From 210dd0ff4c8e83c6f1504aa2b0f7141b2b87bf63 Mon Sep 17 00:00:00 2001 From: Matteo Madeddu Date: Mon, 17 Jun 2019 11:53:22 +0200 Subject: [PATCH] fix(events-targets): event targets can have the same construct id (#2744) Extend the Target for Event Rule Lambda cannot have same construct ID Two supported Event Targets resources with the same Construct ID but in different scopes cannot both be used as targets to the same EventRule: ``` Error: Duplicate event rule target with ID: Resource at EventRule.addTarget (.../node_modules/@aws-cdk/aws-events/lib/rule.js:57:19) at new EventRule (.../node_modules/@aws-cdk/aws-events/lib/rule.js:26:18) ``` Assuming a Lambda Function as a RuleTarget, the issue is that Function's asEventRuleTarget uses `node.id` as the id field for the EventRuleTargetProps ([source](https://github.com/awslabs/aws-cdk/blob/48d536b191fb205869ef6724b718540be1037135/packages/%40aws-cdk/aws-events-targets/lib/lambda.ts#L32)). This isn't unique, as it's just the ID that was passed when creating the Function construct - instead, it should use `node.uniqueId` ([source](https://github.com/awslabs/aws-cdk/blob/master/packages/%40aws-cdk/cdk/lib/construct.ts#L31-L36)). This needs to be globally unique as when calling EventRule.addTarget this value is used as a unique identifier ([source](https://github.com/awslabs/aws-cdk/blob/master/packages/@aws-cdk/aws-events/lib/rule.ts#L124-L126)). I fix the bug as suggested by @robwettach in the package `@aws-cdk/aws-events` by using 64-maximum chars taken from the `uniqueId` - that is unique across the same app. This changes affects every binding in the supported event targets ([source](https://github.com/made2591/aws-cdk/blob/feature/aws-events-targets-sqs/packages/%40aws-cdk/aws-events-targets/lib/)). Close #2377 --- ...yed-through-codepipeline.lit.expected.json | 4 +- .../test/integ.lambda-pipeline.expected.json | 2 +- ...uild-multiple-inputs-outputs.expected.json | 2 +- .../integ.pipeline-code-commit.expected.json | 2 +- .../integ.pipeline-ecr-source.expected.json | 2 +- .../test/integ.pipeline-events.expected.json | 6 +- .../test/integ.rule.lit.expected.json | 2 +- ...integ.scheduled-ecs-task.lit.expected.json | 2 +- .../test/ec2/test.scheduled-ecs-task.ts | 4 +- .../aws-events-targets/lib/codebuild.ts | 2 +- .../aws-events-targets/lib/codepipeline.ts | 2 +- .../aws-events-targets/lib/ecs-task.ts | 2 +- .../@aws-cdk/aws-events-targets/lib/lambda.ts | 2 +- .../@aws-cdk/aws-events-targets/lib/sns.ts | 2 +- .../@aws-cdk/aws-events-targets/lib/sqs.ts | 2 +- .../aws-events-targets/lib/state-machine.ts | 2 +- .../integ.project-events.expected.json | 132 ++++++++-------- .../integ.pipeline-event-target.expected.json | 50 +++--- .../integ.pipeline-event-target.ts | 2 +- .../test/ecs/event-rule-target.test.ts | 29 +++- .../integ.event-ec2-task.lit.expected.json | 148 +++++++++--------- .../integ.event-fargate-task.expected.json | 10 +- .../test/lambda/integ.events.expected.json | 4 +- .../integ.sns-event-rule-target.expected.json | 2 +- .../integ.sqs-event-rule-target.expected.json | 4 +- packages/@aws-cdk/aws-events/lib/rule.ts | 4 +- .../test/integ.instance.lit.expected.json | 2 +- .../test/__snapshots__/synth.test.js.snap | 2 +- 28 files changed, 227 insertions(+), 202 deletions(-) diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json index caed1d048c69b..bb1f382803b72 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json @@ -679,7 +679,7 @@ ] ] }, - "Id": "Pipeline", + "Id": "PipelineStackPipeline9DB740AF", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole46BEEA7C", @@ -751,7 +751,7 @@ ] ] }, - "Id": "Pipeline", + "Id": "PipelineStackPipeline9DB740AF", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole46BEEA7C", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-pipeline.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-pipeline.expected.json index 6878eb270286e..8503cc4ad4a51 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-pipeline.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-pipeline.expected.json @@ -444,7 +444,7 @@ ] ] }, - "Id": "Pipeline", + "Id": "awscdkcodepipelinelambdaPipeline87A4B3D3", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole46BEEA7C", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.expected.json index 8959ea6c3fd74..e5da37a432750 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-build-multiple-inputs-outputs.expected.json @@ -61,7 +61,7 @@ ] ] }, - "Id": "Pipeline", + "Id": "awscdkcodepipelinecodebuildmultipleinputsoutputsPipeline314D3A85", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole46BEEA7C", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-commit.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-commit.expected.json index 8e3dae70f0b26..3f81805f2d38f 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-commit.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-code-commit.expected.json @@ -61,7 +61,7 @@ ] ] }, - "Id": "Pipeline", + "Id": "awscdkcodepipelinecodecommitPipelineF780CA18", "RoleArn": { "Fn::GetAtt": [ "PipelineEventsRole46BEEA7C", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json index f7d21ee67d544..130f3c920aebb 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json @@ -277,7 +277,7 @@ ] ] }, - "Id": "MyPipeline", + "Id": "awscdkcodepipelineecrsourceMyPipeline63CF3194", "RoleArn": { "Fn::GetAtt": [ "MyPipelineEventsRoleFAB99F32", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-events.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-events.expected.json index ffc75c74f5afe..51efdb5f7d3cb 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-events.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-events.expected.json @@ -374,7 +374,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic" + "Id": "awscdkpipelineeventtargetMyTopic8D32776A" } ] } @@ -426,7 +426,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic" + "Id": "awscdkpipelineeventtargetMyTopic8D32776A" } ] } @@ -473,7 +473,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic", + "Id": "awscdkpipelineeventtargetMyTopic8D32776A", "InputTransformer": { "InputPathsMap": { "detail-pipeline": "$.detail.pipeline", diff --git a/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json b/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json index eff352b6a34f1..86cb180ebc9e3 100644 --- a/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json +++ b/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json @@ -206,7 +206,7 @@ "Arn": { "Ref": "ComplianceTopic0229448B" }, - "Id": "ComplianceTopic" + "Id": "awscdkconfigruleintegComplianceTopic55CAF01A" } ] } diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json index df6ad15d15295..bf0e626ef96ea 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json @@ -847,7 +847,7 @@ "Ref": "ScheduledEc2TaskScheduledTaskDef56328BA4" } }, - "Id": "ScheduledTaskDef-on-EcsCluster", + "Id": "awsecsintegecsScheduledEc2TaskScheduledTaskDef18FB4348", "Input": "{}", "RoleArn": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.scheduled-ecs-task.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.scheduled-ecs-task.ts index ce3827278080a..9ba2198d421d6 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.scheduled-ecs-task.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.scheduled-ecs-task.ts @@ -31,7 +31,7 @@ export = { TaskCount: 1, TaskDefinitionArn: { Ref: "ScheduledEc2TaskScheduledTaskDef56328BA4" } }, - Id: "ScheduledTaskDef-on-EcsCluster", + Id: "ScheduledEc2TaskScheduledTaskDef1EA607E3", Input: "{}", RoleArn: { "Fn::GetAtt": ["ScheduledEc2TaskScheduledTaskDefEventsRole64113C5F", "Arn"] } } @@ -97,7 +97,7 @@ export = { TaskCount: 2, TaskDefinitionArn: { Ref: "ScheduledEc2TaskScheduledTaskDef56328BA4" } }, - Id: "ScheduledTaskDef-on-EcsCluster", + Id: "ScheduledEc2TaskScheduledTaskDef1EA607E3", Input: "{}", RoleArn: { "Fn::GetAtt": ["ScheduledEc2TaskScheduledTaskDefEventsRole64113C5F", "Arn"] } } diff --git a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts index be60e79d1db03..d5e80498801ac 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts @@ -15,7 +15,7 @@ export class CodeBuildProject implements events.IRuleTarget { */ public bind(_rule: events.IRule): events.RuleTargetConfig { return { - id: this.project.node.id, + id: this.project.node.uniqueId, arn: this.project.projectArn, role: singletonEventRole(this.project, [new iam.PolicyStatement() .addAction('codebuild:StartBuild') diff --git a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts index 10df105a3987b..ac41ea9662d53 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts @@ -12,7 +12,7 @@ export class CodePipeline implements events.IRuleTarget { public bind(_rule: events.IRule): events.RuleTargetConfig { return { - id: this.pipeline.node.id, + id: this.pipeline.node.uniqueId, arn: this.pipeline.pipelineArn, role: singletonEventRole(this.pipeline, [new iam.PolicyStatement() .addResource(this.pipeline.pipelineArn) diff --git a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts index b2e8205725698..08e457ca380ae 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts @@ -99,7 +99,7 @@ export class EcsTask implements events.IRuleTarget { .addResource(this.taskDefinition.taskRole.roleArn)); } - const id = this.taskDefinition.node.id + '-on-' + this.cluster.node.id; + const id = this.taskDefinition.node.uniqueId; const arn = this.cluster.clusterArn; const role = singletonEventRole(this.taskDefinition, policyStatements); const containerOverrides = this.props.containerOverrides && this.props.containerOverrides diff --git a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts index 06ce1d35c1075..7f3cbb1fa3b0e 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts @@ -39,7 +39,7 @@ export class LambdaFunction implements events.IRuleTarget { } return { - id: this.handler.node.id, + id: this.handler.node.uniqueId, arn: this.handler.functionArn, input: this.props.event, }; diff --git a/packages/@aws-cdk/aws-events-targets/lib/sns.ts b/packages/@aws-cdk/aws-events-targets/lib/sns.ts index 829ea7392c21e..395c1fe2121e2 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/sns.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/sns.ts @@ -39,7 +39,7 @@ export class SnsTopic implements events.IRuleTarget { this.topic.grantPublish(new iam.ServicePrincipal('events.amazonaws.com')); return { - id: this.topic.node.id, + id: this.topic.node.uniqueId, arn: this.topic.topicArn, input: this.props.message, }; diff --git a/packages/@aws-cdk/aws-events-targets/lib/sqs.ts b/packages/@aws-cdk/aws-events-targets/lib/sqs.ts index 25ea2310e9067..0c97cc05b3ed1 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/sqs.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/sqs.ts @@ -59,7 +59,7 @@ export class SqsQueue implements events.IRuleTarget { ); const result = { - id: this.queue.node.id, + id: this.queue.node.uniqueId, arn: this.queue.queueArn, input: this.props.message, }; diff --git a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts index 9e79811ff1ea5..60453326213f2 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts @@ -29,7 +29,7 @@ export class SfnStateMachine implements events.IRuleTarget { */ public bind(_rule: events.IRule): events.RuleTargetConfig { return { - id: this.machine.node.id, + id: this.machine.node.uniqueId, arn: this.machine.stateMachineArn, role: singletonEventRole(this.machine, [new iam.PolicyStatement() .addAction('states:StartExecution') diff --git a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json index a87767b5ef881..924e12491e703 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json @@ -44,7 +44,7 @@ "Arn" ] }, - "Id": "MyProject", + "Id": "awscdkcodebuildeventsMyProjectEF919B0E", "RoleArn": { "Fn::GetAtt": [ "MyProjectEventsRole5B7D93F5", @@ -56,7 +56,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic", + "Id": "awscdkcodebuildeventsMyTopic550011DC", "InputTransformer": { "InputPathsMap": { "detail-repositoryName": "$.detail.repositoryName", @@ -68,59 +68,6 @@ ] } }, - "MyProjectEventsRole5B7D93F5": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": { - "Fn::Join": [ - "", - [ - "events.", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - } - } - } - ], - "Version": "2012-10-17" - } - } - }, - "MyProjectEventsRoleDefaultPolicy397DCBF8": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "codebuild:StartBuild", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "MyProject39F7B0AE", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "MyProjectEventsRoleDefaultPolicy397DCBF8", - "Roles": [ - { - "Ref": "MyProjectEventsRole5B7D93F5" - } - ] - } - }, "MyProjectRole9BBE5233": { "Type": "AWS::IAM::Role", "Properties": { @@ -267,16 +214,16 @@ "source": [ "aws.codebuild" ], - "detail-type": [ - "CodeBuild Build State Change" - ], "detail": { "project-name": [ { "Ref": "MyProject39F7B0AE" } ] - } + }, + "detail-type": [ + "CodeBuild Build State Change" + ] }, "State": "ENABLED", "Targets": [ @@ -284,7 +231,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic" + "Id": "awscdkcodebuildeventsMyTopic550011DC" } ] } @@ -296,16 +243,16 @@ "source": [ "aws.codebuild" ], - "detail-type": [ - "CodeBuild Build Phase Change" - ], "detail": { "project-name": [ { "Ref": "MyProject39F7B0AE" } ] - } + }, + "detail-type": [ + "CodeBuild Build Phase Change" + ] }, "State": "ENABLED", "Targets": [ @@ -313,7 +260,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic", + "Id": "awscdkcodebuildeventsMyTopic550011DC", "InputTransformer": { "InputPathsMap": { "detail-completed-phase": "$.detail.completed-phase" @@ -324,6 +271,59 @@ ] } }, + "MyProjectEventsRole5B7D93F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "events.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "MyProjectEventsRoleDefaultPolicy397DCBF8": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "codebuild:StartBuild", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyProject39F7B0AE", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProjectEventsRoleDefaultPolicy397DCBF8", + "Roles": [ + { + "Ref": "MyProjectEventsRole5B7D93F5" + } + ] + } + }, "MyQueueE6CA6235": { "Type": "AWS::SQS::Queue" }, @@ -417,4 +417,4 @@ } } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json index 5c4b2bf89391c..e99a13854f285 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json @@ -7,7 +7,7 @@ "Triggers": [] } }, - "PipelineArtifactsBucketEncryptionKey01D58D69": { + "pipelinePipeline22F2A91DArtifactsBucketEncryptionKey87C796D2": { "Type": "AWS::KMS::Key", "Properties": { "KeyPolicy": { @@ -60,7 +60,7 @@ "Principal": { "AWS": { "Fn::GetAtt": [ - "PipelineRoleD68726F7", + "pipelinePipeline22F2A91DRole58B7B05E", "Arn" ] } @@ -73,7 +73,7 @@ }, "DeletionPolicy": "Retain" }, - "PipelineArtifactsBucket22248F97": { + "pipelinePipeline22F2A91DArtifactsBucketC1799DCD": { "Type": "AWS::S3::Bucket", "Properties": { "BucketEncryption": { @@ -82,7 +82,7 @@ "ServerSideEncryptionByDefault": { "KMSMasterKeyID": { "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", + "pipelinePipeline22F2A91DArtifactsBucketEncryptionKey87C796D2", "Arn" ] }, @@ -94,7 +94,7 @@ }, "DeletionPolicy": "Retain" }, - "PipelineRoleD68726F7": { + "pipelinePipeline22F2A91DRole58B7B05E": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { @@ -121,7 +121,7 @@ } } }, - "PipelineRoleDefaultPolicyC7A05455": { + "pipelinePipeline22F2A91DRoleDefaultPolicyCDEE9D19": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { @@ -139,7 +139,7 @@ "Resource": [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "pipelinePipeline22F2A91DArtifactsBucketC1799DCD", "Arn" ] }, @@ -149,7 +149,7 @@ [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "pipelinePipeline22F2A91DArtifactsBucketC1799DCD", "Arn" ] }, @@ -170,7 +170,7 @@ "Effect": "Allow", "Resource": { "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", + "pipelinePipeline22F2A91DArtifactsBucketEncryptionKey87C796D2", "Arn" ] } @@ -178,20 +178,20 @@ ], "Version": "2012-10-17" }, - "PolicyName": "PipelineRoleDefaultPolicyC7A05455", + "PolicyName": "pipelinePipeline22F2A91DRoleDefaultPolicyCDEE9D19", "Roles": [ { - "Ref": "PipelineRoleD68726F7" + "Ref": "pipelinePipeline22F2A91DRole58B7B05E" } ] } }, - "PipelineC660917D": { + "pipelinePipeline22F2A91DEB5D089B": { "Type": "AWS::CodePipeline::Pipeline", "Properties": { "RoleArn": { "Fn::GetAtt": [ - "PipelineRoleD68726F7", + "pipelinePipeline22F2A91DRole58B7B05E", "Arn" ] }, @@ -248,24 +248,24 @@ "EncryptionKey": { "Id": { "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", + "pipelinePipeline22F2A91DArtifactsBucketEncryptionKey87C796D2", "Arn" ] }, "Type": "KMS" }, "Location": { - "Ref": "PipelineArtifactsBucket22248F97" + "Ref": "pipelinePipeline22F2A91DArtifactsBucketC1799DCD" }, "Type": "S3" } }, "DependsOn": [ - "PipelineRoleDefaultPolicyC7A05455", - "PipelineRoleD68726F7" + "pipelinePipeline22F2A91DRoleDefaultPolicyCDEE9D19", + "pipelinePipeline22F2A91DRole58B7B05E" ] }, - "PipelineEventsRole46BEEA7C": { + "pipelinePipeline22F2A91DEventsRole048D7F59": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { @@ -292,7 +292,7 @@ } } }, - "PipelineEventsRoleDefaultPolicyFF4FCCE0": { + "pipelinePipeline22F2A91DEventsRoleDefaultPolicyEED1010F": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { @@ -318,7 +318,7 @@ }, ":", { - "Ref": "PipelineC660917D" + "Ref": "pipelinePipeline22F2A91DEB5D089B" } ] ] @@ -327,10 +327,10 @@ ], "Version": "2012-10-17" }, - "PolicyName": "PipelineEventsRoleDefaultPolicyFF4FCCE0", + "PolicyName": "pipelinePipeline22F2A91DEventsRoleDefaultPolicyEED1010F", "Roles": [ { - "Ref": "PipelineEventsRole46BEEA7C" + "Ref": "pipelinePipeline22F2A91DEventsRole048D7F59" } ] } @@ -360,15 +360,15 @@ }, ":", { - "Ref": "PipelineC660917D" + "Ref": "pipelinePipeline22F2A91DEB5D089B" } ] ] }, - "Id": "Pipeline", + "Id": "pipelineeventspipelinePipeline22F2A91DFBB66895", "RoleArn": { "Fn::GetAtt": [ - "PipelineEventsRole46BEEA7C", + "pipelinePipeline22F2A91DEventsRole048D7F59", "Arn" ] } diff --git a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts index 8ba9c871fccf5..7747288920842 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts +++ b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts @@ -17,7 +17,7 @@ const repo = new codecommit.Repository(stack, 'Repo', { repositoryName: 'TestRepository' }); -const pipeline = new codepipeline.Pipeline(stack, 'Pipeline'); +const pipeline = new codepipeline.Pipeline(stack, 'pipelinePipeline22F2A91D'); const srcArtifact = new codepipeline.Artifact('Src'); pipeline.addStage({ diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts index 108df76336b71..e26094f0354f8 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts @@ -50,7 +50,8 @@ test("Can use EC2 taskdef as EventRule target", () => { }, InputTemplate: "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"command\":[\"echo\",]}]}" }, - RoleArn: { "Fn::GetAtt": ["TaskDefEventsRoleFB3B67B8", "Arn"] } + RoleArn: { "Fn::GetAtt": ["TaskDefEventsRoleFB3B67B8", "Arn"] }, + Id: taskDefinition.node.uniqueId } ] }); @@ -123,7 +124,7 @@ test("Can use Fargate taskdef as EventRule target", () => { "Arn" ] }, - Id: "TaskDef-on-EcsCluster", + Id: taskDefinition.node.uniqueId, EcsParameters: { TaskDefinitionArn: { Ref: "TaskDef54694570" @@ -159,7 +160,29 @@ test("Can use Fargate taskdef as EventRule target", () => { } ] }, - physicalResourceId: "TaskDef-on-EcsCluster" + physicalResourceId: taskDefinition.node.uniqueId } }); + + // THEN + expect(stack).toHaveResourceLike('AWS::Events::Rule', { + Targets: [ + { + Arn: { "Fn::GetAtt": ["EcsCluster97242B84", "Arn"] }, + EcsParameters: { + TaskCount: 1, + TaskDefinitionArn: { Ref: "TaskDef54694570" } + }, + InputTransformer: { + InputPathsMap: { + "detail-event": "$.detail.event" + }, + InputTemplate: "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"command\":[\"echo\",]}]}" + }, + RoleArn: { "Fn::GetAtt": ["TaskDefEventsRoleFB3B67B8", "Arn"] }, + Id: taskDefinition.node.uniqueId + } + ] + }); + }); diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json index 70ec436edefaf..2a5586901642c 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json @@ -352,9 +352,6 @@ } } }, - "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4": { - "Type": "AWS::SNS::Topic" - }, "EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA": { "Type": "AWS::IAM::Role", "Properties": { @@ -588,6 +585,9 @@ ] } }, + "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4": { + "Type": "AWS::SNS::Topic" + }, "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookFFA63029": { "Type": "AWS::AutoScaling::LifecycleHook", "Properties": { @@ -882,6 +882,76 @@ ] } }, + "TaskDefEventsRoleFB3B67B8": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": { + "Fn::Join": [ + "", + [ + "events.", + { + "Ref": "AWS::URLSuffix" + } + ] + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "TaskDefEventsRoleDefaultPolicyA124E85B": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "ecs:RunTask", + "Condition": { + "ArnEquals": { + "ecs:cluster": { + "Fn::GetAtt": [ + "EcsCluster97242B84", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Resource": { + "Ref": "TaskDef54694570" + } + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "TaskDefExecutionRoleB4775C97", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "TaskDefEventsRoleDefaultPolicyA124E85B", + "Roles": [ + { + "Ref": "TaskDefEventsRoleFB3B67B8" + } + ] + } + }, "EventImageAdoptRepositoryDFAAC242": { "Type": "Custom::ECRAdoptedRepository", "Properties": { @@ -1089,7 +1159,7 @@ "Ref": "TaskDef54694570" } }, - "Id": "TaskDef-on-EcsCluster", + "Id": "awsecsintegecsTaskDef8DD0C801", "Input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}", "RoleArn": { "Fn::GetAtt": [ @@ -1100,76 +1170,6 @@ } ] } - }, - "TaskDefEventsRoleFB3B67B8": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": { - "Fn::Join": [ - "", - [ - "events.", - { - "Ref": "AWS::URLSuffix" - } - ] - ] - } - } - } - ], - "Version": "2012-10-17" - } - } - }, - "TaskDefEventsRoleDefaultPolicyA124E85B": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "ecs:RunTask", - "Condition": { - "ArnEquals": { - "ecs:cluster": { - "Fn::GetAtt": [ - "EcsCluster97242B84", - "Arn" - ] - } - } - }, - "Effect": "Allow", - "Resource": { - "Ref": "TaskDef54694570" - } - }, - { - "Action": "iam:PassRole", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "TaskDefExecutionRoleB4775C97", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "TaskDefEventsRoleDefaultPolicyA124E85B", - "Roles": [ - { - "Ref": "TaskDefEventsRoleFB3B67B8" - } - ] - } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json index efe8c37519fa8..f1582b411a944 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json @@ -609,7 +609,7 @@ "Arn" ] }, - "Id": "TaskDef-on-EcsCluster", + "Id": "awsecsintegfargateTaskDef8878AF94", "EcsParameters": { "TaskDefinitionArn": { "Ref": "TaskDef54694570" @@ -645,7 +645,7 @@ } ] }, - "physicalResourceId": "TaskDef-on-EcsCluster" + "physicalResourceId": "awsecsintegfargateTaskDef8878AF94" }, "Update": { "service": "CloudWatchEvents", @@ -686,7 +686,7 @@ "Arn" ] }, - "Id": "TaskDef-on-EcsCluster", + "Id": "awsecsintegfargateTaskDef8878AF94", "EcsParameters": { "TaskDefinitionArn": { "Ref": "TaskDef54694570" @@ -722,7 +722,7 @@ } ] }, - "physicalResourceId": "TaskDef-on-EcsCluster" + "physicalResourceId": "awsecsintegfargateTaskDef8878AF94" } } }, @@ -933,7 +933,7 @@ "Ref": "TaskDef54694570" } }, - "Id": "TaskDef-on-EcsCluster", + "Id": "awsecsintegfargateTaskDef8878AF94", "Input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}", "RoleArn": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json index 9e2df8005f1c4..3d99700f4739d 100644 --- a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json @@ -111,7 +111,7 @@ "Arn" ] }, - "Id": "MyFunc" + "Id": "lambdaeventsMyFunc910E580F" } ] } @@ -129,7 +129,7 @@ "Arn" ] }, - "Id": "MyFunc" + "Id": "lambdaeventsMyFunc910E580F" } ] } diff --git a/packages/@aws-cdk/aws-events-targets/test/sns/integ.sns-event-rule-target.expected.json b/packages/@aws-cdk/aws-events-targets/test/sns/integ.sns-event-rule-target.expected.json index e7113875c4cea..2c8279ffca762 100644 --- a/packages/@aws-cdk/aws-events-targets/test/sns/integ.sns-event-rule-target.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/sns/integ.sns-event-rule-target.expected.json @@ -49,7 +49,7 @@ "Arn": { "Ref": "MyTopic86869434" }, - "Id": "MyTopic" + "Id": "awscdksnseventtargetMyTopicB7575CD8" } ] } diff --git a/packages/@aws-cdk/aws-events-targets/test/sqs/integ.sqs-event-rule-target.expected.json b/packages/@aws-cdk/aws-events-targets/test/sqs/integ.sqs-event-rule-target.expected.json index a2c84aa56a819..b56bcd5f6bfe0 100644 --- a/packages/@aws-cdk/aws-events-targets/test/sqs/integ.sqs-event-rule-target.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/sqs/integ.sqs-event-rule-target.expected.json @@ -13,7 +13,7 @@ "Arn" ] }, - "Id": "MyQueue" + "Id": "awscdksqseventtargetMyQueueF7EBF3AE" } ] } @@ -74,4 +74,4 @@ } } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events/lib/rule.ts b/packages/@aws-cdk/aws-events/lib/rule.ts index 3a3993ac3ae4c..f4e0c0819a124 100644 --- a/packages/@aws-cdk/aws-events/lib/rule.ts +++ b/packages/@aws-cdk/aws-events/lib/rule.ts @@ -230,5 +230,7 @@ export class Rule extends Resource implements IRule { * Result must match regex [\.\-_A-Za-z0-9]+ */ function sanitizeId(id: string) { - return id.replace(/[^\.\-_A-Za-z0-9]/g, '-'); + const _id = id.replace(/[^\.\-_A-Za-z0-9]/g, '-'); + // cut to 64 chars to respect AWS::Events::Rule Target Id field specification + return _id.substring(Math.max(_id.length - 64, 0), _id.length); } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json b/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json index fa1f1d4ac9f2d..f09b306ce7a43 100644 --- a/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json +++ b/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json @@ -884,7 +884,7 @@ "Arn" ] }, - "Id": "Function" + "Id": "awscdkrdsinstanceFunctionD515EE19" } ] } diff --git a/packages/decdk/test/__snapshots__/synth.test.js.snap b/packages/decdk/test/__snapshots__/synth.test.js.snap index 4ff4e5d64b382..cc7b17b3ea085 100644 --- a/packages/decdk/test/__snapshots__/synth.test.js.snap +++ b/packages/decdk/test/__snapshots__/synth.test.js.snap @@ -2502,7 +2502,7 @@ Object { ], ], }, - "Id": "Pipeline", + "Id": "pipelinePipeline22F2A91D", "RoleArn": Object { "Fn::GetAtt": Array [ "PipelineEventsRole46BEEA7C",