diff --git a/CHANGELOG.md b/CHANGELOG.md index aeb8a65e5..d401046ab 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.64.0] - 2020-09-24 + +### Changed +- Upgraded all patterns to CDK v1.64.0 +- Fix `aws-cognito-apigateway-lambda` pattern bug with override for `cognitoUserPoolClientProps` ([#71](https://github.com/awslabs/aws-solutions-constructs/issues/71)) +- Fix `api-gateway-sqs` pattern bug with override for `createRequestTemplate` ([#69](https://github.com/awslabs/aws-solutions-constructs/issues/69)) +- Fix `aws-kinesisfirehose-s3-and-kinesisanalytics` pattern bug with override for `kinesisFirehoseProps` ([#73](https://github.com/awslabs/aws-solutions-constructs/issues/73)) +- Fix `aws-cloudfront-apigateway-lambda` pattern bug with override for `apiGatewayProps` +- Fix ALL patterns to use the ARNs with `${cdk.Aws.PARTITION}` partition instead of `aws` ([#67](https://github.com/awslabs/aws-solutions-constructs/issues/67)) +- Update `aws-lambda-elasticsearch-kibana` pattern to add an optional construct props to provide Cognito Domain separately ([#54](https://github.com/awslabs/aws-solutions-constructs/issues/54)) +- Update ALL S3 patterns to disable versioning for the Logging bucket and apply default lifecycle policy for the versioned buckets ([#44](https://github.com/awslabs/aws-solutions-constructs/issues/44)) +- Fix ALL SQS patterns to not create DLQ when user provides the `existingQueueObj` +- Update `aws-sqs-lambda` pattern to allow for overriding `sqsEventSourceProps` + ## [1.63.0] - 2020-09-14 ### Changed diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 406b86ed3..e60e4377e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -162,7 +162,7 @@ BREAKING CHANGE: Description of what broke and how to achieve this behavior now #### CodeBuild Build steps The CodeBuild runs through the following build steps: -* Content scanning using Viperlight utility. It is a security, vulnerability and general risk highlighting tool. The source code for utility is located [here](https://s3.amazonaws.com/viperlight-scanner/latest/viperlight.zip) It uses [.viperlightignore](https://github.com/awslabs/aws-solutions-constructs/blob/master/.viperlightignore) to override any false alarms. +* Content scanning using Viperlight utility. It is a security, vulnerability and general risk highlighting tool. The source code for utility is located [here](https://viperlight-scanner.s3.amazonaws.com/latest/viperlight.zip) It uses [.viperlightignore](https://github.com/awslabs/aws-solutions-constructs/blob/master/.viperlightignore) to override any false alarms. * Build/validate/package all the constructs in the library * Scan the Cloudformation templates generated by [Integration Tests](https://github.com/awslabs/aws-solutions-constructs/blob/master/CONTRIBUTING.md#integration-tests) using (cfn_nag)[https://github.com/stelligent/cfn_nag] diff --git a/source/lerna.json b/source/lerna.json index 2b96777fb..b80ea6f62 100644 --- a/source/lerna.json +++ b/source/lerna.json @@ -6,5 +6,5 @@ "./patterns/@aws-solutions-constructs/*" ], "rejectCycles": "true", - "version": "1.63.0" + "version": "1.64.0" } diff --git a/source/package.json b/source/package.json index b63946175..6fbc0ac59 100644 --- a/source/package.json +++ b/source/package.json @@ -1,6 +1,6 @@ { "name": "aws-solutions-constructs", - "version": "1.63.0", + "version": "1.64.0", "description": "AWS Solutions Constructs Library", "repository": { "type": "git", diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/README.md b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/README.md index 68bdcbeab..869c814f9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/README.md @@ -26,14 +26,12 @@ ## Overview This AWS Solutions Construct implements an Amazon API Gateway REST API connected to Amazon DynamoDB table. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { ApiGatewayToDynamoDBProps, ApiGatewayToDynamoDB } from "@aws-solutions-constructs/aws-apigateway-dynamodb"; -const props: ApiGatewayToDynamoDBProps = {}; - -new ApiGatewayToDynamoDB(stack, 'test-api-gateway-dynamodb-default', props); +new ApiGatewayToDynamoDB(this, 'test-api-gateway-dynamodb-default', {}); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/package.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/package.json index c69dd5787..d52c38400 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-apigateway-dynamodb", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS API Gateway and Amazon DynamoDB integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/__snapshots__/apigateway-dynamodb.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/__snapshots__/apigateway-dynamodb.test.js.snap index ede2015a5..4252ddc8a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/__snapshots__/apigateway-dynamodb.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/__snapshots__/apigateway-dynamodb.test.js.snap @@ -109,7 +109,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.apigateway-dynamodb-CRUD.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.apigateway-dynamodb-CRUD.expected.json index ebd0d2035..4cb638ab4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.apigateway-dynamodb-CRUD.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.apigateway-dynamodb-CRUD.expected.json @@ -499,7 +499,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.no-arguments.expected.json index 78ba4bd0e..32c7d664f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-dynamodb/test/integ.no-arguments.expected.json @@ -244,7 +244,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/README.md b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/README.md index 2f8b207b3..170334d89 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/README.md @@ -31,9 +31,7 @@ Here is a minimal deployable pattern definition in Typescript: ``` javascript import { ApiGatewayToKinesisStreams, ApiGatewayToKinesisStreamsProps } from '@aws-solutions-constructs/aws-apigateway-kinesisstreams'; -const props: ApiGatewayToKinesisStreamsProps = {}; - -new ApiGatewayToKinesisStreams(this, 'test-apigw-kinesis', props); +new ApiGatewayToKinesisStreams(this, 'test-apigw-kinesis', {}); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/package.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/package.json index 5333b4746..bca4ae1b5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-apigateway-kinesisstreams", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS API Gateway and Amazon Kinesis Data Streams integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/__snapshots__/apigateway-kinesis.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/__snapshots__/apigateway-kinesis.test.js.snap index b8aa98479..90574fb61 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/__snapshots__/apigateway-kinesis.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/__snapshots__/apigateway-kinesis.test.js.snap @@ -124,7 +124,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -666,7 +670,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1148,7 +1156,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.apigateway-kinesis-overwrite.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.apigateway-kinesis-overwrite.expected.json index b342b6789..14c6e7cc7 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.apigateway-kinesis-overwrite.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.apigateway-kinesis-overwrite.expected.json @@ -377,7 +377,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.no-arguments.expected.json index 5c44beac3..fb219dbe3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-kinesisstreams/test/integ.no-arguments.expected.json @@ -414,7 +414,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/README.md index 83d72d291..fa8750af2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/README.md @@ -26,16 +26,16 @@ This AWS Solutions Construct implements an Amazon API Gateway REST API connected to an AWS Lambda function pattern. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { ApiGatewayToLambda } = require('@aws-solutions-constructs/aws-apigateway-lambda'); +``` typescript +import { ApiGatewayToLambda } from '@aws-solutions-constructs/aws-apigateway-lambda'; -new ApiGatewayToLambda(stack, 'ApiGatewayToLambdaPattern', { +new ApiGatewayToLambda(this, 'ApiGatewayToLambdaPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); @@ -90,4 +90,4 @@ Out of the box implementation of the Construct without any override will set the ![Architecture Diagram](architecture.png) *** -© Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. +© Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/package.json index 29b91c7de..5da2e5bb1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-apigateway-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an API Gateway and a Lambda function.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/__snapshots__/test.apigateway-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/__snapshots__/test.apigateway-lambda.test.js.snap index 8761431eb..f8b852aa4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/__snapshots__/test.apigateway-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/__snapshots__/test.apigateway-lambda.test.js.snap @@ -303,7 +303,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -695,7 +699,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -919,7 +927,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1371,7 +1383,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1572,7 +1588,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1938,7 +1958,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2139,7 +2163,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.expected.json index 23cbe33df..3b8dbc861 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -533,7 +537,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.ts index 277473319..83587f3f3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.deployFunction.ts @@ -26,7 +26,7 @@ const props: ApiGatewayToLambdaProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.expected.json index a59eff98f..b9ce91bf6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -533,7 +537,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.ts index 6c3a6e9a9..faa026371 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/integ.existingFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-apigateway-lambda' const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/test.apigateway-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/test.apigateway-lambda.test.ts index c1c8d4a89..ff9ce6774 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/test.apigateway-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-lambda/test/test.apigateway-lambda.test.ts @@ -29,7 +29,7 @@ test('Pattern deployment with new Lambda function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; new ApiGatewayToLambda(stack, 'test-apigateway-lambda', props); @@ -46,7 +46,7 @@ test('Pattern deployment with existing Lambda function', () => { const fn = new lambda.Function(stack, 'ExistingLambdaFunction', { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }); const props: ApiGatewayToLambdaProps = { existingLambdaObj: fn @@ -81,7 +81,7 @@ test('Test with lambdaFunctionProps', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { OVERRIDE_STATUS: 'true' } @@ -112,7 +112,7 @@ test('Test properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; const app = new ApiGatewayToLambda(stack, 'test-apigateway-lambda', props); @@ -149,7 +149,7 @@ test('Pattern deployment with two ApiGatewayToLambda constructs', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; new ApiGatewayToLambda(stack, 'pattern1', props1); @@ -158,7 +158,7 @@ test('Pattern deployment with two ApiGatewayToLambda constructs', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; new ApiGatewayToLambda(stack, 'pattern2', props2); @@ -183,7 +183,7 @@ test('Test deployment ApiGateway AuthorizationType override', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); // Assertion 1 diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/README.md b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/README.md index 7d3828de8..b3b69c137 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/README.md @@ -28,15 +28,10 @@ This AWS Solutions Construct implements an Amazon API Gateway connected to an Am Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { ApiGatewayToSqs, ApiGatewayToSqsProps } from "@aws-solutions-constructs/aws-apigateway-sqs"; -new ApiGatewayToSqs(this, 'ApiGatewayToSqsPattern', { - apiGatewayProps: {}, - queueProps: {}, - deployDeadLetterQueue?: true, - maxReceiveCount?: 3 -}); +new ApiGatewayToSqs(this, 'ApiGatewayToSqsPattern', {}); ``` @@ -61,9 +56,11 @@ _Parameters_ |deployDeadLetterQueue|`boolean`|Whether to deploy a secondary queue to be used as a dead letter queue.| |maxReceiveCount|`number`|The number of times a message can be unsuccessfully dequeued before being moved to the dead-letter queue.| |allowCreateOperation?|`boolean`|Whether to deploy an API Gateway Method for Create operations on the queue (i.e. sqs:SendMessage).| -|createRequestTemplate?|`string`|API Gateway Request template for Create method, required if allowCreateOperation set to true.| +|createRequestTemplate?|`string`|Override the default API Gateway Request template for Create method, if allowCreateOperation set to true.| |allowReadOperation?|`boolean`|Whether to deploy an API Gateway Method for Read operations on the queue (i.e. sqs:ReceiveMessage).| +|readRequestTemplate?|`string`|Override the default API Gateway Request template for Read method, if allowReadOperation set to true.| |allowDeleteOperation?|`boolean`|Whether to deploy an API Gateway Method for Delete operations on the queue (i.e. sqs:DeleteMessage).| +|deleteRequestTemplate?|`string`|Override the default API Gateway Request template for Delete method, if allowDeleteOperation set to true.| ## Pattern Properties diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts index cc36e381a..5e3000797 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/lib/index.ts @@ -31,7 +31,13 @@ export interface ApiGatewayToSqsProps { */ readonly apiGatewayProps?: api.RestApiProps | any /** - * Optional user-provided props to override the default props for the queue. + * Existing instance of SQS queue object, if this is set then the queueProps is ignored. + * + * @default - None + */ + readonly existingQueueObj?: sqs.Queue, + /** + * User provided props to override the default props for the SQS queue. * * @default - Default props are used */ @@ -42,6 +48,12 @@ export interface ApiGatewayToSqsProps { * @default - required field. */ readonly deployDeadLetterQueue?: boolean, + /** + * Optional user provided properties for the dead letter queue + * + * @default - Default props are used + */ + readonly deadLetterQueueProps?: sqs.QueueProps, /** * The number of times a message can be unsuccessfully dequeued before being moved to the dead-letter queue. * @@ -55,7 +67,7 @@ export interface ApiGatewayToSqsProps { */ readonly allowCreateOperation?: boolean, /** - * API Gateway Request template for Create method, required if allowCreateOperation set to true + * API Gateway Request template for Create method, if allowCreateOperation set to true * * @default - None */ @@ -63,15 +75,27 @@ export interface ApiGatewayToSqsProps { /** * Whether to deploy an API Gateway Method for Read operations on the queue (i.e. sqs:ReceiveMessage). * - * @default - false + * @default - "Action=SendMessage&MessageBody=$util.urlEncode(\"$input.body\")" */ readonly allowReadOperation?: boolean, + /** + * API Gateway Request template for Get method, if allowReadOperation set to true + * + * @default - "Action=ReceiveMessage" + */ + readonly readRequestTemplate?: string, /** * Whether to deploy an API Gateway Method for Delete operations on the queue (i.e. sqs:DeleteMessage). * * @default - false */ readonly allowDeleteOperation?: boolean + /** + * API Gateway Request template for Delete method, if allowDeleteOperation set to true + * + * @default - "Action=DeleteMessage&ReceiptHandle=$util.urlEncode($input.params('receiptHandle'))" + */ + readonly deleteRequestTemplate?: string } /** @@ -97,15 +121,12 @@ export class ApiGatewayToSqs extends Construct { super(scope, id); // Setup the dead letter queue, if applicable - if (!props.deployDeadLetterQueue || props.deployDeadLetterQueue === true) { - const [dlq] = defaults.buildQueue(this, 'deadLetterQueue', { - queueProps: props.queueProps - }); - this.deadLetterQueue = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, - maxReceiveCount: (props.maxReceiveCount) ? props.maxReceiveCount : 3 - }); - } + this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { + existingQueueObj: props.existingQueueObj, + deployDeadLetterQueue: props.deployDeadLetterQueue, + deadLetterQueueProps: props.deadLetterQueueProps, + maxReceiveCount: props.maxReceiveCount + }); // Setup the queue [this.sqsQueue] = defaults.buildQueue(this, 'queue', { @@ -124,10 +145,14 @@ export class ApiGatewayToSqs extends Construct { // Setup the API Gateway resource const apiGatewayResource = this.apiGateway.root.addResource('message'); - // Setup API Gateway methods // Create - if (props.allowCreateOperation && props.allowCreateOperation === true && props.createRequestTemplate) { - const createRequestTemplate = "Action=SendMessage&MessageBody=$util.urlEncode(\"$input.body\")"; + let createRequestTemplate = "Action=SendMessage&MessageBody=$util.urlEncode(\"$input.body\")"; + + if (props.createRequestTemplate) { + createRequestTemplate = props.createRequestTemplate; + } + + if (props.allowCreateOperation && props.allowCreateOperation === true) { this.addActionToPolicy("sqs:SendMessage"); defaults.addProxyMethodToApiResource({ service: "sqs", @@ -139,9 +164,15 @@ export class ApiGatewayToSqs extends Construct { contentType: "'application/x-www-form-urlencoded'" }); } + // Read + let readRequestTemplate = "Action=ReceiveMessage"; + + if (props.readRequestTemplate) { + readRequestTemplate = props.readRequestTemplate; + } + if (!props.allowReadOperation || props.allowReadOperation === true) { - const getRequestTemplate = "Action=ReceiveMessage"; this.addActionToPolicy("sqs:ReceiveMessage"); defaults.addProxyMethodToApiResource({ service: "sqs", @@ -149,13 +180,19 @@ export class ApiGatewayToSqs extends Construct { apiGatewayRole: this.apiGatewayRole, apiMethod: "GET", apiResource: this.apiGateway.root, - requestTemplate: getRequestTemplate, + requestTemplate: readRequestTemplate, contentType: "'application/x-www-form-urlencoded'" }); } + // Delete + let deleteRequestTemplate = "Action=DeleteMessage&ReceiptHandle=$util.urlEncode($input.params('receiptHandle'))"; + + if (props.deleteRequestTemplate) { + deleteRequestTemplate = props.deleteRequestTemplate; + } + if (props.allowDeleteOperation && props.allowDeleteOperation === true) { - const deleteRequestTemplate = "Action=DeleteMessage&ReceiptHandle=$util.urlEncode($input.params('receiptHandle'))"; this.addActionToPolicy("sqs:DeleteMessage"); defaults.addProxyMethodToApiResource({ service: "sqs", diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/package.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/package.json index a6dd6feae..b9b70683c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-apigateway-sqs", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an AWS Lambda function and an Amazon S3 bucket.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/__snapshots__/apigateway-sqs.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/__snapshots__/apigateway-sqs.test.js.snap index 5fcc7a086..7c97d75e1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/__snapshots__/apigateway-sqs.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/__snapshots__/apigateway-sqs.test.js.snap @@ -83,7 +83,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -602,7 +606,7 @@ Object { "Arn", ], }, - "maxReceiveCount": 3, + "maxReceiveCount": 15, }, }, "Type": "AWS::SQS::Queue", @@ -763,7 +767,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1197,93 +1205,9 @@ Object { }, "Type": "AWS::IAM::Policy", }, - "apigatewaysqsdeadLetterQueue25B510FA": Object { - "Properties": Object { - "KmsMasterKeyId": "alias/aws/sqs", - }, - "Type": "AWS::SQS::Queue", - }, - "apigatewaysqsdeadLetterQueuePolicy55247071": Object { - "Properties": Object { - "PolicyDocument": Object { - "Statement": Array [ - Object { - "Action": Array [ - "sqs:DeleteMessage", - "sqs:ReceiveMessage", - "sqs:SendMessage", - "sqs:GetQueueAttributes", - "sqs:RemovePermission", - "sqs:AddPermission", - "sqs:SetQueueAttributes", - ], - "Effect": "Allow", - "Principal": Object { - "AWS": Object { - "Fn::Join": Array [ - "", - Array [ - "arn:", - Object { - "Ref": "AWS::Partition", - }, - ":iam::", - Object { - "Ref": "AWS::AccountId", - }, - ":root", - ], - ], - }, - }, - "Resource": Object { - "Fn::GetAtt": Array [ - "apigatewaysqsdeadLetterQueue25B510FA", - "Arn", - ], - }, - "Sid": "QueueOwnerOnlyAccess", - }, - Object { - "Action": "SQS:*", - "Condition": Object { - "Bool": Object { - "aws:SecureTransport": "false", - }, - }, - "Effect": "Deny", - "Principal": "*", - "Resource": Object { - "Fn::GetAtt": Array [ - "apigatewaysqsdeadLetterQueue25B510FA", - "Arn", - ], - }, - "Sid": "HttpsOnly", - }, - ], - "Version": "2012-10-17", - }, - "Queues": Array [ - Object { - "Ref": "apigatewaysqsdeadLetterQueue25B510FA", - }, - ], - }, - "Type": "AWS::SQS::QueuePolicy", - }, "apigatewaysqsqueueE186B895": Object { "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", - "RedrivePolicy": Object { - "deadLetterTargetArn": Object { - "Fn::GetAtt": Array [ - "apigatewaysqsdeadLetterQueue25B510FA", - "Arn", - ], - }, - "maxReceiveCount": 3, - }, }, "Type": "AWS::SQS::Queue", }, @@ -1443,7 +1367,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1773,7 +1701,7 @@ Object { "Arn", ], }, - "maxReceiveCount": 3, + "maxReceiveCount": 15, }, }, "Type": "AWS::SQS::Queue", diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts index 6ab319748..6f986c723 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/apigateway-sqs.test.ts @@ -39,9 +39,6 @@ test('Test deployment w/ DLQ', () => { const stack = new Stack(); // Helper declaration new ApiGatewayToSqs(stack, 'api-gateway-sqs', { - apiGatewayProps: {}, - queueProps: {}, - createRequestTemplate: "{}", allowCreateOperation: true, allowReadOperation: true, allowDeleteOperation: true, @@ -59,9 +56,6 @@ test('Test deployment w/o DLQ', () => { const stack = new Stack(); // Helper declaration new ApiGatewayToSqs(stack, 'api-gateway-sqs', { - apiGatewayProps: {}, - queueProps: {}, - createRequestTemplate: "{}", allowCreateOperation: true, allowReadOperation: false, allowDeleteOperation: true, @@ -94,8 +88,6 @@ test('Test properties', () => { const stack = new Stack(); // Helper declaration const pattern = new ApiGatewayToSqs(stack, 'api-gateway-sqs', { - apiGatewayProps: {}, - queueProps: {}, deployDeadLetterQueue: true, maxReceiveCount: 3 }); @@ -145,4 +137,67 @@ test('Test deployment ApiGateway AuthorizationType override', () => { HttpMethod: "DELETE", AuthorizationType: "NONE" }); - }); \ No newline at end of file + }); + +// ----------------------------------------------------------------- +// Test deployment for override ApiGateway createRequestTemplate +// ----------------------------------------------------------------- +test('Test deployment for override ApiGateway createRequestTemplate', () => { + // Stack + const stack = new Stack(); + // Helper declaration + new ApiGatewayToSqs(stack, 'api-gateway-sqs', { + createRequestTemplate: "Action=SendMessage&MessageBody=$util.urlEncode(\"HelloWorld\")", + allowCreateOperation: true + }); + expect(stack).toHaveResourceLike("AWS::ApiGateway::Method", { + HttpMethod: "POST", + Integration: { + RequestTemplates: { + "application/json": "Action=SendMessage&MessageBody=$util.urlEncode(\"HelloWorld\")" + } + } + }); +}); + +// ----------------------------------------------------------------- +// Test deployment for override ApiGateway getRequestTemplate +// ----------------------------------------------------------------- +test('Test deployment for override ApiGateway getRequestTemplate', () => { + // Stack + const stack = new Stack(); + // Helper declaration + new ApiGatewayToSqs(stack, 'api-gateway-sqs', { + readRequestTemplate: "Action=HelloWorld", + allowReadOperation: true + }); + expect(stack).toHaveResourceLike("AWS::ApiGateway::Method", { + HttpMethod: "GET", + Integration: { + RequestTemplates: { + "application/json": "Action=HelloWorld" + } + } + }); +}); + +// ----------------------------------------------------------------- +// Test deployment for override ApiGateway deleteRequestTemplate +// ----------------------------------------------------------------- +test('Test deployment for override ApiGateway deleteRequestTemplate', () => { + // Stack + const stack = new Stack(); + // Helper declaration + new ApiGatewayToSqs(stack, 'api-gateway-sqs', { + deleteRequestTemplate: "Action=HelloWorld", + allowDeleteOperation: true + }); + expect(stack).toHaveResourceLike("AWS::ApiGateway::Method", { + HttpMethod: "DELETE", + Integration: { + RequestTemplates: { + "application/json": "Action=HelloWorld" + } + } + }); +}); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json index 512671e1e..8fd7d7af9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.expected.json @@ -87,7 +87,7 @@ "Arn" ] }, - "maxReceiveCount": 3 + "maxReceiveCount": 15 } } }, @@ -548,7 +548,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.ts index 6b421148d..d3c291adc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.apigateway-sqs-crud.ts @@ -22,12 +22,9 @@ stack.templateOptions.description = 'Integration Test for aws-apigateway-sqs'; // Definitions const props: ApiGatewayToSqsProps = { - apiGatewayProps: {}, - queueProps: {}, allowReadOperation: true, allowCreateOperation: true, - allowDeleteOperation: true, - createRequestTemplate: "{\r\n \"QueueUrl\": \"${QueueUrl}\",\r\n \"MessageBody\": \"${MessageBody}\"\r\n}" + allowDeleteOperation: true }; new ApiGatewayToSqs(stack, 'test-api-gateway-sqs', props); diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.expected.json index db4a20ae1..b9b6555b8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.expected.json @@ -87,7 +87,7 @@ "Arn" ] }, - "maxReceiveCount": 3 + "maxReceiveCount": 15 } } }, @@ -379,7 +379,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.ts index 4fd448640..5ce7ecdd1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-apigateway-sqs/test/integ.no-arguments.ts @@ -13,20 +13,14 @@ // Imports import { App, Stack } from "@aws-cdk/core"; -import { ApiGatewayToSqs, ApiGatewayToSqsProps } from "../lib"; +import { ApiGatewayToSqs } from "../lib"; // Setup const app = new App(); const stack = new Stack(app, 'test-apigateway-sqs-default'); stack.templateOptions.description = 'Integration Test for aws-apigateway-sqs'; -// Definitions -const props: ApiGatewayToSqsProps = { - apiGatewayProps: {}, - queueProps: {} -}; - -new ApiGatewayToSqs(stack, 'test-api-gateway-sqs-default', props); +new ApiGatewayToSqs(stack, 'test-api-gateway-sqs-default', {}); // Synth app.synth(); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/README.md index 361c3c748..6969e9c5b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/README.md @@ -24,22 +24,17 @@ This AWS Solutions Construct implements an AWS CloudFront fronting an Amazon API Gateway Lambda backed REST API. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -import * as defaults from '@aws-solutions-constructs/core'; +``` typescript import { CloudFrontToApiGatewayToLambda } from '@aws-solutions-constructs/aws-cloudfront-apigateway-lambda'; -const stack = new Stack(); - -const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), - runtime: lambda.Runtime.NODEJS_12_X, - handler: 'index.handler' -}; - -new CloudFrontToApiGatewayToLambda(stack, 'test-cloudfront-apigateway-lambda', { - lambdaFunctionProps: lambdaProps, +new CloudFrontToApiGatewayToLambda(this, 'test-cloudfront-apigateway-lambda', { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler' + } }); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/lib/index.ts index 6051ad8d6..c61fa1202 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/lib/index.ts @@ -42,7 +42,7 @@ export interface CloudFrontToApiGatewayToLambdaProps { * * @default - Default props are used */ - readonly apiGatewayProps?: api.LambdaRestApiProps + readonly apiGatewayProps?: api.LambdaRestApiProps | any /** * Optional user provided props to override the default props * diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/package.json index 9b56ccb06..5eb8bcedf 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Cloudfront to AWS API Gateway to AWS Lambda integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,19 +53,19 @@ } }, "dependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/aws-cloudfront-apigateway": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/aws-cloudfront-apigateway": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -75,15 +75,15 @@ ] }, "peerDependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/aws-cloudfront-apigateway": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/aws-cloudfront-apigateway": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/__snapshots__/test.cloudfront-apigateway-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/__snapshots__/test.cloudfront-apigateway-lambda.test.js.snap index 52a5872c5..7da3226bf 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/__snapshots__/test.cloudfront-apigateway-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/__snapshots__/test.cloudfront-apigateway-lambda.test.js.snap @@ -212,9 +212,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -326,7 +323,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -492,7 +493,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -737,7 +742,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.expected.json index 50947e395..9090547ad 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -553,7 +557,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -625,7 +633,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -739,9 +751,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.ts index 54b67b695..931bda889 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/integ.no-arguments.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-cloudfront-apigateway-lambda-stack'); stack.templateOptions.description = 'Integration Test for aws-cloudfront-apigateway-lambda'; const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/test.cloudfront-apigateway-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/test.cloudfront-apigateway-lambda.test.ts index 5280ac8c9..43dde04f4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/test.cloudfront-apigateway-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway-lambda/test/test.cloudfront-apigateway-lambda.test.ts @@ -15,11 +15,12 @@ import { SynthUtils } from '@aws-cdk/assert'; import { CloudFrontToApiGatewayToLambda, CloudFrontToApiGatewayToLambdaProps } from "../lib"; import * as cdk from "@aws-cdk/core"; import * as lambda from '@aws-cdk/aws-lambda'; +import * as api from '@aws-cdk/aws-apigateway'; import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const lambdaFunctionProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; @@ -33,7 +34,7 @@ function useExistingFunc(stack: cdk.Stack) { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; return new CloudFrontToApiGatewayToLambda(stack, 'test-cloudfront-apigateway-lambda', { @@ -144,11 +145,11 @@ test('check no prop', () => { } }); -test('override api gateway properties', () => { +test('override api gateway properties with existingLambdaObj', () => { const stack = new cdk.Stack(); const lambdaFunctionProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; @@ -158,7 +159,6 @@ test('override api gateway properties', () => { new CloudFrontToApiGatewayToLambda(stack, 'test-cloudfront-apigateway-lambda', { existingLambdaObj: fn, apiGatewayProps: { - handler: fn, options: { description: "Override description" } @@ -175,4 +175,35 @@ test('override api gateway properties', () => { }, Name: "LambdaRestApi" }); +}); + +test('override api gateway properties without existingLambdaObj', () => { + const stack = new cdk.Stack(); + + new CloudFrontToApiGatewayToLambda(stack, 'test-cloudfront-apigateway-lambda', { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler' + }, + apiGatewayProps: { + endpointConfiguration: { + types: [api.EndpointType.PRIVATE], + }, + options: { + description: "Override description" + } + } + }); + + expect(stack).toHaveResource('AWS::ApiGateway::RestApi', + { + Description: "Override description", + EndpointConfiguration: { + Types: [ + "PRIVATE" + ] + }, + Name: "LambdaRestApi" + }); }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md index cfaeb8cb2..629aa8943 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/README.md @@ -24,22 +24,20 @@ This AWS Solutions Construct implements an AWS CloudFront fronting an Amazon API Gateway REST API. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: ``` javascript -const api = require('@aws-cdk/aws-apigateway'); -const lambda = require("@aws-cdk/aws-lambda"); -const { CloudFrontToApiGateway } = require('@aws-solutions-constructs/aws-cloudfront-apigateway'); - -const stack = new Stack(); +import * as api from '@aws-cdk/aws-apigateway'; +import * as lambda from "@aws-cdk/aws-lambda"; +import { CloudFrontToApiGateway } from '@aws-solutions-constructs/aws-cloudfront-apigateway'; const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; -const lambdafunction = new lambda.Function(stack, 'LambdaFunction', lambdaProps); +const lambdafunction = new lambda.Function(this, 'LambdaFunction', lambdaProps); const apiGatewayProps: api.LambdaRestApiProps = { handler: lambdafunction, @@ -51,9 +49,9 @@ const apiGatewayProps: api.LambdaRestApiProps = { } }; -const apiGateway = new api.LambdaRestApi(scope, 'LambdaRestApi', apiGatewayProps); +const apiGateway = new api.LambdaRestApi(this, 'LambdaRestApi', apiGatewayProps); -new CloudFrontToApiGateway(stack, 'test-cloudfront-apigateway', { +new CloudFrontToApiGateway(this, 'test-cloudfront-apigateway', { existingApiGatewayObj: apiGateway }); diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/package.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/package.json index 4c06bd240..c74d56167 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-cloudfront-apigateway", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Cloudfront to AWS API Gateway integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-s3": "~1.63.0" + "@aws-cdk/aws-s3": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/__snapshots__/test.cloudfront-apigateway.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/__snapshots__/test.cloudfront-apigateway.test.js.snap index 7a4551ac3..09eccd540 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/__snapshots__/test.cloudfront-apigateway.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/__snapshots__/test.cloudfront-apigateway.test.js.snap @@ -152,7 +152,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -387,7 +391,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -774,9 +782,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -888,7 +893,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json index 48d471a38..9c5322c98 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -553,7 +557,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -625,7 +633,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -739,9 +751,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.ts index 3dea2dbc3..07d4e54fc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.ts @@ -24,7 +24,7 @@ const stack = new Stack(app, 'test-cloudfront-apigateway-stack'); stack.templateOptions.description = 'Integration Test for aws-cloudfront-apigateway'; const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts index f7642786b..f4ab1e682 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/test.cloudfront-apigateway.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deploy(stack: cdk.Stack) { const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; @@ -139,7 +139,11 @@ test('test api gateway lambda service role', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/README.md b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/README.md index a71126cdd..b78c4e8ad 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/README.md @@ -24,12 +24,12 @@ This AWS Solutions Construct implements an AWS CloudFront fronting an AWS S3 Bucket. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { CloudFrontToS3 } = require('@aws-solutions-constructs/aws-cloudfront-s3'); +``` typescript +import { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3'; -new CloudFrontToS3(stack, 'test-cloudfront-s3', {}); +new CloudFrontToS3(this, 'test-cloudfront-s3', {}); ``` @@ -79,6 +79,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ## Architecture ![Architecture Diagram](architecture.png) diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/package.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/package.json index 7b0a52bbf..9e04023b0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-cloudfront-s3", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Cloudfront to AWS S3 integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,15 +53,15 @@ } }, "dependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -71,11 +71,11 @@ ] }, "peerDependencies": { - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-lambda": "~1.63.0" + "@aws-cdk/aws-lambda": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/__snapshots__/test.cloudfront-s3.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/__snapshots__/test.cloudfront-s3.test.js.snap index df3ac2a27..6fa18372d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/__snapshots__/test.cloudfront-s3.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/__snapshots__/test.cloudfront-s3.test.js.snap @@ -127,9 +127,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -184,6 +181,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "testcloudfronts3S3LoggingBucket90D239DD", @@ -352,9 +362,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -466,7 +473,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.existing-bucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.existing-bucket.expected.json index dd587721b..414307b25 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.existing-bucket.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.existing-bucket.expected.json @@ -18,9 +18,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -86,6 +83,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "S3LoggingBucket800A2B27" @@ -270,7 +280,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -384,9 +398,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-arguments.expected.json index b7fffa933..eeb4b1139 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-arguments.expected.json @@ -19,9 +19,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -87,6 +84,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testcloudfronts3S3LoggingBucket90D239DD" @@ -271,7 +281,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -385,9 +399,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-security-headers.expected.json b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-security-headers.expected.json index 3481b6386..4480784d1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-security-headers.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-security-headers.expected.json @@ -19,9 +19,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -87,6 +84,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testcloudfronts3nosecurityheadersS3LoggingBucketF644B35F" @@ -252,9 +262,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/README.md index 61685b5fe..275d0e513 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/README.md @@ -24,21 +24,17 @@ This AWS Solutions Construct implements an Amazon Cognito securing an Amazon API Gateway Lambda backed REST APIs pattern. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { CognitoToApiGatewayToLambda } = require('@aws-solutions-constructs/aws-cognito-apigateway-lambda'); +``` typescript +import { CognitoToApiGatewayToLambda } from '@aws-solutions-constructs/aws-cognito-apigateway-lambda'; -const stack = new Stack(app, 'test-cognito-apigateway-lambda-stack'); - -const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), - runtime: lambda.Runtime.NODEJS_12_X, - handler: 'index.handler' -}; - -new CognitoToApiGatewayToLambda(stack, 'test-cognito-apigateway-lambda', { - lambdaFunctionProps: lambdaProps, +new CognitoToApiGatewayToLambda(this, 'test-cognito-apigateway-lambda', { + lambdaFunctionProps: { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler' + } }); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/lib/index.ts index 7e385ae5b..7e7b52811 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/lib/index.ts @@ -52,7 +52,7 @@ export interface CognitoToApiGatewayToLambdaProps { * * @default - Default props are used */ - readonly cognitoUserPoolClientProps?: cognito.UserPoolClientProps + readonly cognitoUserPoolClientProps?: cognito.UserPoolClientProps | any } export class CognitoToApiGatewayToLambda extends Construct { diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/package.json index d4bcd4433..96bd3489f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-cognito-apigateway-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Cognito to AWS API Gateway to AWS Lambda integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/__snapshots__/test.cognito-apigateway-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/__snapshots__/test.cognito-apigateway-lambda.test.js.snap index 9b6ded872..8e83bb9bf 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/__snapshots__/test.cognito-apigateway-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/__snapshots__/test.cognito-apigateway-lambda.test.js.snap @@ -229,7 +229,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -467,7 +471,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.expected.json index e7d176af0..abaa972cb 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -538,7 +542,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.ts index 1e5e67892..69f7a64a3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/integ.no-arguments.ts @@ -21,7 +21,7 @@ const app = new App(); const stack = new Stack(app, 'test-cognito-apigateway-lambda-stack'); const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/test.cognito-apigateway-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/test.cognito-apigateway-lambda.test.ts index c418b4e43..ec761671a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/test.cognito-apigateway-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-cognito-apigateway-lambda/test/test.cognito-apigateway-lambda.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const lambdaFunctionProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; @@ -40,7 +40,7 @@ test('override cognito properties', () => { const stack = new cdk.Stack(); const lambdaFunctionProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; @@ -102,3 +102,30 @@ test('check properties', () => { expect(construct.apiGatewayLogGroup !== null); expect(construct.apiGatewayAuthorizer !== null); }); + +test('override cognito cognitoUserPoolClientProps', () => { + const stack = new cdk.Stack(); + + const lambdaFunctionProps: lambda.FunctionProps = { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler' + }; + + const cognitoUserPoolClientProps = { + authFlows: { + userSrp: true + } + }; + + new CognitoToApiGatewayToLambda(stack, 'test-cognito-apigateway-lambda', { + lambdaFunctionProps, + cognitoUserPoolClientProps + }); + + expect(stack).toHaveResource('AWS::Cognito::UserPoolClient', { + ExplicitAuthFlows: [ + "ALLOW_USER_SRP_AUTH" + ], + }); +}); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/README.md b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/README.md index 20dbebb14..79f61d161 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/README.md @@ -24,21 +24,24 @@ This AWS Solutions Construct implements Amazon DynamoDB table with stream, AWS Lambda function and Amazon Elasticsearch Service with the least privileged permissions. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { DynamoDBStreamToLambdaToElasticSearchAndKibana, DynamoDBStreamToLambdaToElasticSearchAndKibanaProps } = require('@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana'); +``` typescript +import { DynamoDBStreamToLambdaToElasticSearchAndKibana, DynamoDBStreamToLambdaToElasticSearchAndKibanaProps } from '@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana'; +import { Aws } from "@aws-cdk/core"; const props: DynamoDBStreamToLambdaToElasticSearchAndKibanaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, - domainName: 'test-domain' + domainName: 'test-domain', + // TODO: Ensure the Cognito domain name is globally unique + cognitoDomainName: 'globallyuniquedomain' + Aws.ACCOUNT_ID; }; -new DynamoDBStreamToLambdaToElasticSearchAndKibana(stack, 'test-dynamodb-stream-lambda-elasticsearch-kibana', props); +new DynamoDBStreamToLambdaToElasticSearchAndKibana(this, 'test-dynamodb-stream-lambda-elasticsearch-kibana', props); ``` ## Initializer @@ -78,6 +81,10 @@ _Parameters_ |elasticsearchDomain|[`iam.Role`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-iam.Role.html)|Returns an instance of iam.Role created by the construct for elasticsearch.CfnDomain| |cloudwatchAlarms|[`cloudwatch.Alarm[]`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cloudwatch.Alarm.html)|Returns a list of cloudwatch.Alarm created by the construct| +## Lambda Function + +This pattern requires a lambda function that can post data into the Elasticsearch from DynamoDB stream. A sample function is provided [here](https://github.com/awslabs/aws-solutions-constructs/blob/master/source/patterns/%40aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/lambda/index.js). + ## Default settings Out of the box implementation of the Construct without any override will set the following defaults: diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/lib/index.ts index 511a14053..fa7752dca 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/lib/index.ts @@ -67,7 +67,13 @@ export interface DynamoDBStreamToLambdaToElasticSearchAndKibanaProps { * * @default - None */ - readonly domainName: string + readonly domainName: string, + /** + * Optional Cognito Domain Name, if provided it will be used for Cognito Domain, and domainName will be used for the Elasticsearch Domain + * + * @default - None + */ + readonly cognitoDomainName?: string } export class DynamoDBStreamToLambdaToElasticSearchAndKibana extends Construct { @@ -108,7 +114,8 @@ export class DynamoDBStreamToLambdaToElasticSearchAndKibana extends Construct { const _props2: LambdaToElasticSearchAndKibanaProps = { existingLambdaObj: this.lambdaFunction, domainName: props.domainName, - esDomainProps: props.esDomainProps + esDomainProps: props.esDomainProps, + cognitoDomainName: props.cognitoDomainName }; this.lambdaToElasticSearchAndKibana = new LambdaToElasticSearchAndKibana(this, 'LambdaToElasticSearch', _props2); diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/package.json b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/package.json index 73881f5d3..289b04ba3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for Amazon Dynamodb stream to AWS Lambda to AWS Elasticsearch with Kibana integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,21 +53,21 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-dynamodb-stream-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-elasticsearch-kibana": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-dynamodb-stream-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-elasticsearch-kibana": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -77,17 +77,17 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-dynamodb-stream-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-elasticsearch-kibana": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-dynamodb-stream-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-elasticsearch-kibana": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/__snapshots__/dynamodb-stream-lambda-elasticsearch-kibana.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/__snapshots__/dynamodb-stream-lambda-elasticsearch-kibana.test.js.snap index 702ead0a9..7e6275b5c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/__snapshots__/dynamodb-stream-lambda-elasticsearch-kibana.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/__snapshots__/dynamodb-stream-lambda-elasticsearch-kibana.test.js.snap @@ -170,7 +170,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -319,7 +323,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:es:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":es:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/dynamodb-stream-lambda-elasticsearch-kibana.test.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/dynamodb-stream-lambda-elasticsearch-kibana.test.ts index c1e3f94d4..1c4cd9b64 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/dynamodb-stream-lambda-elasticsearch-kibana.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/dynamodb-stream-lambda-elasticsearch-kibana.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: DynamoDBStreamToLambdaToElasticSearchAndKibanaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json index 1fa20e5c2..b8f27a3ca 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -367,7 +371,11 @@ "Fn::Join": [ "", [ - "arn:aws:es:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":es:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.ts index ca5e2464f..5857c8332 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/integ.no-arguments.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-dynamodb-stream-lambda-elasticsearch-kibana-s const props: DynamoDBStreamToLambdaToElasticSearchAndKibanaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/README.md index 7631da807..6646a6c19 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/README.md @@ -24,20 +24,18 @@ This AWS Solutions Construct implements a pattern Amazon DynamoDB table with stream to invoke the AWS Lambda function with the least privileged permissions. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { DynamoDBStreamToLambdaProps, DynamoDBStreamToLambda} = require('@aws-solutions-constructs/aws-dynamodb-stream-lambda'); +``` typescript +import { DynamoDBStreamToLambdaProps, DynamoDBStreamToLambda} from '@aws-solutions-constructs/aws-dynamodb-stream-lambda'; -const props: DynamoDBStreamToLambdaProps = { +new DynamoDBStreamToLambda(this, 'test-dynamodb-stream-lambda', { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, -}; - -new DynamoDBStreamToLambda(stack, 'test-dynamodb-stream-lambda', props); +}); ``` @@ -70,6 +68,10 @@ _Parameters_ |dynamoTable|[`dynamodb.Table`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-dynamodb.Table.html)|Returns an instance of dynamodb.Table created by the construct| |lambdaFunction|[`lambda.Function`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.Function.html)|Returns an instance of lambda.Function created by the construct| +## Lambda Function + +This pattern requires a lambda function that can post data into the Elasticsearch. A sample function is provided [here](https://github.com/awslabs/aws-solutions-constructs/blob/master/source/patterns/%40aws-solutions-constructs/aws-dynamodb-stream-lambda-elasticsearch-kibana/test/lambda/index.js). + ## Default settings Out of the box implementation of the Construct without any override will set the following defaults: diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/package.json index 0af0a5f76..1c3a4e63a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-dynamodb-stream-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS DynamoDB Stream to AWS Lambda integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/__snapshots__/dynamodb-stream-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/__snapshots__/dynamodb-stream-lambda.test.js.snap index f48a3e278..fd186f715 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/__snapshots__/dynamodb-stream-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/__snapshots__/dynamodb-stream-lambda.test.js.snap @@ -164,7 +164,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/dynamodb-stream-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/dynamodb-stream-lambda.test.ts index 6ecd8435e..783cd2cb8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/dynamodb-stream-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/dynamodb-stream-lambda.test.ts @@ -21,7 +21,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: DynamoDBStreamToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -59,7 +59,7 @@ test('check DynamoEventSourceProps override', () => { const stack = new cdk.Stack(); const props: DynamoDBStreamToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -143,7 +143,7 @@ test('check dynamodb table stream override', () => { const stack = new cdk.Stack(); const props: DynamoDBStreamToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.expected.json index 6fbb77718..34db0b5a4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.ts index 974877faa..dfa65bd20 100644 --- a/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-dynamodb-stream-lambda/test/integ.no-arguments.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-dynamodb-stream-lambda-stack'); const props: DynamoDBStreamToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/README.md index 1e2985782..3b53d408e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/README.md @@ -31,7 +31,7 @@ const { EventsRuleToLambdaProps, EventsRuleToLambda } = require('@aws-solutions- const props: EventsRuleToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/package.json index ec21b8994..f5cddc918 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-events-rule-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for deploying AWS Events Rule that inveokes AWS Lambda", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,15 +53,15 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -71,11 +71,11 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/__snapshots__/events-rule-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/__snapshots__/events-rule-lambda.test.js.snap index e25bc22fd..7f32e4d2d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/__snapshots__/events-rule-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/__snapshots__/events-rule-lambda.test.js.snap @@ -156,7 +156,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/events-rule-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/events-rule-lambda.test.ts index 72246a12b..0679fc9d0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/events-rule-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/events-rule-lambda.test.ts @@ -21,7 +21,7 @@ import * as cdk from '@aws-cdk/core'; function deployNewFunc(stack: cdk.Stack) { const props: EventsRuleToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -117,7 +117,11 @@ test('check lambda function role for deploy: true', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.expected.json index 8ae189a85..8b042fc8d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.ts index 44884cfe4..c696b0378 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.ts +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-lambda/test/integ.events-rule-no-argument.ts @@ -23,7 +23,7 @@ const stack = new Stack(app, 'test-events-rule-lambda-stack'); const props: EventsRuleToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/package.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/package.json index 95948cad3..47af91e02 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sns/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-events-rule-sns", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for deploying AWS Events Rule that invokes AWS SNS", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/lib/index.ts index be1cff7dd..337a09b5a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/lib/index.ts @@ -104,15 +104,12 @@ export class EventsRuleToSQS extends Construct { super(scope, id); // Setup the dead letter queue, if applicable - if (!props.existingQueueObj && (props.deployDeadLetterQueue || props.deployDeadLetterQueue === undefined)) { - const [dlq] = defaults.buildQueue(this, 'deadLetterQueue', { - queueProps: props.deadLetterQueueProps - }); - this.deadLetterQueue = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, - maxReceiveCount: props.maxReceiveCount - }); - } + this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { + existingQueueObj: props.existingQueueObj, + deployDeadLetterQueue: props.deployDeadLetterQueue, + deadLetterQueueProps: props.deadLetterQueueProps, + maxReceiveCount: props.maxReceiveCount + }); let enableEncryptionParam = props.enableEncryptionWithCustomerManagedKey; if (props.enableEncryptionWithCustomerManagedKey === undefined || diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/package.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/package.json index bf24c34c4..051657835 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-events-rule-sqs", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for deploying AWS Events Rule that invokes AWS SQS", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/package.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/package.json index d4d2d77b3..332e8f353 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-events-rule-step-function", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for deploying AWS Events Rule that invokes AWS Step Function", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,19 +53,19 @@ } }, "dependencies": { - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/aws-stepfunctions-tasks": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/aws-stepfunctions-tasks": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -75,15 +75,15 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-stepfunctions-tasks": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-stepfunctions-tasks": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/__snapshots__/events-rule-step-function.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/__snapshots__/events-rule-step-function.test.js.snap index f5b246db5..75ff9cd2f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/__snapshots__/events-rule-step-function.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/__snapshots__/events-rule-step-function.test.js.snap @@ -227,7 +227,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-no-argument.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-no-argument.expected.json index 4aece8baf..6834d961f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-no-argument.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-no-argument.expected.json @@ -60,7 +60,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.expected.json b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.expected.json index 28095fa7d..92b8f77e2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -228,7 +232,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.ts b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.ts index ce2b44af4..b9fd40dba 100644 --- a/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.ts +++ b/source/patterns/@aws-solutions-constructs/aws-events-rule-step-function/test/integ.events-rule-step-function-with-lambda.ts @@ -26,7 +26,7 @@ const stack = new Stack(app, 'test-events-rule-step-function-and-lambda-stack'); const submitLambda = deployLambdaFunction(stack, { runtime: lambda.Runtime.NODEJS_12_X, - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), handler: 'index.handler' }); diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/README.md b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/README.md index 6d6aac80f..aaede2815 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/README.md @@ -95,6 +95,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ## Architecture ![Architecture Diagram](architecture.png) diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/package.json b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/package.json index a5e983a92..72043f188 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-iot-kinesisfirehose-s3", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS IoT to AWS Kinesis Firehose to AWS S3 integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,18 +53,18 @@ } }, "dependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -74,14 +74,14 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/__snapshots__/test.iot-kinesisfirehose-s3.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/__snapshots__/test.iot-kinesisfirehose-s3.test.js.snap index 4860add0d..0426da7c6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/__snapshots__/test.iot-kinesisfirehose-s3.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/__snapshots__/test.iot-kinesisfirehose-s3.test.js.snap @@ -148,7 +148,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -209,6 +213,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "testiotfirehoses3KinesisFirehoseToS3S3LoggingBucketC786B050", @@ -294,9 +311,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/integ.no-arguments.expected.json index 2f9242040..5b21a745f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-kinesisfirehose-s3/test/integ.no-arguments.expected.json @@ -19,9 +19,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -87,6 +84,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testiotfirehoses3KinesisFirehoseToS3S3LoggingBucketC786B050" @@ -220,7 +230,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/README.md b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/README.md index 9c2c15267..91d3c3410 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/README.md @@ -31,7 +31,7 @@ const { IotToLambdaToDynamoDBProps, IotToLambdaToDynamoDB } = require('@aws-sol const props: IotToLambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/package.json b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/package.json index 83576d7f0..d92700811 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-iot-lambda-dynamodb", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS IoT to AWS Lambda to AWS DyanmoDB integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-iot-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.63.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-iot-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-iot-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.63.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-iot-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/__snapshots__/iot-lambda-dynamodb.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/__snapshots__/iot-lambda-dynamodb.test.js.snap index 05a7eae73..448b9fc1e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/__snapshots__/iot-lambda-dynamodb.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/__snapshots__/iot-lambda-dynamodb.test.js.snap @@ -163,7 +163,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.expected.json b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.expected.json index 201aff9de..404d755aa 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.ts index 7535bcf3c..4d7ed95fb 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/integ.iot-lambda-dynamodb.ts @@ -21,7 +21,7 @@ const stack = new Stack(app, 'test-iot-lambda-dynamodb-stack'); const props: IotToLambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts index cac7e7ce2..2551b61f6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda-dynamodb/test/iot-lambda-dynamodb.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployStack(stack: cdk.Stack) { const props: IotToLambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -124,7 +124,11 @@ test('check iot lambda function role', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/README.md index db6f034ea..51d9b08e6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/README.md @@ -31,7 +31,7 @@ const { IotToLambdaProps, IotToLambda } = require('@aws-solutions-constructs/aws const props: IotToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/package.json index 47138ea15..53d075cab 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-iot-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS IoT to AWS Lambda integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,15 +53,15 @@ } }, "dependencies": { - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -71,11 +71,11 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/__snapshots__/iot-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/__snapshots__/iot-lambda.test.js.snap index 6d21636f2..d59f41cc3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/__snapshots__/iot-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/__snapshots__/iot-lambda.test.js.snap @@ -160,7 +160,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.expected.json b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.expected.json index 24f53fc09..a8dcacad3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.ts index 6332cae38..1e66b98d2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-new-func.ts @@ -21,7 +21,7 @@ const stack = new Stack(app, 'test-iot-lambda-stack'); const props: IotToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.expected.json b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.expected.json index 76d5072a5..4dc7bb841 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.ts index ee88775db..fabd7d170 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/integ.iot-lambda-use-existing-func.ts @@ -24,7 +24,7 @@ const stack = new Stack(app, 'test-iot-lambda-stack'); const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/iot-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/iot-lambda.test.ts index a23a5be72..34406adf2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/iot-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-iot-lambda/test/iot-lambda.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: IotToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -42,7 +42,7 @@ function useExistingFunc(stack: cdk.Stack) { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const props: IotToLambdaProps = { @@ -139,7 +139,11 @@ test('check iot lambda function role for deploy: true', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/README.md b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/README.md index f9b40d9d1..2ebf919fd 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/README.md @@ -109,6 +109,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ### Amazon Kinesis Data Analytics * Configure least privilege access IAM role for Amazon Kinesis Analytics diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/lib/index.ts index 061589236..6691e027f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/lib/index.ts @@ -30,7 +30,7 @@ export interface KinesisFirehoseToAnalyticsAndS3Props { * * @default - Default props are used. */ - readonly kinesisFirehoseProps?: kinesisFirehose.CfnDeliveryStreamProps, + readonly kinesisFirehoseProps?: kinesisFirehose.CfnDeliveryStreamProps | any, /** * Optional user-provided props to override the default props for the Kinesis Analytics application. * @@ -66,7 +66,7 @@ export class KinesisFirehoseToAnalyticsAndS3 extends Construct { * @summary Constructs a new instance of the KinesisFirehoseToAnalyticsAndS3 class. * @param {cdk.App} scope - represents the scope for all the resources. * @param {string} id - this is a a scope-unique id. - * @param {CloudFrontToApiGatewayProps} props - user provided props for the construct + * @param {KinesisFirehoseToAnalyticsAndS3Props} props - user provided props for the construct * @since 0.8.0 * @access public */ diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/package.json b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/package.json index 33ad7421a..8a60c7592 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an Amazon Kinesis Data Firehose delivery stream and (1) an Amazon S3 bucket, and (2) an Amazon Kinesis Data Analytics application.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,19 +53,19 @@ } }, "dependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kinesisanalytics": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kinesisanalytics": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -75,15 +75,15 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kinesisanalytics": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kinesisanalytics": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/__snapshots__/test.kinesisfirehose-analytics-s3.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/__snapshots__/test.kinesisfirehose-analytics-s3.test.js.snap index c9317b057..a2247db04 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/__snapshots__/test.kinesisfirehose-analytics-s3.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/__snapshots__/test.kinesisfirehose-analytics-s3.test.js.snap @@ -181,7 +181,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -242,6 +246,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "testfirehoses3andanalyticsstackKinesisFirehoseToS3S3LoggingBucket887A5000", @@ -327,9 +344,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/integ.no-arguments.expected.json index d82c20cd7..14273ed75 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/integ.no-arguments.expected.json @@ -18,9 +18,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -86,6 +83,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testfirehoses3andanalyticsstackKinesisFirehoseToS3S3LoggingBucket887A5000" @@ -219,7 +229,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/test.kinesisfirehose-analytics-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/test.kinesisfirehose-analytics-s3.test.ts index c5f4d5e6f..94a287f06 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/test.kinesisfirehose-analytics-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3-and-kinesisanalytics/test/test.kinesisfirehose-analytics-s3.test.ts @@ -94,4 +94,50 @@ test('Test properties', () => { expect(app.kinesisFirehoseLogGroup !== null); expect(app.s3Bucket !== null); expect(app.s3LoggingBucket !== null); -}); \ No newline at end of file +}); + +// -------------------------------------------------------------- +// Test Case 3 - Override kinesisFirehose props +// -------------------------------------------------------------- +test('test kinesisFirehose override ', () => { + const stack = new Stack(); + + new KinesisFirehoseToAnalyticsAndS3(stack, 'test-firehose-s3', { + kinesisFirehoseProps: { + extendedS3DestinationConfiguration: { + bufferingHints: { + intervalInSeconds: 600, + sizeInMBs: 55 + }, + } + }, + kinesisAnalyticsProps: { + inputs: [{ + inputSchema: { + recordColumns: [{ + name: 'ts', + sqlType: 'TIMESTAMP', + mapping: '$.timestamp' + }, { + name: 'trip_id', + sqlType: 'VARCHAR(64)', + mapping: '$.trip_id' + }], + recordFormat: { + recordFormatType: 'JSON' + }, + recordEncoding: 'UTF-8' + }, + namePrefix: 'SOURCE_SQL_STREAM' + }] + } + }); + + expect(stack).toHaveResourceLike("AWS::KinesisFirehose::DeliveryStream", { + ExtendedS3DestinationConfiguration: { + BufferingHints: { + IntervalInSeconds: 600, + SizeInMBs: 55 + } + }}); + }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/README.md b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/README.md index 23318346b..1d91156fc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/README.md @@ -78,6 +78,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ## Architecture ![Architecture Diagram](architecture.png) diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts index 81e8510de..0faf0a0db 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/lib/index.ts @@ -29,7 +29,7 @@ export interface KinesisFirehoseToS3Props { * * @default - Default props are used */ - readonly kinesisFirehoseProps?: kinesisfirehose.CfnDeliveryStreamProps | any; + readonly kinesisFirehoseProps?: kinesisfirehose.CfnDeliveryStreamProps | any, /** * Existing instance of S3 Bucket object, if this is set then the bucketProps is ignored. * @@ -96,7 +96,7 @@ export class KinesisFirehoseToS3 extends Construct { actions: [ 'logs:PutLogEvents' ], - resources: [`arn:aws:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:log-group:${this.kinesisFirehoseLogGroup.logGroupName}:log-stream:${cwLogStream.logStreamName}`] + resources: [`arn:${cdk.Aws.PARTITION}:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:log-group:${this.kinesisFirehoseLogGroup.logGroupName}:log-stream:${cwLogStream.logStreamName}`] }) ]}); diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/package.json b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/package.json index 2a3a1be4e..6bd9c5f31 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-kinesisfirehose-s3", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an Amazon Kinesis Data Firehose delivery stream and an Amazon S3 bucket.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/__snapshots__/test.kinesisfirehose-s3.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/__snapshots__/test.kinesisfirehose-s3.test.js.snap index 15274d813..d93d09215 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/__snapshots__/test.kinesisfirehose-s3.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/__snapshots__/test.kinesisfirehose-s3.test.js.snap @@ -80,7 +80,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -141,6 +145,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "testfirehoses3S3LoggingBucket31BFDC22", @@ -226,9 +243,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.no-arguments.expected.json index aec7f1fe7..1fb6fbd95 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.no-arguments.expected.json @@ -19,9 +19,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -87,6 +84,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testfirehoses3S3LoggingBucket31BFDC22" @@ -220,7 +230,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.pre-existing-bucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.pre-existing-bucket.expected.json index c8c57b35c..ee4200ba5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.pre-existing-bucket.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisfirehose-s3/test/integ.pre-existing-bucket.expected.json @@ -82,7 +82,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/README.md index eafaf0b33..68c51819b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/README.md @@ -37,7 +37,7 @@ new KinesisStreamsToLambda(stack, 'KinesisToLambdaPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/package.json index 16c0a105e..6d664cc3c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-kinesisstreams-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an Amazon Kinesis Data Stream and an AWS Lambda function.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/__snapshots__/test.kinesisstreams-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/__snapshots__/test.kinesisstreams-lambda.test.js.snap index 3a71e7bd8..c1f82b662 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/__snapshots__/test.kinesisstreams-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/__snapshots__/test.kinesisstreams-lambda.test.js.snap @@ -192,7 +192,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.expected.json index 744aee135..37019a816 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.expected.json @@ -42,7 +42,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.ts index 2fde501d4..df023d5fe 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.deployFunction.ts @@ -31,7 +31,7 @@ const props: KinesisStreamsToLambdaProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, }; diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.expected.json b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.expected.json index a44447f8f..5ca8a3247 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -149,7 +153,7 @@ "testroleB50A37BE" ] }, - "testfnKinesisEventSourcetestkslambdastackteststream0CD251F02AE6CC2F": { + "testfnKinesisEventSourcetestksexistinglambdastackteststream12C1A0467DF707DE": { "Type": "AWS::Lambda::EventSourceMapping", "Properties": { "EventSourceArn": { diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.ts index 7908a9ee9..37863bf87 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/integ.existing.ts @@ -20,7 +20,7 @@ import * as iam from '@aws-cdk/aws-iam'; // Setup const app = new App(); -const stack = new Stack(app, 'test-ks-lambda-stack'); +const stack = new Stack(app, 'test-ks-existing-lambda-stack'); stack.templateOptions.description = 'Integration Test for aws-kinesisstreams-lambda'; const lambdaRole = new iam.Role(stack, 'test-role', { @@ -33,7 +33,7 @@ const lambdaRole = new iam.Role(stack, 'test-role', { 'logs:CreateLogStream', 'logs:PutLogEvents' ], - resources: [`arn:aws:logs:${Aws.REGION}:${Aws.ACCOUNT_ID}:log-group:/aws/lambda/*`] + resources: [`arn:${Aws.PARTITION}:logs:${Aws.REGION}:${Aws.ACCOUNT_ID}:log-group:/aws/lambda/*`] })] }) } @@ -42,7 +42,7 @@ const lambdaRole = new iam.Role(stack, 'test-role', { const lambdaFn = new lambda.Function(stack, 'test-fn', { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), role: lambdaRole, }); diff --git a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/test.kinesisstreams-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/test.kinesisstreams-lambda.test.ts index 6dd866939..f6d0143ce 100644 --- a/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/test.kinesisstreams-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-kinesisstreams-lambda/test/test.kinesisstreams-lambda.test.ts @@ -29,7 +29,7 @@ test('Pattern minimal deployment', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; new KinesisStreamsToLambda(stack, 'test-kinesis-streams-lambda', props); @@ -48,7 +48,7 @@ test('Test properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, kinesisEventSourceProps: { startingPosition: lambda.StartingPosition.TRIM_HORIZON, @@ -74,7 +74,7 @@ test('Test existing resources', () => { const fn = new lambda.Function(stack, 'test-fn', { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }); const stream = new kinesis.Stream(stack, 'test-stream', { @@ -92,7 +92,7 @@ test('Test existing resources', () => { lambdaFunctionProps: { runtime: lambda.Runtime.PYTHON_3_8, handler: 'lambda_function.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, kinesisStreamProps: { streamName: 'other-name-stream', diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/README.md index 537f6c48d..3eb296f69 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/README.md @@ -31,7 +31,7 @@ const { LambdaToDynamoDBProps, LambdaToDynamoDB } = require('@aws-solutions-con const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/package.json index 5e755f430..cf40452c8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-dynamodb", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Lambda to AWS DynamoDB integration.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,14 +53,14 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -70,10 +70,10 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/__snapshots__/lambda-dynamodb.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/__snapshots__/lambda-dynamodb.test.js.snap index e9503ab61..aeb0475e9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/__snapshots__/lambda-dynamodb.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/__snapshots__/lambda-dynamodb.test.js.snap @@ -148,7 +148,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.expected.json index 5f92cf2c3..5dacee6d2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.ts index c6ad85bbb..c67afd475 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.add-secondary-index.ts @@ -23,7 +23,7 @@ const stack = new Stack(app, 'test-lambda-dynamodb-stack'); const construct: LambdaToDynamoDB = new LambdaToDynamoDB(stack, 'test-lambda-dynamodb-stack', { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.expected.json index 24d052f1b..e1b18c7df 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.ts index d91476d78..b9cec3a83 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.no-arguments.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-lambda-dynamodb-stack'); const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.expected.json index 3838be087..b0c3891f8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.ts index d4fae2a61..33ba7d5ae 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.set-billing-mode.ts @@ -32,7 +32,7 @@ new LambdaToDynamoDB(stack, 'test-lambda-dynamodb-stack', { } }, lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.expected.json index 6fdce8e22..08d4b8649 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.ts index 2d6e53974..bd676c1d2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/integ.use-existing-func.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-lambda-dynamodb-stack'); const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts index 5e22ff3c8..7f270b6a8 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-dynamodb/test/lambda-dynamodb.test.ts @@ -21,7 +21,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -34,7 +34,7 @@ function useExistingFunc(stack: cdk.Stack) { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const props: LambdaToDynamoDBProps = { @@ -109,7 +109,7 @@ test('check dynamo table properties for deploy: true', () => { }); }); -test('check iot lambda function role for deploy: true', () => { +test('check lambda function role for deploy: true', () => { const stack = new cdk.Stack(); deployNewFunc(stack); @@ -142,7 +142,11 @@ test('check iot lambda function role for deploy: true', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, @@ -291,7 +295,7 @@ test('check for no prop', () => { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' } @@ -323,7 +327,7 @@ test('check lambda function policy ReadOnly table permissions', () => { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -377,7 +381,7 @@ test('check lambda function policy WriteOnly table permissions', () => { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -429,7 +433,7 @@ test('check lambda function policy ReadWrite table permissions', () => { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, @@ -487,7 +491,7 @@ test('check lambda function policy All table permissions', () => { const props: LambdaToDynamoDBProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/README.md index 447fac11a..2b201d2cc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/README.md @@ -24,20 +24,23 @@ This AWS Solutions Construct implements the AWS Lambda function and Amazon Elasticsearch Service with the least privileged permissions. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { LambdaToElasticSearchAndKibana } = require('@aws-solutions-constructs/aws-lambda-elasticsearch-kibana'); +``` typescript +import { LambdaToElasticSearchAndKibana } from '@aws-solutions-constructs/aws-lambda-elasticsearch-kibana'; +import { Aws } from "@aws-cdk/core"; const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; -new LambdaToElasticSearchAndKibana(stack, 'test-lambda-elasticsearch-kibana', { +new LambdaToElasticSearchAndKibana(this, 'test-lambda-elasticsearch-kibana', { lambdaFunctionProps: lambdaProps, - domainName: 'test-domain' + domainName: 'test-domain', + // TODO: Ensure the Cognito domain name is globally unique + cognitoDomainName: 'globallyuniquedomain' + Aws.ACCOUNT_ID; }); ``` @@ -62,6 +65,7 @@ _Parameters_ |lambdaFunctionProps?|[`lambda.FunctionProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.FunctionProps.html)|User provided props to override the default props for the Lambda function.| |esDomainProps?|[`elasticsearch.CfnDomainProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticsearch.CfnDomainProps.html)|Optional user provided props to override the default props for the Elasticsearch Service| |domainName|`string`|Domain name for the Cognito and the Elasticsearch Service| +|cognitoDomainName?|`string`|Optional Cognito Domain Name, if provided it will be used for Cognito Domain, and domainName will be used for the Elasticsearch Domain| ## Pattern Properties @@ -75,6 +79,10 @@ _Parameters_ |elasticsearchDomain|[`iam.Role`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-iam.Role.html)|Returns an instance of iam.Role created by the construct for elasticsearch.CfnDomain| |cloudwatchAlarms|[`cloudwatch.Alarm[]`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cloudwatch.Alarm.html)|Returns a list of cloudwatch.Alarm created by the construct| +## Lambda Function + +This pattern requires a lambda function that can post data into the Elasticsearch. A sample function is provided [here](https://github.com/awslabs/aws-solutions-constructs/blob/master/source/patterns/%40aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda/index.js). + ## Default settings Out of the box implementation of the Construct without any override will set the following defaults: diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts index 70a58c162..3029ec556 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/lib/index.ts @@ -47,7 +47,13 @@ export interface LambdaToElasticSearchAndKibanaProps { * * @default - None */ - readonly domainName: string + readonly domainName: string, + /** + * Optional Cognito Domain Name, if provided it will be used for Cognito Domain, and domainName will be used for the Elasticsearch Domain + * + * @default - None + */ + readonly cognitoDomainName?: string } export class LambdaToElasticSearchAndKibana extends Construct { @@ -82,7 +88,13 @@ export class LambdaToElasticSearchAndKibana extends Construct { this.userPoolClient = defaults.buildUserPoolClient(this, this.userPool); this.identityPool = defaults.buildIdentityPool(this, this.userPool, this.userPoolClient); - const cognitoAuthorizedRole: Role = defaults.setupCognitoForElasticSearch(this, props.domainName, { + let cognitoDomainName = props.domainName; + + if (props.cognitoDomainName) { + cognitoDomainName = props.cognitoDomainName; + } + + const cognitoAuthorizedRole: Role = defaults.setupCognitoForElasticSearch(this, cognitoDomainName, { userpool: this.userPool, identitypool: this.identityPool, userpoolclient: this.userPoolClient diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/package.json index b0b33e7f4..e6f9e2079 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-elasticsearch-kibana", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS Lambda to AWS Elasticsearch with Kibana integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/__snapshots__/lambda-elasticsearch-kibana.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/__snapshots__/lambda-elasticsearch-kibana.test.js.snap index 7456f3ad4..d8415ec8e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/__snapshots__/lambda-elasticsearch-kibana.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/__snapshots__/lambda-elasticsearch-kibana.test.js.snap @@ -78,7 +78,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:es:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":es:", Object { "Ref": "AWS::Region", }, @@ -578,7 +582,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.expected.json new file mode 100644 index 000000000..f8b92128b --- /dev/null +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.expected.json @@ -0,0 +1,690 @@ +{ + "Resources": { + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleA59E9EBF": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:/aws/lambda/*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LambdaFunctionServiceRolePolicy" + } + ] + } + }, + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleDefaultPolicy438CAC76": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "xray:PutTraceSegments", + "xray:PutTelemetryRecords" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleDefaultPolicy438CAC76", + "Roles": [ + { + "Ref": "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleA59E9EBF" + } + ] + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W12", + "reason": "Lambda needs the following minimum required permissions to send trace data to X-Ray." + } + ] + } + } + }, + "testlambdaelasticsearchkibana2LambdaFunctionE665DF63": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbS3BucketBAF5BF3A" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbS3VersionKeyADB3CCA3" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbS3VersionKeyADB3CCA3" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleA59E9EBF", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Environment": { + "Variables": { + "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", + "DOMAIN_ENDPOINT": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2ElasticsearchDomainE2BD1E73", + "DomainEndpoint" + ] + } + } + }, + "TracingConfig": { + "Mode": "Active" + } + }, + "DependsOn": [ + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleDefaultPolicy438CAC76", + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleA59E9EBF" + ], + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W58", + "reason": "Lambda functions has the required permission to write CloudWatch Logs. It uses custom policy instead of arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole with more tighter permissions." + } + ] + } + } + }, + "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA": { + "Type": "AWS::Cognito::UserPool", + "Properties": { + "AccountRecoverySetting": { + "RecoveryMechanisms": [ + { + "Name": "verified_phone_number", + "Priority": 1 + }, + { + "Name": "verified_email", + "Priority": 2 + } + ] + }, + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": true + }, + "EmailVerificationMessage": "The verification code to your new account is {####}", + "EmailVerificationSubject": "Verify your new account", + "SmsVerificationMessage": "The verification code to your new account is {####}", + "UserPoolAddOns": { + "AdvancedSecurityMode": "ENFORCED" + }, + "VerificationMessageTemplate": { + "DefaultEmailOption": "CONFIRM_WITH_CODE", + "EmailMessage": "The verification code to your new account is {####}", + "EmailSubject": "Verify your new account", + "SmsMessage": "The verification code to your new account is {####}" + } + } + }, + "testlambdaelasticsearchkibana2CognitoUserPoolClientB0F3872A": { + "Type": "AWS::Cognito::UserPoolClient", + "Properties": { + "UserPoolId": { + "Ref": "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA" + }, + "AllowedOAuthFlows": [ + "implicit", + "code" + ], + "AllowedOAuthFlowsUserPoolClient": true, + "AllowedOAuthScopes": [ + "profile", + "phone", + "email", + "openid", + "aws.cognito.signin.user.admin" + ], + "CallbackURLs": [ + "https://example.com" + ], + "SupportedIdentityProviders": [ + "COGNITO" + ] + } + }, + "testlambdaelasticsearchkibana2CognitoIdentityPool0681F400": { + "Type": "AWS::Cognito::IdentityPool", + "Properties": { + "AllowUnauthenticatedIdentities": false, + "CognitoIdentityProviders": [ + { + "ClientId": { + "Ref": "testlambdaelasticsearchkibana2CognitoUserPoolClientB0F3872A" + }, + "ProviderName": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA", + "ProviderName" + ] + }, + "ServerSideTokenCheck": true + } + ] + } + }, + "testlambdaelasticsearchkibana2UserPoolDomainF6BF7A6F": { + "Type": "AWS::Cognito::UserPoolDomain", + "Properties": { + "Domain": "globallyuniquedomain", + "UserPoolId": { + "Ref": "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA" + } + }, + "DependsOn": [ + "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA" + ] + }, + "testlambdaelasticsearchkibana2CognitoAuthorizedRole7AD979E9": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": { + "Ref": "testlambdaelasticsearchkibana2CognitoIdentityPool0681F400" + } + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "authenticated" + } + }, + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": "es:ESHttp*", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":es:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":domain/globallyuniquedomain/*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "CognitoAccessPolicy" + } + ] + } + }, + "testlambdaelasticsearchkibana2IdentityPoolRoleMapping5CE56BBF": { + "Type": "AWS::Cognito::IdentityPoolRoleAttachment", + "Properties": { + "IdentityPoolId": { + "Ref": "testlambdaelasticsearchkibana2CognitoIdentityPool0681F400" + }, + "Roles": { + "authenticated": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoAuthorizedRole7AD979E9", + "Arn" + ] + } + } + } + }, + "testlambdaelasticsearchkibana2CognitoKibanaConfigureRoleC9C9E921": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "es.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "testlambdaelasticsearchkibana2CognitoKibanaConfigureRolePolicy6DE68343": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "cognito-idp:DescribeUserPool", + "cognito-idp:CreateUserPoolClient", + "cognito-idp:DeleteUserPoolClient", + "cognito-idp:DescribeUserPoolClient", + "cognito-idp:AdminInitiateAuth", + "cognito-idp:AdminUserGlobalSignOut", + "cognito-idp:ListUserPoolClients", + "cognito-identity:DescribeIdentityPool", + "cognito-identity:UpdateIdentityPool", + "cognito-identity:SetIdentityPoolRoles", + "cognito-identity:GetIdentityPoolRoles", + "es:UpdateElasticsearchDomainConfig" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:cognito-identity:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":identitypool/", + { + "Ref": "testlambdaelasticsearchkibana2CognitoIdentityPool0681F400" + } + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:aws:es:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":domain/domain-", + { + "Ref": "AWS::AccountId" + } + ] + ] + } + ] + }, + { + "Action": "iam:PassRole", + "Condition": { + "StringLike": { + "iam:PassedToService": "cognito-identity.amazonaws.com" + } + }, + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoKibanaConfigureRoleC9C9E921", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "testlambdaelasticsearchkibana2CognitoKibanaConfigureRolePolicy6DE68343", + "Roles": [ + { + "Ref": "testlambdaelasticsearchkibana2CognitoKibanaConfigureRoleC9C9E921" + } + ] + } + }, + "testlambdaelasticsearchkibana2ElasticsearchDomainE2BD1E73": { + "Type": "AWS::Elasticsearch::Domain", + "Properties": { + "AccessPolicies": { + "Statement": [ + { + "Action": "es:ESHttp*", + "Effect": "Allow", + "Principal": { + "AWS": [ + { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoAuthorizedRole7AD979E9", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2LambdaFunctionServiceRoleA59E9EBF", + "Arn" + ] + } + ] + }, + "Resource": { + "Fn::Join": [ + "", + [ + "arn:aws:es:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":domain/domain-", + { + "Ref": "AWS::AccountId" + }, + "/*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "CognitoOptions": { + "Enabled": true, + "IdentityPoolId": { + "Ref": "testlambdaelasticsearchkibana2CognitoIdentityPool0681F400" + }, + "RoleArn": { + "Fn::GetAtt": [ + "testlambdaelasticsearchkibana2CognitoKibanaConfigureRoleC9C9E921", + "Arn" + ] + }, + "UserPoolId": { + "Ref": "testlambdaelasticsearchkibana2CognitoUserPool9D73D9DA" + } + }, + "DomainName": { + "Fn::Join": [ + "", + [ + "domain-", + { + "Ref": "AWS::AccountId" + } + ] + ] + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10 + }, + "ElasticsearchClusterConfig": { + "DedicatedMasterCount": 3, + "DedicatedMasterEnabled": true, + "InstanceCount": 3, + "ZoneAwarenessConfig": { + "AvailabilityZoneCount": 3 + }, + "ZoneAwarenessEnabled": true + }, + "ElasticsearchVersion": "6.3", + "EncryptionAtRestOptions": { + "Enabled": true + }, + "NodeToNodeEncryptionOptions": { + "Enabled": true + }, + "SnapshotOptions": { + "AutomatedSnapshotStartHour": 1 + } + }, + "Metadata": { + "cfn_nag": { + "rules_to_suppress": [ + { + "id": "W28", + "reason": "The ES Domain is passed dynamically as as parameter and explicitly specified to ensure that IAM policies are configured to lockdown access to this specific ES instance only" + } + ] + } + } + }, + "testlambdaelasticsearchkibana2StatusRedAlarm508A4D17": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "At least one primary shard and its replicas are not allocated to a node. ", + "MetricName": "ClusterStatus.red", + "Namespace": "AWS/ES", + "Period": 60, + "Statistic": "Maximum", + "Threshold": 1 + } + }, + "testlambdaelasticsearchkibana2StatusYellowAlarmEF13F129": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "At least one replica shard is not allocated to a node.", + "MetricName": "ClusterStatus.yellow", + "Namespace": "AWS/ES", + "Period": 60, + "Statistic": "Maximum", + "Threshold": 1 + } + }, + "testlambdaelasticsearchkibana2FreeStorageSpaceTooLowAlarm1ED7AA90": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "LessThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "A node in your cluster is down to 20 GiB of free storage space.", + "MetricName": "FreeStorageSpace", + "Namespace": "AWS/ES", + "Period": 60, + "Statistic": "Minimum", + "Threshold": 2000 + } + }, + "testlambdaelasticsearchkibana2IndexWritesBlockedTooHighAlarmCE02A217": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "Your cluster is blocking write requests.", + "MetricName": "ClusterIndexWritesBlocked", + "Namespace": "AWS/ES", + "Period": 300, + "Statistic": "Maximum", + "Threshold": 1 + } + }, + "testlambdaelasticsearchkibana2AutomatedSnapshotFailureTooHighAlarm75E8F988": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "An automated snapshot failed. This failure is often the result of a red cluster health status.", + "MetricName": "AutomatedSnapshotFailure", + "Namespace": "AWS/ES", + "Period": 60, + "Statistic": "Maximum", + "Threshold": 1 + } + }, + "testlambdaelasticsearchkibana2CPUUtilizationTooHighAlarm7E4A7ADE": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 3, + "AlarmDescription": "100% CPU utilization is not uncommon, but sustained high usage is problematic. Consider using larger instance types or adding instances.", + "MetricName": "CPUUtilization", + "Namespace": "AWS/ES", + "Period": 900, + "Statistic": "Average", + "Threshold": 80 + } + }, + "testlambdaelasticsearchkibana2JVMMemoryPressureTooHighAlarm7CB5E1C7": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "Average JVM memory pressure over last 15 minutes too high. Consider scaling vertically.", + "MetricName": "JVMMemoryPressure", + "Namespace": "AWS/ES", + "Period": 900, + "Statistic": "Average", + "Threshold": 80 + } + }, + "testlambdaelasticsearchkibana2MasterCPUUtilizationTooHighAlarmE22B714C": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 3, + "AlarmDescription": "Average CPU utilization over last 45 minutes too high. Consider using larger instance types for your dedicated master nodes.", + "MetricName": "MasterCPUUtilization", + "Namespace": "AWS/ES", + "Period": 900, + "Statistic": "Average", + "Threshold": 50 + } + }, + "testlambdaelasticsearchkibana2MasterJVMMemoryPressureTooHighAlarm37A392A6": { + "Type": "AWS::CloudWatch::Alarm", + "Properties": { + "ComparisonOperator": "GreaterThanOrEqualToThreshold", + "EvaluationPeriods": 1, + "AlarmDescription": "Average JVM memory pressure over last 15 minutes too high. Consider scaling vertically.", + "MetricName": "MasterJVMMemoryPressure", + "Namespace": "AWS/ES", + "Period": 900, + "Statistic": "Average", + "Threshold": 50 + } + } + }, + "Parameters": { + "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbS3BucketBAF5BF3A": { + "Type": "String", + "Description": "S3 bucket for asset \"67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682db\"" + }, + "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbS3VersionKeyADB3CCA3": { + "Type": "String", + "Description": "S3 key for asset version \"67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682db\"" + }, + "AssetParameters67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682dbArtifactHash322F5E2F": { + "Type": "String", + "Description": "Artifact hash for asset \"67a9971e29baab2bde3043bb70ce5b53318b95429a1ce9b189cf65223e8682db\"" + } + } +} \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.ts new file mode 100644 index 000000000..d947baeb8 --- /dev/null +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.domain-arguments.ts @@ -0,0 +1,39 @@ +/** + * Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance + * with the License. A copy of the License is located at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES + * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions + * and limitations under the License. + */ + +/// !cdk-integ * +import { App, Stack, Aws } from "@aws-cdk/core"; +import { LambdaToElasticSearchAndKibana } from "../lib"; +import * as lambda from '@aws-cdk/aws-lambda'; + +// Setup +const app = new App(); +const stack = new Stack(app, 'test-lambda-elasticsearch-kibana-stack2'); + +const lambdaProps: lambda.FunctionProps = { + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler' +}; + +const esDomain = 'domain-' + Aws.ACCOUNT_ID; +const cognitoDomain = 'globallyuniquedomain'; + +new LambdaToElasticSearchAndKibana(stack, 'test-lambda-elasticsearch-kibana2', { + lambdaFunctionProps: lambdaProps, + domainName: esDomain, + cognitoDomainName: cognitoDomain +}); + +// Synth +app.synth(); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json index 9ee9dbc8e..e8a26341d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -290,7 +294,11 @@ "Fn::Join": [ "", [ - "arn:aws:es:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":es:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.ts index c2682061b..0b9baf1dd 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/integ.no-arguments.ts @@ -21,7 +21,7 @@ const app = new App(); const stack = new Stack(app, 'test-lambda-elasticsearch-kibana-stack'); const lambdaProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts index 7bb1aa13e..bd31bdc8b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-elasticsearch-kibana/test/lambda-elasticsearch-kibana.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: LambdaToElasticSearchAndKibanaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/README.md index a081a9aae..32962625d 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/README.md @@ -24,16 +24,16 @@ This AWS Solutions Construct implements an AWS Lambda function connected to an Amazon S3 bucket. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { LambdaToS3 } = require('@aws-solutions-constructs/aws-lambda-s3'); +``` typescript +import { LambdaToS3 } from '@aws-solutions-constructs/aws-lambda-s3'; -new LambdaToS3(stack, 'LambdaToS3Pattern', { +new LambdaToS3(this, 'LambdaToS3Pattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); @@ -85,6 +85,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ## Architecture ![Architecture Diagram](architecture.png) diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/package.json index 1f1284797..4bc8c08fa 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-s3", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an AWS Lambda function and an Amazon S3 bucket.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,14 +53,14 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -70,10 +70,10 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/__snapshots__/lambda-s3.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/__snapshots__/lambda-s3.test.js.snap index 7530da28d..5f8a710f5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/__snapshots__/lambda-s3.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/__snapshots__/lambda-s3.test.js.snap @@ -122,7 +122,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -238,6 +242,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -323,9 +340,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -494,7 +508,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -580,6 +598,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -665,9 +696,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -836,7 +864,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -925,6 +957,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -1010,9 +1055,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -1181,7 +1223,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1279,6 +1325,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -1364,9 +1423,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -1535,7 +1591,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1636,6 +1696,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -1721,9 +1794,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -1892,7 +1962,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1990,6 +2064,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -2075,9 +2162,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -2246,7 +2330,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2347,6 +2435,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -2432,9 +2533,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -2603,7 +2701,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2704,6 +2806,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "lambdatos3stackS3LoggingBucketB82C3492", @@ -2792,9 +2907,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.expected.json index cfd101f8b..b58746df2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -213,9 +217,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -281,6 +282,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testlambdas3S3LoggingBucketD42FC73D" diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.ts index 055704790..29ff96c19 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.deployFunction.ts @@ -26,7 +26,7 @@ const props: LambdaToS3Props = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.expected.json index 08bac4bfc..bf1899b8e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -213,9 +217,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -281,6 +282,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "testlambdas3S3LoggingBucketD42FC73D" diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.ts index 868d8e799..fec52ffb3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.existingFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-lambda-s3'; const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.expected.json index 78df9861b..83c08aa43 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.ts index 7612ca3f8..4ee820dcf 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/integ.pre-existing-bucket.ts @@ -29,7 +29,7 @@ const props: LambdaToS3Props = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts index 093d13e31..0ddd8ff46 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-s3/test/lambda-s3.test.ts @@ -29,7 +29,7 @@ test('Test minimal deployment with new Lambda function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); // Assertion 1 @@ -47,7 +47,7 @@ test('Test deployment w/ s3:Delete only', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Delete'] }); @@ -66,7 +66,7 @@ test('Test deployment w/ s3:Put only', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Put'] }); @@ -85,7 +85,7 @@ test('Test deployment w/ s3:Read only', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Read'] }); @@ -104,7 +104,7 @@ test('Test deployment w/ s3:ReadWrite only', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['ReadWrite'] }); @@ -123,7 +123,7 @@ test('Test deployment w/ s3:Write only', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Write'] }); @@ -142,7 +142,7 @@ test('Test deployment w/ s3 multiple permissions', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Write', 'Delete'] }); @@ -161,7 +161,7 @@ test('Test the properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketPermissions: ['Write'] }); @@ -185,7 +185,7 @@ test('Test the bucketProps override', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, bucketProps: { websiteIndexDocument: 'index.main.html' diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/README.md index 8f45bb4c7..b47de3448 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/README.md @@ -26,18 +26,16 @@ This AWS Solutions Construct implements an AWS Lambda function connected to an A Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { LambdaToSns, LambdaToSnsProps } from "@aws-solutions-constructs/aws-lambda-sns"; -const props: LambdaToSnsProps = { +new LambdaToSns(this, 'test-lambda-sns', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } -}; - -new LambdaToSns(stack, 'test-lambda-sns', props); +}); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/package.json index 0cf7eafb4..a124bd7e9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-sns", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an AWS Lambda function and an Amazon SNS topic.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,15 +53,15 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -71,11 +71,11 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/__snapshots__/lambda-sns.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/__snapshots__/lambda-sns.test.js.snap index 806f7bc44..b39abc220 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/__snapshots__/lambda-sns.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/__snapshots__/lambda-sns.test.js.snap @@ -135,7 +135,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -331,7 +335,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.expected.json index edac77200..6624f5195 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.ts index 83a37a379..dcc4cf972 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.deployFunction.ts @@ -26,7 +26,7 @@ const props: LambdaToSnsProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.expected.json index 1d3184266..d89917383 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.ts index e779bed46..b378e8c1a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/integ.existingFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-lambda-sns'; const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts index a16a69656..be98c72b2 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sns/test/lambda-sns.test.ts @@ -30,7 +30,7 @@ test('Test deployment with new Lambda function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'deployed-function' } @@ -86,7 +86,7 @@ test('Test deployment with existing existingTopicObj', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'override-function' } @@ -109,7 +109,7 @@ test('override topicProps', () => { const props: LambdaToSnsProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -136,7 +136,7 @@ test('Test the properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); // Assertion 1 diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/README.md index f8a331845..36b608045 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/README.md @@ -26,19 +26,19 @@ This AWS Solutions Construct implements (1) an AWS Lambda function that is confi Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { LambdaToSqsToLambda, LambdaToSqsToLambdaProps } from "@aws-solutions-constructs/aws-lambda-sqs-lambda"; new LambdaToSqsToLambda(this, 'LambdaToSqsToLambdaPattern', { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) } }); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/package.json index a8fc11eed..1425fb763 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-sqs-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK construct that provisions (1) an AWS Lambda function that is configured to send messages to a queue; (2) an Amazon SQS queue; and (3) an AWS Lambda function configured to consume messages from the queue.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-sqs": "~1.63.0", - "@aws-solutions-constructs/aws-sqs-lambda": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-sqs": "~1.64.0", + "@aws-solutions-constructs/aws-sqs-lambda": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-sqs": "~1.63.0", - "@aws-solutions-constructs/aws-sqs-lambda": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-sqs": "~1.64.0", + "@aws-solutions-constructs/aws-sqs-lambda": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/__snapshots__/lambda-sqs-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/__snapshots__/lambda-sqs-lambda.test.js.snap index 9d9756aa2..112d56d73 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/__snapshots__/lambda-sqs-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/__snapshots__/lambda-sqs-lambda.test.js.snap @@ -134,7 +134,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -381,7 +385,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -605,7 +613,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -936,7 +948,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1158,7 +1174,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1350,7 +1370,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1718,7 +1742,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2050,7 +2078,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2351,7 +2383,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2421,81 +2457,6 @@ Object { }, "Type": "AWS::IAM::Policy", }, - "lambdasqslambdalambdatosqsdeadLetterQueue46E7302E": Object { - "Properties": Object { - "KmsMasterKeyId": "alias/aws/sqs", - }, - "Type": "AWS::SQS::Queue", - }, - "lambdasqslambdalambdatosqsdeadLetterQueuePolicyF51B6C4C": Object { - "Properties": Object { - "PolicyDocument": Object { - "Statement": Array [ - Object { - "Action": Array [ - "sqs:DeleteMessage", - "sqs:ReceiveMessage", - "sqs:SendMessage", - "sqs:GetQueueAttributes", - "sqs:RemovePermission", - "sqs:AddPermission", - "sqs:SetQueueAttributes", - ], - "Effect": "Allow", - "Principal": Object { - "AWS": Object { - "Fn::Join": Array [ - "", - Array [ - "arn:", - Object { - "Ref": "AWS::Partition", - }, - ":iam::", - Object { - "Ref": "AWS::AccountId", - }, - ":root", - ], - ], - }, - }, - "Resource": Object { - "Fn::GetAtt": Array [ - "lambdasqslambdalambdatosqsdeadLetterQueue46E7302E", - "Arn", - ], - }, - "Sid": "QueueOwnerOnlyAccess", - }, - Object { - "Action": "SQS:*", - "Condition": Object { - "Bool": Object { - "aws:SecureTransport": "false", - }, - }, - "Effect": "Deny", - "Principal": "*", - "Resource": Object { - "Fn::GetAtt": Array [ - "lambdasqslambdalambdatosqsdeadLetterQueue46E7302E", - "Arn", - ], - }, - "Sid": "HttpsOnly", - }, - ], - "Version": "2012-10-17", - }, - "Queues": Array [ - Object { - "Ref": "lambdasqslambdalambdatosqsdeadLetterQueue46E7302E", - }, - ], - }, - "Type": "AWS::SQS::QueuePolicy", - }, "lambdasqslambdasqstolambdaLambdaFunction78C2590B": Object { "DependsOn": Array [ "lambdasqslambdasqstolambdaLambdaFunctionServiceRoleDefaultPolicyA5B2DD0D", @@ -2599,7 +2560,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -2824,7 +2789,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -3156,7 +3125,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -3381,7 +3354,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -3713,7 +3690,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.expected.json index a3d7c177c..333c064d6 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -365,7 +369,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.ts index 6524d8a62..751f51334 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.defaultDeployment.ts @@ -26,12 +26,12 @@ const props: LambdaToSqsToLambdaProps = { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.expected.json index 700697b89..1f9a6dab5 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -219,7 +223,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.ts index fa299de3d..4f4200f95 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingConsumerFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-lambda-sqs-lambda' const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) }; const existingConsumerFn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -35,7 +35,7 @@ const props: LambdaToSqsToLambdaProps = { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, existingConsumerLambdaObj: existingConsumerFn, }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.expected.json index a9f1cf2fc..8381b1585 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -365,7 +369,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.ts index 489277a20..351d5b373 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingProducerFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-lambda-sqs-lambda' const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }; const existingProducerFn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -36,7 +36,7 @@ const props: LambdaToSqsToLambdaProps = { consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.expected.json index 1060a4792..8024fe17b 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.expected.json @@ -106,7 +106,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -251,81 +255,6 @@ } } }, - "testlambdasqslambdalambdatosqsdeadLetterQueue016B6E58": { - "Type": "AWS::SQS::Queue", - "Properties": { - "KmsMasterKeyId": "alias/aws/sqs" - } - }, - "testlambdasqslambdalambdatosqsdeadLetterQueuePolicyAA313AD2": { - "Type": "AWS::SQS::QueuePolicy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "sqs:DeleteMessage", - "sqs:ReceiveMessage", - "sqs:SendMessage", - "sqs:GetQueueAttributes", - "sqs:RemovePermission", - "sqs:AddPermission", - "sqs:SetQueueAttributes" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": { - "Fn::GetAtt": [ - "testlambdasqslambdalambdatosqsdeadLetterQueue016B6E58", - "Arn" - ] - }, - "Sid": "QueueOwnerOnlyAccess" - }, - { - "Action": "SQS:*", - "Condition": { - "Bool": { - "aws:SecureTransport": "false" - } - }, - "Effect": "Deny", - "Principal": "*", - "Resource": { - "Fn::GetAtt": [ - "testlambdasqslambdalambdatosqsdeadLetterQueue016B6E58", - "Arn" - ] - }, - "Sid": "HttpsOnly" - } - ], - "Version": "2012-10-17" - }, - "Queues": [ - { - "Ref": "testlambdasqslambdalambdatosqsdeadLetterQueue016B6E58" - } - ] - } - }, "testlambdasqslambdasqstolambdaLambdaFunctionServiceRole785979D2": { "Type": "AWS::IAM::Role", "Properties": { @@ -356,7 +285,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.ts index f7c471694..ef505d9f1 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/integ.existingQueue.ts @@ -29,13 +29,13 @@ const props: LambdaToSqsToLambdaProps = { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, existingQueueObj: existingQueue, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts index 7df3207f2..410f56ee5 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs-lambda/test/lambda-sqs-lambda.test.ts @@ -30,13 +30,13 @@ test('Test minimal deployment', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'producer-function' }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'consumer-function' } }; @@ -128,7 +128,7 @@ test('Test deployment w/ existing producer function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'existing-producer-function' } }); @@ -138,7 +138,7 @@ test('Test deployment w/ existing producer function', () => { consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'deployed-consumer-function' } }; @@ -166,7 +166,7 @@ test('Test deployment w/ existing consumer function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'existing-consumer-function' } }); @@ -175,7 +175,7 @@ test('Test deployment w/ existing consumer function', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'deployed-producer-function' }, existingConsumerLambdaObj: existingConsumerFn @@ -210,13 +210,13 @@ test('Test deployment w/ existing queue', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'producer-function' }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'consumer-function' }, existingQueueObj: existingQueue @@ -241,12 +241,12 @@ test('Test deployment w/ DLQ explicitly disabled', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) }, deployDeadLetterQueue: false, }; @@ -272,12 +272,12 @@ test('Test deployment w/ DLQ explicitly enabled and w/ MRC override', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`) }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`) + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`) }, deployDeadLetterQueue: true, maxReceiveCount: 6 @@ -310,13 +310,13 @@ test('Test overrides for producer and consumer functions', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'producer-function' }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'consumer-function' } }; @@ -344,13 +344,13 @@ test('Test the public pattern props', () => { producerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/producer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/producer-function`), functionName: 'producer-function' }, consumerLambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda/consumer-function`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/consumer-function`), functionName: 'consumer-function' } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/README.md index f00819d91..b9ae8d1aa 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/README.md @@ -26,14 +26,14 @@ This AWS Solutions Construct implements an AWS Lambda function connected to an A Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { LambdaToSqs, LambdaToSqsProps } from "@aws-solutions-constructs/aws-lambda-sqs"; new LambdaToSqs(this, 'LambdaToSqsPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts index 1aa582b61..d8ea2b2bb 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/lib/index.ts @@ -96,16 +96,13 @@ export class LambdaToSqs extends Construct { lambdaFunctionProps: props.lambdaFunctionProps }); - // Setup a dead letter queue, if applicable - if (props.deployDeadLetterQueue || props.deployDeadLetterQueue === undefined) { - const [dlq] = defaults.buildQueue(this, 'deadLetterQueue', { - queueProps: props.deadLetterQueueProps - }); - this.deadLetterQueue = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, - maxReceiveCount: props.maxReceiveCount - }); - } + // Setup the dead letter queue, if applicable + this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { + existingQueueObj: props.existingQueueObj, + deployDeadLetterQueue: props.deployDeadLetterQueue, + deadLetterQueueProps: props.deadLetterQueueProps, + maxReceiveCount: props.maxReceiveCount + }); // Setup the queue [this.sqsQueue] = defaults.buildQueue(this, 'queue', { diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/package.json index 7a268a445..a6b5d9a1a 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-sqs", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an AWS Lambda function and an Amazon SQS queue.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,14 +53,14 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -70,10 +70,10 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/__snapshots__/lambda-sqs.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/__snapshots__/lambda-sqs.test.js.snap index 584a0b8df..a7993343a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/__snapshots__/lambda-sqs.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/__snapshots__/lambda-sqs.test.js.snap @@ -122,7 +122,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -491,7 +495,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -783,7 +791,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -993,7 +1005,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1348,7 +1364,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.expected.json index 5bdc5712a..986110cf4 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.ts index 3460cd190..db2c33a64 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.deployFunction.ts @@ -26,7 +26,7 @@ const props: LambdaToSqsProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.expected.json index 2a7c3ccb4..96a13a2c1 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.ts index f253beca9..8879873ec 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/integ.existingFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-lambda-sqs'; const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts index 0858f629d..8e7fbbd63 100755 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-sqs/test/lambda-sqs.test.ts @@ -30,7 +30,7 @@ test('Test minimal deployment with new Lambda function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); // Assertion 1 @@ -48,7 +48,7 @@ test('Test deployment w/ DLQ and purging enabled', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, enableQueuePurging: true, deployDeadLetterQueue: true @@ -68,7 +68,7 @@ test('Test deployment w/ purging disabled', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, enableQueuePurging: false }); @@ -87,7 +87,7 @@ test('Test the properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, }); // Assertion 1 @@ -112,7 +112,7 @@ test('Test deployment w/ DLQ disabled', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, enableQueuePurging: true, deployDeadLetterQueue: false, @@ -138,10 +138,9 @@ test('Test deployment w/ existing queue', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, enableQueuePurging: true, - deployDeadLetterQueue: false, existingQueueObj: queue }); // Assertion 1 diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/README.md b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/README.md index 08ed8d6a9..d8636f030 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/README.md @@ -24,16 +24,19 @@ This AWS Solutions Construct implements an AWS Lambda function connected to an AWS Step Function. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { LambdaToStepFunction } = require('@aws-solutions-constructs/aws-lambda-step-function'); +``` typescript +import { LambdaToStepFunction } from '@aws-solutions-constructs/aws-lambda-step-function'; +import * as stepfunctions from '@aws-cdk/aws-stepfunctions'; -new LambdaToStepFunction(stack, 'LambdaToStepFunctionPattern', { +const startState = new stepfunctions.Pass(stack, 'StartState'); + +new LambdaToStepFunction(this, 'LambdaToStepFunctionPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, stateMachineProps: { definition: startState diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/package.json b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/package.json index d6da251b8..9d0bcdc7e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-lambda-step-function", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an AWS Lambda function and an AWS Step Function.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0", "eslint-plugin-import": "^2.22.0" @@ -73,12 +73,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/__snapshots__/lambda-step-function.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/__snapshots__/lambda-step-function.test.js.snap index 1390904a9..02555ad85 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/__snapshots__/lambda-step-function.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/__snapshots__/lambda-step-function.test.js.snap @@ -123,7 +123,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -321,7 +325,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -564,7 +572,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -727,7 +739,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.expected.json index 4a052686e..c68c70829 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.expected.json @@ -60,7 +60,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -155,7 +159,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.ts index e704011fa..431f92c01 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.deploy-lambda.ts @@ -29,7 +29,7 @@ const props: LambdaToStepFunctionProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, stateMachineProps: { definition: startState diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.expected.json b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.expected.json index 2e17b8599..3de519ae3 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -228,7 +232,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.ts index 3af206994..dce737a44 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/integ.existing-function.ts @@ -29,7 +29,7 @@ const startState = new stepfunctions.Pass(stack, 'StartState'); const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; // Setup the "existing" Lambda function diff --git a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/lambda-step-function.test.ts b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/lambda-step-function.test.ts index 3657d74e3..4d8faf044 100644 --- a/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/lambda-step-function.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-lambda-step-function/test/lambda-step-function.test.ts @@ -32,7 +32,7 @@ test('Test deployment with new Lambda function', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'deploy-function' } @@ -64,7 +64,7 @@ test('Test deployment with existing Lambda function', () => { const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'existing-function' } @@ -100,7 +100,7 @@ test('Test invocation permissions', () => { const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'existing-function' } @@ -150,7 +150,7 @@ test('Test the properties', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { LAMBDA_NAME: 'existing-function' } diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/README.md index 7b7b5e1cf..b366b7260 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/README.md @@ -24,22 +24,18 @@ This AWS Solutions Construct implements an Amazon S3 bucket connected to an AWS Lambda function. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { S3ToLambdaProps, S3ToLambda } = require('@aws-solutions-constructs/aws-s3-lambda'); +``` typescript +import { S3ToLambdaProps, S3ToLambda } from '@aws-solutions-constructs/aws-s3-lambda'; -const stack = new Stack(app, 'test-s3-lambda-stack'); - -const props: S3ToLambdaProps = { +new S3ToLambda(this, 'test-s3-lambda', { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, -}; - -new S3ToLambda(stack, 'test-s3-lambda', props); +}); ``` @@ -84,6 +80,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ### AWS Lambda Function * Configure least privilege access IAM role for Lambda function diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/package.json index 7089a8e34..c77772866 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-s3-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS S3 to AWS Lambda integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-s3-notifications": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-s3-notifications": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-s3-notifications": "~1.63.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-s3-notifications": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/__snapshots__/s3-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/__snapshots__/s3-lambda.test.js.snap index 83c000577..2c45c7e8a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/__snapshots__/s3-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/__snapshots__/s3-lambda.test.js.snap @@ -175,28 +175,6 @@ Object { }, "Type": "AWS::IAM::Policy", }, - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdaS3Bucket9453157137836A69": Object { - "Properties": Object { - "Action": "lambda:InvokeFunction", - "FunctionName": Object { - "Fn::GetAtt": Array [ - "tests3lambdaLambdaFunctionB56B7023", - "Arn", - ], - }, - "Principal": "s3.amazonaws.com", - "SourceAccount": Object { - "Ref": "AWS::AccountId", - }, - "SourceArn": Object { - "Fn::GetAtt": Array [ - "tests3lambdaS3BucketBE7C1B8E", - "Arn", - ], - }, - }, - "Type": "AWS::Lambda::Permission", - }, "tests3lambdaLambdaFunctionB56B7023": Object { "DependsOn": Array [ "tests3lambdaLambdaFunctionServiceRoleDefaultPolicyA7E71BD5", @@ -299,7 +277,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -355,6 +337,28 @@ Object { }, "Type": "AWS::IAM::Policy", }, + "tests3lambdaS3BucketAllowBucketNotificationsTotests3lambdaLambdaFunction5728304630C49926": Object { + "Properties": Object { + "Action": "lambda:InvokeFunction", + "FunctionName": Object { + "Fn::GetAtt": Array [ + "tests3lambdaLambdaFunctionB56B7023", + "Arn", + ], + }, + "Principal": "s3.amazonaws.com", + "SourceAccount": Object { + "Ref": "AWS::AccountId", + }, + "SourceArn": Object { + "Fn::GetAtt": Array [ + "tests3lambdaS3BucketBE7C1B8E", + "Arn", + ], + }, + }, + "Type": "AWS::Lambda::Permission", + }, "tests3lambdaS3BucketBE7C1B8E": Object { "DeletionPolicy": "Retain", "Properties": Object { @@ -367,6 +371,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "tests3lambdaS3LoggingBucket0C3BBFDC", @@ -387,7 +404,7 @@ Object { }, "tests3lambdaS3BucketNotifications1943E9B3": Object { "DependsOn": Array [ - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdaS3Bucket9453157137836A69", + "tests3lambdaS3BucketAllowBucketNotificationsTotests3lambdaLambdaFunction5728304630C49926", ], "Properties": Object { "BucketName": Object { @@ -484,9 +501,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.expected.json index 26281f5c4..a56e7cf14 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.expected.json @@ -18,9 +18,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -86,6 +83,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "S3LoggingBucket800A2B27" @@ -133,7 +143,7 @@ } }, "DependsOn": [ - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdaexistingbucketstackS3BucketA1F8245606EA6713" + "S3BucketAllowBucketNotificationsTotests3lambdaexistingbucketstacktests3lambdaLambdaFunctionA42D14CC3F8CB11C" ] }, "S3BucketPolicyF560589A": { @@ -174,6 +184,28 @@ } } }, + "S3BucketAllowBucketNotificationsTotests3lambdaexistingbucketstacktests3lambdaLambdaFunctionA42D14CC3F8CB11C": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "tests3lambdaLambdaFunctionB56B7023", + "Arn" + ] + }, + "Principal": "s3.amazonaws.com", + "SourceAccount": { + "Ref": "AWS::AccountId" + }, + "SourceArn": { + "Fn::GetAtt": [ + "S3Bucket07682993", + "Arn" + ] + } + } + }, "tests3lambdaLambdaFunctionServiceRoleA74F4427": { "Type": "AWS::IAM::Role", "Properties": { @@ -204,7 +236,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -332,28 +368,6 @@ } } }, - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdaexistingbucketstackS3BucketA1F8245606EA6713": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "tests3lambdaLambdaFunctionB56B7023", - "Arn" - ] - }, - "Principal": "s3.amazonaws.com", - "SourceAccount": { - "Ref": "AWS::AccountId" - }, - "SourceArn": { - "Fn::GetAtt": [ - "S3Bucket07682993", - "Arn" - ] - } - } - }, "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC": { "Type": "AWS::IAM::Role", "Properties": { diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.ts b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.ts index 76aee6bdf..d625e9cbe 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.existing-s3-bucket.ts @@ -25,7 +25,7 @@ const [myBucket] = defaults.buildS3Bucket(stack, {}); const props: S3ToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.expected.json index 49d270910..95f62f533 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.expected.json @@ -30,7 +30,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, @@ -158,28 +162,6 @@ } } }, - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdanewbucketstacktests3lambdaS3Bucket7441CD5B3462BBCF": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "tests3lambdaLambdaFunctionB56B7023", - "Arn" - ] - }, - "Principal": "s3.amazonaws.com", - "SourceAccount": { - "Ref": "AWS::AccountId" - }, - "SourceArn": { - "Fn::GetAtt": [ - "tests3lambdaS3BucketBE7C1B8E", - "Arn" - ] - } - } - }, "tests3lambdaS3LoggingBucket0C3BBFDC": { "Type": "AWS::S3::Bucket", "Properties": { @@ -198,9 +180,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -266,6 +245,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "tests3lambdaS3LoggingBucket0C3BBFDC" @@ -313,7 +305,7 @@ } }, "DependsOn": [ - "tests3lambdaLambdaFunctionAllowBucketNotificationsFromtests3lambdanewbucketstacktests3lambdaS3Bucket7441CD5B3462BBCF" + "tests3lambdaS3BucketAllowBucketNotificationsTotests3lambdanewbucketstacktests3lambdaLambdaFunctionB053EE5EC07EFB64" ] }, "tests3lambdaS3BucketPolicyE0402ABD": { @@ -354,6 +346,28 @@ } } }, + "tests3lambdaS3BucketAllowBucketNotificationsTotests3lambdanewbucketstacktests3lambdaLambdaFunctionB053EE5EC07EFB64": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "tests3lambdaLambdaFunctionB56B7023", + "Arn" + ] + }, + "Principal": "s3.amazonaws.com", + "SourceAccount": { + "Ref": "AWS::AccountId" + }, + "SourceArn": { + "Fn::GetAtt": [ + "tests3lambdaS3BucketBE7C1B8E", + "Arn" + ] + } + } + }, "BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleB6FB88EC": { "Type": "AWS::IAM::Role", "Properties": { diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.ts index e858701b2..2d9bb2de0 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/integ.no-arguments.ts @@ -22,7 +22,7 @@ const stack = new Stack(app, 'test-s3-lambda-new-bucket-stack'); const props: S3ToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts index 26a1bc69c..e5ef87b46 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-s3-lambda/test/s3-lambda.test.ts @@ -20,7 +20,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: S3ToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/README.md b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/README.md index b7fee1d8e..8cfaee564 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/README.md @@ -24,20 +24,19 @@ This AWS Solutions Construct implements an Amazon S3 bucket connected to an AWS Step Function. -Here is a minimal deployable pattern definition: +Here is a minimal deployable pattern definition in Typescript: -``` javascript -const { S3ToStepFunction, S3ToStepFunctionProps } = require('@aws-solutions-constructs/aws-s3-step-function'); +``` typescript +import { S3ToStepFunction, S3ToStepFunctionProps } from '@aws-solutions-constructs/aws-s3-step-function'; +import * as stepfunctions from '@aws-cdk/aws-stepfunctions'; const startState = new stepfunctions.Pass(stack, 'StartState'); -const props: S3ToStepFunctionProps = { +new S3ToStepFunction(this, 'test-s3-step-function-stack', { stateMachineProps: { definition: startState } -}; - -new S3ToStepFunction(stack, 'test-s3-step-function-stack', props); +}); ``` ## Initializer @@ -86,6 +85,7 @@ Out of the box implementation of the Construct without any override will set the * Turn on the versioning for S3 Bucket * Don't allow public access for S3 Bucket * Retain the S3 Bucket when deleting the CloudFormation stack +* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days ### AWS CloudTrail * Configure a Trail in AWS CloudTrail to log API events in Amazon S3 related to the Bucket created by the Construct diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/package.json b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/package.json index 148e8d02a..76d49e019 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-s3-step-function", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS S3 to AWS Step Function integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,22 +53,22 @@ } }, "dependencies": { - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/aws-stepfunctions-tasks": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-cloudtrail": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-events-rule-step-function": "~1.63.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/aws-stepfunctions-tasks": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-cloudtrail": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-events-rule-step-function": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -78,18 +78,18 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/aws-stepfunctions-tasks": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-cloudtrail": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-solutions-constructs/aws-events-rule-step-function": "~1.63.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/aws-stepfunctions-tasks": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-cloudtrail": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-solutions-constructs/aws-events-rule-step-function": "~1.64.0", "constructs": "^3.0.4", - "@aws-cdk/aws-logs": "~1.63.0" + "@aws-cdk/aws-logs": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/__snapshots__/s3-step-function.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/__snapshots__/s3-step-function.test.js.snap index d09034f53..8b05c85db 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/__snapshots__/s3-step-function.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/__snapshots__/s3-step-function.test.js.snap @@ -15,6 +15,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "tests3stepfunctionCloudTrailS3LoggingBucket4FA5C122", @@ -143,9 +156,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -200,6 +210,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "tests3stepfunctionS3LoggingBucketF58651AD", @@ -327,9 +350,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -618,7 +638,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.pre-existing-bucket.expected.json b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.pre-existing-bucket.expected.json index ec8f35e20..6348d6b2a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.pre-existing-bucket.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.pre-existing-bucket.expected.json @@ -18,9 +18,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -86,6 +83,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "tests3stepfunctionpreexistingbucketstackCloudTrailS3LoggingBucketB176B631" @@ -285,7 +295,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.s3-step-function-no-argument.expected.json b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.s3-step-function-no-argument.expected.json index a75927bfe..fd307628c 100644 --- a/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.s3-step-function-no-argument.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-s3-step-function/test/integ.s3-step-function-no-argument.expected.json @@ -18,9 +18,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -86,6 +83,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "tests3stepfunctionstackS3LoggingBucket740A14C5" @@ -160,9 +170,6 @@ "BlockPublicPolicy": true, "IgnorePublicAcls": true, "RestrictPublicBuckets": true - }, - "VersioningConfiguration": { - "Status": "Enabled" } }, "UpdateReplacePolicy": "Retain", @@ -228,6 +235,19 @@ } ] }, + "LifecycleConfiguration": { + "Rules": [ + { + "NoncurrentVersionTransitions": [ + { + "StorageClass": "GLACIER", + "TransitionInDays": 90 + } + ], + "Status": "Enabled" + } + ] + }, "LoggingConfiguration": { "DestinationBucketName": { "Ref": "tests3stepfunctionstackCloudTrailS3LoggingBucketC8E8D35B" @@ -429,7 +449,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/README.md index 70139468a..3fe9d624a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/README.md @@ -26,18 +26,16 @@ This AWS Solutions Construct implements an Amazon SNS connected to an AWS Lambda Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { SnsToLambda, SnsToLambdaProps } from "@aws-solutions-constructs/aws-sns-lambda"; -const props: SnsToLambdaProps = { +new SnsToLambda(this, 'test-sns-lambda', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } -}; - -new SnsToLambda(this, 'test-sns-lambda', props); +}); ``` diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/package.json index c29cafc9c..95e713a3b 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-sns-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK Constructs for AWS SNS to AWS Lambda integration", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/__snapshots__/sns-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/__snapshots__/sns-lambda.test.js.snap index 4b7dfbacd..721850d1a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/__snapshots__/sns-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/__snapshots__/sns-lambda.test.js.snap @@ -135,7 +135,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.expected.json b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.expected.json index 4a36dcab4..644f16942 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.ts b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.ts index 7051fd33f..270a682fc 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/integ.no-arguments.ts @@ -26,7 +26,7 @@ const props: SnsToLambdaProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/sns-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/sns-lambda.test.ts index 1d87129fa..32a3eaa55 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/sns-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sns-lambda/test/sns-lambda.test.ts @@ -21,7 +21,7 @@ import '@aws-cdk/assert/jest'; function deployNewFunc(stack: cdk.Stack) { const props: SnsToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -50,7 +50,7 @@ test('override topicProps', () => { const props: SnsToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -75,7 +75,7 @@ test('provide existingTopicObj', () => { const props: SnsToLambdaProps = { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/README.md b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/README.md index 14086f1b2..b4b76e17f 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/README.md @@ -26,13 +26,11 @@ This AWS Solutions Construct implements an Amazon SNS topic connected to an Amaz Here is a minimal deployable pattern definition in Typescript: -``` javascript +``` typescript import { SnsToSqs, SnsToSqsProps } from "@aws-solutions-constructs/aws-sns-sqs"; import * as iam from '@aws-cdk/aws-iam'; -const props: SnsToSqsProps = {}; - -const snsToSqsStack = new SnsToSqs(this, 'SnsToSqsPattern', props); +const snsToSqsStack = new SnsToSqs(this, 'SnsToSqsPattern', {}); // Grant yourself permissions to use the Customer Managed KMS Key const policyStatement = new iam.PolicyStatement({ diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts index 8eeaf8db5..5399a2247 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/lib/index.ts @@ -109,15 +109,12 @@ export class SnsToSqs extends Construct { super(scope, id); // Setup the dead letter queue, if applicable - if (props.deployDeadLetterQueue || props.deployDeadLetterQueue === undefined) { - const [dlq] = defaults.buildQueue(this, 'deadLetterQueue', { - queueProps: props.deadLetterQueueProps - }); - this.deadLetterQueue = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, - maxReceiveCount: props.maxReceiveCount - }); - } + this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { + existingQueueObj: props.existingQueueObj, + deployDeadLetterQueue: props.deployDeadLetterQueue, + deadLetterQueueProps: props.deadLetterQueueProps, + maxReceiveCount: props.maxReceiveCount + }); let enableEncryptionParam = props.enableEncryptionWithCustomerManagedKey; let encryptionKeyParam = props.encryptionKey; diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/package.json b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/package.json index c811455e4..4495e13b5 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-sns-sqs", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an Amazon SNS topic and an Amazon SQS queue.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,17 +53,17 @@ } }, "dependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-sns-subscriptions": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-sns-subscriptions": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -73,13 +73,13 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-sns-subscriptions": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-sns-subscriptions": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/__snapshots__/sns-sqs.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/__snapshots__/sns-sqs.test.js.snap index 85a625326..4470b4bbd 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/__snapshots__/sns-sqs.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-sns-sqs/test/__snapshots__/sns-sqs.test.js.snap @@ -479,81 +479,6 @@ Object { }, "Type": "AWS::SNS::Topic", }, - "snstosqsstackdeadLetterQueueA02EB1B1": Object { - "Properties": Object { - "KmsMasterKeyId": "alias/aws/sqs", - }, - "Type": "AWS::SQS::Queue", - }, - "snstosqsstackdeadLetterQueuePolicy4E639DF8": Object { - "Properties": Object { - "PolicyDocument": Object { - "Statement": Array [ - Object { - "Action": Array [ - "sqs:DeleteMessage", - "sqs:ReceiveMessage", - "sqs:SendMessage", - "sqs:GetQueueAttributes", - "sqs:RemovePermission", - "sqs:AddPermission", - "sqs:SetQueueAttributes", - ], - "Effect": "Allow", - "Principal": Object { - "AWS": Object { - "Fn::Join": Array [ - "", - Array [ - "arn:", - Object { - "Ref": "AWS::Partition", - }, - ":iam::", - Object { - "Ref": "AWS::AccountId", - }, - ":root", - ], - ], - }, - }, - "Resource": Object { - "Fn::GetAtt": Array [ - "snstosqsstackdeadLetterQueueA02EB1B1", - "Arn", - ], - }, - "Sid": "QueueOwnerOnlyAccess", - }, - Object { - "Action": "SQS:*", - "Condition": Object { - "Bool": Object { - "aws:SecureTransport": "false", - }, - }, - "Effect": "Deny", - "Principal": "*", - "Resource": Object { - "Fn::GetAtt": Array [ - "snstosqsstackdeadLetterQueueA02EB1B1", - "Arn", - ], - }, - "Sid": "HttpsOnly", - }, - ], - "Version": "2012-10-17", - }, - "Queues": Array [ - Object { - "Ref": "snstosqsstackdeadLetterQueueA02EB1B1", - }, - ], - }, - "Type": "AWS::SQS::QueuePolicy", - }, }, } `; diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/README.md b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/README.md index e45b2fc2e..9a638688a 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/README.md +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/README.md @@ -26,14 +26,14 @@ This AWS Solutions Construct implements an Amazon SQS queue connected to an AWS Here is a minimal deployable pattern definition in Typescipr: -``` javascript +``` typescript import { SqsToLambda, SqsToLambdaProps } from "@aws-solutions-constructs/aws-sqs-lambda"; new SqsToLambda(this, 'SqsToLambdaPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts index a44316a0b..bdf0d64c7 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/lib/index.ts @@ -16,7 +16,7 @@ import * as sqs from '@aws-cdk/aws-sqs'; import * as lambda from '@aws-cdk/aws-lambda'; import * as defaults from '@aws-solutions-constructs/core'; import { Construct } from '@aws-cdk/core'; -import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources'; +import { SqsEventSource, SqsEventSourceProps } from '@aws-cdk/aws-lambda-event-sources'; /** * @summary The properties for the SqsToLambda class. @@ -63,7 +63,13 @@ export interface SqsToLambdaProps { * * @default - required field if deployDeadLetterQueue=true. */ - readonly maxReceiveCount?: number + readonly maxReceiveCount?: number, + /** + * Optional user provided properties for the dead letter queue + * + * @default - Default props are used + */ + readonly sqsEventSourceProps?: SqsEventSourceProps } /** @@ -92,15 +98,12 @@ export class SqsToLambda extends Construct { }); // Setup the dead letter queue, if applicable - if (props.deployDeadLetterQueue || props.deployDeadLetterQueue === undefined) { - const [dlq] = defaults.buildQueue(this, 'deadLetterQueue', { - queueProps: props.deadLetterQueueProps - }); - this.deadLetterQueue = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, - maxReceiveCount: props.maxReceiveCount - }); - } + this.deadLetterQueue = defaults.buildDeadLetterQueue(this, { + existingQueueObj: props.existingQueueObj, + deployDeadLetterQueue: props.deployDeadLetterQueue, + deadLetterQueueProps: props.deadLetterQueueProps, + maxReceiveCount: props.maxReceiveCount + }); // Setup the queue [this.sqsQueue] = defaults.buildQueue(this, 'queue', { @@ -110,6 +113,6 @@ export class SqsToLambda extends Construct { }); // Setup the event source mapping - this.lambdaFunction.addEventSource(new SqsEventSource(this.sqsQueue)); + this.lambdaFunction.addEventSource(new SqsEventSource(this.sqsQueue, props.sqsEventSourceProps)); } } \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/package.json b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/package.json index 3e5787674..468aa15e9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/package.json +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-sqs-lambda", - "version": "1.63.0", + "version": "1.64.0", "description": "CDK constructs for defining an interaction between an Amazon SQS queue and an AWS Lambda function.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,16 +53,16 @@ } }, "dependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -72,12 +72,12 @@ ] }, "peerDependencies": { - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "constructs": "^3.0.4" } } diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/__snapshots__/test.sqs-lambda.test.js.snap b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/__snapshots__/test.sqs-lambda.test.js.snap index 9b8850f0c..33699e529 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/__snapshots__/test.sqs-lambda.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/__snapshots__/test.sqs-lambda.test.js.snap @@ -397,7 +397,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -721,7 +725,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.expected.json b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.expected.json index ff13640d6..e9fea99e9 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.ts index 83f1100ef..a387da3b4 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFifoQueue.ts @@ -26,7 +26,7 @@ const props: SqsToLambdaProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, queueProps: { queueName: `myQueue.fifo`, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.expected.json index 9a8a09a2c..0aa7d5fa6 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.ts index 1937a12e1..d58d6fd26 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.deployFunction.ts @@ -26,7 +26,7 @@ const props: SqsToLambdaProps = { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, queueProps: {}, deployDeadLetterQueue: true, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.expected.json b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.expected.json index 9ee4c693c..7926c5a82 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.expected.json +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.expected.json @@ -31,7 +31,11 @@ "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", { "Ref": "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.ts index 73674a3d3..50a85b39e 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/integ.existingFunction.ts @@ -26,7 +26,7 @@ stack.templateOptions.description = 'Integration Test for aws-sqs-lambda'; const lambdaFunctionProps = { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts index af5c2c229..5e6e35bc1 100644 --- a/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts +++ b/source/patterns/@aws-solutions-constructs/aws-sqs-lambda/test/test.sqs-lambda.test.ts @@ -30,7 +30,7 @@ test('Pattern deployment w/ new Lambda function and default props', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }; new SqsToLambda(stack, 'test-sqs-lambda', props); @@ -49,7 +49,7 @@ test('Pattern deployment w/ new Lambda function and overridden props', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), environment: { OVERRIDE: "TRUE" } @@ -83,7 +83,7 @@ test('Pattern deployment w/ Existing Lambda Function', () => { const fn = new lambda.Function(stack, 'ExistingLambdaFunction', { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }); const props: SqsToLambdaProps = { existingLambdaObj: fn, @@ -106,7 +106,7 @@ test('Test getter methods', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, deployDeadLetterQueue: true, maxReceiveCount: 0, @@ -171,11 +171,32 @@ test('Test deployment w/ existing queue', () => { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }, - deployDeadLetterQueue: false, existingQueueObj: queue }); // Assertion 1 expect(SynthUtils.toCloudFormation(stack)).toMatchSnapshot(); +}); + +// -------------------------------------------------------------- +// Pattern deployment w/ batch size +// -------------------------------------------------------------- +test('Pattern deployment w/ batch size', () => { + const stack = new Stack(); + const props: SqsToLambdaProps = { + lambdaFunctionProps: { + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(`${__dirname}/lambda`), + }, + sqsEventSourceProps: { + batchSize: 5 + } + }; + new SqsToLambda(stack, 'test-sqs-lambda', props); + + expect(stack).toHaveResource('AWS::Lambda::EventSourceMapping', { + BatchSize: 5 + }); }); \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/core/lib/apigateway-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/apigateway-helper.ts index cc72e4ed0..d38ef4568 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/apigateway-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/apigateway-helper.ts @@ -43,7 +43,7 @@ function configureCloudwatchRoleForApi(scope: cdk.Construct, _api: api.RestApi): 'logs:GetLogEvents', 'logs:FilterLogEvents' ], - resources: [`arn:aws:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`] + resources: [`arn:${cdk.Aws.PARTITION}:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`] })] }) } diff --git a/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts index d41cb541e..b07732d0f 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts @@ -17,11 +17,10 @@ import * as cdk from '@aws-cdk/core'; import * as iam from '@aws-cdk/aws-iam'; import * as api from '@aws-cdk/aws-apigateway'; import * as lambda from '@aws-cdk/aws-lambda'; -import { DefaultS3Props } from './s3-bucket-defaults'; import { DefaultCloudFrontWebDistributionForS3Props, DefaultCloudFrontWebDistributionForApiGatewayProps } from './cloudfront-distribution-defaults'; import { overrideProps } from './utils'; import { deployLambdaFunction } from './lambda-helper'; -import { applySecureBucketPolicy } from './s3-bucket-helper'; +import { createLoggingBucket } from './s3-bucket-helper'; // Override Cfn_Nag rule: Cloudfront TLS-1.2 rule (https://github.com/stelligent/cfn_nag/issues/384) function updateSecurityPolicy(cfDistribution: cloudfront.CloudFrontWebDistribution) { @@ -37,29 +36,6 @@ function updateSecurityPolicy(cfDistribution: cloudfront.CloudFrontWebDistributi return cfDistribution; } -function createCloudfrontLoggingBucket(scope: cdk.Construct): s3.Bucket { - // Create the Logging Bucket - const loggingBucket: s3.Bucket = new s3.Bucket(scope, 'CloudfrontLoggingBucket', DefaultS3Props()); - - applySecureBucketPolicy(loggingBucket); - - // Extract the CfnBucket from the loggingBucket - const loggingBucketResource = loggingBucket.node.findChild('Resource') as s3.CfnBucket; - - // Override accessControl configuration and add metadata for the logging bucket - loggingBucketResource.addPropertyOverride('AccessControl', 'LogDeliveryWrite'); - loggingBucketResource.cfnOptions.metadata = { - cfn_nag: { - rules_to_suppress: [{ - id: 'W35', - reason: `This S3 bucket is used as the access logging bucket for CloudFront Distribution` - }] - } - }; - - return loggingBucket; -} - // Lambda@Edge function to insert the HTTP Security Headers into the response coming from the origin servers // and before it is sent to the client function defaultLambdaEdgeFunction(scope: cdk.Construct): lambda.Function { @@ -135,7 +111,7 @@ export function CloudFrontDistributionForApiGateway(scope: cdk.Construct, cloudFrontDistributionProps.loggingConfig.bucket, _httpSecurityHeaders, edgeLambdaVersion); } else { - loggingBucket = createCloudfrontLoggingBucket(scope); + loggingBucket = createLoggingBucket(scope, 'CloudfrontLoggingBucket'); defaultprops = DefaultCloudFrontWebDistributionForApiGatewayProps(apiEndPoint, loggingBucket, _httpSecurityHeaders, edgeLambdaVersion); @@ -184,7 +160,7 @@ export function CloudFrontDistributionForS3(scope: cdk.Construct, cloudFrontDistributionProps.loggingConfig.bucket, oaiImported, _httpSecurityHeaders, edgeLambdaVersion); } else { - loggingBucket = createCloudfrontLoggingBucket(scope); + loggingBucket = createLoggingBucket(scope, 'CloudfrontLoggingBucket'); defaultprops = DefaultCloudFrontWebDistributionForS3Props(sourceBucket, loggingBucket, oaiImported, _httpSecurityHeaders, edgeLambdaVersion); diff --git a/source/patterns/@aws-solutions-constructs/core/lib/cognito-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/cognito-helper.ts index 3422ade91..7918c82cc 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/cognito-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/cognito-helper.ts @@ -115,7 +115,7 @@ export function setupCognitoForElasticSearch(scope: cdk.Construct, domainName: s actions: [ 'es:ESHttp*' ], - resources: [`arn:aws:es:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:domain/${domainName}/*`] + resources: [`arn:${cdk.Aws.PARTITION}:es:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:domain/${domainName}/*`] }) ] }) diff --git a/source/patterns/@aws-solutions-constructs/core/lib/lambda-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/lambda-helper.ts index ac61aa349..de700976a 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/lambda-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/lambda-helper.ts @@ -63,7 +63,7 @@ export function deployLambdaFunction(scope: cdk.Construct, 'logs:CreateLogStream', 'logs:PutLogEvents' ], - resources: [`arn:aws:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:log-group:/aws/lambda/*`] + resources: [`arn:${cdk.Aws.PARTITION}:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:log-group:/aws/lambda/*`] })] }) } diff --git a/source/patterns/@aws-solutions-constructs/core/lib/override-warning-service.ts b/source/patterns/@aws-solutions-constructs/core/lib/override-warning-service.ts index cb49b9238..57f8b62a4 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/override-warning-service.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/override-warning-service.ts @@ -49,7 +49,20 @@ export function flagOverriddenDefaults(defaultProps: object, userProps: object) * @return {Array} an array containing the overridden values. */ function findOverrides(defaultProps: object, userProps: object) { - const diff = deepdiff.diff(defaultProps, userProps); + const diff = deepdiff.diff(defaultProps, userProps, + /** This prefilter function returns true for any filtered path/key that should be excluded from the diff check. + * S3 Bucket Props with lifecycleRules uses cdk.Duration which is not properly handled by + * 'deep-diff' library, whenever it encounters a Duration object, it throws the exception + * 'argument to intrinsic must be a plain value object', so the lifecycleRules needs to be excluded from + * the diff check. + */ + (_path, _key) => { + if ( _path.includes('lifecycleRules') ) { + return true; + } + return false; + } + ); // Filter the results return (diff !== undefined) ? diff?.filter((e) => ( e.kind === 'E' && // only return overrides diff --git a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts index cc57e5ed3..d2fc57086 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-defaults.ts @@ -14,14 +14,26 @@ import * as s3 from '@aws-cdk/aws-s3'; import { RemovalPolicy } from '@aws-cdk/core'; import { Bucket, BucketProps } from '@aws-cdk/aws-s3'; +import { StorageClass } from '@aws-cdk/aws-s3/lib/rule'; +import { Duration } from '@aws-cdk/core/lib/duration'; export function DefaultS3Props(loggingBucket ?: Bucket): s3.BucketProps { + + /** Default Life Cycle policy to transition older versions to Glacier after 90 days */ + const lifecycleRules: s3.LifecycleRule[] = [{ + noncurrentVersionTransitions: [{ + storageClass: StorageClass.GLACIER, + transitionAfter: Duration.days(90) + }] + }]; + if (loggingBucket) { return { encryption: s3.BucketEncryption.S3_MANAGED, versioned: true, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, removalPolicy: RemovalPolicy.RETAIN, + lifecycleRules, serverAccessLogsBucket: loggingBucket } as BucketProps; } else { @@ -29,7 +41,8 @@ export function DefaultS3Props(loggingBucket ?: Bucket): s3.BucketProps { encryption: s3.BucketEncryption.S3_MANAGED, versioned: true, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, - removalPolicy: RemovalPolicy.RETAIN + removalPolicy: RemovalPolicy.RETAIN, + lifecycleRules } as BucketProps; } } \ No newline at end of file diff --git a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts index 07a9377ed..01d7221f1 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/s3-bucket-helper.ts @@ -57,6 +57,42 @@ export function applySecureBucketPolicy(s3Bucket: s3.Bucket): void { ); } +export function createLoggingBucket(scope: cdk.Construct, bucketId: string): s3.Bucket { + // Create the Logging Bucket + const loggingBucket: s3.Bucket = new s3.Bucket(scope, bucketId, DefaultS3Props()); + + applySecureBucketPolicy(loggingBucket); + + // Extract the CfnBucket from the loggingBucket + const loggingBucketResource = loggingBucket.node.findChild('Resource') as s3.CfnBucket; + + // Override accessControl configuration and add metadata for the logging bucket + loggingBucketResource.addPropertyOverride('AccessControl', 'LogDeliveryWrite'); + + // Turn off Versioning for the logging bucket as objects will be written only ONCE + loggingBucketResource.addPropertyDeletionOverride('VersioningConfiguration.Status'); + + // Remove the default LifecycleConfiguration for the Logging Bucket + loggingBucketResource.addPropertyDeletionOverride('LifecycleConfiguration.Rules'); + + let _reason = "This S3 bucket is used as the access logging bucket for another bucket"; + + if (bucketId === 'CloudfrontLoggingBucket') { + _reason = "This S3 bucket is used as the access logging bucket for CloudFront Distribution"; + } + + loggingBucketResource.cfnOptions.metadata = { + cfn_nag: { + rules_to_suppress: [{ + id: 'W35', + reason: _reason + }] + } + }; + + return loggingBucket; +} + function s3BucketWithLogging(scope: cdk.Construct, s3BucketProps?: s3.BucketProps, bucketId?: string): [s3.Bucket, s3.Bucket?] { // Create the Application Bucket @@ -69,23 +105,8 @@ function s3BucketWithLogging(scope: cdk.Construct, s3BucketProps?: s3.BucketProp bucketprops = DefaultS3Props(); } else { // Create the Logging Bucket - loggingBucket = new s3.Bucket(scope, _loggingBucketId, DefaultS3Props()); + loggingBucket = createLoggingBucket(scope, _loggingBucketId); - applySecureBucketPolicy(loggingBucket); - - // Extract the CfnBucket from the loggingBucket - const loggingBucketResource = loggingBucket.node.findChild('Resource') as s3.CfnBucket; - - // Override accessControl configuration and add metadata for the logging bucket - loggingBucketResource.addPropertyOverride('AccessControl', 'LogDeliveryWrite'); - loggingBucketResource.cfnOptions.metadata = { - cfn_nag: { - rules_to_suppress: [{ - id: 'W35', - reason: `This S3 bucket is used as the access logging bucket for another bucket` - }] - } - }; bucketprops = DefaultS3Props(loggingBucket); } diff --git a/source/patterns/@aws-solutions-constructs/core/lib/sqs-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/sqs-helper.ts index 73f4cea8b..45125d927 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/sqs-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/sqs-helper.ts @@ -102,11 +102,23 @@ export function buildQueue(scope: cdk.Construct, id: string, props: BuildQueuePr export interface BuildDeadLetterQueueProps { /** - * An existing queue that has already been defined to be used as the dead letter queue. + * Existing instance of SQS queue object, if this is set then the queueProps is ignored. * - * @default - Default props are used. + * @default - None. */ - readonly deadLetterQueue: sqs.Queue + readonly existingQueueObj?: sqs.Queue, + /** + * Whether to deploy a secondary queue to be used as a dead letter queue. + * + * @default - required field. + */ + readonly deployDeadLetterQueue?: boolean, + /** + * Optional user provided properties for the dead letter queue + * + * @default - Default props are used + */ + readonly deadLetterQueueProps?: sqs.QueueProps, /** * The number of times a message can be unsuccessfully dequeued before being moved to the dead letter queue. * @@ -115,15 +127,25 @@ export interface BuildDeadLetterQueueProps { readonly maxReceiveCount?: number } -export function buildDeadLetterQueue(props: BuildDeadLetterQueueProps): sqs.DeadLetterQueue { +export function buildDeadLetterQueue(scope: cdk.Construct, props: BuildDeadLetterQueueProps): sqs.DeadLetterQueue | undefined { + if (!props.existingQueueObj && (props.deployDeadLetterQueue || props.deployDeadLetterQueue === undefined)) { + // Create the Dead Letter Queue + const [dlq] = buildQueue(scope, 'deadLetterQueue', { + queueProps: props.deadLetterQueueProps + }); + const mrc = (props.maxReceiveCount) ? props.maxReceiveCount : defaults.defaultMaxReceiveCount; - // Setup the queue interface - const dlq: sqs.DeadLetterQueue = { + + // Setup the Dead Letter Queue interface + const dlqInterface: sqs.DeadLetterQueue = { maxReceiveCount: mrc, - queue: props.deadLetterQueue + queue: dlq }; - // Return the dead letter queue - return dlq; + + // Return the dead letter queue interface + return dlqInterface; + } + return; } function applySecureQueuePolicy(queue: sqs.Queue): void { diff --git a/source/patterns/@aws-solutions-constructs/core/lib/step-function-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/step-function-helper.ts index 5f93fd4ee..3649f1f93 100644 --- a/source/patterns/@aws-solutions-constructs/core/lib/step-function-helper.ts +++ b/source/patterns/@aws-solutions-constructs/core/lib/step-function-helper.ts @@ -72,7 +72,7 @@ export function buildStateMachine(scope: cdk.Construct, stateMachineProps: sfn.S 'logs:DescribeResourcePolicies', 'logs:DescribeLogGroups' ], - resources: [`arn:aws:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`] + resources: [`arn:${cdk.Aws.PARTITION}:logs:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`] })); return [_sm, logGroup]; diff --git a/source/patterns/@aws-solutions-constructs/core/package.json b/source/patterns/@aws-solutions-constructs/core/package.json index 445ed2ab6..6fc0b2f48 100644 --- a/source/patterns/@aws-solutions-constructs/core/package.json +++ b/source/patterns/@aws-solutions-constructs/core/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/core", - "version": "1.63.0", + "version": "1.64.0", "description": "Core CDK Construct for patterns library", "main": "index.js", "types": "index.ts", @@ -52,28 +52,28 @@ } }, "dependencies": { - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-cloudfront-origins": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kinesisanalytics": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-stepfunctions": "~1.63.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-cloudfront-origins": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kinesisanalytics": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", "@types/deep-diff": "^1.0.0", "@types/npmlog": "^4.1.2", "deep-diff": "^1.0.2", @@ -81,7 +81,7 @@ "npmlog": "^4.1.2" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -98,27 +98,27 @@ "@types/deep-diff" ], "peerDependencies": { - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-cdk/aws-iot": "~1.63.0", - "@aws-cdk/aws-kinesis": "~1.63.0", - "@aws-cdk/aws-kinesisanalytics": "~1.63.0", - "@aws-cdk/aws-kinesisfirehose": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-lambda-event-sources": "~1.63.0", - "@aws-cdk/aws-logs": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/aws-sns": "~1.63.0", - "@aws-cdk/aws-sqs": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-kms": "~1.63.0", - "@aws-cdk/aws-events": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-elasticsearch": "~1.63.0", - "@aws-cdk/aws-cloudwatch": "~1.63.0", - "@aws-cdk/aws-stepfunctions": "~1.63.0", - "@aws-cdk/aws-cloudfront-origins": "~1.63.0" + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-cdk/aws-iot": "~1.64.0", + "@aws-cdk/aws-kinesis": "~1.64.0", + "@aws-cdk/aws-kinesisanalytics": "~1.64.0", + "@aws-cdk/aws-kinesisfirehose": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-lambda-event-sources": "~1.64.0", + "@aws-cdk/aws-logs": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/aws-sns": "~1.64.0", + "@aws-cdk/aws-sqs": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-kms": "~1.64.0", + "@aws-cdk/aws-events": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-elasticsearch": "~1.64.0", + "@aws-cdk/aws-cloudwatch": "~1.64.0", + "@aws-cdk/aws-stepfunctions": "~1.64.0", + "@aws-cdk/aws-cloudfront-origins": "~1.64.0" } } diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/apigateway-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/apigateway-helper.test.js.snap index f2beb46c9..5861ba24b 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/apigateway-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/apigateway-helper.test.js.snap @@ -83,7 +83,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -449,7 +453,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -725,7 +733,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1001,7 +1013,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1380,7 +1396,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, @@ -1615,7 +1635,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-api-gateway-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-api-gateway-helper.test.js.snap index b2e7065c0..529ea55d0 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-api-gateway-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-api-gateway-helper.test.js.snap @@ -207,9 +207,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -737,7 +734,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-s3-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-s3-helper.test.js.snap index fe21db617..585117347 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-s3-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/cloudfront-distribution-s3-helper.test.js.snap @@ -127,9 +127,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -184,6 +181,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "S3LoggingBucket800A2B27", @@ -352,9 +362,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -466,7 +473,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/elasticsearch-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/elasticsearch-helper.test.js.snap index 2785f865a..f2db90c59 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/elasticsearch-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/elasticsearch-helper.test.js.snap @@ -38,7 +38,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:es:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":es:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/events-rule.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/events-rule.test.js.snap index 94094088e..222e3f11d 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/events-rule.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/events-rule.test.js.snap @@ -137,7 +137,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/lambda-func.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/lambda-func.test.js.snap index a6dd81ecd..757d1639c 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/lambda-func.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/lambda-func.test.js.snap @@ -119,7 +119,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket-helper.test.js.snap index 7e31c0b53..9eb27b791 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket-helper.test.js.snap @@ -15,6 +15,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "S3LoggingBucket800A2B27", @@ -100,9 +113,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", @@ -165,6 +175,19 @@ Object { ], }, "BucketName": "my-bucket", + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "LoggingConfiguration": Object { "DestinationBucketName": Object { "Ref": "S3LoggingBucket800A2B27", @@ -250,9 +273,6 @@ Object { "IgnorePublicAcls": true, "RestrictPublicBuckets": true, }, - "VersioningConfiguration": Object { - "Status": "Enabled", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Retain", diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket.test.js.snap index 7d35947e6..29a1258eb 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/s3-bucket.test.js.snap @@ -15,6 +15,19 @@ Object { }, ], }, + "LifecycleConfiguration": Object { + "Rules": Array [ + Object { + "NoncurrentVersionTransitions": Array [ + Object { + "StorageClass": "GLACIER", + "TransitionInDays": 90, + }, + ], + "Status": "Enabled", + }, + ], + }, "PublicAccessBlockConfiguration": Object { "BlockPublicAcls": true, "BlockPublicPolicy": true, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/sqs-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/sqs-helper.test.js.snap index 6261b50af..2fb050473 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/sqs-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/sqs-helper.test.js.snap @@ -55,13 +55,13 @@ Object { "Type": "AWS::KMS::Key", "UpdateReplacePolicy": "Retain", }, - "deadletterqueueD1EEB012": Object { + "deadLetterQueue3F848E28": Object { "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", }, - "deadletterqueuePolicy4F5E2629": Object { + "deadLetterQueuePolicy14A9D269": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ @@ -96,7 +96,7 @@ Object { }, "Resource": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, @@ -113,7 +113,7 @@ Object { "Principal": "*", "Resource": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, @@ -124,7 +124,7 @@ Object { }, "Queues": Array [ Object { - "Ref": "deadletterqueueD1EEB012", + "Ref": "deadLetterQueue3F848E28", }, ], }, @@ -142,7 +142,7 @@ Object { "RedrivePolicy": Object { "deadLetterTargetArn": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, @@ -279,13 +279,13 @@ Object { "Type": "AWS::KMS::Key", "UpdateReplacePolicy": "Retain", }, - "deadletterqueueD1EEB012": Object { + "deadLetterQueue3F848E28": Object { "Properties": Object { "KmsMasterKeyId": "alias/aws/sqs", }, "Type": "AWS::SQS::Queue", }, - "deadletterqueuePolicy4F5E2629": Object { + "deadLetterQueuePolicy14A9D269": Object { "Properties": Object { "PolicyDocument": Object { "Statement": Array [ @@ -320,7 +320,7 @@ Object { }, "Resource": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, @@ -337,7 +337,7 @@ Object { "Principal": "*", "Resource": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, @@ -348,7 +348,7 @@ Object { }, "Queues": Array [ Object { - "Ref": "deadletterqueueD1EEB012", + "Ref": "deadLetterQueue3F848E28", }, ], }, @@ -366,7 +366,7 @@ Object { "RedrivePolicy": Object { "deadLetterTargetArn": Object { "Fn::GetAtt": Array [ - "deadletterqueueD1EEB012", + "deadLetterQueue3F848E28", "Arn", ], }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/step-function-helper.test.js.snap b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/step-function-helper.test.js.snap index dd1b86f5c..e4eeaf8e3 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/step-function-helper.test.js.snap +++ b/source/patterns/@aws-solutions-constructs/core/test/__snapshots__/step-function-helper.test.js.snap @@ -103,7 +103,11 @@ Object { "Fn::Join": Array [ "", Array [ - "arn:aws:logs:", + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":logs:", Object { "Ref": "AWS::Region", }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/apigateway-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/apigateway-helper.test.ts index c379c4dc4..990ffb33a 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/apigateway-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/apigateway-helper.test.ts @@ -23,7 +23,7 @@ function deployRegionalApiGateway(stack: Stack) { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -100,7 +100,7 @@ test('Test override for RegionalApiGateway', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -130,7 +130,7 @@ test('Test override for GlobalApiGateway', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -158,7 +158,7 @@ test('Test ApiGateway::Account resource for RegionalApiGateway', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -180,7 +180,7 @@ test('Test ApiGateway::Account resource for GlobalApiGateway', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-api-gateway-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-api-gateway-helper.test.ts index f1b0f2e3a..b2e5ba812 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-api-gateway-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-api-gateway-helper.test.ts @@ -28,7 +28,7 @@ test('cloudfront distribution for ApiGateway with default params', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const func = new lambda.Function(stack, 'LambdaFunction', lambdaFunctionProps); @@ -45,7 +45,7 @@ test('test cloudfront for Api Gateway with user provided logging bucket', () => const loggingBucket: s3.Bucket = new s3.Bucket(stack, 'MyCloudfrontLoggingBucket', defaults.DefaultS3Props()); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler' }; @@ -168,7 +168,7 @@ test('test cloudfront for Api Gateway override properties', () => { const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/core/test/congnito-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/congnito-helper.test.ts index 6a3ed9052..57fc9712a 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/congnito-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/congnito-helper.test.ts @@ -173,7 +173,11 @@ test('Test setupCognitoForElasticSearch', () => { "Fn::Join": [ "", [ - "arn:aws:es:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":es:", { Ref: "AWS::Region" }, diff --git a/source/patterns/@aws-solutions-constructs/core/test/events-rule.test.ts b/source/patterns/@aws-solutions-constructs/core/test/events-rule.test.ts index fc0f4af53..0700d3af9 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/events-rule.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/events-rule.test.ts @@ -27,7 +27,7 @@ test('snapshot test EventsRuleProps default params', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = defaults.deployLambdaFunction(stack, lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/core/test/iot-rule.test.ts b/source/patterns/@aws-solutions-constructs/core/test/iot-rule.test.ts index a697a0171..6ebe9e674 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/iot-rule.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/iot-rule.test.ts @@ -25,7 +25,7 @@ test('snapshot test TopicRuleProps default params', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; const fn = new lambda.Function(stack, 'LambdaFunction', lambdaFunctionProps); diff --git a/source/patterns/@aws-solutions-constructs/core/test/lambda-func.test.ts b/source/patterns/@aws-solutions-constructs/core/test/lambda-func.test.ts index 089e22e2e..55db1f8c3 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/lambda-func.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/lambda-func.test.ts @@ -24,7 +24,7 @@ test('snapshot test LambdaFunction default params', () => { const lambdaFunctionProps: lambda.FunctionProps = { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) }; defaults.deployLambdaFunction(stack, lambdaFunctionProps); @@ -36,7 +36,7 @@ test('test FunctionProps override code and runtime', () => { const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler' }; @@ -59,7 +59,7 @@ test('test FunctionProps override timeout', () => { const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', timeout: Duration.seconds(5), @@ -84,7 +84,7 @@ test('test FunctionProps for envrionment variable when runtime = NODEJS', () => const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda`), + code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler' }; @@ -113,7 +113,7 @@ test('test FunctionProps for no envrionment variable when runtime = PYTHON', () const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler' }; @@ -185,7 +185,7 @@ test('test buildLambdaFunction with deploy = true', () => { const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; @@ -210,7 +210,7 @@ test('test buildLambdaFunction with FunctionProps', () => { const stack = new Stack(); const inProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda-test`), + code: lambda.Code.fromAsset(`${__dirname}/lambda-test`), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler' }; diff --git a/source/patterns/@aws-solutions-constructs/core/test/s3-bucket-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/s3-bucket-helper.test.ts index ca7b6d3a6..869b48254 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/s3-bucket-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/s3-bucket-helper.test.ts @@ -12,11 +12,11 @@ */ import { SynthUtils, expect as expectCDK, haveResource } from '@aws-cdk/assert'; -import { Stack } from '@aws-cdk/core'; +import { Duration, Stack } from '@aws-cdk/core'; import * as s3 from '@aws-cdk/aws-s3'; import * as defaults from '../index'; import '@aws-cdk/assert/jest'; -import { Bucket } from '@aws-cdk/aws-s3'; +import { Bucket, StorageClass } from '@aws-cdk/aws-s3'; test('s3 bucket with default params', () => { const stack = new Stack(); @@ -73,6 +73,46 @@ test('s3 bucket with bucketProps', () => { })); }); +test('s3 bucket with life cycle policy', () => { + const stack = new Stack(); + + defaults.buildS3Bucket(stack, { + bucketProps: { + lifecycleRules: [{ + expiration: Duration.days(365), + transitions: [{ + storageClass: StorageClass.INFREQUENT_ACCESS, + transitionAfter: Duration.days(30) + }, { + storageClass: StorageClass.GLACIER, + transitionAfter: Duration.days(90) + }] + }] + } + }); + + expectCDK(stack).to(haveResource("AWS::S3::Bucket", { + LifecycleConfiguration: { + Rules: [ + { + ExpirationInDays: 365, + Status: "Enabled", + Transitions: [ + { + StorageClass: "STANDARD_IA", + TransitionInDays: 30 + }, + { + StorageClass: "GLACIER", + TransitionInDays: 90 + } + ] + } + ] + } + })); +}); + test('s3 bucket with access logging configured', () => { const stack = new Stack(); const mybucket = new Bucket(stack, 'mybucket', { diff --git a/source/patterns/@aws-solutions-constructs/core/test/sqs-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/sqs-helper.test.ts index ff60760c7..f6ca1b10b 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/sqs-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/sqs-helper.test.ts @@ -58,9 +58,9 @@ test('Test dead letter queue deployment/configuration', () => { const stack = new Stack(); // Helper setup const encKey = defaults.buildEncryptionKey(stack); - const [dlq] = defaults.buildQueue(stack, 'dead-letter-queue', {}); - const dlqi = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq, + // const [dlq] = defaults.buildQueue(stack, 'dead-letter-queue', {}); + const dlqi = defaults.buildDeadLetterQueue(stack, { + deployDeadLetterQueue: true, maxReceiveCount: 3 }); // Helper declaration @@ -84,9 +84,9 @@ test('Test dead letter queue deployment/configuration w/o mrc', () => { const stack = new Stack(); // Helper setup const encKey = defaults.buildEncryptionKey(stack); - const [dlq] = defaults.buildQueue(stack, 'dead-letter-queue', {}); - const dlqi = defaults.buildDeadLetterQueue({ - deadLetterQueue: dlq + // const [dlq] = defaults.buildQueue(stack, 'dead-letter-queue', {}); + const dlqi = defaults.buildDeadLetterQueue(stack, { + deployDeadLetterQueue: true }); // Helper declaration defaults.buildQueue(stack, 'primary-queue', { diff --git a/source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.ts index 9b852b997..f3fe8d0df 100644 --- a/source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.ts +++ b/source/patterns/@aws-solutions-constructs/core/test/step-function-helper.test.ts @@ -128,7 +128,11 @@ test('Test deployment w/ logging enabled', () => { "Fn::Join": [ "", [ - "arn:aws:logs:", + "arn:", + { + Ref: "AWS::Partition" + }, + ":logs:", { Ref: "AWS::Region" }, diff --git a/source/tools/cdk-integ-tools/package.json b/source/tools/cdk-integ-tools/package.json index ec9dc8ec0..d35eebbd2 100644 --- a/source/tools/cdk-integ-tools/package.json +++ b/source/tools/cdk-integ-tools/package.json @@ -31,9 +31,9 @@ "typescript": "~3.7.4" }, "dependencies": { - "@aws-cdk/cloudformation-diff": "~1.63.0", - "@aws-cdk/cx-api": "~1.63.0", - "aws-cdk": "~1.63.0", + "@aws-cdk/cloudformation-diff": "~1.64.0", + "@aws-cdk/cx-api": "~1.64.0", + "aws-cdk": "~1.64.0", "fs-extra": "^8.1.0", "yargs": "^15.1.0" }, diff --git a/source/use_cases/aws-s3-static-website/lib/s3-static-site-stack.ts b/source/use_cases/aws-s3-static-website/lib/s3-static-site-stack.ts index 7e4e9f1d1..8e86ffb6b 100644 --- a/source/use_cases/aws-s3-static-website/lib/s3-static-site-stack.ts +++ b/source/use_cases/aws-s3-static-website/lib/s3-static-site-stack.ts @@ -11,7 +11,7 @@ * and limitations under the License. */ -import { Construct, Stack, StackProps, Duration, CfnOutput } from '@aws-cdk/core'; +import { Construct, Stack, StackProps, Duration, CfnOutput, Aws } from '@aws-cdk/core'; import { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3'; import * as lambda from '@aws-cdk/aws-lambda'; import { Provider } from '@aws-cdk/custom-resources'; @@ -26,7 +26,7 @@ export class S3StaticWebsiteStack extends Stack { const sourcePrefix: string = 'WebApplication/1_StaticWebHosting/website/'; const construct = new CloudFrontToS3(this, 'CloudFrontToS3', {}); - const targetBucket: string = construct.s3Bucket.bucketName; + const targetBucket = construct.s3Bucket?.bucketName; const lambdaFunc = new lambda.Function(this, 'copyObjHandler', { runtime: lambda.Runtime.PYTHON_3_8, @@ -37,7 +37,7 @@ export class S3StaticWebsiteStack extends Stack { new PolicyStatement({ actions: ["s3:GetObject", "s3:ListBucket"], - resources: [`arn:aws:s3:::${sourceBucket}`, + resources: [`arn:${Aws.PARTITION}:s3:::${sourceBucket}`, `arn:aws:s3:::${sourceBucket}/${sourcePrefix}*`] }), new PolicyStatement({ @@ -49,7 +49,7 @@ export class S3StaticWebsiteStack extends Stack { "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:CopyObject"], - resources: [`arn:aws:s3:::${targetBucket}`, + resources: [`arn:${Aws.PARTITION}:s3:::${targetBucket}`, `arn:aws:s3:::${targetBucket}/*`] }), ] diff --git a/source/use_cases/aws-s3-static-website/package.json b/source/use_cases/aws-s3-static-website/package.json index a3d30214d..ab58eb1b4 100644 --- a/source/use_cases/aws-s3-static-website/package.json +++ b/source/use_cases/aws-s3-static-website/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-s3-static-website", - "version": "1.63.0", + "version": "1.64.0", "description": "Use case pattern for deploying a S3 static website.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -28,19 +28,19 @@ "build+lint+test": "npm run build && npm run lint && npm test && npm run integ-assert" }, "dependencies": { - "@aws-solutions-constructs/aws-cloudfront-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/custom-resources": "~1.63.0", - "@aws-cdk/aws-cloudformation": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-solutions-constructs/aws-cloudfront-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/custom-resources": "~1.64.0", + "@aws-cdk/aws-cloudformation": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "source-map-support": "^0.5.16" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, diff --git a/source/use_cases/aws-serverless-image-handler/README.md b/source/use_cases/aws-serverless-image-handler/README.md index c9e204383..11a7750e3 100644 --- a/source/use_cases/aws-serverless-image-handler/README.md +++ b/source/use_cases/aws-serverless-image-handler/README.md @@ -13,7 +13,7 @@ new ServerlessImageHandler(stack, 'ServerlessImageHandlerPattern', { lambdaFunctionProps: { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.asset(`${__dirname}/lambda`) + code: lambda.Code.fromAsset(`${__dirname}/lambda`) } }); diff --git a/source/use_cases/aws-serverless-image-handler/lib/index.ts b/source/use_cases/aws-serverless-image-handler/lib/index.ts index 1c2a81dfc..28a05a344 100644 --- a/source/use_cases/aws-serverless-image-handler/lib/index.ts +++ b/source/use_cases/aws-serverless-image-handler/lib/index.ts @@ -125,7 +125,7 @@ export class ServerlessImageHandler extends Construct { // Use case specific properties for the Lambda function const useCaseFunctionProps: lambda.FunctionProps = { - code: lambda.Code.asset(`${__dirname}/lambda/image-handler`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/image-handler`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', environment: { diff --git a/source/use_cases/aws-serverless-image-handler/package.json b/source/use_cases/aws-serverless-image-handler/package.json index f06e7b713..2c486e439 100644 --- a/source/use_cases/aws-serverless-image-handler/package.json +++ b/source/use_cases/aws-serverless-image-handler/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-serverless-image-handler", - "version": "1.63.0", + "version": "1.64.0", "description": "Use case pattern for deploying a serverless image handler API.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -53,18 +53,18 @@ } }, "dependencies": { - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-s3": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0" + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-s3": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" }, @@ -74,14 +74,14 @@ ] }, "peerDependencies": { - "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-s3": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0" + "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-s3": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0" } } diff --git a/source/use_cases/aws-serverless-web-app/lib/s3-static-site-stack.ts b/source/use_cases/aws-serverless-web-app/lib/s3-static-site-stack.ts index 112b063ce..178b29faf 100644 --- a/source/use_cases/aws-serverless-web-app/lib/s3-static-site-stack.ts +++ b/source/use_cases/aws-serverless-web-app/lib/s3-static-site-stack.ts @@ -11,7 +11,7 @@ * and limitations under the License. */ -import { Construct, Stack, StackProps, Duration, CfnOutput } from '@aws-cdk/core'; +import { Construct, Stack, StackProps, Duration, CfnOutput, Aws } from '@aws-cdk/core'; import { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3'; import * as lambda from '@aws-cdk/aws-lambda'; import { Provider } from '@aws-cdk/custom-resources'; @@ -26,7 +26,7 @@ export class S3StaticWebsiteStack extends Stack { const sourcePrefix: string = 'WebApplication/1_StaticWebHosting/website/'; const construct = new CloudFrontToS3(this, 'CloudFrontToS3', {}); - const targetBucket: string = construct.s3Bucket.bucketName; + const targetBucket: string = construct.s3Bucket?.bucketName || ''; const lambdaFunc = new lambda.Function(this, 'staticContentHandler', { runtime: lambda.Runtime.PYTHON_3_8, @@ -37,7 +37,7 @@ export class S3StaticWebsiteStack extends Stack { new PolicyStatement({ actions: ["s3:GetObject", "s3:ListBucket"], - resources: [`arn:aws:s3:::${sourceBucket}`, + resources: [`arn:${Aws.PARTITION}:s3:::${sourceBucket}`, `arn:aws:s3:::${sourceBucket}/${sourcePrefix}*`] }), new PolicyStatement({ @@ -49,7 +49,7 @@ export class S3StaticWebsiteStack extends Stack { "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:CopyObject"], - resources: [`arn:aws:s3:::${targetBucket}`, + resources: [`arn:${Aws.PARTITION}:s3:::${targetBucket}`, `arn:aws:s3:::${targetBucket}/*`] }), ] diff --git a/source/use_cases/aws-serverless-web-app/lib/serverless-backend-stack.ts b/source/use_cases/aws-serverless-web-app/lib/serverless-backend-stack.ts index 0a583b198..2d1f70256 100644 --- a/source/use_cases/aws-serverless-web-app/lib/serverless-backend-stack.ts +++ b/source/use_cases/aws-serverless-web-app/lib/serverless-backend-stack.ts @@ -13,7 +13,7 @@ import { CognitoToApiGatewayToLambda } from '@aws-solutions-constructs/aws-cognito-apigateway-lambda'; import { LambdaToDynamoDB } from '@aws-solutions-constructs/aws-lambda-dynamodb'; -import { Construct, Stack, StackProps, Duration, Fn } from '@aws-cdk/core'; +import { Construct, Stack, StackProps, Duration, Fn, Aws } from '@aws-cdk/core'; import * as lambda from '@aws-cdk/aws-lambda'; import { Provider } from '@aws-cdk/custom-resources'; import { CustomResource } from '@aws-cdk/aws-cloudformation'; @@ -29,7 +29,7 @@ export class ServerlessBackendStack extends Stack { const construct = new CognitoToApiGatewayToLambda(this, 'CognitoToApiGatewayToLambda', { lambdaFunctionProps: { - code: lambda.Code.asset(`${__dirname}/lambda/business-logic`), + code: lambda.Code.fromAsset(`${__dirname}/lambda/business-logic`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }, @@ -55,7 +55,7 @@ export class ServerlessBackendStack extends Stack { actions: ["s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl"], - resources: [`arn:aws:s3:::${websiteBucketName}/*`] + resources: [`arn:${Aws.PARTITION}:s3:::${websiteBucketName}/*`] }), ] }); diff --git a/source/use_cases/aws-serverless-web-app/package.json b/source/use_cases/aws-serverless-web-app/package.json index a78cb67b5..4d41b07e0 100644 --- a/source/use_cases/aws-serverless-web-app/package.json +++ b/source/use_cases/aws-serverless-web-app/package.json @@ -1,6 +1,6 @@ { "name": "@aws-solutions-constructs/aws-serverless-web-app", - "version": "1.63.0", + "version": "1.64.0", "description": "Use case pattern for deploying a serverless web app.", "main": "lib/index.js", "types": "lib/index.d.ts", @@ -28,24 +28,24 @@ "build+lint+test": "npm run build && npm run lint && npm test && npm run integ-assert" }, "dependencies": { - "@aws-solutions-constructs/aws-cloudfront-s3": "~1.63.0", - "@aws-solutions-constructs/aws-cognito-apigateway-lambda": "~1.63.0", - "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.63.0", - "@aws-cdk/core": "~1.63.0", - "@aws-cdk/aws-lambda": "~1.63.0", - "@aws-cdk/aws-cloudfront": "~1.63.0", - "@aws-cdk/aws-s3": "~1.63.0", - "@aws-cdk/custom-resources": "~1.63.0", - "@aws-cdk/aws-cloudformation": "~1.63.0", - "@aws-cdk/aws-iam": "~1.63.0", - "@aws-cdk/aws-cognito": "~1.63.0", - "@aws-cdk/aws-apigateway": "~1.63.0", - "@aws-cdk/aws-dynamodb": "~1.63.0", - "@aws-solutions-constructs/core": "~1.63.0", + "@aws-solutions-constructs/aws-cloudfront-s3": "~1.64.0", + "@aws-solutions-constructs/aws-cognito-apigateway-lambda": "~1.64.0", + "@aws-solutions-constructs/aws-lambda-dynamodb": "~1.64.0", + "@aws-cdk/core": "~1.64.0", + "@aws-cdk/aws-lambda": "~1.64.0", + "@aws-cdk/aws-cloudfront": "~1.64.0", + "@aws-cdk/aws-s3": "~1.64.0", + "@aws-cdk/custom-resources": "~1.64.0", + "@aws-cdk/aws-cloudformation": "~1.64.0", + "@aws-cdk/aws-iam": "~1.64.0", + "@aws-cdk/aws-cognito": "~1.64.0", + "@aws-cdk/aws-apigateway": "~1.64.0", + "@aws-cdk/aws-dynamodb": "~1.64.0", + "@aws-solutions-constructs/core": "~1.64.0", "source-map-support": "^0.5.16" }, "devDependencies": { - "@aws-cdk/assert": "~1.63.0", + "@aws-cdk/assert": "~1.64.0", "@types/jest": "^24.0.23", "@types/node": "^10.3.0" },