdk/aws-servicediscovery/README.md index 64d767620f329..888d3af744a37 100644 --- a/packages/@aws-cdk/aws-servicediscovery/README.md +++ b/packages/@aws-cdk/aws-servicediscovery/README.md @@ -1,5 +1,6 @@ -## Amazon ECS Service Discovery Construct Library +# Amazon ECS Service Discovery Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. @@ -20,7 +22,7 @@ depend on. For further information on AWS Cloud Map, see the [AWS Cloud Map documentation](https://docs.aws.amazon.com/cloud-map) -### HTTP Namespace Example +## HTTP Namespace Example The following example creates an AWS Cloud Map namespace that supports API calls, creates a service in that namespace, and @@ -28,7 +30,7 @@ registers an instance to it: [Creating a Cloud Map service within an HTTP namespace](test/integ.service-with-http-namespace.lit.ts) -### Private DNS Namespace Example +## Private DNS Namespace Example The following example creates an AWS Cloud Map namespace that supports both API calls and DNS queries within a vpc, creates a @@ -37,7 +39,7 @@ instance: [Creating a Cloud Map service within a Private DNS namespace](test/integ.service-with-private-dns-namespace.lit.ts) -### Public DNS Namespace Example +## Public DNS Namespace Example The following example creates an AWS Cloud Map namespace that supports both API calls and public DNS queries, creates a service in diff --git a/packages/@aws-cdk/aws-servicediscovery/package.json b/packages/@aws-cdk/aws-servicediscovery/package.json index 23cea7535b032..015947a58bb1d 100644 --- a/packages/@aws-cdk/aws-servicediscovery/package.json +++ b/packages/@aws-cdk/aws-servicediscovery/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::ServiceDiscovery", diff --git a/packages/@aws-cdk/aws-ses-actions/README.md b/packages/@aws-cdk/aws-ses-actions/README.md index 4c17690062751..37d4ff339145a 100644 --- a/packages/@aws-cdk/aws-ses-actions/README.md +++ b/packages/@aws-cdk/aws-ses-actions/README.md @@ -1,18 +1,25 @@ -## Amazon Simple Email Service Actions Library +# Amazon Simple Email Service Actions Library + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module contains integration classes to add action to SES email receiving rules. Instances of these classes should be passed to the `rule.addAction()` method. Currently supported are: + * [Add header](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-add-header.html) * [Bounce](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-bounce.html) * [Lambda](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-lambda.html) diff --git a/packages/@aws-cdk/aws-ses-actions/package.json b/packages/@aws-cdk/aws-ses-actions/package.json index ea8d76c7cd66a..e4df395348e5f 100644 --- a/packages/@aws-cdk/aws-ses-actions/package.json +++ b/packages/@aws-cdk/aws-ses-actions/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-ses/README.md b/packages/@aws-cdk/aws-ses/README.md index 3050718215fd4..b8543970796ad 100644 --- a/packages/@aws-cdk/aws-ses/README.md +++ b/packages/@aws-cdk/aws-ses/README.md @@ -1,21 +1,30 @@ -## Amazon Simple Email Service Construct Library +# Amazon Simple Email Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Email receiving +## Email receiving + Create a receipt rule set with rules and actions (actions can be found in the `@aws-cdk/aws-ses-actions` package): @@ -57,6 +66,7 @@ new ses.ReceiptRuleSet(stack, 'RuleSet', { ``` Alternatively, rules can be added to a rule set: + ```ts const ruleSet = new ses.ReceiptRuleSet(this, 'RuleSet'): @@ -66,14 +76,17 @@ const awsRule = ruleSet.addRule('Aws', { ``` And actions to rules: + ```ts awsRule.addAction(new actions.Sns({ topic })); ``` + When using `addRule`, the new rule is added after the last added rule unless `after` is specified. -#### Drop spams +### Drop spams + A rule to drop spam can be added by setting `dropSpam` to `true`: ```ts @@ -85,8 +98,10 @@ new ses.ReceiptRuleSet(this, 'RuleSet', { This will add a rule at the top of the rule set with a Lambda action that stops processing messages that have at least one spam indicator. See [Lambda Function Examples](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-lambda-example-functions.html). -### Receipt filter +## Receipt filter + Create a receipt filter: + ```ts new ses.ReceiptFilter(this, 'Filter', { ip: '1.2.3.4/16' // Will be blocked @@ -94,6 +109,7 @@ new ses.ReceiptFilter(this, 'Filter', { ``` A white list filter is also available: + ```ts new ses.WhiteListReceiptFilter(this, 'WhiteList', { ips: [ @@ -102,4 +118,5 @@ new ses.WhiteListReceiptFilter(this, 'WhiteList', { ] }); ``` + This will first create a block all filter and then create allow filters for the listed ip addresses. diff --git a/packages/@aws-cdk/aws-ses/package.json b/packages/@aws-cdk/aws-ses/package.json index dc8e21a10fc91..f29ccc17ef855 100644 --- a/packages/@aws-cdk/aws-ses/package.json +++ b/packages/@aws-cdk/aws-ses/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SES", diff --git a/packages/@aws-cdk/aws-signer/.eslintrc.js b/packages/@aws-cdk/aws-signer/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-signer/.gitignore b/packages/@aws-cdk/aws-signer/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-signer/.npmignore b/packages/@aws-cdk/aws-signer/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-signer/LICENSE b/packages/@aws-cdk/aws-signer/LICENSE new file mode 100644 index 0000000000000..b71ec1688783a --- /dev/null +++ b/packages/@aws-cdk/aws-signer/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-signer/NOTICE b/packages/@aws-cdk/aws-signer/NOTICE new file mode 100644 index 0000000000000..bfccac9a7f69c --- /dev/null +++ b/packages/@aws-cdk/aws-signer/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-signer/README.md b/packages/@aws-cdk/aws-signer/README.md new file mode 100644 index 0000000000000..5482a0b23c900 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/README.md @@ -0,0 +1,20 @@ +# AWS::Signer Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import signer = require('@aws-cdk/aws-signer'); +``` diff --git a/packages/@aws-cdk/aws-signer/jest.config.js b/packages/@aws-cdk/aws-signer/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-signer/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-signer/lib/index.ts b/packages/@aws-cdk/aws-signer/lib/index.ts new file mode 100644 index 0000000000000..9c56379e86c19 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::Signer CloudFormation Resources: +export * from './signer.generated'; diff --git a/packages/@aws-cdk/aws-signer/package.json b/packages/@aws-cdk/aws-signer/package.json new file mode 100644 index 0000000000000..bb5c296cadd90 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/package.json @@ -0,0 +1,97 @@ +{ + "name": "@aws-cdk/aws-signer", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::Signer", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.Signer", + "packageId": "Amazon.CDK.AWS.Signer", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.signer", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "signer" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-signer", + "module": "aws_cdk.aws_signer" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-signer" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test+package": "npm run build+test && npm run package", + "build+test": "npm run build && npm test", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::Signer", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::Signer", + "aws-signer" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + } +} diff --git a/packages/@aws-cdk/aws-signer/test/signer.test.ts b/packages/@aws-cdk/aws-signer/test/signer.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-signer/test/signer.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-sns-subscriptions/README.md b/packages/@aws-cdk/aws-sns-subscriptions/README.md index 4195220f8ec93..3e047f2e802b6 100644 --- a/packages/@aws-cdk/aws-sns-subscriptions/README.md +++ b/packages/@aws-cdk/aws-sns-subscriptions/README.md @@ -1,10 +1,12 @@ # CDK Construct Library for Amazon Simple Notification Service Subscriptions + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library provides constructs for adding subscriptions to an Amazon SNS topic. diff --git a/packages/@aws-cdk/aws-sns-subscriptions/package.json b/packages/@aws-cdk/aws-sns-subscriptions/package.json index 59c95c7d06c43..b85a01df97cff 100644 --- a/packages/@aws-cdk/aws-sns-subscriptions/package.json +++ b/packages/@aws-cdk/aws-sns-subscriptions/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-sns/README.md b/packages/@aws-cdk/aws-sns/README.md index 244fab4e0ba60..9067d10ded8c4 100644 --- a/packages/@aws-cdk/aws-sns/README.md +++ b/packages/@aws-cdk/aws-sns/README.md @@ -1,5 +1,6 @@ -## Amazon Simple Notification Service Construct Library +# Amazon Simple Notification Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Add an SNS Topic to your stack: @@ -19,7 +21,7 @@ const topic = new sns.Topic(this, 'Topic', { }); ``` -### Subscriptions +## Subscriptions Various subscriptions can be added to the topic by calling the `.addSubscription(...)` method on the topic. It accepts a *subscription* object, @@ -45,10 +47,12 @@ myTopic.addSubscription(new subs.SqsSubscription(queue)); Note that subscriptions of queues in different accounts need to be manually confirmed by reading the initial message from the queue and visiting the link found in it. -#### Filter policy +### Filter policy + A filter policy can be specified when subscribing an endpoint to a topic. Example with a Lambda subscription: + ```ts const myTopic = new sns.Topic(this, 'MyTopic'); const fn = new lambda.Function(this, 'Function', ...); @@ -76,7 +80,8 @@ topic.addSubscription(new subs.LambdaSubscription(fn, { })); ``` -### DLQ setup for SNS Subscription +## DLQ setup for SNS Subscription + CDK can attach provided Queue as DLQ for your SNS subscription. See the [SNS DLQ configuration docs](https://docs.aws.amazon.com/sns/latest/dg/sns-configure-dead-letter-queue.html) for more information about this feature. @@ -97,7 +102,7 @@ new sns.Subscription(stack, 'Subscription', { }); ``` -### CloudWatch Event Rule Target +## CloudWatch Event Rule Target SNS topics can be used as targets for CloudWatch event rules. diff --git a/packages/@aws-cdk/aws-sns/package.json b/packages/@aws-cdk/aws-sns/package.json index 83732ab678d65..78cfb62f21572 100644 --- a/packages/@aws-cdk/aws-sns/package.json +++ b/packages/@aws-cdk/aws-sns/package.json @@ -53,7 +53,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SNS", diff --git a/packages/@aws-cdk/aws-sqs/README.md b/packages/@aws-cdk/aws-sqs/README.md index 2238a07445eec..a66e03a07aa20 100644 --- a/packages/@aws-cdk/aws-sqs/README.md +++ b/packages/@aws-cdk/aws-sqs/README.md @@ -1,5 +1,6 @@ -## Amazon Simple Queue Service Construct Library +# Amazon Simple Queue Service Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + Amazon Simple Queue Service (SQS) is a fully managed message queuing service that @@ -16,7 +18,7 @@ operating message oriented middleware, and empowers developers to focus on diffe Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. -### Installation +## Installation Import to your project: @@ -24,7 +26,7 @@ Import to your project: import * as sqs from '@aws-cdk/aws-sqs'; ``` -### Basic usage +## Basic usage Here's how to add a basic queue to your application: @@ -33,7 +35,7 @@ Here's how to add a basic queue to your application: new sqs.Queue(this, 'Queue'); ``` -### Encryption +## Encryption If you want to encrypt the queue contents, set the `encryption` property. You can have the messages encrypted with a key that SQS manages for you, or a key that you @@ -54,7 +56,7 @@ new sqs.Queue(this, 'Queue', { }); ``` -### First-In-First-Out (FIFO) queues +## First-In-First-Out (FIFO) queues FIFO queues give guarantees on the order in which messages are dequeued, and have additional features in order to help guarantee exactly-once processing. For more information, see diff --git a/packages/@aws-cdk/aws-sqs/lib/queue.ts b/packages/@aws-cdk/aws-sqs/lib/queue.ts index 2d95f60f4748e..63b466de84421 100644 --- a/packages/@aws-cdk/aws-sqs/lib/queue.ts +++ b/packages/@aws-cdk/aws-sqs/lib/queue.ts @@ -197,8 +197,9 @@ export class Queue extends QueueBase { */ public static fromQueueAttributes(scope: Construct, id: string, attrs: QueueAttributes): IQueue { const stack = Stack.of(scope); - const queueName = attrs.queueName || stack.parseArn(attrs.queueArn).resource; - const queueUrl = attrs.queueUrl || `https://sqs.${stack.region}.${stack.urlSuffix}/${stack.account}/${queueName}`; + const parsedArn = stack.parseArn(attrs.queueArn); + const queueName = attrs.queueName || parsedArn.resource; + const queueUrl = attrs.queueUrl || `https://sqs.${parsedArn.region}.${stack.urlSuffix}/${parsedArn.account}/${queueName}`; class Import extends QueueBase { public readonly queueArn = attrs.queueArn; // arn:aws:sqs:us-east-1:123456789012:queue1 diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index 1e378c81177a8..73c4a2be0e5fd 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SQS", @@ -74,7 +75,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-sqs/test/test.sqs.ts b/packages/@aws-cdk/aws-sqs/test/test.sqs.ts index afcc44beadc5b..87e38c2dcf2ca 100644 --- a/packages/@aws-cdk/aws-sqs/test/test.sqs.ts +++ b/packages/@aws-cdk/aws-sqs/test/test.sqs.ts @@ -162,7 +162,7 @@ export = { test.deepEqual(stack.resolve(imports.queueArn), 'arn:aws:sqs:us-east-1:123456789012:queue1'); test.deepEqual(stack.resolve(imports.queueUrl), { 'Fn::Join': - ['', ['https://sqs.', { Ref: 'AWS::Region' }, '.', { Ref: 'AWS::URLSuffix' }, '/', { Ref: 'AWS::AccountId' }, '/queue1']], + ['', ['https://sqs.us-east-1.', { Ref: 'AWS::URLSuffix' }, '/123456789012/queue1']], }); test.deepEqual(stack.resolve(imports.queueName), 'queue1'); test.done(); @@ -176,6 +176,25 @@ export = { test.deepEqual(fifoQueue.fifo, true); test.done(); }, + + 'importing works correctly for cross region queue'(test: Test) { + // GIVEN + const stack = new Stack(undefined, 'Stack', { env: { region: 'us-east-1' } }); + + // WHEN + const imports = sqs.Queue.fromQueueArn(stack, 'Imported', 'arn:aws:sqs:us-west-2:123456789012:queue1'); + + // THEN + + // "import" returns an IQueue bound to `Fn::ImportValue`s. + test.deepEqual(stack.resolve(imports.queueArn), 'arn:aws:sqs:us-west-2:123456789012:queue1'); + test.deepEqual(stack.resolve(imports.queueUrl), { + 'Fn::Join': + ['', ['https://sqs.us-west-2.', { Ref: 'AWS::URLSuffix' }, '/123456789012/queue1']], + }); + test.deepEqual(stack.resolve(imports.queueName), 'queue1'); + test.done(); + }, }, 'grants': { diff --git a/packages/@aws-cdk/aws-ssm/README.md b/packages/@aws-cdk/aws-ssm/README.md index 482aede27c9be..2a47ba47c2529 100644 --- a/packages/@aws-cdk/aws-ssm/README.md +++ b/packages/@aws-cdk/aws-ssm/README.md @@ -1,5 +1,6 @@ -## AWS Systems Manager Construct Library +# AWS Systems Manager Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,11 +8,13 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Installation +## Installation + Install the module: ```console @@ -24,14 +27,14 @@ Import it into your code: import * as ssm from '@aws-cdk/aws-ssm'; ``` -### Using existing SSM Parameters in your CDK app +## Using existing SSM Parameters in your CDK app You can reference existing SSM Parameter Store values that you want to use in your CDK app by using `ssm.ParameterStoreString`: [using SSM parameter](test/integ.parameter-store-string.lit.ts) -### Creating new SSM Parameters in your CDK app +## Creating new SSM Parameters in your CDK app You can create either `ssm.StringParameter` or `ssm.StringListParameter`s in a CDK app. These are public (not secret) values. Parameters of type diff --git a/packages/@aws-cdk/aws-ssm/package.json b/packages/@aws-cdk/aws-ssm/package.json index 4437b2e750009..fb09f06f706ea 100644 --- a/packages/@aws-cdk/aws-ssm/package.json +++ b/packages/@aws-cdk/aws-ssm/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SSM", diff --git a/packages/@aws-cdk/aws-sso/README.md b/packages/@aws-cdk/aws-sso/README.md index 474dcd0d59dfa..8da757ee4994c 100644 --- a/packages/@aws-cdk/aws-sso/README.md +++ b/packages/@aws-cdk/aws-sso/README.md @@ -1,12 +1,16 @@ -## AWS::SSO Construct Library +# AWS::SSO Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-sso/package.json b/packages/@aws-cdk/aws-sso/package.json index cc6fa80e8a042..4f76a5ae2eebf 100644 --- a/packages/@aws-cdk/aws-sso/package.json +++ b/packages/@aws-cdk/aws-sso/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::SSO", diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md index 269135eed0652..eaa556e10882c 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md @@ -1,10 +1,12 @@ # Tasks for AWS Step Functions + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + [AWS Step Functions](https://docs.aws.amazon.com/step-functions/latest/dg/welcome.html) is a web service that enables you to coordinate the diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/create-endpoint-config.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/create-endpoint-config.ts index 8fe5749506c94..a7ff0134e1827 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/create-endpoint-config.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/create-endpoint-config.ts @@ -80,7 +80,8 @@ export class SageMakerCreateEndpointConfig extends sfn.TaskStateBase { KmsKeyId: this.props.kmsKey?.keyId, ProductionVariants: this.props.productionVariants.map((variant) => ({ InitialInstanceCount: variant.initialInstanceCount ? variant.initialInstanceCount : 1, - InstanceType: `ml.${variant.instanceType}`, + InstanceType: sfn.JsonPath.isEncodedJsonPath(variant.instanceType.toString()) + ? variant.instanceType.toString() : `ml.${variant.instanceType}`, ModelName: variant.modelName, VariantName: variant.variantName, AcceleratorType: variant.acceleratorType, diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json index 9d7dca5eee6fd..f75318aaa786e 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/create-endpoint-config.test.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/create-endpoint-config.test.ts index f2c24889d1d0e..c59eb59eb5a83 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/create-endpoint-config.test.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/create-endpoint-config.test.ts @@ -69,7 +69,7 @@ test('create complex endpoint config', () => { { initialInstanceCount: 1, initialVariantWeight: 0.2, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.M4, ec2.InstanceSize.XLARGE), + instanceType: new ec2.InstanceType(sfn.JsonPath.stringAt('$.Endpoint.InstanceType')), modelName: sfn.JsonPath.stringAt('$.Endpoint.Model'), variantName: 'awesome-variant-2', }], @@ -110,7 +110,7 @@ test('create complex endpoint config', () => { { 'InitialInstanceCount': 1, 'InitialVariantWeight': 0.2, - 'InstanceType': 'ml.m4.xlarge', + 'InstanceType.$': '$.Endpoint.InstanceType', 'ModelName.$': '$.Endpoint.Model', 'VariantName': 'awesome-variant-2', }], diff --git a/packages/@aws-cdk/aws-stepfunctions/README.md b/packages/@aws-cdk/aws-stepfunctions/README.md index 206c6e8f0981d..1fb164cc6e8e2 100644 --- a/packages/@aws-cdk/aws-stepfunctions/README.md +++ b/packages/@aws-cdk/aws-stepfunctions/README.md @@ -1,5 +1,6 @@ -## AWS Step Functions Construct Library +# AWS Step Functions Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + The `@aws-cdk/aws-stepfunctions` package contains constructs for building @@ -17,7 +19,7 @@ to call other AWS services. Defining a workflow looks like this (for the [Step Functions Job Poller example](https://docs.aws.amazon.com/step-functions/latest/dg/job-status-poller-sample.html)): -### Example +## Example ```ts import * as sfn from '@aws-cdk/aws-stepfunctions'; @@ -217,8 +219,10 @@ If your `Choice` doesn't have an `otherwise()` and none of the conditions match the JSON state, a `NoChoiceMatched` error will be thrown. Wrap the state machine in a `Parallel` state if you want to catch and recover from this. -#### Available Conditions: +#### Available Conditions + see [step function comparison operators](https://docs.aws.amazon.com/step-functions/latest/dg/amazon-states-language-choice-state.html#amazon-states-language-choice-state-rules) + * `Condition.isPresent` - matches if a json path is present * `Condition.isNotPresent` - matches if a json path is not present * `Condition.isString` - matches if a json path contains a string @@ -481,6 +485,7 @@ new stepfunctions.Parallel(this, 'All jobs') ``` A few utility functions are available to parse state machine fragments. + * `State.findReachableStates`: Retrieve the list of states reachable from a given state. * `State.findReachableEndStates`: Retrieve the list of end or terminal states reachable from a given state. @@ -590,13 +595,13 @@ IAM roles, users, or groups which need to be able to work with a State Machine s Any object that implements the `IGrantable` interface (has an associated principal) can be granted permissions by calling: -- `stateMachine.grantStartExecution(principal)` - grants the principal the ability to execute the state machine -- `stateMachine.grantRead(principal)` - grants the principal read access -- `stateMachine.grantTaskResponse(principal)` - grants the principal the ability to send task tokens to the state machine -- `stateMachine.grantExecution(principal, actions)` - grants the principal execution-level permissions for the IAM actions specified -- `stateMachine.grant(principal, actions)` - grants the principal state-machine-level permissions for the IAM actions specified +* `stateMachine.grantStartExecution(principal)` - grants the principal the ability to execute the state machine +* `stateMachine.grantRead(principal)` - grants the principal read access +* `stateMachine.grantTaskResponse(principal)` - grants the principal the ability to send task tokens to the state machine +* `stateMachine.grantExecution(principal, actions)` - grants the principal execution-level permissions for the IAM actions specified +* `stateMachine.grant(principal, actions)` - grants the principal state-machine-level permissions for the IAM actions specified -### Start Execution Permission +### Start Execution Permission Grant permission to start an execution of a state machine by calling the `grantStartExecution()` API. @@ -615,7 +620,7 @@ stateMachine.grantStartExecution(role); The following permission is provided to a service principal by the `grantStartExecution()` API: -- `states:StartExecution` - to state machine +* `states:StartExecution` - to state machine ### Read Permissions @@ -636,14 +641,14 @@ stateMachine.grantRead(role); The following read permissions are provided to a service principal by the `grantRead()` API: -- `states:ListExecutions` - to state machine -- `states:ListStateMachines` - to state machine -- `states:DescribeExecution` - to executions -- `states:DescribeStateMachineForExecution` - to executions -- `states:GetExecutionHistory` - to executions -- `states:ListActivities` - to `*` -- `states:DescribeStateMachine` - to `*` -- `states:DescribeActivity` - to `*` +* `states:ListExecutions` - to state machine +* `states:ListStateMachines` - to state machine +* `states:DescribeExecution` - to executions +* `states:DescribeStateMachineForExecution` - to executions +* `states:GetExecutionHistory` - to executions +* `states:ListActivities` - to `*` +* `states:DescribeStateMachine` - to `*` +* `states:DescribeActivity` - to `*` ### Task Response Permissions @@ -664,9 +669,9 @@ stateMachine.grantTaskResponse(role); The following read permissions are provided to a service principal by the `grantRead()` API: -- `states:SendTaskSuccess` - to state machine -- `states:SendTaskFailure` - to state machine -- `states:SendTaskHeartbeat` - to state machine +* `states:SendTaskSuccess` - to state machine +* `states:SendTaskFailure` - to state machine +* `states:SendTaskHeartbeat` - to state machine ### Execution-level Permissions diff --git a/packages/@aws-cdk/aws-stepfunctions/package.json b/packages/@aws-cdk/aws-stepfunctions/package.json index 1b11c1ea45ebd..99ee2dc7cd54b 100644 --- a/packages/@aws-cdk/aws-stepfunctions/package.json +++ b/packages/@aws-cdk/aws-stepfunctions/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::StepFunctions", diff --git a/packages/@aws-cdk/aws-synthetics/README.md b/packages/@aws-cdk/aws-synthetics/README.md index 82eb6be1c27d5..53ed300db49ab 100644 --- a/packages/@aws-cdk/aws-synthetics/README.md +++ b/packages/@aws-cdk/aws-synthetics/README.md @@ -1,17 +1,24 @@ -## Amazon CloudWatch Synthetics Construct Library - +# Amazon CloudWatch Synthetics Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + Amazon CloudWatch Synthetics allow you to monitor your application by generating **synthetic** traffic. The traffic is produced by a **canary**: a configurable script that runs on a schedule. You configure the canary script to follow the same routes and perform the same actions as a user, which allows you to continually verify your user experience even when you don't have any traffic on your applications. @@ -20,13 +27,13 @@ Amazon CloudWatch Synthetics allow you to monitor your application by generating To illustrate how to use a canary, assume your application defines the following endpoint: -```bash +```console % curl "https://api.example.com/user/books/topbook/" The Hitchhikers Guide to the Galaxy ``` -The below code defines a canary that will hit the `books/topbook` endpoint every 5 minutes: +The below code defines a canary that will hit the `books/topbook` endpoint every 5 minutes: ```ts import * as synthetics from '@aws-cdk/aws-synthetics'; @@ -85,7 +92,7 @@ To learn more about Synthetics capabilities, check out the [docs](https://docs.a To configure the script the canary executes, use the `test` property. The `test` property accepts a `Test` instance that can be initialized by the `Test` class static methods. Currently, the only implemented method is `Test.custom()`, which allows you to bring your own code. In the future, other methods will be added. `Test.custom()` accepts `code` and `handler` properties -- both are required by Synthetics to create a lambda function on your behalf. -The `synthetics.Code` class exposes static methods to bundle your code artifacts: +The `synthetics.Code` class exposes static methods to bundle your code artifacts: - `code.fromInline(code)` - specify an inline script. - `code.fromAsset(path)` - specify a .zip file or a directory in the local filesystem which will be zipped and uploaded to S3 on deployment. See the above Note for directory structure. @@ -119,21 +126,24 @@ const canary = new Canary(this, 'MyCanary', { handler: 'index.handler', // must end with '.handler' }), runtime: synthetics.Runtime.SYNTHETICS_NODEJS_2_0, -}); +}); ``` > **Note:** For `code.fromAsset()` and `code.fromBucket()`, the canary resource requires the following folder structure: ->``` ->canary/ ->├── nodejs/ -> ├── node_modules/ -> ├── .js ->``` +> +> ```plaintext +> canary/ +> ├── nodejs/ +> ├── node_modules/ +> ├── .js +> ``` +> > See Synthetics [docs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_WritingCanary.html). ### Alarms You can configure a CloudWatch Alarm on a canary metric. Metrics are emitted by CloudWatch automatically and can be accessed by the following APIs: + - `canary.metricSuccessPercent()` - percentage of successful canary runs over a given time - `canary.metricDuration()` - how much time each canary run takes, in seconds. - `canary.metricFailed()` - number of failed canary runs over a given time diff --git a/packages/@aws-cdk/aws-synthetics/package.json b/packages/@aws-cdk/aws-synthetics/package.json index bedbeffc9997d..8bc88c9255af5 100644 --- a/packages/@aws-cdk/aws-synthetics/package.json +++ b/packages/@aws-cdk/aws-synthetics/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Synthetics", diff --git a/packages/@aws-cdk/aws-timestream/README.md b/packages/@aws-cdk/aws-timestream/README.md index 231eeb65ba599..80120fe64f2ca 100644 --- a/packages/@aws-cdk/aws-timestream/README.md +++ b/packages/@aws-cdk/aws-timestream/README.md @@ -1,12 +1,16 @@ -## AWS::Timestream Construct Library +# AWS::Timestream Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-timestream/package.json b/packages/@aws-cdk/aws-timestream/package.json index 57285b6625155..ff6007132dde1 100644 --- a/packages/@aws-cdk/aws-timestream/package.json +++ b/packages/@aws-cdk/aws-timestream/package.json @@ -51,7 +51,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Timestream", diff --git a/packages/@aws-cdk/aws-transfer/README.md b/packages/@aws-cdk/aws-transfer/README.md index 968a06223499b..0420a5e279d0b 100644 --- a/packages/@aws-cdk/aws-transfer/README.md +++ b/packages/@aws-cdk/aws-transfer/README.md @@ -1,12 +1,16 @@ -## AWS Transfer for SFTP Construct Library +# AWS Transfer for SFTP Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-transfer/package.json b/packages/@aws-cdk/aws-transfer/package.json index 70d4cf2fc0a91..5a0bcb7f1af22 100644 --- a/packages/@aws-cdk/aws-transfer/package.json +++ b/packages/@aws-cdk/aws-transfer/package.json @@ -51,7 +51,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::Transfer", diff --git a/packages/@aws-cdk/aws-waf/README.md b/packages/@aws-cdk/aws-waf/README.md index e5d4abb34fc26..c0622ec0b0479 100644 --- a/packages/@aws-cdk/aws-waf/README.md +++ b/packages/@aws-cdk/aws-waf/README.md @@ -1,12 +1,16 @@ -## AWS Web Application Firewall Construct Library +# AWS Web Application Firewall Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-waf/package.json b/packages/@aws-cdk/aws-waf/package.json index 052bc1bd2b8c3..da6a5bc924640 100644 --- a/packages/@aws-cdk/aws-waf/package.json +++ b/packages/@aws-cdk/aws-waf/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::WAF", diff --git a/packages/@aws-cdk/aws-wafregional/README.md b/packages/@aws-cdk/aws-wafregional/README.md index d1846dff252c2..e2194b636bdc0 100644 --- a/packages/@aws-cdk/aws-wafregional/README.md +++ b/packages/@aws-cdk/aws-wafregional/README.md @@ -1,12 +1,16 @@ -## AWS WAF Regional Construct Library +# AWS WAF Regional Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-wafregional/package.json b/packages/@aws-cdk/aws-wafregional/package.json index 87ed205a4a7d6..2998384321b50 100644 --- a/packages/@aws-cdk/aws-wafregional/package.json +++ b/packages/@aws-cdk/aws-wafregional/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::WAFRegional", diff --git a/packages/@aws-cdk/aws-wafv2/README.md b/packages/@aws-cdk/aws-wafv2/README.md index 33dfa7b0b3815..0d1a5610493db 100644 --- a/packages/@aws-cdk/aws-wafv2/README.md +++ b/packages/@aws-cdk/aws-wafv2/README.md @@ -1,12 +1,16 @@ -## AWS::WAFv2 Construct Library +# AWS::WAFv2 Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-wafv2/package.json b/packages/@aws-cdk/aws-wafv2/package.json index b67ebcf8dbe49..5b56ccc49ed01 100644 --- a/packages/@aws-cdk/aws-wafv2/package.json +++ b/packages/@aws-cdk/aws-wafv2/package.json @@ -51,7 +51,8 @@ "compat": "cdk-compat", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::WAFv2", diff --git a/packages/@aws-cdk/aws-workspaces/README.md b/packages/@aws-cdk/aws-workspaces/README.md index 86e1e38788829..f8fbe73f105b1 100644 --- a/packages/@aws-cdk/aws-workspaces/README.md +++ b/packages/@aws-cdk/aws-workspaces/README.md @@ -1,12 +1,16 @@ -## Amazon WorkSpaces Construct Library +# Amazon WorkSpaces Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/aws-workspaces/package.json b/packages/@aws-cdk/aws-workspaces/package.json index 10e5b99dc2cda..0aeb68a97a6bf 100644 --- a/packages/@aws-cdk/aws-workspaces/package.json +++ b/packages/@aws-cdk/aws-workspaces/package.json @@ -50,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::WorkSpaces", diff --git a/packages/@aws-cdk/cdk-assets-schema/README.md b/packages/@aws-cdk/cdk-assets-schema/README.md index 01fbb7c07584f..e2244353ab879 100644 --- a/packages/@aws-cdk/cdk-assets-schema/README.md +++ b/packages/@aws-cdk/cdk-assets-schema/README.md @@ -1,5 +1,6 @@ # cdk-assets-schema + --- ![Deprecated](https://img.shields.io/badge/deprecated-critical.svg?style=for-the-badge) @@ -7,6 +8,7 @@ > This API may emit warnings. Backward compatibility is not guaranteed. --- + -This schema is now part of @aws-cdk/cloud-assembly-schema. \ No newline at end of file +This schema is now part of @aws-cdk/cloud-assembly-schema. diff --git a/packages/@aws-cdk/cdk-assets-schema/package.json b/packages/@aws-cdk/cdk-assets-schema/package.json index c8b0b1988e21a..8945cd066da2c 100644 --- a/packages/@aws-cdk/cdk-assets-schema/package.json +++ b/packages/@aws-cdk/cdk-assets-schema/package.json @@ -42,7 +42,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "author": { "name": "Amazon Web Services", diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 217f5b27025d8..b380dcc6a20c0 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,91 @@ +# CloudFormation Resource Specification v21.0.0 + +## New Resource Types + +* AWS::CloudFront::KeyGroup +* AWS::CloudFront::PublicKey +* AWS::Glue::Registry +* AWS::Glue::Schema +* AWS::Glue::SchemaVersion +* AWS::Glue::SchemaVersionMetadata +* AWS::IoT::TopicRuleDestination +* AWS::Lambda::CodeSigningConfig +* AWS::NetworkFirewall::Firewall +* AWS::NetworkFirewall::FirewallPolicy +* AWS::NetworkFirewall::LoggingConfiguration +* AWS::NetworkFirewall::RuleGroup +* AWS::S3::StorageLens +* AWS::Signer::ProfilePermission +* AWS::Signer::SigningProfile + +## Attribute Changes + +* AWS::SageMaker::MonitoringSchedule CreationTime (__added__) +* AWS::SageMaker::MonitoringSchedule LastModifiedTime (__added__) + +## Property Changes + +* AWS::Amplify::App CustomHeaders (__added__) +* AWS::DataBrew::Recipe ProjectName (__deleted__) +* AWS::DataBrew::Recipe Version (__deleted__) +* AWS::Events::EventBusPolicy Statement (__added__) +* AWS::Events::EventBusPolicy Action.Required (__changed__) + * Old: true + * New: false +* AWS::Events::EventBusPolicy Principal.Required (__changed__) + * Old: true + * New: false +* AWS::Glue::MLTransform TransformEncryption (__added__) +* AWS::KMS::Key KeySpec (__added__) +* AWS::Lambda::Function CodeSigningConfigArn (__added__) +* AWS::SageMaker::MonitoringSchedule CreationTime (__deleted__) +* AWS::SageMaker::MonitoringSchedule LastModifiedTime (__deleted__) + +## Property Type Changes + +* AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject (__added__) +* AWS::DLM::LifecyclePolicy.Action (__added__) +* AWS::DLM::LifecyclePolicy.CrossRegionCopyAction (__added__) +* AWS::DLM::LifecyclePolicy.EncryptionConfiguration (__added__) +* AWS::DLM::LifecyclePolicy.EventParameters (__added__) +* AWS::DLM::LifecyclePolicy.EventSource (__added__) +* AWS::DLM::LifecyclePolicy.ShareRule (__added__) +* AWS::EC2::LaunchTemplate.EnclaveOptions (__added__) +* AWS::Glue::Database.DataLakePrincipal (__added__) +* AWS::Glue::Database.DatabaseIdentifier (__added__) +* AWS::Glue::Database.PrincipalPrivileges (__added__) +* AWS::Glue::MLTransform.MLUserDataEncryption (__added__) +* AWS::Glue::MLTransform.TransformEncryption (__added__) +* AWS::Glue::Table.TableIdentifier (__added__) +* AWS::SageMaker::Model.MultiModelConfig (__added__) +* AWS::Batch::ComputeEnvironment.ComputeResources Ec2Configuration (__added__) +* AWS::CloudFront::Distribution.CacheBehavior TrustedKeyGroups (__added__) +* AWS::CloudFront::Distribution.DefaultCacheBehavior TrustedKeyGroups (__added__) +* AWS::DLM::LifecyclePolicy.PolicyDetails Actions (__added__) +* AWS::DLM::LifecyclePolicy.PolicyDetails EventSource (__added__) +* AWS::DLM::LifecyclePolicy.PolicyDetails ResourceTypes.Required (__changed__) + * Old: true + * New: false +* AWS::DLM::LifecyclePolicy.PolicyDetails Schedules.Required (__changed__) + * Old: true + * New: false +* AWS::DLM::LifecyclePolicy.PolicyDetails TargetTags.Required (__changed__) + * Old: true + * New: false +* AWS::DLM::LifecyclePolicy.Schedule ShareRules (__added__) +* AWS::DataBrew::Recipe.RecipeStep Action.PrimitiveType (__deleted__) +* AWS::EC2::LaunchTemplate.LaunchTemplateData EnclaveOptions (__added__) +* AWS::Glue::Connection.ConnectionInput ConnectionProperties.Required (__changed__) + * Old: true + * New: false +* AWS::Glue::Crawler.S3Target ConnectionName (__added__) +* AWS::Glue::Database.DatabaseInput CreateTableDefaultPermissions (__added__) +* AWS::Glue::Database.DatabaseInput TargetDatabase (__added__) +* AWS::Glue::Table.TableInput TargetTable (__added__) +* AWS::SageMaker::Model.ContainerDefinition MultiModelConfig (__added__) +* AWS::Synthetics::Canary.RunConfig EnvironmentVariables (__added__) + + # CloudFormation Resource Specification v20.3.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/README.md b/packages/@aws-cdk/cfnspec/README.md index dcfe13e36de17..59d2a3ccb549e 100644 --- a/packages/@aws-cdk/cfnspec/README.md +++ b/packages/@aws-cdk/cfnspec/README.md @@ -2,14 +2,13 @@ To update the CloudFormation spec, you can run `bump-cfnspec.sh` from a clean repo, as so - -``` +```console ./scripts/bump-cfnspec.sh ``` If you wish to only update the CFN spec, make sure to install all dependencies and build the `cfnspec` module, and then you can just run: -``` +```console yarn update ``` - diff --git a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts index 55863ee5f8e13..cf074e49d58f9 100644 --- a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts +++ b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts @@ -153,6 +153,7 @@ async function main() { 'build+test': 'npm run build && npm test', compat: 'cdk-compat', gen: 'cfn2ts', + 'rosetta:extract': 'yarn --silent jsii-rosetta extract', }, 'cdk-build': { cloudformation: namespace, @@ -264,7 +265,7 @@ async function main() { ]); await write('README.md', [ - `## ${namespace} Construct Library`, + `# ${namespace} Construct Library`, '', '---', '', diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 4adfbc353177e..fb5b513039eb7 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -20.3.0 +21.0.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index 0d142fe207d30..78b9780cb62c8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -7273,6 +7273,13 @@ "Required": false, "UpdateType": "Mutable" }, + "Ec2Configuration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2configuration", + "ItemType": "Ec2ConfigurationObject", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, "Ec2KeyPair": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair", "PrimitiveType": "String", @@ -7356,6 +7363,23 @@ } } }, + "AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-ec2configurationobject.html", + "Properties": { + "ImageIdOverride": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-ec2configurationobject.html#cfn-batch-computeenvironment-ec2configurationobject-imageidoverride", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "ImageType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-ec2configurationobject.html#cfn-batch-computeenvironment-ec2configurationobject-imagetype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecification": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-launchtemplatespecification.html", "Properties": { @@ -8543,6 +8567,13 @@ "Required": true, "UpdateType": "Mutable" }, + "TrustedKeyGroups": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-cachebehavior.html#cfn-cloudfront-distribution-cachebehavior-trustedkeygroups", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "TrustedSigners": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-cachebehavior.html#cfn-cloudfront-distribution-cachebehavior-trustedsigners", "PrimitiveItemType": "String", @@ -8737,6 +8768,13 @@ "Required": true, "UpdateType": "Mutable" }, + "TrustedKeyGroups": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-defaultcachebehavior.html#cfn-cloudfront-distribution-defaultcachebehavior-trustedkeygroups", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "TrustedSigners": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-defaultcachebehavior.html#cfn-cloudfront-distribution-defaultcachebehavior-trustedsigners", "PrimitiveItemType": "String", @@ -9202,6 +9240,31 @@ } } }, + "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-keygroup-keygroupconfig.html", + "Properties": { + "Comment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-keygroup-keygroupconfig.html#cfn-cloudfront-keygroup-keygroupconfig-comment", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Items": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-keygroup-keygroupconfig.html#cfn-cloudfront-keygroup-keygroupconfig-items", + "DuplicatesAllowed": true, + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-keygroup-keygroupconfig.html#cfn-cloudfront-keygroup-keygroupconfig-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-originrequestpolicy-cookiesconfig.html", "Properties": { @@ -9294,6 +9357,35 @@ } } }, + "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-publickey-publickeyconfig.html", + "Properties": { + "CallerReference": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-publickey-publickeyconfig.html#cfn-cloudfront-publickey-publickeyconfig-callerreference", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Comment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-publickey-publickeyconfig.html#cfn-cloudfront-publickey-publickeyconfig-comment", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "EncodedKey": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-publickey-publickeyconfig.html#cfn-cloudfront-publickey-publickeyconfig-encodedkey", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-publickey-publickeyconfig.html#cfn-cloudfront-publickey-publickeyconfig-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-realtimelogconfig-endpoint.html", "Properties": { @@ -12294,6 +12386,24 @@ } } }, + "AWS::DLM::LifecyclePolicy.Action": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-action.html", + "Properties": { + "CrossRegionCopy": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-action.html#cfn-dlm-lifecyclepolicy-action-crossregioncopy", + "ItemType": "CrossRegionCopyAction", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-action.html#cfn-dlm-lifecyclepolicy-action-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::DLM::LifecyclePolicy.CreateRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-createrule.html", "Properties": { @@ -12324,6 +12434,29 @@ } } }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-crossregioncopyaction.html", + "Properties": { + "EncryptionConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-crossregioncopyaction.html#cfn-dlm-lifecyclepolicy-crossregioncopyaction-encryptionconfiguration", + "Required": true, + "Type": "EncryptionConfiguration", + "UpdateType": "Mutable" + }, + "RetainRule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-crossregioncopyaction.html#cfn-dlm-lifecyclepolicy-crossregioncopyaction-retainrule", + "Required": false, + "Type": "CrossRegionCopyRetainRule", + "UpdateType": "Mutable" + }, + "Target": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-crossregioncopyaction.html#cfn-dlm-lifecyclepolicy-crossregioncopyaction-target", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-crossregioncopyretainrule.html", "Properties": { @@ -12376,6 +12509,64 @@ } } }, + "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-encryptionconfiguration.html", + "Properties": { + "CmkArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-encryptionconfiguration.html#cfn-dlm-lifecyclepolicy-encryptionconfiguration-cmkarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Encrypted": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-encryptionconfiguration.html#cfn-dlm-lifecyclepolicy-encryptionconfiguration-encrypted", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::DLM::LifecyclePolicy.EventParameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventparameters.html", + "Properties": { + "DescriptionRegex": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventparameters.html#cfn-dlm-lifecyclepolicy-eventparameters-descriptionregex", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "EventType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventparameters.html#cfn-dlm-lifecyclepolicy-eventparameters-eventtype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SnapshotOwner": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventparameters.html#cfn-dlm-lifecyclepolicy-eventparameters-snapshotowner", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DLM::LifecyclePolicy.EventSource": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventsource.html", + "Properties": { + "Parameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventsource.html#cfn-dlm-lifecyclepolicy-eventsource-parameters", + "Required": false, + "Type": "EventParameters", + "UpdateType": "Mutable" + }, + "Type": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-eventsource.html#cfn-dlm-lifecyclepolicy-eventsource-type", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::DLM::LifecyclePolicy.FastRestoreRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-fastrestorerule.html", "Properties": { @@ -12426,6 +12617,19 @@ "AWS::DLM::LifecyclePolicy.PolicyDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html", "Properties": { + "Actions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-actions", + "ItemType": "Action", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "EventSource": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-eventsource", + "Required": false, + "Type": "EventSource", + "UpdateType": "Mutable" + }, "Parameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-parameters", "Required": false, @@ -12441,21 +12645,21 @@ "ResourceTypes": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-resourcetypes", "PrimitiveItemType": "String", - "Required": true, + "Required": false, "Type": "List", "UpdateType": "Mutable" }, "Schedules": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-schedules", "ItemType": "Schedule", - "Required": true, + "Required": false, "Type": "List", "UpdateType": "Mutable" }, "TargetTags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-policydetails.html#cfn-dlm-lifecyclepolicy-policydetails-targettags", "ItemType": "Tag", - "Required": true, + "Required": false, "Type": "List", "UpdateType": "Mutable" } @@ -12524,6 +12728,13 @@ "Type": "RetainRule", "UpdateType": "Mutable" }, + "ShareRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-schedule.html#cfn-dlm-lifecyclepolicy-schedule-sharerules", + "ItemType": "ShareRule", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "TagsToAdd": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-schedule.html#cfn-dlm-lifecyclepolicy-schedule-tagstoadd", "ItemType": "Tag", @@ -12540,6 +12751,30 @@ } } }, + "AWS::DLM::LifecyclePolicy.ShareRule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-sharerule.html", + "Properties": { + "TargetAccounts": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-sharerule.html#cfn-dlm-lifecyclepolicy-sharerule-targetaccounts", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "UnshareInterval": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-sharerule.html#cfn-dlm-lifecyclepolicy-sharerule-unshareinterval", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "UnshareIntervalUnit": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-sharerule.html#cfn-dlm-lifecyclepolicy-sharerule-unshareintervalunit", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::DMS::Endpoint.DynamoDbSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-dynamodbsettings.html", "Properties": { @@ -13527,7 +13762,6 @@ "Properties": { "Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-databrew-recipe-recipestep.html#cfn-databrew-recipe-recipestep-action", - "PrimitiveType": "Json", "Required": true, "Type": "Action", "UpdateType": "Mutable" @@ -14859,6 +15093,17 @@ } } }, + "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-enclaveoptions.html", + "Properties": { + "Enabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-enclaveoptions.html#cfn-ec2-launchtemplate-launchtemplatedata-enclaveoptions-enabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::EC2::LaunchTemplate.HibernationOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-hibernationoptions.html", "Properties": { @@ -14969,6 +15214,12 @@ "Type": "List", "UpdateType": "Mutable" }, + "EnclaveOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-enclaveoptions", + "Required": false, + "Type": "EnclaveOptions", + "UpdateType": "Mutable" + }, "HibernationOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-hibernationoptions", "Required": false, @@ -21875,7 +22126,7 @@ "ConnectionProperties": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-connection-connectioninput.html#cfn-glue-connection-connectioninput-connectionproperties", "PrimitiveType": "Json", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "ConnectionType": { @@ -21991,6 +22242,12 @@ "AWS::Glue::Crawler.S3Target": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-crawler-s3target.html", "Properties": { + "ConnectionName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-crawler-s3target.html#cfn-glue-crawler-s3target-connectionname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "Exclusions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-crawler-s3target.html#cfn-glue-crawler-s3target-exclusions", "PrimitiveItemType": "String", @@ -22118,9 +22375,44 @@ } } }, + "AWS::Glue::Database.DataLakePrincipal": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-datalakeprincipal.html", + "Properties": { + "DataLakePrincipalIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-datalakeprincipal.html#cfn-glue-database-datalakeprincipal-datalakeprincipalidentifier", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Glue::Database.DatabaseIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseidentifier.html", + "Properties": { + "CatalogId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseidentifier.html#cfn-glue-database-databaseidentifier-catalogid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DatabaseName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseidentifier.html#cfn-glue-database-databaseidentifier-databasename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Glue::Database.DatabaseInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseinput.html", "Properties": { + "CreateTableDefaultPermissions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseinput.html#cfn-glue-database-databaseinput-createtabledefaultpermissions", + "ItemType": "PrincipalPrivileges", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "Description": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseinput.html#cfn-glue-database-databaseinput-description", "PrimitiveType": "String", @@ -22144,6 +22436,30 @@ "PrimitiveType": "Json", "Required": false, "UpdateType": "Mutable" + }, + "TargetDatabase": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-databaseinput.html#cfn-glue-database-databaseinput-targetdatabase", + "Required": false, + "Type": "DatabaseIdentifier", + "UpdateType": "Mutable" + } + } + }, + "AWS::Glue::Database.PrincipalPrivileges": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-principalprivileges.html", + "Properties": { + "Permissions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-principalprivileges.html#cfn-glue-database-principalprivileges-permissions", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Principal": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-database-principalprivileges.html#cfn-glue-database-principalprivileges-principal", + "Required": false, + "Type": "DataLakePrincipal", + "UpdateType": "Mutable" } } }, @@ -22274,6 +22590,40 @@ } } }, + "AWS::Glue::MLTransform.MLUserDataEncryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption-mluserdataencryption.html", + "Properties": { + "KmsKeyId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption-mluserdataencryption.html#cfn-glue-mltransform-transformencryption-mluserdataencryption-kmskeyid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "MLUserDataEncryptionMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption-mluserdataencryption.html#cfn-glue-mltransform-transformencryption-mluserdataencryption-mluserdataencryptionmode", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::Glue::MLTransform.TransformEncryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption.html", + "Properties": { + "MLUserDataEncryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption.html#cfn-glue-mltransform-transformencryption-mluserdataencryption", + "Required": false, + "Type": "MLUserDataEncryption", + "UpdateType": "Mutable" + }, + "TaskRunSecurityConfigurationName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformencryption.html#cfn-glue-mltransform-transformencryption-taskrunsecurityconfigurationname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Glue::MLTransform.TransformParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-mltransform-transformparameters.html", "Properties": { @@ -22483,6 +22833,63 @@ } } }, + "AWS::Glue::Schema.Registry": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-registry.html", + "Properties": { + "Arn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-registry.html#cfn-glue-schema-registry-arn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-registry.html#cfn-glue-schema-registry-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::Glue::Schema.SchemaVersion": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-schemaversion.html", + "Properties": { + "IsLatest": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-schemaversion.html#cfn-glue-schema-schemaversion-islatest", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "VersionNumber": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schema-schemaversion.html#cfn-glue-schema-schemaversion-versionnumber", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Glue::SchemaVersion.Schema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schemaversion-schema.html", + "Properties": { + "RegistryName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schemaversion-schema.html#cfn-glue-schemaversion-schema-registryname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "SchemaArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schemaversion-schema.html#cfn-glue-schemaversion-schema-schemaarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "SchemaName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-schemaversion-schema.html#cfn-glue-schemaversion-schema-schemaname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-securityconfiguration-cloudwatchencryption.html", "Properties": { @@ -22732,6 +23139,29 @@ } } }, + "AWS::Glue::Table.TableIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableidentifier.html", + "Properties": { + "CatalogId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableidentifier.html#cfn-glue-table-tableidentifier-catalogid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DatabaseName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableidentifier.html#cfn-glue-table-tableidentifier-databasename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableidentifier.html#cfn-glue-table-tableidentifier-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Glue::Table.TableInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableinput.html", "Properties": { @@ -22784,6 +23214,12 @@ "Required": false, "UpdateType": "Mutable" }, + "TargetTable": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableinput.html#cfn-glue-table-tableinput-targettable", + "Required": false, + "Type": "TableIdentifier", + "UpdateType": "Mutable" + }, "ViewExpandedText": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-table-tableinput.html#cfn-glue-table-tableinput-viewexpandedtext", "PrimitiveType": "String", @@ -25284,6 +25720,17 @@ } } }, + "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-topicruledestination-httpurldestinationsummary.html", + "Properties": { + "ConfirmationUrl": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-topicruledestination-httpurldestinationsummary.html#cfn-iot-topicruledestination-httpurldestinationsummary-confirmationurl", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::IoTAnalytics::Channel.ChannelStorage": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotanalytics-channel-channelstorage.html", "Properties": { @@ -30458,6 +30905,29 @@ } } }, + "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-allowedpublishers.html", + "Properties": { + "SigningProfileVersionArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-allowedpublishers.html#cfn-lambda-codesigningconfig-allowedpublishers-signingprofileversionarns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html", + "Properties": { + "UntrustedArtifactOnDeployment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html#cfn-lambda-codesigningconfig-codesigningpolicies-untrustedartifactondeployment", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig.html", "Properties": { @@ -36276,6 +36746,821 @@ } } }, + "AWS::NetworkFirewall::Firewall.SubnetMapping": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-subnetmapping.html", + "Properties": { + "SubnetId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-subnetmapping.html#cfn-networkfirewall-firewall-subnetmapping-subnetid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::Firewall.Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-tags.html", + "Properties": { + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-tags.html#cfn-networkfirewall-firewall-tags-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-actiondefinition.html", + "Properties": { + "PublishMetricAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-actiondefinition.html#cfn-networkfirewall-firewallpolicy-actiondefinition-publishmetricaction", + "Required": false, + "Type": "PublishMetricAction", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-customaction.html", + "Properties": { + "ActionDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-customaction.html#cfn-networkfirewall-firewallpolicy-customaction-actiondefinition", + "Required": true, + "Type": "ActionDefinition", + "UpdateType": "Mutable" + }, + "ActionName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-customaction.html#cfn-networkfirewall-firewallpolicy-customaction-actionname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.CustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-customactions.html", + "Properties": { + "CustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-customactions.html#cfn-networkfirewall-firewallpolicy-customactions-customactions", + "DuplicatesAllowed": false, + "ItemType": "CustomAction", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-dimension.html", + "Properties": { + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-dimension.html#cfn-networkfirewall-firewallpolicy-dimension-value", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-dimensions.html", + "Properties": { + "Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-dimensions.html#cfn-networkfirewall-firewallpolicy-dimensions-dimensions", + "DuplicatesAllowed": false, + "ItemType": "Dimension", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html", + "Properties": { + "StatefulRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy-statefulrulegroupreferences", + "Required": false, + "Type": "StatefulRuleGroupReferences", + "UpdateType": "Mutable" + }, + "StatelessCustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy-statelesscustomactions", + "Required": false, + "Type": "CustomActions", + "UpdateType": "Mutable" + }, + "StatelessDefaultActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy-statelessdefaultactions", + "Required": true, + "Type": "StatelessActions", + "UpdateType": "Mutable" + }, + "StatelessFragmentDefaultActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy-statelessfragmentdefaultactions", + "Required": true, + "Type": "StatelessActions", + "UpdateType": "Mutable" + }, + "StatelessRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy-statelessrulegroupreferences", + "Required": false, + "Type": "StatelessRuleGroupReferences", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-publishmetricaction.html", + "Properties": { + "Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-publishmetricaction.html#cfn-networkfirewall-firewallpolicy-publishmetricaction-dimensions", + "Required": true, + "Type": "Dimensions", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statefulrulegroupreference.html", + "Properties": { + "ResourceArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statefulrulegroupreference.html#cfn-networkfirewall-firewallpolicy-statefulrulegroupreference-resourcearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statefulrulegroupreferences.html", + "Properties": { + "StatefulRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statefulrulegroupreferences.html#cfn-networkfirewall-firewallpolicy-statefulrulegroupreferences-statefulrulegroupreferences", + "DuplicatesAllowed": false, + "ItemType": "StatefulRuleGroupReference", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.StatelessActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessactions.html", + "Properties": { + "StatelessActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessactions.html#cfn-networkfirewall-firewallpolicy-statelessactions-statelessactions", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessrulegroupreference.html", + "Properties": { + "Priority": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessrulegroupreference.html#cfn-networkfirewall-firewallpolicy-statelessrulegroupreference-priority", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "ResourceArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessrulegroupreference.html#cfn-networkfirewall-firewallpolicy-statelessrulegroupreference-resourcearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessrulegroupreferences.html", + "Properties": { + "StatelessRuleGroupReferences": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-statelessrulegroupreferences.html#cfn-networkfirewall-firewallpolicy-statelessrulegroupreferences-statelessrulegroupreferences", + "DuplicatesAllowed": false, + "ItemType": "StatelessRuleGroupReference", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy.Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-tags.html", + "Properties": { + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewallpolicy-tags.html#cfn-networkfirewall-firewallpolicy-tags-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfig.html", + "Properties": { + "LogDestination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfig.html#cfn-networkfirewall-loggingconfiguration-logdestinationconfig-logdestination", + "PrimitiveItemType": "String", + "Required": true, + "Type": "Map", + "UpdateType": "Mutable" + }, + "LogDestinationType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfig.html#cfn-networkfirewall-loggingconfiguration-logdestinationconfig-logdestinationtype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "LogType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfig.html#cfn-networkfirewall-loggingconfiguration-logdestinationconfig-logtype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfigs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfigs.html", + "Properties": { + "LogDestinationConfigs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfigs.html#cfn-networkfirewall-loggingconfiguration-logdestinationconfigs-logdestinationconfigs", + "ItemType": "LogDestinationConfig", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-loggingconfiguration.html", + "Properties": { + "LogDestinationConfigs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-loggingconfiguration.html#cfn-networkfirewall-loggingconfiguration-loggingconfiguration-logdestinationconfigs", + "Required": true, + "Type": "LogDestinationConfigs", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-actiondefinition.html", + "Properties": { + "PublishMetricAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-actiondefinition.html#cfn-networkfirewall-rulegroup-actiondefinition-publishmetricaction", + "Required": false, + "Type": "PublishMetricAction", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Address": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-address.html", + "Properties": { + "AddressDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-address.html#cfn-networkfirewall-rulegroup-address-addressdefinition", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Addresses": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-addresses.html", + "Properties": { + "Addresses": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-addresses.html#cfn-networkfirewall-rulegroup-addresses-addresses", + "DuplicatesAllowed": false, + "ItemType": "Address", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.CustomAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-customaction.html", + "Properties": { + "ActionDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-customaction.html#cfn-networkfirewall-rulegroup-customaction-actiondefinition", + "Required": true, + "Type": "ActionDefinition", + "UpdateType": "Mutable" + }, + "ActionName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-customaction.html#cfn-networkfirewall-rulegroup-customaction-actionname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.CustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-customactions.html", + "Properties": { + "CustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-customactions.html#cfn-networkfirewall-rulegroup-customactions-customactions", + "DuplicatesAllowed": false, + "ItemType": "CustomAction", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Dimension": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-dimension.html", + "Properties": { + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-dimension.html#cfn-networkfirewall-rulegroup-dimension-value", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-dimensions.html", + "Properties": { + "Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-dimensions.html#cfn-networkfirewall-rulegroup-dimensions-dimensions", + "DuplicatesAllowed": false, + "ItemType": "Dimension", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Flags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-flags.html", + "Properties": { + "Flags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-flags.html#cfn-networkfirewall-rulegroup-flags-flags", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Header": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html", + "Properties": { + "Destination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-destination", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "DestinationPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-destinationport", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Direction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-direction", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Protocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-protocol", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-source", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SourcePort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-header.html#cfn-networkfirewall-rulegroup-header-sourceport", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.IPSet": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ipset.html", + "Properties": { + "Definition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ipset.html#cfn-networkfirewall-rulegroup-ipset-definition", + "Required": false, + "Type": "VariableDefinitionList", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html", + "Properties": { + "DestinationPorts": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-destinationports", + "Required": false, + "Type": "PortRanges", + "UpdateType": "Mutable" + }, + "Destinations": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-destinations", + "Required": false, + "Type": "Addresses", + "UpdateType": "Mutable" + }, + "Protocols": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-protocols", + "Required": false, + "Type": "ProtocolNumbers", + "UpdateType": "Mutable" + }, + "SourcePorts": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-sourceports", + "Required": false, + "Type": "PortRanges", + "UpdateType": "Mutable" + }, + "Sources": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-sources", + "Required": false, + "Type": "Addresses", + "UpdateType": "Mutable" + }, + "TCPFlags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-matchattributes.html#cfn-networkfirewall-rulegroup-matchattributes-tcpflags", + "Required": false, + "Type": "TCPFlags", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.PortRange": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portrange.html", + "Properties": { + "FromPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portrange.html#cfn-networkfirewall-rulegroup-portrange-fromport", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "ToPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portrange.html#cfn-networkfirewall-rulegroup-portrange-toport", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.PortRanges": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portranges.html", + "Properties": { + "PortRanges": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portranges.html#cfn-networkfirewall-rulegroup-portranges-portranges", + "DuplicatesAllowed": false, + "ItemType": "PortRange", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.PortSet": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portset.html", + "Properties": { + "Definition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-portset.html#cfn-networkfirewall-rulegroup-portset-definition", + "Required": false, + "Type": "VariableDefinitionList", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.ProtocolNumbers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-protocolnumbers.html", + "Properties": { + "ProtocolNumbers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-protocolnumbers.html#cfn-networkfirewall-rulegroup-protocolnumbers-protocolnumbers", + "DuplicatesAllowed": false, + "PrimitiveItemType": "Integer", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-publishmetricaction.html", + "Properties": { + "Dimensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-publishmetricaction.html#cfn-networkfirewall-rulegroup-publishmetricaction-dimensions", + "Required": true, + "Type": "Dimensions", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruledefinition.html", + "Properties": { + "Actions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruledefinition.html#cfn-networkfirewall-rulegroup-ruledefinition-actions", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "MatchAttributes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruledefinition.html#cfn-networkfirewall-rulegroup-ruledefinition-matchattributes", + "Required": true, + "Type": "MatchAttributes", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RuleGroup": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulegroup.html", + "Properties": { + "RuleVariables": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulegroup.html#cfn-networkfirewall-rulegroup-rulegroup-rulevariables", + "Required": false, + "Type": "RuleVariables", + "UpdateType": "Mutable" + }, + "RulesSource": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulegroup.html#cfn-networkfirewall-rulegroup-rulegroup-rulessource", + "Required": true, + "Type": "RulesSource", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RuleOption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruleoption.html", + "Properties": { + "Keyword": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruleoption.html#cfn-networkfirewall-rulegroup-ruleoption-keyword", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Settings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruleoption.html#cfn-networkfirewall-rulegroup-ruleoption-settings", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RuleOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruleoptions.html", + "Properties": { + "RuleOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-ruleoptions.html#cfn-networkfirewall-rulegroup-ruleoptions-ruleoptions", + "DuplicatesAllowed": false, + "ItemType": "RuleOption", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RuleVariables": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html", + "Properties": { + "IPSets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html#cfn-networkfirewall-rulegroup-rulevariables-ipsets", + "ItemType": "IPSet", + "Required": false, + "Type": "Map", + "UpdateType": "Mutable" + }, + "PortSets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html#cfn-networkfirewall-rulegroup-rulevariables-portsets", + "ItemType": "PortSet", + "Required": false, + "Type": "Map", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html", + "Properties": { + "RulesSourceList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-rulessourcelist", + "Required": false, + "Type": "RulesSourceList", + "UpdateType": "Mutable" + }, + "RulesString": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-rulesstring", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "StatefulRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-statefulrules", + "Required": false, + "Type": "StatefulRules", + "UpdateType": "Mutable" + }, + "StatelessRulesAndCustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-statelessrulesandcustomactions", + "Required": false, + "Type": "StatelessRulesAndCustomActions", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessourcelist.html", + "Properties": { + "GeneratedRulesType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessourcelist.html#cfn-networkfirewall-rulegroup-rulessourcelist-generatedrulestype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "TargetTypes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessourcelist.html#cfn-networkfirewall-rulegroup-rulessourcelist-targettypes", + "Required": true, + "Type": "TargetTypes", + "UpdateType": "Mutable" + }, + "Targets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessourcelist.html#cfn-networkfirewall-rulegroup-rulessourcelist-targets", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.StatefulRule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrule.html", + "Properties": { + "Action": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrule.html#cfn-networkfirewall-rulegroup-statefulrule-action", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Header": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrule.html#cfn-networkfirewall-rulegroup-statefulrule-header", + "Required": true, + "Type": "Header", + "UpdateType": "Mutable" + }, + "RuleOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrule.html#cfn-networkfirewall-rulegroup-statefulrule-ruleoptions", + "Required": true, + "Type": "RuleOptions", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.StatefulRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrules.html", + "Properties": { + "StatefulRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statefulrules.html#cfn-networkfirewall-rulegroup-statefulrules-statefulrules", + "DuplicatesAllowed": false, + "ItemType": "StatefulRule", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrule.html", + "Properties": { + "Priority": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrule.html#cfn-networkfirewall-rulegroup-statelessrule-priority", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + }, + "RuleDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrule.html#cfn-networkfirewall-rulegroup-statelessrule-ruledefinition", + "Required": true, + "Type": "RuleDefinition", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrules.html", + "Properties": { + "StatelessRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrules.html#cfn-networkfirewall-rulegroup-statelessrules-statelessrules", + "DuplicatesAllowed": false, + "ItemType": "StatelessRule", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrulesandcustomactions.html", + "Properties": { + "CustomActions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrulesandcustomactions.html#cfn-networkfirewall-rulegroup-statelessrulesandcustomactions-customactions", + "Required": false, + "Type": "CustomActions", + "UpdateType": "Mutable" + }, + "StatelessRules": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-statelessrulesandcustomactions.html#cfn-networkfirewall-rulegroup-statelessrulesandcustomactions-statelessrules", + "Required": true, + "Type": "StatelessRules", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tcpflagfield.html", + "Properties": { + "Flags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tcpflagfield.html#cfn-networkfirewall-rulegroup-tcpflagfield-flags", + "Required": true, + "Type": "Flags", + "UpdateType": "Mutable" + }, + "Masks": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tcpflagfield.html#cfn-networkfirewall-rulegroup-tcpflagfield-masks", + "Required": false, + "Type": "Flags", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.TCPFlags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tcpflags.html", + "Properties": { + "TCPFlags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tcpflags.html#cfn-networkfirewall-rulegroup-tcpflags-tcpflags", + "DuplicatesAllowed": false, + "ItemType": "TCPFlagField", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tags.html", + "Properties": { + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-tags.html#cfn-networkfirewall-rulegroup-tags-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.TargetTypes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-targettypes.html", + "Properties": { + "TargetTypes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-targettypes.html#cfn-networkfirewall-rulegroup-targettypes-targettypes", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup.VariableDefinitionList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-variabledefinitionlist.html", + "Properties": { + "VariableDefinitionList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-variabledefinitionlist.html#cfn-networkfirewall-rulegroup-variabledefinitionlist-variabledefinitionlist", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::NetworkManager::Device.Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-device-location.html", "Properties": { @@ -39966,6 +41251,242 @@ } } }, + "AWS::S3::StorageLens.AccountLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-accountlevel.html", + "Properties": { + "ActivityMetrics": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-accountlevel.html#cfn-s3-storagelens-accountlevel-activitymetrics", + "Required": false, + "Type": "ActivityMetrics", + "UpdateType": "Mutable" + }, + "BucketLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-accountlevel.html#cfn-s3-storagelens-accountlevel-bucketlevel", + "Required": true, + "Type": "BucketLevel", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.ActivityMetrics": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-activitymetrics.html", + "Properties": { + "IsEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-activitymetrics.html#cfn-s3-storagelens-activitymetrics-isenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.AwsOrg": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-awsorg.html", + "Properties": { + "Arn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-awsorg.html#cfn-s3-storagelens-awsorg-arn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.BucketLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketlevel.html", + "Properties": { + "ActivityMetrics": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketlevel.html#cfn-s3-storagelens-bucketlevel-activitymetrics", + "Required": false, + "Type": "ActivityMetrics", + "UpdateType": "Mutable" + }, + "PrefixLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketlevel.html#cfn-s3-storagelens-bucketlevel-prefixlevel", + "Required": false, + "Type": "PrefixLevel", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.BucketsAndRegions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketsandregions.html", + "Properties": { + "Buckets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketsandregions.html#cfn-s3-storagelens-bucketsandregions-buckets", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Regions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-bucketsandregions.html#cfn-s3-storagelens-bucketsandregions-regions", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.DataExport": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-dataexport.html", + "Properties": { + "S3BucketDestination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-dataexport.html#cfn-s3-storagelens-dataexport-s3bucketdestination", + "Required": true, + "Type": "S3BucketDestination", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-encryption.html" + }, + "AWS::S3::StorageLens.PrefixLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-prefixlevel.html", + "Properties": { + "StorageMetrics": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-prefixlevel.html#cfn-s3-storagelens-prefixlevel-storagemetrics", + "Required": true, + "Type": "PrefixLevelStorageMetrics", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-prefixlevelstoragemetrics.html", + "Properties": { + "IsEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-prefixlevelstoragemetrics.html#cfn-s3-storagelens-prefixlevelstoragemetrics-isenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "SelectionCriteria": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-prefixlevelstoragemetrics.html#cfn-s3-storagelens-prefixlevelstoragemetrics-selectioncriteria", + "Required": false, + "Type": "SelectionCriteria", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.S3BucketDestination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html", + "Properties": { + "AccountId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-accountid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Arn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-arn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-encryption", + "Required": false, + "Type": "Encryption", + "UpdateType": "Mutable" + }, + "Format": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-format", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "OutputSchemaVersion": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-outputschemaversion", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Prefix": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-s3bucketdestination.html#cfn-s3-storagelens-s3bucketdestination-prefix", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.SelectionCriteria": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-selectioncriteria.html", + "Properties": { + "Delimiter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-selectioncriteria.html#cfn-s3-storagelens-selectioncriteria-delimiter", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxDepth": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-selectioncriteria.html#cfn-s3-storagelens-selectioncriteria-maxdepth", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MinStorageBytesPercentage": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-selectioncriteria.html#cfn-s3-storagelens-selectioncriteria-minstoragebytespercentage", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::S3::StorageLens.StorageLensConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html", + "Properties": { + "AccountLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-accountlevel", + "Required": true, + "Type": "AccountLevel", + "UpdateType": "Mutable" + }, + "AwsOrg": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-awsorg", + "Required": false, + "Type": "AwsOrg", + "UpdateType": "Mutable" + }, + "DataExport": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-dataexport", + "Required": false, + "Type": "DataExport", + "UpdateType": "Mutable" + }, + "Exclude": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-exclude", + "Required": false, + "Type": "BucketsAndRegions", + "UpdateType": "Mutable" + }, + "Id": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-id", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Include": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-include", + "Required": false, + "Type": "BucketsAndRegions", + "UpdateType": "Mutable" + }, + "IsEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-isenabled", + "PrimitiveType": "Boolean", + "Required": true, + "UpdateType": "Mutable" + }, + "StorageLensArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-storagelensconfiguration.html#cfn-s3-storagelens-storagelensconfiguration-storagelensarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-configurationseteventdestination-cloudwatchdestination.html", "Properties": { @@ -41049,6 +42570,12 @@ "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" + }, + "MultiModelConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-model-containerdefinition.html#cfn-sagemaker-model-containerdefinition-multimodelconfig", + "Required": false, + "Type": "MultiModelConfig", + "UpdateType": "Immutable" } } }, @@ -41063,6 +42590,17 @@ } } }, + "AWS::SageMaker::Model.MultiModelConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-model-containerdefinition-multimodelconfig.html", + "Properties": { + "ModelCacheSetting": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-model-containerdefinition-multimodelconfig.html#cfn-sagemaker-model-containerdefinition-multimodelconfig-modelcachesetting", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::SageMaker::Model.VpcConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-model-vpcconfig.html", "Properties": { @@ -41849,6 +43387,23 @@ } } }, + "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-signer-signingprofile-signaturevalidityperiod.html", + "Properties": { + "Type": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-signer-signingprofile-signaturevalidityperiod.html#cfn-signer-signingprofile-signaturevalidityperiod-type", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-signer-signingprofile-signaturevalidityperiod.html#cfn-signer-signingprofile-signaturevalidityperiod-value", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::StepFunctions::Activity.TagsEntry": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-activity-tagsentry.html", "Properties": { @@ -42010,6 +43565,13 @@ "Required": false, "UpdateType": "Mutable" }, + "EnvironmentVariables": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-runconfig.html#cfn-synthetics-canary-runconfig-environmentvariables", + "PrimitiveItemType": "String", + "Required": false, + "Type": "Map", + "UpdateType": "Mutable" + }, "MemoryInMB": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-runconfig.html#cfn-synthetics-canary-runconfig-memoryinmb", "PrimitiveType": "Integer", @@ -44273,7 +45835,7 @@ } } }, - "ResourceSpecificationVersion": "20.3.0", + "ResourceSpecificationVersion": "21.0.0", "ResourceTypes": { "AWS::ACMPCA::Certificate": { "Attributes": { @@ -44702,6 +46264,12 @@ "Required": false, "UpdateType": "Mutable" }, + "CustomHeaders": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html#cfn-amplify-app-customheaders", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "CustomRules": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.html#cfn-amplify-app-customrules", "ItemType": "CustomRule", @@ -49592,6 +51160,25 @@ } } }, + "AWS::CloudFront::KeyGroup": { + "Attributes": { + "Id": { + "PrimitiveType": "String" + }, + "LastModifiedTime": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html", + "Properties": { + "KeyGroupConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig", + "Required": true, + "Type": "KeyGroupConfig", + "UpdateType": "Mutable" + } + } + }, "AWS::CloudFront::OriginRequestPolicy": { "Attributes": { "Id": { @@ -49611,6 +51198,25 @@ } } }, + "AWS::CloudFront::PublicKey": { + "Attributes": { + "CreatedTime": { + "PrimitiveType": "String" + }, + "Id": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html", + "Properties": { + "PublicKeyConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig", + "Required": true, + "Type": "PublicKeyConfig", + "UpdateType": "Mutable" + } + } + }, "AWS::CloudFront::RealtimeLogConfig": { "Attributes": { "Arn": { @@ -52799,12 +54405,6 @@ "Required": true, "UpdateType": "Immutable" }, - "ProjectName": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-databrew-recipe.html#cfn-databrew-recipe-projectname", - "PrimitiveType": "String", - "Required": false, - "UpdateType": "Mutable" - }, "Steps": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-databrew-recipe.html#cfn-databrew-recipe-steps", "ItemType": "RecipeStep", @@ -52819,12 +54419,6 @@ "Required": false, "Type": "List", "UpdateType": "Immutable" - }, - "Version": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-databrew-recipe.html#cfn-databrew-recipe-version", - "PrimitiveType": "String", - "Required": false, - "UpdateType": "Mutable" } } }, @@ -58626,7 +60220,7 @@ "Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbuspolicy.html#cfn-events-eventbuspolicy-action", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "Condition": { @@ -58644,7 +60238,13 @@ "Principal": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbuspolicy.html#cfn-events-eventbuspolicy-principal", "PrimitiveType": "String", - "Required": true, + "Required": false, + "UpdateType": "Mutable" + }, + "Statement": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbuspolicy.html#cfn-events-eventbuspolicy-statement", + "PrimitiveType": "Json", + "Required": false, "UpdateType": "Mutable" }, "StatementId": { @@ -59943,6 +61543,12 @@ "Required": false, "UpdateType": "Mutable" }, + "TransformEncryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-mltransform.html#cfn-glue-mltransform-transformencryption", + "Required": false, + "Type": "TransformEncryption", + "UpdateType": "Mutable" + }, "TransformParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-mltransform.html#cfn-glue-mltransform-transformparameters", "Required": true, @@ -59986,6 +61592,142 @@ } } }, + "AWS::Glue::Registry": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-registry.html", + "Properties": { + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-registry.html#cfn-glue-registry-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-registry.html#cfn-glue-registry-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-registry.html#cfn-glue-registry-tags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + } + } + }, + "AWS::Glue::Schema": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "InitialSchemaVersionId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html", + "Properties": { + "CheckpointVersion": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-checkpointversion", + "Required": false, + "Type": "SchemaVersion", + "UpdateType": "Mutable" + }, + "Compatibility": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-compatibility", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "DataFormat": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-dataformat", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Registry": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-registry", + "Required": false, + "Type": "Registry", + "UpdateType": "Immutable" + }, + "SchemaDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-schemadefinition", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schema.html#cfn-glue-schema-tags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + } + } + }, + "AWS::Glue::SchemaVersion": { + "Attributes": { + "VersionId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversion.html", + "Properties": { + "Schema": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversion.html#cfn-glue-schemaversion-schema", + "Required": true, + "Type": "Schema", + "UpdateType": "Immutable" + }, + "SchemaDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversion.html#cfn-glue-schemaversion-schemadefinition", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::Glue::SchemaVersionMetadata": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversionmetadata.html", + "Properties": { + "Key": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversionmetadata.html#cfn-glue-schemaversionmetadata-key", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "SchemaVersionId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversionmetadata.html#cfn-glue-schemaversionmetadata-schemaversionid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-schemaversionmetadata.html#cfn-glue-schemaversionmetadata-value", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, "AWS::Glue::SecurityConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-securityconfiguration.html", "Properties": { @@ -62156,6 +63898,31 @@ } } }, + "AWS::IoT::TopicRuleDestination": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "StatusReason": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-topicruledestination.html", + "Properties": { + "HttpUrlProperties": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-topicruledestination.html#cfn-iot-topicruledestination-httpurlproperties", + "Required": false, + "Type": "HttpUrlDestinationSummary", + "UpdateType": "Immutable" + }, + "Status": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-topicruledestination.html#cfn-iot-topicruledestination-status", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::IoTAnalytics::Channel": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iotanalytics-channel.html", "Properties": { @@ -62569,6 +64336,12 @@ "Required": true, "UpdateType": "Mutable" }, + "KeySpec": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keyspec", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "KeyUsage": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keyusage", "PrimitiveType": "String", @@ -63191,6 +64964,37 @@ } } }, + "AWS::Lambda::CodeSigningConfig": { + "Attributes": { + "CodeSigningConfigArn": { + "PrimitiveType": "String" + }, + "CodeSigningConfigId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html", + "Properties": { + "AllowedPublishers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-allowedpublishers", + "Required": true, + "Type": "AllowedPublishers", + "UpdateType": "Mutable" + }, + "CodeSigningPolicies": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-codesigningpolicies", + "Required": false, + "Type": "CodeSigningPolicies", + "UpdateType": "Mutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Lambda::EventInvokeConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html", "Properties": { @@ -63352,6 +65156,12 @@ "Type": "Code", "UpdateType": "Mutable" }, + "CodeSigningConfigArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-codesigningconfigarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "DeadLetterConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig", "Required": false, @@ -65010,6 +66820,187 @@ } } }, + "AWS::NetworkFirewall::Firewall": { + "Attributes": { + "EndpointIds": { + "PrimitiveItemType": "String", + "Type": "List" + }, + "FirewallArn": { + "PrimitiveType": "String" + }, + "FirewallId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html", + "Properties": { + "DeleteProtection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-deleteprotection", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FirewallName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-firewallname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "FirewallPolicyArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-firewallpolicyarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "FirewallPolicyChangeProtection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-firewallpolicychangeprotection", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "SubnetChangeProtection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-subnetchangeprotection", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "SubnetMappings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-subnetmappings", + "DuplicatesAllowed": false, + "ItemType": "SubnetMapping", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-tags", + "Required": false, + "Type": "Tags", + "UpdateType": "Mutable" + }, + "VpcId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-vpcid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::NetworkFirewall::FirewallPolicy": { + "Attributes": { + "FirewallPolicyArn": { + "PrimitiveType": "String" + }, + "FirewallPolicyId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html", + "Properties": { + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FirewallPolicy": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicy", + "Required": true, + "Type": "FirewallPolicy", + "UpdateType": "Mutable" + }, + "FirewallPolicyName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-firewallpolicyname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html#cfn-networkfirewall-firewallpolicy-tags", + "Required": false, + "Type": "Tags", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::LoggingConfiguration": { + "Attributes": { + "FirewallArn": { + "PrimitiveType": "String" + }, + "FirewallName": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-loggingconfiguration.html", + "Properties": { + "LoggingConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-loggingconfiguration.html#cfn-networkfirewall-loggingconfiguration-loggingconfiguration", + "Required": true, + "Type": "LoggingConfiguration", + "UpdateType": "Mutable" + } + } + }, + "AWS::NetworkFirewall::RuleGroup": { + "Attributes": { + "RuleGroupArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html", + "Properties": { + "Capacity": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-capacity", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Immutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RuleGroup": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-rulegroup", + "Required": false, + "Type": "RuleGroup", + "UpdateType": "Mutable" + }, + "RuleGroupId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-rulegroupid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RuleGroupName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-rulegroupname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-tags", + "Required": false, + "Type": "Tags", + "UpdateType": "Mutable" + }, + "Type": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#cfn-networkfirewall-rulegroup-type", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, "AWS::NetworkManager::CustomerGatewayAssociation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkmanager-customergatewayassociation.html", "Properties": { @@ -69233,6 +71224,30 @@ } } }, + "AWS::S3::StorageLens": { + "Attributes": { + "StorageLensArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-storagelens.html", + "Properties": { + "StorageLensConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-storagelens.html#cfn-s3-storagelens-storagelensconfiguration", + "Required": true, + "Type": "StorageLensConfiguration", + "UpdateType": "Mutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-storagelens.html#cfn-s3-storagelens-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::SDB::Domain": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-simpledb.html", "Properties": { @@ -70375,14 +72390,16 @@ } }, "AWS::SageMaker::MonitoringSchedule": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html", - "Properties": { + "Attributes": { "CreationTime": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html#cfn-sagemaker-monitoringschedule-creationtime", - "PrimitiveType": "String", - "Required": false, - "UpdateType": "Mutable" + "PrimitiveType": "String" }, + "LastModifiedTime": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html", + "Properties": { "EndpointName": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html#cfn-sagemaker-monitoringschedule-endpointname", "PrimitiveType": "String", @@ -70395,12 +72412,6 @@ "Required": false, "UpdateType": "Mutable" }, - "LastModifiedTime": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html#cfn-sagemaker-monitoringschedule-lastmodifiedtime", - "PrimitiveType": "String", - "Required": false, - "UpdateType": "Mutable" - }, "LastMonitoringExecutionSummary": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-monitoringschedule.html#cfn-sagemaker-monitoringschedule-lastmonitoringexecutionsummary", "Required": false, @@ -71489,6 +73500,79 @@ } } }, + "AWS::Signer::ProfilePermission": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html", + "Properties": { + "Action": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html#cfn-signer-profilepermission-action", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Principal": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html#cfn-signer-profilepermission-principal", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "ProfileName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html#cfn-signer-profilepermission-profilename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "ProfileVersion": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html#cfn-signer-profilepermission-profileversion", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "StatementId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-profilepermission.html#cfn-signer-profilepermission-statementid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::Signer::SigningProfile": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "ProfileName": { + "PrimitiveType": "String" + }, + "ProfileVersion": { + "PrimitiveType": "String" + }, + "ProfileVersionArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-signingprofile.html", + "Properties": { + "PlatformId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-signingprofile.html#cfn-signer-signingprofile-platformid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "SignatureValidityPeriod": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-signingprofile.html#cfn-signer-signingprofile-signaturevalidityperiod", + "Required": false, + "Type": "SignatureValidityPeriod", + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-signer-signingprofile.html#cfn-signer-signingprofile-tags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::StepFunctions::Activity": { "Attributes": { "Name": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/710_CodeArtifact_patch.json b/packages/@aws-cdk/cfnspec/spec-source/710_CodeArtifact_patch.json new file mode 100644 index 0000000000000..63a32c327d7a9 --- /dev/null +++ b/packages/@aws-cdk/cfnspec/spec-source/710_CodeArtifact_patch.json @@ -0,0 +1,49 @@ +{ + "ResourceTypes": { + "AWS::CodeArtifact::Domain": { + "patch": { + "description": "Adds missing properties for AWS::CodeArtifact::Domain", + "operations": [ + { + "op": "add", + "path": "/Properties/EncryptionKey", + "value": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codeartifact-domain.html#cfn-codeartifact-domain-encryptionkey", + "PrimitiveType": "String", + "UpdateType": "Immutable", + "Required": false + } + } + ] + } + }, + "AWS::CodeArtifact::Repository": { + "patch": { + "description": "Adds missing properties for AWS::CodeArtifact::Repository", + "operations": [ + { + "op": "add", + "path": "/Properties/DomainName", + "value": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codeartifact-repository.html#cfn-codeartifact-repository-domainname", + "PrimitiveType": "String", + "UpdateType": "Immutable", + "Required": true + } + }, + { + "op": "add", + "path": "/Properties/DomainOwner", + "value": { + "Documentation": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codeartifact-repository.html#cfn-codeartifact-repository-domainowner", + "PrimitiveType": "String", + "UpdateType": "Immutable", + "Required": false + } + } + ] + } + } + } +} + diff --git a/packages/@aws-cdk/cloud-assembly-schema/README.md b/packages/@aws-cdk/cloud-assembly-schema/README.md index 8429cfc5d880b..c91769b1de3f9 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/README.md +++ b/packages/@aws-cdk/cloud-assembly-schema/README.md @@ -1,10 +1,12 @@ -## Cloud Assembly Schema +# Cloud Assembly Schema + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. @@ -19,6 +21,7 @@ Its essentially a set of files and directories, one of which is the `manifest.js needed in order to deploy the assembly directory. > For example, when `cdk deploy` is executed, the CLI reads this file and performs its instructions: +> > - Build container images. > - Upload assets. > - Deploy CloudFormation templates. @@ -57,4 +60,4 @@ cannot be guaranteed because some instructions will be ignored. ## Contributing -See [Contribution Guide](./CONTRIBUTING.md) \ No newline at end of file +See [Contribution Guide](./CONTRIBUTING.md) diff --git a/packages/@aws-cdk/cloud-assembly-schema/package.json b/packages/@aws-cdk/cloud-assembly-schema/package.json index 6eb7b2887f3dd..1f5489ce20b18 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/package.json +++ b/packages/@aws-cdk/cloud-assembly-schema/package.json @@ -30,7 +30,14 @@ ] } }, - "projectReferences": true + "projectReferences": true, + "metadata": { + "jsii": { + "rosetta": { + "strict": true + } + } + } }, "scripts": { "build": "cdk-build", @@ -43,7 +50,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "update-schema": "bash scripts/update-schema.sh" + "update-schema": "bash scripts/update-schema.sh", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "author": { "name": "Amazon Web Services", @@ -58,7 +66,7 @@ "jest": "^26.6.3", "mock-fs": "^4.13.0", "pkglint": "0.0.0", - "typescript-json-schema": "^0.44.0" + "typescript-json-schema": "^0.45.0" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", diff --git a/packages/@aws-cdk/cloudformation-diff/README.md b/packages/@aws-cdk/cloudformation-diff/README.md index ff8c570eb00e8..678bc2c9ba0d2 100644 --- a/packages/@aws-cdk/cloudformation-diff/README.md +++ b/packages/@aws-cdk/cloudformation-diff/README.md @@ -1,12 +1,18 @@ -## Utilities to diff AWS CDK stacks against CloudFormation templates +# Utilities to diff AWS CDK stacks against CloudFormation templates + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/cloudformation-include/README.md b/packages/@aws-cdk/cloudformation-include/README.md index 0e2324128c2c3..2dcd71edc2b38 100644 --- a/packages/@aws-cdk/cloudformation-include/README.md +++ b/packages/@aws-cdk/cloudformation-include/README.md @@ -1,13 +1,13 @@ # Include CloudFormation templates in the CDK ---- -![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) +--- -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This module contains a set of classes whose goal is to facilitate working @@ -45,7 +45,7 @@ Resources: It can be included in a CDK application with the following code: -```typescript +```ts import * as cfn_inc from '@aws-cdk/cloudformation-include'; const cfnTemplate = new cfn_inc.CfnInclude(this, 'Template', { @@ -55,7 +55,7 @@ const cfnTemplate = new cfn_inc.CfnInclude(this, 'Template', { Or, if your template uses YAML: -```typescript +```ts const cfnTemplate = new cfn_inc.CfnInclude(this, 'Template', { templateFile: 'my-template.yaml', }); @@ -81,7 +81,7 @@ Any resource from the included template can be retrieved by referring to it by i If you know the class of the CDK object that corresponds to that resource, you can cast the returned object to the correct type: -```typescript +```ts import * as s3 from '@aws-cdk/aws-s3'; const cfnBucket = cfnTemplate.getResource('Bucket') as s3.CfnBucket; @@ -97,7 +97,7 @@ and so cannot be cast to a different resource type. Any modifications made to that resource will be reflected in the resulting CDK template; for example, the name of the bucket can be changed: -```typescript +```ts cfnBucket.bucketName = 'my-bucket-name'; ``` @@ -106,7 +106,7 @@ including the higher-level ones (those whose name does not start with `Cfn`), for example: -```typescript +```ts import * as iam from '@aws-cdk/aws-iam'; const role = new iam.Role(this, 'Role', { @@ -121,7 +121,7 @@ role.addToPolicy(new iam.PolicyStatement({ If you need, you can also convert the CloudFormation resource to a higher-level resource by importing it: -```typescript +```ts const bucket = s3.Bucket.fromBucketName(this, 'L2Bucket', cfnBucket.ref); // bucket is of type s3.IBucket ``` @@ -133,44 +133,44 @@ you can also retrieve and mutate all other template elements: * [Parameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const param: core.CfnParameter = cfnTemplate.getParameter('MyParameter'); - + // mutating the parameter param.default = 'MyDefault'; ``` * [Conditions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const condition: core.CfnCondition = cfnTemplate.getCondition('MyCondition'); - + // mutating the condition condition.expression = core.Fn.conditionEquals(1, 2); ``` * [Mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const mapping: core.CfnMapping = cfnTemplate.getMapping('MyMapping'); - + // mutating the mapping mapping.setValue('my-region', 'AMI', 'ami-04681a1dbd79675a5'); ``` * [Service Catalog template Rules](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/reference-template_constraint_rules.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const rule: core.CfnRule = cfnTemplate.getRule('MyRule'); - + // mutating the rule rule.addAssertion(core.Fn.conditionContains(['m1.small'], myParameter.value), 'MyParameter has to be m1.small'); @@ -178,22 +178,22 @@ you can also retrieve and mutate all other template elements: * [Outputs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const output: core.CfnOutput = cfnTemplate.getOutput('MyOutput'); - + // mutating the output output.value = cfnBucket.attrArn; ``` * [Hooks for blue-green deployments](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html): - ```typescript + ```ts import * as core from '@aws-cdk/core'; - + const hook: core.CfnHook = cfnTemplate.getHook('MyOutput'); - + // mutating the hook const codeDeployHook = hook as core.CfnCodeDeployBlueGreenHook; codeDeployHook.serviceRole = myRole.roleArn; @@ -205,7 +205,7 @@ If your existing template uses CloudFormation Parameters, you may want to remove them in favor of build-time values. You can do that using the `parameters` property: -```typescript +```ts new inc.CfnInclude(this, 'includeTemplate', { templateFile: 'path/to/my/template', parameters: { @@ -251,7 +251,7 @@ where the child template pointed to by `https://my-s3-template-source.s3.amazona You can include both the parent stack, and the nested stack in your CDK application as follows: -```typescript +```ts const parentTemplate = new inc.CfnInclude(this, 'ParentStack', { templateFile: 'path/to/my-parent-template.json', loadNestedStacks: { @@ -272,7 +272,7 @@ will be modified to point to that asset. The included nested stack can be accessed with the `getNestedStack` method: -```typescript +```ts const includedChildStack = parentTemplate.getNestedStack('ChildStack'); const childStack: core.NestedStack = includedChildStack.stack; const childTemplate: cfn_inc.CfnInclude = includedChildStack.includedTemplate; @@ -281,7 +281,7 @@ const childTemplate: cfn_inc.CfnInclude = includedChildStack.includedTemplate; Now you can reference resources from `ChildStack`, and modify them like any other included template: -```typescript +```ts const cfnBucket = childTemplate.getResource('MyBucket') as s3.CfnBucket; cfnBucket.bucketName = 'my-new-bucket-name'; diff --git a/packages/@aws-cdk/cloudformation-include/lib/cfn-include.ts b/packages/@aws-cdk/cloudformation-include/lib/cfn-include.ts index 7c3c36de9196a..5a54d36aefcc8 100644 --- a/packages/@aws-cdk/cloudformation-include/lib/cfn-include.ts +++ b/packages/@aws-cdk/cloudformation-include/lib/cfn-include.ts @@ -1,6 +1,6 @@ import * as core from '@aws-cdk/core'; -import { Construct } from 'constructs'; import * as cfn_parse from '@aws-cdk/core/lib/cfn-parse'; +import { Construct } from 'constructs'; import * as cfn_type_to_l1_mapping from './cfn-type-to-l1-mapping'; import * as futils from './file-utils'; diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index 73b41baf6a3a7..b0afdaaeb368b 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -48,7 +48,8 @@ "awslint": "cdk-awslint", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "pre": [ @@ -161,6 +162,7 @@ "@aws-cdk/aws-mediastore": "0.0.0", "@aws-cdk/aws-msk": "0.0.0", "@aws-cdk/aws-neptune": "0.0.0", + "@aws-cdk/aws-networkfirewall": "0.0.0", "@aws-cdk/aws-networkmanager": "0.0.0", "@aws-cdk/aws-opsworks": "0.0.0", "@aws-cdk/aws-opsworkscm": "0.0.0", @@ -183,6 +185,7 @@ "@aws-cdk/aws-servicecatalog": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/aws-ses": "0.0.0", + "@aws-cdk/aws-signer": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", @@ -295,6 +298,7 @@ "@aws-cdk/aws-mediastore": "0.0.0", "@aws-cdk/aws-msk": "0.0.0", "@aws-cdk/aws-neptune": "0.0.0", + "@aws-cdk/aws-networkfirewall": "0.0.0", "@aws-cdk/aws-networkmanager": "0.0.0", "@aws-cdk/aws-opsworks": "0.0.0", "@aws-cdk/aws-opsworkscm": "0.0.0", @@ -317,6 +321,7 @@ "@aws-cdk/aws-servicecatalog": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/aws-ses": "0.0.0", + "@aws-cdk/aws-signer": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", @@ -362,8 +367,8 @@ "props-no-cfn-types:@aws-cdk/cloudformation-include.CfnIncludeProps.loadNestedStacks" ] }, - "stability": "experimental", - "maturity": "developer-preview", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false } diff --git a/packages/@aws-cdk/cloudformation-include/test/test-templates/properties-not-in-cfn-spec.json b/packages/@aws-cdk/cloudformation-include/test/test-templates/properties-not-in-cfn-spec.json new file mode 100644 index 0000000000000..eec4fc6f608c7 --- /dev/null +++ b/packages/@aws-cdk/cloudformation-include/test/test-templates/properties-not-in-cfn-spec.json @@ -0,0 +1,50 @@ +{ + "Resources": { + "Bucket": { + "Type": "AWS::S3::Bucket", + "Properties": { + "PropertyNotInCfnSchema": 1, + "AccelerateConfiguration": { + "AccelerationStatus": "Enabled", + "PropertyNotInCfnSchema": false + }, + "CorsConfiguration": { + "CorsRules": [ + { + "AllowedMethods": [ + "GET" + ], + "AllowedOrigins": [ + "origin1" + ], + "MaxAge": 5, + "PropertyNotInCfnSchema": "unmodeled property in array" + } + ] + } + } + }, + "Function": { + "Type": "AWS::Serverless::Function", + "Properties": { + "Handler": "index.handler", + "Runtime": "nodejs12.x", + "CodeUri": { + "Bucket": "bucket", + "Key": "key" + }, + "Events": { + "Api": { + "Properties": { + "Method": "GET", + "Path": "/" + }, + "Type": "Api", + "PropertyNotInCfnSchema": "unmodeled property in map" + } + } + } + } + }, + "Transform": "AWS::Serverless-2016-10-31" +} diff --git a/packages/@aws-cdk/cloudformation-include/test/valid-templates.test.ts b/packages/@aws-cdk/cloudformation-include/test/valid-templates.test.ts index 3c2d4b81f3fe4..873add618b9d0 100644 --- a/packages/@aws-cdk/cloudformation-include/test/valid-templates.test.ts +++ b/packages/@aws-cdk/cloudformation-include/test/valid-templates.test.ts @@ -999,6 +999,14 @@ describe('CDK Include', () => { }); }).toThrow(/Parameter with logical ID 'FakeParameter' was not found in the template/); }); + + test('can ingest a template that contains properties not in the current CFN spec, and output it unchanged', () => { + includeTestTemplate(stack, 'properties-not-in-cfn-spec.json'); + + expect(stack).toMatchTemplate( + loadTestFileToJsObject('properties-not-in-cfn-spec.json'), + ); + }); }); interface IncludeTestTemplateProps { diff --git a/packages/@aws-cdk/core/README.md b/packages/@aws-cdk/core/README.md index cfb09edea9e12..ffa333cd0634f 100644 --- a/packages/@aws-cdk/core/README.md +++ b/packages/@aws-cdk/core/README.md @@ -1,5 +1,6 @@ -## AWS Cloud Development Kit Core Library +# AWS Cloud Development Kit Core Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) @@ -7,6 +8,7 @@ ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + This library includes the basic building blocks of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) (AWS CDK). It defines the core classes that are used in the rest of the @@ -64,10 +66,6 @@ For example, assume that you have a load balancer configuration that you use for The following example will define a single top-level stack that contains two nested stacks: each one with a single Amazon S3 bucket: ```ts -import { Stack, Construct, StackProps } from '@aws-cdk/core'; -import cfn = require('@aws-cdk/aws-cloudformation'); -import s3 = require('@aws-cdk/aws-s3'); - class MyNestedStack extends cfn.NestedStack { constructor(scope: Construct, id: string, props?: cfn.NestedStackProps) { super(scope, id, props); @@ -133,8 +131,8 @@ By default, conversion to a higher unit will fail if the conversion does not pro a whole number. This can be overridden by unsetting `integral` property. ```ts -Size.mebibytes(2).toKibibytes() // yields 2048 -Size.kibibytes(2050).toMebibyte({ integral: false }) // yields 2 +Size.mebibytes(2).toKibibytes() // yields 2048 +Size.kibibytes(2050).toMebibytes({ rounding: SizeRoundingBehavior.FLOOR }) // yields 2 ``` ## Secrets @@ -147,19 +145,19 @@ The best practice is to store secrets in AWS Secrets Manager and reference them ```ts const secret = SecretValue.secretsManager('secretId', { - jsonField: 'password' // optional: key of a JSON field to retrieve (defaults to all content), - versionId: 'id' // optional: id of the version (default AWSCURRENT) - versionStage: 'stage' // optional: version stage name (default AWSCURRENT) + jsonField: 'password', // optional: key of a JSON field to retrieve (defaults to all content), + versionId: 'id', // optional: id of the version (default AWSCURRENT) + versionStage: 'stage', // optional: version stage name (default AWSCURRENT) }); ``` Using AWS Secrets Manager is the recommended way to reference secrets in a CDK app. `SecretValue` also supports the following secret sources: - * `SecretValue.plainText(secret)`: stores the secret as plain text in your app and the resulting template (not recommended). - * `SecretValue.ssmSecure(param, version)`: refers to a secret stored as a SecureString in the SSM Parameter Store. - * `SecretValue.cfnParameter(param)`: refers to a secret passed through a CloudFormation parameter (must have `NoEcho: true`). - * `SecretValue.cfnDynamicReference(dynref)`: refers to a secret described by a CloudFormation dynamic reference (used by `ssmSecure` and `secretsManager`). + - `SecretValue.plainText(secret)`: stores the secret as plain text in your app and the resulting template (not recommended). + - `SecretValue.ssmSecure(param, version)`: refers to a secret stored as a SecureString in the SSM Parameter Store. + - `SecretValue.cfnParameter(param)`: refers to a secret passed through a CloudFormation parameter (must have `NoEcho: true`). + - `SecretValue.cfnDynamicReference(dynref)`: refers to a secret described by a CloudFormation dynamic reference (used by `ssmSecure` and `secretsManager`). ## ARN manipulation @@ -244,13 +242,13 @@ between two stacks by using the `stackA.addDependency(stackB)` method. A stack dependency has the following implications: -* Cyclic dependencies are not allowed, so if `stackA` is using resources from +- Cyclic dependencies are not allowed, so if `stackA` is using resources from `stackB`, the reverse is not possible anymore. -* Stacks with dependencies between them are treated specially by the CDK +- Stacks with dependencies between them are treated specially by the CDK toolkit: - * If `stackA` depends on `stackB`, running `cdk deploy stackA` will also + - If `stackA` depends on `stackB`, running `cdk deploy stackA` will also automatically deploy `stackB`. - * `stackB`'s deployment will be performed *before* `stackA`'s deployment. + - `stackB`'s deployment will be performed *before* `stackA`'s deployment. ## Custom Resources @@ -261,8 +259,6 @@ CloudFormation deployment. To define a custom resource, use the `CustomResource` construct: ```ts -import { CustomResource } from '@aws-cdk/core'; - new CustomResource(this, 'MyMagicalResource', { resourceType: 'Custom::MyCustomResource', // must start with 'Custom::' @@ -317,8 +313,8 @@ examples ensures that only a single SNS topic is defined: ```ts function getOrCreate(scope: Construct): sns.Topic { - const stack = Stack.of(this); - const uniqueid = 'GloballyUniqueIdForSingleton'; + const stack = Stack.of(scope); + const uniqueid = 'GloballyUniqueIdForSingleton'; // For example, a UUID from `uuidgen` return stack.node.tryFindChild(uniqueid) as sns.Topic ?? new sns.Topic(stack, uniqueid); } ``` @@ -333,9 +329,6 @@ CloudFormation service. Set `serviceToken` to `topic.topicArn` in order to use this provider: ```ts -import * as sns from '@aws-cdk/aws-sns'; -import { CustomResource } from '@aws-cdk/core'; - const topic = new sns.Topic(this, 'MyProvider'); new CustomResource(this, 'MyResource', { @@ -352,13 +345,10 @@ response to the CloudFormation service and handle various error cases. Set `serviceToken` to `lambda.functionArn` to use this provider: ```ts -import * as lambda from '@aws-cdk/aws-lambda'; -import { CustomResource } from '@aws-cdk/core'; - -const fn = new lambda.Function(this, 'MyProvider'); +const fn = new lambda.Function(this, 'MyProvider', functionProps); new CustomResource(this, 'MyResource', { - serviceToken: lambda.functionArn + serviceToken: fn.functionArn, }); ``` @@ -438,18 +428,26 @@ Here is an complete example of a custom resource that summarizes two numbers: `sum-handler/index.js`: ```js -exports.handler = async e => { +exports.handler = async (e) => { return { Data: { - Result: e.ResourceProperties.lhs + e.ResourceProperties.rhs - } + Result: e.ResourceProperties.lhs + e.ResourceProperties.rhs, + }, }; }; ``` `sum.ts`: -```ts +```ts nofixture +import { + Construct, + CustomResource, + CustomResourceProvider, + CustomResourceProviderRuntime, + Token, +} from '@aws-cdk/core'; + export interface SumProps { readonly lhs: number; readonly rhs: number; @@ -483,17 +481,17 @@ export class Sum extends Construct { Usage will look like this: -```ts +```ts fixture=README-custom-resource-provider const sum = new Sum(this, 'MySum', { lhs: 40, rhs: 2 }); -new CfnOutput(this, 'Result', { value: sum.result }); +new CfnOutput(this, 'Result', { value: Token.asString(sum.result) }); ``` #### The Custom Resource Provider Framework -The [`@aws-cdk/custom-resource`] module includes an advanced framework for +The [`@aws-cdk/custom-resources`] module includes an advanced framework for implementing custom resource providers. -[`@aws-cdk/custom-resource`]: https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html +[`@aws-cdk/custom-resources`]: https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html Handlers are implemented as AWS Lambda functions, which means that they can be implemented in any Lambda-supported runtime. Furthermore, this provider has an @@ -504,11 +502,9 @@ allows implementing providers that can take up to two hours to stabilize. Set `serviceToken` to `provider.serviceToken` to use this type of provider: ```ts -import { Provider } from 'custom-resources'; - -const provider = new Provider(this, 'MyProvider', { - onEventHandler: onEventLambdaFunction, - isCompleteHandler: isCompleteLambdaFunction // optional async waiter +const provider = new customresources.Provider(this, 'MyProvider', { + onEventHandler, + isCompleteHandler, // optional async waiter }); new CustomResource(this, 'MyResource', { @@ -518,73 +514,6 @@ new CustomResource(this, 'MyResource', { See the [documentation](https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html) for more details. -#### Amazon SNS Topic - -Every time a resource event occurs (CREATE/UPDATE/DELETE), an SNS notification -is sent to the SNS topic. Users must process these notifications (e.g. through a -fleet of worker hosts) and submit success/failure responses to the -CloudFormation service. - -Set `serviceToken` to `topic.topicArn` in order to use this provider: - -```ts -import * as sns from '@aws-cdk/aws-sns'; -import { CustomResource } from '@aws-cdk/core'; - -const topic = new sns.Topic(this, 'MyProvider'); - -new CustomResource(this, 'MyResource', { - serviceToken: topic.topicArn -}); -``` - -#### AWS Lambda Function - -An AWS lambda function is called *directly* by CloudFormation for all resource -events. The handler must take care of explicitly submitting a success/failure -response to the CloudFormation service and handle various error cases. - -Set `serviceToken` to `lambda.functionArn` to use this provider: - -```ts -import * as lambda from '@aws-cdk/aws-lambda'; -import { CustomResource } from '@aws-cdk/core'; - -const fn = new lambda.Function(this, 'MyProvider'); - -new CustomResource(this, 'MyResource', { - serviceToken: lambda.functionArn -}); -``` - -#### The Custom Resource Provider Framework - -The [`@aws-cdk/custom-resource`] module includes an advanced framework for -implementing custom resource providers. - -[`@aws-cdk/custom-resource`]: https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html - -Handlers are implemented as AWS Lambda functions, which means that they can be -implemented in any Lambda-supported runtime. Furthermore, this provider has an -asynchronous mode, which means that users can provide an `isComplete` lambda -function which is called periodically until the operation is complete. This -allows implementing providers that can take up to two hours to stabilize. - -Set `serviceToken` to `provider.serviceToken` to use this provider: - -```ts -import { Provider } from 'custom-resources'; - -const provider = new Provider(this, 'MyProvider', { - onEventHandler: onEventLambdaFunction, - isCompleteHandler: isCompleteLambdaFunction // optional async waiter -}); - -new CustomResource(this, 'MyResource', { - serviceToken: provider.serviceToken -}); -``` - ## AWS CloudFormation features A CDK stack synthesizes to an AWS CloudFormation Template. This section @@ -598,7 +527,7 @@ the `CfnOutput` class: ```ts new CfnOutput(this, 'OutputName', { - value: bucket.bucketName, + value: myBucket.bucketName, description: 'The name of an S3 bucket', // Optional exportName: 'TheAwesomeBucket', // Registers a CloudFormation export named "TheAwesomeBucket" }); @@ -675,7 +604,7 @@ accessing those through the `cfnOptions` property: ```ts const rawBucket = new s3.CfnBucket(this, 'Bucket', { /* ... */ }); // -or- -const rawBucket = bucket.node.defaultChild as s3.CfnBucket; +const rawBucketAlt = myBucket.node.defaultChild as s3.CfnBucket; // then rawBucket.cfnOptions.condition = new CfnCondition(this, 'EnableBucket', { /* ... */ }); @@ -688,8 +617,8 @@ Resource dependencies (the `DependsOn` attribute) is modified using the `cfnResource.addDependsOn` method: ```ts -const resourceA = new CfnResource(this, 'ResourceA', { /* ... */ }); -const resourceB = new CfnResource(this, 'ResourceB', { /* ... */ }); +const resourceA = new CfnResource(this, 'ResourceA', resourceProps); +const resourceB = new CfnResource(this, 'ResourceB', resourceProps); resourceB.addDependsOn(resourceA); ``` @@ -734,7 +663,7 @@ const stage = Fn.conditionIf(isProd.logicalId, 'Beta', 'Prod').toString(); // Make Bucket creation condition to IsProduction by accessing // and overriding the CloudFormation resource const bucket = new s3.Bucket(this, 'Bucket'); -const cfnBucket = bucket.node.defaultChild as s3.CfnBucket; +const cfnBucket = myBucket.node.defaultChild as s3.CfnBucket; cfnBucket.cfnOptions.condition = isProd; ``` @@ -779,10 +708,10 @@ for SSM parameters (including secure strings) and Secrets Manager. Encoding such references is done using the `CfnDynamicReference` class: ```ts -new CfnDynamicReference(this, 'SecureStringValue', { - service: CfnDynamicReferenceService.SECRETS_MANAGER, - referenceKey: 'secret-id:secret-string:json-key:version-stage:version-id', -}); +new CfnDynamicReference( + CfnDynamicReferenceService.SECRETS_MANAGER, + 'secret-id:secret-string:json-key:version-stage:version-id', +); ``` [cfn-dynamic-references]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html @@ -847,6 +776,7 @@ new CfnInclude(this, 'ID', { ``` ### Termination Protection + You can prevent a stack from being accidentally deleted by enabling termination protection on the stack. If a user attempts to delete a stack with termination protection enabled, the deletion fails and the stack--including its status--remains @@ -880,15 +810,15 @@ const tagParam = new CfnParameter(this, 'TagName'); const stringEquals = new CfnJson(this, 'ConditionJson', { value: { - [`aws:PrincipalTag/${tagParam.valueAsString}`]: true + [`aws:PrincipalTag/${tagParam.valueAsString}`]: true, }, }); -const principal = new AccountRootPrincipal().withConditions({ +const principal = new iam.AccountRootPrincipal().withConditions({ StringEquals: stringEquals, }); -new Role(this, 'MyRole', { assumedBy: principal }); +new iam.Role(this, 'MyRole', { assumedBy: principal }); ``` **Explanation**: since in this example we pass the tag name through a parameter, it diff --git a/packages/@aws-cdk/core/lib/arn.ts b/packages/@aws-cdk/core/lib/arn.ts index 60dc79ab79d35..2ed3485a6c9b6 100644 --- a/packages/@aws-cdk/core/lib/arn.ts +++ b/packages/@aws-cdk/core/lib/arn.ts @@ -99,28 +99,28 @@ export class Arn { /** * Given an ARN, parses it and returns components. * - * If the ARN is a concrete string, it will be parsed and validated. The - * separator (`sep`) will be set to '/' if the 6th component includes a '/', - * in which case, `resource` will be set to the value before the '/' and - * `resourceName` will be the rest. In case there is no '/', `resource` will - * be set to the 6th components and `resourceName` will be set to the rest - * of the string. + * IF THE ARN IS A CONCRETE STRING... * - * If the ARN includes tokens (or is a token), the ARN cannot be validated, - * since we don't have the actual value yet at the time of this function - * call. You will have to know the separator and the type of ARN. The - * resulting `ArnComponents` object will contain tokens for the - * subexpressions of the ARN, not string literals. In this case this - * function cannot properly parse the complete final resourceName (path) out - * of ARNs that use '/' to both separate the 'resource' from the - * 'resourceName' AND to subdivide the resourceName further. For example, in - * S3 ARNs: + * ...it will be parsed and validated. The separator (`sep`) will be set to '/' + * if the 6th component includes a '/', in which case, `resource` will be set + * to the value before the '/' and `resourceName` will be the rest. In case + * there is no '/', `resource` will be set to the 6th components and + * `resourceName` will be set to the rest of the string. * - * arn:aws:s3:::my_corporate_bucket/path/to/exampleobject.png + * IF THE ARN IS A TOKEN... * - * After parsing the resourceName will not contain - * 'path/to/exampleobject.png' but simply 'path'. This is a limitation - * because there is no slicing functionality in CloudFormation templates. + * ...it cannot be validated, since we don't have the actual value yet at the + * time of this function call. You will have to supply `sepIfToken` and + * whether or not ARNs of the expected format usually have resource names + * in order to parse it properly. The resulting `ArnComponents` object will + * contain tokens for the subexpressions of the ARN, not string literals. + * + * If the resource name could possibly contain the separator char, the actual + * resource name cannot be properly parsed. This only occurs if the separator + * char is '/', and happens for example for S3 object ARNs, IAM Role ARNs, + * IAM OIDC Provider ARNs, etc. To properly extract the resource name from a + * Tokenized ARN, you must know the resource type and call + * `Arn.extractResourceName`. * * @param arn The ARN to parse * @param sepIfToken The separator used to separate resource from resourceName @@ -135,39 +135,18 @@ export class Arn { * components of the ARN. */ public static parse(arn: string, sepIfToken: string = '/', hasName: boolean = true): ArnComponents { - const components = arn.split(':') as Array; - const looksLikeArn = arn.startsWith('arn:') && components.length >= 6 && components.length <= 7; - if (Token.isUnresolved(arn) && !looksLikeArn) { + const components = parseArnShape(arn); + if (components === 'token') { return parseToken(arn, sepIfToken, hasName); } - // If the ARN merely contains Tokens, but otherwise *looks* mostly like an ARN, - // it's a string of the form 'arn:${partition}:service:${region}:${account}:abc/xyz'. - // Parse fields out to the best of our ability. - // Tokens won't contain ":", so this won't break them. - - if (components.length < 6) { - throw new Error('ARNs must have at least 6 components: ' + arn); - } - - const [arnPrefix, partition, service, region, account, sixth, ...rest] = components; - - if (arnPrefix !== 'arn') { - throw new Error('ARNs must start with "arn:": ' + arn); - } - if (!service) { - throw new Error('The `service` component (3rd component) is required: ' + arn); - } - - if (!sixth) { - throw new Error('The `resource` component (6th component) is required: ' + arn); - } + const [, partition, service, region, account, resourceTypeOrName, ...rest] = components; let resource: string; let resourceName: string | undefined; let sep: string | undefined; - let sepIndex = sixth.indexOf('/'); + let sepIndex = resourceTypeOrName.indexOf('/'); if (sepIndex !== -1) { sep = '/'; } else if (rest.length > 0) { @@ -176,10 +155,10 @@ export class Arn { } if (sepIndex !== -1) { - resource = sixth.substr(0, sepIndex); - resourceName = sixth.substr(sepIndex + 1); + resource = resourceTypeOrName.substr(0, sepIndex); + resourceName = resourceTypeOrName.substr(sepIndex + 1); } else { - resource = sixth; + resource = resourceTypeOrName; } if (rest.length > 0) { @@ -206,6 +185,39 @@ export class Arn { }); } + /** + * Extract the full resource name from an ARN + * + * Necessary for resource names (paths) that may contain the separator, like + * `arn:aws:iam::111111111111:role/path/to/role/name`. + * + * Only works if we statically know the expected `resourceType` beforehand, since we're going + * to use that to split the string on ':/' (and take the right-hand side). + * + * We can't extract the 'resourceType' from the ARN at hand, because CloudFormation Expressions + * only allow literals in the 'separator' argument to `{ Fn::Split }`, and so it can't be + * `{ Fn::Select: [5, { Fn::Split: [':', ARN] }}`. + * + * Only necessary for ARN formats for which the type-name separator is `/`. + */ + public static extractResourceName(arn: string, resourceType: string): string { + const components = parseArnShape(arn); + if (components === 'token') { + return Fn.select(1, Fn.split(`:${resourceType}/`, arn)); + } + + // Apparently we could just parse this right away. Validate that we got the right + // resource type (to notify authors of incorrect assumptions right away). + const parsed = Arn.parse(arn, '/', true); + if (!Token.isUnresolved(parsed.resource) && parsed.resource !== resourceType) { + throw new Error(`Expected resource type '${resourceType}' in ARN, got '${parsed.resource}' in '${arn}'`); + } + if (!parsed.resourceName) { + throw new Error(`Expected resource name in ARN, didn't find one: '${arn}'`); + } + return parsed.resourceName; + } + private constructor() { } } @@ -268,3 +280,42 @@ function parseToken(arnToken: string, sep: string = '/', hasName: boolean = true return { partition, service, region, account, resource, resourceName, sep }; } } + + +/** + * Validate that a string is either unparseable or looks mostly like an ARN + */ +function parseArnShape(arn: string): 'token' | string[] { + const components = arn.split(':'); + const looksLikeArn = arn.startsWith('arn:') && components.length >= 6; + + if (!looksLikeArn) { + if (Token.isUnresolved(arn)) { return 'token'; } + throw new Error(`ARNs must start with "arn:" and have at least 6 components: ${arn}`); + } + + // If the ARN merely contains Tokens, but otherwise *looks* mostly like an ARN, + // it's a string of the form 'arn:${partition}:service:${region}:${account}:abc/xyz'. + // Parse fields out to the best of our ability. + // Tokens won't contain ":", so this won't break them. + + const [/* arn */, partition, service, /* region */ , /* account */ , resource] = components; + + if (!partition) { + throw new Error('The `partition` component (2nd component) is required: ' + arn); + } + + if (!service) { + throw new Error('The `service` component (3rd component) is required: ' + arn); + } + + if (!resource) { + throw new Error('The `resource` component (6th component) is required: ' + arn); + } + + // Region can be missing in global ARNs (such as used by IAM) + + // Account can be missing in some ARN types (such as used for S3 buckets) + + return components; +} \ No newline at end of file diff --git a/packages/@aws-cdk/core/lib/asset-staging.ts b/packages/@aws-cdk/core/lib/asset-staging.ts index 047462ddeca71..66c65e3d14864 100644 --- a/packages/@aws-cdk/core/lib/asset-staging.ts +++ b/packages/@aws-cdk/core/lib/asset-staging.ts @@ -8,6 +8,7 @@ import * as minimatch from 'minimatch'; import { AssetHashType, AssetOptions } from './assets'; import { BundlingOptions } from './bundling'; import { FileSystem, FingerprintOptions } from './fs'; +import { Names } from './names'; import { Cache } from './private/cache'; import { Stack } from './stack'; import { Stage } from './stage'; @@ -92,9 +93,27 @@ export class AssetStaging extends CoreConstruct { * a temporary directory used for bundling. * * If asset staging is enabled it will be the staged path. + * + * IMPORTANT: If you are going to call `addFileAsset()`, use + * `relativeStagedPath()` instead. + * + * @deprecated - Use `absoluteStagedPath` instead. */ public readonly stagedPath: string; + /** + * Absolute path to the asset data. + * + * If asset staging is disabled, this will just be the source path or + * a temporary directory used for bundling. + * + * If asset staging is enabled it will be the staged path. + * + * IMPORTANT: If you are going to call `addFileAsset()`, use + * `relativeStagedPath()` instead. + */ + public readonly absoluteStagedPath: string; + /** * The absolute path of the asset as it was referenced by the user. */ @@ -115,7 +134,7 @@ export class AssetStaging extends CoreConstruct { * * Will not be used literally, always hashed later on. */ - private readonly customSourceFingerprint?: string; + private customSourceFingerprint?: string; private readonly cacheKey: string; @@ -171,6 +190,7 @@ export class AssetStaging extends CoreConstruct { const staged = AssetStaging.assetCache.obtain(this.cacheKey, stageThisAsset); this.stagedPath = staged.stagedPath; + this.absoluteStagedPath = staged.stagedPath; this.assetHash = staged.assetHash; } @@ -239,10 +259,16 @@ export class AssetStaging extends CoreConstruct { */ private stageByBundling(bundling: BundlingOptions, skip: boolean): StagedAsset { if (skip) { - // We should have bundled, but didn't to save time. Still pretend to have a hash, - // but always base it on sources. + // We should have bundled, but didn't to save time. Still pretend to have a hash. + // If the asset uses OUTPUT or BUNDLE, we use a CUSTOM hash to avoid fingerprinting + // a potentially very large source directory. Other hash types are kept the same. + let hashType = this.hashType; + if (hashType === AssetHashType.OUTPUT || hashType === AssetHashType.BUNDLE) { + this.customSourceFingerprint = Names.uniqueId(this); + hashType = AssetHashType.CUSTOM; + } return { - assetHash: this.calculateHash(AssetHashType.SOURCE), + assetHash: this.calculateHash(hashType, bundling), stagedPath: this.sourcePath, }; } diff --git a/packages/@aws-cdk/core/lib/cfn-include.ts b/packages/@aws-cdk/core/lib/cfn-include.ts index 4cfedc1c03c25..dc7c7312da490 100644 --- a/packages/@aws-cdk/core/lib/cfn-include.ts +++ b/packages/@aws-cdk/core/lib/cfn-include.ts @@ -1,6 +1,11 @@ import { Construct } from 'constructs'; import { CfnElement } from './cfn-element'; +/** + * Construction properties for {@link CfnInclude}. + * + * @deprecated use the CfnInclude class from the cloudformation-include module instead + */ export interface CfnIncludeProps { /** * The CloudFormation template to include in the stack (as is). @@ -11,6 +16,8 @@ export interface CfnIncludeProps { /** * Includes a CloudFormation template into a stack. All elements of the template will be merged into * the current stack, together with any elements created programmatically. + * + * @deprecated use the CfnInclude class from the cloudformation-include module instead */ export class CfnInclude extends CfnElement { /** diff --git a/packages/@aws-cdk/core/lib/cfn-parse.ts b/packages/@aws-cdk/core/lib/cfn-parse.ts index c5fc563c3778f..1a5c245b61c4e 100644 --- a/packages/@aws-cdk/core/lib/cfn-parse.ts +++ b/packages/@aws-cdk/core/lib/cfn-parse.ts @@ -12,10 +12,62 @@ import { CfnTag } from './cfn-tag'; import { Lazy } from './lazy'; import { CfnReference, ReferenceRendering } from './private/cfn-reference'; import { IResolvable } from './resolvable'; -import { Mapper, Validator } from './runtime'; +import { Validator } from './runtime'; import { isResolvableObject, Token } from './token'; import { undefinedIfAllValuesAreEmpty } from './util'; +/** + * The class used as the intermediate result from the generated L1 methods + * that convert from CloudFormation's UpperCase to CDK's lowerCase property names. + * Saves any extra properties that were present in the argument object, + * but that were not found in the CFN schema, + * so that they're not lost from the final CDK-rendered template. + */ +export class FromCloudFormationResult { + public readonly value: T; + public readonly extraProperties: { [key: string]: any }; + + public constructor(value: T) { + this.value = value; + this.extraProperties = {}; + } + + public appendExtraProperties(prefix: string, properties: { [key: string]: any } | undefined): void { + for (const [key, val] of Object.entries(properties ?? {})) { + this.extraProperties[`${prefix}.${key}`] = val; + } + } +} + +/** + * A property object we will accumulate properties into + */ +export class FromCloudFormationPropertyObject> extends FromCloudFormationResult { + private readonly recognizedProperties = new Set(); + + public constructor() { + super({} as any); // We're still accumulating + } + + /** + * Add a parse result under a given key + */ + public addPropertyResult(cdkPropName: keyof T, cfnPropName: string, result?: FromCloudFormationResult): void { + this.recognizedProperties.add(cfnPropName); + if (!result) { return; } + this.value[cdkPropName] = result.value; + this.appendExtraProperties(cfnPropName, result.extraProperties); + } + + public addUnrecognizedPropertiesAsExtra(properties: object): void { + for (const [key, val] of Object.entries(properties)) { + if (!this.recognizedProperties.has(key)) { + this.extraProperties[key] = val; + } + } + } +} + /** * This class contains static methods called when going from * translated values received from {@link CfnParser.parseValue} @@ -31,90 +83,92 @@ import { undefinedIfAllValuesAreEmpty } from './util'; */ export class FromCloudFormation { // nothing to for any but return it - public static getAny(value: any) { return value; } + public static getAny(value: any): FromCloudFormationResult { + return new FromCloudFormationResult(value); + } - public static getBoolean(value: any): boolean | IResolvable { + public static getBoolean(value: any): FromCloudFormationResult { if (typeof value === 'string') { // CloudFormation allows passing strings as boolean switch (value) { - case 'true': return true; - case 'false': return false; + case 'true': return new FromCloudFormationResult(true); + case 'false': return new FromCloudFormationResult(false); default: throw new Error(`Expected 'true' or 'false' for boolean value, got: '${value}'`); } } // in all other cases, just return the value, // and let a validator handle if it's not a boolean - return value; + return new FromCloudFormationResult(value); } - public static getDate(value: any): Date | IResolvable { + public static getDate(value: any): FromCloudFormationResult { // if the date is a deploy-time value, just return it if (isResolvableObject(value)) { - return value; + return new FromCloudFormationResult(value); } // if the date has been given as a string, convert it if (typeof value === 'string') { - return new Date(value); + return new FromCloudFormationResult(new Date(value)); } // all other cases - just return the value, // if it's not a Date, a validator should catch it - return value; + return new FromCloudFormationResult(value); } // won't always return a string; if the input can't be resolved to a string, // the input will be returned. - public static getString(value: any): string { + public static getString(value: any): FromCloudFormationResult { // if the string is a deploy-time value, serialize it to a Token if (isResolvableObject(value)) { - return value.toString(); + return new FromCloudFormationResult(value.toString()); } // CloudFormation treats numbers and strings interchangeably; // so, if we get a number here, convert it to a string if (typeof value === 'number') { - return value.toString(); + return new FromCloudFormationResult(value.toString()); } // in all other cases, just return the input, // and let a validator handle it if it's not a string - return value; + return new FromCloudFormationResult(value); } // won't always return a number; if the input can't be parsed to a number, // the input will be returned. - public static getNumber(value: any): number { + public static getNumber(value: any): FromCloudFormationResult { // if the string is a deploy-time value, serialize it to a Token if (isResolvableObject(value)) { - return Token.asNumber(value); + return new FromCloudFormationResult(Token.asNumber(value)); } // return a number, if the input can be parsed as one if (typeof value === 'string') { const parsedValue = parseFloat(value); if (!isNaN(parsedValue)) { - return parsedValue; + return new FromCloudFormationResult(parsedValue); } } // otherwise return the input, // and let a validator handle it if it's not a number - return value; + return new FromCloudFormationResult(value); } - public static getStringArray(value: any): string[] { + public static getStringArray(value: any): FromCloudFormationResult { // if the array is a deploy-time value, serialize it to a Token if (isResolvableObject(value)) { - return Token.asList(value); + return new FromCloudFormationResult(Token.asList(value)); } // in all other cases, delegate to the standard mapping logic return this.getArray(this.getString)(value); } - public static getArray(mapper: (arg: any) => T): (x: any) => T[] { + public static getArray(mapper: (arg: any) => FromCloudFormationResult): (x: any) => FromCloudFormationResult { return (value: any) => { if (!Array.isArray(value)) { // break the type system, and just return the given value, @@ -122,54 +176,65 @@ export class FromCloudFormation { // of the property we're transforming // (unless it's a deploy-time value, // which we can't map over at build time anyway) - return value; + return new FromCloudFormationResult(value); } - return value.map(mapper); + const values = new Array(); + const ret = new FromCloudFormationResult(values); + for (let i = 0; i < value.length; i++) { + const result = mapper(value[i]); + values.push(result.value); + ret.appendExtraProperties(`${i}`, result.extraProperties); + } + return ret; }; } - public static getMap(mapper: (arg: any) => T): (x: any) => { [key: string]: T } { + public static getMap(mapper: (arg: any) => FromCloudFormationResult): (x: any) => FromCloudFormationResult<{ [key: string]: T }> { return (value: any) => { if (typeof value !== 'object') { // if the input is not a map (= object in JS land), // just return it, and let the validator of this property handle it // (unless it's a deploy-time value, // which we can't map over at build time anyway) - return value; + return new FromCloudFormationResult(value); } - const ret: { [key: string]: T } = {}; + const values: { [key: string]: T } = {}; + const ret = new FromCloudFormationResult(values); for (const [key, val] of Object.entries(value)) { - ret[key] = mapper(val); + const result = mapper(val); + values[key] = result.value; + ret.appendExtraProperties(key, result.extraProperties); } return ret; }; } - public static getCfnTag(tag: any): CfnTag { + public static getCfnTag(tag: any): FromCloudFormationResult { return tag == null - ? { } as any // break the type system - this should be detected at runtime by a tag validator - : { + ? new FromCloudFormationResult({ } as any) // break the type system - this should be detected at runtime by a tag validator + : new FromCloudFormationResult({ key: tag.Key, value: tag.Value, - }; + }); } /** * Return a function that, when applied to a value, will return the first validly deserialized one */ - public static getTypeUnion(validators: Validator[], mappers: Mapper[]): (x: any) => any { - return (value: any): any => { + public static getTypeUnion(validators: Validator[], mappers: Array<(x: any) => FromCloudFormationResult>): + (x: any) => FromCloudFormationResult { + return (value: any) => { for (let i = 0; i < validators.length; i++) { const candidate = mappers[i](value); - if (validators[i](candidate).isSuccess) { + if (validators[i](candidate.value).isSuccess) { return candidate; } } // if nothing matches, just return the input unchanged, and let validators catch it - return value; + return new FromCloudFormationResult(value); }; } } @@ -326,7 +391,7 @@ export class CfnParser { if (typeof p !== 'object') { return undefined; } return undefinedIfAllValuesAreEmpty({ - minSuccessfulInstancesPercent: FromCloudFormation.getNumber(p.MinSuccessfulInstancesPercent), + minSuccessfulInstancesPercent: FromCloudFormation.getNumber(p.MinSuccessfulInstancesPercent).value, }); } @@ -334,8 +399,8 @@ export class CfnParser { if (typeof p !== 'object') { return undefined; } return undefinedIfAllValuesAreEmpty({ - count: FromCloudFormation.getNumber(p.Count), - timeout: FromCloudFormation.getString(p.Timeout), + count: FromCloudFormation.getNumber(p.Count).value, + timeout: FromCloudFormation.getString(p.Timeout).value, }); } } @@ -351,8 +416,8 @@ export class CfnParser { autoScalingRollingUpdate: parseAutoScalingRollingUpdate(policy.AutoScalingRollingUpdate), autoScalingScheduledAction: parseAutoScalingScheduledAction(policy.AutoScalingScheduledAction), codeDeployLambdaAliasUpdate: parseCodeDeployLambdaAliasUpdate(policy.CodeDeployLambdaAliasUpdate), - enableVersionUpgrade: FromCloudFormation.getBoolean(policy.EnableVersionUpgrade), - useOnlineResharding: FromCloudFormation.getBoolean(policy.UseOnlineResharding), + enableVersionUpgrade: FromCloudFormation.getBoolean(policy.EnableVersionUpgrade).value, + useOnlineResharding: FromCloudFormation.getBoolean(policy.UseOnlineResharding).value, }); function parseAutoScalingReplacingUpdate(p: any): CfnAutoScalingReplacingUpdate | undefined { @@ -367,12 +432,12 @@ export class CfnParser { if (typeof p !== 'object') { return undefined; } return undefinedIfAllValuesAreEmpty({ - maxBatchSize: FromCloudFormation.getNumber(p.MaxBatchSize), - minInstancesInService: FromCloudFormation.getNumber(p.MinInstancesInService), - minSuccessfulInstancesPercent: FromCloudFormation.getNumber(p.MinSuccessfulInstancesPercent), - pauseTime: FromCloudFormation.getString(p.PauseTime), - suspendProcesses: FromCloudFormation.getStringArray(p.SuspendProcesses), - waitOnResourceSignals: FromCloudFormation.getBoolean(p.WaitOnResourceSignals), + maxBatchSize: FromCloudFormation.getNumber(p.MaxBatchSize).value, + minInstancesInService: FromCloudFormation.getNumber(p.MinInstancesInService).value, + minSuccessfulInstancesPercent: FromCloudFormation.getNumber(p.MinSuccessfulInstancesPercent).value, + pauseTime: FromCloudFormation.getString(p.PauseTime).value, + suspendProcesses: FromCloudFormation.getStringArray(p.SuspendProcesses).value, + waitOnResourceSignals: FromCloudFormation.getBoolean(p.WaitOnResourceSignals).value, }); } @@ -380,10 +445,10 @@ export class CfnParser { if (typeof p !== 'object') { return undefined; } return { - beforeAllowTrafficHook: FromCloudFormation.getString(p.BeforeAllowTrafficHook), - afterAllowTrafficHook: FromCloudFormation.getString(p.AfterAllowTrafficHook), - applicationName: FromCloudFormation.getString(p.ApplicationName), - deploymentGroupName: FromCloudFormation.getString(p.DeploymentGroupName), + beforeAllowTrafficHook: FromCloudFormation.getString(p.BeforeAllowTrafficHook).value, + afterAllowTrafficHook: FromCloudFormation.getString(p.AfterAllowTrafficHook).value, + applicationName: FromCloudFormation.getString(p.ApplicationName).value, + deploymentGroupName: FromCloudFormation.getString(p.DeploymentGroupName).value, }; } @@ -391,7 +456,7 @@ export class CfnParser { if (typeof p !== 'object') { return undefined; } return undefinedIfAllValuesAreEmpty({ - ignoreUnmodifiedGroupSizeProperties: p.IgnoreUnmodifiedGroupSizeProperties, + ignoreUnmodifiedGroupSizeProperties: FromCloudFormation.getBoolean(p.IgnoreUnmodifiedGroupSizeProperties).value, }); } } diff --git a/packages/@aws-cdk/core/lib/cfn-resource.ts b/packages/@aws-cdk/core/lib/cfn-resource.ts index 64486770b991f..c436e453cacac 100644 --- a/packages/@aws-cdk/core/lib/cfn-resource.ts +++ b/packages/@aws-cdk/core/lib/cfn-resource.ts @@ -152,8 +152,8 @@ export class CfnResource extends CfnRefElement { * * For example, * ```typescript - * addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']) - * addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE') + * cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); + * cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); * ``` * would add the overrides * ```json @@ -532,4 +532,4 @@ function splitOnPeriods(x: string): string[] { ret.reverse(); return ret; -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/core/lib/custom-resource-provider/custom-resource-provider.ts b/packages/@aws-cdk/core/lib/custom-resource-provider/custom-resource-provider.ts index 82160f3a63ad6..ea5b0882dbb44 100644 --- a/packages/@aws-cdk/core/lib/custom-resource-provider/custom-resource-provider.ts +++ b/packages/@aws-cdk/core/lib/custom-resource-provider/custom-resource-provider.ts @@ -41,7 +41,7 @@ export interface CustomResourceProviderProps { * * @example * - * policyStatements: [ { Effect: 'Allow', Action: 's3:PutObject*', Resource: '*' } ] + * [{ Effect: 'Allow', Action: 's3:PutObject*', Resource: '*' }] * */ readonly policyStatements?: any[]; @@ -113,10 +113,9 @@ export class CustomResourceProvider extends CoreConstruct { * `serviceToken` when defining a custom resource. * * @example - * * new CustomResource(this, 'MyCustomResource', { * // ... - * serviceToken: provider.serviceToken // <--- here + * serviceToken: myProvider.serviceToken, // <--- here * }) * */ @@ -140,7 +139,7 @@ export class CustomResourceProvider extends CoreConstruct { }); const asset = stack.addFileAsset({ - fileName: staging.stagedPath, + fileName: staging.relativeStagedPath(stack), sourceHash: staging.sourceHash, packaging: FileAssetPackaging.ZIP_DIRECTORY, }); diff --git a/packages/@aws-cdk/core/lib/custom-resource.ts b/packages/@aws-cdk/core/lib/custom-resource.ts index 7fbf9505cf971..261f442f1a951 100644 --- a/packages/@aws-cdk/core/lib/custom-resource.ts +++ b/packages/@aws-cdk/core/lib/custom-resource.ts @@ -23,13 +23,13 @@ export interface CustomResourceProps { * * ```ts * // use the provider framework from aws-cdk/custom-resources: - * const provider = new custom_resources.Provider({ - * onEventHandler: myOnEventLambda, - * isCompleteHandler: myIsCompleteLambda, // optional + * const provider = new customresources.Provider(this, 'ResourceProvider', { + * onEventHandler, + * isCompleteHandler, // optional * }); * * new CustomResource(this, 'MyResource', { - * serviceToken: provider.serviceToken + * serviceToken: provider.serviceToken, * }); * ``` * @@ -37,14 +37,18 @@ export interface CustomResourceProps { * * ```ts * // invoke an AWS Lambda function when a lifecycle event occurs: - * serviceToken: myFunction.functionArn + * new CustomResource(this, 'MyResource', { + * serviceToken: myFunction.functionArn, + * }); * ``` * * SNS topic: * * ```ts * // publish lifecycle events to an SNS topic: - * serviceToken: myTopic.topicArn + * new CustomResource(this, 'MyResource', { + * serviceToken: myTopic.topicArn, + * }); * ``` */ readonly serviceToken: string; diff --git a/packages/@aws-cdk/core/lib/dependency.ts b/packages/@aws-cdk/core/lib/dependency.ts index 98e69a2d429e7..382d5acae0a61 100644 --- a/packages/@aws-cdk/core/lib/dependency.ts +++ b/packages/@aws-cdk/core/lib/dependency.ts @@ -58,9 +58,13 @@ const DEPENDABLE_SYMBOL = Symbol.for('@aws-cdk/core.DependableTrait'); * const roots = DependableTrait.get(construct).dependencyRoots; * * // Definition - * DependableTrait.implement(construct, { - * get dependencyRoots() { return []; } - * }); + * class TraitImplementation implements DependableTrait { + * public readonly dependencyRoots: IConstruct[]; + * constructor() { + * this.dependencyRoots = [constructA, constructB, constructC]; + * } + * } + * DependableTrait.implement(construct, new TraitImplementation()); * * @experimental */ diff --git a/packages/@aws-cdk/core/lib/private/resolve.ts b/packages/@aws-cdk/core/lib/private/resolve.ts index 7098dc4e3ec99..d6ae73cdb8796 100644 --- a/packages/@aws-cdk/core/lib/private/resolve.ts +++ b/packages/@aws-cdk/core/lib/private/resolve.ts @@ -89,6 +89,12 @@ export function resolve(obj: any, options: IResolveOptions): any { // string - potentially replace all stringified Tokens // if (typeof(obj) === 'string') { + // If this is a "list element" Token, it should never occur by itself in string context + if (TokenString.forListToken(obj).test()) { + throw new Error('Found an encoded list token string in a scalar string context. Use \'Fn.select(0, list)\' (not \'list[0]\') to extract elements from token lists.'); + } + + // Otherwise look for a stringified Token in this object const str = TokenString.forString(obj); if (str.test()) { const fragments = str.split(tokenMap.lookupToken.bind(tokenMap)); diff --git a/packages/@aws-cdk/core/lib/stack.ts b/packages/@aws-cdk/core/lib/stack.ts index 3c254ea803e88..e1664e2996a90 100644 --- a/packages/@aws-cdk/core/lib/stack.ts +++ b/packages/@aws-cdk/core/lib/stack.ts @@ -63,7 +63,7 @@ export interface StackProps { * * // Use a concrete account and region to deploy this stack to: * // `.account` and `.region` will simply return these values. - * new MyStack(app, 'Stack1', { + * new Stack(app, 'Stack1', { * env: { * account: '123456789012', * region: 'us-east-1' @@ -73,7 +73,7 @@ export interface StackProps { * // Use the CLI's current credentials to determine the target environment: * // `.account` and `.region` will reflect the account+region the CLI * // is configured to use (based on the user CLI credentials) - * new MyStack(app, 'Stack2', { + * new Stack(app, 'Stack2', { * env: { * account: process.env.CDK_DEFAULT_ACCOUNT, * region: process.env.CDK_DEFAULT_REGION @@ -91,7 +91,7 @@ export interface StackProps { * // both of these stacks will use the stage's account/region: * // `.account` and `.region` will resolve to the concrete values as above * new MyStack(myStage, 'Stack1'); - * new YourStack(myStage, 'Stack1'); + * new YourStack(myStage, 'Stack2'); * * // Define an environment-agnostic stack: * // `.account` and `.region` will resolve to `{ "Ref": "AWS::AccountId" }` and `{ "Ref": "AWS::Region" }` respectively. @@ -277,7 +277,7 @@ export class Stack extends CoreConstruct implements ITaggable { * The name of the CloudFormation template file emitted to the output * directory during synthesis. * - * @example MyStack.template.json + * @example 'MyStack.template.json' */ public readonly templateFile: string; @@ -519,7 +519,9 @@ export class Stack extends CoreConstruct implements ITaggable { /** * The ID of the stack * - * @example After resolving, looks like arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123 + * @example + * // After resolving, looks like + * 'arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123' */ public get stackId(): string { return new ScopedAws(this).stackId; @@ -563,28 +565,28 @@ export class Stack extends CoreConstruct implements ITaggable { /** * Given an ARN, parses it and returns components. * - * If the ARN is a concrete string, it will be parsed and validated. The - * separator (`sep`) will be set to '/' if the 6th component includes a '/', - * in which case, `resource` will be set to the value before the '/' and - * `resourceName` will be the rest. In case there is no '/', `resource` will - * be set to the 6th components and `resourceName` will be set to the rest - * of the string. - * - * If the ARN includes tokens (or is a token), the ARN cannot be validated, - * since we don't have the actual value yet at the time of this function - * call. You will have to know the separator and the type of ARN. The - * resulting `ArnComponents` object will contain tokens for the - * subexpressions of the ARN, not string literals. In this case this - * function cannot properly parse the complete final resourceName (path) out - * of ARNs that use '/' to both separate the 'resource' from the - * 'resourceName' AND to subdivide the resourceName further. For example, in - * S3 ARNs: - * - * arn:aws:s3:::my_corporate_bucket/path/to/exampleobject.png - * - * After parsing the resourceName will not contain - * 'path/to/exampleobject.png' but simply 'path'. This is a limitation - * because there is no slicing functionality in CloudFormation templates. + * IF THE ARN IS A CONCRETE STRING... + * + * ...it will be parsed and validated. The separator (`sep`) will be set to '/' + * if the 6th component includes a '/', in which case, `resource` will be set + * to the value before the '/' and `resourceName` will be the rest. In case + * there is no '/', `resource` will be set to the 6th components and + * `resourceName` will be set to the rest of the string. + * + * IF THE ARN IS A TOKEN... + * + * ...it cannot be validated, since we don't have the actual value yet at the + * time of this function call. You will have to supply `sepIfToken` and + * whether or not ARNs of the expected format usually have resource names + * in order to parse it properly. The resulting `ArnComponents` object will + * contain tokens for the subexpressions of the ARN, not string literals. + * + * If the resource name could possibly contain the separator char, the actual + * resource name cannot be properly parsed. This only occurs if the separator + * char is '/', and happens for example for S3 object ARNs, IAM Role ARNs, + * IAM OIDC Provider ARNs, etc. To properly extract the resource name from a + * Tokenized ARN, you must know the resource type and call + * `Arn.extractResourceName`. * * @param arn The ARN string to parse * @param sepIfToken The separator used to separate resource from resourceName @@ -683,7 +685,7 @@ export class Stack extends CoreConstruct implements ITaggable { * * Duplicate values are removed when stack is synthesized. * - * @example addTransform('AWS::Serverless-2016-10-31') + * @example stack.addTransform('AWS::Serverless-2016-10-31') * * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html * diff --git a/packages/@aws-cdk/core/lib/stage.ts b/packages/@aws-cdk/core/lib/stage.ts index 8dfa18834604c..fd93f4251bf7f 100644 --- a/packages/@aws-cdk/core/lib/stage.ts +++ b/packages/@aws-cdk/core/lib/stage.ts @@ -32,12 +32,12 @@ export interface StageProps { * @example * * // Use a concrete account and region to deploy this Stage to - * new MyStage(app, 'Stage1', { + * new Stage(app, 'Stage1', { * env: { account: '123456789012', region: 'us-east-1' }, * }); * * // Use the CLI's current credentials to determine the target environment - * new MyStage(app, 'Stage2', { + * new Stage(app, 'Stage2', { * env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION }, * }); * diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index e6041125237cb..6fab10e06197a 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -30,7 +30,14 @@ ] } }, - "projectReferences": true + "projectReferences": true, + "metadata": { + "jsii": { + "rosetta": { + "strict": true + } + } + } }, "repository": { "type": "git", @@ -135,7 +142,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cfn2ts" + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "cloudformation": "AWS::CloudFormation", @@ -170,7 +178,7 @@ "devDependencies": { "@types/lodash": "^4.14.165", "@types/minimatch": "^3.0.3", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "@types/sinon": "^9.0.9", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -185,11 +193,11 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@balena/dockerignore": "^1.0.2", "constructs": "^3.2.0", "fs-extra": "^9.0.1", - "minimatch": "^3.0.4", - "@balena/dockerignore": "^1.0.2", - "ignore": "^5.1.8" + "ignore": "^5.1.8", + "minimatch": "^3.0.4" }, "bundledDependencies": [ "fs-extra", @@ -201,8 +209,8 @@ "peerDependencies": { "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0", - "@aws-cdk/region-info": "0.0.0" + "@aws-cdk/region-info": "0.0.0", + "constructs": "^3.2.0" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/core/rosetta/README-custom-resource-provider.ts-fixture b/packages/@aws-cdk/core/rosetta/README-custom-resource-provider.ts-fixture new file mode 100644 index 0000000000000..ae4b1befd4b20 --- /dev/null +++ b/packages/@aws-cdk/core/rosetta/README-custom-resource-provider.ts-fixture @@ -0,0 +1,18 @@ +import { CfnOutput, Construct, Token } from '@aws-cdk/core'; + +declare interface SumProps { + readonly lhs: number; + readonly rhs: number; +} +declare class Sum extends Construct { + public readonly result: number; + constructor(scope: Construct, id: string, props: SumProps); +} + +class fixture$construct extends Construct { + public constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/@aws-cdk/core/rosetta/default.ts-fixture b/packages/@aws-cdk/core/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..558cc09b1c049 --- /dev/null +++ b/packages/@aws-cdk/core/rosetta/default.ts-fixture @@ -0,0 +1,65 @@ +import * as cfn from '@aws-cdk/aws-cloudformation'; +import * as customresources from '@aws-cdk/custom-resources'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as sns from '@aws-cdk/aws-sns'; +import * as sqs from '@aws-cdk/aws-sqs'; +import * as s3 from '@aws-cdk/aws-s3'; +import { + App, + Aws, + CfnCondition, + CfnDynamicReference, + CfnDynamicReferenceService, + CfnInclude, + CfnJson, + CfnMapping, + CfnOutput, + CfnParameter, + CfnResource, + CfnResourceProps, + ConcreteDependable, + Construct, + CustomResource, + CustomResourceProvider, + CustomResourceProviderRuntime, + DependableTrait, + Duration, + Fn, + IConstruct, + SecretValue, + Size, + SizeRoundingBehavior, + Stack, + StackProps, + Stage, + Token, +} from '@aws-cdk/core'; + +declare const app: App; +declare const arn: 'arn:partition:service:region:account-id:resource-id'; +declare const cfnResource: CfnResource; +declare const construct: Construct; +declare const constructA: Construct; +declare const constructB: Construct; +declare const constructC: Construct; +declare const functionProps: lambda.FunctionProps; +declare const isCompleteHandler: lambda.Function; +declare const myBucket: s3.IBucket; +declare const myFunction: lambda.IFunction; +declare const myProvider: CustomResourceProvider; +declare const myTopic: sns.ITopic; +declare const onEventHandler: lambda.Function; +declare const resourceProps: CfnResourceProps; +declare const stack: Stack; + +declare class MyStack extends Stack {} +declare class YourStack extends Stack {} + +class fixture$construct extends Construct { + public constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/@aws-cdk/core/test/arn.test.ts b/packages/@aws-cdk/core/test/arn.test.ts index 5fa7a83d98f7a..b4b135fff94e6 100644 --- a/packages/@aws-cdk/core/test/arn.test.ts +++ b/packages/@aws-cdk/core/test/arn.test.ts @@ -1,6 +1,7 @@ import { nodeunitShim, Test } from 'nodeunit-shim'; -import { ArnComponents, Aws, CfnOutput, ScopedAws, Stack } from '../lib'; +import { Arn, ArnComponents, Aws, CfnOutput, ScopedAws, Stack, Token } from '../lib'; import { Intrinsic } from '../lib/private/intrinsic'; +import { evaluateCFN } from './evaluate-cfn'; import { toCloudFormation } from './util'; nodeunitShim({ @@ -103,13 +104,13 @@ nodeunitShim({ fails: { 'if doesn\'t start with "arn:"'(test: Test) { const stack = new Stack(); - test.throws(() => stack.parseArn('barn:foo:x:a:1:2'), /ARNs must start with "arn:": barn:foo/); + test.throws(() => stack.parseArn('barn:foo:x:a:1:2'), /ARNs must start with "arn:".*barn:foo/); test.done(); }, 'if the ARN doesnt have enough components'(test: Test) { const stack = new Stack(); - test.throws(() => stack.parseArn('arn:is:too:short'), /ARNs must have at least 6 components: arn:is:too:short/); + test.throws(() => stack.parseArn('arn:is:too:short'), /ARNs must.*have at least 6 components.*arn:is:too:short/); test.done(); }, @@ -156,10 +157,11 @@ nodeunitShim({ resourceName: '81e900317347585a0601e04c8d52eaEX', sep: ':', }, - 'arn::cognito-sync:::identitypool/us-east-1:1a1a1a1a-ffff-1111-9999-12345678:bla': { + 'arn:aws:cognito-sync:::identitypool/us-east-1:1a1a1a1a-ffff-1111-9999-12345678:bla': { service: 'cognito-sync', region: '', account: '', + partition: 'aws', resource: 'identitypool', resourceName: 'us-east-1:1a1a1a1a-ffff-1111-9999-12345678:bla', sep: '/', @@ -212,6 +214,31 @@ nodeunitShim({ test.done(); }, + 'extracting resource name from a complex ARN'(test: Test) { + // GIVEN + const stack = new Stack(); + const theToken = Token.asString({ Ref: 'SomeParameter' }); + + // WHEN + const parsed = Arn.extractResourceName(theToken, 'role'); + + // THEN + test.deepEqual(evaluateCFN(stack.resolve(parsed), { + SomeParameter: 'arn:aws:iam::111111111111:role/path/to/role/name', + }), 'path/to/role/name'); + + test.done(); + }, + + 'extractResourceName validates resource type if possible'(test: Test) { + // WHEN + test.throws(() => { + Arn.extractResourceName('arn:aws:iam::111111111111:banana/rama', 'role'); + }, /Expected resource type/); + + test.done(); + }, + 'returns empty string ARN components'(test: Test) { const stack = new Stack(); const arn = 'arn:aws:iam::123456789012:role/abc123'; diff --git a/packages/@aws-cdk/core/test/custom-resource-provider/custom-resource-provider.test.ts b/packages/@aws-cdk/core/test/custom-resource-provider/custom-resource-provider.test.ts index 3a08468d9dc32..c56a991298574 100644 --- a/packages/@aws-cdk/core/test/custom-resource-provider/custom-resource-provider.test.ts +++ b/packages/@aws-cdk/core/test/custom-resource-provider/custom-resource-provider.test.ts @@ -1,7 +1,7 @@ import * as fs from 'fs'; import * as path from 'path'; import { nodeunitShim, Test } from 'nodeunit-shim'; -import { AssetStaging, CustomResourceProvider, CustomResourceProviderRuntime, Duration, Size, Stack } from '../../lib'; +import { App, AssetStaging, CustomResourceProvider, CustomResourceProviderRuntime, DockerImageAssetLocation, DockerImageAssetSource, Duration, FileAssetLocation, FileAssetSource, ISynthesisSession, Size, Stack } from '../../lib'; import { toCloudFormation } from '../util'; const TEST_HANDLER = `${__dirname}/mock-provider`; @@ -123,6 +123,43 @@ nodeunitShim({ test.done(); }, + 'custom resource provided creates asset in new-style synthesis with relative path'(test: Test) { + // GIVEN + + let assetFilename : string | undefined; + + const app = new App(); + const stack = new Stack(app, 'Stack', { + synthesizer: { + bind(_stack: Stack): void { }, + + addFileAsset(asset: FileAssetSource): FileAssetLocation { + assetFilename = asset.fileName; + return { bucketName: '', httpUrl: '', objectKey: '', s3ObjectUrl: '', s3Url: '', kmsKeyArn: '' }; + }, + + addDockerImageAsset(_asset: DockerImageAssetSource): DockerImageAssetLocation { + return { imageUri: '', repositoryName: '' }; + }, + + synthesize(_session: ISynthesisSession): void { }, + }, + }); + + // WHEN + CustomResourceProvider.getOrCreate(stack, 'Custom:MyResourceType', { + codeDirectory: TEST_HANDLER, + runtime: CustomResourceProviderRuntime.NODEJS_12, + }); + + // THEN -- no exception + if (!assetFilename || assetFilename.startsWith(path.sep)) { + throw new Error(`Asset filename must be a relative path, got: ${assetFilename}`); + } + + test.done(); + }, + 'policyStatements can be used to add statements to the inline policy'(test: Test) { // GIVEN const stack = new Stack(); diff --git a/packages/@aws-cdk/core/test/evaluate-cfn.ts b/packages/@aws-cdk/core/test/evaluate-cfn.ts index 7dfa66328c319..6d60949cc3193 100644 --- a/packages/@aws-cdk/core/test/evaluate-cfn.ts +++ b/packages/@aws-cdk/core/test/evaluate-cfn.ts @@ -6,9 +6,25 @@ import { isNameOfCloudFormationIntrinsic } from '../lib/private/cloudformation-lang'; export function evaluateCFN(object: any, context: {[key: string]: string} = {}): any { - const intrinsics: any = { + const intrinsicFns: any = { 'Fn::Join'(separator: string, args: string[]) { - return args.map(evaluate).join(separator); + if (typeof separator !== 'string') { + // CFN does not support expressions here! + throw new Error('\'separator\' argument of { Fn::Join } must be a string literal'); + } + return evaluate(args).map(evaluate).join(separator); + }, + + 'Fn::Split'(separator: string, args: any) { + if (typeof separator !== 'string') { + // CFN does not support expressions here! + throw new Error('\'separator\' argument of { Fn::Split } must be a string literal'); + } + return evaluate(args).split(separator); + }, + + 'Fn::Select'(index: number, args: any) { + return evaluate(args).map(evaluate)[index]; }, 'Ref'(logicalId: string) { @@ -56,13 +72,13 @@ export function evaluateCFN(object: any, context: {[key: string]: string} = {}): } if (typeof obj === 'object') { - const keys = Object.keys(obj); - if (keys.length === 1 && (isNameOfCloudFormationIntrinsic(keys[0]) || keys[0] === 'Ref')) { - return evaluateIntrinsic(keys[0], obj[keys[0]]); + const intrinsic = parseIntrinsic(obj); + if (intrinsic) { + return evaluateIntrinsic(intrinsic); } const ret: {[key: string]: any} = {}; - for (const key of keys) { + for (const key of Object.keys(obj)) { ret[key] = evaluateCFN(obj[key]); } return ret; @@ -71,15 +87,30 @@ export function evaluateCFN(object: any, context: {[key: string]: string} = {}): return obj; } - function evaluateIntrinsic(name: string, args: any) { - if (!(name in intrinsics)) { - throw new Error(`Intrinsic ${name} not supported here`); + function evaluateIntrinsic(intrinsic: Intrinsic) { + if (!(intrinsic.name in intrinsicFns)) { + throw new Error(`Intrinsic ${intrinsic.name} not supported here`); } - if (!Array.isArray(args)) { - args = [args]; - } + const argsAsArray = Array.isArray(intrinsic.args) ? intrinsic.args : [intrinsic.args]; - return intrinsics[name].apply(intrinsics, args); + return intrinsicFns[intrinsic.name].apply(intrinsicFns, argsAsArray); } } + +interface Intrinsic { + readonly name: string; + readonly args: any; +} + +function parseIntrinsic(x: any): Intrinsic | undefined { + if (typeof x !== 'object' || x === null) { return undefined; } + const keys = Object.keys(x); + if (keys.length === 1 && (isNameOfCloudFormationIntrinsic(keys[0]) || keys[0] === 'Ref')) { + return { + name: keys[0], + args: x[keys[0]], + }; + } + return undefined; +} \ No newline at end of file diff --git a/packages/@aws-cdk/core/test/staging.test.ts b/packages/@aws-cdk/core/test/staging.test.ts index 31b00700d7068..347c5fcea3b63 100644 --- a/packages/@aws-cdk/core/test/staging.test.ts +++ b/packages/@aws-cdk/core/test/staging.test.ts @@ -731,6 +731,7 @@ nodeunitShim({ test.equal(asset.sourcePath, directory); test.equal(asset.stagedPath, directory); test.equal(asset.relativeStagedPath(stack), directory); + test.equal(asset.assetHash, 'f66d7421aa2d044a6c1f60ddfc76dc78571fcd8bd228eb48eb394e2dbad94a5c'); test.done(); }, @@ -804,4 +805,4 @@ function readDockerStubInput() { // Concatenated docker inputs since last teardown function readDockerStubInputConcat() { return readAndCleanDockerStubInput(STUB_INPUT_CONCAT_FILE); -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/core/test/tokens.test.ts b/packages/@aws-cdk/core/test/tokens.test.ts index 39f4332d0ad86..72b37d0881f73 100644 --- a/packages/@aws-cdk/core/test/tokens.test.ts +++ b/packages/@aws-cdk/core/test/tokens.test.ts @@ -474,6 +474,18 @@ nodeunitShim({ test.done(); }, + + 'detect and error when list token values are illegally extracted'(test: Test) { + // GIVEN + const encoded: string[] = Token.asList({ Ref: 'Other' }); + + // THEN + test.throws(() => { + resolve({ value: encoded[0] }); + }, /Found an encoded list/); + + test.done(); + }, }, 'number encoding': { diff --git a/packages/@aws-cdk/custom-resources/README.md b/packages/@aws-cdk/custom-resources/README.md index 44f9e01bef5e3..0be6398f162c0 100644 --- a/packages/@aws-cdk/custom-resources/README.md +++ b/packages/@aws-cdk/custom-resources/README.md @@ -1,10 +1,12 @@ # AWS CDK Custom Resources + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + ## Provider Framework @@ -195,7 +197,7 @@ must return this name in `PhysicalResourceId` and make sure to handle replacement properly. The `S3File` example demonstrates this through the `objectKey` property. -### Error Handling +### Handling Provider Framework Error As mentioned above, if any of the user handlers fail (i.e. throws an exception) or times out (due to their AWS Lambda timing out), the framework will trap these @@ -211,15 +213,15 @@ When AWS CloudFormation receives a "FAILED" response, it will attempt to roll back the stack to it's last state. This has different meanings for different lifecycle events: -- If a `Create` event fails, the resource provider framework will automatically +* If a `Create` event fails, the resource provider framework will automatically ignore the subsequent `Delete` operation issued by AWS CloudFormation. The framework currently does not support customizing this behavior (see https://github.com/aws/aws-cdk/issues/5524). -- If an `Update` event fails, CloudFormation will issue an additional `Update` +* If an `Update` event fails, CloudFormation will issue an additional `Update` with the previous properties. -- If a `Delete` event fails, CloudFormation will abandon this resource. +* If a `Delete` event fails, CloudFormation will abandon this resource. -### Execution Policy +### Provider Framework Execution Policy Similarly to any AWS Lambda function, if the user-defined handlers require access to AWS resources, you will have to define these permissions @@ -254,7 +256,7 @@ implement an [asynchronous provider](#asynchronous-providers-iscomplete), and then configure the timeouts for the asynchronous retries through the `queryInterval` and the `totalTimeout` options. -### Examples +### Provider Framework Examples This module includes a few examples for custom resource implementations: @@ -280,12 +282,12 @@ new S3File(this, 'MyFile', { This sample demonstrates the following concepts: -- Synchronous implementation (`isComplete` is not defined) -- Automatically generates the physical name if `objectKey` is not defined -- Handles physical name changes -- Returns resource attributes -- Handles deletions -- Implemented in TypeScript +* Synchronous implementation (`isComplete` is not defined) +* Automatically generates the physical name if `objectKey` is not defined +* Handles physical name changes +* Returns resource attributes +* Handles deletions +* Implemented in TypeScript #### S3Assert @@ -304,9 +306,9 @@ new S3Assert(this, 'AssertMyFile', { This sample demonstrates the following concepts: -- Asynchronous implementation -- Non-intrinsic physical IDs -- Implemented in Python +* Asynchronous implementation +* Non-intrinsic physical IDs +* Implemented in Python ## Custom Resources for AWS APIs @@ -332,14 +334,14 @@ in the Lambda function implementing the custom resource. The installation takes seconds. If you prefer to optimize for speed, you can disable the installation by setting the `installLatestAwsSdk` prop to `false`. -### Execution Policy +### Custom Resource Execution Policy You must provide the `policy` property defining the IAM Policy that will be applied to the API calls. The library provides two factory methods to quickly configure this: -- **`AwsCustomResourcePolicy.fromSdkCalls`** - Use this to auto-generate IAM Policy statements based on the configured SDK calls. +* **`AwsCustomResourcePolicy.fromSdkCalls`** - Use this to auto-generate IAM Policy statements based on the configured SDK calls. Note that you will have to either provide specific ARN's, or explicitly use `AwsCustomResourcePolicy.ANY_RESOURCE` to allow access to any resource. -- **`AwsCustomResourcePolicy.fromStatements`** - Use this to specify your own custom statements. +* **`AwsCustomResourcePolicy.fromStatements`** - Use this to specify your own custom statements. The custom resource also implements `iam.IGrantable`, making it possible to use the `grantXxx()` methods. @@ -348,6 +350,7 @@ that the function's role will eventually accumulate the permissions/grants from resources. Chained API calls can be achieved by creating dependencies: + ```ts const awsCustom1 = new AwsCustomResource(this, 'API1', { onCreate: { @@ -372,9 +375,10 @@ const awsCustom2 = new AwsCustomResource(this, 'API2', { ``` ### Physical Resource Id Parameter + Some AWS APIs may require passing the physical resource id in as a parameter for doing updates and deletes. You can pass it by using `PhysicalResourceIdReference`. -``` +```ts const awsCustom = new AwsCustomResource(this, '...', { onCreate: { service: '...', @@ -396,7 +400,7 @@ const awsCustom = new AwsCustomResource(this, '...', { }) ``` -### Error Handling +### Handling Custom Resource Errors Every error produced by the API call is treated as is and will cause a "FAILED" response to be submitted to CloudFormation. You can ignore some errors by specifying the `ignoreErrorCodesMatching` property, which accepts a regular expression that is @@ -404,12 +408,13 @@ tested against the `code` property of the response. If matched, a "SUCCESS" resp Note that in such a case, the call response data and the `Data` key submitted to CloudFormation would both be an empty JSON object. Since a successful resource provisioning might or might not produce outputs, this presents us with some limitations: -- `PhysicalResourceId.fromResponse` - Since the call response data might be empty, we cannot use it to extract the physical id. -- `getResponseField` and `getResponseFieldReference` - Since the `Data` key is empty, the resource will not have any attributes, and therefore, invoking these functions will result in an error. +* `PhysicalResourceId.fromResponse` - Since the call response data might be empty, we cannot use it to extract the physical id. +* `getResponseField` and `getResponseFieldReference` - Since the `Data` key is empty, the resource will not have any attributes, and therefore, invoking these functions will result in an error. In both the cases, you will get a synth time error if you attempt to use it in conjunction with `ignoreErrorCodesMatching`. ### Customizing the Lambda function implementing the custom resource + Use the `role`, `timeout`, `logRetention` and `functionName` properties to customize the Lambda function implementing the custom resource: @@ -423,7 +428,7 @@ new AwsCustomResource(this, 'Customized', { }) ``` -### Examples +### Custom Resource Examples #### Verify a domain with SES @@ -467,9 +472,6 @@ const getParameter = new AwsCustomResource(this, 'GetParameter', { getParameter.getResponseField('Parameter.Value') ``` - - --- This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. - diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index 1898fdea5654d..61908e19814c2 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -49,7 +49,8 @@ "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", "compat": "cdk-compat", - "gen": "cp -f $(node -p 'require.resolve(\"aws-sdk/apis/metadata.json\")') lib/aws-custom-resource/sdk-api-metadata.json && rm -rf test/aws-custom-resource/cdk.out" + "gen": "cp -f $(node -p 'require.resolve(\"aws-sdk/apis/metadata.json\")') lib/aws-custom-resource/sdk-api-metadata.json && rm -rf test/aws-custom-resource/cdk.out", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "jest": true, @@ -79,7 +80,7 @@ "@types/aws-lambda": "^8.10.64", "@types/fs-extra": "^8.1.1", "@types/sinon": "^9.0.9", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/cx-api/README.md b/packages/@aws-cdk/cx-api/README.md index 989733d31bfeb..e0983d9d8e092 100644 --- a/packages/@aws-cdk/cx-api/README.md +++ b/packages/@aws-cdk/cx-api/README.md @@ -1,12 +1,18 @@ -## Cloud Executable API +# Cloud Executable API + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index d28a88071f10d..84485ddf3c416 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -56,6 +56,15 @@ export const STACK_RELATIVE_EXPORTS_CONTEXT = '@aws-cdk/core:stackRelativeExport */ export const DOCKER_IGNORE_SUPPORT = '@aws-cdk/aws-ecr-assets:dockerIgnoreSupport'; +/** + * Secret.secretName for an "owned" secret will attempt to parse the secretName from the ARN, + * rather than the default full resource name, which includes the SecretsManager suffix. + * + * If this flag is not set, Secret.secretName will include the SecretsManager suffix, which cannot be directly + * used by SecretsManager.DescribeSecret, and must be parsed by the user first (e.g., Fn:Join, Fn:Select, Fn:Split). + */ +export const SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME = '@aws-cdk/aws-secretsmanager:parseOwnedSecretName'; + /** * This map includes context keys and values for feature flags that enable * capabilities "from the future", which we could not introduce as the default @@ -74,6 +83,7 @@ export const FUTURE_FLAGS = { [ENABLE_DIFF_NO_FAIL_CONTEXT]: 'true', [STACK_RELATIVE_EXPORTS_CONTEXT]: 'true', [DOCKER_IGNORE_SUPPORT]: true, + [SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME]: true, // We will advertise this flag when the feature is complete // [NEW_STYLE_STACK_SYNTHESIS_CONTEXT]: 'true', @@ -89,8 +99,9 @@ const FUTURE_FLAGS_DEFAULTS: { [key: string]: boolean } = { [STACK_RELATIVE_EXPORTS_CONTEXT]: false, [NEW_STYLE_STACK_SYNTHESIS_CONTEXT]: false, [DOCKER_IGNORE_SUPPORT]: false, + [SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME]: false, }; export function futureFlagDefault(flag: string): boolean { return FUTURE_FLAGS_DEFAULTS[flag]; -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json index ea8aa01a47345..e21884db8398c 100644 --- a/packages/@aws-cdk/cx-api/package.json +++ b/packages/@aws-cdk/cx-api/package.json @@ -30,7 +30,14 @@ ] } }, - "projectReferences": true + "projectReferences": true, + "metadata": { + "jsii": { + "rosetta": { + "strict": true + } + } + } }, "scripts": { "build": "cdk-build", @@ -42,7 +49,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "author": { "name": "Amazon Web Services", diff --git a/packages/@aws-cdk/example-construct-library/README.md b/packages/@aws-cdk/example-construct-library/README.md index 74a34f0a2c484..441e0a75bec6e 100644 --- a/packages/@aws-cdk/example-construct-library/README.md +++ b/packages/@aws-cdk/example-construct-library/README.md @@ -1,6 +1,7 @@ -## An example Construct Library module +# An example Construct Library module + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) @@ -8,6 +9,7 @@ > The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. --- + This package contains an example CDK construct library diff --git a/packages/@aws-cdk/example-construct-library/package.json b/packages/@aws-cdk/example-construct-library/package.json index 85c27d5ff9138..f234c7f43c21c 100644 --- a/packages/@aws-cdk/example-construct-library/package.json +++ b/packages/@aws-cdk/example-construct-library/package.json @@ -49,7 +49,8 @@ "awslint": "cdk-awslint", "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "keywords": [ "aws", diff --git a/packages/@aws-cdk/pipelines/README.md b/packages/@aws-cdk/pipelines/README.md index 42b0a435242e1..58064177abf74 100644 --- a/packages/@aws-cdk/pipelines/README.md +++ b/packages/@aws-cdk/pipelines/README.md @@ -1,14 +1,19 @@ # CDK Pipelines + --- ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- - + A construct library for painless Continuous Delivery of CDK applications. @@ -93,9 +98,9 @@ stacks. This library uses prerelease features of the CDK framework, which can be enabled by adding the following to `cdk.json`: -``` +```js { - ... + // ... "context": { "@aws-cdk/core:newStyleStackSynthesis": true } @@ -214,7 +219,7 @@ bootstrapped (see below), and then executing deploying the `PipelineStack` Run the following commands to get the pipeline going: -``` +```console $ git commit -a $ git push $ cdk deploy PipelineStack @@ -341,7 +346,7 @@ testingStage.addApplication(new MyApplication2(this, 'MyApp2', { })); ``` -Even more, adding a manual approval action or reserving space for some extra sequential actions +Even more, adding a manual approval action or reserving space for some extra sequential actions between 'Prepare' and 'Execute' ChangeSet actions is possible. ```ts @@ -568,7 +573,7 @@ off temporarily, by passing `selfMutating: false` property, example: ```ts const pipeline = new CdkPipeline(this, 'Pipeline', { selfMutating: false, - ... + ... }); ``` @@ -604,7 +609,7 @@ also have to bootstrap those and be sure to add a *trust* relationship. To bootstrap an environment for provisioning the pipeline: -``` +```console $ env CDK_NEW_BOOTSTRAP=1 npx cdk bootstrap \ [--profile admin-profile-1] \ --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \ @@ -614,7 +619,7 @@ $ env CDK_NEW_BOOTSTRAP=1 npx cdk bootstrap \ To bootstrap a different environment for deploying CDK applications into using a pipeline in account `111111111111`: -``` +```console $ env CDK_NEW_BOOTSTRAP=1 npx cdk bootstrap \ [--profile admin-profile-2] \ --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \ @@ -695,7 +700,7 @@ Here are some common errors you may encounter while using this library. If you see the following error during deployment of your pipeline: -``` +```plaintext CREATE_FAILED | AWS::CodePipeline::Pipeline | Pipeline/Pipeline Internal Failure ``` @@ -707,7 +712,7 @@ right permissions to access the repository you're trying to access. If you see the following error during deployment of your pipeline: -``` +```plaintext CREATE_FAILED | AWS::KMS::Key | Pipeline/Pipeline/ArtifactsBucketEncryptionKey Policy contains a statement with one or more invalid principals. ``` @@ -716,11 +721,11 @@ One of the target (account, region) environments has not been bootstrapped with the new bootstrap stack. Check your target environments and make sure they are all bootstrapped. -### is in ROLLBACK_COMPLETE state and can not be updated. +### is in ROLLBACK_COMPLETE state and can not be updated If you see the following error during execution of your pipeline: -``` +```plaintext Stack ... is in ROLLBACK_COMPLETE state and can not be updated. (Service: AmazonCloudFormation; Status Code: 400; Error Code: ValidationError; Request ID: ...) @@ -741,14 +746,14 @@ Limitations that we are aware of and will address: There are some usability issues that are caused by underlying technology, and cannot be remedied by CDK at this point. They are reproduced here for completeness. -- **Console links to other accounts will not work**: the AWS CodePipeline +* **Console links to other accounts will not work**: the AWS CodePipeline console will assume all links are relative to the current account. You will not be able to use the pipeline console to click through to a CloudFormation stack in a different account. -- **If a change set failed to apply the pipeline must restarted**: if a change +* **If a change set failed to apply the pipeline must restarted**: if a change set failed to apply, it cannot be retried. The pipeline must be restarted from the top by clicking **Release Change**. -- **A stack that failed to create must be deleted manually**: if a stack +* **A stack that failed to create must be deleted manually**: if a stack failed to create on the first attempt, you must delete it using the CloudFormation console before starting the pipeline again by clicking **Release Change**. diff --git a/packages/@aws-cdk/pipelines/package.json b/packages/@aws-cdk/pipelines/package.json index 845da0c6be1f5..303d18410dcca 100644 --- a/packages/@aws-cdk/pipelines/package.json +++ b/packages/@aws-cdk/pipelines/package.json @@ -21,7 +21,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "author": { "name": "Amazon Web Services", diff --git a/packages/@aws-cdk/region-info/README.md b/packages/@aws-cdk/region-info/README.md index fca8a1222a8b1..07119849babb4 100644 --- a/packages/@aws-cdk/region-info/README.md +++ b/packages/@aws-cdk/region-info/README.md @@ -1,20 +1,28 @@ # AWS Region-Specific Information Directory + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + ## Usage + Some information used in CDK Applications differs from one AWS region to another, such as service principals used in IAM policies, S3 static website endpoints, ... ### The `RegionInfo` class + The library offers a simple interface to obtain region specific information in the form of the `RegionInfo` class. This is the preferred way to interact with the regional information database: @@ -35,6 +43,7 @@ below and can be used to register additional data, including user-defined facts that are not available through the `RegionInfo` interface. ### Low-Level API + This library offers a primitive database of such information so that CDK constructs can easily access regional information. The `FactName` class provides a list of known fact names, which can then be used with the `RegionInfo` to @@ -51,6 +60,7 @@ const staticWebsite = regionInfo.Fact.find('ap-northeast-1', regionInfo.FactName ``` ## Supplying new or missing information + As new regions are released, it might happen that a particular fact you need is missing from the library. In such cases, the `Fact.register` method can be used to inject FactName into the database: @@ -64,6 +74,7 @@ regionInfo.Fact.register({ ``` ## Overriding incorrect information + In the event information provided by the library is incorrect, it can be overridden using the same `Fact.register` method demonstrated above, simply adding an extra boolean argument: diff --git a/packages/@aws-cdk/region-info/package.json b/packages/@aws-cdk/region-info/package.json index 433bd60aa6a17..9db12073061e5 100644 --- a/packages/@aws-cdk/region-info/package.json +++ b/packages/@aws-cdk/region-info/package.json @@ -46,7 +46,8 @@ "package": "cdk-package", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "author": { "name": "Amazon Web Services", diff --git a/packages/@aws-cdk/yaml-cfn/README.md b/packages/@aws-cdk/yaml-cfn/README.md index b4dcb167f1e58..5045163f84ce6 100644 --- a/packages/@aws-cdk/yaml-cfn/README.md +++ b/packages/@aws-cdk/yaml-cfn/README.md @@ -1,13 +1,18 @@ -## CloudFormation YAML utilities - +# CloudFormation YAML utilities + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + This module contains utilities for parsing and emitting diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index b3b63cbf69e38..873f32ac59a96 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -61,7 +61,8 @@ "awslint": "cdk-awslint", "build+test+package": "npm run build+test && npm run package", "build+test": "npm run build && npm test", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "dependencies": { "yaml": "1.10.0" diff --git a/packages/@monocdk-experiment/assert/package.json b/packages/@monocdk-experiment/assert/package.json index 94a00e7e3f02f..92c854ef290a7 100644 --- a/packages/@monocdk-experiment/assert/package.json +++ b/packages/@monocdk-experiment/assert/package.json @@ -35,7 +35,7 @@ "devDependencies": { "@monocdk-experiment/rewrite-imports": "0.0.0", "@types/jest": "^26.0.15", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "jest": "^26.6.3", diff --git a/packages/@monocdk-experiment/rewrite-imports/README.md b/packages/@monocdk-experiment/rewrite-imports/README.md index 1255d2913afb6..9b705523ef4b8 100644 --- a/packages/@monocdk-experiment/rewrite-imports/README.md +++ b/packages/@monocdk-experiment/rewrite-imports/README.md @@ -1,12 +1,18 @@ # @monocdk-experiment/rewrite-imports + --- ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- + Migrate TypeScript `import` statements from modular CDK (i.e. `@aws-cdk/aws-s3`) to mono-cdk (i.e. `monocdk/aws-s3`); @@ -17,4 +23,4 @@ Usage: $ rewrite-imports lib/**/*.ts ``` -NOTE: `node_modules` and `*.d.ts` files are ignored. \ No newline at end of file +NOTE: `node_modules` and `*.d.ts` files are ignored. diff --git a/packages/@monocdk-experiment/rewrite-imports/bin/rewrite-imports.ts b/packages/@monocdk-experiment/rewrite-imports/bin/rewrite-imports.ts index fe70da35a582b..42dd59f43ad43 100644 --- a/packages/@monocdk-experiment/rewrite-imports/bin/rewrite-imports.ts +++ b/packages/@monocdk-experiment/rewrite-imports/bin/rewrite-imports.ts @@ -1,8 +1,8 @@ /* eslint-disable no-console */ import * as fs from 'fs'; +import { promisify } from 'util'; import * as _glob from 'glob'; -import { promisify } from 'util'; import { rewriteImports } from '../lib/rewrite'; const glob = promisify(_glob); diff --git a/packages/@monocdk-experiment/rewrite-imports/package.json b/packages/@monocdk-experiment/rewrite-imports/package.json index 788001c77aabe..ee88c8d1f9074 100644 --- a/packages/@monocdk-experiment/rewrite-imports/package.json +++ b/packages/@monocdk-experiment/rewrite-imports/package.json @@ -11,6 +11,7 @@ "build": "cdk-build", "watch": "cdk-watch", "test": "cdk-test", + "lint": "cdk-lint", "pkglint": "pkglint -f", "package": "cdk-package", "build+test+package": "npm run build+test && npm run package", @@ -37,7 +38,7 @@ "devDependencies": { "@types/glob": "^7.1.3", "@types/jest": "^26.0.15", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "cdk-build-tools": "0.0.0", "pkglint": "0.0.0" }, diff --git a/packages/aws-cdk-lib/README.md b/packages/aws-cdk-lib/README.md index de21ae0684304..d7b2d367ad94b 100644 --- a/packages/aws-cdk-lib/README.md +++ b/packages/aws-cdk-lib/README.md @@ -18,6 +18,7 @@ To use this package, you need to declare this package and the `constructs` packa dependencies. According to the kind of project you are developing: + - For projects that are CDK libraries, declare them both under the `devDependencies` **and** `peerDependencies` sections. - For CDK apps, declare them under the `dependencies` section only. diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 6fb76cd3eca49..3e637757b47de 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -22,7 +22,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "watch": "cdk-watch", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "awslint": { "exclude": [ @@ -215,6 +216,7 @@ "@aws-cdk/aws-mediastore": "0.0.0", "@aws-cdk/aws-msk": "0.0.0", "@aws-cdk/aws-neptune": "0.0.0", + "@aws-cdk/aws-networkfirewall": "0.0.0", "@aws-cdk/aws-networkmanager": "0.0.0", "@aws-cdk/aws-opsworks": "0.0.0", "@aws-cdk/aws-opsworkscm": "0.0.0", @@ -243,6 +245,7 @@ "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/aws-ses": "0.0.0", "@aws-cdk/aws-ses-actions": "0.0.0", + "@aws-cdk/aws-signer": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", @@ -266,12 +269,12 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.0.1", "pkglint": "0.0.0", - "ts-node": "^9.0.0", + "ts-node": "^9.1.0", "typescript": "~3.8.3", "ubergen": "0.0.0" }, diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index eeab77fbda41c..64b542ed4b2fd 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -1,10 +1,12 @@ -## AWS CDK Toolkit +# AWS CDK Toolkit + --- ![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- + The AWS CDK Toolkit provides the `cdk` command-line interface that can be used to work with AWS CDK applications. @@ -23,8 +25,10 @@ Command | Description This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. -### Commands -#### `cdk docs` +## Commands + +### `cdk docs` + Outputs the URL to the documentation for the current toolkit version, and attempts to open a browser to that URL. ```console @@ -37,7 +41,8 @@ $ cdk docs --browser='chrome %u' https://docs.aws.amazon.com/cdk/api/latest/ ``` -#### `cdk init` +### `cdk init` + Creates a new CDK project. ```console @@ -55,7 +60,8 @@ $ # Create a new library application in typescript $ cdk init lib --language=typescript ``` -#### `cdk list` +### `cdk list` + Lists the stacks modeled in the CDK app. ```console @@ -87,7 +93,8 @@ $ cdk list --app='node bin/main.js' --long region: bermuda-triangle-3 ``` -#### `cdk synthesize` +### `cdk synthesize` + Synthesizes the CDK app and produces a cloud assembly to a designated output (defaults to `cdk.out`) Typically you don't interact directly with cloud assemblies. They are files that include everything @@ -114,7 +121,8 @@ See the [AWS Documentation](https://docs.aws.amazon.com/cdk/latest/guide/apps.ht See the [CDK reference documentation](https://docs.aws.amazon.com/cdk/api/latest/docs/cloud-assembly-schema-readme.html) for details on the cloud assembly specification -#### `cdk diff` +### `cdk diff` + Computes differences between the infrastructure specified in the current state of the CDK app and the currently deployed application (or a user-specified CloudFormation template). This command returns non-zero if any differences are found. @@ -127,7 +135,8 @@ $ # Diff against a specific template document $ cdk diff --app='node bin/main.js' MyStackName --template=path/to/template.yml ``` -#### `cdk deploy` +### `cdk deploy` + Deploys a stack of your CDK app to it's environment. During the deployment, the toolkit will output progress indications, similar to what can be observed in the AWS CloudFormation Console. If the environment was never bootstrapped (using `cdk bootstrap`), only stacks that are not using assets and synthesize to a template that is under @@ -142,15 +151,15 @@ currently deployed stack to the template and tags that are about to be deployed will skip deployment if they are identical. Use `--force` to override this behavior and always deploy the stack. -##### Deploying multiple stacks +#### Deploying multiple stacks You can have multiple stacks in a cdk app. An example can be found in [how to create multiple stacks](https://docs.aws.amazon.com/cdk/latest/guide/stack_how_to_create_multiple_stacks.html). In order to deploy them, you can list the stacks you want to deploy. -If you want to deploy all of them, you can use the flag `--all` or the wildcard `*` to deploy all stacks in an app. +If you want to deploy all of them, you can use the flag `--all` or the wildcard `*` to deploy all stacks in an app. -##### Parameters +#### Parameters Pass parameters to your template during deployment by using `--parameters (STACK:KEY=VALUE)`. This will apply the value `VALUE` to the key `KEY` for stack `STACK`. @@ -158,6 +167,7 @@ Pass parameters to your template during deployment by using `--parameters Example of providing an attribute value for an SNS Topic through a parameter in TypeScript: Usage of parameter in CDK Stack: + ```ts new sns.Topic(this, 'TopicParameter', { topicName: new cdk.CfnParameter(this, 'TopicNameParam').value.toString() @@ -165,12 +175,14 @@ new sns.Topic(this, 'TopicParameter', { ``` Parameter values as a part of `cdk deploy` + ```console $ cdk deploy --parameters "MyStackName:TopicNameParam=parameterized" ``` Parameter values can be overwritten by supplying the `--force` flag. Example of overwriting the topic name from a previous deployment. + ```console $ cdk deploy --parameters "ParametersStack:TopicNameParam=blahagain" --force ``` @@ -181,13 +193,14 @@ Parameters provided to Stacks that do not make use of the parameter will not suc ⚠️ Parameters do not propagate to NestedStacks. These must be sent with the constructor. See Nested Stack [documentation](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cloudformation.NestedStack.html) -##### Outputs +#### Outputs Write stack outputs from deployments into a file. When your stack finishes deploying, all stack outputs will be written to the output file as JSON. Usage of output in a CDK stack -```typescript + +```ts const fn = new lambda.Function(this, "fn", { handler: "index.handler", code: lambda.Code.fromInline(`exports.handler = \${handler.toString()}`), @@ -206,6 +219,7 @@ $ cdk deploy --outputs-file outputs.json ``` When the stack finishes deployment, `outputs.json` would look like this: + ```json { "MyStack": { @@ -226,6 +240,7 @@ $ cdk deploy '*' --outputs-file "/Users/code/myproject/outputs.json" ``` Example `outputs.json` after deployment of multiple stacks + ```json { "MyStack": { @@ -237,12 +252,13 @@ Example `outputs.json` after deployment of multiple stacks } ``` -##### Deployment Progress +#### Deployment Progress By default, stack deployment events are displayed as a progress bar with the events for the resource currently being deployed. Set the `--progress` flag to request the complete history which includes all CloudFormation events + ```console $ cdk deploy --progress events ``` @@ -251,7 +267,8 @@ Alternatively, the `progress` key can be specified in the project config (`cdk.j The following shows a sample `cdk.json` where the `progress` key is set to *events*. When `cdk deploy` is executed, deployment events will include the complete history. -``` + +```json { "app": "npx ts-node bin/myproject.ts", "context": { @@ -262,9 +279,11 @@ When `cdk deploy` is executed, deployment events will include the complete histo "progress": "events" } ``` + The `progress` key can also be specified as a user setting (`~/.cdk.json`) -#### `cdk destroy` +### `cdk destroy` + Deletes a stack from it's environment. This will cause the resources in the stack to be destroyed (unless they were configured with a `DeletionPolicy` of `Retain`). During the stack destruction, the command will output progress information similar to what `cdk deploy` provides. @@ -273,7 +292,8 @@ information similar to what `cdk deploy` provides. $ cdk destroy --app='node bin/main.js' MyStackName ``` -#### `cdk bootstrap` +### `cdk bootstrap` + Deploys a `CDKToolkit` CloudFormation stack into the specified environment(s), that provides an S3 bucket that `cdk deploy` will use to store synthesized templates and the related assets, before triggering a CloudFormation stack update. The name of the deployed stack can be configured using the `--toolkit-stack-name` argument. The S3 Bucket @@ -304,7 +324,8 @@ $ cdk bootstrap --show-template > bootstrap-template.yaml $ cdk bootstrap --template bootstrap-template.yaml ``` -#### `cdk doctor` +### `cdk doctor` + Inspect the current command-line environment and configurations, and collect information that can be useful for troubleshooting problems. It is usually a good idea to include the information provided by this command when submitting a bug report. @@ -317,17 +338,19 @@ $ cdk doctor - AWS_SDK_LOAD_CONFIG = 1 ``` -#### Bundling +### Bundling + By default asset bundling is skipped for `cdk list` and `cdk destroy`. For `cdk deploy`, `cdk diff` and `cdk synthesize` the default is to bundle assets for all stacks unless `exclusively` is specified. In this case, only the listed stacks will have their assets bundled. -### MFA support +## MFA support If `mfa_serial` is found in the active profile of the shared ini file AWS CDK will ask for token defined in the `mfa_serial`. This token will be provided to STS assume role call. Example profile in `~/.aws/config` where `mfa_serial` is used to assume role: + ```ini [profile my_assume_role_profile] source_profile=my_source_role @@ -335,15 +358,19 @@ role_arn=arn:aws:iam::123456789123:role/role_to_be_assumed mfa_serial=arn:aws:iam::123456789123:mfa/my_user ``` -### Configuration +## Configuration + On top of passing configuration through command-line arguments, it is possible to use JSON configuration files. The configuration's order of precedence is: + 1. Command-line arguments 2. Project configuration (`./cdk.json`) 3. User configuration (`~/.cdk.json`) -#### JSON Configuration files +### JSON Configuration files + Some of the interesting keys that can be used in the JSON configuration files: + ```json5 { "app": "node bin/main.js", // Command to start the CDK app (--app='node bin/main.js') @@ -356,7 +383,7 @@ Some of the interesting keys that can be used in the JSON configuration files: } ``` -#### Environment +### Environment The following environment variables affect aws-cdk: diff --git a/packages/aws-cdk/bin/cdk.ts b/packages/aws-cdk/bin/cdk.ts index 4bd548e318b71..e305da55164e5 100644 --- a/packages/aws-cdk/bin/cdk.ts +++ b/packages/aws-cdk/bin/cdk.ts @@ -37,7 +37,7 @@ async function parseCommandLineArguments() { // // ./prog --arg one --arg two position => will parse to { arg: ['one', 'two'], _: ['positional'] }. - const initTemplateLanuages = await availableInitLanguages; + const initTemplateLanuages = await availableInitLanguages(); return yargs .env('CDK') .usage('Usage: cdk -a COMMAND') diff --git a/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts b/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts index d92321542cdd0..b409274efa59c 100644 --- a/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts +++ b/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts @@ -63,10 +63,13 @@ export class AwsCliCompatible { if (options.containerCreds ?? hasEcsCredentials()) { sources.push(() => new AWS.ECSCredentials()); + } else if (hasWebIdentityCredentials()) { + // else if: we have found WebIdentityCredentials as provided by EKS ServiceAccounts + sources.push(() => new AWS.TokenFileWebIdentityCredentials()); } else if (options.ec2instance ?? await isEc2Instance()) { - // else if: don't get EC2 creds if we should have gotten ECS creds--ECS instances also - // run on EC2 boxes but the creds represent something different. Same behavior as - // upstream code. + // else if: don't get EC2 creds if we should have gotten ECS or EKS creds + // ECS and EKS instances also run on EC2 boxes but the creds represent something different. + // Same behavior as upstream code. sources.push(() => new AWS.EC2MetadataCredentials()); } @@ -156,6 +159,15 @@ function hasEcsCredentials(): boolean { return (AWS.ECSCredentials.prototype as any).isConfiguredForEcsCredentials(); } +/** + * Return whether it looks like we'll have WebIdentityCredentials (that's what EKS uses) available + * No check like hasEcsCredentials available, so have to implement our own. + * @see https://github.com/aws/aws-sdk-js/blob/3ccfd94da07234ae87037f55c138392f38b6881d/lib/credentials/token_file_web_identity_credentials.js#L59 + */ +function hasWebIdentityCredentials(): boolean { + return Boolean(process.env.AWS_ROLE_ARN && process.env.AWS_WEB_IDENTITY_TOKEN_FILE); +} + /** * Return whether we're on an EC2 instance */ diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml index da8b7054cbb8e..f7a29c4c5d094 100644 --- a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml +++ b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml @@ -167,6 +167,7 @@ Resources: RestrictPublicBuckets: true - Ref: AWS::NoValue UpdateReplacePolicy: Retain + DeletionPolicy: Retain StagingBucketPolicy: Type: 'AWS::S3::BucketPolicy' Properties: @@ -386,7 +387,7 @@ Resources: Type: String Name: Fn::Sub: '/cdk-bootstrap/${Qualifier}/version' - Value: 4 + Value: '4' Outputs: BucketName: Description: The name of the S3 bucket owned by the CDK toolkit stack diff --git a/packages/aws-cdk/lib/init-templates/v1/app/javascript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/app/javascript/.template.gitignore index a2da1bef05b07..21dc76264a308 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/javascript/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/app/javascript/.template.gitignore @@ -3,6 +3,3 @@ node_modules # CDK asset staging directory .cdk.staging cdk.out - -# Parcel default cache directory -.parcel-cache diff --git a/packages/aws-cdk/lib/init-templates/v1/app/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/app/typescript/.template.gitignore index 305c7fbcc4d89..f60797b6a9168 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/typescript/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/app/typescript/.template.gitignore @@ -6,6 +6,3 @@ node_modules # CDK asset staging directory .cdk.staging cdk.out - -# Parcel default cache directory -.parcel-cache diff --git a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/.template.gitignore index 305c7fbcc4d89..f60797b6a9168 100644 --- a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/.template.gitignore @@ -6,6 +6,3 @@ node_modules # CDK asset staging directory .cdk.staging cdk.out - -# Parcel default cache directory -.parcel-cache diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/.template.gitignore index a2da1bef05b07..21dc76264a308 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/.template.gitignore @@ -3,6 +3,3 @@ node_modules # CDK asset staging directory .cdk.staging cdk.out - -# Parcel default cache directory -.parcel-cache diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/.template.gitignore index 305c7fbcc4d89..f60797b6a9168 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/.template.gitignore @@ -6,6 +6,3 @@ node_modules # CDK asset staging directory .cdk.staging cdk.out - -# Parcel default cache directory -.parcel-cache diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/csharp/.template.gitignore new file mode 100644 index 0000000000000..f555633ead8f0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/.template.gitignore @@ -0,0 +1,342 @@ +# CDK asset staging directory +.cdk.staging +cdk.out + +# Created by https://www.gitignore.io/api/csharp + +### Csharp ### +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + + +# End of https://www.gitignore.io/api/csharp \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/README.md b/packages/aws-cdk/lib/init-templates/v2/app/csharp/README.md new file mode 100644 index 0000000000000..fee04ca40c848 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/README.md @@ -0,0 +1,14 @@ +# Welcome to your CDK C# project! + +This is a blank project for C# development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It uses the [.NET Core CLI](https://docs.microsoft.com/dotnet/articles/core/) to compile and execute your project. + +## Useful commands + +* `dotnet build src` compile this app +* `cdk deploy` deploy this stack to your default AWS account/region +* `cdk diff` compare deployed stack with current state +* `cdk synth` emits the synthesized CloudFormation template \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/add-project.hook.ts b/packages/aws-cdk/lib/init-templates/v2/app/csharp/add-project.hook.ts new file mode 100644 index 0000000000000..37b1fe6ad3e5f --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/add-project.hook.ts @@ -0,0 +1,33 @@ +import * as child_process from 'child_process'; +import * as path from 'path'; +import { InvokeHook } from '../../../../init'; + +export const invoke: InvokeHook = async (targetDirectory: string) => { + const slnPath = path.join(targetDirectory, 'src', '%name.PascalCased%.sln'); + const csprojPath = path.join(targetDirectory, 'src', '%name.PascalCased%', '%name.PascalCased%.csproj'); + + const child = child_process.spawn('dotnet', ['sln', slnPath, 'add', csprojPath], { + // Need this for Windows where we want .cmd and .bat to be found as well. + shell: true, + stdio: ['ignore', 'pipe', 'inherit'], + }); + + await new Promise((resolve, reject) => { + const stdout = new Array(); + + child.stdout.on('data', chunk => { + process.stdout.write(chunk); + stdout.push(chunk); + }); + + child.once('error', reject); + + child.once('exit', code => { + if (code === 0) { + resolve(Buffer.concat(stdout).toString('utf-8')); + } else { + reject(new Error(`Could not add project %name.PascalCased%.csproj to solution %name.PascalCased%.sln. Error code: ${code}`)); + } + }); + }); +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/app/csharp/cdk.template.json new file mode 100644 index 0000000000000..94c37dee310c0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "dotnet run -p src/%name.PascalCased%/%name.PascalCased%.csproj" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%.template.sln b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%.template.sln new file mode 100644 index 0000000000000..2f92ebd9bda92 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%.template.sln @@ -0,0 +1,18 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.26124.0 +MinimumVisualStudioVersion = 15.0.26124.0 +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|Any CPU = Release|Any CPU + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj new file mode 100644 index 0000000000000..0ac3cc0a4c6cb --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj @@ -0,0 +1,19 @@ + + + + Exe + netcoreapp3.1 + + Major + + + + + + + + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs new file mode 100644 index 0000000000000..998db3c5335cd --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs @@ -0,0 +1,12 @@ +using Amazon.CDK.Lib; + +namespace %name.PascalCased% +{ + public class %name.PascalCased%Stack : Stack + { + internal %name.PascalCased%Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props) + { + // The code that defines your stack goes here + } + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs new file mode 100644 index 0000000000000..26233fcb54b5c --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs @@ -0,0 +1 @@ +[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Potential Code Quality Issues", "RECS0026:Possible unassigned object created by 'new'", Justification = "Constructs add themselves to the scope in which they are created")] diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs new file mode 100644 index 0000000000000..93f1e27a57523 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs @@ -0,0 +1,17 @@ +using Amazon.CDK.Lib; +using System; +using System.Collections.Generic; +using System.Linq; + +namespace %name.PascalCased% +{ + sealed class Program + { + public static void Main(string[] args) + { + var app = new App(); + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + app.Synth(); + } + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/.template.gitignore new file mode 100644 index 0000000000000..f555633ead8f0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/.template.gitignore @@ -0,0 +1,342 @@ +# CDK asset staging directory +.cdk.staging +cdk.out + +# Created by https://www.gitignore.io/api/csharp + +### Csharp ### +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + + +# End of https://www.gitignore.io/api/csharp \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/README.md b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/README.md new file mode 100644 index 0000000000000..16f13d4596dcf --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/README.md @@ -0,0 +1,18 @@ +## Welcome to your CDK F# project! + +This is a blank project for F# development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It uses the [.NET Core CLI](https://docs.microsoft.com/dotnet/articles/core/) to compile and execute your project. + +## Useful commands + +* `dotnet build src` compile this app +* `cdk ls` list all stacks in the app +* `cdk synth` emits the synthesized CloudFormation template +* `cdk deploy` deploy this stack to your default AWS account/region +* `cdk diff` compare deployed stack with current state +* `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/add-project.hook.ts b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/add-project.hook.ts new file mode 100644 index 0000000000000..b9b091fa35ff1 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/add-project.hook.ts @@ -0,0 +1,33 @@ +import * as child_process from 'child_process'; +import * as path from 'path'; +import { InvokeHook } from '../../../../init'; + +export const invoke: InvokeHook = async (targetDirectory: string) => { + const slnPath = path.join(targetDirectory, 'src', '%name.PascalCased%.sln'); + const fsprojPath = path.join(targetDirectory, 'src', '%name.PascalCased%', '%name.PascalCased%.fsproj'); + + const child = child_process.spawn('dotnet', ['sln', slnPath, 'add', fsprojPath], { + // Need this for Windows where we want .cmd and .bat to be found as well. + shell: true, + stdio: ['ignore', 'pipe', 'inherit'], + }); + + await new Promise((resolve, reject) => { + const stdout = new Array(); + + child.stdout.on('data', chunk => { + process.stdout.write(chunk); + stdout.push(chunk); + }); + + child.once('error', reject); + + child.once('exit', code => { + if (code === 0) { + resolve(Buffer.concat(stdout).toString('utf-8')); + } else { + reject(new Error(`Could not add project %name.PascalCased%.fsproj to solution %name.PascalCased%.sln. Error code: ${code}`)); + } + }); + }); +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/cdk.template.json new file mode 100644 index 0000000000000..a08c461d2a2e2 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "dotnet run -p src/%name.PascalCased%/%name.PascalCased%.fsproj" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%.template.sln b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%.template.sln new file mode 100644 index 0000000000000..d73885e1eacb9 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%.template.sln @@ -0,0 +1,18 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.26124.0 +MinimumVisualStudioVersion = 15.0.26124.0 +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|Any CPU = Release|Any CPU + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj new file mode 100644 index 0000000000000..226943c6d3bf7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj @@ -0,0 +1,24 @@ + + + + Exe + netcoreapp3.1 + + Major + + + + + + + + + + + + + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs new file mode 100644 index 0000000000000..40f90dc43d77e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs @@ -0,0 +1,8 @@ +namespace %name.PascalCased% + +open Amazon.CDK.Lib + +type %name.PascalCased%Stack(scope, id, props) as this = + inherit Stack(scope, id, props) + + // The code that defines your stack goes here diff --git a/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/Program.template.fs b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/Program.template.fs new file mode 100644 index 0000000000000..4b28d1e03ba9a --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/fsharp/src/%name.PascalCased%/Program.template.fs @@ -0,0 +1,11 @@ +open Amazon.CDK.Lib +open %name.PascalCased% + +[] +let main _ = + let app = App(null) + + %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps()) |> ignore + + app.Synth() |> ignore + 0 diff --git a/packages/aws-cdk/lib/init-templates/v2/app/info.json b/packages/aws-cdk/lib/init-templates/v2/app/info.json new file mode 100644 index 0000000000000..1a96dac2b1103 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/info.json @@ -0,0 +1,4 @@ +{ + "description": "Template for a CDK Application", + "aliases": ["application", "default"] +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/java/.template.gitignore new file mode 100644 index 0000000000000..1db21f162937f --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/.template.gitignore @@ -0,0 +1,13 @@ +.classpath.txt +target +.classpath +.project +.idea +.settings +.vscode +*.iml + +# CDK asset staging directory +.cdk.staging +cdk.out + diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/README.md b/packages/aws-cdk/lib/init-templates/v2/app/java/README.md new file mode 100644 index 0000000000000..6f46c4de8c441 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/README.md @@ -0,0 +1,18 @@ +# Welcome to your CDK Java project! + +This is a blank project for Java development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It is a [Maven](https://maven.apache.org/) based project, so you can open this project with any Maven compatible Java IDE to build and run tests. + +## Useful commands + + * `mvn package` compile and run tests + * `cdk ls` list all stacks in the app + * `cdk synth` emits the synthesized CloudFormation template + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/cdk.json b/packages/aws-cdk/lib/init-templates/v2/app/java/cdk.json new file mode 100644 index 0000000000000..b112918622f63 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/cdk.json @@ -0,0 +1,3 @@ +{ + "app": "mvn -e -q compile exec:java" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/pom.template.xml b/packages/aws-cdk/lib/init-templates/v2/app/java/pom.template.xml new file mode 100644 index 0000000000000..efc6616ae82a0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/pom.template.xml @@ -0,0 +1,66 @@ + + + 4.0.0 + + com.myorg + %name% + 0.1 + + + UTF-8 + %cdk-version% + 5.7.0 + + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.1 + + 1.8 + 1.8 + + + + + org.codehaus.mojo + exec-maven-plugin + 3.0.0 + + com.myorg.%name.PascalCased%App + + + + + + + + + software.amazon.awscdk + lib + ${cdk.version} + + + + org.junit.jupiter + junit-jupiter-api + ${junit.version} + test + + + org.junit.jupiter + junit-jupiter-engine + ${junit.version} + test + + + org.assertj + assertj-core + 3.18.0 + test + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java new file mode 100644 index 0000000000000..2574c970d3992 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -0,0 +1,15 @@ +package com.myorg; + +import software.amazon.awscdk.lib.App; + +import java.util.Arrays; + +public class %name.PascalCased%App { + public static void main(final String[] args) { + App app = new App(); + + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + + app.synth(); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java new file mode 100644 index 0000000000000..dd5dce86a5bb1 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java @@ -0,0 +1,17 @@ +package com.myorg; + +import software.amazon.awscdk.lib.Construct; +import software.amazon.awscdk.lib.Stack; +import software.amazon.awscdk.lib.StackProps; + +public class %name.PascalCased%Stack extends Stack { + public %name.PascalCased%Stack(final Construct scope, final String id) { + this(scope, id, null); + } + + public %name.PascalCased%Stack(final Construct scope, final String id, final StackProps props) { + super(scope, id, props); + + // The code that defines your stack goes here + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/test/java/com/myorg/%name.PascalCased%Test.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/test/java/com/myorg/%name.PascalCased%Test.template.java new file mode 100644 index 0000000000000..724dedacf5dc2 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/test/java/com/myorg/%name.PascalCased%Test.template.java @@ -0,0 +1,28 @@ +package com.myorg; + +import software.amazon.awscdk.lib.App; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; + +import java.io.IOException; + +import org.junit.jupiter.api.Test; +import static org.assertj.core.api.Assertions.assertThat; + +public class %name.PascalCased%Test { + private final static ObjectMapper JSON = + new ObjectMapper().configure(SerializationFeature.INDENT_OUTPUT, true); + + @Test + public void testStack() throws IOException { + App app = new App(); + %name.PascalCased%Stack stack = new %name.PascalCased%Stack(app, "test"); + + // synthesize the stack to a CloudFormation template and compare against + // a checked-in JSON file. + JsonNode actual = JSON.valueToTree(app.synth().getStackArtifact(stack.getArtifactId()).getTemplate()); + + assertThat(new ObjectMapper().createObjectNode()).isEqualTo(actual); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.gitignore new file mode 100644 index 0000000000000..21dc76264a308 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.gitignore @@ -0,0 +1,5 @@ +node_modules + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.npmignore b/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.npmignore new file mode 100644 index 0000000000000..5de422a0b42a0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/.template.npmignore @@ -0,0 +1,3 @@ +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/README.md b/packages/aws-cdk/lib/init-templates/v2/app/javascript/README.md new file mode 100644 index 0000000000000..e3e563e115404 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/README.md @@ -0,0 +1,12 @@ +# Welcome to your CDK JavaScript project! + +This is a blank project for JavaScript development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. The build step is not required when using JavaScript. + +## Useful commands + + * `npm run test` perform the jest unit tests + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk synth` emits the synthesized CloudFormation template diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js b/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js new file mode 100644 index 0000000000000..637cb35435106 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js @@ -0,0 +1,7 @@ +#!/usr/bin/env node + +const cdk = require('aws-cdk-lib'); +const { %name.PascalCased%Stack } = require('../lib/%name%-stack'); + +const app = new cdk.App(); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/app/javascript/cdk.template.json new file mode 100644 index 0000000000000..ca1d40ed37e2d --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "node bin/%name%.js" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/lib/%name%-stack.template.js b/packages/aws-cdk/lib/init-templates/v2/app/javascript/lib/%name%-stack.template.js new file mode 100644 index 0000000000000..e8916db57ad71 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/lib/%name%-stack.template.js @@ -0,0 +1,17 @@ +const cdk = require('aws-cdk-lib'); + +class %name.PascalCased%Stack extends cdk.Stack { + /** + * + * @param {cdk.Construct} scope + * @param {string} id + * @param {cdk.StackProps=} props + */ + constructor(scope, id, props) { + super(scope, id, props); + + // The code that defines your stack goes here + } +} + +module.exports = { %name.PascalCased%Stack } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json new file mode 100644 index 0000000000000..165f100d82429 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json @@ -0,0 +1,20 @@ +{ + "name": "%name%", + "version": "0.1.0", + "bin": { + "%name%": "bin/%name%.js" + }, + "scripts": { + "build": "echo \"The build step is not required when using JavaScript!\" && exit 0", + "cdk": "cdk", + "test": "jest" + }, + "devDependencies": { + "aws-cdk": "%cdk-version%", + "jest": "^26.4.2" + }, + "dependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4" + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/test/%name%.test.template.js b/packages/aws-cdk/lib/init-templates/v2/app/javascript/test/%name%.test.template.js new file mode 100644 index 0000000000000..e662bff225941 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/test/%name%.test.template.js @@ -0,0 +1,11 @@ +const cdk = require('aws-cdk-lib'); +const %name.PascalCased% = require('../lib/%name%-stack'); + +test('Empty Stack', () => { + const app = new cdk.App(); + // WHEN + const stack = new %name.PascalCased%.%name.PascalCased%Stack(app, 'MyTestStack'); + // THEN + const actual = app.synth().getStackArtifact(stack.artifactId).template; + expect(actual).toEqual({}); +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py b/packages/aws-cdk/lib/init-templates/v2/app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py new file mode 100644 index 0000000000000..40bad7e3b032d --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py @@ -0,0 +1,9 @@ +import aws_cdk_lib as core + + +class %name.PascalCased%Stack(core.Stack): + + def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) + + # The code that defines your stack goes here diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/%name.PythonModule%/__init__.py b/packages/aws-cdk/lib/init-templates/v2/app/python/%name.PythonModule%/__init__.py new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/python/.template.gitignore new file mode 100644 index 0000000000000..383cdd5040f7e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/.template.gitignore @@ -0,0 +1,10 @@ +*.swp +package-lock.json +__pycache__ +.pytest_cache +.env +*.egg-info + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/README.template.md b/packages/aws-cdk/lib/init-templates/v2/app/python/README.template.md new file mode 100644 index 0000000000000..ecb028bfa951e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/README.template.md @@ -0,0 +1,58 @@ + +# Welcome to your CDK Python project! + +This is a blank project for Python development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +This project is set up like a standard Python project. The initialization +process also creates a virtualenv within this project, stored under the `.venv` +directory. To create the virtualenv it assumes that there is a `python3` +(or `python` for Windows) executable in your path with access to the `venv` +package. If for any reason the automatic creation of the virtualenv fails, +you can create the virtualenv manually. + +To manually create a virtualenv on MacOS and Linux: + +``` +$ %python-executable% -m venv .venv +``` + +After the init process completes and the virtualenv is created, you can use the following +step to activate your virtualenv. + +``` +$ source .venv/bin/activate +``` + +If you are a Windows platform, you would activate the virtualenv like this: + +``` +% .venv\Scripts\activate.bat +``` + +Once the virtualenv is activated, you can install the required dependencies. + +``` +$ pip install -r requirements.txt +``` + +At this point you can now synthesize the CloudFormation template for this code. + +``` +$ cdk synth +``` + +To add additional dependencies, for example other CDK libraries, just add +them to your `setup.py` file and rerun the `pip install -r requirements.txt` +command. + +## Useful commands + + * `cdk ls` list all stacks in the app + * `cdk synth` emits the synthesized CloudFormation template + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py b/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py new file mode 100644 index 0000000000000..a1dd331433422 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py @@ -0,0 +1,11 @@ +#!/usr/bin/env python3 + +import aws_cdk_lib as core + +from %name.PythonModule%.%name.PythonModule%_stack import %name.PascalCased%Stack + + +app = core.App() +%name.PascalCased%Stack(app, "%name.StackName%") + +app.synth() diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/app/python/cdk.template.json new file mode 100644 index 0000000000000..d7293493c4415 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "%python-executable% app.py" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/requirements.txt b/packages/aws-cdk/lib/init-templates/v2/app/python/requirements.txt new file mode 100644 index 0000000000000..d6e1198b1ab1f --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/requirements.txt @@ -0,0 +1 @@ +-e . diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/setup.template.py b/packages/aws-cdk/lib/init-templates/v2/app/python/setup.template.py new file mode 100644 index 0000000000000..4aadde6ecede7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/setup.template.py @@ -0,0 +1,45 @@ +import setuptools + + +with open("README.md") as fp: + long_description = fp.read() + + +setuptools.setup( + name="%name.PythonModule%", + version="0.0.1", + + description="An empty CDK Python app", + long_description=long_description, + long_description_content_type="text/markdown", + + author="author", + + package_dir={"": "%name.PythonModule%"}, + packages=setuptools.find_packages(where="%name.PythonModule%"), + + install_requires=[ + "aws-cdk-lib==%cdk-version%", + ], + + python_requires=">=3.6", + + classifiers=[ + "Development Status :: 4 - Beta", + + "Intended Audience :: Developers", + + "License :: OSI Approved :: Apache Software License", + + "Programming Language :: JavaScript", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + + "Topic :: Software Development :: Code Generators", + "Topic :: Utilities", + + "Typing :: Typed", + ], +) diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/source.bat b/packages/aws-cdk/lib/init-templates/v2/app/python/source.bat new file mode 100644 index 0000000000000..9e1a83442abd7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/source.bat @@ -0,0 +1,13 @@ +@echo off + +rem The sole purpose of this script is to make the command +rem +rem source .venv/bin/activate +rem +rem (which activates a Python virtualenv on Linux or Mac OS X) work on Windows. +rem On Windows, this command just runs this batch file (the argument is ignored). +rem +rem Now we don't need to document a Windows command for activating a virtualenv. + +echo Executing .venv\Scripts\activate.bat for you +.venv\Scripts\activate.bat diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.gitignore new file mode 100644 index 0000000000000..f60797b6a9168 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.gitignore @@ -0,0 +1,8 @@ +*.js +!jest.config.js +*.d.ts +node_modules + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.npmignore b/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.npmignore new file mode 100644 index 0000000000000..c1d6d45dcf388 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/.template.npmignore @@ -0,0 +1,6 @@ +*.ts +!*.d.ts + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/README.md b/packages/aws-cdk/lib/init-templates/v2/app/typescript/README.md new file mode 100644 index 0000000000000..3247665185ed7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/README.md @@ -0,0 +1,14 @@ +# Welcome to your CDK TypeScript project! + +This is a blank project for TypeScript development with CDK. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +## Useful commands + + * `npm run build` compile typescript to js + * `npm run watch` watch for changes and compile + * `npm run test` perform the jest unit tests + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk synth` emits the synthesized CloudFormation template diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts b/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts new file mode 100644 index 0000000000000..2a54cb5615400 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts @@ -0,0 +1,7 @@ +#!/usr/bin/env node +import 'source-map-support/register'; +import * as cdk from 'aws-cdk-lib'; +import { %name.PascalCased%Stack } from '../lib/%name%-stack'; + +const app = new cdk.App(); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/app/typescript/cdk.template.json new file mode 100644 index 0000000000000..4b132c728abd7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "npx ts-node --prefer-ts-exts bin/%name%.ts" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/jest.config.js b/packages/aws-cdk/lib/init-templates/v2/app/typescript/jest.config.js new file mode 100644 index 0000000000000..772f974903b79 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/jest.config.js @@ -0,0 +1,7 @@ +module.exports = { + roots: ['/test'], + testMatch: ['**/*.test.ts'], + transform: { + '^.+\\.tsx?$': 'ts-jest' + } +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/lib/%name%-stack.template.ts b/packages/aws-cdk/lib/init-templates/v2/app/typescript/lib/%name%-stack.template.ts new file mode 100644 index 0000000000000..e952c5e6e2488 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/lib/%name%-stack.template.ts @@ -0,0 +1,9 @@ +import * as cdk from 'aws-cdk-lib'; + +export class %name.PascalCased%Stack extends cdk.Stack { + constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { + super(scope, id, props); + + // The code that defines your stack goes here + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json new file mode 100644 index 0000000000000..c71e1aea5f5ae --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json @@ -0,0 +1,27 @@ +{ + "name": "%name%", + "version": "0.1.0", + "bin": { + "%name%": "bin/%name%.js" + }, + "scripts": { + "build": "tsc", + "watch": "tsc -w", + "test": "jest", + "cdk": "cdk" + }, + "devDependencies": { + "@types/jest": "^26.0.10", + "@types/node": "10.17.27", + "jest": "^26.4.2", + "ts-jest": "^26.2.0", + "aws-cdk": "%cdk-version%", + "ts-node": "^9.0.0", + "typescript": "~3.9.7" + }, + "dependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4", + "source-map-support": "^0.5.16" + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/test/%name%.test.template.ts b/packages/aws-cdk/lib/init-templates/v2/app/typescript/test/%name%.test.template.ts new file mode 100644 index 0000000000000..6baa631335298 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/test/%name%.test.template.ts @@ -0,0 +1,11 @@ +import * as cdk from 'aws-cdk-lib'; +import * as %name.PascalCased% from '../lib/%name%-stack'; + +test('Empty Stack', () => { + const app = new cdk.App(); + // WHEN + const stack = new %name.PascalCased%.%name.PascalCased%Stack(app, 'MyTestStack'); + // THEN + const actual = app.synth().getStackArtifact(stack.artifactId).template; + expect(actual).toEqual({}); +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/tsconfig.json b/packages/aws-cdk/lib/init-templates/v2/app/typescript/tsconfig.json new file mode 100644 index 0000000000000..ec75123ce6554 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/tsconfig.json @@ -0,0 +1,23 @@ +{ + "compilerOptions": { + "target": "ES2018", + "module": "commonjs", + "lib": ["es2018"], + "declaration": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": false, + "noUnusedParameters": false, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization": false, + "typeRoots": ["./node_modules/@types"] + }, + "exclude": ["cdk.out"] +} diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/info.json b/packages/aws-cdk/lib/init-templates/v2/lib/info.json new file mode 100644 index 0000000000000..ccc35fd2fe3fe --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/info.json @@ -0,0 +1,4 @@ +{ + "description": "Template for a CDK Construct Library", + "aliases": "library" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.gitignore new file mode 100644 index 0000000000000..f60797b6a9168 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.gitignore @@ -0,0 +1,8 @@ +*.js +!jest.config.js +*.d.ts +node_modules + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.npmignore b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.npmignore new file mode 100644 index 0000000000000..c1d6d45dcf388 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/.template.npmignore @@ -0,0 +1,6 @@ +*.ts +!*.d.ts + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/README.template.md b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/README.template.md new file mode 100644 index 0000000000000..5c6e0f6d4d97c --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/README.template.md @@ -0,0 +1,12 @@ +# Welcome to your CDK TypeScript Construct Library project! + +You should explore the contents of this project. It demonstrates a CDK Construct Library that includes a construct (`%name.PascalCased%`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The construct defines an interface (`%name.PascalCased%Props`) to configure the visibility timeout of the queue. + +## Useful commands + + * `npm run build` compile typescript to js + * `npm run watch` watch for changes and compile + * `npm run test` perform the jest unit tests \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/jest.config.js b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/jest.config.js new file mode 100644 index 0000000000000..772f974903b79 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/jest.config.js @@ -0,0 +1,7 @@ +module.exports = { + roots: ['/test'], + testMatch: ['**/*.test.ts'], + transform: { + '^.+\\.tsx?$': 'ts-jest' + } +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/lib/index.template.ts b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/lib/index.template.ts new file mode 100644 index 0000000000000..ad0b0de54569b --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/lib/index.template.ts @@ -0,0 +1,14 @@ +import * as cdk from 'aws-cdk-lib'; + +export interface %name.PascalCased%Props { + // Define construct properties here +} + +export class %name.PascalCased% extends cdk.Construct { + + constructor(scope: cdk.Construct, id: string, props: %name.PascalCased%Props = {}) { + super(scope, id); + + // Define construct contents here + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json new file mode 100644 index 0000000000000..f255ef76f1fb9 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json @@ -0,0 +1,26 @@ +{ + "name": "%name%", + "version": "0.1.0", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "scripts": { + "build": "tsc", + "watch": "tsc -w", + "test": "jest" + }, + "devDependencies": { + "@types/jest": "^26.0.10", + "@types/node": "10.17.27", + "jest": "^26.4.2", + "ts-jest": "^26.2.0", + "typescript": "~3.9.7" + }, + "peerDependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4" + }, + "dependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4" + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/test/%name%.test.template.ts b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/test/%name%.test.template.ts new file mode 100644 index 0000000000000..924869ad24bf7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/test/%name%.test.template.ts @@ -0,0 +1,12 @@ +import * as cdk from 'aws-cdk-lib'; +import * as %name.PascalCased% from '../lib/index'; + +test('Empty Stack', () => { + const app = new cdk.App(); + const stack = new cdk.Stack(app, "TestStack"); + // WHEN + new %name.PascalCased%.%name.PascalCased%(stack, 'MyTestConstruct'); + // THEN + const actual = app.synth().getStackArtifact(stack.artifactId).template; + expect(actual).toEqual({}); +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/tsconfig.json b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/tsconfig.json new file mode 100644 index 0000000000000..bb250aba2e496 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/tsconfig.json @@ -0,0 +1,24 @@ +{ + "compilerOptions": { + "target":"ES2018", + "module": "commonjs", + "lib": ["es2018"], + "declaration": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": false, + "noUnusedParameters": false, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization":false, + "typeRoots": ["./node_modules/@types"] + }, + "exclude": ["cdk.out"] +} + diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/.template.gitignore new file mode 100644 index 0000000000000..f555633ead8f0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/.template.gitignore @@ -0,0 +1,342 @@ +# CDK asset staging directory +.cdk.staging +cdk.out + +# Created by https://www.gitignore.io/api/csharp + +### Csharp ### +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + + +# End of https://www.gitignore.io/api/csharp \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/README.template.md new file mode 100644 index 0000000000000..411d4e653994e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/README.template.md @@ -0,0 +1,19 @@ +# Welcome to your CDK C# project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PascalCased%Stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It uses the [.NET Core CLI](https://docs.microsoft.com/dotnet/articles/core/) to compile and execute your project. + +## Useful commands + +* `dotnet build src` compile this app +* `cdk ls` list all stacks in the app +* `cdk synth` emits the synthesized CloudFormation template +* `cdk deploy` deploy this stack to your default AWS account/region +* `cdk diff` compare deployed stack with current state +* `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/add-project.hook.ts b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/add-project.hook.ts new file mode 100644 index 0000000000000..37b1fe6ad3e5f --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/add-project.hook.ts @@ -0,0 +1,33 @@ +import * as child_process from 'child_process'; +import * as path from 'path'; +import { InvokeHook } from '../../../../init'; + +export const invoke: InvokeHook = async (targetDirectory: string) => { + const slnPath = path.join(targetDirectory, 'src', '%name.PascalCased%.sln'); + const csprojPath = path.join(targetDirectory, 'src', '%name.PascalCased%', '%name.PascalCased%.csproj'); + + const child = child_process.spawn('dotnet', ['sln', slnPath, 'add', csprojPath], { + // Need this for Windows where we want .cmd and .bat to be found as well. + shell: true, + stdio: ['ignore', 'pipe', 'inherit'], + }); + + await new Promise((resolve, reject) => { + const stdout = new Array(); + + child.stdout.on('data', chunk => { + process.stdout.write(chunk); + stdout.push(chunk); + }); + + child.once('error', reject); + + child.once('exit', code => { + if (code === 0) { + resolve(Buffer.concat(stdout).toString('utf-8')); + } else { + reject(new Error(`Could not add project %name.PascalCased%.csproj to solution %name.PascalCased%.sln. Error code: ${code}`)); + } + }); + }); +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/cdk.template.json new file mode 100644 index 0000000000000..94c37dee310c0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "dotnet run -p src/%name.PascalCased%/%name.PascalCased%.csproj" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%.template.sln b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%.template.sln new file mode 100644 index 0000000000000..2f92ebd9bda92 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%.template.sln @@ -0,0 +1,18 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.26124.0 +MinimumVisualStudioVersion = 15.0.26124.0 +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|Any CPU = Release|Any CPU + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj new file mode 100644 index 0000000000000..0ac3cc0a4c6cb --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%.template.csproj @@ -0,0 +1,19 @@ + + + + Exe + netcoreapp3.1 + + Major + + + + + + + + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs new file mode 100644 index 0000000000000..db2baa2ca3924 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.cs @@ -0,0 +1,23 @@ +using Amazon.CDK.Lib; +using Amazon.CDK.AWS.SNS; +using Amazon.CDK.AWS.SNS.Subscriptions; +using Amazon.CDK.AWS.SQS; + +namespace %name.PascalCased% +{ + public class %name.PascalCased%Stack : Stack + { + internal %name.PascalCased%Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props) + { + // The CDK includes built-in constructs for most resource types, such as Queues and Topics. + var queue = new Queue(this, "%name.PascalCased%Queue", new QueueProps + { + VisibilityTimeout = Duration.Seconds(300) + }); + + var topic = new Topic(this, "%name.PascalCased%Topic"); + + topic.AddSubscription(new SqsSubscription(queue)); + } + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs new file mode 100644 index 0000000000000..26233fcb54b5c --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/GlobalSuppressions.cs @@ -0,0 +1 @@ +[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Potential Code Quality Issues", "RECS0026:Possible unassigned object created by 'new'", Justification = "Constructs add themselves to the scope in which they are created")] diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/Program.template.cs b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/Program.template.cs new file mode 100644 index 0000000000000..ce88608d08cfe --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/csharp/src/%name.PascalCased%/Program.template.cs @@ -0,0 +1,15 @@ +using Amazon.CDK.Lib; + +namespace %name.PascalCased% +{ + sealed class Program + { + public static void Main(string[] args) + { + var app = new App(); + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + + app.Synth(); + } + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/.template.gitignore new file mode 100644 index 0000000000000..f555633ead8f0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/.template.gitignore @@ -0,0 +1,342 @@ +# CDK asset staging directory +.cdk.staging +cdk.out + +# Created by https://www.gitignore.io/api/csharp + +### Csharp ### +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + + +# End of https://www.gitignore.io/api/csharp \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/README.template.md new file mode 100644 index 0000000000000..d1bfcf9a90ccf --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/README.template.md @@ -0,0 +1,20 @@ + +# Welcome to your CDK F# project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PascalCased%Stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It uses the [.NET Core CLI](https://docs.microsoft.com/dotnet/articles/core/) to compile and execute your project. + +## Useful commands + +* `dotnet build src` compile this app +* `cdk ls` list all stacks in the app +* `cdk synth` emits the synthesized CloudFormation template +* `cdk deploy` deploy this stack to your default AWS account/region +* `cdk diff` compare deployed stack with current state +* `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/add-project.hook.ts b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/add-project.hook.ts new file mode 100644 index 0000000000000..b9b091fa35ff1 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/add-project.hook.ts @@ -0,0 +1,33 @@ +import * as child_process from 'child_process'; +import * as path from 'path'; +import { InvokeHook } from '../../../../init'; + +export const invoke: InvokeHook = async (targetDirectory: string) => { + const slnPath = path.join(targetDirectory, 'src', '%name.PascalCased%.sln'); + const fsprojPath = path.join(targetDirectory, 'src', '%name.PascalCased%', '%name.PascalCased%.fsproj'); + + const child = child_process.spawn('dotnet', ['sln', slnPath, 'add', fsprojPath], { + // Need this for Windows where we want .cmd and .bat to be found as well. + shell: true, + stdio: ['ignore', 'pipe', 'inherit'], + }); + + await new Promise((resolve, reject) => { + const stdout = new Array(); + + child.stdout.on('data', chunk => { + process.stdout.write(chunk); + stdout.push(chunk); + }); + + child.once('error', reject); + + child.once('exit', code => { + if (code === 0) { + resolve(Buffer.concat(stdout).toString('utf-8')); + } else { + reject(new Error(`Could not add project %name.PascalCased%.fsproj to solution %name.PascalCased%.sln. Error code: ${code}`)); + } + }); + }); +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/cdk.template.json new file mode 100644 index 0000000000000..a08c461d2a2e2 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "dotnet run -p src/%name.PascalCased%/%name.PascalCased%.fsproj" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%.template.sln b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%.template.sln new file mode 100644 index 0000000000000..d73885e1eacb9 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%.template.sln @@ -0,0 +1,18 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.26124.0 +MinimumVisualStudioVersion = 15.0.26124.0 +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|Any CPU = Release|Any CPU + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj new file mode 100644 index 0000000000000..226943c6d3bf7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%.template.fsproj @@ -0,0 +1,24 @@ + + + + Exe + netcoreapp3.1 + + Major + + + + + + + + + + + + + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs new file mode 100644 index 0000000000000..fb527366dfb7b --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/%name.PascalCased%Stack.template.fs @@ -0,0 +1,14 @@ +namespace %name.PascalCased% + +open Amazon.CDK.Lib +open Amazon.CDK.AWS.SNS +open Amazon.CDK.AWS.SNS.Subscriptions +open Amazon.CDK.AWS.SQS + +type %name.PascalCased%Stack(scope, id, props) as this = + inherit Stack(scope, id, props) + + let queue = Queue(this, "%name.PascalCased%Queue", QueueProps(VisibilityTimeout = Duration.Seconds(300.))) + + let topic = Topic(this, "%name.PascalCased%Topic") + do topic.AddSubscription(SqsSubscription(queue)) diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/Program.template.fs b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/Program.template.fs new file mode 100644 index 0000000000000..4b28d1e03ba9a --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/fsharp/src/%name.PascalCased%/Program.template.fs @@ -0,0 +1,11 @@ +open Amazon.CDK.Lib +open %name.PascalCased% + +[] +let main _ = + let app = App(null) + + %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps()) |> ignore + + app.Synth() |> ignore + 0 diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/info.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/info.json new file mode 100644 index 0000000000000..1451c2576eb63 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/info.json @@ -0,0 +1,4 @@ +{ + "description": "Example CDK Application with some constructs", + "aliases": ["sample", "example"] +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/.template.gitignore new file mode 100644 index 0000000000000..1db21f162937f --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/.template.gitignore @@ -0,0 +1,13 @@ +.classpath.txt +target +.classpath +.project +.idea +.settings +.vscode +*.iml + +# CDK asset staging directory +.cdk.staging +cdk.out + diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/README.template.md new file mode 100644 index 0000000000000..ecbdec164e29e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/README.template.md @@ -0,0 +1,19 @@ +# Welcome to your CDK Java project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PascalCased%Stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +It is a [Maven](https://maven.apache.org/) based project, so you can open this project with any Maven compatible Java IDE to build and run tests. + +## Useful commands + + * `mvn package` compile and run tests + * `cdk ls` list all stacks in the app + * `cdk synth` emits the synthesized CloudFormation template + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/cdk.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/cdk.json new file mode 100644 index 0000000000000..b112918622f63 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/cdk.json @@ -0,0 +1,3 @@ +{ + "app": "mvn -e -q compile exec:java" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/pom.template.xml b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/pom.template.xml new file mode 100644 index 0000000000000..ea3de05fcc2b3 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/pom.template.xml @@ -0,0 +1,61 @@ + + + 4.0.0 + com.myorg + %name% + 0.1 + + UTF-8 + %cdk-version% + 5.7.0 + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.1 + + 1.8 + 1.8 + + + + org.codehaus.mojo + exec-maven-plugin + 3.0.0 + + com.myorg.%name.PascalCased%App + + + + + + + + software.amazon.awscdk + lib + ${cdk.version} + + + + org.junit.jupiter + junit-jupiter-api + ${junit.version} + test + + + org.junit.jupiter + junit-jupiter-engine + ${junit.version} + test + + + org.assertj + assertj-core + 3.18.0 + test + + + diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java new file mode 100644 index 0000000000000..fb3c52db81d4e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -0,0 +1,13 @@ +package com.myorg; + +import software.amazon.awscdk.lib.App; + +public final class %name.PascalCased%App { + public static void main(final String[] args) { + App app = new App(); + + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + + app.synth(); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java new file mode 100644 index 0000000000000..dcbbdea06e4fc --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/main/java/com/myorg/%name.PascalCased%Stack.template.java @@ -0,0 +1,29 @@ +package com.myorg; + +import software.amazon.awscdk.lib.Construct; +import software.amazon.awscdk.lib.Duration; +import software.amazon.awscdk.lib.Stack; +import software.amazon.awscdk.lib.StackProps; +import software.amazon.awscdk.services.sns.Topic; +import software.amazon.awscdk.services.sns.subscriptions.SqsSubscription; +import software.amazon.awscdk.services.sqs.Queue; + +public class %name.PascalCased%Stack extends Stack { + public %name.PascalCased%Stack(final Construct parent, final String id) { + this(parent, id, null); + } + + public %name.PascalCased%Stack(final Construct parent, final String id, final StackProps props) { + super(parent, id, props); + + final Queue queue = Queue.Builder.create(this, "%name.PascalCased%Queue") + .visibilityTimeout(Duration.seconds(300)) + .build(); + + final Topic topic = Topic.Builder.create(this, "%name.PascalCased%Topic") + .displayName("My First Topic Yeah") + .build(); + + topic.addSubscription(new SqsSubscription(queue)); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/test/java/com/myorg/%name.PascalCased%StackTest.template.java b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/test/java/com/myorg/%name.PascalCased%StackTest.template.java new file mode 100644 index 0000000000000..6930c2bcc44a0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/java/src/test/java/com/myorg/%name.PascalCased%StackTest.template.java @@ -0,0 +1,27 @@ +package com.myorg; + +import software.amazon.awscdk.lib.App; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; +import java.io.IOException; + +import org.junit.jupiter.api.Test; +import static org.assertj.core.api.Assertions.assertThat; + +public class %name.PascalCased%StackTest { + private final static ObjectMapper JSON = + new ObjectMapper().configure(SerializationFeature.INDENT_OUTPUT, true); + + @Test + public void testStack() throws IOException { + App app = new App(); + %name.PascalCased%Stack stack = new %name.PascalCased%Stack(app, "test"); + + JsonNode actual = JSON.valueToTree(app.synth().getStackArtifact(stack.getArtifactId()).getTemplate()); + + assertThat(actual.toString()) + .contains("AWS::SQS::Queue") + .contains("AWS::SNS::Topic"); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.gitignore new file mode 100644 index 0000000000000..21dc76264a308 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.gitignore @@ -0,0 +1,5 @@ +node_modules + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.npmignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.npmignore new file mode 100644 index 0000000000000..5de422a0b42a0 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/.template.npmignore @@ -0,0 +1,3 @@ +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/README.template.md new file mode 100644 index 0000000000000..4963f41f7463e --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/README.template.md @@ -0,0 +1,13 @@ +# Welcome to your CDK JavaScript project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PascalCased%Stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. The build step is not required when using JavaScript. + +## Useful commands + + * `npm run test` perform the jest unit tests + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk synth` emits the synthesized CloudFormation template diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/bin/%name%.template.js b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/bin/%name%.template.js new file mode 100644 index 0000000000000..0a334a1be0dfe --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/bin/%name%.template.js @@ -0,0 +1,6 @@ +#!/usr/bin/env node +const cdk = require('aws-cdk-lib'); +const { %name.PascalCased%Stack } = require('../lib/%name%-stack'); + +const app = new cdk.App(); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/cdk.template.json new file mode 100644 index 0000000000000..ca1d40ed37e2d --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "node bin/%name%.js" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/lib/%name%-stack.template.js b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/lib/%name%-stack.template.js new file mode 100644 index 0000000000000..ef2b5c2407ec5 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/lib/%name%-stack.template.js @@ -0,0 +1,25 @@ +const cdk = require('aws-cdk-lib'); +const sns = require('aws-cdk-lib/aws-sns'); +const subs = require('aws-cdk-lib/aws-sns-subscriptions'); +const sqs = require('aws-cdk-lib/aws-sqs'); + +class %name.PascalCased%Stack extends cdk.Stack { + /** + * @param {cdk.App} scope + * @param {string} id + * @param {cdk.StackProps=} props + */ + constructor(scope, id, props) { + super(scope, id, props); + + const queue = new sqs.Queue(this, '%name.PascalCased%Queue', { + visibilityTimeout: cdk.Duration.seconds(300) + }); + + const topic = new sns.Topic(this, '%name.PascalCased%Topic'); + + topic.addSubscription(new subs.SqsSubscription(queue)); + } +} + +module.exports = { %name.PascalCased%Stack } diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json new file mode 100644 index 0000000000000..165f100d82429 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json @@ -0,0 +1,20 @@ +{ + "name": "%name%", + "version": "0.1.0", + "bin": { + "%name%": "bin/%name%.js" + }, + "scripts": { + "build": "echo \"The build step is not required when using JavaScript!\" && exit 0", + "cdk": "cdk", + "test": "jest" + }, + "devDependencies": { + "aws-cdk": "%cdk-version%", + "jest": "^26.4.2" + }, + "dependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4" + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/test/%name%.test.template.js b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/test/%name%.test.template.js new file mode 100644 index 0000000000000..b741d4045225b --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/test/%name%.test.template.js @@ -0,0 +1,12 @@ +const cdk = require('aws-cdk-lib'); +const %name.PascalCased% = require('../lib/%name%-stack'); + +test('SQS Queue and SNS Topic Created', () => { + const app = new cdk.App(); + // WHEN + const stack = new %name.PascalCased%.%name.PascalCased%Stack(app, 'MyTestStack'); + // THEN + const actual = JSON.stringify(app.synth().getStackArtifact(stack.artifactId).template); + expect(actual).toContain('AWS::SQS::Queue'); + expect(actual).toContain('AWS::SNS::Topic'); +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/tsconfig.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/tsconfig.json new file mode 100644 index 0000000000000..28ca8b67c6ea2 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/tsconfig.json @@ -0,0 +1,26 @@ +{ + "compilerOptions": { + "target":"ES2018", + "module": "commonjs", + "lib": ["es2016", "es2017.object", "es2017.string"], + "declaration": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": true, + "noUnusedParameters": true, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization":false, + "allowJs": true, + "checkJs": true, + "noEmit": true, + "typeRoots": ["./node_modules/@types"] + }, + "exclude": ["cdk.out"] +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py new file mode 100644 index 0000000000000..7629e4361788b --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/%name.PythonModule%/%name.PythonModule%_stack.template.py @@ -0,0 +1,24 @@ +import aws_cdk_lib as core +from aws_cdk_lib import ( + aws_iam as iam, + aws_sqs as sqs, + aws_sns as sns, + aws_sns_subscriptions as subs, +) + + +class %name.PascalCased%Stack(core.Stack): + + def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) + + queue = sqs.Queue( + self, "%name.PascalCased%Queue", + visibility_timeout=core.Duration.seconds(300), + ) + + topic = sns.Topic( + self, "%name.PascalCased%Topic" + ) + + topic.add_subscription(subs.SqsSubscription(queue)) diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/%name.PythonModule%/__init__.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/%name.PythonModule%/__init__.py new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/.template.gitignore new file mode 100644 index 0000000000000..95f954427c747 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/.template.gitignore @@ -0,0 +1,22 @@ +*.swp +package-lock.json +.pytest_cache +*.egg-info + +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# CDK Context & Staging files +.cdk.staging/ +cdk.out/ \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/README.template.md new file mode 100644 index 0000000000000..1775b25f602ae --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/README.template.md @@ -0,0 +1,65 @@ + +# Welcome to your CDK Python project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PythonModule%_stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +This project is set up like a standard Python project. The initialization process also creates +a virtualenv within this project, stored under the .venv directory. To create the virtualenv +it assumes that there is a `python3` executable in your path with access to the `venv` package. +If for any reason the automatic creation of the virtualenv fails, you can create the virtualenv +manually once the init process completes. + +To manually create a virtualenv on MacOS and Linux: + +``` +$ %python-executable% -m venv .venv +``` + +After the init process completes and the virtualenv is created, you can use the following +step to activate your virtualenv. + +``` +$ source .venv/bin/activate +``` + +If you are a Windows platform, you would activate the virtualenv like this: + +``` +% .venv\Scripts\activate.bat +``` + +Once the virtualenv is activated, you can install the required dependencies. + +``` +$ pip install -r requirements.txt +``` + +At this point you can now synthesize the CloudFormation template for this code. + +``` +$ cdk synth +``` + +You can now begin exploring the source code, contained in the hello directory. +There is also a very trivial test included that can be run like this: + +``` +$ pytest +``` + +To add additional dependencies, for example other CDK libraries, just add to +your requirements.txt file and rerun the `pip install -r requirements.txt` +command. + +## Useful commands + + * `cdk ls` list all stacks in the app + * `cdk synth` emits the synthesized CloudFormation template + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk docs` open CDK documentation + +Enjoy! diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/app.template.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/app.template.py new file mode 100644 index 0000000000000..f53ecf105b8ca --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/app.template.py @@ -0,0 +1,11 @@ +#!/usr/bin/env python3 + +import aws_cdk_lib as core + +from %name.PythonModule%.%name.PythonModule%_stack import %name.PascalCased%Stack + + +app = core.App() +%name.PascalCased%Stack(app, "%name.StackName%", env={'region': 'us-west-2'}) + +app.synth() diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/cdk.template.json new file mode 100644 index 0000000000000..d7293493c4415 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "%python-executable% app.py" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/requirements.txt b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/requirements.txt new file mode 100644 index 0000000000000..ae60ed5f14ca8 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/requirements.txt @@ -0,0 +1,2 @@ +-e . +pytest diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/setup.template.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/setup.template.py new file mode 100644 index 0000000000000..585578354a190 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/setup.template.py @@ -0,0 +1,45 @@ +import setuptools + + +with open("README.md") as fp: + long_description = fp.read() + + +setuptools.setup( + name="%name.PythonModule%", + version="0.0.1", + + description="A sample CDK Python app", + long_description=long_description, + long_description_content_type="text/markdown", + + author="author", + + package_dir={"": "%name.PythonModule%"}, + packages=setuptools.find_packages(where="%name.PythonModule%"), + + install_requires=[ + "aws-cdk-lib==%cdk-version%", + ], + + python_requires=">=3.6", + + classifiers=[ + "Development Status :: 4 - Beta", + + "Intended Audience :: Developers", + + "License :: OSI Approved :: Apache Software License", + + "Programming Language :: JavaScript", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + + "Topic :: Software Development :: Code Generators", + "Topic :: Utilities", + + "Typing :: Typed", + ], +) diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/source.bat b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/source.bat new file mode 100644 index 0000000000000..9e1a83442abd7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/source.bat @@ -0,0 +1,13 @@ +@echo off + +rem The sole purpose of this script is to make the command +rem +rem source .venv/bin/activate +rem +rem (which activates a Python virtualenv on Linux or Mac OS X) work on Windows. +rem On Windows, this command just runs this batch file (the argument is ignored). +rem +rem Now we don't need to document a Windows command for activating a virtualenv. + +echo Executing .venv\Scripts\activate.bat for you +.venv\Scripts\activate.bat diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/__init__.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/__init__.py new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/unit/__init__.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/unit/__init__.py new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/unit/test_%name.PythonModule%_stack.template.py b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/unit/test_%name.PythonModule%_stack.template.py new file mode 100644 index 0000000000000..2b7e876b75742 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/python/tests/unit/test_%name.PythonModule%_stack.template.py @@ -0,0 +1,19 @@ +import json +import pytest + +import aws_cdk_lib as core +from %name%.%name.PythonModule%_stack import %name.PascalCased%Stack + + +def get_template(): + app = core.App() + %name.PascalCased%Stack(app, "%name.StackName%") + return json.dumps(app.synth().get_stack("%name.StackName%").template) + + +def test_sqs_queue_created(): + assert("AWS::SQS::Queue" in get_template()) + + +def test_sns_topic_created(): + assert("AWS::SNS::Topic" in get_template()) diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.gitignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.gitignore new file mode 100644 index 0000000000000..f60797b6a9168 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.gitignore @@ -0,0 +1,8 @@ +*.js +!jest.config.js +*.d.ts +node_modules + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.npmignore b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.npmignore new file mode 100644 index 0000000000000..c1d6d45dcf388 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/.template.npmignore @@ -0,0 +1,6 @@ +*.ts +!*.d.ts + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/README.template.md b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/README.template.md new file mode 100644 index 0000000000000..56b7b636bd523 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/README.template.md @@ -0,0 +1,15 @@ +# Welcome to your CDK TypeScript project! + +You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`%name.PascalCased%Stack`) +which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic. + +The `cdk.json` file tells the CDK Toolkit how to execute your app. + +## Useful commands + + * `npm run build` compile typescript to js + * `npm run watch` watch for changes and compile + * `npm run test` perform the jest unit tests + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk synth` emits the synthesized CloudFormation template diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/bin/%name%.template.ts b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/bin/%name%.template.ts new file mode 100644 index 0000000000000..2e7f99ba70e8b --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/bin/%name%.template.ts @@ -0,0 +1,6 @@ +#!/usr/bin/env node +import * as cdk from 'aws-cdk-lib'; +import { %name.PascalCased%Stack } from '../lib/%name%-stack'; + +const app = new cdk.App(); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/cdk.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/cdk.template.json new file mode 100644 index 0000000000000..4b132c728abd7 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "npx ts-node --prefer-ts-exts bin/%name%.ts" +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/jest.config.js b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/jest.config.js new file mode 100644 index 0000000000000..772f974903b79 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/jest.config.js @@ -0,0 +1,7 @@ +module.exports = { + roots: ['/test'], + testMatch: ['**/*.test.ts'], + transform: { + '^.+\\.tsx?$': 'ts-jest' + } +}; diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/lib/%name%-stack.template.ts b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/lib/%name%-stack.template.ts new file mode 100644 index 0000000000000..87f4eb9b549a2 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/lib/%name%-stack.template.ts @@ -0,0 +1,18 @@ +import * as cdk from 'aws-cdk-lib'; +import * as sns from 'aws-cdk-lib/aws-sns'; +import * as subs from 'aws-cdk-lib/aws-sns-subscriptions'; +import * as sqs from 'aws-cdk-lib/aws-sqs'; + +export class %name.PascalCased%Stack extends cdk.Stack { + constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { + super(scope, id, props); + + const queue = new sqs.Queue(this, '%name.PascalCased%Queue', { + visibilityTimeout: cdk.Duration.seconds(300) + }); + + const topic = new sns.Topic(this, '%name.PascalCased%Topic'); + + topic.addSubscription(new subs.SqsSubscription(queue)); + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json new file mode 100644 index 0000000000000..4b36fa55ec3ad --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json @@ -0,0 +1,26 @@ +{ + "name": "%name%", + "version": "0.1.0", + "bin": { + "%name%": "bin/%name%.js" + }, + "scripts": { + "build": "tsc", + "watch": "tsc -w", + "test": "jest", + "cdk": "cdk" + }, + "devDependencies": { + "aws-cdk": "%cdk-version%", + "@types/jest": "^26.0.10", + "@types/node": "10.17.27", + "jest": "^26.4.2", + "ts-jest": "^26.2.0", + "ts-node": "^9.0.0", + "typescript": "~3.9.7" + }, + "dependencies": { + "aws-cdk-lib": "%cdk-version%", + "constructs": "^3.0.4" + } +} diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/test/%name%.test.template.ts b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/test/%name%.test.template.ts new file mode 100644 index 0000000000000..a563f50309295 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/test/%name%.test.template.ts @@ -0,0 +1,12 @@ +import * as cdk from 'aws-cdk-lib'; +import * as %name.PascalCased% from '../lib/%name%-stack'; + +test('SQS Queue and SNS Topic Created', () => { + const app = new cdk.App(); + // WHEN + const stack = new %name.PascalCased%.%name.PascalCased%Stack(app, 'MyTestStack'); + // THEN + const actual = JSON.stringify(app.synth().getStackArtifact(stack.artifactId).template); + expect(actual).toContain('AWS::SQS::Queue'); + expect(actual).toContain('AWS::SNS::Topic'); +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/tsconfig.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/tsconfig.json new file mode 100644 index 0000000000000..03c16d26a637c --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/tsconfig.json @@ -0,0 +1,23 @@ +{ + "compilerOptions": { + "target":"ES2018", + "module": "commonjs", + "lib": ["es2018"], + "declaration": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": false, + "noUnusedParameters": false, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization":false, + "typeRoots": ["./node_modules/@types"] + }, + "exclude": ["cdk.out"] +} diff --git a/packages/aws-cdk/lib/init.ts b/packages/aws-cdk/lib/init.ts index d0873199f3c68..6166736f3e8da 100644 --- a/packages/aws-cdk/lib/init.ts +++ b/packages/aws-cdk/lib/init.ts @@ -27,7 +27,7 @@ export async function cliInit(type?: string, language?: string, canUseNetwork = type = type || 'default'; // "default" is the default type (and maps to "app") - const template = (await availableInitTemplates).find(t => t.hasName(type!)); + const template = (await availableInitTemplates()).find(t => t.hasName(type!)); if (!template) { await printAvailableTemplates(language); throw new Error(`Unknown init template: ${type}`); @@ -196,13 +196,19 @@ interface ProjectInfo { function versionedTemplatesDir(): Promise { return new Promise(async resolve => { - const majorVersion = semver.major(versionNumber()); + let currentVersion = versionNumber(); + // If the CLI is invoked from source (i.e., developement), rather than from a packaged distribution, + // the version number will be '0.0.0'. We will (currently) default to the v1 templates in this case. + if (currentVersion === '0.0.0') { + currentVersion = '1.0.0'; + } + const majorVersion = semver.major(currentVersion); resolve(path.join(__dirname, 'init-templates', `v${majorVersion}`)); }); } -export const availableInitTemplates: Promise = - new Promise(async resolve => { +export async function availableInitTemplates(): Promise { + return new Promise(async resolve => { const templatesDir = await versionedTemplatesDir(); const templateNames = await listDirectory(templatesDir); const templates = new Array(); @@ -211,9 +217,10 @@ export const availableInitTemplates: Promise = } resolve(templates); }); -export const availableInitLanguages: Promise = - new Promise(async resolve => { - const templates = await availableInitTemplates; +} +export async function availableInitLanguages(): Promise { + return new Promise(async resolve => { + const templates = await availableInitTemplates(); const result = new Set(); for (const template of templates) { for (const language of template.languages) { @@ -222,6 +229,8 @@ export const availableInitLanguages: Promise = } resolve([...result]); }); +} + /** * @param dirPath is the directory to be listed. * @returns the list of file or directory names contained in ``dirPath``, excluding any dot-file, and sorted. @@ -234,7 +243,7 @@ async function listDirectory(dirPath: string) { export async function printAvailableTemplates(language?: string) { print('Available templates:'); - for (const template of await availableInitTemplates) { + for (const template of await availableInitTemplates()) { if (language && template.languages.indexOf(language) === -1) { continue; } print(`* ${colors.green(template.name)}: ${template.description}`); const languageArg = language ? colors.bold(language) diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 8e2523894af36..b64d83e4ec133 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -39,13 +39,13 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/core": "0.0.0", - "@types/archiver": "^3.1.1", + "@types/archiver": "^5.1.0", "@types/fs-extra": "^8.1.1", "@types/glob": "^7.1.3", "@types/jest": "^26.0.15", "@types/minimatch": "^3.0.3", "@types/mockery": "^1.4.29", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "@types/promptly": "^3.0.0", "@types/semver": "^7.3.4", "@types/sinon": "^9.0.9", @@ -71,7 +71,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "archiver": "^5.1.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "camelcase": "^6.2.0", "cdk-assets": "0.0.0", "colors": "^1.4.0", @@ -87,7 +87,7 @@ "table": "^6.0.4", "uuid": "^8.3.1", "wrap-ansi": "^7.0.0", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", diff --git a/packages/aws-cdk/test/init.test.ts b/packages/aws-cdk/test/init.test.ts index 5335bdbc3dfee..db042d76fc25d 100644 --- a/packages/aws-cdk/test/init.test.ts +++ b/packages/aws-cdk/test/init.test.ts @@ -1,5 +1,11 @@ +/** + * The init templates rely on parsing the current major version to find the correct template directory. + * During tests, the current package version is '0.0.0', rather than a specific version. + * The below mocks the versionNumber to return the major version (and so init template version) specified. + */ +let mockMajorVersion = '1.0.0'; jest.mock('../lib/version', () => ({ - versionNumber: mockVersionNumber, + versionNumber: () => mockMajorVersion, })); import * as os from 'os'; @@ -8,76 +14,90 @@ import * as cxapi from '@aws-cdk/cx-api'; import * as fs from 'fs-extra'; import { availableInitTemplates, cliInit } from '../lib/init'; -cliTest('create a TypeScript library project', async (workDir) => { - await cliInit('lib', 'typescript', false, undefined /* canUseNetwork */, workDir); - - // Check that package.json and lib/ got created in the current directory - expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, 'lib'))).toBeTruthy(); -}); - -cliTest('create a TypeScript app project', async (workDir) => { - await cliInit('app', 'typescript', false, undefined /* canUseNetwork */, workDir); - - // Check that package.json and bin/ got created in the current directory - expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); -}); - -cliTest('create a JavaScript app project', async (workDir) => { - await cliInit('app', 'javascript', false, undefined /* canUseNetwork */, workDir); - - // Check that package.json and bin/ got created in the current directory - expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, '.git'))).toBeTruthy(); -}); - -cliTest('--generate-only should skip git init', async (workDir) => { - await cliInit('app', 'javascript', false, true, workDir); - - // Check that package.json and bin/ got created in the current directory - expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, '.git'))).toBeFalsy(); +describe.each(['1', '2'])('v%s tests', (majorVersion) => { + beforeEach(() => { + mockMajorVersion = `${majorVersion}.0.0`; + jest.resetAllMocks(); + }); + + cliTest('create a TypeScript library project', async (workDir) => { + await cliInit('lib', 'typescript', false, undefined /* canUseNetwork */, workDir); + + // Check that package.json and lib/ got created in the current directory + expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, 'lib'))).toBeTruthy(); + }); + + cliTest('create a TypeScript app project', async (workDir) => { + await cliInit('app', 'typescript', false, undefined /* canUseNetwork */, workDir); + + // Check that package.json and bin/ got created in the current directory + expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); + }); + + cliTest('create a JavaScript app project', async (workDir) => { + await cliInit('app', 'javascript', false, undefined /* canUseNetwork */, workDir); + + // Check that package.json and bin/ got created in the current directory + expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, '.git'))).toBeTruthy(); + }); + + cliTest('--generate-only should skip git init', async (workDir) => { + await cliInit('app', 'javascript', false, true, workDir); + + // Check that package.json and bin/ got created in the current directory + expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, '.git'))).toBeFalsy(); + }); + + cliTest('git directory does not throw off the initer!', async (workDir) => { + fs.mkdirSync(path.join(workDir, '.git')); + + await cliInit('app', 'typescript', false, undefined /* canUseNetwork */, workDir); + + // Check that package.json and bin/ got created in the current directory + expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); + expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); + }); + + test('verify "future flags" are added to cdk.json', async () => { + // This is a lot to test, and it can be slow-ish, especially when ran with other tests. + jest.setTimeout(30_000); + + for (const templ of await availableInitTemplates()) { + for (const lang of templ.languages) { + await withTempDir(async tmpDir => { + await cliInit(templ.name, lang, + /* canUseNetwork */ false, + /* generateOnly */ true, + tmpDir); + + // ok if template doesn't have a cdk.json file (e.g. the "lib" template) + if (!await fs.pathExists(path.join(tmpDir, 'cdk.json'))) { + return; + } + + const config = await fs.readJson(path.join(tmpDir, 'cdk.json')); + const context = config.context || {}; + for (const [key, expected] of Object.entries(cxapi.FUTURE_FLAGS)) { + const actual = context[key]; + expect(actual).toEqual(expected); + } + }); + } + } + }); }); -cliTest('git directory does not throw off the initer!', async (workDir) => { - fs.mkdirSync(path.join(workDir, '.git')); +test('when no version number is present (e.g., local development), the v1 templates are chosen by default', async () => { + mockMajorVersion = '0.0.0'; + jest.resetAllMocks(); - await cliInit('app', 'typescript', false, undefined /* canUseNetwork */, workDir); - - // Check that package.json and bin/ got created in the current directory - expect(await fs.pathExists(path.join(workDir, 'package.json'))).toBeTruthy(); - expect(await fs.pathExists(path.join(workDir, 'bin'))).toBeTruthy(); -}); - -test('verify "future flags" are added to cdk.json', async () => { - // This is a lot to test, and it can be slow-ish, especially when ran with other tests. - jest.setTimeout(30_000); - - for (const templ of await availableInitTemplates) { - for (const lang of templ.languages) { - await withTempDir(async tmpDir => { - await cliInit(templ.name, lang, - /* canUseNetwork */ false, - /* generateOnly */ true, - tmpDir); - - // ok if template doesn't have a cdk.json file (e.g. the "lib" template) - if (!await fs.pathExists(path.join(tmpDir, 'cdk.json'))) { - return; - } - - const config = await fs.readJson(path.join(tmpDir, 'cdk.json')); - const context = config.context || {}; - for (const [key, expected] of Object.entries(cxapi.FUTURE_FLAGS)) { - const actual = context[key]; - expect(actual).toEqual(expected); - } - }); - } - } + expect((await availableInitTemplates()).length).toBeGreaterThan(0); }); function cliTest(name: string, handler: (dir: string) => void | Promise): void { @@ -92,14 +112,3 @@ async function withTempDir(cb: (dir: string) => void | Promise) { await fs.remove(tmpDir); } } - -/** - * The init templates rely on parsing the current major version to find the correct template directory. - * During tests, the current package version is '0.0.0', rather than a specific version. - * The below mocks the versionNumber to return the same major version as the current release. - */ -function mockVersionNumber() { - // eslint-disable-next-line @typescript-eslint/no-require-imports - const releaseJson = require(`${__dirname}/../../../release.json`); - return `${releaseJson.majorVersion}.0.0`; -} diff --git a/packages/aws-cdk/test/integ/cli/cdk-helpers.ts b/packages/aws-cdk/test/integ/cli/cdk-helpers.ts index cc38e7ec54cfa..f57ce2aee018a 100644 --- a/packages/aws-cdk/test/integ/cli/cdk-helpers.ts +++ b/packages/aws-cdk/test/integ/cli/cdk-helpers.ts @@ -240,6 +240,8 @@ export class TestFixture { // Bootstrap stacks have buckets that need to be cleaned const bucketNames = stacksToDelete.map(stack => outputFromStack('BucketName', stack)).filter(defined); await Promise.all(bucketNames.map(b => this.aws.emptyBucket(b))); + // The bootstrap bucket has a removal policy of RETAIN by default, so add it to the buckets to be cleaned up. + this.bucketsToDelete.push(...bucketNames); // Bootstrap stacks have ECR repositories with images which should be deleted const imageRepositoryNames = stacksToDelete.map(stack => outputFromStack('ImageRepositoryName', stack)).filter(defined); @@ -405,4 +407,4 @@ export function rimraf(fsPath: string) { export function randomString() { // Crazy return Math.random().toString(36).replace(/[^a-z0-9]+/g, ''); -} \ No newline at end of file +} diff --git a/packages/aws-cdk/test/util/awscli-compatible.test.ts b/packages/aws-cdk/test/util/awscli-compatible.test.ts index 42cfc37e54c30..a676af7e4c889 100644 --- a/packages/aws-cdk/test/util/awscli-compatible.test.ts +++ b/packages/aws-cdk/test/util/awscli-compatible.test.ts @@ -27,3 +27,21 @@ test('on an EC2 instance, region lookup queries IMDS', async () => { }); }); +test('Use web identity when available', async () => { + + // Scrub some environment variables that are maybe set for Ecs Credentials + delete process.env.ECS_CONTAINER_METADATA_URI_V4; + delete process.env.ECS_CONTAINER_METADATA_URI; + delete process.env.AWS_CONTAINER_CREDENTIALS_RELATIVE_URI; + + // create and configure the web identity token file + process.env.AWS_WEB_IDENTITY_TOKEN_FILE = 'some-value'; + process.env.AWS_ROLE_ARN = 'some-value'; + + // create the chain + const providers = (await AwsCliCompatible.credentialChain()).providers; + + // make sure the web identity provider is in the chain + const webIdentify = (providers[2] as Function)(); + expect(webIdentify).toBeInstanceOf(AWS.TokenFileWebIdentityCredentials); +}); diff --git a/packages/awslint/README.md b/packages/awslint/README.md index 126a50884297b..d51258ad7d8b0 100644 --- a/packages/awslint/README.md +++ b/packages/awslint/README.md @@ -1,14 +1,19 @@ # awslint + --- ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. --- - + A linter for the AWS Construct Library's API. It reflects a construct library's module via it's `.jsii` manifest and checks that the module adheres to the [AWS diff --git a/packages/awslint/package.json b/packages/awslint/package.json index 080ea907c06ea..7e9ed60a7b4b3 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -16,12 +16,12 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.14.1", + "@jsii/spec": "^1.15.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.0.1", - "jsii-reflect": "^1.14.1", - "yargs": "^16.1.1" + "jsii-reflect": "^1.15.0", + "yargs": "^16.2.0" }, "devDependencies": { "@types/fs-extra": "^8.1.1", diff --git a/packages/cdk-assets/README.md b/packages/cdk-assets/README.md index ac7381b7083cf..2eb10ae621947 100644 --- a/packages/cdk-assets/README.md +++ b/packages/cdk-assets/README.md @@ -1,12 +1,18 @@ # cdk-assets + --- ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. --- + A tool for publishing CDK assets to AWS environments. @@ -44,7 +50,7 @@ default [`aws-sdk`](https://github.com/aws/aws-sdk-js) implementation allows. Command-line use looks like this: -``` +```console $ cdk-assets /path/to/cdk.out [ASSET:DEST] [ASSET] [:DEST] [...] ``` @@ -58,7 +64,7 @@ asset IDs or destination IDs. An asset manifest looks like this: -``` +```json { "version": "1.22.0", "files": { diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 71760884bcefe..d5474607e63f1 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -30,12 +30,12 @@ }, "license": "Apache-2.0", "devDependencies": { - "@types/archiver": "^3.1.1", + "@types/archiver": "^5.1.0", "@types/glob": "^7.1.3", "@types/jest": "^26.0.15", "@types/jszip": "^3.4.1", "@types/mock-fs": "^4.13.0", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "@types/yargs": "^15.0.10", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", @@ -47,9 +47,9 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "archiver": "^5.1.0", - "aws-sdk": "^2.799.0", + "aws-sdk": "^2.804.0", "glob": "^7.1.6", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index 276016f4c2794..ca73297f8f386 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -26,7 +26,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.14.1", + "codemaker": "^1.15.0", "yaml": "1.10.0" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index f0b086c41264f..f32367e7265ea 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -142,6 +142,7 @@ "@aws-cdk/aws-mediastore": "0.0.0", "@aws-cdk/aws-msk": "0.0.0", "@aws-cdk/aws-neptune": "0.0.0", + "@aws-cdk/aws-networkfirewall": "0.0.0", "@aws-cdk/aws-networkmanager": "0.0.0", "@aws-cdk/aws-opsworks": "0.0.0", "@aws-cdk/aws-opsworkscm": "0.0.0", @@ -170,6 +171,7 @@ "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/aws-ses": "0.0.0", "@aws-cdk/aws-ses-actions": "0.0.0", + "@aws-cdk/aws-signer": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", @@ -194,10 +196,10 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.0.1", - "jsii-reflect": "^1.14.1", + "jsii-reflect": "^1.15.0", "jsonschema": "^1.4.0", "yaml": "1.10.0", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "devDependencies": { "@types/fs-extra": "^8.1.1", @@ -205,7 +207,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.10", "jest": "^26.6.3", - "jsii": "^1.14.1" + "jsii": "^1.15.0" }, "keywords": [ "aws", diff --git a/packages/monocdk/README.md b/packages/monocdk/README.md index fe98c56b654b1..7845a38f8621e 100644 --- a/packages/monocdk/README.md +++ b/packages/monocdk/README.md @@ -11,12 +11,14 @@ An __experiment__ to bundle all of the CDK into a single module. ## Usage ### Installation + To try out `monocdk` replace all references to CDK Construct Libraries (most `@aws-cdk/*` packages) in your `package.json` file with a single entrey referring to `monocdk`. You also need to add a reference to the `constructs` library, according to the kind of project you are developing: + - For libraries, model the dependency under `devDependencies` **and** `peerDependencies` - For apps, model the dependency under `dependencies` only diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index 367ee89c1d98a..b78a8c6adcc9c 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -21,7 +21,8 @@ "build+test": "npm run build && npm test", "build+test+package": "npm run build+test && npm run package", "watch": "cdk-watch", - "compat": "cdk-compat" + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "awslint": { "exclude": [ @@ -214,6 +215,7 @@ "@aws-cdk/aws-mediastore": "0.0.0", "@aws-cdk/aws-msk": "0.0.0", "@aws-cdk/aws-neptune": "0.0.0", + "@aws-cdk/aws-networkfirewall": "0.0.0", "@aws-cdk/aws-networkmanager": "0.0.0", "@aws-cdk/aws-opsworks": "0.0.0", "@aws-cdk/aws-opsworkscm": "0.0.0", @@ -242,6 +244,7 @@ "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/aws-ses": "0.0.0", "@aws-cdk/aws-ses-actions": "0.0.0", + "@aws-cdk/aws-signer": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", @@ -265,12 +268,12 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.0.1", "pkglint": "0.0.0", - "ts-node": "^9.0.0", + "ts-node": "^9.1.0", "typescript": "~3.8.3", "ubergen": "0.0.0" }, diff --git a/scripts/check-build-prerequisites.sh b/scripts/check-build-prerequisites.sh new file mode 100644 index 0000000000000..c703d9f3e94e7 --- /dev/null +++ b/scripts/check-build-prerequisites.sh @@ -0,0 +1,91 @@ +#!/bin/bash +set -euo pipefail + +scriptdir=$(cd $(dirname $0) && pwd) + +# Testing with this to simulate different installed apps: +# docker run -it -v ~/Source/aws-cdk:/var/cdk ubuntu bash + +# Note: Don't use \d in regex, it doesn't work on Macs without GNU tools installed +# Use [0-9] instead + +die() { echo "$*" 1>&2 ; exit 1; } +wrong_version() { echo "Found $app version $app_v. Install $app >= $app_min" 1>&2; exit 1; } + +check_which() { + local app=$1 + local min=$2 + + echo -e "Checking if $app is installed... \c" + + w=$(which ${app}) || w="" + + if [ -z "$w" ] || [ "$w" == "$app not found" ] + then + die "Missing dependency: $app. Install $app >= $min" + else + echo "Ok" + fi +} + +app="" +app_min="" +app_v="" + +# [Node.js >= 10.13.0] +# ⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies. +app="node" +app_min="v10.13.0" +check_which $app $app_min +app_v=$(node --version) + +# Check for version 10.*.* - 29.*.* +echo -e "Checking node version... \c" +if [ $(echo $app_v | grep -c -E "v[12][0-9]\.[0-9]+\.[0-9]+") -eq 1 ] +then + # Check for version 13.0 to 13.6 + if [ $(echo $app_v | grep -c -E "v13\.[0-6]\.[0-9]+") -eq 1 ] + then + die "node versions 13.0.0 to 13.6.0 are not supported due to compatibility issues with our dependencies." + else + # Check for version < 10.13 + if [ $(echo $app_v | grep -c -E "v10\.([0-9]|1[0-2])\.[0-9]+") -eq 1 ] + then + wrong_version + else + echo "Ok" + fi + fi +else + echo "Not 12" + wrong_version +fi + +# [Yarn >= 1.19.1, < 1.30] +app="yarn" +app_min="1.19.1" +check_which $app $app_min +app_v=$(${app} --version) +echo -e "Checking yarn version... \c" +if [ $(echo $app_v | grep -c -E "1\.(19|2[0-9])\.[0-9]+") -eq 1 ] +then + echo "Ok" +else + wrong_version +fi + +# [Docker >= 19.03] +app="docker" +app_min="19.03.0" +check_which $app $app_min + +# Make sure docker is running +echo -e "Checking if docker is running... \c" +docker_running=$(docker ps) +if [ $? -eq 0 ] +then + echo "Ok" +else + die "Docker is not running" +fi + diff --git a/scripts/check-prerequisites.sh b/scripts/check-pack-prerequisites.sh similarity index 61% rename from scripts/check-prerequisites.sh rename to scripts/check-pack-prerequisites.sh index 9a4232d9e3e2d..8dca0902114e5 100755 --- a/scripts/check-prerequisites.sh +++ b/scripts/check-pack-prerequisites.sh @@ -1,16 +1,15 @@ #!/bin/bash set -euo pipefail +scriptdir=$(cd $(dirname $0) && pwd) +source ${scriptdir}/check-build-prerequisites.sh + # Testing with this to simulate different installed apps: # docker run -it -v ~/Source/aws-cdk:/var/cdk ubuntu bash # Note: Don't use \d in regex, it doesn't work on Macs without GNU tools installed # Use [0-9] instead -app="" -app_min="" -app_v="" - die() { echo "$*" 1>&2 ; exit 1; } wrong_version() { echo "Found $app version $app_v. Install $app >= $app_min" 1>&2; exit 1; } @@ -30,47 +29,9 @@ check_which() { fi } -# [Node.js >= 10.13.0] -# ⚠️ versions `13.0.0` to `13.6.0` are not supported due to compatibility issues with our dependencies. -app="node" -app_min="v10.13.0" -check_which $app $app_min -app_v=$(node --version) - -# Check for version 10.*.* - 29.*.* -echo -e "Checking node version... \c" -if [ $(echo $app_v | grep -c -E "v[12][0-9]\.[0-9]+\.[0-9]+") -eq 1 ] -then - # Check for version 13.0 to 13.6 - if [ $(echo $app_v | grep -c -E "v13\.[0-6]\.[0-9]+") -eq 1 ] - then - die "node versions 13.0.0 to 13.6.0 are not supported due to compatibility issues with our dependencies." - else - # Check for version < 10.13 - if [ $(echo $app_v | grep -c -E "v10\.([0-9]|1[0-2])\.[0-9]+") -eq 1 ] - then - wrong_version - else - echo "Ok" - fi - fi -else - echo "Not 12" - wrong_version -fi - -# [Yarn >= 1.19.1, < 1.30] -app="yarn" -app_min="1.19.1" -check_which $app $app_min -app_v=$(${app} --version) -echo -e "Checking yarn version... \c" -if [ $(echo $app_v | grep -c -E "1\.(19|2[0-9])\.[0-9]+") -eq 1 ] -then - echo "Ok" -else - wrong_version -fi +app="" +app_min="" +app_v="" # [Java OpenJDK 8, 11, 14] @@ -143,19 +104,3 @@ then else wrong_version fi - -# [Docker >= 19.03] -app="docker" -app_min="19.03.0" -check_which $app $app_min - -# Make sure docker is running -echo -e "Checking if docker is running... \c" -docker_running=$(docker ps) -if [ $? -eq 0 ] -then - echo "Ok" -else - die "Docker is not running" -fi - diff --git a/tools/cdk-build-tools/config/markdownlint.json b/tools/cdk-build-tools/config/markdownlint.json new file mode 100644 index 0000000000000..43f7b2f1f490c --- /dev/null +++ b/tools/cdk-build-tools/config/markdownlint.json @@ -0,0 +1,30 @@ +{ + "default": false, + "heading-increment": true, + "heading-style": { "style": "atx" }, + "ul-style": { "style": "consistent" }, + "list-indent": true, + "no-missing-space-atx": true, + "no-multiple-space-atx": true, + "blanks-around-headings": true, + "heading-start-left": true, + "no-duplicate-heading": true, + "single-title": true, + "no-trailing-punctuation": true, + "no-multiple-space-blockquote": true, + "no-blanks-blockquote": true, + "ol-prefix": { "style": "one_or_ordered" }, + "list-marker-space": true, + "blanks-around-fences": true, + "blanks-around-lists": true, + "no-space-in-emphasis": true, + "no-space-in-code": true, + "no-space-in-links": true, + "fenced-code-language": true, + "first-line-heading": true, + "proper-names": ["jsii"], + "no-alt-text": true, + "code-block-style": { "style": "fenced" }, + "single-trailing-newline": true, + "code-fence-style": { "style": "backtick" } +} diff --git a/tools/cdk-build-tools/lib/lint.ts b/tools/cdk-build-tools/lib/lint.ts index ca9128a4e5f82..27eae0588c828 100644 --- a/tools/cdk-build-tools/lib/lint.ts +++ b/tools/cdk-build-tools/lib/lint.ts @@ -1,21 +1,40 @@ import * as path from 'path'; +import * as process from 'process'; +import * as fs from 'fs-extra'; import { shell } from './os'; import { CDKBuildOptions, CompilerOverrides } from './package-info'; export async function lintCurrentPackage(options: CDKBuildOptions, compilers: CompilerOverrides & { fix?: boolean } = {}): Promise { const env = options.env; + const fixOption = compilers.fix ? ['--fix'] : []; + if (!options.eslint?.disable) { await shell([ compilers.eslint || require.resolve('eslint/bin/eslint'), '.', '--ext=.ts', `--resolve-plugins-relative-to=${__dirname}`, - ...compilers.fix ? ['--fix'] : [], + ...fixOption, ], { env }); } if (!options.pkglint?.disable) { - await shell(['pkglint'], { env }); + await shell([ + 'pkglint', + ...fixOption, + ], { env }); + } + + if (await fs.pathExists('README.md')) { + await shell([ + process.execPath, + ...process.execArgv, + '--', + require.resolve('markdownlint-cli'), + '--config', path.resolve(__dirname, '..', 'config', 'markdownlint.json'), + ...fixOption, + 'README.md', + ]); } await shell([path.join(__dirname, '..', 'bin', 'cdk-awslint')], { env }); diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index f5f8691727ec7..e5b2b0c5f8479 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -39,24 +39,25 @@ "pkglint": "0.0.0" }, "dependencies": { - "@typescript-eslint/eslint-plugin": "^4.8.2", + "@typescript-eslint/eslint-plugin": "^4.9.0", "@typescript-eslint/parser": "^4.7.0", - "eslint-plugin-cdk": "0.0.0", "awslint": "0.0.0", "colors": "^1.4.0", "eslint": "^7.13.0", "eslint-import-resolver-node": "^0.3.4", "eslint-import-resolver-typescript": "^2.3.0", + "eslint-plugin-cdk": "0.0.0", "eslint-plugin-import": "^2.22.1", "fs-extra": "^9.0.1", "jest": "^26.6.3", - "jsii": "^1.14.1", - "jsii-pacmak": "^1.14.1", + "jsii": "^1.15.0", + "jsii-pacmak": "^1.15.0", + "markdownlint-cli": "^0.25.0", "nodeunit": "^0.11.3", "nyc": "^15.1.0", "ts-jest": "^26.4.4", "typescript": "~3.9.7", - "yargs": "^16.1.1", + "yargs": "^16.2.0", "yarn-cling": "0.0.0" }, "keywords": [ diff --git a/tools/cdk-build-tools/tsconfig.json b/tools/cdk-build-tools/tsconfig.json index 14499cd2abfaf..f6b1789bd46ad 100644 --- a/tools/cdk-build-tools/tsconfig.json +++ b/tools/cdk-build-tools/tsconfig.json @@ -7,14 +7,13 @@ "alwaysStrict": true, "declaration": true, "inlineSourceMap": true, - "inlineSources": true, "noUnusedLocals": true, "noUnusedParameters": true, "noImplicitReturns": true, "noFallthroughCasesInSwitch": true, "resolveJsonModule": true, "composite": true, - "incremental": true + "incremental": true, }, "include": ["**/*.ts"] } diff --git a/tools/cdk-integ-tools/README.md b/tools/cdk-integ-tools/README.md index 6e6ea17673cbe..31b50e21d9dca 100644 --- a/tools/cdk-integ-tools/README.md +++ b/tools/cdk-integ-tools/README.md @@ -7,7 +7,7 @@ If deployment succeeds, the synthesized template is saved in a local file and "locked". During build, the test app is only synthesized and compared against the checked-in file to protect against regressions. -### Setup +## Setup Create any number of files called `integ.*.ts` in your `test` directory. These should be CDK apps containing a single stack. @@ -43,7 +43,9 @@ This installs two tools into your scripts: Usage: - cdk-integ [TEST...] [--no-clean] [--verbose] +```console +cdk-integ [TEST...] [--no-clean] [--verbose] +``` Will deploy test stacks from `test/integ.*.js` and store the synthesized output under `test/integ.*.expected.json`. diff --git a/tools/cdk-integ-tools/package.json b/tools/cdk-integ-tools/package.json index 150ffb66dba19..8685d8435f8dc 100644 --- a/tools/cdk-integ-tools/package.json +++ b/tools/cdk-integ-tools/package.json @@ -40,7 +40,7 @@ "@aws-cdk/assert": "0.0.0", "aws-cdk": "0.0.0", "fs-extra": "^9.0.1", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "keywords": [ "aws", diff --git a/tools/cfn2ts/lib/codegen.ts b/tools/cfn2ts/lib/codegen.ts index d208976668925..f1e9f184e67af 100644 --- a/tools/cfn2ts/lib/codegen.ts +++ b/tools/cfn2ts/lib/codegen.ts @@ -241,9 +241,13 @@ export default class CodeGenerator { // translate the template properties to CDK objects this.code.line('const resourceProperties = options.parser.parseValue(resourceAttributes.Properties);'); // translate to props, using a (module-private) factory function - this.code.line(`const props = ${genspec.fromCfnFactoryName(propsType).fqn}(resourceProperties);`); + this.code.line(`const propsResult = ${genspec.fromCfnFactoryName(propsType).fqn}(resourceProperties);`); // finally, instantiate the resource class - this.code.line(`const ret = new ${resourceName.className}(scope, id, props);`); + this.code.line(`const ret = new ${resourceName.className}(scope, id, propsResult.value);`); + // save all keys from extraProperties in the resource using property overrides + this.code.openBlock('for (const [propKey, propVal] of Object.entries(propsResult.extraProperties)) '); + this.code.line('ret.addPropertyOverride(propKey, propVal);'); + this.code.closeBlock(); } else { // no props type - we simply instantiate the construct without the third argument this.code.line(`const ret = new ${resourceName.className}(scope, id);`); @@ -373,6 +377,9 @@ export default class CodeGenerator { } this.code.unindent('};'); this.code.closeBlock(); + + this.code.line(); + this.code.openBlock('protected renderProperties(props: {[key: string]: any}): { [key: string]: any } '); this.code.line(`return ${genspec.cfnMapperName(propsType).fqn}(props);`); this.code.closeBlock(); @@ -447,7 +454,7 @@ export default class CodeGenerator { this.code.line(`${validatorName.fqn}(properties).assertSuccess();`); // Generate the return object - this.code.line('return {'); + this.code.indent('return {'); const self = this; Object.keys(nameConversionTable).forEach(cfnName => { @@ -500,9 +507,9 @@ export default class CodeGenerator { }, }); - self.code.line(` ${cfnName}: ${mapperExpression}(properties.${propName}),`); + self.code.line(`${cfnName}: ${mapperExpression}(properties.${propName}),`); }); - this.code.line('};'); + this.code.unindent('};'); this.code.closeBlock(); } @@ -530,20 +537,21 @@ export default class CodeGenerator { // but never used as types of properties, // and in those cases this function will never be called. this.code.line('// @ts-ignore TS6133'); - this.code.openBlock(`function ${factoryName.functionName}(properties: any): ${typeName.fqn}` + - (allowReturningIResolvable ? ` | ${CORE}.IResolvable` : '')); + + const returnType = `${typeName.fqn}${allowReturningIResolvable ? ' | ' + CORE + '.IResolvable' : ''}`; + this.code.openBlock(`function ${factoryName.functionName}(properties: any): ` + + `${CFN_PARSE}.FromCloudFormationResult<${returnType}>`); if (allowReturningIResolvable) { this.code.openBlock(`if (${CORE}.isResolvableObject(properties))`); - this.code.line('return properties;'); + this.code.line(`return new ${CFN_PARSE}.FromCloudFormationResult(properties);`); this.code.closeBlock(); } this.code.line('properties = properties || {};'); - // Generate the return object - this.code.indent('return {'); - const self = this; + this.code.line(`const ret = new ${CFN_PARSE}.FromCloudFormationPropertyObject<${typeName.fqn}>();`); + const self = this; // class used for the visitor class FromCloudFormationFactoryVisitor implements genspec.PropertyVisitor { public visitAtom(type: genspec.CodeName): string { @@ -618,17 +626,16 @@ export default class CodeGenerator { } } - Object.keys(nameConversionTable).forEach(cfnName => { - const propName = nameConversionTable[cfnName]; - const propSpec = propSpecs[cfnName]; - - const simpleCfnPropAccessExpr = `properties.${cfnName}`; - - const deserializer = genspec.typeDispatch(resource, propSpec, new FromCloudFormationFactoryVisitor()); - const deserialized = `${deserializer}(${simpleCfnPropAccessExpr})`; - let valueExpression = propSpec.Required ? deserialized : `${simpleCfnPropAccessExpr} != null ? ${deserialized} : undefined`; - - if (schema.isTagPropertyName(cfnName)) { + for (const [cfnPropName, cdkPropName] of Object.entries(nameConversionTable)) { + const propSpec = propSpecs[cfnPropName]; + const simpleCfnPropAccessExpr = `properties.${cfnPropName}`; + const deserializedExpression = genspec.typeDispatch(resource, propSpec, new FromCloudFormationFactoryVisitor()) + + `(${simpleCfnPropAccessExpr})`; + + let valueExpression = propSpec.Required + ? deserializedExpression + : `${simpleCfnPropAccessExpr} != null ? ${deserializedExpression} : undefined`; + if (schema.isTagPropertyName(cfnPropName)) { // Properties that have names considered to denote tags // have their type generated without a union with IResolvable. // However, we can't possibly know that when generating the factory @@ -640,10 +647,14 @@ export default class CodeGenerator { valueExpression += ' as any'; } - self.code.line(`${propName}: ${valueExpression},`); - }); - // close the return object brace - this.code.unindent('};'); + self.code.line(`ret.addPropertyResult('${cdkPropName}', '${cfnPropName}', ${valueExpression});`); + } + + // save any extra properties we find on this level + this.code.line('ret.addUnrecognizedPropertiesAsExtra(properties);'); + + // return the result object + this.code.line('return ret;'); // close the function brace this.code.closeBlock(); diff --git a/tools/cfn2ts/package.json b/tools/cfn2ts/package.json index 7af8f556c615d..785d1a52c18b0 100644 --- a/tools/cfn2ts/package.json +++ b/tools/cfn2ts/package.json @@ -30,10 +30,10 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.14.1", + "codemaker": "^1.15.0", "fast-json-patch": "^3.0.0-1", "fs-extra": "^9.0.1", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "devDependencies": { "@types/fs-extra": "^8.1.1", diff --git a/tools/eslint-plugin-cdk/package.json b/tools/eslint-plugin-cdk/package.json index 0b06b895cfbba..fa6a38426ec20 100644 --- a/tools/eslint-plugin-cdk/package.json +++ b/tools/eslint-plugin-cdk/package.json @@ -12,10 +12,10 @@ "build+test": "npm run build && npm test" }, "devDependencies": { - "@types/eslint": "^7.2.5", + "@types/eslint": "^7.2.6", "@types/fs-extra": "^8.1.1", "@types/jest": "^26.0.15", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "eslint-plugin-rulesdir": "^0.1.0", "jest": "^26.6.3", "typescript": "~3.9.7" diff --git a/tools/nodeunit-shim/package.json b/tools/nodeunit-shim/package.json index e644c259dc2a8..c0a9838437477 100644 --- a/tools/nodeunit-shim/package.json +++ b/tools/nodeunit-shim/package.json @@ -13,7 +13,7 @@ }, "devDependencies": { "@types/jest": "^26.0.15", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "typescript": "~3.9.7" }, "dependencies": { diff --git a/tools/pkglint/lib/banners/features-cfn-stable.md b/tools/pkglint/lib/banners/features-cfn-stable.md index a72b593f64508..fafb417eb86b3 100644 --- a/tools/pkglint/lib/banners/features-cfn-stable.md +++ b/tools/pkglint/lib/banners/features-cfn-stable.md @@ -1 +1,4 @@ -> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. \ No newline at end of file +> **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always +> stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib diff --git a/tools/pkglint/lib/banners/features-developer-preview.md b/tools/pkglint/lib/banners/features-developer-preview.md index f60d5d7cbd00f..3bb6924e3bd33 100644 --- a/tools/pkglint/lib/banners/features-developer-preview.md +++ b/tools/pkglint/lib/banners/features-developer-preview.md @@ -1 +1,6 @@ -> **Developer Preview:** Higher level constructs in this module that are marked as developer preview have completed their phase of active development and are looking for adoption and feedback. While the same caveats around non-backward compatible as Experimental constructs apply, they will undergo fewer breaking changes. Just as with Experimental constructs, these are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. \ No newline at end of file +> **Developer Preview:** Higher level constructs in this module that are marked as developer +> preview have completed their phase of active development and are looking for adoption and +> feedback. While the same caveats around non-backward compatible as Experimental constructs apply, +> they will undergo fewer breaking changes. Just as with Experimental constructs, these are not +> subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. diff --git a/tools/pkglint/lib/banners/features-experimental.md b/tools/pkglint/lib/banners/features-experimental.md index 3d56c6c4890e9..921f47b563b99 100644 --- a/tools/pkglint/lib/banners/features-experimental.md +++ b/tools/pkglint/lib/banners/features-experimental.md @@ -1 +1,5 @@ -> **Experimental:** Higher level constructs in this module that are marked as experimental are under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. \ No newline at end of file +> **Experimental:** Higher level constructs in this module that are marked as experimental are +> under active development. They are subject to non-backward compatible changes or removal in any +> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and +> breaking changes will be announced in the release notes. This means that while you may use them, +> you may need to update your source code when upgrading to a newer version of this package. diff --git a/tools/pkglint/lib/banners/features-stable.md b/tools/pkglint/lib/banners/features-stable.md index d104c3e06d282..b8a40e1190e00 100644 --- a/tools/pkglint/lib/banners/features-stable.md +++ b/tools/pkglint/lib/banners/features-stable.md @@ -1 +1,2 @@ -> **Stable:** Higher level constructs in this module that are marked stable will not undergo any breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. \ No newline at end of file +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any +> breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. diff --git a/tools/pkglint/lib/banners/l1.cfn-only.md b/tools/pkglint/lib/banners/l1.cfn-only.md index bd9e5186ed7aa..266f51dc14cdd 100644 --- a/tools/pkglint/lib/banners/l1.cfn-only.md +++ b/tools/pkglint/lib/banners/l1.cfn-only.md @@ -1,3 +1,5 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib diff --git a/tools/pkglint/lib/banners/l1.developer-preview.md b/tools/pkglint/lib/banners/l1.developer-preview.md index bd9e5186ed7aa..266f51dc14cdd 100644 --- a/tools/pkglint/lib/banners/l1.developer-preview.md +++ b/tools/pkglint/lib/banners/l1.developer-preview.md @@ -1,3 +1,5 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib diff --git a/tools/pkglint/lib/banners/l1.experimental.md b/tools/pkglint/lib/banners/l1.experimental.md index bd9e5186ed7aa..266f51dc14cdd 100644 --- a/tools/pkglint/lib/banners/l1.experimental.md +++ b/tools/pkglint/lib/banners/l1.experimental.md @@ -1,3 +1,5 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib diff --git a/tools/pkglint/lib/banners/l2.developer-preview.md b/tools/pkglint/lib/banners/l2.developer-preview.md index 03e696e649dd9..22a238c9456d1 100644 --- a/tools/pkglint/lib/banners/l2.developer-preview.md +++ b/tools/pkglint/lib/banners/l2.developer-preview.md @@ -1,5 +1,9 @@ ![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are in **developer preview** before they become stable. We will only make breaking changes to address unforeseen API issues. Therefore, these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes will be announced in release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are in **developer preview** before they +> become stable. We will only make breaking changes to address unforeseen API issues. Therefore, +> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes +> will be announced in release notes. This means that while you may use them, you may need to +> update your source code when upgrading to a newer version of this package. diff --git a/tools/pkglint/lib/banners/l2.experimental.md b/tools/pkglint/lib/banners/l2.experimental.md index 14606e1bafe53..886148b93a71d 100644 --- a/tools/pkglint/lib/banners/l2.experimental.md +++ b/tools/pkglint/lib/banners/l2.experimental.md @@ -1,3 +1,7 @@ ![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) -> The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index f5c969cb8f9ce..1729eaef0a23d 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -147,7 +147,10 @@ export class ThirdPartyAttributions extends ValidationRule { return; } const bundled = pkg.getAllBundledDependencies().filter(dep => !dep.startsWith('@aws-cdk')); - const lines = fs.readFileSync(path.join(pkg.packageRoot, 'NOTICE'), { encoding: 'utf8' }).split('\n'); + const noticePath = path.join(pkg.packageRoot, 'NOTICE'); + const lines = fs.existsSync(noticePath) + ? fs.readFileSync(noticePath, { encoding: 'utf8' }).split('\n') + : []; const re = /^\*\* (\S+)/; const attributions = lines.filter(l => re.test(l)).map(l => l.match(re)![1]); @@ -212,13 +215,13 @@ export class ReadmeFile extends ValidationRule { fix: () => fs.writeFileSync( readmeFile, [ - `## ${headline || pkg.json.description}`, + `# ${headline || pkg.json.description}`, 'This module is part of the[AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project.', ].join('\n'), ), }); } else if (headline) { - const requiredFirstLine = `## ${headline}`; + const requiredFirstLine = `# ${headline}`; const [firstLine, ...rest] = fs.readFileSync(readmeFile, { encoding: 'utf8' }).split('\n'); if (firstLine !== requiredFirstLine) { pkg.report({ @@ -320,11 +323,13 @@ export class MaturitySetting extends ValidationRule { return [ '', + '', '---', '', ...bannerLines, '', '---', + '', '', '', ].join('\n'); @@ -404,17 +409,25 @@ export class FeatureStabilityRule extends ValidationRule { return; } + const featuresColumnWitdh = Math.max( + 13, // 'CFN Resources'.length + ...pkg.json.features.map((feat: { name: string; }) => feat.name.length), + ); + const stabilityBanner: string = [ '', + '', '---', '', - '| Features | Stability |', - '| --- | --- |', - ...this.featureEntries(pkg), + `Features${' '.repeat(featuresColumnWitdh - 8)} | Stability`, + `--------${'-'.repeat(featuresColumnWitdh - 8)}-|-----------${'-'.repeat(Math.max(0, 100 - featuresColumnWitdh - 13))}`, + ...this.featureEntries(pkg, featuresColumnWitdh), '', ...this.bannerNotices(pkg), '---', + '', '', + '', ].join('\n'); const readmeFile = path.join(pkg.packageRoot, 'README.md'); @@ -434,17 +447,17 @@ export class FeatureStabilityRule extends ValidationRule { } } - private featureEntries(pkg: PackageJson): string[] { + private featureEntries(pkg: PackageJson, featuresColumnWitdh: number): string[] { const entries: string[] = []; if (pkg.json['cdk-build']?.cloudformation) { - entries.push(`| CFN Resources | ![Stable](${this.badges.Stable}) |`); + entries.push(`CFN Resources${' '.repeat(featuresColumnWitdh - 13)} | ![Stable](${this.badges.Stable})`); } pkg.json.features.forEach((feature: { [key: string]: string }) => { const badge = this.badges[feature.stability]; if (!badge) { throw new Error(`Unknown stability - ${feature.stability}`); } - entries.push(`| ${feature.name} | ![${feature.stability}](${badge}) |`); + entries.push(`${feature.name}${' '.repeat(featuresColumnWitdh - feature.name.length)} | ![${feature.stability}](${badge})`); }); return entries; } @@ -459,11 +472,15 @@ export class FeatureStabilityRule extends ValidationRule { const noticeOrder = ['Experimental', 'Developer Preview', 'Stable']; const stabilities = pkg.json.features.map((f: { [k: string]: string }) => f.stability); const filteredNotices = noticeOrder.filter(v => stabilities.includes(v)); - filteredNotices.map((notice) => { + for (const notice of filteredNotices) { + if (notices.length !== 0) { + // This delimiter helps ensure proper parsing & rendering with various parsers + notices.push('', ''); + } const lowerTrainCase = notice.toLowerCase().replace(/\s/g, '-'); notices.push(readBannerFile(`features-${lowerTrainCase}.md`)); notices.push(''); - }); + } return notices; } } @@ -1021,6 +1038,19 @@ export class MustUseCDKWatch extends ValidationRule { } } +/** + * Must have 'rosetta:extract' command if this package is JSII-enabled. + */ +export class MustHaveRosettaExtract extends ValidationRule { + public readonly name = 'package-info/scripts/rosetta:extract'; + + public validate(pkg: PackageJson): void { + if (!isJSII(pkg)) { return; } + + expectJSON(this.name, pkg, 'scripts.rosetta:extract', 'yarn --silent jsii-rosetta extract'); + } +} + /** * Must use 'cdk-test' command */ @@ -1580,5 +1610,5 @@ function toRegExp(str: string): RegExp { } function readBannerFile(file: string): string { - return fs.readFileSync(path.join(__dirname, 'banners', file), { encoding: 'utf-8' }); + return fs.readFileSync(path.join(__dirname, 'banners', file), { encoding: 'utf-8' }).trim(); } diff --git a/tools/pkglint/package.json b/tools/pkglint/package.json index 59d5137c9e75a..7f913f6d12abe 100644 --- a/tools/pkglint/package.json +++ b/tools/pkglint/package.json @@ -49,6 +49,6 @@ "glob": "^7.1.6", "npm-bundled": "^1.1.1", "semver": "^7.3.2", - "yargs": "^16.1.1" + "yargs": "^16.2.0" } } diff --git a/tools/pkglint/test/rules.test.ts b/tools/pkglint/test/rules.test.ts index 767dbe81b1e1d..3169a747a08f3 100644 --- a/tools/pkglint/test/rules.test.ts +++ b/tools/pkglint/test/rules.test.ts @@ -40,10 +40,10 @@ describe('FeatureStabilityRule', () => { expect(pkgJson.hasReports).toBe(true); pkgJson.applyFixes(); const fixedContents = await fs.readFile(path.join(dirPath, 'README.md'), { encoding: 'utf8' }); - expect(fixedContents).toMatch(/Experimental Feature \| \!\[Experimental\]/); - expect(fixedContents).toMatch(/Dev Preview Feature \| \!\[Developer Preview\]/); - expect(fixedContents).toMatch(/Stable Feature \| \!\[Stable\]/); - expect(fixedContents).toMatch(/Not Implemented Feature \| \!\[Not Implemented\]/); + expect(fixedContents).toMatch(/Experimental Feature\s* \| \!\[Experimental\]/); + expect(fixedContents).toMatch(/Dev Preview Feature\s* \| \!\[Developer Preview\]/); + expect(fixedContents).toMatch(/Stable Feature\s* \| \!\[Stable\]/); + expect(fixedContents).toMatch(/Not Implemented Feature\s* \| \!\[Not Implemented\]/); expect(fixedContents).not.toMatch(/CFN Resources/); }); diff --git a/tools/pkglint/tsconfig.json b/tools/pkglint/tsconfig.json index 14499cd2abfaf..6b870d2cb95a2 100644 --- a/tools/pkglint/tsconfig.json +++ b/tools/pkglint/tsconfig.json @@ -7,7 +7,6 @@ "alwaysStrict": true, "declaration": true, "inlineSourceMap": true, - "inlineSources": true, "noUnusedLocals": true, "noUnusedParameters": true, "noImplicitReturns": true, diff --git a/tools/pkgtools/README.md b/tools/pkgtools/README.md index 5bfda521f079d..31b20f8d98428 100644 --- a/tools/pkgtools/README.md +++ b/tools/pkgtools/README.md @@ -1,2 +1,3 @@ -## Tools for generating cross-package artifacts +# Tools for generating cross-package artifacts + This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. diff --git a/tools/pkgtools/package.json b/tools/pkgtools/package.json index 056c886e1b4c9..d5255e81d465d 100644 --- a/tools/pkgtools/package.json +++ b/tools/pkgtools/package.json @@ -36,7 +36,7 @@ }, "dependencies": { "fs-extra": "^9.0.1", - "yargs": "^16.1.1" + "yargs": "^16.2.0" }, "keywords": [ "aws", diff --git a/tools/ubergen/README.md b/tools/ubergen/README.md index 36b6249ae245c..98fbb47c7caad 100644 --- a/tools/ubergen/README.md +++ b/tools/ubergen/README.md @@ -4,4 +4,4 @@ Aggregates all individual CDK construct library modules into a single uber package. This is used in the CDK to create a monolithic package that is then -published for customers to consume. \ No newline at end of file +published for customers to consume. diff --git a/tools/ubergen/package.json b/tools/ubergen/package.json index 12c4c622f2fe4..483d7ecfa4dfa 100644 --- a/tools/ubergen/package.json +++ b/tools/ubergen/package.json @@ -14,6 +14,7 @@ "scripts": { "build": "cdk-build", "watch": "cdk-watch", + "lint": "cdk-lint", "pkglint": "pkglint -f", "test": "echo success", "build+test+package": "npm run build+test", diff --git a/tools/yarn-cling/package.json b/tools/yarn-cling/package.json index 596f283475b46..aefba13ff8ee0 100644 --- a/tools/yarn-cling/package.json +++ b/tools/yarn-cling/package.json @@ -39,7 +39,7 @@ }, "devDependencies": { "@types/jest": "^26.0.15", - "@types/node": "^10.17.46", + "@types/node": "^10.17.48", "@types/yarnpkg__lockfile": "^1.1.4", "jest": "^26.6.3", "pkglint": "0.0.0", diff --git a/version.v1.json b/version.v1.json index cbf6099fbebec..3c551277a8f31 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.76.0" + "version": "1.77.0" } diff --git a/yarn.lock b/yarn.lock index 28d81e024cefc..d838b8d976915 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10,18 +10,18 @@ "@babel/highlight" "^7.10.4" "@babel/core@^7.1.0", "@babel/core@^7.7.5": - version "7.11.6" - resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.6.tgz#3a9455dc7387ff1bac45770650bc13ba04a15651" - integrity sha512-Wpcv03AGnmkgm6uS6k8iwhIwTrcP0m17TL1n1sy7qD0qelDu4XNeW0dN0mHfa+Gei211yDaLoEe/VlbXQzM4Bg== + version "7.12.3" + resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.12.3.tgz#1b436884e1e3bff6fb1328dc02b208759de92ad8" + integrity sha512-0qXcZYKZp3/6N2jKYVxZv0aNCsxTSVCiK72DTiTYZAu7sjg73W0/aynWjMbiGd87EQL4WyA8reiJVh92AVla9g== dependencies: "@babel/code-frame" "^7.10.4" - "@babel/generator" "^7.11.6" - "@babel/helper-module-transforms" "^7.11.0" - "@babel/helpers" "^7.10.4" - "@babel/parser" "^7.11.5" + "@babel/generator" "^7.12.1" + "@babel/helper-module-transforms" "^7.12.1" + "@babel/helpers" "^7.12.1" + "@babel/parser" "^7.12.3" "@babel/template" "^7.10.4" - "@babel/traverse" "^7.11.5" - "@babel/types" "^7.11.5" + "@babel/traverse" "^7.12.1" + "@babel/types" "^7.12.1" convert-source-map "^1.7.0" debug "^4.1.0" gensync "^1.0.0-beta.1" @@ -31,12 +31,12 @@ semver "^5.4.1" source-map "^0.5.0" -"@babel/generator@^7.11.5", "@babel/generator@^7.11.6", "@babel/generator@^7.4.0": - version "7.11.6" - resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.6.tgz#b868900f81b163b4d464ea24545c61cbac4dc620" - integrity sha512-DWtQ1PV3r+cLbySoHrwn9RWEgKMBLLma4OBQloPRyDYvc5msJM9kvTLo1YnlJd1P/ZuKbdli3ijr5q3FvAF3uA== +"@babel/generator@^7.12.1", "@babel/generator@^7.12.5", "@babel/generator@^7.4.0": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.12.5.tgz#a2c50de5c8b6d708ab95be5e6053936c1884a4de" + integrity sha512-m16TQQJ8hPt7E+OS/XVQg/7U184MLXtvuGbCdA7na61vha+ImkyyNM/9DDA0unYCVZn3ZOhng+qz48/KBOT96A== dependencies: - "@babel/types" "^7.11.5" + "@babel/types" "^7.12.5" jsesc "^2.5.1" source-map "^0.5.0" @@ -56,31 +56,33 @@ dependencies: "@babel/types" "^7.10.4" -"@babel/helper-member-expression-to-functions@^7.10.4": - version "7.11.0" - resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.11.0.tgz#ae69c83d84ee82f4b42f96e2a09410935a8f26df" - integrity sha512-JbFlKHFntRV5qKw3YC0CvQnDZ4XMwgzzBbld7Ly4Mj4cbFy3KywcR8NtNctRToMWJOVvLINJv525Gd6wwVEx/Q== +"@babel/helper-member-expression-to-functions@^7.12.1": + version "7.12.1" + resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.12.1.tgz#fba0f2fcff3fba00e6ecb664bb5e6e26e2d6165c" + integrity sha512-k0CIe3tXUKTRSoEx1LQEPFU9vRQfqHtl+kf8eNnDqb4AUJEy5pz6aIiog+YWtVm2jpggjS1laH68bPsR+KWWPQ== dependencies: - "@babel/types" "^7.11.0" + "@babel/types" "^7.12.1" -"@babel/helper-module-imports@^7.10.4": - version "7.10.4" - resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.10.4.tgz#4c5c54be04bd31670a7382797d75b9fa2e5b5620" - integrity sha512-nEQJHqYavI217oD9+s5MUBzk6x1IlvoS9WTPfgG43CbMEeStE0v+r+TucWdx8KFGowPGvyOkDT9+7DHedIDnVw== +"@babel/helper-module-imports@^7.12.1": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.12.5.tgz#1bfc0229f794988f76ed0a4d4e90860850b54dfb" + integrity sha512-SR713Ogqg6++uexFRORf/+nPXMmWIn80TALu0uaFb+iQIUoR7bOC7zBWyzBs5b3tBBJXuyD0cRu1F15GyzjOWA== dependencies: - "@babel/types" "^7.10.4" + "@babel/types" "^7.12.5" -"@babel/helper-module-transforms@^7.11.0": - version "7.11.0" - resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.11.0.tgz#b16f250229e47211abdd84b34b64737c2ab2d359" - integrity sha512-02EVu8COMuTRO1TAzdMtpBPbe6aQ1w/8fePD2YgQmxZU4gpNWaL9gK3Jp7dxlkUlUCJOTaSeA+Hrm1BRQwqIhg== +"@babel/helper-module-transforms@^7.12.1": + version "7.12.1" + resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.12.1.tgz#7954fec71f5b32c48e4b303b437c34453fd7247c" + integrity sha512-QQzehgFAZ2bbISiCpmVGfiGux8YVFXQ0abBic2Envhej22DVXV9nCFaS5hIQbkyo1AdGb+gNME2TSh3hYJVV/w== dependencies: - "@babel/helper-module-imports" "^7.10.4" - "@babel/helper-replace-supers" "^7.10.4" - "@babel/helper-simple-access" "^7.10.4" + "@babel/helper-module-imports" "^7.12.1" + "@babel/helper-replace-supers" "^7.12.1" + "@babel/helper-simple-access" "^7.12.1" "@babel/helper-split-export-declaration" "^7.11.0" + "@babel/helper-validator-identifier" "^7.10.4" "@babel/template" "^7.10.4" - "@babel/types" "^7.11.0" + "@babel/traverse" "^7.12.1" + "@babel/types" "^7.12.1" lodash "^4.17.19" "@babel/helper-optimise-call-expression@^7.10.4": @@ -95,23 +97,22 @@ resolved "https://registry.yarnpkg.com/@babel/helper-plugin-utils/-/helper-plugin-utils-7.10.4.tgz#2f75a831269d4f677de49986dff59927533cf375" integrity sha512-O4KCvQA6lLiMU9l2eawBPMf1xPP8xPfB3iEQw150hOVTqj/rfXz0ThTb4HEzqQfs2Bmo5Ay8BzxfzVtBrr9dVg== -"@babel/helper-replace-supers@^7.10.4": - version "7.10.4" - resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.10.4.tgz#d585cd9388ea06e6031e4cd44b6713cbead9e6cf" - integrity sha512-sPxZfFXocEymYTdVK1UNmFPBN+Hv5mJkLPsYWwGBxZAxaWfFu+xqp7b6qWD0yjNuNL2VKc6L5M18tOXUP7NU0A== +"@babel/helper-replace-supers@^7.12.1": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.12.5.tgz#f009a17543bbbbce16b06206ae73b63d3fca68d9" + integrity sha512-5YILoed0ZyIpF4gKcpZitEnXEJ9UoDRki1Ey6xz46rxOzfNMAhVIJMoune1hmPVxh40LRv1+oafz7UsWX+vyWA== dependencies: - "@babel/helper-member-expression-to-functions" "^7.10.4" + "@babel/helper-member-expression-to-functions" "^7.12.1" "@babel/helper-optimise-call-expression" "^7.10.4" - "@babel/traverse" "^7.10.4" - "@babel/types" "^7.10.4" + "@babel/traverse" "^7.12.5" + "@babel/types" "^7.12.5" -"@babel/helper-simple-access@^7.10.4": - version "7.10.4" - resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.10.4.tgz#0f5ccda2945277a2a7a2d3a821e15395edcf3461" - integrity sha512-0fMy72ej/VEvF8ULmX6yb5MtHG4uH4Dbd6I/aHDb/JVg0bbivwt9Wg+h3uMvX+QSFtwr5MeItvazbrc4jtRAXw== +"@babel/helper-simple-access@^7.12.1": + version "7.12.1" + resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.12.1.tgz#32427e5aa61547d38eb1e6eaf5fd1426fdad9136" + integrity sha512-OxBp7pMrjVewSSC8fXDFrHrBcJATOOFssZwv16F3/6Xtc138GHybBfPbm9kfiqQHKhYQrlamWILwlDCeyMFEaA== dependencies: - "@babel/template" "^7.10.4" - "@babel/types" "^7.10.4" + "@babel/types" "^7.12.1" "@babel/helper-split-export-declaration@^7.11.0": version "7.11.0" @@ -125,14 +126,14 @@ resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.10.4.tgz#a78c7a7251e01f616512d31b10adcf52ada5e0d2" integrity sha512-3U9y+43hz7ZM+rzG24Qe2mufW5KhvFg/NhnNph+i9mgCtdTCtMJuI1TMkrIUiK7Ix4PYlRF9I5dhqaLYA/ADXw== -"@babel/helpers@^7.10.4": - version "7.10.4" - resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.10.4.tgz#2abeb0d721aff7c0a97376b9e1f6f65d7a475044" - integrity sha512-L2gX/XeUONeEbI78dXSrJzGdz4GQ+ZTA/aazfUsFaWjSe95kiCuOZ5HsXvkiw3iwF+mFHSRUfJU8t6YavocdXA== +"@babel/helpers@^7.12.1": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.12.5.tgz#1a1ba4a768d9b58310eda516c449913fe647116e" + integrity sha512-lgKGMQlKqA8meJqKsW6rUnc4MdUk35Ln0ATDqdM1a/UpARODdI4j5Y5lVfUScnSNkJcdCRAaWkspykNoFg9sJA== dependencies: "@babel/template" "^7.10.4" - "@babel/traverse" "^7.10.4" - "@babel/types" "^7.10.4" + "@babel/traverse" "^7.12.5" + "@babel/types" "^7.12.5" "@babel/highlight@^7.10.4": version "7.10.4" @@ -143,10 +144,10 @@ chalk "^2.0.0" js-tokens "^4.0.0" -"@babel/parser@^7.1.0", "@babel/parser@^7.10.4", "@babel/parser@^7.11.5", "@babel/parser@^7.4.3": - version "7.11.5" - resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.5.tgz#c7ff6303df71080ec7a4f5b8c003c58f1cf51037" - integrity sha512-X9rD8qqm695vgmeaQ4fvz/o3+Wk4ZzQvSHkDBgpYKxpD4qTAUm88ZKtHkVqIOsYFFbIQ6wQYhC6q7pjqVK0E0Q== +"@babel/parser@^7.1.0", "@babel/parser@^7.10.4", "@babel/parser@^7.12.3", "@babel/parser@^7.12.5", "@babel/parser@^7.4.3": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.12.5.tgz#b4af32ddd473c0bfa643bd7ff0728b8e71b81ea0" + integrity sha512-FVM6RZQ0mn2KCf1VUED7KepYeUWoVShczewOCfm3nzoBybaih51h+sYVVGthW9M6lPByEPTQf+xm27PBdlpwmQ== "@babel/plugin-syntax-async-generators@^7.8.4": version "7.8.4" @@ -163,9 +164,9 @@ "@babel/helper-plugin-utils" "^7.8.0" "@babel/plugin-syntax-class-properties@^7.8.3": - version "7.10.4" - resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.10.4.tgz#6644e6a0baa55a61f9e3231f6c9eeb6ee46c124c" - integrity sha512-GCSBF7iUle6rNugfURwNmCGG3Z/2+opxAMLs1nND4bhEG5PuxTIggDBoeYYSujAlLtsupzOHYJQgPS3pivwXIA== + version "7.12.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.1.tgz#bcb297c5366e79bebadef509549cd93b04f19978" + integrity sha512-U40A76x5gTwmESz+qiqssqmeEsKvcSyvtgktrm0uzcARAmM9I1jR221f6Oq+GmHrcD+LvZDag1UTOTe2fL3TeA== dependencies: "@babel/helper-plugin-utils" "^7.10.4" @@ -241,25 +242,34 @@ "@babel/parser" "^7.10.4" "@babel/types" "^7.10.4" -"@babel/traverse@^7.1.0", "@babel/traverse@^7.10.4", "@babel/traverse@^7.11.5", "@babel/traverse@^7.4.3": - version "7.11.5" - resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.5.tgz#be777b93b518eb6d76ee2e1ea1d143daa11e61c3" - integrity sha512-EjiPXt+r7LiCZXEfRpSJd+jUMnBd4/9OUv7Nx3+0u9+eimMwJmG0Q98lw4/289JCoxSE8OolDMNZaaF/JZ69WQ== +"@babel/traverse@^7.1.0", "@babel/traverse@^7.12.1", "@babel/traverse@^7.12.5", "@babel/traverse@^7.4.3": + version "7.12.5" + resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.12.5.tgz#78a0c68c8e8a35e4cacfd31db8bb303d5606f095" + integrity sha512-xa15FbQnias7z9a62LwYAA5SZZPkHIXpd42C6uW68o8uTuua96FHZy1y61Va5P/i83FAAcMpW8+A/QayntzuqA== dependencies: "@babel/code-frame" "^7.10.4" - "@babel/generator" "^7.11.5" + "@babel/generator" "^7.12.5" "@babel/helper-function-name" "^7.10.4" "@babel/helper-split-export-declaration" "^7.11.0" - "@babel/parser" "^7.11.5" - "@babel/types" "^7.11.5" + "@babel/parser" "^7.12.5" + "@babel/types" "^7.12.5" debug "^4.1.0" globals "^11.1.0" lodash "^4.17.19" -"@babel/types@^7.0.0", "@babel/types@^7.10.4", "@babel/types@^7.11.0", "@babel/types@^7.11.5", "@babel/types@^7.3.0", "@babel/types@^7.3.3", "@babel/types@^7.4.0": - version "7.11.5" - resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.5.tgz#d9de577d01252d77c6800cee039ee64faf75662d" - integrity sha512-bvM7Qz6eKnJVFIn+1LPtjlBFPVN5jNDc1XmN15vWe7Q3DPBufWWsLiIvUu7xW87uTG6QoggpIDnUgLQvPheU+Q== +"@babel/types@^7.0.0", "@babel/types@^7.10.4", "@babel/types@^7.11.0", "@babel/types@^7.12.5", "@babel/types@^7.3.0", "@babel/types@^7.3.3", "@babel/types@^7.4.0": + version "7.12.6" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.12.6.tgz#ae0e55ef1cce1fbc881cd26f8234eb3e657edc96" + integrity sha512-hwyjw6GvjBLiyy3W0YQf0Z5Zf4NpYejUnKFcfcUhZCSffoBBp30w6wP2Wn6pk31jMYZvcOrB/1b7cGXvEoKogA== + dependencies: + "@babel/helper-validator-identifier" "^7.10.4" + lodash "^4.17.19" + to-fast-properties "^2.0.0" + +"@babel/types@^7.12.1": + version "7.12.7" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.12.7.tgz#6039ff1e242640a29452c9ae572162ec9a8f5d13" + integrity sha512-MNyI92qZq6jrQkXvtIiykvl4WtoRrVV9MPn+ZfsoEENjiWcBQ3ZSHrkxnJWgWtLX3XXqX5hrSQ+X69wkmesXuQ== dependencies: "@babel/helper-validator-identifier" "^7.10.4" lodash "^4.17.19" @@ -549,17 +559,6 @@ source-map "^0.6.1" write-file-atomic "^3.0.0" -"@jest/types@^26.6.0": - version "26.6.0" - resolved "https://registry.yarnpkg.com/@jest/types/-/types-26.6.0.tgz#2c045f231bfd79d52514cda3fbc93ef46157fa6a" - integrity sha512-8pDeq/JVyAYw7jBGU83v8RMYAkdrRxLG3BGnAJuqaQAUd6GWBmND2uyl+awI88+hit48suLoLjNFtR+ZXxWaYg== - dependencies: - "@types/istanbul-lib-coverage" "^2.0.0" - "@types/istanbul-reports" "^3.0.0" - "@types/node" "*" - "@types/yargs" "^15.0.0" - chalk "^4.0.0" - "@jest/types@^26.6.2": version "26.6.2" resolved "https://registry.yarnpkg.com/@jest/types/-/types-26.6.2.tgz#bef5a532030e1d88a2f5a6d933f84e97226ed48e" @@ -571,10 +570,10 @@ "@types/yargs" "^15.0.0" chalk "^4.0.0" -"@jsii/spec@^1.14.1": - version "1.14.1" - resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.14.1.tgz#9544e94e590dafd37d46f91ae3da925f39ca73de" - integrity sha512-h+HXPYD+k8zbkQRXzR9zWxXoSyBTBQL2N+t+iTgMuHpWvnrd6ZUegpWh/M1voMpmT5JHS7MftwIRjnp7yP92KQ== +"@jsii/spec@^1.15.0": + version "1.15.0" + resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.15.0.tgz#e7f3a18d231ef6d1826ce7257de7b2f6e2071f40" + integrity sha512-aybTXziVMQcCp2EGIMCJgAs4uvXtN/iBVeJMyBRzqznhtctG4flOu37FjIdib/OOJLrRLt4NAA95R5kNm/jLpA== dependencies: jsonschema "^1.4.0" @@ -1298,16 +1297,16 @@ fastq "^1.6.0" "@octokit/auth-token@^2.4.0": - version "2.4.2" - resolved "https://registry.yarnpkg.com/@octokit/auth-token/-/auth-token-2.4.2.tgz#10d0ae979b100fa6b72fa0e8e63e27e6d0dbff8a" - integrity sha512-jE/lE/IKIz2v1+/P0u4fJqv0kYwXOTujKemJMFr6FeopsxlIK3+wKDCJGnysg81XID5TgZQbIfuJ5J0lnTiuyQ== + version "2.4.3" + resolved "https://registry.yarnpkg.com/@octokit/auth-token/-/auth-token-2.4.3.tgz#b868b5f2366533a7e62933eaa1181a8924228cc4" + integrity sha512-fdGoOQ3kQJh+hrilc0Plg50xSfaCKOeYN9t6dpJKXN9BxhhfquL0OzoQXg3spLYymL5rm29uPeI3KEXRaZQ9zg== dependencies: "@octokit/types" "^5.0.0" "@octokit/core@^3.0.0": - version "3.1.2" - resolved "https://registry.yarnpkg.com/@octokit/core/-/core-3.1.2.tgz#c937d5f9621b764573068fcd2e5defcc872fd9cc" - integrity sha512-AInOFULmwOa7+NFi9F8DlDkm5qtZVmDQayi7TUgChE3yeIGPq0Y+6cAEXPexQ3Ea+uZy66hKEazR7DJyU+4wfw== + version "3.2.1" + resolved "https://registry.yarnpkg.com/@octokit/core/-/core-3.2.1.tgz#9e04df3f4e7f825ac0559327490ce34299140af5" + integrity sha512-XfFSDDwv6tclUenS0EmB6iA7u+4aOHBT1Lz4PtQNQQg3hBbNaR/+Uv5URU+egeIuuGAiMRiDyY92G4GBOWOqDA== dependencies: "@octokit/auth-token" "^2.4.0" "@octokit/graphql" "^4.3.1" @@ -1317,18 +1316,18 @@ universal-user-agent "^6.0.0" "@octokit/endpoint@^6.0.1": - version "6.0.6" - resolved "https://registry.yarnpkg.com/@octokit/endpoint/-/endpoint-6.0.6.tgz#4f09f2b468976b444742a1d5069f6fa45826d999" - integrity sha512-7Cc8olaCoL/mtquB7j/HTbPM+sY6Ebr4k2X2y4JoXpVKQ7r5xB4iGQE0IoO58wIPsUk4AzoT65AMEpymSbWTgQ== + version "6.0.9" + resolved "https://registry.yarnpkg.com/@octokit/endpoint/-/endpoint-6.0.9.tgz#c6a772e024202b1bd19ab69f90e0536a2598b13e" + integrity sha512-3VPLbcCuqji4IFTclNUtGdp9v7g+nspWdiCUbK3+iPMjJCZ6LEhn1ts626bWLOn0GiDb6j+uqGvPpqLnY7pBgw== dependencies: "@octokit/types" "^5.0.0" is-plain-object "^5.0.0" universal-user-agent "^6.0.0" "@octokit/graphql@^4.3.1": - version "4.5.6" - resolved "https://registry.yarnpkg.com/@octokit/graphql/-/graphql-4.5.6.tgz#708143ba15cf7c1879ed6188266e7f270be805d4" - integrity sha512-Rry+unqKTa3svswT2ZAuqenpLrzJd+JTv89LTeVa5UM/5OX8o4KTkPL7/1ABq4f/ZkELb0XEK/2IEoYwykcLXg== + version "4.5.7" + resolved "https://registry.yarnpkg.com/@octokit/graphql/-/graphql-4.5.7.tgz#f4562dcd9e80ea94602068e85aefac19a88f8578" + integrity sha512-Gk0AR+DcwIK/lK/GX+OQ99UqtenQhcbrhHHfOYlrCQe17ADnX3EKAOKRsAZ9qZvpi5MuwWm/Nm+9aO2kTDSdyA== dependencies: "@octokit/request" "^5.3.0" "@octokit/types" "^5.0.0" @@ -1347,16 +1346,16 @@ "@octokit/types" "^2.0.1" "@octokit/plugin-paginate-rest@^2.2.0": - version "2.4.0" - resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.4.0.tgz#92f951ddc8a1cd505353fa07650752ca25ed7e93" - integrity sha512-YT6Klz3LLH6/nNgi0pheJnUmTFW4kVnxGft+v8Itc41IIcjl7y1C8TatmKQBbCSuTSNFXO5pCENnqg6sjwpJhg== + version "2.6.0" + resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.6.0.tgz#03416396e7a227b268c5b827365238f620a9c5c1" + integrity sha512-o+O8c1PqsC5++BHXfMZabRRsBIVb34tXPWyQLyp2IXq5MmkxdipS7TXM4Y9ldL1PzY9CTrCsn/lzFFJGM3oRRA== dependencies: "@octokit/types" "^5.5.0" "@octokit/plugin-request-log@^1.0.0": - version "1.0.0" - resolved "https://registry.yarnpkg.com/@octokit/plugin-request-log/-/plugin-request-log-1.0.0.tgz#eef87a431300f6148c39a7f75f8cfeb218b2547e" - integrity sha512-ywoxP68aOT3zHCLgWZgwUJatiENeHE7xJzYjfz8WI0goynp96wETBF+d95b8g/uL4QmS6owPVlaxiz3wyMAzcw== + version "1.0.2" + resolved "https://registry.yarnpkg.com/@octokit/plugin-request-log/-/plugin-request-log-1.0.2.tgz#394d59ec734cd2f122431fbaf05099861ece3c44" + integrity sha512-oTJSNAmBqyDR41uSMunLQKMX0jmEXbwD1fpz8FG27lScV3RhtGfBa1/BBLym+PxcC16IBlF7KH9vP1BUYxA+Eg== "@octokit/plugin-rest-endpoint-methods@2.4.0": version "2.4.0" @@ -1384,18 +1383,18 @@ once "^1.4.0" "@octokit/request-error@^2.0.0": - version "2.0.2" - resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.0.2.tgz#0e76b83f5d8fdda1db99027ea5f617c2e6ba9ed0" - integrity sha512-2BrmnvVSV1MXQvEkrb9zwzP0wXFNbPJij922kYBTLIlIafukrGOb+ABBT2+c6wZiuyWDH1K1zmjGQ0toN/wMWw== + version "2.0.3" + resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.0.3.tgz#b51b200052bf483f6fa56c9e7e3aa51ead36ecd8" + integrity sha512-GgD5z8Btm301i2zfvJLk/mkhvGCdjQ7wT8xF9ov5noQY8WbKZDH9cOBqXzoeKd1mLr1xH2FwbtGso135zGBgTA== dependencies: "@octokit/types" "^5.0.1" deprecation "^2.0.0" once "^1.4.0" "@octokit/request@^5.2.0", "@octokit/request@^5.3.0", "@octokit/request@^5.4.0": - version "5.4.9" - resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.4.9.tgz#0a46f11b82351b3416d3157261ad9b1558c43365" - integrity sha512-CzwVvRyimIM1h2n9pLVYfTDmX9m+KHSgCpqPsY8F1NdEK8IaWqXhSBXsdjOBFZSpEcxNEeg4p0UO9cQ8EnOCLA== + version "5.4.10" + resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.4.10.tgz#402d2c53768bde12b99348329ba4129746aebb9c" + integrity sha512-egA49HkqEORVGDZGav1mh+VD+7uLgOxtn5oODj6guJk0HCy+YBSYapFkSLFgeYj3Fr18ZULKGURkjyhkAChylw== dependencies: "@octokit/endpoint" "^6.0.1" "@octokit/request-error" "^2.0.0" @@ -1493,10 +1492,10 @@ resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82" integrity sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw== -"@types/archiver@^3.1.1": - version "3.1.1" - resolved "https://registry.yarnpkg.com/@types/archiver/-/archiver-3.1.1.tgz#10cc1be44af8911e57484342c7b3b32a5f178a1a" - integrity sha512-TzVZ9204sH1TuFylfr1cw/AA/3/VldAAXswEwKLXUOzA9mDg+m6gHF9EaqKNlozcjc6knX5m1KAqJzksPLSEfw== +"@types/archiver@^5.1.0": + version "5.1.0" + resolved "https://registry.yarnpkg.com/@types/archiver/-/archiver-5.1.0.tgz#869f4ce4028e49cf9a0243cf914415f4cc3d1f3d" + integrity sha512-baFOhanb/hxmcOd1Uey2TfFg43kTSmM6py1Eo7Rjbv/ivcl7PXLhY0QgXGf50Hx/eskGCFqPfhs/7IZLb15C5g== dependencies: "@types/glob" "*" @@ -1506,9 +1505,9 @@ integrity sha512-LRKk2UQCSi7BsO5TlfSI8cTNpOGz+MH6+RXEWtuZmxJficQgxwEYJDiKVirzgyiHce0L0F4CqCVvKTwblAeOUw== "@types/babel__core@^7.0.0", "@types/babel__core@^7.1.7": - version "7.1.10" - resolved "https://registry.yarnpkg.com/@types/babel__core/-/babel__core-7.1.10.tgz#ca58fc195dd9734e77e57c6f2df565623636ab40" - integrity sha512-x8OM8XzITIMyiwl5Vmo2B1cR1S1Ipkyv4mdlbJjMa1lmuKvKY9FrBbEANIaMlnWn5Rf7uO+rC/VgYabNkE17Hw== + version "7.1.12" + resolved "https://registry.yarnpkg.com/@types/babel__core/-/babel__core-7.1.12.tgz#4d8e9e51eb265552a7e4f1ff2219ab6133bdfb2d" + integrity sha512-wMTHiiTiBAAPebqaPiPDLFA4LYPKr6Ph0Xq/6rq1Ur3v66HXyG+clfR9CNETkD7MQS8ZHvpQOtA53DLws5WAEQ== dependencies: "@babel/parser" "^7.1.0" "@babel/types" "^7.0.0" @@ -1524,9 +1523,9 @@ "@babel/types" "^7.0.0" "@types/babel__template@*": - version "7.0.3" - resolved "https://registry.yarnpkg.com/@types/babel__template/-/babel__template-7.0.3.tgz#b8aaeba0a45caca7b56a5de9459872dde3727214" - integrity sha512-uCoznIPDmnickEi6D0v11SBpW0OuVqHJCa7syXqQHy5uktSCreIlt0iglsCnmvz8yCb38hGcWeseA8cWJSwv5Q== + version "7.4.0" + resolved "https://registry.yarnpkg.com/@types/babel__template/-/babel__template-7.4.0.tgz#0c888dd70b3ee9eebb6e4f200e809da0076262be" + integrity sha512-NTPErx4/FiPCGScH7foPyr+/1Dkzkni+rHiYHHoTjvwou7AQzJkNeD60A9CXRy+ZEN2B1bggmkTMCDb+Mv5k+A== dependencies: "@babel/parser" "^7.1.0" "@babel/types" "^7.0.0" @@ -1538,15 +1537,10 @@ dependencies: "@babel/types" "^7.3.0" -"@types/color-name@^1.1.1": - version "1.1.1" - resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0" - integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ== - -"@types/eslint@^7.2.5": - version "7.2.5" - resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.2.5.tgz#92172ecf490c2fce4b076739693d75f30376d610" - integrity sha512-Dc6ar9x16BdaR3NSxSF7T4IjL9gxxViJq8RmFd+2UAyA+K6ck2W+gUwfgpG/y9TPyUuBL35109bbULpEynvltA== +"@types/eslint@^7.2.6": + version "7.2.6" + resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.2.6.tgz#5e9aff555a975596c03a98b59ecd103decc70c3c" + integrity sha512-I+1sYH+NPQ3/tVqCeUSBwTE/0heyvtXqpIopUUArlBm0Kpocb8FbMa3AZ/ASKIFpN3rnEx932TTXDbt9OXsNDw== dependencies: "@types/estree" "*" "@types/json-schema" "*" @@ -1572,9 +1566,9 @@ "@types/node" "*" "@types/graceful-fs@^4.1.2": - version "4.1.3" - resolved "https://registry.yarnpkg.com/@types/graceful-fs/-/graceful-fs-4.1.3.tgz#039af35fe26bec35003e8d86d2ee9c586354348f" - integrity sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ== + version "4.1.4" + resolved "https://registry.yarnpkg.com/@types/graceful-fs/-/graceful-fs-4.1.4.tgz#4ff9f641a7c6d1a3508ff88bc3141b152772e753" + integrity sha512-mWA/4zFQhfvOA8zWkXobwJvBD7vzcxgrOQ0J5CH1votGqdq9m7+FwtGaqyCZqC3NyyBkc9z4m+iry4LlqcMWJg== dependencies: "@types/node" "*" @@ -1640,9 +1634,9 @@ integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA== "@types/minimist@^1.2.0": - version "1.2.0" - resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.0.tgz#69a23a3ad29caf0097f06eda59b361ee2f0639f6" - integrity sha1-aaI6OtKcrwCX8G7aWbNh7i8GOfY= + version "1.2.1" + resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.1.tgz#283f669ff76d7b8260df8ab7a4262cc83d988256" + integrity sha512-fZQQafSREFyuZcdWFAExYjBiCL7AUCdgsk80iO0q4yihYYdcIiH28CcuPTGFgLOCC8RlW49GSQxdHwZP+I7CNg== "@types/mock-fs@^4.13.0": version "4.13.0" @@ -1657,14 +1651,14 @@ integrity sha1-m6It838H43gP/4Ux0aOOYz+UV6U= "@types/node@*", "@types/node@>= 8": - version "14.11.2" - resolved "https://registry.yarnpkg.com/@types/node/-/node-14.11.2.tgz#2de1ed6670439387da1c9f549a2ade2b0a799256" - integrity sha512-jiE3QIxJ8JLNcb1Ps6rDbysDhN4xa8DJJvuC9prr6w+1tIh+QAbYyNF3tyiZNLDBIuBCf4KEcV2UvQm/V60xfA== + version "14.14.7" + resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.7.tgz#8ea1e8f8eae2430cf440564b98c6dfce1ec5945d" + integrity sha512-Zw1vhUSQZYw+7u5dAwNbIA9TuTotpzY/OF7sJM9FqPOF3SPjKnxrjoTktXDZgUjybf4cWVBP7O8wvKdSaGHweg== -"@types/node@^10.17.46": - version "10.17.46" - resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.46.tgz#1cd867ebfe9957ab45951f2f715f8de5f3dab7a3" - integrity sha512-Tice8a+sJtlP9C1EUo0DYyjq52T37b3LexVu3p871+kfIBIN+OQ7PKPei1oF3MgF39olEpUfxaLtD+QFc1k69Q== +"@types/node@^10.17.48": + version "10.17.48" + resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.48.tgz#726e7f25d00bf58d79c8f00dd586dd9a10d06a4f" + integrity sha512-Agl6xbYP6FOMDeAsr3QVZ+g7Yzg0uhPHWx0j5g4LFdUBHVtqtU+gH660k/lCEe506jJLOGbEzsnqPDTZGJQLag== "@types/nodeunit@^0.0.31": version "0.0.31" @@ -1677,9 +1671,9 @@ integrity sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA== "@types/prettier@^2.0.0": - version "2.1.1" - resolved "https://registry.yarnpkg.com/@types/prettier/-/prettier-2.1.1.tgz#be148756d5480a84cde100324c03a86ae5739fb5" - integrity sha512-2zs+O+UkDsJ1Vcp667pd3f8xearMdopz/z54i99wtRDI5KLmngk7vlrYZD0ZjKHaROR03EznlBbVY9PfAEyJIQ== + version "2.1.5" + resolved "https://registry.yarnpkg.com/@types/prettier/-/prettier-2.1.5.tgz#b6ab3bba29e16b821d84e09ecfaded462b816b00" + integrity sha512-UEyp8LwZ4Dg30kVU2Q3amHHyTn1jEdhCIE59ANed76GaT1Vp76DD3ZWSAxgCrw6wJ0TqeoBpqmfUHiUDPs//HQ== "@types/promptly@^3.0.0": version "3.0.0" @@ -1761,7 +1755,14 @@ resolved "https://registry.yarnpkg.com/@types/yargs-parser/-/yargs-parser-15.0.0.tgz#cb3f9f741869e20cce330ffbeb9271590483882d" integrity sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw== -"@types/yargs@^15.0.0", "@types/yargs@^15.0.10": +"@types/yargs@^15.0.0": + version "15.0.9" + resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-15.0.9.tgz#524cd7998fe810cdb02f26101b699cccd156ff19" + integrity sha512-HmU8SeIRhZCWcnRskCs36Q1Q00KBV6Cqh/ora8WN1+22dY07AZdn6Gel8QZ3t26XYPImtcL8WV/eqjhVmMEw4g== + dependencies: + "@types/yargs-parser" "*" + +"@types/yargs@^15.0.10": version "15.0.10" resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-15.0.10.tgz#0fe3c8173a0d5c3e780b389050140c3f5ea6ea74" integrity sha512-z8PNtlhrj7eJNLmrAivM7rjBESG6JwC5xP3RVk12i/8HVP7Xnx/sEmERnRImyEuUaJfO942X0qMOYsoupaJbZQ== @@ -1773,28 +1774,28 @@ resolved "https://registry.yarnpkg.com/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.4.tgz#445251eb00bd9c1e751f82c7c6bf4f714edfd464" integrity sha512-/emrKCfQMQmFCqRqqBJ0JueHBT06jBRM3e8OgnvDUcvuExONujIk2hFA5dNsN9Nt41ljGVDdChvCydATZ+KOZw== -"@typescript-eslint/eslint-plugin@^4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.8.2.tgz#cf9102ec800391caa574f589ffe0623cca1d9308" - integrity sha512-gQ06QLV5l1DtvYtqOyFLXD9PdcILYqlrJj2l+CGDlPtmgLUzc1GpqciJFIRvyfvgLALpnxYINFuw+n9AZhPBKQ== +"@typescript-eslint/eslint-plugin@^4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.9.0.tgz#8fde15743413661fdc086c9f1f5d74a80b856113" + integrity sha512-WrVzGMzzCrgrpnQMQm4Tnf+dk+wdl/YbgIgd5hKGa2P+lnJ2MON+nQnbwgbxtN9QDLi8HO+JAq0/krMnjQK6Cw== dependencies: - "@typescript-eslint/experimental-utils" "4.8.2" - "@typescript-eslint/scope-manager" "4.8.2" + "@typescript-eslint/experimental-utils" "4.9.0" + "@typescript-eslint/scope-manager" "4.9.0" debug "^4.1.1" functional-red-black-tree "^1.0.1" regexpp "^3.0.0" semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/experimental-utils@4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.8.2.tgz#8909a5732f19329cf5ef0c39766170476bff5e50" - integrity sha512-hpTw6o6IhBZEsQsjuw/4RWmceRyESfAiEzAEnXHKG1X7S5DXFaZ4IO1JO7CW1aQ604leQBzjZmuMI9QBCAJX8Q== +"@typescript-eslint/experimental-utils@4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.9.0.tgz#23a296b85d243afba24e75a43fd55aceda5141f0" + integrity sha512-0p8GnDWB3R2oGhmRXlEnCvYOtaBCijtA5uBfH5GxQKsukdSQyI4opC4NGTUb88CagsoNQ4rb/hId2JuMbzWKFQ== dependencies: "@types/json-schema" "^7.0.3" - "@typescript-eslint/scope-manager" "4.8.2" - "@typescript-eslint/types" "4.8.2" - "@typescript-eslint/typescript-estree" "4.8.2" + "@typescript-eslint/scope-manager" "4.9.0" + "@typescript-eslint/types" "4.9.0" + "@typescript-eslint/typescript-estree" "4.9.0" eslint-scope "^5.0.0" eslint-utils "^2.0.0" @@ -1816,23 +1817,23 @@ "@typescript-eslint/types" "4.7.0" "@typescript-eslint/visitor-keys" "4.7.0" -"@typescript-eslint/scope-manager@4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.8.2.tgz#a18388c63ae9c17adde519384f539392f2c4f0d9" - integrity sha512-qHQ8ODi7mMin4Sq2eh/6eu03uVzsf5TX+J43xRmiq8ujng7ViQSHNPLOHGw/Wr5dFEoxq/ubKhzClIIdQy5q3g== +"@typescript-eslint/scope-manager@4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.9.0.tgz#5eefe305d6b71d1c85af6587b048426bfd4d3708" + integrity sha512-q/81jtmcDtMRE+nfFt5pWqO0R41k46gpVLnuefqVOXl4QV1GdQoBWfk5REcipoJNQH9+F5l+dwa9Li5fbALjzg== dependencies: - "@typescript-eslint/types" "4.8.2" - "@typescript-eslint/visitor-keys" "4.8.2" + "@typescript-eslint/types" "4.9.0" + "@typescript-eslint/visitor-keys" "4.9.0" "@typescript-eslint/types@4.7.0": version "4.7.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.7.0.tgz#5e95ef5c740f43d942542b35811f87b62fccca69" integrity sha512-uLszFe0wExJc+I7q0Z/+BnP7wao/kzX0hB5vJn4LIgrfrMLgnB2UXoReV19lkJQS1a1mHWGGODSxnBx6JQC3Sg== -"@typescript-eslint/types@4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.8.2.tgz#c862dd0e569d9478eb82d6aee662ea53f5661a36" - integrity sha512-z1/AVcVF8ju5ObaHe2fOpZYEQrwHyZ7PTOlmjd3EoFeX9sv7UekQhfrCmgUO7PruLNfSHrJGQvrW3Q7xQ8EoAw== +"@typescript-eslint/types@4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.9.0.tgz#3fe8c3632abd07095c7458f7451bd14c85d0033c" + integrity sha512-luzLKmowfiM/IoJL/rus1K9iZpSJK6GlOS/1ezKplb7MkORt2dDcfi8g9B0bsF6JoRGhqn0D3Va55b+vredFHA== "@typescript-eslint/typescript-estree@4.7.0": version "4.7.0" @@ -1848,13 +1849,13 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/typescript-estree@4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.8.2.tgz#eeec34707d8577600fb21661b5287226cc8b3bed" - integrity sha512-HToGNwI6fekH0dOw3XEVESUm71Onfam0AKin6f26S2FtUmO7o3cLlWgrIaT1q3vjB3wCTdww3Dx2iGq5wtUOCg== +"@typescript-eslint/typescript-estree@4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.9.0.tgz#38a98df6ee281cfd6164d6f9d91795b37d9e508c" + integrity sha512-rmDR++PGrIyQzAtt3pPcmKWLr7MA+u/Cmq9b/rON3//t5WofNR4m/Ybft2vOLj0WtUzjn018ekHjTsnIyBsQug== dependencies: - "@typescript-eslint/types" "4.8.2" - "@typescript-eslint/visitor-keys" "4.8.2" + "@typescript-eslint/types" "4.9.0" + "@typescript-eslint/visitor-keys" "4.9.0" debug "^4.1.1" globby "^11.0.1" is-glob "^4.0.1" @@ -1870,12 +1871,12 @@ "@typescript-eslint/types" "4.7.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@4.8.2": - version "4.8.2" - resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.8.2.tgz#62cd3fbbbf65f8eccfbe6f159eb1b84a243a3f77" - integrity sha512-Vg+/SJTMZJEKKGHW7YC21QxgKJrSbxoYYd3MEUGtW7zuytHuEcksewq0DUmo4eh/CTNrVJGSdIY9AtRb6riWFw== +"@typescript-eslint/visitor-keys@4.9.0": + version "4.9.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.9.0.tgz#f284e9fac43f2d6d35094ce137473ee321f266c8" + integrity sha512-sV45zfdRqQo1A97pOSx3fsjR+3blmwtdCt8LDrXgCX36v4Vmz4KHrhpV6Fo2cRdXmyumxx11AHw0pNJqCNpDyg== dependencies: - "@typescript-eslint/types" "4.8.2" + "@typescript-eslint/types" "4.9.0" eslint-visitor-keys "^2.0.0" "@yarnpkg/lockfile@^1.1.0": @@ -1929,9 +1930,9 @@ acorn-walk@^7.1.1: integrity sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA== acorn@^7.1.1, acorn@^7.4.0: - version "7.4.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.0.tgz#e1ad486e6c54501634c6c397c5c121daa383607c" - integrity sha512-+G7P8jJmCHr+S+cLfQxygbWhXy+8YTVGzAkpEbcLo2mLoL7tij/VG41QSHACSf5QgYRhMZYHuNc6drJaO0Da+w== + version "7.4.1" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa" + integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A== add-stream@^1.0.0: version "1.0.0" @@ -1946,9 +1947,9 @@ agent-base@4, agent-base@^4.3.0: es6-promisify "^5.0.0" agent-base@6, agent-base@^6.0.0: - version "6.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.1.tgz#808007e4e5867decb0ab6ab2f928fbdb5a596db4" - integrity sha512-01q25QQDwLSsyfhrKbn8yuur+JNw0H+0Y4JiGIKd3z9aYk/w/2kxD/Upc+t2ZBBSUNff50VjPsSW2YxM8QYKVg== + version "6.0.2" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" + integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== dependencies: debug "4" @@ -1975,9 +1976,9 @@ aggregate-error@^3.0.0: indent-string "^4.0.0" ajv@^6.10.0, ajv@^6.10.2, ajv@^6.12.3, ajv@^6.12.4: - version "6.12.5" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.5.tgz#19b0e8bae8f476e5ba666300387775fb1a00a4da" - integrity sha512-lRF8RORchjpKG50/WFf8xmg7sgCLFiYNNnqdKflk63whMQcWR5ngGjiSXkL9bjxy6B2npOK2HSMN49jEBMSkag== + version "6.12.6" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" + integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== dependencies: fast-deep-equal "^3.1.1" fast-json-stable-stringify "^2.0.0" @@ -2029,11 +2030,10 @@ ansi-styles@^3.2.0, ansi-styles@^3.2.1: color-convert "^1.9.0" ansi-styles@^4.0.0, ansi-styles@^4.1.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.2.1.tgz#90ae75c424d008d2624c5bf29ead3177ebfcf359" - integrity sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA== + version "4.3.0" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937" + integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg== dependencies: - "@types/color-name" "^1.1.1" color-convert "^2.0.1" any-promise@^1.0.0: @@ -2294,10 +2294,10 @@ aws-sdk-mock@^5.1.0: sinon "^9.0.1" traverse "^0.6.6" -aws-sdk@^2.637.0, aws-sdk@^2.799.0: - version "2.799.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.799.0.tgz#8b1a64c1a9f8ccf5794eb07bdd8051e4cb6adcfd" - integrity sha512-NYAoiNU+bJXhlJsC0rFqrmD5t5ho7/VxldmziP6HLPYHfOCI9Uvk6UVjfPmhLWPm0mHnIxhsHqmsNGyjhHNYmw== +aws-sdk@^2.637.0, aws-sdk@^2.804.0: + version "2.804.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.804.0.tgz#ff7e6f91b86b4878ec69e3de895c10eb8203fc4b" + integrity sha512-a02pZdjL06MunElAZPPEjpghOp/ZA+16f+t4imh1k9FCDpsNVQrT23HRq/PMvRADA5uZZRkYwX8r9o6oH/1RlA== dependencies: buffer "4.9.2" events "1.1.1" @@ -2315,9 +2315,9 @@ aws-sign2@~0.7.0: integrity sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg= aws4@^1.8.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.10.1.tgz#e1e82e4f3e999e2cfd61b161280d16a111f86428" - integrity sha512-zg7Hz2k5lI8kb7U32998pRRFin7zJlkfezGJjUc2heaD4Pw2wObakCDVzkKztTm/Ln7eiVvYsjqak0Ed4LkMDA== + version "1.11.0" + resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.11.0.tgz#d61f46d83b2519250e2784daf5b09479a8b41c59" + integrity sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA== axios@^0.19.0: version "0.19.2" @@ -2392,10 +2392,10 @@ balanced-match@^1.0.0: resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" integrity sha1-ibTRmasr7kneFk6gK4nORi1xt2c= -base64-js@^1.0.2: - version "1.3.1" - resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" - integrity sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g== +base64-js@^1.0.2, base64-js@^1.3.1: + version "1.5.1" + resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a" + integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA== base@^0.11.1: version "0.11.2" @@ -2516,12 +2516,12 @@ buffer@4.9.2: isarray "^1.0.0" buffer@^5.5.0: - version "5.6.0" - resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.6.0.tgz#a31749dc7d81d84db08abf937b6b8c4033f62786" - integrity sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw== + version "5.7.1" + resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.7.1.tgz#ba62e7c13133053582197160851a8f648e99eed0" + integrity sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ== dependencies: - base64-js "^1.0.2" - ieee754 "^1.1.4" + base64-js "^1.3.1" + ieee754 "^1.1.13" builtins@^1.0.3: version "1.0.3" @@ -2599,6 +2599,14 @@ caching-transform@^4.0.0: package-hash "^4.0.0" write-file-atomic "^3.0.0" +call-bind@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.0.tgz#24127054bb3f9bdcb4b1fb82418186072f77b8ce" + integrity sha512-AEXsYIyyDY3MCzbwdhzG3Jx1R0J2wetQyUynn6dYHAO+bg8l1k7jwZtRv4ryryFs7EP+NDlikJlVe59jr0cM2w== + dependencies: + function-bind "^1.1.1" + get-intrinsic "^1.0.0" + call-me-maybe@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.1.tgz#26d208ea89e37b5cbde60250a15f031c16a4d66b" @@ -2669,12 +2677,7 @@ camelcase@^5.0.0, camelcase@^5.3.1: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320" integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg== -camelcase@^6.0.0: - version "6.1.0" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.1.0.tgz#27dc176173725fb0adf8a48b647f4d7871944d78" - integrity sha512-WCMml9ivU60+8rEJgELlFp1gxFcEGxwYleE3bziHEDeqsqAWGHdimB7beBFGjLzVNgPGyDsfgXLQEYMpmIFnVQ== - -camelcase@^6.2.0: +camelcase@^6.0.0, camelcase@^6.2.0: version "6.2.0" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.2.0.tgz#924af881c9d525ac9d87f40d964e5cea982a1809" integrity sha512-c7wVvbw3f37nuobQNtgsgG9POC9qMbNuMQmTCqZv23b6MIz0fcYpBiOlv9gEN/hdLdnZTDQhg6e9Dq5M1vKvfg== @@ -2822,9 +2825,9 @@ cliui@^6.0.0: wrap-ansi "^6.2.0" cliui@^7.0.2: - version "7.0.3" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.3.tgz#ef180f26c8d9bff3927ee52428bfec2090427981" - integrity sha512-Gj3QHTkVMPKqwP3f7B4KPkBZRMR9r4rfi5bXFpg1a+Svvj8l7q5CnkBkVQzfxT5DFSsGk2+PascOgL0JYkL2kw== + version "7.0.4" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f" + integrity sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ== dependencies: string-width "^4.2.0" strip-ansi "^6.0.0" @@ -2859,10 +2862,10 @@ code-point-at@^1.0.0: resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= -codemaker@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.14.1.tgz#c2938d5fb76ca0cce306990c82b5fe0e934feb96" - integrity sha512-km8Aqf1ZioiM9Xm4Tj9pbIyFLoRV9l3ssw073C1AePt76TDqWFmJ83LrXkm+dSgdysoKVqY3Svn3BoPnN5bFKQ== +codemaker@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.15.0.tgz#3e2b319b6eb83be6094be166470158b186abdd04" + integrity sha512-2xXzYKUYrl79m1sertY+NL62T15Q5m1RLGuf5K8ZxX0gik0Ok3AmEhhEpSUaFBS48ocjHZ1rg5EgKK2A+7CY3g== dependencies: camelcase "^6.2.0" decamelize "^4.0.0" @@ -2930,6 +2933,11 @@ combined-stream@^1.0.6, combined-stream@~1.0.6: dependencies: delayed-stream "~1.0.0" +commander@~6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-6.2.0.tgz#b990bfb8ac030aedc6d11bc04d1488ffef56db75" + integrity sha512-zP4jEKbe8SHzKJYQmq8Y9gYjtO/POJLgIdKgV7B9qNmABVFVc+ctqSX6iXh4mCpJfRBOabiZ2YKPg8ciDw6C+Q== + commondir@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/commondir/-/commondir-1.0.1.tgz#ddd800da0c66127393cca5950ea968a3aaf1253b" @@ -3007,24 +3015,16 @@ console-control-strings@^1.0.0, console-control-strings@~1.1.0: integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= constructs@^3.2.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.0.tgz#c7a61dfb3bb8ad81f8d77e5dcdf5404129ce65d2" - integrity sha512-lfUsJjAyEBxQHjd46WwJp4YZqFcHg/+vzpc+EVYwOLy3YtI0uVQm6/i14GpMKOpAB7XtHAnQz6evE+72lAfVzQ== + version "3.2.30" + resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.30.tgz#950a1e38d7193791fea55f847f87013959748475" + integrity sha512-tzWUxXc9UjPbw1+c0s6gFL0ae4gPgsKck59xfkjOnyezPNcG2myB/xh9wGD51kbn+GInW0vMgW0QWOn0WhKa4g== contains-path@^0.1.0: version "0.1.0" resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" integrity sha1-/ozxhP9mcLa67wGp1IYaXL7EEgo= -conventional-changelog-angular@^5.0.11, conventional-changelog-angular@^5.0.3: - version "5.0.11" - resolved "https://registry.yarnpkg.com/conventional-changelog-angular/-/conventional-changelog-angular-5.0.11.tgz#99a3ca16e4a5305e0c2c2fae3ef74fd7631fc3fb" - integrity sha512-nSLypht/1yEflhuTogC03i7DX7sOrXGsRn14g131Potqi6cbGbGEE9PSDEHKldabB6N76HiSyw9Ph+kLmC04Qw== - dependencies: - compare-func "^2.0.0" - q "^1.5.1" - -conventional-changelog-angular@^5.0.12: +conventional-changelog-angular@^5.0.11, conventional-changelog-angular@^5.0.12, conventional-changelog-angular@^5.0.3: version "5.0.12" resolved "https://registry.yarnpkg.com/conventional-changelog-angular/-/conventional-changelog-angular-5.0.12.tgz#c979b8b921cbfe26402eb3da5bbfda02d865a2b9" integrity sha512-5GLsbnkR/7A89RyHLvvoExbiGbd9xKdKqDTrArnPbOqBqG/2wIosu0fHwpeIRI8Tl94MhVNBXcLJZl92ZQ5USw== @@ -3032,14 +3032,7 @@ conventional-changelog-angular@^5.0.12: compare-func "^2.0.0" q "^1.5.1" -conventional-changelog-atom@^2.0.7: - version "2.0.7" - resolved "https://registry.yarnpkg.com/conventional-changelog-atom/-/conventional-changelog-atom-2.0.7.tgz#221575253a04f77a2fd273eb2bf29a138f710abf" - integrity sha512-7dOREZwzB+tCEMjRTDfen0OHwd7vPUdmU0llTy1eloZgtOP4iSLVzYIQqfmdRZEty+3w5Jz+AbhfTJKoKw1JeQ== - dependencies: - q "^1.5.1" - -conventional-changelog-atom@^2.0.8: +conventional-changelog-atom@^2.0.7, conventional-changelog-atom@^2.0.8: version "2.0.8" resolved "https://registry.yarnpkg.com/conventional-changelog-atom/-/conventional-changelog-atom-2.0.8.tgz#a759ec61c22d1c1196925fca88fe3ae89fd7d8de" integrity sha512-xo6v46icsFTK3bb7dY/8m2qvc8sZemRgdqLb/bjpBsH2UyOS8rKNTgcb5025Hri6IpANPApbXMg15QLb1LJpBw== @@ -3057,14 +3050,7 @@ conventional-changelog-cli@^2.1.1: meow "^8.0.0" tempfile "^3.0.0" -conventional-changelog-codemirror@^2.0.7: - version "2.0.7" - resolved "https://registry.yarnpkg.com/conventional-changelog-codemirror/-/conventional-changelog-codemirror-2.0.7.tgz#d6b6a8ce2707710c5a036e305037547fb9e15bfb" - integrity sha512-Oralk1kiagn3Gb5cR5BffenWjVu59t/viE6UMD/mQa1hISMPkMYhJIqX+CMeA1zXgVBO+YHQhhokEj99GP5xcg== - dependencies: - q "^1.5.1" - -conventional-changelog-codemirror@^2.0.8: +conventional-changelog-codemirror@^2.0.7, conventional-changelog-codemirror@^2.0.8: version "2.0.8" resolved "https://registry.yarnpkg.com/conventional-changelog-codemirror/-/conventional-changelog-codemirror-2.0.8.tgz#398e9530f08ce34ec4640af98eeaf3022eb1f7dc" integrity sha512-z5DAsn3uj1Vfp7po3gpt2Boc+Bdwmw2++ZHa5Ak9k0UKsYAO5mH1UBTN0qSCuJZREIhX6WU4E1p3IW2oRCNzQw== @@ -3076,7 +3062,7 @@ conventional-changelog-config-spec@2.1.0: resolved "https://registry.yarnpkg.com/conventional-changelog-config-spec/-/conventional-changelog-config-spec-2.1.0.tgz#874a635287ef8b581fd8558532bf655d4fb59f2d" integrity sha512-IpVePh16EbbB02V+UA+HQnnPIohgXvJRxHcS5+Uwk4AT5LjzCZJm5sp/yqs5C6KZJ1jMsV4paEV13BN1pvDuxQ== -conventional-changelog-conventionalcommits@4.4.0, conventional-changelog-conventionalcommits@^4.4.0: +conventional-changelog-conventionalcommits@4.4.0: version "4.4.0" resolved "https://registry.yarnpkg.com/conventional-changelog-conventionalcommits/-/conventional-changelog-conventionalcommits-4.4.0.tgz#8d96687141c9bbd725a89b95c04966d364194cd4" integrity sha512-ybvx76jTh08tpaYrYn/yd0uJNLt5yMrb1BphDe4WBredMlvPisvMghfpnJb6RmRNcqXeuhR6LfGZGewbkRm9yA== @@ -3085,7 +3071,7 @@ conventional-changelog-conventionalcommits@4.4.0, conventional-changelog-convent lodash "^4.17.15" q "^1.5.1" -conventional-changelog-conventionalcommits@^4.5.0: +conventional-changelog-conventionalcommits@^4.4.0, conventional-changelog-conventionalcommits@^4.5.0: version "4.5.0" resolved "https://registry.yarnpkg.com/conventional-changelog-conventionalcommits/-/conventional-changelog-conventionalcommits-4.5.0.tgz#a02e0b06d11d342fdc0f00c91d78265ed0bc0a62" integrity sha512-buge9xDvjjOxJlyxUnar/+6i/aVEVGA7EEh4OafBCXPlLUQPGbRUBhBUveWRxzvR8TEjhKEP4BdepnpG2FSZXw== @@ -3113,28 +3099,7 @@ conventional-changelog-core@^3.1.6: read-pkg-up "^3.0.0" through2 "^3.0.0" -conventional-changelog-core@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-4.2.0.tgz#d8befd1e1f5126bf35a17668276cc8c244650469" - integrity sha512-8+xMvN6JvdDtPbGBqA7oRNyZD4od1h/SIzrWqHcKZjitbVXrFpozEeyn4iI4af1UwdrabQpiZMaV07fPUTGd4w== - dependencies: - add-stream "^1.0.0" - conventional-changelog-writer "^4.0.17" - conventional-commits-parser "^3.1.0" - dateformat "^3.0.0" - get-pkg-repo "^1.0.0" - git-raw-commits "2.0.0" - git-remote-origin-url "^2.0.0" - git-semver-tags "^4.1.0" - lodash "^4.17.15" - normalize-package-data "^2.3.5" - q "^1.5.1" - read-pkg "^3.0.0" - read-pkg-up "^3.0.0" - shelljs "^0.8.3" - through2 "^3.0.0" - -conventional-changelog-core@^4.2.1: +conventional-changelog-core@^4.2.0, conventional-changelog-core@^4.2.1: version "4.2.1" resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-4.2.1.tgz#f811ad98ab2ff080becafc61407509420c9b447d" integrity sha512-8cH8/DEoD3e5Q6aeogdR5oaaKs0+mG6+f+Om0ZYt3PNv7Zo0sQhu4bMDRsqAF+UTekTAtP1W/C41jH/fkm8Jtw== @@ -3155,71 +3120,35 @@ conventional-changelog-core@^4.2.1: shelljs "^0.8.3" through2 "^4.0.0" -conventional-changelog-ember@^2.0.8: - version "2.0.8" - resolved "https://registry.yarnpkg.com/conventional-changelog-ember/-/conventional-changelog-ember-2.0.8.tgz#f0f04eb7ff3c885af97db100865ab95dcfa9917f" - integrity sha512-JEMEcUAMg4Q9yxD341OgWlESQ4gLqMWMXIWWUqoQU8yvTJlKnrvcui3wk9JvnZQyONwM2g1MKRZuAjKxr8hAXA== - dependencies: - q "^1.5.1" - -conventional-changelog-ember@^2.0.9: +conventional-changelog-ember@^2.0.8, conventional-changelog-ember@^2.0.9: version "2.0.9" resolved "https://registry.yarnpkg.com/conventional-changelog-ember/-/conventional-changelog-ember-2.0.9.tgz#619b37ec708be9e74a220f4dcf79212ae1c92962" integrity sha512-ulzIReoZEvZCBDhcNYfDIsLTHzYHc7awh+eI44ZtV5cx6LVxLlVtEmcO+2/kGIHGtw+qVabJYjdI5cJOQgXh1A== dependencies: q "^1.5.1" -conventional-changelog-eslint@^3.0.8: - version "3.0.8" - resolved "https://registry.yarnpkg.com/conventional-changelog-eslint/-/conventional-changelog-eslint-3.0.8.tgz#f8b952b7ed7253ea0ac0b30720bb381f4921b46c" - integrity sha512-5rTRltgWG7TpU1PqgKHMA/2ivjhrB+E+S7OCTvj0zM/QGg4vmnVH67Vq/EzvSNYtejhWC+OwzvDrLk3tqPry8A== - dependencies: - q "^1.5.1" - -conventional-changelog-eslint@^3.0.9: +conventional-changelog-eslint@^3.0.8, conventional-changelog-eslint@^3.0.9: version "3.0.9" resolved "https://registry.yarnpkg.com/conventional-changelog-eslint/-/conventional-changelog-eslint-3.0.9.tgz#689bd0a470e02f7baafe21a495880deea18b7cdb" integrity sha512-6NpUCMgU8qmWmyAMSZO5NrRd7rTgErjrm4VASam2u5jrZS0n38V7Y9CzTtLT2qwz5xEChDR4BduoWIr8TfwvXA== dependencies: q "^1.5.1" -conventional-changelog-express@^2.0.5: - version "2.0.5" - resolved "https://registry.yarnpkg.com/conventional-changelog-express/-/conventional-changelog-express-2.0.5.tgz#6e93705acdad374516ca125990012a48e710f8de" - integrity sha512-pW2hsjKG+xNx/Qjof8wYlAX/P61hT5gQ/2rZ2NsTpG+PgV7Rc8RCfITvC/zN9K8fj0QmV6dWmUefCteD9baEAw== - dependencies: - q "^1.5.1" - -conventional-changelog-express@^2.0.6: +conventional-changelog-express@^2.0.5, conventional-changelog-express@^2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/conventional-changelog-express/-/conventional-changelog-express-2.0.6.tgz#420c9d92a347b72a91544750bffa9387665a6ee8" integrity sha512-SDez2f3iVJw6V563O3pRtNwXtQaSmEfTCaTBPCqn0oG0mfkq0rX4hHBq5P7De2MncoRixrALj3u3oQsNK+Q0pQ== dependencies: q "^1.5.1" -conventional-changelog-jquery@^3.0.10: - version "3.0.10" - resolved "https://registry.yarnpkg.com/conventional-changelog-jquery/-/conventional-changelog-jquery-3.0.10.tgz#fe8eb6aff322aa980af5eb68497622a5f6257ce7" - integrity sha512-QCW6wF8QgPkq2ruPaxc83jZxoWQxLkt/pNxIDn/oYjMiVgrtqNdd7lWe3vsl0hw5ENHNf/ejXuzDHk6suKsRpg== - dependencies: - q "^1.5.1" - -conventional-changelog-jquery@^3.0.11: +conventional-changelog-jquery@^3.0.10, conventional-changelog-jquery@^3.0.11: version "3.0.11" resolved "https://registry.yarnpkg.com/conventional-changelog-jquery/-/conventional-changelog-jquery-3.0.11.tgz#d142207400f51c9e5bb588596598e24bba8994bf" integrity sha512-x8AWz5/Td55F7+o/9LQ6cQIPwrCjfJQ5Zmfqi8thwUEKHstEn4kTIofXub7plf1xvFA2TqhZlq7fy5OmV6BOMw== dependencies: q "^1.5.1" -conventional-changelog-jshint@^2.0.8: - version "2.0.8" - resolved "https://registry.yarnpkg.com/conventional-changelog-jshint/-/conventional-changelog-jshint-2.0.8.tgz#3fff4df8cb46037f77b9dc3f8e354c7f99332f13" - integrity sha512-hB/iI0IiZwnZ+seYI+qEQ4b+EMQSEC8jGIvhO2Vpz1E5p8FgLz75OX8oB1xJWl+s4xBMB6f8zJr0tC/BL7YOjw== - dependencies: - compare-func "^2.0.0" - q "^1.5.1" - -conventional-changelog-jshint@^2.0.9: +conventional-changelog-jshint@^2.0.8, conventional-changelog-jshint@^2.0.9: version "2.0.9" resolved "https://registry.yarnpkg.com/conventional-changelog-jshint/-/conventional-changelog-jshint-2.0.9.tgz#f2d7f23e6acd4927a238555d92c09b50fe3852ff" integrity sha512-wMLdaIzq6TNnMHMy31hql02OEQ8nCQfExw1SE0hYL5KvU+JCTuPaDO+7JiogGT2gJAxiUGATdtYYfh+nT+6riA== @@ -3232,23 +3161,7 @@ conventional-changelog-preset-loader@^2.1.1, conventional-changelog-preset-loade resolved "https://registry.yarnpkg.com/conventional-changelog-preset-loader/-/conventional-changelog-preset-loader-2.3.4.tgz#14a855abbffd59027fd602581f1f34d9862ea44c" integrity sha512-GEKRWkrSAZeTq5+YjUZOYxdHq+ci4dNwHvpaBC3+ENalzFWuCWa9EZXSuZBpkr72sMdKB+1fyDV4takK1Lf58g== -conventional-changelog-writer@^4.0.17, conventional-changelog-writer@^4.0.6: - version "4.0.17" - resolved "https://registry.yarnpkg.com/conventional-changelog-writer/-/conventional-changelog-writer-4.0.17.tgz#4753aaa138bf5aa59c0b274cb5937efcd2722e21" - integrity sha512-IKQuK3bib/n032KWaSb8YlBFds+aLmzENtnKtxJy3+HqDq5kohu3g/UdNbIHeJWygfnEbZjnCKFxAW0y7ArZAw== - dependencies: - compare-func "^2.0.0" - conventional-commits-filter "^2.0.6" - dateformat "^3.0.0" - handlebars "^4.7.6" - json-stringify-safe "^5.0.1" - lodash "^4.17.15" - meow "^7.0.0" - semver "^6.0.0" - split "^1.0.0" - through2 "^3.0.0" - -conventional-changelog-writer@^4.0.18: +conventional-changelog-writer@^4.0.18, conventional-changelog-writer@^4.0.6: version "4.0.18" resolved "https://registry.yarnpkg.com/conventional-changelog-writer/-/conventional-changelog-writer-4.0.18.tgz#10b73baa59c7befc69b360562f8b9cd19e63daf8" integrity sha512-mAQDCKyB9HsE8Ko5cCM1Jn1AWxXPYV0v8dFPabZRkvsiWUul2YyAqbIaoMKF88Zf2ffnOPSvKhboLf3fnjo5/A== @@ -3298,15 +3211,7 @@ conventional-changelog@^3.1.24: conventional-changelog-jshint "^2.0.9" conventional-changelog-preset-loader "^2.3.4" -conventional-commits-filter@^2.0.2, conventional-commits-filter@^2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/conventional-commits-filter/-/conventional-commits-filter-2.0.6.tgz#0935e1240c5ca7698329affee1b6a46d33324c4c" - integrity sha512-4g+sw8+KA50/Qwzfr0hL5k5NWxqtrOVw4DDk3/h6L85a9Gz0/Eqp3oP+CWCNfesBvZZZEFHF7OTEbRe+yYSyKw== - dependencies: - lodash.ismatch "^4.4.0" - modify-values "^1.0.0" - -conventional-commits-filter@^2.0.7: +conventional-commits-filter@^2.0.2, conventional-commits-filter@^2.0.6, conventional-commits-filter@^2.0.7: version "2.0.7" resolved "https://registry.yarnpkg.com/conventional-commits-filter/-/conventional-commits-filter-2.0.7.tgz#f8d9b4f182fce00c9af7139da49365b136c8a0b3" integrity sha512-ASS9SamOP4TbCClsRHxIHXRfcGCnIoQqkvAzCSbZzTFLfcTqJVugB0agRgsEELsqaeWgsXv513eS116wnlSSPA== @@ -3314,20 +3219,7 @@ conventional-commits-filter@^2.0.7: lodash.ismatch "^4.4.0" modify-values "^1.0.0" -conventional-commits-parser@^3.0.3, conventional-commits-parser@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/conventional-commits-parser/-/conventional-commits-parser-3.1.0.tgz#10140673d5e7ef5572633791456c5d03b69e8be4" - integrity sha512-RSo5S0WIwXZiRxUGTPuYFbqvrR4vpJ1BDdTlthFgvHt5kEdnd1+pdvwWphWn57/oIl4V72NMmOocFqqJ8mFFhA== - dependencies: - JSONStream "^1.0.4" - is-text-path "^1.0.1" - lodash "^4.17.15" - meow "^7.0.0" - split2 "^2.0.0" - through2 "^3.0.0" - trim-off-newlines "^1.0.0" - -conventional-commits-parser@^3.2.0: +conventional-commits-parser@^3.0.3, conventional-commits-parser@^3.1.0, conventional-commits-parser@^3.2.0: version "3.2.0" resolved "https://registry.yarnpkg.com/conventional-commits-parser/-/conventional-commits-parser-3.2.0.tgz#9e261b139ca4b7b29bcebbc54460da36894004ca" integrity sha512-XmJiXPxsF0JhAKyfA2Nn+rZwYKJ60nanlbSWwwkGwLQFbugsc0gv1rzc7VbbUWAzJfR1qR87/pNgv9NgmxtBMQ== @@ -3445,6 +3337,11 @@ crc32-stream@^4.0.1: crc-32 "^1.2.0" readable-stream "^3.4.0" +create-require@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/create-require/-/create-require-1.1.1.tgz#c1d7e8f1e5f6cfc9ff65f9cd352d37348756c333" + integrity sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ== + cross-spawn@^4: version "4.0.2" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-4.0.2.tgz#7b9247621c23adfdd3856004a823cbe397424d41" @@ -3636,6 +3533,11 @@ deep-equal@^2.0.4: which-collection "^1.0.1" which-typed-array "^1.1.2" +deep-extend@^0.6.0, deep-extend@~0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac" + integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA== + deep-is@^0.1.3, deep-is@~0.1.3: version "0.1.3" resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" @@ -3758,11 +3660,6 @@ dezalgo@^1.0.0: asap "^2.0.0" wrappy "1" -diff-sequences@^26.5.0: - version "26.5.0" - resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-26.5.0.tgz#ef766cf09d43ed40406611f11c6d8d9dd8b2fefd" - integrity sha512-ZXx86srb/iYy6jG71k++wBN9P9J05UNQ5hQHQd9MtMPvcqXPx/vKU69jfHV637D00Q2gSgPk2D+jSx3l1lDW/Q== - diff-sequences@^26.6.2: version "26.6.2" resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-26.6.2.tgz#48ba99157de1923412eed41db6b6d4aa9ca7c0b1" @@ -3884,9 +3781,9 @@ ejs@^2.5.2: integrity sha512-7vmuyh5+kuUyJKePhQfRQBhXV5Ce+RnaeeQArKu1EAMpL3WbgMt5WG6uQZpEVvYSSsxMXRKOewtDk9RaTKXRlA== emittery@^0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/emittery/-/emittery-0.7.1.tgz#c02375a927a40948c0345cc903072597f5270451" - integrity sha512-d34LN4L6h18Bzz9xpoku2nPwKxCPlPMr3EEKTkoEBi+1/+b0lcRkRJ1UVyyZaKNeqGR3swcGl6s390DNO4YVgQ== + version "0.7.2" + resolved "https://registry.yarnpkg.com/emittery/-/emittery-0.7.2.tgz#25595908e13af0f5674ab419396e2fb394cdfa82" + integrity sha512-A8OG5SR/ij3SsJdWDJdkkSYUjQdCUx6APQXem0SaEePBSRg4eymGYwBkKo1Y6DU+af/Jn2dBQqDBvjnr9Vi8nQ== emoji-regex@^7.0.1: version "7.0.3" @@ -3919,7 +3816,7 @@ enquirer@^2.3.5: dependencies: ansi-colors "^4.1.1" -entities@~2.0: +entities@~2.0, entities@~2.0.0: version "2.0.3" resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.3.tgz#5c487e5742ab93c15abb5da22759b8590ec03b7f" integrity sha512-MyoZ0jgnLvB2X3Lg5HqpFmn1kybDiIfEQmKzTb5apr51Rb+T3KdmMiqa70T+bhGnyv7bQ6WMj2QMHpGMmlrUYQ== @@ -3982,11 +3879,12 @@ es-abstract@^1.18.0-next.0, es-abstract@^1.18.0-next.1: string.prototype.trimstart "^1.0.1" es-get-iterator@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/es-get-iterator/-/es-get-iterator-1.1.0.tgz#bb98ad9d6d63b31aacdc8f89d5d0ee57bcb5b4c8" - integrity sha512-UfrmHuWQlNMTs35e1ypnvikg6jCz3SK8v8ImvmDsh36fCVUR1MqoFDiyn0/k52C8NqO3YsO8Oe0azeesNuqSsQ== + version "1.1.1" + resolved "https://registry.yarnpkg.com/es-get-iterator/-/es-get-iterator-1.1.1.tgz#b93ddd867af16d5118e00881396533c1c6647ad9" + integrity sha512-qorBw8Y7B15DVLaJWy6WdEV/ZkieBcu6QCq/xzWzGOKJqgG1j754vXRfZ3NY7HSShneqU43mPB4OkQBTkvHhFw== dependencies: - es-abstract "^1.17.4" + call-bind "^1.0.0" + get-intrinsic "^1.0.1" has-symbols "^1.0.1" is-arguments "^1.0.4" is-map "^2.0.1" @@ -4025,10 +3923,10 @@ es6-promisify@^5.0.0: dependencies: es6-promise "^4.0.3" -esbuild@^0.8.9: - version "0.8.9" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.9.tgz#e2b4254ee7aabb23e88c9d4abb38a16668856569" - integrity sha512-HAV4mKJqos0L8g6pL7evrw/ZPm478yFNtkuYhqJAeTrIW40XtBxhHrt4Pm2faYeRB8K6nA7dTDgmF+O0e9JCXQ== +esbuild@^0.8.20: + version "0.8.20" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.20.tgz#e56b594c3bfc1b87f9299b4a43eead3e0a10f49c" + integrity sha512-xXNLXa2SraaAoeTybOMAvOf6KW/DthI3ATXMG+W3yMav1iFpEGvo4XS22AzCPE3rTXbK/7TykxpwI8mD6lYUOg== escalade@^3.1.1: version "3.1.1" @@ -4263,9 +4161,9 @@ execa@^1.0.0: strip-eof "^1.0.0" execa@^4.0.0: - version "4.0.3" - resolved "https://registry.yarnpkg.com/execa/-/execa-4.0.3.tgz#0a34dabbad6d66100bd6f2c576c8669403f317f2" - integrity sha512-WFDXGHckXPWZX19t1kCsXzOpqX9LWYNqn4C+HqZlk/V0imTkzJZqf87ZBhvpHaftERYknpk0fjSylnXVlVgI0A== + version "4.1.0" + resolved "https://registry.yarnpkg.com/execa/-/execa-4.1.0.tgz#4e5491ad1572f2f17a77d388c6c857135b22847a" + integrity sha512-j5W0//W7f8UxAn8hXVnwG8tLwdiUy4FJLcSupCg6maBYZDpyBvTApK7KyuI4bKj8KOh1r2YH+6ucuYtJv1bTZA== dependencies: cross-spawn "^7.0.0" get-stream "^5.0.0" @@ -4429,9 +4327,9 @@ fast-levenshtein@^2.0.6, fast-levenshtein@~2.0.6: integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc= fastq@^1.6.0: - version "1.8.0" - resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.8.0.tgz#550e1f9f59bbc65fe185cb6a9b4d95357107f481" - integrity sha512-SMIZoZdLh/fgofivvIkmknUXyPnvxRE3DhtZ5Me3Mrsk5gyPL42F0xr51TdRXskBxHfMp+07bcYzfsYEsSQA9Q== + version "1.9.0" + resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.9.0.tgz#e16a72f338eaca48e91b5c23593bcc2ef66b7947" + integrity sha512-i7FVWL8HhVY+CTkwFxkN2mk3h+787ixS5S63eb78diVRc1MCssarHq3W5cj0av7YDSwmaV928RNag+U1etRQ7w== dependencies: reusify "^1.0.4" @@ -4636,9 +4534,9 @@ from2@^2.1.0: readable-stream "^2.0.0" fromentries@^1.2.0: - version "1.2.1" - resolved "https://registry.yarnpkg.com/fromentries/-/fromentries-1.2.1.tgz#64c31665630479bc993cd800d53387920dc61b4d" - integrity sha512-Xu2Qh8yqYuDhQGOhD5iJGninErSfI9A3FrriD3tjUgV5VbJFeH8vfgZ9HnC6jWN80QDVNQK5vmxRAmEAp7Mevw== + version "1.3.2" + resolved "https://registry.yarnpkg.com/fromentries/-/fromentries-1.3.2.tgz#e4bca6808816bf8f93b52750f1127f5a6fd86e3a" + integrity sha512-cHEpEQHUg0f8XdtZCc2ZAhrHzKzT0MrFUTcvx+hfxYu7rGMDc5SKoXFh+n4YigxsHXRzc6OrCshdR1bWH6HHyg== fs-access@^1.0.1: version "1.0.1" @@ -4699,9 +4597,9 @@ fs.realpath@^1.0.0: integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8= fsevents@^2.1.2: - version "2.1.3" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.1.3.tgz#fb738703ae8d2f9fe900c33836ddebee8b97f23e" - integrity sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ== + version "2.2.1" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.2.1.tgz#1fb02ded2036a8ac288d507a65962bd87b97628d" + integrity sha512-bTLYHSeC0UH/EFXS9KqWnXuOl/wHK5Z/d+ghd5AsFMYN7wIGkUCOJyzy88+wJKkZPGON8u4Z9f6U4FdgURE9qA== ftp@^0.3.10: version "0.3.10" @@ -4746,15 +4644,24 @@ genfun@^5.0.0: integrity sha512-KGDOARWVga7+rnB3z9Sd2Letx515owfk0hSxHGuqjANb1M+x2bGZGqHLiozPsYMdM2OubeMni/Hpwmjq6qIUhA== gensync@^1.0.0-beta.1: - version "1.0.0-beta.1" - resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.1.tgz#58f4361ff987e5ff6e1e7a210827aa371eaac269" - integrity sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg== + version "1.0.0-beta.2" + resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0" + integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg== get-caller-file@^2.0.1, get-caller-file@^2.0.5: version "2.0.5" resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== +get-intrinsic@^1.0.0, get-intrinsic@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.0.1.tgz#94a9768fcbdd0595a1c9273aacf4c89d075631be" + integrity sha512-ZnWP+AmS1VUaLgTRy47+zKtjTxz+0xMpx3I52i+aalBK1QP19ggLF3Db89KJX7kjfOfP2eoa01qc++GwPgufPg== + dependencies: + function-bind "^1.1.1" + has "^1.0.3" + has-symbols "^1.0.1" + get-package-type@^0.1.0: version "0.1.0" resolved "https://registry.yarnpkg.com/get-package-type/-/get-package-type-0.1.0.tgz#8de2d803cff44df3bc6c456e6668b36c3926e11a" @@ -4781,6 +4688,11 @@ get-stdin@^4.0.1: resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" integrity sha1-uWjGsKBDhDJJAui/Gl3zJXmkUP4= +get-stdin@~8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-8.0.0.tgz#cbad6a73feb75f6eeb22ba9e01f89aa28aa97a53" + integrity sha512-sY22aA6xchAzprjyqmSEQv4UbAAzRN0L2dQB0NlN5acTTK9Don6nhoc3eAbUnpZiCANAMfd/+40kVdKfFygohg== + get-stream@^4.0.0, get-stream@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5" @@ -4846,15 +4758,7 @@ git-semver-tags@^2.0.3: meow "^4.0.0" semver "^6.0.0" -git-semver-tags@^4.0.0, git-semver-tags@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/git-semver-tags/-/git-semver-tags-4.1.0.tgz#0146c9bc24ee96104c99f443071c8c2d7dc848e3" - integrity sha512-TcxAGeo03HdErzKzi4fDD+xEL7gi8r2Y5YSxH6N2XYdVSV5UkBwfrt7Gqo1b+uSHCjy/sa9Y6BBBxxFLxfbhTg== - dependencies: - meow "^7.0.0" - semver "^6.0.0" - -git-semver-tags@^4.1.1: +git-semver-tags@^4.0.0, git-semver-tags@^4.1.0, git-semver-tags@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/git-semver-tags/-/git-semver-tags-4.1.1.tgz#63191bcd809b0ec3e151ba4751c16c444e5b5780" integrity sha512-OWyMt5zBe7xFs8vglMmhM9lRQzCWL3WjHtxNNfJTMngGym7pC1kh8sP6jevfydJ6LP3ZvGxfb6ABYgPUM0mtsA== @@ -4871,9 +4775,9 @@ git-up@^4.0.0: parse-url "^5.0.0" git-url-parse@^11.1.2: - version "11.3.0" - resolved "https://registry.yarnpkg.com/git-url-parse/-/git-url-parse-11.3.0.tgz#1515b4574c4eb2efda7d25cc50b29ce8beaefaae" - integrity sha512-i3XNa8IKmqnUqWBcdWBjOcnyZYfN3C1WRvnKI6ouFWwsXCZEnlgbwbm55ZpJ3OJMhfEP/ryFhqW8bBhej3C5Ug== + version "11.4.0" + resolved "https://registry.yarnpkg.com/git-url-parse/-/git-url-parse-11.4.0.tgz#f2bb1f2b00f05552540e95a62e31399a639a6aa6" + integrity sha512-KlIa5jvMYLjXMQXkqpFzobsyD/V2K5DRHl5OAf+6oDFPlPLxrGDVQlIdI63c4/Kt6kai4kALENSALlzTGST3GQ== dependencies: git-up "^4.0.0" @@ -4914,7 +4818,7 @@ glob-to-regexp@^0.3.0: resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.3.0.tgz#8c5a1494d2066c570cc3bfe4496175acc4d502ab" integrity sha1-jFoUlNIGbFcMw7/kSWF1rMTVAqs= -glob@^7.0.0, glob@^7.0.5, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6: +glob@^7.0.0, glob@^7.0.5, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@~7.1.6: version "7.1.6" resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6" integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA== @@ -5070,9 +4974,9 @@ hasha@^3.0.0: is-stream "^1.0.1" hasha@^5.0.0: - version "5.2.1" - resolved "https://registry.yarnpkg.com/hasha/-/hasha-5.2.1.tgz#0e5b492aa40de3819e80955f221d2fccef55b5aa" - integrity sha512-x15jnRSHTi3VmH+oHtVb9kgU/HuKOK8mjK8iCL3dPQXh4YJlUb9YSI8ZLiiqLAIvY2wuDIlZYZppy8vB2XISkQ== + version "5.2.2" + resolved "https://registry.yarnpkg.com/hasha/-/hasha-5.2.2.tgz#a48477989b3b327aea3c04f53096d816d97522a1" + integrity sha512-Hrp5vIK/xr5SkeN2onO32H0MgNZ0f17HRNH39WfL0SYUNOTZ5Lz1TJ8Pajo/87dYGEFlLMm7mIc/k/s6Bvz9HQ== dependencies: is-stream "^2.0.0" type-fest "^0.8.0" @@ -5190,11 +5094,16 @@ iconv-lite@^0.6.2: dependencies: safer-buffer ">= 2.1.2 < 3.0.0" -ieee754@1.1.13, ieee754@^1.1.4: +ieee754@1.1.13: version "1.1.13" resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.13.tgz#ec168558e95aa181fd87d37f55c32bbcb6708b84" integrity sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg== +ieee754@^1.1.13, ieee754@^1.1.4: + version "1.2.1" + resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" + integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== + iferr@^0.1.5: version "0.1.5" resolved "https://registry.yarnpkg.com/iferr/-/iferr-0.1.5.tgz#c60eed69e6d8fdb6b3104a1fcbca1c192dc5b501" @@ -5212,7 +5121,7 @@ ignore@^4.0.3, ignore@^4.0.6: resolved "https://registry.yarnpkg.com/ignore/-/ignore-4.0.6.tgz#750e3db5862087b4737ebac8207ffd1ef27b25fc" integrity sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg== -ignore@^5.1.4, ignore@^5.1.8: +ignore@^5.1.4, ignore@^5.1.8, ignore@~5.1.8: version "5.1.8" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.1.8.tgz#f150a8b50a34289b33e22f5889abd4d8016f0e57" integrity sha512-BMpfD7PpiETpBl/A6S498BaIJ6Y/ABT93ETbby2fP00v4EbvPBXWEoaR1UBPKs3iR53pJY7EtZk5KACI57i1Uw== @@ -5231,9 +5140,9 @@ import-fresh@^2.0.0: resolve-from "^3.0.0" import-fresh@^3.0.0, import-fresh@^3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-3.2.1.tgz#633ff618506e793af5ac91bf48b72677e15cbe66" - integrity sha512-6e1q1cnWP2RXD9/keSkxHScg508CdXqXWgWBaETNhyuBFz+kUZlKboh+ISK+bU++DmbHimVBrOz/zzPe0sZ3sQ== + version "3.2.2" + resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-3.2.2.tgz#fc129c160c5d68235507f4331a6baad186bdbc3e" + integrity sha512-cTPNrlvJT6twpYy+YmKUKrTSjWFs3bjYjAhCwm+z4EOCubZxAuO+hHpRN64TqjEaYSHs7tJAE0w1CKMGmsG/lw== dependencies: parent-module "^1.0.0" resolve-from "^4.0.0" @@ -5294,7 +5203,7 @@ inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, i resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== -ini@^1.3.2, ini@^1.3.4: +ini@^1.3.2, ini@^1.3.4, ini@~1.3.0: version "1.3.5" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== @@ -5399,9 +5308,9 @@ is-ci@^2.0.0: ci-info "^2.0.0" is-core-module@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.0.0.tgz#58531b70aed1db7c0e8d4eb1a0a2d1ddd64bd12d" - integrity sha512-jq1AH6C8MuteOoBPwkxHafmByhL9j5q4OaPGdbuD+ZtQJVzH+i6E3BJDQcBA09k57i2Hh2yQbEG8yObZ0jdlWw== + version "2.2.0" + resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.2.0.tgz#97037ef3d52224d85163f5597b2b63d9afed981a" + integrity sha512-XRAfAdyyY5F5cOXn7hYQDqh2Xmii+DEfIcQGxK/uNwMHhIkPWO0g8msXcbzLe+MpGoR951MlqM/2iIlU4vKDdQ== dependencies: has "^1.0.3" @@ -5866,17 +5775,7 @@ jest-config@^26.6.3: micromatch "^4.0.2" pretty-format "^26.6.2" -jest-diff@^26.0.0: - version "26.6.0" - resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-26.6.0.tgz#5e5bbbaf93ec5017fae2b3ef12fc895e29988379" - integrity sha512-IH09rKsdWY8YEY7ii2BHlSq59oXyF2pK3GoK+hOK9eD/x6009eNB5Jv1shLMKgxekodPzLlV7eZP1jPFQYds8w== - dependencies: - chalk "^4.0.0" - diff-sequences "^26.5.0" - jest-get-type "^26.3.0" - pretty-format "^26.6.0" - -jest-diff@^26.6.2: +jest-diff@^26.0.0, jest-diff@^26.6.2: version "26.6.2" resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-26.6.2.tgz#1aa7468b52c3a68d7d5c5fdcdfcd5e49bd164394" integrity sha512-6m+9Z3Gv9wN0WFVasqjCL/06+EFCMTqDEUl/b87HYK2rAPTyfz4ZIuSlPhY51PIQRWx5TaxeF1qmXKe9gfN3sA== @@ -6222,7 +6121,7 @@ js-tokens@^4.0.0: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== -js-yaml@^3.13.1, js-yaml@^3.2.7: +js-yaml@^3.13.1, js-yaml@^3.2.7, js-yaml@~3.14.0: version "3.14.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.0.tgz#a7a34170f26a21bb162424d8adacb4113a69e482" integrity sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A== @@ -6272,65 +6171,65 @@ jsesc@^2.5.1: resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.14.1.tgz#6ee1b6de68675a8cf8ad45b98474cbc7148c1aca" - integrity sha512-4lUf7++fply4tEW+HmhExjOCTz2zCihOdcn+bYvssG+2ztuFh+uyhUtcBaxXM49Mz8+RP3ymu3ArLr9BVmSfrg== +jsii-diff@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.15.0.tgz#77e03f5c5557ba20d9bc2cc354a7f03bb93f21f0" + integrity sha512-T47ogWBdztPrOhy53ngm9ZBF0gYz89BcNnM8WJAET6GcpO5qyoAwpQpf4WuA9oDdX8Q9yV1xOHPtBDD+7PmeFQ== dependencies: - "@jsii/spec" "^1.14.1" + "@jsii/spec" "^1.15.0" fs-extra "^9.0.1" - jsii-reflect "^1.14.1" + jsii-reflect "^1.15.0" log4js "^6.3.0" typescript "~3.9.7" - yargs "^16.1.0" + yargs "^16.1.1" -jsii-pacmak@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.14.1.tgz#1296cb926df803fef407b2cbbe2e2658a524c371" - integrity sha512-BRASls0wizqS4mxOmC2eoC7DgDb3tyS1UtFQeok0kfhhyi+GDs/9JPJ+VKlhU1kGLmsQswYxkPrZhV9VcXoiIw== +jsii-pacmak@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.15.0.tgz#48060233cfe693a24554c0e28a851aa1f690c734" + integrity sha512-/VxBDjC7Mi3zhuopm1oL0mXNBuC32YhuQJnHyHkFEnFduso7gnc6/3OCQbm3l5pOxHfg7oTBXIKxwDkh7EkK0w== dependencies: - "@jsii/spec" "^1.14.1" + "@jsii/spec" "^1.15.0" clone "^2.1.2" - codemaker "^1.14.1" + codemaker "^1.15.0" commonmark "^0.29.2" escape-string-regexp "^4.0.0" fs-extra "^9.0.1" - jsii-reflect "^1.14.1" - jsii-rosetta "^1.14.1" + jsii-reflect "^1.15.0" + jsii-rosetta "^1.15.0" semver "^7.3.2" spdx-license-list "^6.3.0" xmlbuilder "^15.1.1" - yargs "^16.1.0" + yargs "^16.1.1" -jsii-reflect@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.14.1.tgz#e0073b4fbfcc977f7546675c427d7ca0eae8d699" - integrity sha512-otKxvnNn2kAMMygBiw8fGnmJFhQ0EcPTJZH4y/Yn1rZg/nGLAk/G8lCQYfh3xm2/GwSpjh/w6ZEPsq/RUuPR1A== +jsii-reflect@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.15.0.tgz#a65297a581b2b7bfbaa213d0bca7f76c693f718e" + integrity sha512-8mKV5OVt/FwRdLNmr7By5T0HyhjjLlHsE5oiOta6NdkdMB7magjzZ1bucenJ2DdvPidX2dP6IDujfOKoXVNsjA== dependencies: - "@jsii/spec" "^1.14.1" + "@jsii/spec" "^1.15.0" colors "^1.4.0" fs-extra "^9.0.1" - oo-ascii-tree "^1.14.1" - yargs "^16.1.0" + oo-ascii-tree "^1.15.0" + yargs "^16.1.1" -jsii-rosetta@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.14.1.tgz#797c433d9b353d360de4c9c71d0913b9b33fcb1c" - integrity sha512-HfM1IO7eIQ8qyDxTRRdV3TraBhnCivq3N3qMdJuPEJ3O2lprx0TS6pvIXzv9DgDWJwLVDaxI1ecTZhSl9poGeQ== +jsii-rosetta@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.15.0.tgz#a092591662e4c2f39144562eafe30cbc0d935e13" + integrity sha512-0yXdm6X0IAsjzKDq0QO0n7EPVQ3vTW3qwgFH+ZNirqFLP5xqnpxXS1BtrQNP9zxC7gfacgsDS48MroagKQWDHg== dependencies: - "@jsii/spec" "^1.14.1" + "@jsii/spec" "^1.15.0" commonmark "^0.29.2" fs-extra "^9.0.1" typescript "~3.9.7" xmldom "^0.4.0" - yargs "^16.1.0" + yargs "^16.1.1" -jsii@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.14.1.tgz#4b478b5f682ae140fbfdd49c171b0cff7f7e01bd" - integrity sha512-uDVBl8bvSnraJpKYyY22dOoERpQv/sEAHEj3L5b00qkBi6FsFr2KWfQOdUg9fMWdYrmMVuXWOWXJ186Fn7XF+A== +jsii@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.15.0.tgz#3f3160ee2c5fe62473855c1ac8d2aa9e3bf72ad1" + integrity sha512-kYiO1WkeqN7or4rz5ccYooO576+wiqiRGzv+UCI6hShKd42ff3xYZ1oTUSnBQdh9lp9i/nlNtx7KGUEqjC16Aw== dependencies: - "@jsii/spec" "^1.14.1" + "@jsii/spec" "^1.15.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.4" @@ -6341,7 +6240,7 @@ jsii@^1.14.1: sort-json "^2.0.0" spdx-license-list "^6.3.0" typescript "~3.9.7" - yargs "^16.1.0" + yargs "^16.1.1" json-diff@^0.5.4: version "0.5.4" @@ -6403,6 +6302,11 @@ json5@^1.0.1: dependencies: minimist "^1.2.0" +jsonc-parser@~2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/jsonc-parser/-/jsonc-parser-2.3.1.tgz#59549150b133f2efacca48fe9ce1ec0659af2342" + integrity sha512-H8jvkz1O50L3dMZCsLqiuB2tA7muqbSg1AtGEkN0leAqGjsUzDJir3Zwr02BhqdcITPg3ei3mZ+HjMocAknhhg== + jsonfile@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-4.0.0.tgz#8771aae0799b64076b76640fca058f9c10e33ecb" @@ -6411,11 +6315,11 @@ jsonfile@^4.0.0: graceful-fs "^4.1.6" jsonfile@^6.0.1: - version "6.0.1" - resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.0.1.tgz#98966cba214378c8c84b82e085907b40bf614179" - integrity sha512-jR2b5v7d2vIOust+w3wtFKZIfpC2pnRmFAhAC/BuweZFQR8qZzxH1OyrQ10HmdVYiXWkYUqPVsz91cG7EL2FBg== + version "6.1.0" + resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae" + integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ== dependencies: - universalify "^1.0.0" + universalify "^2.0.0" optionalDependencies: graceful-fs "^4.1.6" @@ -6557,6 +6461,13 @@ lines-and-columns@^1.1.6: resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.1.6.tgz#1c00c743b433cd0a4e80758f7b64a57440d9ff00" integrity sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA= +linkify-it@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/linkify-it/-/linkify-it-3.0.2.tgz#f55eeb8bc1d3ae754049e124ab3bb56d97797fb8" + integrity sha512-gDBO4aHNZS6coiZCKVhSNh43F9ioIL4JwRjLZPkoLIY4yZFwg264Y5lu2x6rb1Js42Gh6Yqm2f6L2AJcnkzinQ== + dependencies: + uc.micro "^1.0.1" + load-json-file@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" @@ -6642,7 +6553,12 @@ lodash.difference@^4.5.0: resolved "https://registry.yarnpkg.com/lodash.difference/-/lodash.difference-4.5.0.tgz#9ccb4e505d486b91651345772885a2df27fd017c" integrity sha1-nMtOUF1Ia5FlE0V3KIWi3yf9AXw= -lodash.flatten@^4.4.0: +lodash.differencewith@~4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.differencewith/-/lodash.differencewith-4.5.0.tgz#bafafbc918b55154e179176a00bb0aefaac854b7" + integrity sha1-uvr7yRi1UVTheRdqALsK76rIVLc= + +lodash.flatten@^4.4.0, lodash.flatten@~4.4.0: version "4.4.0" resolved "https://registry.yarnpkg.com/lodash.flatten/-/lodash.flatten-4.4.0.tgz#f31c22225a9632d2bbf8e4addbef240aa765a61f" integrity sha1-8xwiIlqWMtK7+OSt2+8kCqdlph8= @@ -6849,6 +6765,49 @@ map-visit@^1.0.0: dependencies: object-visit "^1.0.0" +markdown-it@11.0.0: + version "11.0.0" + resolved "https://registry.yarnpkg.com/markdown-it/-/markdown-it-11.0.0.tgz#dbfc30363e43d756ebc52c38586b91b90046b876" + integrity sha512-+CvOnmbSubmQFSA9dKz1BRiaSMV7rhexl3sngKqFyXSagoA3fBdJQ8oZWtRy2knXdpDXaBw44euz37DeJQ9asg== + dependencies: + argparse "^1.0.7" + entities "~2.0.0" + linkify-it "^3.0.1" + mdurl "^1.0.1" + uc.micro "^1.0.5" + +markdownlint-cli@^0.25.0: + version "0.25.0" + resolved "https://registry.yarnpkg.com/markdownlint-cli/-/markdownlint-cli-0.25.0.tgz#806b2c234259fa621af27673644506d447bdb6a1" + integrity sha512-pmiXJgPQtAx6YOMXPCCO3AudMWv8Gnhfrprn0raqevofOhO95nJZ6bTEXkUVbzEwvYhvGxE0Yl888aZwuRGMGw== + dependencies: + commander "~6.2.0" + deep-extend "~0.6.0" + get-stdin "~8.0.0" + glob "~7.1.6" + ignore "~5.1.8" + js-yaml "~3.14.0" + jsonc-parser "~2.3.1" + lodash.differencewith "~4.5.0" + lodash.flatten "~4.4.0" + markdownlint "~0.21.1" + markdownlint-rule-helpers "~0.12.0" + minimatch "~3.0.4" + minimist "~1.2.5" + rc "~1.2.8" + +markdownlint-rule-helpers@~0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/markdownlint-rule-helpers/-/markdownlint-rule-helpers-0.12.0.tgz#c41d9b990c50911572e8eb2fba3e6975a5514b7e" + integrity sha512-Q7qfAk+AJvx82ZY52OByC4yjoQYryOZt6D8TKrZJIwCfhZvcj8vCQNuwDqILushtDBTvGFmUPq+uhOb1KIMi6A== + +markdownlint@~0.21.1: + version "0.21.1" + resolved "https://registry.yarnpkg.com/markdownlint/-/markdownlint-0.21.1.tgz#9442afcf12bf65ce9d613212028cf85741677421" + integrity sha512-8kc88w5dyEzlmOWIElp8J17qBgzouOQfJ0LhCcpBFrwgyYK6JTKvILsk4FCEkiNqHkTxwxopT2RS2DYb/10qqg== + dependencies: + markdown-it "11.0.0" + md5@^2.3.0: version "2.3.0" resolved "https://registry.yarnpkg.com/md5/-/md5-2.3.0.tgz#c3da9a6aae3a30b46b7b0c349b87b110dc3bda4f" @@ -6858,7 +6817,7 @@ md5@^2.3.0: crypt "0.0.2" is-buffer "~1.1.6" -mdurl@~1.0.1: +mdurl@^1.0.1, mdurl@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/mdurl/-/mdurl-1.0.1.tgz#fe85b2ec75a59037f2adfec100fd6c601761152e" integrity sha1-/oWy7HWlkDfyrf7BAP1sYBdhFS4= @@ -7004,7 +6963,7 @@ min-indent@^1.0.0: resolved "https://registry.yarnpkg.com/min-indent/-/min-indent-1.0.1.tgz#a63f681673b30571fbe8bc25686ae746eefa9869" integrity sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg== -minimatch@>=3.0, minimatch@^3.0.4: +minimatch@>=3.0, minimatch@^3.0.4, minimatch@~3.0.4: version "3.0.4" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== @@ -7028,7 +6987,7 @@ minimist-options@^3.0.1: arrify "^1.0.1" is-plain-obj "^1.1.0" -minimist@>=1.2.2, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5: +minimist@>=1.2.2, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5, minimist@~1.2.5: version "1.2.5" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== @@ -7547,12 +7506,12 @@ object-visit@^1.0.0: isobject "^3.0.0" object.assign@^4.1.1: - version "4.1.1" - resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.1.tgz#303867a666cdd41936ecdedfb1f8f3e32a478cdd" - integrity sha512-VT/cxmx5yaoHSOTSyrCygIDFco+RsibY2NM0a4RdEeY/4KgqezwFtK1yr3U67xYhqJSlASm2pKhLVzPj2lr4bA== + version "4.1.2" + resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.2.tgz#0ed54a342eceb37b38ff76eb831a0e788cb63940" + integrity sha512-ixT2L5THXsApyiUPYKmW+2EHpXXe5Ii3M+f4e+aJFAHao5amFRW6J0OO6c/LU8Be47utCx2GL89hxGB6XSmKuQ== dependencies: + call-bind "^1.0.0" define-properties "^1.1.3" - es-abstract "^1.18.0-next.0" has-symbols "^1.0.1" object-keys "^1.1.1" @@ -7607,10 +7566,10 @@ onetime@^5.1.0: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.14.1.tgz#cf3da9d7c9c944d3258b274e06aa0192aca20d6e" - integrity sha512-dW0RFnYqUj8WQpvuYXVvjfA3ABoNQnScgSxnKa9lPPCvfcO4CBPshifk9M6hU3ksttcNGbQkFq6k2di2E23SVA== +oo-ascii-tree@^1.15.0: + version "1.15.0" + resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.15.0.tgz#51227b6a0a8a1c933afe312556c696058fcc32a3" + integrity sha512-FR8ygFwcH9DBkQIcp/lAe49EFcTNMGjU3jgAsRaZ8ktNVxDM9EszlLNEO1K10QTHZwT3iZxq+E+KwT811B4ayw== opener@^1.5.1: version "1.5.2" @@ -8057,17 +8016,7 @@ prelude-ls@~1.1.2: resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" integrity sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ= -pretty-format@^26.0.0, pretty-format@^26.6.0: - version "26.6.0" - resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-26.6.0.tgz#1e1030e3c70e3ac1c568a5fd15627671ea159391" - integrity sha512-Uumr9URVB7bm6SbaByXtx+zGlS+0loDkFMHP0kHahMjmfCtmFY03iqd++5v3Ld6iB5TocVXlBN/T+DXMn9d4BA== - dependencies: - "@jest/types" "^26.6.0" - ansi-regex "^5.0.0" - ansi-styles "^4.0.0" - react-is "^16.12.0" - -pretty-format@^26.6.2: +pretty-format@^26.0.0, pretty-format@^26.6.2: version "26.6.2" resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-26.6.2.tgz#e35c2705f14cb7fe2fe94fa078345b444120fc93" integrity sha512-7AeGuCYNGmycyQbCqd/3PWH4eOoX/OiCa0uphp57NVTeAGdJGaAliecxwBDHYQCIvrW7aDBZCYeNTP/WX69mkg== @@ -8120,12 +8069,12 @@ promptly@^3.2.0: read "^1.0.4" prompts@^2.0.1: - version "2.3.2" - resolved "https://registry.yarnpkg.com/prompts/-/prompts-2.3.2.tgz#480572d89ecf39566d2bd3fe2c9fccb7c4c0b068" - integrity sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA== + version "2.4.0" + resolved "https://registry.yarnpkg.com/prompts/-/prompts-2.4.0.tgz#4aa5de0723a231d1ee9121c40fdf663df73f61d7" + integrity sha512-awZAKrk3vN6CroQukBL+R9051a4R3zCZBlJm/HBfrSZ8iTpYix3VX1vU4mveiLpiwmOJT4wokTF9m6HUk4KqWQ== dependencies: kleur "^3.0.3" - sisteransi "^1.0.4" + sisteransi "^1.0.5" promzard@^0.3.0: version "0.3.0" @@ -8269,10 +8218,15 @@ raw-body@^2.2.0: iconv-lite "0.4.24" unpipe "1.0.0" -react-is@^16.12.0: - version "16.13.1" - resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4" - integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ== +rc@~1.2.8: + version "1.2.8" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" + integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw== + dependencies: + deep-extend "^0.6.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~2.0.1" react-is@^17.0.1: version "17.0.1" @@ -8423,9 +8377,9 @@ readable-stream@1.1.x: util-deprecate "^1.0.1" readdir-glob@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/readdir-glob/-/readdir-glob-1.1.0.tgz#a3def6f7b61343e8a1274dbb872b9a2ad055d086" - integrity sha512-KgT0oXPIDQRRRYFf+06AUaodICTep2Q5635BORLzTEzp7rEqcR14a47j3Vzm3ix7FeI1lp8mYyG7r8lTB06Pyg== + version "1.1.1" + resolved "https://registry.yarnpkg.com/readdir-glob/-/readdir-glob-1.1.1.tgz#f0e10bb7bf7bfa7e0add8baffdc54c3f7dbee6c4" + integrity sha512-91/k1EzZwDx6HbERR+zucygRFfiPl2zkIYZtv3Jjr6Mn7SkKcVct8aVO+sSRiGMc6fLf72du3d92/uY63YPdEA== dependencies: minimatch "^3.0.4" @@ -8681,9 +8635,9 @@ run-async@^2.2.0: integrity sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ== run-parallel@^1.1.9: - version "1.1.9" - resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.1.9.tgz#c9dd3a7cf9f4b2c4b6244e173a6ed866e61dd679" - integrity sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q== + version "1.1.10" + resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.1.10.tgz#60a51b2ae836636c81377df16cb107351bcd13ef" + integrity sha512-zb/1OuZ6flOlH6tQyMPUrE3x3Ulxjlo9WIVXR4yVYi4H9UXQaeIsPbLn2R3O3vQCnDKkAl2qHiuocKKX4Tz/Sw== run-queue@^1.0.0, run-queue@^1.0.3: version "1.0.3" @@ -8858,20 +8812,7 @@ signal-exit@^3.0.0, signal-exit@^3.0.2: resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c" integrity sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA== -sinon@^9.0.1: - version "9.2.0" - resolved "https://registry.yarnpkg.com/sinon/-/sinon-9.2.0.tgz#1d333967e30023609f7347351ebc0dc964c0f3c9" - integrity sha512-eSNXz1XMcGEMHw08NJXSyTHIu6qTCOiN8x9ODACmZpNQpr0aXTBXBnI4xTzQzR+TEpOmLiKowGf9flCuKIzsbw== - dependencies: - "@sinonjs/commons" "^1.8.1" - "@sinonjs/fake-timers" "^6.0.1" - "@sinonjs/formatio" "^5.0.1" - "@sinonjs/samsam" "^5.2.0" - diff "^4.0.2" - nise "^4.0.4" - supports-color "^7.1.0" - -sinon@^9.2.1: +sinon@^9.0.1, sinon@^9.2.1: version "9.2.1" resolved "https://registry.yarnpkg.com/sinon/-/sinon-9.2.1.tgz#64cc88beac718557055bd8caa526b34a2231be6d" integrity sha512-naPfsamB5KEE1aiioaoqJ6MEhdUs/2vtI5w1hPAXX/UwvoPjXcwh1m5HiKx0HGgKR8lQSoFIgY5jM6KK8VrS9w== @@ -8884,7 +8825,7 @@ sinon@^9.2.1: nise "^4.0.4" supports-color "^7.1.0" -sisteransi@^1.0.4: +sisteransi@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.5.tgz#134d681297756437cc05ca01370d3a7a571075ed" integrity sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg== @@ -8975,9 +8916,9 @@ socks-proxy-agent@^4.0.0: socks "~2.3.2" socks@^2.3.3: - version "2.4.4" - resolved "https://registry.yarnpkg.com/socks/-/socks-2.4.4.tgz#f1a3382e7814ae28c97bb82a38bc1ac24b21cca2" - integrity sha512-7LmHN4IHj1Vpd/k8D872VGCHJ6yIVyeFkfIBExRmGPYQ/kdUkpdg9eKh9oOzYYYKQhuxavayJHTnmBG+EzluUA== + version "2.5.0" + resolved "https://registry.yarnpkg.com/socks/-/socks-2.5.0.tgz#3a7c286db114f67864a4bd8b4207a91d1db3d6db" + integrity sha512-00OqQHp5SCbwm9ecOMJj9aQtMSjwi1uVuGQoxnpKCS50VKZcOZ8z11CTKypmR8sEy7nZimy/qXY7rYJYbRlXmA== dependencies: ip "^1.1.5" smart-buffer "^4.1.0" @@ -9149,14 +9090,16 @@ ssri@^6.0.0, ssri@^6.0.1: figgy-pudding "^3.5.1" stack-utils@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-1.0.2.tgz#33eba3897788558bebfc2db059dc158ec36cebb8" - integrity sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA== + version "1.0.3" + resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-1.0.3.tgz#db7a475733b5b8bf6521907b18891d29006f7751" + integrity sha512-WldO+YmqhEpjp23eHZRhOT1NQF51STsbxZ+/AdpFD+EhheFxAe5d0WoK4DQVJkSHacPrJJX3OqRAl9CgHf78pg== + dependencies: + escape-string-regexp "^2.0.0" stack-utils@^2.0.2: - version "2.0.2" - resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-2.0.2.tgz#5cf48b4557becb4638d0bc4f21d23f5d19586593" - integrity sha512-0H7QK2ECz3fyZMzQ8rH0j2ykpfbnd20BFtfg/SqVC2+sCTtcw0aDTGB7dk+de4U4uUeuz6nOtJcrkFFLG1B0Rg== + version "2.0.3" + resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-2.0.3.tgz#cd5f030126ff116b78ccb3c027fe302713b61277" + integrity sha512-gL//fkxfWUsIlFL2Tl42Cl6+HFALEaB1FU76I/Fy+oZjRreP7OPMXFlGbxM7NQsI0ZpUfw76sHnv0WNYuTb7Iw== dependencies: escape-string-regexp "^2.0.0" @@ -9270,20 +9213,20 @@ string.prototype.repeat@^0.2.0: integrity sha1-q6Nt4I3O5qWjN9SbLqHaGyj8Ds8= string.prototype.trimend@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz#85812a6b847ac002270f5808146064c995fb6913" - integrity sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g== + version "1.0.2" + resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.2.tgz#6ddd9a8796bc714b489a3ae22246a208f37bfa46" + integrity sha512-8oAG/hi14Z4nOVP0z6mdiVZ/wqjDtWSLygMigTzAb+7aPEDTleeFf+WrF+alzecxIRkckkJVn+dTlwzJXORATw== dependencies: define-properties "^1.1.3" - es-abstract "^1.17.5" + es-abstract "^1.18.0-next.1" string.prototype.trimstart@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz#14af6d9f34b053f7cfc89b72f8f2ee14b9039a54" - integrity sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw== + version "1.0.2" + resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.2.tgz#22d45da81015309cd0cdd79787e8919fc5c613e7" + integrity sha512-7F6CdBTl5zyu30BJFdzSTlSlLPwODC23Od+iLoVH8X6+3fvDPPuBVVj9iaB1GOsSTSIgVfsfm27R2FGrAPznWg== dependencies: define-properties "^1.1.3" - es-abstract "^1.17.5" + es-abstract "^1.18.0-next.1" string_decoder@^1.1.1: version "1.3.0" @@ -9388,6 +9331,11 @@ strip-json-comments@^3.1.0, strip-json-comments@^3.1.1: resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-3.1.1.tgz#31f1281b3832630434831c310c01cccda8cbe006" integrity sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig== +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= + strong-log-transformer@^2.0.0: version "2.1.0" resolved "https://registry.yarnpkg.com/strong-log-transformer/-/strong-log-transformer-2.1.0.tgz#0f5ed78d325e0421ac6f90f7f10e691d6ae3ae10" @@ -9821,12 +9769,13 @@ ts-node@^8.0.2: source-map-support "^0.5.17" yn "3.1.1" -ts-node@^9.0.0: - version "9.0.0" - resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-9.0.0.tgz#e7699d2a110cc8c0d3b831715e417688683460b3" - integrity sha512-/TqB4SnererCDR/vb4S/QvSZvzQMJN8daAslg7MeaiHvD8rDZsSfXmNeNumyZZzMned72Xoq/isQljYSt8Ynfg== +ts-node@^9.1.0: + version "9.1.0" + resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-9.1.0.tgz#95eae4c6d0f94f2545884078e1eb1b14d2155639" + integrity sha512-0yqcL4sgruCvM+w64LiAfNJo6+lHfCYc5Ajj4yiLNkJ9oZ2HWaa+Kso7htYOOxVQ7+csAjdUjffOe9PIqC4pMg== dependencies: arg "^4.1.0" + create-require "^1.1.0" diff "^4.0.1" make-error "^1.1.1" source-map-support "^0.5.17" @@ -9848,14 +9797,14 @@ tsconfig-paths@^3.9.0: strip-bom "^3.0.0" tslib@^1.8.1, tslib@^1.9.0: - version "1.13.0" - resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.13.0.tgz#c881e13cc7015894ed914862d276436fa9a47043" - integrity sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q== + version "1.14.1" + resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00" + integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg== tslib@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.0.1.tgz#410eb0d113e5b6356490eec749603725b021b43e" - integrity sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ== + version "2.0.3" + resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.0.3.tgz#8e0741ac45fc0c226e58a17bfc3e64b9bc6ca61c" + integrity sha512-uZtkfKblCEQtZKBF6EBXVZeQNl82yqtDQdv+eck8u7tdPxjLu2/lp5/uPW+um2tpuxINHWy3GhiccY7QgEaVHQ== tsutils@^3.17.1: version "3.17.1" @@ -9906,9 +9855,9 @@ type-fest@^0.13.1: integrity sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg== type-fest@^0.18.0: - version "0.18.0" - resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.18.0.tgz#2edfa6382d48653707344f7fccdb0443d460e8d6" - integrity sha512-fbDukFPnJBdn2eZ3RR+5mK2slHLFd6gYHY7jna1KWWy4Yr4XysHuCdXRzy+RiG/HwG4WJat00vdC2UHky5eKiQ== + version "0.18.1" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.18.1.tgz#db4bc151a4a2cf4eebf9add5db75508db6cc841f" + integrity sha512-OIAYXk8+ISY+qTOwkHtKqzAuxchoMiD9Udx+FSGQDuiRR+PJKJHc2NJAXlbhkGwTt/4/nKZxELY1w3ReWOL8mw== type-fest@^0.3.0: version "0.3.1" @@ -9937,10 +9886,10 @@ typedarray@^0.0.6: resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c= -typescript-json-schema@^0.44.0: - version "0.44.0" - resolved "https://registry.yarnpkg.com/typescript-json-schema/-/typescript-json-schema-0.44.0.tgz#8ec96b26caa5b8744d6cac47ce9aadc3187f4700" - integrity sha512-MC6hEUYmA35F6SQjwrogzjOhrkH0x4f/yCrzb1EQU5EOoEDdu51vsrlkI9oKgLyyC7uWKBOlJsWAFk2RfGFvgQ== +typescript-json-schema@^0.45.0: + version "0.45.0" + resolved "https://registry.yarnpkg.com/typescript-json-schema/-/typescript-json-schema-0.45.0.tgz#2f244e99518e589a442ee5f9c1d2c85a1ec7dc84" + integrity sha512-4MeX0HIODRd+K1/sIbkPryGXG43PVQ9cvIC8gDYml6yBgcsWLjvPMpTNr9VV+bQwpDLncB8Ie4qSenuKUwNZpg== dependencies: "@types/json-schema" "^7.0.6" glob "^7.1.6" @@ -9963,10 +9912,15 @@ typescript@~3.8.3: resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.8.3.tgz#409eb8544ea0335711205869ec458ab109ee1061" integrity sha512-MYlEfn5VrLNsgudQTVJeNaQFUAI7DkhnOjdpAp4T+ku1TfQClewlbSuTVHiA+8skNBgaf02TL/kLOvig4y3G8w== +uc.micro@^1.0.1, uc.micro@^1.0.5: + version "1.0.6" + resolved "https://registry.yarnpkg.com/uc.micro/-/uc.micro-1.0.6.tgz#9c411a802a409a91fc6cf74081baba34b24499ac" + integrity sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA== + uglify-js@^3.1.4: - version "3.11.0" - resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-3.11.0.tgz#67317658d76c21e0e54d3224aee2df4ee6c3e1dc" - integrity sha512-e1KQFRCpOxnrJsJVqDUCjURq+wXvIn7cK2sRAx9XL3HYLL9aezOP4Pb1+Y3/o693EPk111Yj2Q+IUXxcpHlygQ== + version "3.11.6" + resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-3.11.6.tgz#144b50d3e05eadd3ad4dd047c60ca541a8cd4e9c" + integrity sha512-oASI1FOJ7BBFkSCNDZ446EgkSuHkOZBuqRFrwXIKWCoXw8ZXQETooTQjkAcBS03Acab7ubCKsXnwuV2svy061g== uid-number@0.0.6: version "0.0.6" @@ -10032,6 +9986,11 @@ universalify@^1.0.0: resolved "https://registry.yarnpkg.com/universalify/-/universalify-1.0.0.tgz#b61a1da173e8435b2fe3c67d29b9adf8594bd16d" integrity sha512-rb6X1W158d7pRQBg5gkR8uPaSfiids68LTJQYOtEUhoJUWBdaQHsuT/EUduxXYxcrt4r5PJ4fuHW1MHT6p0qug== +universalify@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717" + integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ== + unpipe@1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" @@ -10108,9 +10067,9 @@ uuid@^8.3.0, uuid@^8.3.1: integrity sha512-FOmRr+FmWEIG8uhZv6C2bTgEVXsHk08kE7mPlrBbEe+c3r9pjceVPgupIfNIhc4yx55H69OXANrUaSuu9eInKg== v8-compile-cache@^2.0.3: - version "2.1.1" - resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.1.1.tgz#54bc3cdd43317bca91e35dcaf305b1a7237de745" - integrity sha512-8OQ9CL+VWyt3JStj7HX7/ciTL2V3Rl1Wf5OL+SNTm0yK1KvtReVulksyeRnCANHHuUxHlQig+JJDlUhBt1NQDQ== + version "2.2.0" + resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.2.0.tgz#9471efa3ef9128d2f7c6a7ca39c4dd6b5055b132" + integrity sha512-gTpR5XQNKFwOd4clxfnhaqvfqMpqEwr4tOtCyz4MtYZX2JYhfr1JvBFKdS+7K/9rfpZR3VLX+YWBbKoxCgS43Q== v8-to-istanbul@^7.0.0: version "7.0.0" @@ -10210,9 +10169,9 @@ whatwg-url@^7.0.0: webidl-conversions "^4.0.2" whatwg-url@^8.0.0: - version "8.3.0" - resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.3.0.tgz#d1e11e565334486cdb280d3101b9c3fd1c867582" - integrity sha512-BQRf/ej5Rp3+n7k0grQXZj9a1cHtsp4lqj01p59xBWFKdezR8sO37XnpafwNqiFac/v2Il12EIMjX/Y4VZtT8Q== + version "8.4.0" + resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.4.0.tgz#50fb9615b05469591d2b2bd6dfaed2942ed72837" + integrity sha512-vwTUFf6V4zhcPkWp/4CQPr1TW9Ml6SF4lVyaIMBdJw5i6qUUJ1QWM4Z6YYVkfka0OUIzVo/0aNtGVGk256IKWw== dependencies: lodash.sortby "^4.7.0" tr46 "^2.0.2" @@ -10385,9 +10344,9 @@ write@1.0.3: mkdirp "^0.5.1" ws@^7.2.3: - version "7.3.1" - resolved "https://registry.yarnpkg.com/ws/-/ws-7.3.1.tgz#d0547bf67f7ce4f12a72dfe31262c68d7dc551c8" - integrity sha512-D3RuNkynyHmEJIpD2qrgVkc9DQ23OrN/moAwZX4L8DfvszsJxpjQuUq3LMx6HoYji9fbIOBY18XWBsAux1ZZUA== + version "7.4.0" + resolved "https://registry.yarnpkg.com/ws/-/ws-7.4.0.tgz#a5dd76a24197940d4a8bb9e0e152bb4503764da7" + integrity sha512-kyFwXuV/5ymf+IXhS6f0+eAFvydbaBW3zjpT6hUdAh/hbVjTIB5EHBGi0bPoCLSK2wcuz3BrEkB9LrYv1Nm4NQ== xml-name-validator@^3.0.0: version "3.0.0" @@ -10478,9 +10437,9 @@ yapool@^1.0.0: integrity sha1-9pPymjFbUNmp2iZGp6ZkXJaYW2o= yargs-parser@20.x, yargs-parser@^20.2.2, yargs-parser@^20.2.3: - version "20.2.3" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.3.tgz#92419ba867b858c868acf8bae9bf74af0dd0ce26" - integrity sha512-emOFRT9WVHw03QSvN5qor9QQT9+sw5vwxfYweivSMHTcAXPefwVae2FjO7JJjj8hCE4CzPOPeFM83VwT29HCww== + version "20.2.4" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.4.tgz#b42890f14566796f85ae8e3a25290d205f154a54" + integrity sha512-WOkpgNhPTlE73h4VFAFsOnomJVaovO8VqLDzy5saChRBFQFBoMYirowyW+Q9HB4HFF4Z7VZTiG3iSzJJA29yRA== yargs-parser@^13.0.0, yargs-parser@^13.1.2: version "13.1.2" @@ -10556,10 +10515,10 @@ yargs@^15.0.2, yargs@^15.3.1, yargs@^15.4.1: y18n "^4.0.0" yargs-parser "^18.1.2" -yargs@^16.0.3, yargs@^16.1.0, yargs@^16.1.1: - version "16.1.1" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.1.1.tgz#5a4a095bd1ca806b0a50d0c03611d38034d219a1" - integrity sha512-hAD1RcFP/wfgfxgMVswPE+z3tlPFtxG8/yWUrG2i17sTWGCGqWnxKcLTF4cUKDUK8fzokwsmO9H0TDkRbMHy8w== +yargs@^16.0.3, yargs@^16.1.1, yargs@^16.2.0: + version "16.2.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" + integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw== dependencies: cliui "^7.0.2" escalade "^3.1.1"