From dbc15411741aa860de0896c6c0109868d4d7e07e Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Fri, 1 Oct 2021 16:16:17 +0100 Subject: [PATCH 01/43] chore: reset jsii-rosetta worker count to default (#16755) This value was reduced as part of troubleshooting of various Node Worker memory issues. These issues are theorized to have been mitigated by #16752. Our pack time is currently over 2 hours, compared to 20-30 minutes prior to the set of changes. By removing this worker count override, we should be able to get back to normal pack times and speed up the pipeline. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- pack.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/pack.sh b/pack.sh index 99ae852188ebe..d270fb28271c5 100755 --- a/pack.sh +++ b/pack.sh @@ -5,7 +5,6 @@ set -eu export PATH=$PWD/node_modules/.bin:$PATH export NODE_OPTIONS="--max-old-space-size=8192 ${NODE_OPTIONS:-}" -export JSII_ROSETTA_MAX_WORKER_COUNT="${JSII_ROSETTA_MAX_WORKER_COUNT:-8}" root=$PWD # Get version and changelog file name (these require that .versionrc.json would have been generated) From 1875287cb68d7d63a79a2b9381885a25f6d23a4f Mon Sep 17 00:00:00 2001 From: Ryan Parker Date: Fri, 1 Oct 2021 12:18:47 -0700 Subject: [PATCH 02/43] docs(GitHub issue templates): Upgrade to GitHub Issues v2 (#16592) ## Summary This PR updates this repo's GitHub issue templates to v2. ([see prototype](https://github.com/ryparker/proto-github-issues-v2/issues/new/choose)) **Reviewers**: Please make sure that all the fields i've marked with `required: true` are necessary. A user will not be able to create an issue without these required fields being completed. [GitHub issues v2 docs](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms) CleanShot 2021-09-21 at 18 37 06@2x ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/ISSUE_TEMPLATE.md | 34 ------- .github/ISSUE_TEMPLATE/bug.md | 54 ----------- .github/ISSUE_TEMPLATE/bug.yml | 108 +++++++++++++++++++++ .github/ISSUE_TEMPLATE/doc.md | 29 ------ .github/ISSUE_TEMPLATE/doc.yml | 32 ++++++ .github/ISSUE_TEMPLATE/feature-request.md | 46 --------- .github/ISSUE_TEMPLATE/feature-request.yml | 56 +++++++++++ .github/ISSUE_TEMPLATE/general-issue.yml | 87 +++++++++++++++++ .github/ISSUE_TEMPLATE/general-issues.md | 35 ------- .github/ISSUE_TEMPLATE/tracking.md | 68 ------------- .github/ISSUE_TEMPLATE/tracking.yml | 76 +++++++++++++++ 11 files changed, 359 insertions(+), 266 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE.md delete mode 100644 .github/ISSUE_TEMPLATE/bug.md create mode 100644 .github/ISSUE_TEMPLATE/bug.yml delete mode 100644 .github/ISSUE_TEMPLATE/doc.md create mode 100644 .github/ISSUE_TEMPLATE/doc.yml delete mode 100644 .github/ISSUE_TEMPLATE/feature-request.md create mode 100644 .github/ISSUE_TEMPLATE/feature-request.yml create mode 100644 .github/ISSUE_TEMPLATE/general-issue.yml delete mode 100644 .github/ISSUE_TEMPLATE/general-issues.md delete mode 100644 .github/ISSUE_TEMPLATE/tracking.md create mode 100644 .github/ISSUE_TEMPLATE/tracking.yml diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md deleted file mode 100644 index 5371d422793e3..0000000000000 --- a/.github/ISSUE_TEMPLATE.md +++ /dev/null @@ -1,34 +0,0 @@ ---- -name: "\U00002753 General Issue" -about: Create a new issue -labels: needs-triage ---- - - - -## :question: General Issue - - - -### The Question - - -### Environment - - - **CDK CLI Version:** - - **Module Version:** - - **Node.js Version:** - - **OS:** - - **Language:** - - -### Other information - diff --git a/.github/ISSUE_TEMPLATE/bug.md b/.github/ISSUE_TEMPLATE/bug.md deleted file mode 100644 index 6835abe99e034..0000000000000 --- a/.github/ISSUE_TEMPLATE/bug.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -name: "\U0001F41B Bug Report" -about: Report a bug -title: "(module name): short issue description" -labels: bug, needs-triage ---- - - - - - - -### Reproduction Steps - - - -### What did you expect to happen? - - - -### What actually happened? - - - - -### Environment - - - **CDK CLI Version :** - - **Framework Version:** - - **Node.js Version:** - - **OS :** - - **Language (Version):** - -### Other - - - - - - ---- - -This is :bug: Bug Report diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml new file mode 100644 index 0000000000000..f77fa5beb193e --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -0,0 +1,108 @@ +name: Bug Report +description: Report a bug +title: "(module name): short issue description" +labels: [bug, needs-triage] +body: + - type: textarea + id: problem + attributes: + label: What is the problem? + validations: + required: true + + - type: textarea + id: reproduction + attributes: + label: Reproduction Steps + description: | + Minimal amount of code that causes the bug (if possible) or a reference. + + The code sample should be an SSCCE. See http://sscce.org/ for details. + In short, provide a code sample that we can copy/paste, run and reproduce. + validations: + required: true + + - type: textarea + id: expected + attributes: + label: What did you expect to happen? + description: | + What were you trying to achieve by performing the steps above? + validations: + required: true + + - type: textarea + id: actual + attributes: + label: What actually happened? + description: | + What is the unexpected behavior you were seeing? If you got an error, paste it here. + validations: + required: true + + - type: input + id: cdk-version + attributes: + label: CDK CLI Version + description: Output of `cdk version` + validations: + required: true + + - type: input + id: framework-version + attributes: + label: Framework Version + validations: + required: false + + - type: input + id: node-version + attributes: + label: Node.js Version + validations: + required: true + + - type: input + id: operating-system + attributes: + label: OS + validations: + required: true + + - type: dropdown + id: language + attributes: + label: Language + multiple: true + options: + - Typescript + - Python + - .NET + - Java + - Go + validations: + required: true + + - type: input + id: language-version + attributes: + label: Language Version + description: E.g. TypeScript (3.8.3) | Java (8) | Python (3.7.3) + validations: + required: false + + - type: textarea + id: other + attributes: + label: Other information + description: | + e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, slack, etc + validations: + required: false + + - type: markdown + attributes: + value: | + --- + + This is :bug: Bug Report diff --git a/.github/ISSUE_TEMPLATE/doc.md b/.github/ISSUE_TEMPLATE/doc.md deleted file mode 100644 index 3c8a1dc691d0e..0000000000000 --- a/.github/ISSUE_TEMPLATE/doc.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -name: "πŸ“• Documentation Issue" -about: Issue in the reference documentation or developer guide -title: "(module name): short issue description" -labels: feature-request, documentation, needs-triage ---- - - - - - - - - - - - - - ---- - -This is a πŸ“• documentation issue diff --git a/.github/ISSUE_TEMPLATE/doc.yml b/.github/ISSUE_TEMPLATE/doc.yml new file mode 100644 index 0000000000000..974a752cac810 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/doc.yml @@ -0,0 +1,32 @@ +name: Documentation Issue +description: Issue in the reference documentation or developer guide +title: "(module name): short issue description" +labels: [feature-request, documentation, needs-triage] +body: + - type: markdown + attributes: + value: | + Developer guide? Raise issue/pr here: https://github.com/awsdocs/aws-cdk-guide + + Want to help? Submit a pull request here: https://github.com/aws/aws-cdk + + - type: input + id: doc-link + attributes: + label: link to reference doc page + validations: + required: false + + - type: textarea + id: issue + attributes: + label: Describe your issue? + validations: + required: true + + - type: markdown + attributes: + value: | + --- + + This is a πŸ“• documentation issue diff --git a/.github/ISSUE_TEMPLATE/feature-request.md b/.github/ISSUE_TEMPLATE/feature-request.md deleted file mode 100644 index 163f2f54d0b88..0000000000000 --- a/.github/ISSUE_TEMPLATE/feature-request.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -name: "\U0001F680 Feature Request" -about: Request a new feature -title: "(module name): short issue description" -labels: feature-request, needs-triage ---- - - - - - - - -### Use Case - - - - - - - -### Proposed Solution - - - - - - - -### Other - - - - - - - -* [ ] :wave: I may be able to implement this feature request -* [ ] :warning: This feature might incur a breaking change - ---- - -This is a :rocket: Feature Request diff --git a/.github/ISSUE_TEMPLATE/feature-request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml new file mode 100644 index 0000000000000..a16053f420a82 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request.yml @@ -0,0 +1,56 @@ +name: Feature Request +description: Request a new feature +title: "(module name): short issue description" +labels: [feature-request, needs-triage] +body: + - type: textarea + id: description + attributes: + label: Description + description: Short description of the feature you are proposing. + validations: + required: true + + - type: textarea + id: use-case + attributes: + label: Use Case + description: | + Why do you need this feature? + validations: + required: true + + - type: textarea + id: solution + attributes: + label: Proposed Solution + description: | + Please include prototype/workaround/sketch/reference implementation. + validations: + required: true + + - type: textarea + id: other + attributes: + label: Other information + description: | + e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, slack, etc + validations: + required: false + + - type: checkboxes + id: acknowledgments + attributes: + label: Acknowledge + options: + - label: I may be able to implement this feature request + required: false + - label: This feature might incur a breaking change + required: false + + - type: markdown + attributes: + value: | + --- + + This is a :rocket: Feature Request diff --git a/.github/ISSUE_TEMPLATE/general-issue.yml b/.github/ISSUE_TEMPLATE/general-issue.yml new file mode 100644 index 0000000000000..61119a33a761c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/general-issue.yml @@ -0,0 +1,87 @@ +name: General Issue +description: Create a new issue +title: "(module name): short issue description" +labels: [needs-triage, guidance] +body: + - type: markdown + attributes: + value: | + If there is an issue regarding developer guide, please create an issue [here](https://github.com/awsdocs/aws-cdk-guide/issues). + + - type: input + id: issue + attributes: + label: General Issue + description: | + For support questions, please first reference our [documentation](https://docs.aws.amazon.com/cdk/api/latest), then use [Stackoverflow](https://stackoverflow.com/questions/tagged/aws-cdk). This repository's issues are intended for feature requests and bug reports. + validations: + required: true + + - type: textarea + id: question + attributes: + label: The Question + description: | + Ask your question here. Include any details relevant. Make sure you are not falling prey to the [X/Y problem](http://xyproblem.info)! + validations: + required: true + + - type: input + id: cdk-version + attributes: + label: CDK CLI Version + description: Output of `cdk version` + validations: + required: true + + - type: input + id: framework-version + attributes: + label: Framework Version + validations: + required: false + + - type: input + id: node-version + attributes: + label: Node.js Version + validations: + required: false + + - type: input + id: operating-system + attributes: + label: OS + validations: + required: false + + - type: dropdown + id: language + attributes: + label: Language + multiple: true + options: + - Typescript + - Python + - .NET + - Java + - Go + validations: + required: true + + - type: input + id: language-version + attributes: + label: Language Version + description: E.g. TypeScript (3.8.3) | Java (8) | Python (3.7.3) + validations: + required: false + + - type: textarea + id: other + attributes: + label: Other information + description: | + e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, slack, etc + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/general-issues.md b/.github/ISSUE_TEMPLATE/general-issues.md deleted file mode 100644 index 2b478904a6fca..0000000000000 --- a/.github/ISSUE_TEMPLATE/general-issues.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -name: "\U00002753 General Issue" -about: Create a new issue -title: "(module name): short issue description" -labels: needs-triage, guidance ---- - - - -## :question: General Issue - - - -### The Question - - -### Environment - - - **CDK CLI Version:** - - **Module Version:** - - **Node.js Version:** - - **OS:** - - **Language (Version):** - - -### Other information - diff --git a/.github/ISSUE_TEMPLATE/tracking.md b/.github/ISSUE_TEMPLATE/tracking.md deleted file mode 100644 index b3655dfaa6dca..0000000000000 --- a/.github/ISSUE_TEMPLATE/tracking.md +++ /dev/null @@ -1,68 +0,0 @@ ---- -name: "πŸ“Š Tracking Issue" -title: "πŸ“ŠTracking: [service]" -about: Add a module tracking issue (internal use only) -labels: management/tracking ---- - -Add your +1 πŸ‘ to help us prioritize high-level constructs for this service ---- - -### Overview: - - - - - - - -[AWS Docs](url) - -### Maturity: CloudFormation Resources Only - - -See the [AWS Construct Library Module Lifecycle doc](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0107-construct-library-module-lifecycle.md) for more information about maturity levels. - - -### Implementation: - -See the [CDK API Reference](url) for more implementation details. - - - - - - -### Issue list: - - - - - - - - ---- -This is a πŸ“ŠTracking Issue diff --git a/.github/ISSUE_TEMPLATE/tracking.yml b/.github/ISSUE_TEMPLATE/tracking.yml new file mode 100644 index 0000000000000..0ecfc903b002c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/tracking.yml @@ -0,0 +1,76 @@ +name: Tracking Issue +description: Add a module tracking issue (internal use only) +title: "Tracking: [service]" +labels: [management/tracking] +body: + - type: markdown + attributes: + value: | + Add your +1 πŸ‘ to help us prioritize high-level constructs for this service + + - type: textarea + id: overview + attributes: + label: Overview + description: | + Summary of the service (leverage the service’s product page for the text) and a link to the relevant AWS Docs. This should be the same text that we put at the top of the package’s README.md. + validations: + required: true + + - type: input + id: cdk-api-docs-link + attributes: + label: Link to the service’s CDK Construct Library API reference page. + validations: + required: true + + - type: dropdown + id: maturity + attributes: + label: "Maturity: CloudFormation Resources Only" + description: | + See the [AWS Construct Library Module Lifecycle doc](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0107-construct-library-module-lifecycle.md) for more information about maturity levels. + options: + - CloudFormation Resources Only + - Experimental + - Developer Preview + - Stable + validations: + required: true + + - type: textarea + id: implementation + attributes: + label: Implementation + description: | + Checklist of use cases, constructs, features (such as grant methods) that will ship in this package. This is not required until the issue is added to the public roadmap. + validations: + required: true + + - type: textarea + id: issue-list + attributes: + label: Issue list + description: | + Checklist of links to feature requests, bugs, and PRs that are in scope for GA release of this module (not required until the issues is added to the public roadmap). + value: | + - [ ] + - [ ] + validations: + required: true + + - type: markdown + attributes: + value: | + Labels to add: + - package/[name] (create new labels if they don’t already exist) + - needs-design (if cfn-only) + - management/roadmap (when added to the roadmap) + - in-progress (when added to β€œworking on it” column of the roadmap) + + - type: markdown + attributes: + value: | + --- + + This is a πŸ“Š Tracking Issue From eda7e84400d766b8045972c496851e975544c38f Mon Sep 17 00:00:00 2001 From: Ryan Parker Date: Fri, 1 Oct 2021 16:49:48 -0700 Subject: [PATCH 03/43] fix(revert): "fix: CDK does not honor NO_PROXY settings (#16751)" (#16761) ## Summary This [commit](https://github.com/aws/aws-cdk/commit/ceab036fa9dfcd13c58c7d818339cd05ed515bec) broke EKS deployments. CloudFormation throws "Internal failure." when attempting to create an EKS cluster. Full details : https://github.com/aws/aws-cdk/pull/16751/files#r720549975 This reverts commit ceab036fa9dfcd13c58c7d818339cd05ed515bec. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/cluster-resource-handler/common.ts | 26 +++++++++++---- .../aws-cdk/lib/api/aws-auth/sdk-provider.ts | 33 +++++++++++++------ 2 files changed, 42 insertions(+), 17 deletions(-) diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts index c3f34ae4bbc6f..1adb2eb328564 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts @@ -39,13 +39,15 @@ export abstract class ResourceHandler { RoleSessionName: `AWSCDK.EKSCluster.${this.requestType}.${this.requestId}`, }); - // Configure the proxy agent. By default, this will use HTTPS?_PROXY and - // NO_PROXY environment variables to determine which proxy to use for each - // request. - // - // eslint-disable-next-line @typescript-eslint/no-require-imports, import/no-extraneous-dependencies - const ProxyAgent: any = require('proxy-agent'); - aws.config.update({ httpOptions: { agent: new ProxyAgent() } }); + const proxyAddress = this.httpProxyFromEnvironment(); + if (proxyAddress) { + this.log(`Using proxy server: ${proxyAddress}`); + // eslint-disable-next-line @typescript-eslint/no-require-imports, import/no-extraneous-dependencies + const ProxyAgent: any = require('proxy-agent'); + aws.config.update({ + httpOptions: { agent: new ProxyAgent(proxyAddress) }, + }); + } } public onEvent() { @@ -73,6 +75,16 @@ export abstract class ResourceHandler { console.log(JSON.stringify(x, undefined, 2)); } + private httpProxyFromEnvironment(): string | undefined { + if (process.env.http_proxy) { + return process.env.http_proxy; + } + if (process.env.HTTP_PROXY) { + return process.env.HTTP_PROXY; + } + return undefined; + } + protected abstract async onCreate(): Promise; protected abstract async onDelete(): Promise; protected abstract async onUpdate(): Promise<(OnEventResponse & EksUpdateId) | void>; diff --git a/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts b/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts index 4621d171bc357..d06fba8a59529 100644 --- a/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts +++ b/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts @@ -374,35 +374,48 @@ function parseHttpOptions(options: SdkHttpOptions) { } config.customUserAgent = userAgent; + const proxyAddress = options.proxyAddress || httpsProxyFromEnvironment(); const caBundlePath = options.caBundlePath || caBundlePathFromEnvironment(); - if (options.proxyAddress && caBundlePath) { - throw new Error(`At the moment, cannot specify Proxy (${options.proxyAddress}) and CA Bundle (${caBundlePath}) at the same time. See https://github.com/aws/aws-cdk/issues/5804`); + if (proxyAddress && caBundlePath) { + throw new Error(`At the moment, cannot specify Proxy (${proxyAddress}) and CA Bundle (${caBundlePath}) at the same time. See https://github.com/aws/aws-cdk/issues/5804`); // Maybe it's possible after all, but I've been staring at // https://github.com/TooTallNate/node-proxy-agent/blob/master/index.js#L79 // a while now trying to figure out what to pass in so that the underlying Agent // object will get the 'ca' argument. It's not trivial and I don't want to risk it. } + if (proxyAddress) { // Ignore empty string on purpose + // https://aws.amazon.com/blogs/developer/using-the-aws-sdk-for-javascript-from-behind-a-proxy/ + debug('Using proxy server: %s', proxyAddress); + // eslint-disable-next-line @typescript-eslint/no-require-imports + const ProxyAgent: any = require('proxy-agent'); + config.httpOptions.agent = new ProxyAgent(proxyAddress); + } if (caBundlePath) { debug('Using CA bundle path: %s', caBundlePath); config.httpOptions.agent = new https.Agent({ ca: readIfPossible(caBundlePath), keepAlive: true, }); - } else { - // Configure the proxy agent. By default, this will use HTTPS?_PROXY and - // NO_PROXY environment variables to determine which proxy to use for each - // request. - // - // eslint-disable-next-line @typescript-eslint/no-require-imports - const ProxyAgent: any = require('proxy-agent'); - config.httpOptions.agent = new ProxyAgent(); } return config; } +/** + * Find and return the configured HTTPS proxy address + */ +function httpsProxyFromEnvironment(): string | undefined { + if (process.env.https_proxy) { + return process.env.https_proxy; + } + if (process.env.HTTPS_PROXY) { + return process.env.HTTPS_PROXY; + } + return undefined; +} + /** * Find and return a CA certificate bundle path to be passed into the SDK. */ From b515846d8d8417572e0e3a9add90d3efcfeb53b3 Mon Sep 17 00:00:00 2001 From: Peter Woodworth <44349620+peterwoodworth@users.noreply.github.com> Date: Fri, 1 Oct 2021 17:59:18 -0700 Subject: [PATCH 04/43] chore: set response-requested length to 2 and closing-soon to 5 (#16763) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/workflows/close-stale-issues.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/close-stale-issues.yml b/.github/workflows/close-stale-issues.yml index 0798bc9e5d355..487a095e0c372 100644 --- a/.github/workflows/close-stale-issues.yml +++ b/.github/workflows/close-stale-issues.yml @@ -35,8 +35,8 @@ jobs: closed-for-staleness-label: closed-for-staleness # Issue timing - days-before-stale: 7 - days-before-close: 4 + days-before-stale: 2 + days-before-close: 5 days-before-ancient: 365 # If you don't want to mark a issue as being ancient based on a From c89fb0452382d6cd052ca5bc393705c5f9295db0 Mon Sep 17 00:00:00 2001 From: Peter Woodworth <44349620+peterwoodworth@users.noreply.github.com> Date: Mon, 4 Oct 2021 01:40:52 -0700 Subject: [PATCH 05/43] chore(s3-deployments): update python version on BucketDeployment handler (#16771) fixes :#16669 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-ecs/test/ec2/integ.environment-file.expected.json | 2 +- packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts | 2 +- .../test/integ.bucket-deployment-cloudfront.expected.json | 2 +- .../test/integ.bucket-deployment.expected.json | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json index b26608d3626bf..eee0801d80061 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json @@ -1267,7 +1267,7 @@ "Ref": "EnvFileDeploymentAwsCliLayerA8FC897D" } ], - "Runtime": "python3.6", + "Runtime": "python3.7", "Timeout": 900 }, "DependsOn": [ diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts index 439af53a90dd9..8e25826647a64 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts +++ b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts @@ -278,7 +278,7 @@ export class BucketDeployment extends CoreConstruct { uuid: this.renderSingletonUuid(props.memoryLimit, props.vpc), code: lambda.Code.fromAsset(path.join(__dirname, 'lambda')), layers: [new AwsCliLayer(this, 'AwsCliLayer')], - runtime: lambda.Runtime.PYTHON_3_6, + runtime: lambda.Runtime.PYTHON_3_7, environment: props.useEfs ? { MOUNT_PATH: mountPath, } : undefined, diff --git a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json index bd5c7309210e3..ee73484606056 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json @@ -343,7 +343,7 @@ "Ref": "DeployWithInvalidationAwsCliLayerDEDD5787" } ], - "Runtime": "python3.6", + "Runtime": "python3.7", "Timeout": 900 }, "DependsOn": [ diff --git a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json index 8b247a49a4428..28a59330cb59b 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json @@ -352,7 +352,7 @@ "Ref": "DeployMeAwsCliLayer5F9219E9" } ], - "Runtime": "python3.6", + "Runtime": "python3.7", "Timeout": 900 }, "DependsOn": [ @@ -1495,7 +1495,7 @@ "Ref": "DeployMeWithEfsStorageAwsCliLayer1619A3EE" } ], - "Runtime": "python3.6", + "Runtime": "python3.7", "Timeout": 900, "VpcConfig": { "SecurityGroupIds": [ From 63614b9018596705d0167bd895d65067bfd0dfc1 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Mon, 4 Oct 2021 12:17:53 +0200 Subject: [PATCH 06/43] docs(core): fix reference to nonexistant enum value (#16716) Fixes #16605. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/lib/cfn-resource.ts | 8 ++++++++ packages/@aws-cdk/core/lib/resource.ts | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/core/lib/cfn-resource.ts b/packages/@aws-cdk/core/lib/cfn-resource.ts index d6be50b9149fb..f1b4d76a10563 100644 --- a/packages/@aws-cdk/core/lib/cfn-resource.ts +++ b/packages/@aws-cdk/core/lib/cfn-resource.ts @@ -101,6 +101,14 @@ export class CfnResource extends CfnRefElement { /** * Sets the deletion policy of the resource based on the removal policy specified. + * + * The Removal Policy controls what happens to this resource when it stops + * being managed by CloudFormation, either because you've removed it from the + * CDK application or because you've made a change that requires the resource + * to be replaced. + * + * The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS + * account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). */ public applyRemovalPolicy(policy: RemovalPolicy | undefined, options: RemovalPolicyOptions = {}) { policy = policy || options.default || RemovalPolicy.RETAIN; diff --git a/packages/@aws-cdk/core/lib/resource.ts b/packages/@aws-cdk/core/lib/resource.ts index 65fcacd55bf25..c61e9ba69955e 100644 --- a/packages/@aws-cdk/core/lib/resource.ts +++ b/packages/@aws-cdk/core/lib/resource.ts @@ -203,7 +203,7 @@ export abstract class Resource extends CoreConstruct implements IResource { * CDK application or because you've made a change that requires the resource * to be replaced. * - * The resource can be deleted (`RemovalPolicy.DELETE`), or left in your AWS + * The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS * account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). */ public applyRemovalPolicy(policy: RemovalPolicy) { From 0bc58cd5f6ae61b909a2c2101f5d62d954977618 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Mon, 4 Oct 2021 13:06:56 +0200 Subject: [PATCH 07/43] docs(events): add a note about not using `EventPattern` with `CfnRule` (#16715) Fixes #16563. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-events/lib/event-pattern.ts | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-events/lib/event-pattern.ts b/packages/@aws-cdk/aws-events/lib/event-pattern.ts index bdd586f7e0e78..523223d3903d2 100644 --- a/packages/@aws-cdk/aws-events/lib/event-pattern.ts +++ b/packages/@aws-cdk/aws-events/lib/event-pattern.ts @@ -2,10 +2,14 @@ * Events in Amazon CloudWatch Events are represented as JSON objects. For more * information about JSON objects, see RFC 7159. * + * **Important**: this class can only be used with a `Rule` class. In particular, + * do not use it with `CfnRule` class: your pattern will not be rendered + * correctly. In a `CfnRule` class, write the pattern as you normally would when + * directly writing CloudFormation. + * * Rules use event patterns to select events and route them to targets. A * pattern either matches an event or it doesn't. Event patterns are represented - * as JSON objects with a structure that is similar to that of events, for - * example: + * as JSON objects with a structure that is similar to that of events. * * It is important to remember the following about event pattern matching: * From cfcaf452da163efa33df752b0ff026b3ea608dfc Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Mon, 4 Oct 2021 04:57:36 -0700 Subject: [PATCH 08/43] fix(config): add SourceAccount condition to Lambda permission (#16617) According to [AWS Config best practices](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules_nodejs.html#restricted-lambda-policy), we should add a `SourceAccount` condition to the Lambda Permission we create in `CustomRule`. Note that we cannot add the `SourceArn` condition, because that would cause a cyclic dependency between the `LambdaPermission` resource, and the `Rule` resource (as the `Rule` can only be created _after_ the `LambdaPermission` has been created - this is validated by the AWS Config service - and so needs a `DependOn` for the Lambda Permission). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-config/lib/rule.ts | 1 + .../@aws-cdk/aws-config/test/integ.rule.lit.expected.json | 7 +++++-- .../aws-config/test/integ.scoped-rule.expected.json | 7 +++++-- packages/@aws-cdk/aws-config/test/rule.test.ts | 3 +++ 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-config/lib/rule.ts b/packages/@aws-cdk/aws-config/lib/rule.ts index 05ecebe7d93e5..e1ac4d107ec9e 100644 --- a/packages/@aws-cdk/aws-config/lib/rule.ts +++ b/packages/@aws-cdk/aws-config/lib/rule.ts @@ -355,6 +355,7 @@ export class CustomRule extends RuleNew { props.lambdaFunction.addPermission('Permission', { principal: new iam.ServicePrincipal('config.amazonaws.com'), + sourceAccount: this.env.account, }); if (props.lambdaFunction.role) { diff --git a/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json b/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json index 234f54351bcd1..172382853b95f 100644 --- a/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json +++ b/packages/@aws-cdk/aws-config/test/integ.rule.lit.expected.json @@ -72,7 +72,10 @@ "Arn" ] }, - "Principal": "config.amazonaws.com" + "Principal": "config.amazonaws.com", + "SourceAccount": { + "Ref": "AWS::AccountId" + } } }, "Custom8166710A": { @@ -221,4 +224,4 @@ } } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-config/test/integ.scoped-rule.expected.json b/packages/@aws-cdk/aws-config/test/integ.scoped-rule.expected.json index 99d314d0c45af..fced1ede4a8f5 100644 --- a/packages/@aws-cdk/aws-config/test/integ.scoped-rule.expected.json +++ b/packages/@aws-cdk/aws-config/test/integ.scoped-rule.expected.json @@ -72,7 +72,10 @@ "Arn" ] }, - "Principal": "config.amazonaws.com" + "Principal": "config.amazonaws.com", + "SourceAccount": { + "Ref": "AWS::AccountId" + } } }, "Custom8166710A": { @@ -106,4 +109,4 @@ ] } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-config/test/rule.test.ts b/packages/@aws-cdk/aws-config/test/rule.test.ts index 77599b8d95308..259727982a330 100644 --- a/packages/@aws-cdk/aws-config/test/rule.test.ts +++ b/packages/@aws-cdk/aws-config/test/rule.test.ts @@ -101,6 +101,9 @@ describe('rule', () => { expect(stack).toHaveResource('AWS::Lambda::Permission', { Principal: 'config.amazonaws.com', + SourceAccount: { + Ref: 'AWS::AccountId', + }, }); expect(stack).toHaveResource('AWS::IAM::Role', { From 0c8ecb8cfc2cec9fd8c9f238c049b604a0f149fe Mon Sep 17 00:00:00 2001 From: Harrison Cannon <57939433+HariboDev@users.noreply.github.com> Date: Mon, 4 Oct 2021 13:46:08 +0100 Subject: [PATCH 09/43] fix(cli): progress bar overshoots count by 1 for stack updates (#16168) Currently, the `resourcesTotal` output is one short as it doesn't account for the `UPDATE_COMPLETE` event emitted when updating a stack. This PR increases the `resourcesTotal` variable depending on whether the stack is being updated or created. Noticed this bug when using the CDK on private projects. This has had a minor fix previously to address the `CREATE_COMPLETE` event emitted when creating a stack, however this did not address the `UPDATE_COMPLETE` event emitted when updating a stack. This caused updated events to produce the following output: ![image](https://user-images.githubusercontent.com/57939433/130373537-5dfacd3c-df7d-4272-abac-a4cf7c04cc47.png) To address this issue, I: - Added `+1` to the `resourcesTotal` prop in `packages/aws-cdk/lib/api/deploy-stack.ts` for the `StackActivityMonitor` class depending on whether the stack being deployed already exists using the `cloudFormationStack.exists` boolean. I also addressed a spacing issue between the pipe (`|`) and the timestamp, as seen in the image above. Collaborators: - @JWK95: Provided code review & valid suggestions ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- CONTRIBUTING.md | 4 ++-- packages/aws-cdk/lib/api/deploy-stack.ts | 4 +++- .../cloudformation/stack-activity-monitor.ts | 2 +- .../test/api/stack-activity-monitor.test.ts | 20 +++++++++---------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 988848e8f8f0b..cc425a73c7d0f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -16,9 +16,9 @@ let us know if it's not up-to-date (even better, submit a PR with your correcti - [Getting Started](#getting-started) - [Pull Requests](#pull-requests) - [Step 1: Find something to work on](#step-1-find-something-to-work-on) - - [Step 2: Design (optional)](#step-2-design-optional) + - [Step 2: Design (optional)](#step-2-design) - [Step 3: Work your Magic](#step-3-work-your-magic) - - [Step 4: Pull Request](#step-5-pull-request) + - [Step 4: Pull Request](#step-4-pull-request) - [Step 5: Merge](#step-5-merge) - [Breaking Changes](#breaking-changes) - [Documentation](#documentation) diff --git a/packages/aws-cdk/lib/api/deploy-stack.ts b/packages/aws-cdk/lib/api/deploy-stack.ts index a889e0c802fc4..4888d639ff394 100644 --- a/packages/aws-cdk/lib/api/deploy-stack.ts +++ b/packages/aws-cdk/lib/api/deploy-stack.ts @@ -340,8 +340,10 @@ async function prepareAndExecuteChangeSet( await cfn.executeChangeSet({ StackName: deployName, ChangeSetName: changeSetName, ...disableRollback }).promise(); // eslint-disable-next-line max-len + const changeSetLength: number = (changeSetDescription.Changes ?? []).length; const monitor = options.quiet ? undefined : StackActivityMonitor.withDefaultPrinter(cfn, deployName, stackArtifact, { - resourcesTotal: (changeSetDescription.Changes ?? []).length, + // +1 for the extra event emitted from updates. + resourcesTotal: cloudFormationStack.exists ? changeSetLength + 1 : changeSetLength, progress: options.progress, changeSetCreationTime: changeSetDescription.CreationTime, }).start(); diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts index 98277d3339fa1..73075a41fee27 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts @@ -524,7 +524,7 @@ export class HistoryActivityPrinter extends ActivityPrinterBase { this.stream.write( util.format( ' %s%s | %s | %s | %s %s%s%s\n', - (progress !== false ? ` ${this.progress()} |` : ''), + (progress !== false ? ` ${this.progress()} | ` : ''), new Date(e.Timestamp).toLocaleTimeString(), color(padRight(STATUS_WIDTH, (e.ResourceStatus || '').substr(0, STATUS_WIDTH))), // pad left and trim padRight(this.props.resourceTypeColumnWidth, e.ResourceType || ''), diff --git a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts index 7a1037581c94e..c76ddda1ceb00 100644 --- a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts +++ b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts @@ -32,7 +32,7 @@ test('prints 0/4 progress report, when addActivity is called with an "IN_PROGRES }); }); - expect(output[0].trim()).toStrictEqual(`0/4 |${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`0/4 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); }); test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COMPLETE" ResourceStatus', () => { @@ -56,7 +56,7 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM }); }); - expect(output[0].trim()).toStrictEqual(`1/4 |${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); }); test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COMPLETE_CLEAN_IN_PROGRESS" ResourceStatus', () => { @@ -80,7 +80,7 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM }); }); - expect(output[0].trim()).toStrictEqual(`1/4 |${HUMAN_TIME} | ${green('UPDATE_COMPLETE_CLEA')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE_CLEA')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); }); @@ -105,7 +105,7 @@ test('prints 1/4 progress report, when addActivity is called with an "ROLLBACK_C }); }); - expect(output[0].trim()).toStrictEqual(`1/4 |${HUMAN_TIME} | ${yellow('ROLLBACK_COMPLETE_CL')} | AWS::CloudFormation::Stack | ${yellow(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${yellow('ROLLBACK_COMPLETE_CL')} | AWS::CloudFormation::Stack | ${yellow(bold('stack1'))}`); }); test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAILED" ResourceStatus', () => { @@ -129,7 +129,7 @@ test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAI }); }); - expect(output[0].trim()).toStrictEqual(`0/4 |${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`0/4 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); }); @@ -178,9 +178,9 @@ test('does not print "Failed Resources:" list, when all deployments are successf }); expect(output.length).toStrictEqual(3); - expect(output[0].trim()).toStrictEqual(`0/2 |${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); - expect(output[1].trim()).toStrictEqual(`1/2 |${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); - expect(output[2].trim()).toStrictEqual(`2/2 |${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack2'))}`); + expect(output[0].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[1].trim()).toStrictEqual(`1/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[2].trim()).toStrictEqual(`2/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack2'))}`); }); test('prints "Failed Resources:" list, when at least one deployment fails', () => { @@ -217,8 +217,8 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = }); expect(output.length).toStrictEqual(4); - expect(output[0].trim()).toStrictEqual(`0/2 |${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); - expect(output[1].trim()).toStrictEqual(`0/2 |${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[1].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); expect(output[2].trim()).toStrictEqual('Failed resources:'); expect(output[3].trim()).toStrictEqual(`${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); }); From 5c69c941bc5e7284f5873110e7c7c86cdeba42fb Mon Sep 17 00:00:00 2001 From: Julian Michel Date: Mon, 4 Oct 2021 15:35:46 +0200 Subject: [PATCH 10/43] fix(iam): `User.fromUserArn` does not work for ARNs that include a path (#16269) If a IAM user has a path, the ARN contains the path, e.g. `arn:aws:iam::account-id:user/path/MyUserName`. Method `User.fromUserArn` parses this ARN to `userName`: `path/MyUserName`. The path is not removed correctly. The correct username would be `MyUserName`. This PR changes the parsing of property `userName` to remove the path correctly. The logic is implemented according to [iam.Role](https://github.com/aws/aws-cdk/blob/d5ca419448e84f0cbb25dbd90d48fb4c407ede5c/packages/%40aws-cdk/aws-iam/lib/role.ts#L191-L194) where a similar conversion is necessary to support service roles. Fixes #16256. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-iam/lib/user.ts | 11 ++- .../aws-iam/test/integ.user.expected.json | 12 +++ packages/@aws-cdk/aws-iam/test/integ.user.ts | 12 +++ packages/@aws-cdk/aws-iam/test/user.test.ts | 82 ++++++++++++++++++- 4 files changed, 115 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-iam/lib/user.ts b/packages/@aws-cdk/aws-iam/lib/user.ts index 4874e84f791df..47be80bf7b0ee 100644 --- a/packages/@aws-cdk/aws-iam/lib/user.ts +++ b/packages/@aws-cdk/aws-iam/lib/user.ts @@ -156,6 +156,9 @@ export class User extends Resource implements IIdentity, IUser { /** * Import an existing user given a user ARN. * + * If the ARN comes from a Token, the User cannot have a path; if so, any attempt + * to reference its username will fail. + * * @param scope construct scope * @param id construct id * @param userArn the ARN of an existing user to import @@ -167,6 +170,9 @@ export class User extends Resource implements IIdentity, IUser { /** * Import an existing user given user attributes. * + * If the ARN comes from a Token, the User cannot have a path; if so, any attempt + * to reference its username will fail. + * * @param scope construct scope * @param id construct id * @param attrs the attributes of the user to import @@ -175,7 +181,10 @@ export class User extends Resource implements IIdentity, IUser { class Import extends Resource implements IUser { public readonly grantPrincipal: IPrincipal = this; public readonly principalAccount = Aws.ACCOUNT_ID; - public readonly userName: string = Arn.extractResourceName(attrs.userArn, 'user'); + // Resource name with path can have multiple elements separated by slash. + // Therefore, use element after last slash as userName. Happens to work for Tokens since + // they don't have a '/' in them. + public readonly userName: string = Arn.extractResourceName(attrs.userArn, 'user').split('/').pop()!; public readonly userArn: string = attrs.userArn; public readonly assumeRoleAction: string = 'sts:AssumeRole'; public readonly policyFragment: PrincipalPolicyFragment = new ArnPrincipal(attrs.userArn).policyFragment; diff --git a/packages/@aws-cdk/aws-iam/test/integ.user.expected.json b/packages/@aws-cdk/aws-iam/test/integ.user.expected.json index a57b3db4c6f32..648d9de3e9107 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.user.expected.json +++ b/packages/@aws-cdk/aws-iam/test/integ.user.expected.json @@ -15,9 +15,21 @@ "NameForUserImportedByArn": { "Value": "rossrhodes" }, + "NameForUserImportedByArnPath": { + "Value": "johndoe" + }, + "NameForUserImportedByArnPathMultiple": { + "Value": "johndoe" + }, "NameForUserImportedByAttributes": { "Value": "johndoe" }, + "NameForUserImportedByAttributesPath": { + "Value": "johndoe" + }, + "NameForUserImportedByAttributesPathMultiple": { + "Value": "johndoe" + }, "NameForUserImportedByName": { "Value": "janedoe" } diff --git a/packages/@aws-cdk/aws-iam/test/integ.user.ts b/packages/@aws-cdk/aws-iam/test/integ.user.ts index 7f8d00695742c..c2e196b6af5bc 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.user.ts +++ b/packages/@aws-cdk/aws-iam/test/integ.user.ts @@ -12,13 +12,25 @@ new User(stack, 'MyUser', { }); const userImportedByArn = User.fromUserArn(stack, 'ImportedUserByArn', 'arn:aws:iam::123456789012:user/rossrhodes'); +const userImportedByArnWithPath = User.fromUserArn(stack, 'ImportedUserByArnPath', 'arn:aws:iam::123456789012:user/path/johndoe'); +const userImportedByArnPathMultiple = User.fromUserArn(stack, 'ImportedUserByArnPathMultiple', 'arn:aws:iam::123456789012:user/p/a/t/h/johndoe'); const userImportedByAttributes = User.fromUserAttributes(stack, 'ImportedUserByAttributes', { userArn: 'arn:aws:iam::123456789012:user/johndoe', }); +const userImportedByAttributesPath = User.fromUserAttributes(stack, 'ImportedUserByAttributesPath', { + userArn: 'arn:aws:iam::123456789012:user/path/johndoe', +}); +const userImportedByAttributesPathMultiple = User.fromUserAttributes(stack, 'ImportedUserByAttributesPathMultiple', { + userArn: 'arn:aws:iam::123456789012:user/p/a/t/h/johndoe', +}); const userImportedByName = User.fromUserName(stack, 'ImportedUserByName', 'janedoe'); new CfnOutput(stack, 'NameForUserImportedByArn', { value: userImportedByArn.userName }); +new CfnOutput(stack, 'NameForUserImportedByArnPath', { value: userImportedByArnWithPath.userName }); +new CfnOutput(stack, 'NameForUserImportedByArnPathMultiple', { value: userImportedByArnPathMultiple.userName }); new CfnOutput(stack, 'NameForUserImportedByAttributes', { value: userImportedByAttributes.userName }); +new CfnOutput(stack, 'NameForUserImportedByAttributesPath', { value: userImportedByAttributesPath.userName }); +new CfnOutput(stack, 'NameForUserImportedByAttributesPathMultiple', { value: userImportedByAttributesPathMultiple.userName }); new CfnOutput(stack, 'NameForUserImportedByName', { value: userImportedByName.userName }); app.synth(); diff --git a/packages/@aws-cdk/aws-iam/test/user.test.ts b/packages/@aws-cdk/aws-iam/test/user.test.ts index 5cc42ae015619..d7435b08cbf24 100644 --- a/packages/@aws-cdk/aws-iam/test/user.test.ts +++ b/packages/@aws-cdk/aws-iam/test/user.test.ts @@ -1,5 +1,5 @@ import '@aws-cdk/assert-internal/jest'; -import { App, SecretValue, Stack } from '@aws-cdk/core'; +import { App, SecretValue, Stack, Token } from '@aws-cdk/core'; import { Group, ManagedPolicy, Policy, PolicyStatement, User } from '../lib'; describe('IAM user', () => { @@ -106,6 +106,58 @@ describe('IAM user', () => { expect(stack.resolve(user.userName)).toStrictEqual(userName); }); + test('user imported by tokenized user ARN has a name', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const user = User.fromUserArn(stack, 'import', Token.asString({ Ref: 'ARN' })); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual({ + 'Fn::Select': [1, { 'Fn::Split': [':user/', { Ref: 'ARN' }] }], + }); + }); + + test('user imported by user ARN with path', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserArn(stack, 'import', `arn:aws:iam::account-id:user/path/${userName}`); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + + test('user imported by user ARN with path (multiple elements)', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserArn(stack, 'import', `arn:aws:iam::account-id:user/p/a/t/h/${userName}`); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + + test('user imported by tokenized user attributes has a name', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const user = User.fromUserAttributes(stack, 'import', { + userArn: Token.asString({ Ref: 'ARN' }), + }); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual({ + 'Fn::Select': [1, { 'Fn::Split': [':user/', { Ref: 'ARN' }] }], + }); + }); + test('user imported by user attributes has a name', () => { // GIVEN const stack = new Stack(); @@ -120,6 +172,34 @@ describe('IAM user', () => { expect(stack.resolve(user.userName)).toStrictEqual(userName); }); + test('user imported by user attributes with path has a name', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserAttributes(stack, 'import', { + userArn: `arn:aws:iam::account-id:user/path/${userName}`, + }); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + + test('user imported by user attributes with path (multiple elements) has a name', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserAttributes(stack, 'import', { + userArn: `arn:aws:iam::account-id:user/p/a/t/h/${userName}`, + }); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + test('add to policy of imported user', () => { // GIVEN const stack = new Stack(); From 21836f249395045a4a697fbfe553fe17e1c5e6a1 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Mon, 4 Oct 2021 17:26:13 +0200 Subject: [PATCH 11/43] fix(s3): setting `autoDeleteObjects` to `false` empties the bucket (#16756) This was caused by the Custom Resource--which had previously been deployed when `autoDeleteObjects: true`--being removed when `autoDeleteObjects` is flipped off again. The custom resource would indiscriminately empty the bucket as it was being deleted. Fix by tagging the bucket to confirm that it needs to be emptied. If any deployment removes the CR but keeps the bucket, the ordering of CloudFormation updates will make sure that the untagging happens before the CR gets activated, thereby saving the bucket contents. Fixes #16603. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- docs/CLOUDFORMATION.md | 188 ++++++++++++++++++ .../test/integ.s3-bucket.lit.expected.json | 34 +++- packages/@aws-cdk/aws-s3/README.md | 11 +- .../lib/auto-delete-objects-handler/index.ts | 19 ++ packages/@aws-cdk/aws-s3/lib/bucket.ts | 19 +- .../test/auto-delete-objects-handler.test.ts | 89 +++++++-- ...g.bucket-auto-delete-objects.expected.json | 44 ++-- .../test/integ.bucket-auto-delete-objects.ts | 1 + .../aws-s3/test/put-objects-handler/index.ts | 3 + 9 files changed, 356 insertions(+), 52 deletions(-) create mode 100644 docs/CLOUDFORMATION.md diff --git a/docs/CLOUDFORMATION.md b/docs/CLOUDFORMATION.md new file mode 100644 index 0000000000000..726ec4e423ab5 --- /dev/null +++ b/docs/CLOUDFORMATION.md @@ -0,0 +1,188 @@ +# CloudFormation internals + +This is documenting CloudFormation internals, that may come in useful when developing +custom resources, working on the CLI or debugging CloudFormation operations. + +If you are a user of the CDK, you do not need to read this (except maybe out of interest). + +## CloudFormation stack lifecycle + +This shows the states a CloudFormation stack goes through in its lifetime. + +For the `_IN_PROGRESS` states, the letter `[C,U,D]` indicates whether in that +state resource `Creates`, `Updates` or `Deletes` are performed. + +`GetTemplate` will return: + +- For `Creates`: the template that we are creating. During rollback of a `Create`, it + will show the template that failed to create. +- For `Updates`: during the roll-forward it will return the template we are updating + to. During rollback, it will show the template we are rolling back to. + +```text + ╔══════════════════╗ + β•‘ β•‘ + β•‘ ║──────────────────┐ + β•‘ β•‘ β–Ό + β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” + β”‚ β”‚ β”‚ + β”‚ β”‚ REVIEW_IN_PROGRESS β”‚ + β”‚ β”‚ β”‚ + β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ β”‚ + β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β–Ό + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” ╔════════════════════╗ + β”‚ β”‚ β”‚ β”‚ β•‘ β•‘ + β”‚ CREATE_IN_PROGRESS │─────▢│ROLLBACK_IN_PROGRESS │──┬───▢║ CREATE_FAILED β•‘ + β”‚ [C] β”‚ β”‚ [D] β”‚ β”‚ β•‘ β•‘ + β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• + β”‚ β–Ό + β”‚ ╔════════════════════╗ + β”‚ β•‘ β•‘ + β”‚ β•‘ ROLLBACK_FAILED β•‘ + β”‚ β•‘ β•‘ + β–Ό β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• + ╔═════════════════════════╗ + β•‘ CREATE_COMPLETE β•‘ +β”Œβ”€β”€β•‘ UPDATE_COMPLETE ║◀─────────────────────────────────┬─────────────────┐ +β”‚ β•‘UPDATE_ROLLBACK_COMPLETE β•‘ β”‚ β”‚ +β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β”‚ β”‚ +β”‚ β”‚ β”‚ β”‚ +β”‚ β”‚ β”‚ β”‚ +β”‚ β–Ό β”‚ β”‚ +β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ +β”‚ β”‚ β”‚ β”‚ UPDATE_COMPLETE_ β”‚ β”‚ +β”‚ β”‚ UPDATE_IN_PROGRESS │─────────────────────────▢│CLEANUP_IN_PROGRESS β”‚ β”‚ +β”‚ β”‚ [C,U] β”‚ β”‚ [D] β”‚ β”‚ +β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜β—€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ β”‚ β”‚ β”‚ +β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ +β”‚ β”‚ β–Ό β”‚ β”‚ +β”‚ β”‚ ╔════════════════════╗ β”‚ β”‚ +β”‚ β”‚ β•‘ (no-rollback) β•‘ β”‚ β”‚ +β”‚ β”‚ β•‘ UPDATE_FAILED β•‘β”€β”€β”˜ β”‚ +β”‚ β”‚ β•‘ β•‘ β”‚ +β”‚ β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β”‚ +β”‚ β”‚ β”‚ β”‚ +β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ β–Ό β”‚ +β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ +β”‚ β”‚ UPDATE_ROLLBACK_ β”‚ β”‚ UPDATE_ROLLBACK_COMPLETE_ β”‚ β”‚ +β”‚ β”‚ IN_PROGRESS │────────────────────▢│ CLEANUP_IN_PROGRESS β”‚β”€β”€β”˜ +β”‚ β”‚ [U] β”‚ β”‚ [D] β”‚ +β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +β”‚ β”‚ β–² +β”‚ β–Ό β”‚ +β”‚ ╔════════════════════╗ +β”‚ β•‘ UPDATE_ROLLBACK_ β•‘ +β”‚ β•‘ FAILED β•‘ +β”‚ β•‘ β•‘ +β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• +β”‚ β”‚ +β”‚ β”‚ +β”‚ β–Ό +β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” ╔════════════════════╗ +β”‚ β”‚ DELETE_IN_PROGRESS β”‚ β•‘ β•‘ +└───▢│ [D] │───────▢║ DELETE_FAILED β•‘ + β”‚ β”‚ β•‘ β•‘ + β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• + β”‚ + β”‚ + β–Ό + ╔════════════════════╗ + β•‘ β•‘ + β•‘ DELETE_COMPLETE β•‘ + β•‘ β•‘ + β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• +``` + +### Rollbacks + +When rolling back: + +* `ROLLBACK_IN_PROGRESS` will exclusively do deletes. +* `UPDATE_ROLLBACK_IN_PROGRESS` will do updates, + `UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS` will do deletes, including for + resources that got created in this update. + +## Resource lifecycle + +Below shows the lifecycle of single resource. + +Of note is that `CREATE_FAILED` and `UPDATE_FAILED` are not stable states. They will +be immediately followed by delete and an update back to the original state, respectively. + +(We have yet to research what happens when a rollback update fails). + +```text + ╔════════════════════════╗ + β•‘ β•‘ + β•‘ β•‘ + β•‘ β•‘ + β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• + β”‚ + β”‚ + β–Ό + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” + β”‚ β”‚ β”‚ β”‚ + β”‚ CREATE_IN_PROGRESS │─────────────▢│ CREATE_FAILED │──┐ + β”‚ β”‚ β”‚ β”‚ β”‚ + β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ + β”‚ β”‚ + β”‚ β”‚ + β–Ό β”‚ + ╔═════════════════════════╗ β”‚ + β•‘ β•‘ β”‚ + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β•‘ CREATE_COMPLETE β•‘ β”‚ + β”‚ β•‘ β•‘ β”‚ + β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β”‚ + β”‚ β”‚ β”‚ + β”‚ β”‚ custom resource β”‚ + β”‚ β–Ό rollback β”‚ + β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”β—€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”‚ β”‚ β”‚ β”‚ β”‚ + β”‚ β”‚ UPDATE_IN_PROGRESS │──────────────────────┐ β”‚ β”‚ + β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ + β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ + β”‚ β”‚ β”‚ β”‚ β”‚ + β”‚ β”‚ β”‚ β”‚ β”‚ + β”‚ β–Ό β–Ό β”‚ β”‚ + β”‚ ╔═════════════════════════╗ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”‚ β•‘ β•‘ β”‚ β”‚ β”‚ + β”‚ β•‘ UPDATE_COMPLETE ║◀────────│ UPDATE_FAILED β”‚ β”‚ + β”‚ β•‘ β•‘ no-op β”‚ β”‚ β”‚ + β”‚ β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• rollbackβ””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ + β”‚ β”‚ β”‚ + └─────────────────────────── β”‚ + β”‚ β”‚ + β–Ό β”‚ + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”‚ β”‚ β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Άβ”‚ DELETE_IN_PROGRESS │◀───────────────────────────────────── +β”‚ β”‚ β”‚ β”‚ +β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ β”‚ β”‚ +β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ +β”‚ β”‚ β”‚ β”‚ β”‚ +β”‚ β–Ό β–Ό β–Ό β”‚ +╔═════════════════════════╗ ╔═════════════════════════╗ ╔═════════════════════════╗ β”‚ +β•‘ β•‘ β•‘ β•‘ β•‘ β•‘ β”‚ +β•‘ DELETE_FAILED β•‘ β•‘ DELETE_SKIPPED β•‘ β•‘ DELETE_COMPLETE β•‘β—€β”€β”˜ +β•‘ β•‘ β•‘ β•‘ β•‘ β•‘ +β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β• +``` + +### Custom Resources + +- A custom resource is updated whenever any of its properties change. It is not + re-executed when its source code changes. +- Boolean properties are stringified. `true` and `false` in `Properties` are turned + into `"true"` and `"false"`. +- When releasing a new version of a custom resource, be aware that you may still + get properties from any of its previous versions. +- If you return a different PhysicalId from a custom resource during an Update, + CloudFormation will send a `Delete` of the previous PhysicalId during + cleanup. +- If an `Update` fails, CloudFormation will trigger a second `Update` during rollback. + The rollback update will have `ResourceProperties=OLD` and `OldResourceProperties=NEW`. \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/integ.s3-bucket.lit.expected.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/integ.s3-bucket.lit.expected.json index ba6e2aecacda8..5ae3347a50989 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/integ.s3-bucket.lit.expected.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/integ.s3-bucket.lit.expected.json @@ -2,6 +2,14 @@ "Resources": { "Bucket83908E77": { "Type": "AWS::S3::Bucket", + "Properties": { + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ] + }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -102,7 +110,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3BucketD715D8B0" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3Bucket4673BB1A" }, "S3Key": { "Fn::Join": [ @@ -115,7 +123,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510" } ] } @@ -128,7 +136,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510" } ] } @@ -167,6 +175,14 @@ }, "BackupBucket26B8E51C": { "Type": "AWS::S3::Bucket", + "Properties": { + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ] + }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -751,17 +767,17 @@ } }, "Parameters": { - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3BucketD715D8B0": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3Bucket4673BB1A": { "Type": "String", - "Description": "S3 bucket for asset \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "S3 bucket for asset \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510": { "Type": "String", - "Description": "S3 key for asset version \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "S3 key for asset version \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9ArtifactHash9AE3702B": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9ArtifactHashBD621721": { "Type": "String", - "Description": "Artifact hash for asset \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "Artifact hash for asset \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, "AssetParameters5ee078f2a1957fe672d6cfd84faf49e07b8460758b5cd2669b3df1212a14cd19S3BucketFEDDFB43": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3/README.md b/packages/@aws-cdk/aws-s3/README.md index 3470a526ded88..cd573f4c167e1 100644 --- a/packages/@aws-cdk/aws-s3/README.md +++ b/packages/@aws-cdk/aws-s3/README.md @@ -99,7 +99,7 @@ const result = bucket.addToResourcePolicy(new iam.PolicyStatement({ })); ``` -If you try to add a policy statement to an existing bucket, this method will +If you try to add a policy statement to an existing bucket, this method will not do anything: ```ts @@ -111,8 +111,8 @@ const result = bucket.addToResourcePolicy(new iam.PolicyStatement({ })); ``` -That's because it's not possible to tell whether the bucket -already has a policy attached, let alone to re-use that policy to add more +That's because it's not possible to tell whether the bucket +already has a policy attached, let alone to re-use that policy to add more statements to it. We recommend that you always check the result of the call: ```ts @@ -445,3 +445,8 @@ const bucket = new Bucket(this, 'MyTempFileBucket', { autoDeleteObjects: true, }); ``` + +**Warning** if you have deployed a bucket with `autoDeleteObjects: true`, +switching this to `false` in a CDK version *before* `1.126.0` will lead to all +objects in the bucket being deleted. Be sure to update to version `1.126.0` or +later before switching this value to `false`. diff --git a/packages/@aws-cdk/aws-s3/lib/auto-delete-objects-handler/index.ts b/packages/@aws-cdk/aws-s3/lib/auto-delete-objects-handler/index.ts index f431aacf3fca2..fed602825c6a0 100644 --- a/packages/@aws-cdk/aws-s3/lib/auto-delete-objects-handler/index.ts +++ b/packages/@aws-cdk/aws-s3/lib/auto-delete-objects-handler/index.ts @@ -1,6 +1,8 @@ // eslint-disable-next-line import/no-extraneous-dependencies import { S3 } from 'aws-sdk'; +const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; + const s3 = new S3(); export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { @@ -52,5 +54,22 @@ async function onDelete(bucketName?: string) { if (!bucketName) { throw new Error('No BucketName was provided.'); } + if (!await isBucketTaggedForDeletion(bucketName)) { + process.stdout.write(`Bucket does not have '${AUTO_DELETE_OBJECTS_TAG}' tag, skipping cleaning.\n`); + return; + } await emptyBucket(bucketName); } + +/** + * The bucket will only be tagged for deletion if it's being deleted in the same + * deployment as this Custom Resource. + * + * If the Custom Resource is every deleted before the bucket, it must be because + * `autoDeleteObjects` has been switched to false, in which case the tag would have + * been removed before we get to this Delete event. + */ +async function isBucketTaggedForDeletion(bucketName: string) { + const response = await s3.getBucketTagging({ Bucket: bucketName }).promise(); + return response.TagSet.some(tag => tag.Key === AUTO_DELETE_OBJECTS_TAG && tag.Value === 'true'); +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index 970710c9a3dc4..1da58cd3db260 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -5,7 +5,7 @@ import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import { Fn, IResource, Lazy, RemovalPolicy, Resource, ResourceProps, Stack, Token, - CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, FeatureFlags, + CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, FeatureFlags, Tags, } from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; @@ -18,6 +18,7 @@ import { CfnBucket } from './s3.generated'; import { parseBucketArn, parseBucketName } from './util'; const AUTO_DELETE_OBJECTS_RESOURCE_TYPE = 'Custom::S3AutoDeleteObjects'; +const AUTO_DELETE_OBJECTS_TAG = 'aws-cdk:auto-delete-objects'; export interface IBucket extends IResource { /** @@ -460,7 +461,7 @@ export abstract class BucketBase extends Resource implements IBucket { * Indicates if a bucket resource policy should automatically created upon * the first call to `addToResourcePolicy`. */ - protected abstract autoCreatePolicy = false; + protected abstract autoCreatePolicy: boolean; /** * Whether to disallow public access @@ -1228,6 +1229,11 @@ export interface BucketProps { * * Requires the `removalPolicy` to be set to `RemovalPolicy.DESTROY`. * + * **Warning** if you have deployed a bucket with `autoDeleteObjects: true`, + * switching this to `false` in a CDK version *before* `1.126.0` will lead to + * all objects in the bucket being deleted. Be sure to update to version `1.126.0` + * or later before switching this value to `false`. + * * @default false */ readonly autoDeleteObjects?: boolean; @@ -1443,6 +1449,7 @@ export class Bucket extends BucketBase { private readonly metrics: BucketMetrics[] = []; private readonly cors: CorsRule[] = []; private readonly inventories: Inventory[] = []; + private readonly _resource: CfnBucket; constructor(scope: Construct, id: string, props: BucketProps = {}) { super(scope, id, { @@ -1470,6 +1477,7 @@ export class Bucket extends BucketBase { inventoryConfigurations: Lazy.any({ produce: () => this.parseInventoryConfiguration() }), ownershipControls: this.parseOwnershipControls(props), }); + this._resource = resource; resource.applyRemovalPolicy(props.removalPolicy); @@ -1943,6 +1951,13 @@ export class Bucket extends BucketBase { if (this.policy) { customResource.node.addDependency(this.policy); } + + // We also tag the bucket to record the fact that we want it autodeleted. + // The custom resource will check this tag before actually doing the delete. + // Because tagging and untagging will ALWAYS happen before the CR is deleted, + // we can set `autoDeleteObjects: false` without the removal of the CR emptying + // the bucket as a side effect. + Tags.of(this._resource).add(AUTO_DELETE_OBJECTS_TAG, 'true'); } } diff --git a/packages/@aws-cdk/aws-s3/test/auto-delete-objects-handler.test.ts b/packages/@aws-cdk/aws-s3/test/auto-delete-objects-handler.test.ts index b09b9e5e4f5b3..51cc65b3d5466 100644 --- a/packages/@aws-cdk/aws-s3/test/auto-delete-objects-handler.test.ts +++ b/packages/@aws-cdk/aws-s3/test/auto-delete-objects-handler.test.ts @@ -1,6 +1,7 @@ const mockS3Client = { - listObjectVersions: jest.fn().mockReturnThis(), - deleteObjects: jest.fn().mockReturnThis(), + listObjectVersions: jest.fn(), + deleteObjects: jest.fn(), + getBucketTagging: jest.fn(), promise: jest.fn(), }; @@ -13,6 +14,7 @@ jest.mock('aws-sdk', () => { beforeEach(() => { mockS3Client.listObjectVersions.mockReturnThis(); mockS3Client.deleteObjects.mockReturnThis(); + givenTaggedForDeletion(); }); afterEach(() => { @@ -119,7 +121,7 @@ test('does nothing on update event when the new resource properties are absent', test('deletes all objects when the name changes on update event', async () => { // GIVEN - mockS3Client.promise.mockResolvedValue({ // listObjectVersions() call + mockAwsPromise(mockS3Client.listObjectVersions, { Versions: [ { Key: 'Key1', VersionId: 'VersionId1' }, { Key: 'Key2', VersionId: 'VersionId2' }, @@ -158,7 +160,7 @@ test('deletes all objects when the name changes on update event', async () => { test('deletes no objects on delete event when bucket has no objects', async () => { // GIVEN - mockS3Client.promise.mockResolvedValue({ Versions: [] }); // listObjectVersions() call + mockAwsPromise(mockS3Client.listObjectVersions, { Versions: [] }); // WHEN const event: Partial = { @@ -178,7 +180,7 @@ test('deletes no objects on delete event when bucket has no objects', async () = test('deletes all objects on delete event', async () => { // GIVEN - mockS3Client.promise.mockResolvedValue({ // listObjectVersions() call + mockAwsPromise(mockS3Client.listObjectVersions, { Versions: [ { Key: 'Key1', VersionId: 'VersionId1' }, { Key: 'Key2', VersionId: 'VersionId2' }, @@ -210,23 +212,46 @@ test('deletes all objects on delete event', async () => { }); }); +test('does not empty bucket if it is not tagged', async () => { + // GIVEN + givenNotTaggedForDeletion(); + mockAwsPromise(mockS3Client.listObjectVersions, { + Versions: [ + { Key: 'Key1', VersionId: 'VersionId1' }, + { Key: 'Key2', VersionId: 'VersionId2' }, + ], + }); + + // WHEN + const event: Partial = { + RequestType: 'Delete', + ResourceProperties: { + ServiceToken: 'Foo', + BucketName: 'MyBucket', + }, + }; + await invokeHandler(event); + + // THEN + expect(mockS3Client.listObjectVersions).not.toHaveBeenCalled(); +}); + test('delete event where bucket has many objects does recurse appropriately', async () => { // GIVEN - mockS3Client.promise // listObjectVersions() call - .mockResolvedValueOnce({ - Versions: [ - { Key: 'Key1', VersionId: 'VersionId1' }, - { Key: 'Key2', VersionId: 'VersionId2' }, - ], - IsTruncated: true, - }) - .mockResolvedValueOnce(undefined) // deleteObjects() call - .mockResolvedValueOnce({ // listObjectVersions() call - Versions: [ - { Key: 'Key3', VersionId: 'VersionId3' }, - { Key: 'Key4', VersionId: 'VersionId4' }, - ], - }); + mockAwsPromise(mockS3Client.listObjectVersions, { + Versions: [ + { Key: 'Key1', VersionId: 'VersionId1' }, + { Key: 'Key2', VersionId: 'VersionId2' }, + ], + IsTruncated: true, + }, 'once'); + mockAwsPromise(mockS3Client.listObjectVersions, { + Versions: [ + { Key: 'Key3', VersionId: 'VersionId3' }, + { Key: 'Key4', VersionId: 'VersionId4' }, + ], + }, 'once'); + mockAwsPromise(mockS3Client.deleteObjects, {}); // WHEN const event: Partial = { @@ -267,3 +292,27 @@ test('delete event where bucket has many objects does recurse appropriately', as async function invokeHandler(event: Partial) { return handler(event as AWSLambda.CloudFormationCustomResourceEvent); } + +function mockAwsPromise(fn: jest.Mock, value: A, when: 'once' | 'always' = 'always') { + (when === 'always' ? fn.mockReturnValue : fn.mockReturnValueOnce).call(fn, { + promise: () => value, + }); +} + +function givenTaggedForDeletion() { + mockAwsPromise(mockS3Client.getBucketTagging, { + TagSet: [ + { + Key: 'aws-cdk:auto-delete-objects', + Value: 'true', + }, + ], + + }); +} + +function givenNotTaggedForDeletion() { + mockAwsPromise(mockS3Client.getBucketTagging, { + TagSet: [], + }); +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.expected.json b/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.expected.json index 6623d9d3e7a8c..7a935337c08b2 100644 --- a/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.expected.json +++ b/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.expected.json @@ -2,6 +2,14 @@ "Resources": { "Bucket83908E77": { "Type": "AWS::S3::Bucket", + "Properties": { + "Tags": [ + { + "Key": "aws-cdk:auto-delete-objects", + "Value": "true" + } + ] + }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -102,7 +110,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3BucketD715D8B0" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3Bucket4673BB1A" }, "S3Key": { "Fn::Join": [ @@ -115,7 +123,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510" } ] } @@ -128,7 +136,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C" + "Ref": "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510" } ] } @@ -220,7 +228,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653S3BucketDB5FAF47" + "Ref": "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfS3BucketE1985B35" }, "S3Key": { "Fn::Join": [ @@ -233,7 +241,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653S3VersionKey9809F0E6" + "Ref": "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfS3VersionKey610C6DE2" } ] } @@ -246,7 +254,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653S3VersionKey9809F0E6" + "Ref": "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfS3VersionKey610C6DE2" } ] } @@ -289,29 +297,29 @@ } }, "Parameters": { - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3BucketD715D8B0": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3Bucket4673BB1A": { "Type": "String", - "Description": "S3 bucket for asset \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "S3 bucket for asset \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9S3VersionKey6E76822C": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9S3VersionKey46E40510": { "Type": "String", - "Description": "S3 key for asset version \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "S3 key for asset version \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, - "AssetParametersfe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9ArtifactHash9AE3702B": { + "AssetParameters3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9ArtifactHashBD621721": { "Type": "String", - "Description": "Artifact hash for asset \"fe5df38824187483182e1459db47adfae2a515aa4caedd437fc4033a0c5b3de9\"" + "Description": "Artifact hash for asset \"3993fb4cd942505a050d08b09d5444e14c265cf9cd0fb8b0c5f621446b6cead9\"" }, - "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653S3BucketDB5FAF47": { + "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfS3BucketE1985B35": { "Type": "String", - "Description": "S3 bucket for asset \"f7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653\"" + "Description": "S3 bucket for asset \"618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abf\"" }, - "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653S3VersionKey9809F0E6": { + "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfS3VersionKey610C6DE2": { "Type": "String", - "Description": "S3 key for asset version \"f7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653\"" + "Description": "S3 key for asset version \"618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abf\"" }, - "AssetParametersf7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653ArtifactHash7CDE16B1": { + "AssetParameters618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abfArtifactHash467DFC33": { "Type": "String", - "Description": "Artifact hash for asset \"f7ee44e9b6217d201200d9abd42c6493b0b11e86be8a7f36163c3ea049c54653\"" + "Description": "Artifact hash for asset \"618bbe9863c0edd5c4ca2e24b5063762f020fafec018cd06f57e2bd9f2f48abf\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.ts b/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.ts index 8052dd340d888..e89e12c83eeb9 100644 --- a/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.ts +++ b/packages/@aws-cdk/aws-s3/test/integ.bucket-auto-delete-objects.ts @@ -1,3 +1,4 @@ +/// !cdk-integ pragma:ignore-assets import * as path from 'path'; import { App, CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, RemovalPolicy, Stack, StackProps } from '@aws-cdk/core'; import { Construct } from 'constructs'; diff --git a/packages/@aws-cdk/aws-s3/test/put-objects-handler/index.ts b/packages/@aws-cdk/aws-s3/test/put-objects-handler/index.ts index d4137760eb591..4a392db00cb66 100644 --- a/packages/@aws-cdk/aws-s3/test/put-objects-handler/index.ts +++ b/packages/@aws-cdk/aws-s3/test/put-objects-handler/index.ts @@ -6,6 +6,9 @@ const s3 = new S3(); export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent): Promise { switch (event.RequestType) { case 'Create': + if (event.ResourceProperties.Fail) { + throw new Error('Failing on request!'); + } const bucketName = event.ResourceProperties.BucketName; if (!bucketName) { throw new Error('Missing BucketName'); From 89a5ed175608d14c2ee8f28ab4afbbf14a97a7cf Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Tue, 5 Oct 2021 00:25:23 +0100 Subject: [PATCH 12/43] chore(individual-pkg-gen): fix bug in setting alpha package visibility (#16787) The logic to remove the "private" marker for the alpha module `package.json`s was backported to `master` without any change or an appropriate qualifier. This leads to the alpha packages being set to public on `master`, which is not what we want. Rather than introduce v1- and v2-specific logic here, I opted to look at the current package's setting, and swap it. The logic is that if we're publishing `aws-foobar`, we don't want to publish `aws-foobar-alpha`, and vice versa. Also fixed a bug where alpha'ed packages were being re-alpha'ed when transform was run multiple times in local development. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../individual-pkg-gen/transform-packages.ts | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tools/@aws-cdk/individual-pkg-gen/transform-packages.ts b/tools/@aws-cdk/individual-pkg-gen/transform-packages.ts index 9a7f9bbcf5e36..ece10f8262a86 100644 --- a/tools/@aws-cdk/individual-pkg-gen/transform-packages.ts +++ b/tools/@aws-cdk/individual-pkg-gen/transform-packages.ts @@ -130,12 +130,15 @@ function transformPackageJson(pkg: any, source: string, destination: string, alp packageJson.name += '-alpha'; packageJson.repository.directory = `packages/individual-packages/${pkgUnscopedName}`; - // All individual packages are private by default on v2. - // This needs to be removed for the alpha modules to be published. - // However, we should only do this for packages we intend to publish (those with a `publishConfig`) + // All individual packages are public by default on v1, and private by default on v2. + // We need to flip these around, so we don't publish alphas on v1, but *do* on v2. + // We also should only do this for packages we intend to publish (those with a `publishConfig`) if (packageJson.publishConfig) { - packageJson.private = undefined; + packageJson.private = !packageJson.private; packageJson.publishConfig.tag = 'latest'; + if (packageJson.private) { + packageJson.ubergen = { exclude: true }; + } } // disable awslint (some rules are hard-coded to @aws-cdk/core) @@ -278,7 +281,8 @@ function packageIsAlpha(pkg: any): boolean { } // we're only interested in '@aws-cdk/' packages, // and those that are JSII-enabled (so no @aws-cdk/assert) - return pkg.name.startsWith('@aws-cdk/') && !!pkg.get('jsii'); + // Also, don't re-transform already alpha-ed packages + return pkg.name.startsWith('@aws-cdk/') && !!pkg.get('jsii') && !pkg.name.endsWith('-alpha'); } function isRequiredTool(name: string) { From c891478c00360daf21ff1d75c375d7e1ec9073b5 Mon Sep 17 00:00:00 2001 From: Julian Michel Date: Tue, 5 Oct 2021 02:25:56 +0200 Subject: [PATCH 13/43] docs(s3): correct heading levels Object Ownership / Bucket deletion (#16790) In the README file, the chapters `Object Ownership` and `Bucket deletion` are created as subchapter of `The URL for objects`. In my opinion they do not have a relationship to `The URL for objects`. Probably this hierarchy was created by mistake. I would suggest to move chapters `Object Ownership` and `Bucket deletion` to the same hierarchy level than `The URL for objects`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-s3/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-s3/README.md b/packages/@aws-cdk/aws-s3/README.md index cd573f4c167e1..60f97010b9a20 100644 --- a/packages/@aws-cdk/aws-s3/README.md +++ b/packages/@aws-cdk/aws-s3/README.md @@ -402,13 +402,13 @@ bucket.virtualHostedUrlForObject('objectname'); // Virtual Hosted-Style URL bucket.virtualHostedUrlForObject('objectname', { regional: false }); // Virtual Hosted-Style URL but non-regional ``` -### Object Ownership +## Object Ownership You can use the two following properties to specify the bucket [object Ownership]. [object Ownership]: https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html -#### Object writer +### Object writer The Uploading account will own the object. @@ -418,7 +418,7 @@ new s3.Bucket(this, 'MyBucket', { }); ``` -#### Bucket owner preferred +### Bucket owner preferred The bucket owner will own the object if the object is uploaded with the bucket-owner-full-control canned ACL. Without this setting and canned ACL, the object is uploaded and remains owned by the uploading account. @@ -428,7 +428,7 @@ new s3.Bucket(this, 'MyBucket', { }); ``` -### Bucket deletion +## Bucket deletion When a bucket is removed from a stack (or the stack is deleted), the S3 bucket will be removed according to its removal policy (which by default will From 1deea9005656c2f0f25c56e773145b6e0ebcbb1b Mon Sep 17 00:00:00 2001 From: MousaZeidBaker Date: Tue, 5 Oct 2021 03:15:11 +0200 Subject: [PATCH 14/43] feat(stepfunctions-tasks): add step concurrency level to EmrCreateCluster (#15242) Added support for step concurrency when creating EMR clusters through Step Functions. This feature allows users to run multiple steps in parallel on a cluster created through SFN. closes #15223. As a byproduct, adds validation for `releaseLabel` to ensure that it follows the correct format laid out [here](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-stepfunctions-tasks/README.md | 12 ++ .../lib/emr/emr-create-cluster.ts | 46 ++++++++ .../test/emr/emr-create-cluster.test.ts | 106 ++++++++++++++++++ 3 files changed, 164 insertions(+) diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md index 063d058aab8c9..521052e865b0b 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md @@ -644,6 +644,18 @@ new tasks.EmrCreateCluster(this, 'Create Cluster', { }); ``` +If you want to run multiple steps in [parallel](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-concurrent-steps.html), +you can specify the `stepConcurrencyLevel` property. The concurrency range is between 1 +and 256 inclusive, where the default concurrency of 1 means no step concurrency is allowed. +`stepConcurrencyLevel` requires the EMR release label to be 5.28.0 or above. + +```ts +new tasks.EmrCreateCluster(this, 'Create Cluster', { + // ... + stepConcurrencyLevel: 10, +}); +``` + ### Termination Protection Locks a cluster (job flow) so the EC2 instances in the cluster cannot be diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts index bfb3d94e28b5c..4cac7c7180bde 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts @@ -130,6 +130,16 @@ export interface EmrCreateClusterProps extends sfn.TaskStateBaseProps { */ readonly securityConfiguration?: string; + /** + * Specifies the step concurrency level to allow multiple steps to run in parallel + * + * Requires EMR release label 5.28.0 or above. + * Must be in range [1, 256]. + * + * @default 1 - no step concurrency allowed + */ + readonly stepConcurrencyLevel?: number; + /** * A list of tags to associate with a cluster and propagate to Amazon EC2 instances. * @@ -191,6 +201,22 @@ export class EmrCreateCluster extends sfn.TaskStateBase { } this.taskPolicies = this.createPolicyStatements(this._serviceRole, this._clusterRole, this._autoScalingRole); + + if (this.props.releaseLabel !== undefined) { + this.validateReleaseLabel(this.props.releaseLabel); + } + + if (this.props.stepConcurrencyLevel !== undefined) { + if (this.props.stepConcurrencyLevel < 1 || this.props.stepConcurrencyLevel > 256) { + throw new Error(`Step concurrency level must be in range [1, 256], but got ${this.props.stepConcurrencyLevel}.`); + } + if (this.props.releaseLabel && this.props.stepConcurrencyLevel !== 1) { + const [major, minor] = this.props.releaseLabel.substr(4).split('.'); + if (Number(major) < 5 || (Number(major) === 5 && Number(minor) < 28)) { + throw new Error(`Step concurrency is only supported in EMR release version 5.28.0 and above but got ${this.props.releaseLabel}.`); + } + } + } } /** @@ -252,6 +278,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { ReleaseLabel: cdk.stringToCloudFormation(this.props.releaseLabel), ScaleDownBehavior: cdk.stringToCloudFormation(this.props.scaleDownBehavior?.valueOf()), SecurityConfiguration: cdk.stringToCloudFormation(this.props.securityConfiguration), + StepConcurrencyLevel: cdk.numberToCloudFormation(this.props.stepConcurrencyLevel), ...(this.props.tags ? this.renderTags(this.props.tags) : undefined), VisibleToAllUsers: cdk.booleanToCloudFormation(this.visibleToAllUsers), }), @@ -356,6 +383,25 @@ export class EmrCreateCluster extends sfn.TaskStateBase { return role; } + + /** + * Validates the release label string is in proper format. + * Release labels are in the form `emr-x.x.x`. For example, `emr-5.33.0`. + * + * @see https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-components.html + */ + private validateReleaseLabel(releaseLabel: string): string { + const prefix = releaseLabel.substr(0, 4); + const versions = releaseLabel.substr(4).split('.'); + if (prefix !== 'emr-' || versions.length !== 3 || versions.some((e) => isNotANumber(e))) { + throw new Error(`The release label must be in the format 'emr-x.x.x' but got ${releaseLabel}`); + } + return releaseLabel; + + function isNotANumber(value: string): boolean { + return value === '' || isNaN(Number(value)); + } + } } export namespace EmrCreateCluster { diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts index 273a580a6a38e..3effd99e5eed0 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts @@ -172,6 +172,112 @@ test('Create Cluster with clusterConfiguration Name from payload', () => { }); }); +describe('Cluster with StepConcurrencyLevel', () => { + test('can be specified', async () => { + // WHEN + const task = new EmrCreateCluster(stack, 'Task', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + stepConcurrencyLevel: 2, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + }); + + // THEN + expect(stack.resolve(task.toStateJson())).toMatchObject({ + Parameters: { + Name: 'Cluster', + StepConcurrencyLevel: 2, + }, + }); + }); + + test('throws if < 1 or > 256', async () => { + expect(() => new EmrCreateCluster(stack, 'Task1', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + stepConcurrencyLevel: 0, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('Step concurrency level must be in range [1, 256], but got 0.'); + + expect(() => new EmrCreateCluster(stack, 'Task2', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + stepConcurrencyLevel: 257, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('Step concurrency level must be in range [1, 256], but got 257.'); + }); + + test('throws if EMR release label below 5.28 and StepConcurrencyLevel !== 1', async () => { + expect(() => new EmrCreateCluster(stack, 'Task2', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + releaseLabel: 'emr-5.14.0', + stepConcurrencyLevel: 2, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('Step concurrency is only supported in EMR release version 5.28.0 and above but got emr-5.14.0.'); + }); + + test('does not throw if EMR release label below 5.28 and StepConcurrencyLevel === 1', async () => { + new EmrCreateCluster(stack, 'Task1', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + releaseLabel: 'emr-5.14.0', + stepConcurrencyLevel: 1, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + }); + }); +}); + +test('Cluster with invalid release label will throw', async () => { + expect(() => new EmrCreateCluster(stack, 'Task1', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + releaseLabel: 'emra-5.14.0', + stepConcurrencyLevel: 1, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('The release label must be in the format \'emr-x.x.x\' but got emra-5.14.0'); + + expect(() => new EmrCreateCluster(stack, 'Task2', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + releaseLabel: 'emr-5.14.a', + stepConcurrencyLevel: 1, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('The release label must be in the format \'emr-x.x.x\' but got emr-5.14.a'); + + expect(() => new EmrCreateCluster(stack, 'Task3', { + instances: {}, + clusterRole, + name: 'Cluster', + serviceRole, + autoScalingRole, + releaseLabel: 'emr-5.14.0.0', + stepConcurrencyLevel: 1, + integrationPattern: sfn.IntegrationPattern.REQUEST_RESPONSE, + })).toThrow('The release label must be in the format \'emr-x.x.x\' but got emr-5.14.0.0'); +}); + test('Create Cluster with Tags', () => { // WHEN const task = new EmrCreateCluster(stack, 'Task', { From 0fb21799b0da3185c2d4ba91a8ef9729c71fbd5a Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Tue, 5 Oct 2021 12:02:12 +0100 Subject: [PATCH 15/43] feat(assertions): matcher support for `templateMatches()` API (#16789) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The `templateMatches()` API behaved differently from the rest of the `hasXxx()` and `findXxx()` APIs in that it did not accept a Matcher. This functionality is generally useful to perform partial matching on the full template. Further, users can get confused and assume that the `templateMatches()` API do support Matchers, as this is the only one that is an exception. Align this API with the rest of the module's behaviour. A nice side effect of this is that this module no longer needs to vendor in changes from the 'assert' module and brings this in line with the other modules in this repo. nozem can work again! πŸ™Œ BREAKING CHANGE: The `templateMatches()` API previously performed an exact match. The default behavior has been updated to be "object-like". ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/assertions/README.md | 6 +- packages/@aws-cdk/assertions/lib/match.ts | 3 +- .../assertions/lib/private/mappings.ts | 10 +- .../assertions/lib/private/outputs.ts | 10 +- .../assertions/lib/private/resources.ts | 22 ++-- .../assertions/lib/private/template.ts | 16 +++ packages/@aws-cdk/assertions/lib/template.ts | 41 ++++--- packages/@aws-cdk/assertions/package.json | 26 ----- .../@aws-cdk/assertions/test/template.test.ts | 10 +- packages/@aws-cdk/assertions/vendor-in.sh | 57 ---------- packages/@aws-cdk/aws-ivs/test/ivs.test.ts | 100 ++++-------------- 11 files changed, 92 insertions(+), 209 deletions(-) create mode 100644 packages/@aws-cdk/assertions/lib/private/template.ts delete mode 100755 packages/@aws-cdk/assertions/vendor-in.sh diff --git a/packages/@aws-cdk/assertions/README.md b/packages/@aws-cdk/assertions/README.md index 0c2d9d1ecdadf..ce480bc152dc4 100644 --- a/packages/@aws-cdk/assertions/README.md +++ b/packages/@aws-cdk/assertions/README.md @@ -144,9 +144,9 @@ The APIs `hasMapping()` and `findMappings()` provide similar functionalities. ## Special Matchers -The expectation provided to the `hasXXX()` and `findXXX()` methods, besides -carrying literal values, as seen in the above examples, also accept special -matchers. +The expectation provided to the `hasXxx()`, `findXxx()` and `templateMatches()` +APIs, besides carrying literal values, as seen in the above examples, also accept +special matchers. They are available as part of the `Match` class. diff --git a/packages/@aws-cdk/assertions/lib/match.ts b/packages/@aws-cdk/assertions/lib/match.ts index 4fea0ed0f713e..9b18400abcbf6 100644 --- a/packages/@aws-cdk/assertions/lib/match.ts +++ b/packages/@aws-cdk/assertions/lib/match.ts @@ -1,6 +1,7 @@ import { Matcher, MatchResult } from './matcher'; import { getType } from './private/type'; -import { ABSENT } from './vendored/assert'; + +const ABSENT = '{{ABSENT}}'; /** * Partial and special matching during template assertions. diff --git a/packages/@aws-cdk/assertions/lib/private/mappings.ts b/packages/@aws-cdk/assertions/lib/private/mappings.ts index e19afe541d204..e080843dd87f8 100644 --- a/packages/@aws-cdk/assertions/lib/private/mappings.ts +++ b/packages/@aws-cdk/assertions/lib/private/mappings.ts @@ -1,8 +1,8 @@ -import { StackInspector } from '../vendored/assert'; import { filterLogicalId, formatFailure, matchSection } from './section'; +import { Template } from './template'; -export function findMappings(inspector: StackInspector, logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { - const section: { [key: string] : {} } = inspector.value.Mappings; +export function findMappings(template: Template, logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { + const section: { [key: string] : {} } = template.Mappings; const result = matchSection(filterLogicalId(section, logicalId), props); if (!result.match) { @@ -12,8 +12,8 @@ export function findMappings(inspector: StackInspector, logicalId: string, props return result.matches; } -export function hasMapping(inspector: StackInspector, logicalId: string, props: any): string | void { - const section: { [key: string]: {} } = inspector.value.Mappings; +export function hasMapping(template: Template, logicalId: string, props: any): string | void { + const section: { [key: string]: {} } = template.Mappings; const result = matchSection(filterLogicalId(section, logicalId), props); if (result.match) { diff --git a/packages/@aws-cdk/assertions/lib/private/outputs.ts b/packages/@aws-cdk/assertions/lib/private/outputs.ts index 320016d22a8eb..f00f05bc9bb0f 100644 --- a/packages/@aws-cdk/assertions/lib/private/outputs.ts +++ b/packages/@aws-cdk/assertions/lib/private/outputs.ts @@ -1,8 +1,8 @@ -import { StackInspector } from '../vendored/assert'; import { filterLogicalId, formatFailure, matchSection } from './section'; +import { Template } from './template'; -export function findOutputs(inspector: StackInspector, logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { - const section: { [key: string] : {} } = inspector.value.Outputs; +export function findOutputs(template: Template, logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { + const section = template.Outputs; const result = matchSection(filterLogicalId(section, logicalId), props); if (!result.match) { @@ -12,8 +12,8 @@ export function findOutputs(inspector: StackInspector, logicalId: string, props: return result.matches; } -export function hasOutput(inspector: StackInspector, logicalId: string, props: any): string | void { - const section: { [key: string]: {} } = inspector.value.Outputs; +export function hasOutput(template: Template, logicalId: string, props: any): string | void { + const section: { [key: string]: {} } = template.Outputs; const result = matchSection(filterLogicalId(section, logicalId), props); if (result.match) { return; diff --git a/packages/@aws-cdk/assertions/lib/private/resources.ts b/packages/@aws-cdk/assertions/lib/private/resources.ts index 81b77346f61f5..aeb2037d81ad4 100644 --- a/packages/@aws-cdk/assertions/lib/private/resources.ts +++ b/packages/@aws-cdk/assertions/lib/private/resources.ts @@ -1,13 +1,8 @@ -import { StackInspector } from '../vendored/assert'; import { formatFailure, matchSection } from './section'; +import { Resource, Template } from './template'; -// Partial type for CloudFormation Resource -type Resource = { - Type: string; -} - -export function findResources(inspector: StackInspector, type: string, props: any = {}): { [key: string]: { [key: string]: any } } { - const section: { [key: string] : Resource } = inspector.value.Resources; +export function findResources(template: Template, type: string, props: any = {}): { [key: string]: { [key: string]: any } } { + const section = template.Resources; const result = matchSection(filterType(section, type), props); if (!result.match) { @@ -17,8 +12,8 @@ export function findResources(inspector: StackInspector, type: string, props: an return result.matches; } -export function hasResource(inspector: StackInspector, type: string, props: any): string | void { - const section: { [key: string]: Resource } = inspector.value.Resources; +export function hasResource(template: Template, type: string, props: any): string | void { + const section = template.Resources; const result = matchSection(filterType(section, type), props); if (result.match) { @@ -35,6 +30,13 @@ export function hasResource(inspector: StackInspector, type: string, props: any) ].join('\n'); } +export function countResources(template: Template, type: string): number { + const section = template.Resources; + const types = filterType(section, type); + + return Object.entries(types).length; +} + function filterType(section: { [key: string]: Resource }, type: string): { [key: string]: Resource } { return Object.entries(section ?? {}) .filter(([_, v]) => v.Type === type) diff --git a/packages/@aws-cdk/assertions/lib/private/template.ts b/packages/@aws-cdk/assertions/lib/private/template.ts new file mode 100644 index 0000000000000..3b44368138435 --- /dev/null +++ b/packages/@aws-cdk/assertions/lib/private/template.ts @@ -0,0 +1,16 @@ +// Partial types for CloudFormation Template + +export type Template = { + Resources: { [logicalId: string]: Resource }, + Outputs: { [logicalId: string]: Output }, + Mappings: { [logicalId: string]: Mapping } +} + +export type Resource = { + Type: string; + [key: string]: any; +} + +export type Output = { [key: string]: any }; + +export type Mapping = { [key: string]: any }; \ No newline at end of file diff --git a/packages/@aws-cdk/assertions/lib/template.ts b/packages/@aws-cdk/assertions/lib/template.ts index e6f721d928576..d3871c6cda36b 100644 --- a/packages/@aws-cdk/assertions/lib/template.ts +++ b/packages/@aws-cdk/assertions/lib/template.ts @@ -3,8 +3,8 @@ import { Match } from './match'; import { Matcher } from './matcher'; import { findMappings, hasMapping } from './private/mappings'; import { findOutputs, hasOutput } from './private/outputs'; -import { findResources, hasResource } from './private/resources'; -import * as assert from './vendored/assert'; +import { countResources, findResources, hasResource } from './private/resources'; +import { Template as TemplateType } from './private/template'; /** * Suite of assertions that can be run on a CDK stack. @@ -39,12 +39,10 @@ export class Template { return new Template(JSON.parse(template)); } - private readonly template: { [key: string]: any }; - private readonly inspector: assert.StackInspector; + private readonly template: TemplateType; private constructor(template: { [key: string]: any }) { - this.template = template; - this.inspector = new assert.StackInspector(template); + this.template = template as TemplateType; } /** @@ -61,8 +59,10 @@ export class Template { * @param count number of expected instances */ public resourceCountIs(type: string, count: number): void { - const assertion = assert.countResources(type, count); - assertion.assertOrThrow(this.inspector); + const counted = countResources(this.template, type); + if (counted !== count) { + throw new Error(`Expected ${count} resources of type ${type} but found ${counted}`); + } } /** @@ -88,7 +88,7 @@ export class Template { * @param props the entire defintion of the resource as should be expected in the template. */ public hasResource(type: string, props: any): void { - const matchError = hasResource(this.inspector, type, props); + const matchError = hasResource(this.template, type, props); if (matchError) { throw new Error(matchError); } @@ -102,7 +102,7 @@ export class Template { * Use the `Match` APIs to configure a different behaviour. */ public findResources(type: string, props: any = {}): { [key: string]: { [key: string]: any } } { - return findResources(this.inspector, type, props); + return findResources(this.template, type, props); } /** @@ -113,7 +113,7 @@ export class Template { * @param props the output as should be expected in the template. */ public hasOutput(logicalId: string, props: any): void { - const matchError = hasOutput(this.inspector, logicalId, props); + const matchError = hasOutput(this.template, logicalId, props); if (matchError) { throw new Error(matchError); } @@ -127,7 +127,7 @@ export class Template { * Use the `Match` APIs to configure a different behaviour. */ public findOutputs(logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { - return findOutputs(this.inspector, logicalId, props); + return findOutputs(this.template, logicalId, props); } /** @@ -138,7 +138,7 @@ export class Template { * @param props the output as should be expected in the template. */ public hasMapping(logicalId: string, props: any): void { - const matchError = hasMapping(this.inspector, logicalId, props); + const matchError = hasMapping(this.template, logicalId, props); if (matchError) { throw new Error(matchError); } @@ -152,16 +152,23 @@ export class Template { * Use the `Match` APIs to configure a different behaviour. */ public findMappings(logicalId: string, props: any = {}): { [key: string]: { [key: string]: any } } { - return findMappings(this.inspector, logicalId, props); + return findMappings(this.template, logicalId, props); } /** * Assert that the CloudFormation template matches the given value * @param expected the expected CloudFormation template as key-value pairs. */ - public templateMatches(expected: {[key: string]: any}): void { - const assertion = assert.matchTemplate(expected); - assertion.assertOrThrow(this.inspector); + public templateMatches(expected: any): void { + const matcher = Matcher.isMatcher(expected) ? expected : Match.objectLike(expected); + const result = matcher.test(this.template); + + if (result.hasFailed()) { + throw new Error([ + 'Template did not match as expected. The following mismatches were found:', + ...result.toHumanStrings().map(s => `\t${s}`), + ].join('\n')); + } } } diff --git a/packages/@aws-cdk/assertions/package.json b/packages/@aws-cdk/assertions/package.json index e3c0612bf486d..58420966a5bfe 100644 --- a/packages/@aws-cdk/assertions/package.json +++ b/packages/@aws-cdk/assertions/package.json @@ -48,11 +48,6 @@ }, "projectReferences": true }, - "cdk-build": { - "pre": [ - "./vendor-in.sh" - ] - }, "author": { "name": "Amazon Web Services", "url": "https://aws.amazon.com", @@ -61,7 +56,6 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/cdk-build-tools": "0.0.0", - "@aws-cdk/cfnspec": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^26.0.24", "constructs": "^3.3.69", @@ -106,26 +100,6 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "nozem": { - "ostools": [ - "dirname", - "cd", - "bash", - "rm", - "xargs", - "sed", - "mkdir", - "rsync", - "cat", - "find" - ], - "additionalDirs": [ - "../cfnspec/lib", - "ARTIFACTS:../cfnspec/spec", - "../cloudformation-diff", - "../assert-internal" - ] - }, "stability": "experimental", "maturity": "experimental", "publishConfig": { diff --git a/packages/@aws-cdk/assertions/test/template.test.ts b/packages/@aws-cdk/assertions/test/template.test.ts index 7c3221763446c..97e7e4ca241a6 100644 --- a/packages/@aws-cdk/assertions/test/template.test.ts +++ b/packages/@aws-cdk/assertions/test/template.test.ts @@ -82,10 +82,10 @@ describe('Template', () => { const inspect = Template.fromStack(stack); inspect.resourceCountIs('Foo::Bar', 1); - expect(() => inspect.resourceCountIs('Foo::Bar', 0)).toThrow(/has 1 resource of type Foo::Bar/); - expect(() => inspect.resourceCountIs('Foo::Bar', 2)).toThrow(/has 1 resource of type Foo::Bar/); + expect(() => inspect.resourceCountIs('Foo::Bar', 0)).toThrow('Expected 0 resources of type Foo::Bar but found 1'); + expect(() => inspect.resourceCountIs('Foo::Bar', 2)).toThrow('Expected 2 resources of type Foo::Bar but found 1'); - expect(() => inspect.resourceCountIs('Foo::Baz', 1)).toThrow(/has 0 resource of type Foo::Baz/); + expect(() => inspect.resourceCountIs('Foo::Baz', 1)).toThrow('Expected 1 resources of type Foo::Baz but found 0'); }); test('no resource', () => { @@ -94,7 +94,7 @@ describe('Template', () => { const inspect = Template.fromStack(stack); inspect.resourceCountIs('Foo::Bar', 0); - expect(() => inspect.resourceCountIs('Foo::Bar', 1)).toThrow(/has 0 resource of type Foo::Bar/); + expect(() => inspect.resourceCountIs('Foo::Bar', 1)).toThrow('Expected 1 resources of type Foo::Bar but found 0'); }); }); @@ -132,7 +132,7 @@ describe('Template', () => { Properties: { baz: 'waldo' }, }, }, - })).toThrowError(); + })).toThrowError(/Expected waldo but received qux at \/Resources\/Foo\/Properties\/baz/); }); }); diff --git a/packages/@aws-cdk/assertions/vendor-in.sh b/packages/@aws-cdk/assertions/vendor-in.sh deleted file mode 100755 index 803ff1a7a28ff..0000000000000 --- a/packages/@aws-cdk/assertions/vendor-in.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -set -e - -porta_sed() { - local lookup=$1 - local replacement=$2 - local file=$3 - - # inplace replacement of sed is not portable across BSD and GNU. Use backup extension and then delete. - sed -i'.del' "s^${lookup}^${replacement}^g" $file - rm $file.del -} -export -f porta_sed - -echo "⏳ Vendoring in modules..." - -scriptdir=$(cd $(dirname $0) && pwd) -cd $scriptdir - -if [[ "$PHASE" == "transform" ]]; then - # Make the script short-circuit when running in the packages/individual-packages build context. - # That's required because the build done by individual-pkg-gen does import re-writing when copying the TS files - # (because it needs to know which modules are also unstable to do the rewriting correctly), - # but the vendor.sh script runs only after the 'build' script for this package has been invoked, - # which means any TS files copied by it successfully would not have their imports re-written. - exit 0 -fi - -set -euo pipefail -dest="lib/vendored" -mkdir -p $dest - -# cfnspec -mkdir -p $dest/cfnspec -rsync -a --exclude '*.d.ts' --exclude '*.js' ../cfnspec/lib/ $dest/cfnspec/lib -rsync -a ../cfnspec/spec/ $dest/cfnspec/spec - -# cloudformation-diff -rsync -a --exclude '*.d.ts' --exclude '*.js' ../cloudformation-diff/lib/ $dest/cloudformation-diff -find $dest/cloudformation-diff -name '*.ts' | xargs -n1 bash -c 'porta_sed "$@"' _ '@aws-cdk/cfnspec' '../../cfnspec/lib' - -# assert-internal -rsync -a --exclude '*.d.ts' --exclude '*.js' ../assert-internal/lib/ $dest/assert -find $dest/assert -name '*.ts' | xargs -n1 bash -c 'porta_sed "$@"' _ '@aws-cdk/cloudformation-diff' '../../cloudformation-diff' - -# readme -cat > $dest/README.md < { test('channel default properties', () => { new ivs.Channel(stack, 'Channel'); - Template.fromStack(stack).templateMatches({ - Resources: { - Channel4048F119: { - Type: 'AWS::IVS::Channel', - }, - }, + Template.fromStack(stack).hasResource('AWS::IVS::Channel', { + Properties: Match.absentProperty(), }); }); @@ -36,15 +32,8 @@ test('channel name', () => { name: 'CarrotsAreTasty', }); - Template.fromStack(stack).templateMatches({ - Resources: { - Channel4048F119: { - Type: 'AWS::IVS::Channel', - Properties: { - Name: 'CarrotsAreTasty', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::Channel', { + Name: 'CarrotsAreTasty', }); }); @@ -53,15 +42,8 @@ test('channel is authorized', () => { authorized: true, }); - Template.fromStack(stack).templateMatches({ - Resources: { - Channel4048F119: { - Type: 'AWS::IVS::Channel', - Properties: { - Authorized: 'true', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::Channel', { + Authorized: true, }); }); @@ -70,15 +52,8 @@ test('channel type', () => { type: ivs.ChannelType.BASIC, }); - Template.fromStack(stack).templateMatches({ - Resources: { - Channel4048F119: { - Type: 'AWS::IVS::Channel', - Properties: { - Type: 'BASIC', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::Channel', { + Type: 'BASIC', }); }); @@ -87,15 +62,8 @@ test('channel latency mode', () => { latencyMode: ivs.LatencyMode.NORMAL, }); - Template.fromStack(stack).templateMatches({ - Resources: { - Channel4048F119: { - Type: 'AWS::IVS::Channel', - Properties: { - LatencyMode: 'NORMAL', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::Channel', { + LatencyMode: 'NORMAL', }); }); @@ -116,15 +84,8 @@ test('playback key pair mandatory properties', () => { publicKeyMaterial: publicKey, }); - Template.fromStack(stack).templateMatches({ - Resources: { - PlaybackKeyPairBE17315B: { - Type: 'AWS::IVS::PlaybackKeyPair', - Properties: { - PublicKeyMaterial: publicKey, - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::PlaybackKeyPair', { + PublicKeyMaterial: publicKey, }); }); @@ -134,16 +95,9 @@ test('playback key pair name', () => { name: 'CarrotsAreNutritious', }); - Template.fromStack(stack).templateMatches({ - Resources: { - PlaybackKeyPairBE17315B: { - Type: 'AWS::IVS::PlaybackKeyPair', - Properties: { - PublicKeyMaterial: publicKey, - Name: 'CarrotsAreNutritious', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::PlaybackKeyPair', { + PublicKeyMaterial: publicKey, + Name: 'CarrotsAreNutritious', }); }); @@ -159,15 +113,8 @@ test('stream key mandatory properties', () => { channel: ivs.Channel.fromChannelArn(stack, 'ChannelRef', 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh'), }); - Template.fromStack(stack).templateMatches({ - Resources: { - StreamKey9F296F4F: { - Type: 'AWS::IVS::StreamKey', - Properties: { - ChannelArn: 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::StreamKey', { + ChannelArn: 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh', }); }); @@ -194,15 +141,8 @@ test('stream key from channel reference', () => { const channel = ivs.Channel.fromChannelArn(stack, 'Channel', 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh'); channel.addStreamKey('StreamKey'); - Template.fromStack(stack).templateMatches({ - Resources: { - ChannelStreamKey60BDC2BE: { - Type: 'AWS::IVS::StreamKey', - Properties: { - ChannelArn: 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh', - }, - }, - }, + Template.fromStack(stack).hasResourceProperties('AWS::IVS::StreamKey', { + ChannelArn: 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh', }); }); From 490f3296b451cf694c9fa877c4c881b75840b32b Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Tue, 5 Oct 2021 11:43:13 +0000 Subject: [PATCH 16/43] chore(release): 1.126.0 --- CHANGELOG.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ version.v1.json | 2 +- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e47c967a1926e..141f0339af9ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,52 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.126.0](https://github.com/aws/aws-cdk/compare/v1.125.0...v1.126.0) (2021-10-05) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **assertions:** The `templateMatches()` API previously performed +an exact match. The default behavior has been updated to be +"object-like". + +### Features + +* **assertions:** matcher support for `templateMatches()` API ([#16789](https://github.com/aws/aws-cdk/issues/16789)) ([0fb2179](https://github.com/aws/aws-cdk/commit/0fb21799b0da3185c2d4ba91a8ef9729c71fbd5a)) +* **aws-apprunner:** support the Service L2 construct ([#15810](https://github.com/aws/aws-cdk/issues/15810)) ([3cea941](https://github.com/aws/aws-cdk/commit/3cea9419b6c02b3b5eb952b7e03b5a132e5e9630)), closes [#14813](https://github.com/aws/aws-cdk/issues/14813) +* **aws-ec2:** userdata cfn-signal signal resource which is different than the attached resource ([#16264](https://github.com/aws/aws-cdk/issues/16264)) ([f24a1ae](https://github.com/aws/aws-cdk/commit/f24a1ae21b30868146b30a0897dc659f99241de4)) +* **backup:** expose method to add statements to the vault policy ([#16597](https://github.com/aws/aws-cdk/issues/16597)) ([3ff1537](https://github.com/aws/aws-cdk/commit/3ff15378c1463920d010231df7d4c801d28b4486)) +* **cfnspec:** cloudformation spec v42.0.0 ([#16639](https://github.com/aws/aws-cdk/issues/16639)) ([2157acd](https://github.com/aws/aws-cdk/commit/2157acd4287dc9df1ae4642bbe049c181e3432b6)) +* **cloudfront:** support Behavior-specific viewer protocol policy for CloudFrontWebDistribution ([#16389](https://github.com/aws/aws-cdk/issues/16389)) ([5c028c5](https://github.com/aws/aws-cdk/commit/5c028c54aa7635dd55095257ebe81bdf2158ea39)), closes [#7086](https://github.com/aws/aws-cdk/issues/7086) +* **cloudwatch:** support cross-environment search expressions ([#16539](https://github.com/aws/aws-cdk/issues/16539)) ([c165138](https://github.com/aws/aws-cdk/commit/c165138fa7c3456e530ffeab9b7a038914cc2dca)), closes [#9039](https://github.com/aws/aws-cdk/issues/9039) +* **eks:** `connectAutoScalingGroupCapacity` on imported clusters ([#14650](https://github.com/aws/aws-cdk/issues/14650)) ([7f7be08](https://github.com/aws/aws-cdk/commit/7f7be089fa84afd0ab009a7feca2df4315749bc3)) +* **eks:** add warning to fargateProfile ([#16631](https://github.com/aws/aws-cdk/issues/16631)) ([41fdebb](https://github.com/aws/aws-cdk/commit/41fdebb974a2b29ba461757d210fa3a8b8cdc73d)), closes [#16349](https://github.com/aws/aws-cdk/issues/16349) +* **stepfunctions-tasks:** add step concurrency level to EmrCreateCluster ([#15242](https://github.com/aws/aws-cdk/issues/15242)) ([1deea90](https://github.com/aws/aws-cdk/commit/1deea9005656c2f0f25c56e773145b6e0ebcbb1b)), closes [#15223](https://github.com/aws/aws-cdk/issues/15223) +* allow stale bot trigger manually ([#16586](https://github.com/aws/aws-cdk/issues/16586)) ([fc8cfee](https://github.com/aws/aws-cdk/commit/fc8cfee77008314d59eda8f18d2c91c23e2a23ab)) + + +### Bug Fixes + +* **aws-eks:** Support for http proxy in EKS onEvent lambda ([#16609](https://github.com/aws/aws-cdk/issues/16609)) ([cf22280](https://github.com/aws/aws-cdk/commit/cf222806f781c3476dd942c57787ad0f4924dc04)), closes [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) +* **aws-eks:** support http proxy in EKS onEvent lambda ([#16657](https://github.com/aws/aws-cdk/issues/16657)) ([87c9570](https://github.com/aws/aws-cdk/commit/87c957029ba5adecc9dddd72d9190d8a7abb913f)), closes [/github.com/aws/aws-cdk/pull/16657#issuecomment-928260661](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928260661) [/github.com/aws/aws-cdk/pull/16657#issuecomment-928529421](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928529421) [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) +* **cli:** progress bar overshoots count by 1 for stack updates ([#16168](https://github.com/aws/aws-cdk/issues/16168)) ([0c8ecb8](https://github.com/aws/aws-cdk/commit/0c8ecb8cfc2cec9fd8c9f238c049b604a0f149fe)) +* **config:** add SourceAccount condition to Lambda permission ([#16617](https://github.com/aws/aws-cdk/issues/16617)) ([cfcaf45](https://github.com/aws/aws-cdk/commit/cfcaf452da163efa33df752b0ff026b3ea608dfc)) +* **elasticloadbalancingv2:** Incorrect validation on `NetworkLoadBalancer.configureHealthCheck()` ([#16445](https://github.com/aws/aws-cdk/issues/16445)) ([140892a](https://github.com/aws/aws-cdk/commit/140892af639c78eebebecf687eb1b37ab75d643d)) +* **iam:** `User.fromUserArn` does not work for ARNs that include a path ([#16269](https://github.com/aws/aws-cdk/issues/16269)) ([5c69c94](https://github.com/aws/aws-cdk/commit/5c69c941bc5e7284f5873110e7c7c86cdeba42fb)), closes [40aws-cdk/aws-iam/lib/role.ts#L191-L194](https://github.com/40aws-cdk/aws-iam/lib/role.ts/issues/L191-L194) [#16256](https://github.com/aws/aws-cdk/issues/16256) +* **revert:** "fix: CDK does not honor NO_PROXY settings ([#16751](https://github.com/aws/aws-cdk/issues/16751))" ([#16761](https://github.com/aws/aws-cdk/issues/16761)) ([eda7e84](https://github.com/aws/aws-cdk/commit/eda7e84400d766b8045972c496851e975544c38f)), closes [/github.com/aws/aws-cdk/pull/16751/files#r720549975](https://github.com/aws//github.com/aws/aws-cdk/pull/16751/files/issues/r720549975) +* **s3:** setting `autoDeleteObjects` to `false` empties the bucket ([#16756](https://github.com/aws/aws-cdk/issues/16756)) ([21836f2](https://github.com/aws/aws-cdk/commit/21836f249395045a4a697fbfe553fe17e1c5e6a1)), closes [#16603](https://github.com/aws/aws-cdk/issues/16603) +* CDK does not honor NO_PROXY settings ([#16751](https://github.com/aws/aws-cdk/issues/16751)) ([ceab036](https://github.com/aws/aws-cdk/commit/ceab036fa9dfcd13c58c7d818339cd05ed515bec)), closes [#7121](https://github.com/aws/aws-cdk/issues/7121) +* correct package names in support scripts ([ebfd5f2](https://github.com/aws/aws-cdk/commit/ebfd5f2b203106135b2474b327727b2fee400380)) +* remove invalid entry from stale issue bot config ([#16587](https://github.com/aws/aws-cdk/issues/16587)) ([5461859](https://github.com/aws/aws-cdk/commit/546185977cb245b2ed4ddf31da7612d52a20706e)) +* set ROSETTA_MAX_WORKER_COUNT in pack.sh ([#16738](https://github.com/aws/aws-cdk/issues/16738)) ([5d06641](https://github.com/aws/aws-cdk/commit/5d06641cc82d05917a89da21cd79392ec9092c51)) +* **route53-targets:** ApiGateway does not accept RestApiBase ([#16610](https://github.com/aws/aws-cdk/issues/16610)) ([20071bb](https://github.com/aws/aws-cdk/commit/20071bb12648adeab96e4dbcb31f5bd50c5f631d)), closes [#16227](https://github.com/aws/aws-cdk/issues/16227) +* **sns:** cannot use numeric filter policy with 0 values ([#16551](https://github.com/aws/aws-cdk/issues/16551)) ([62b6762](https://github.com/aws/aws-cdk/commit/62b6762195324cf04758ab96ed20925b4939b773)), closes [#16549](https://github.com/aws/aws-cdk/issues/16549) + + +### Reverts + +* **aws-eks:** "fix(aws-eks): Support for http proxy in EKS onEvent lambda" ([#16651](https://github.com/aws/aws-cdk/issues/16651)) ([376c837](https://github.com/aws/aws-cdk/commit/376c83749cd4b5260df724dabe2e44e0dc3f792a)) + ## [1.125.0](https://github.com/aws/aws-cdk/compare/v1.124.0...v1.125.0) (2021-09-29) diff --git a/version.v1.json b/version.v1.json index e3a6d956268a9..45b470868687b 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.125.0" + "version": "1.126.0" } \ No newline at end of file From 53ffe413288d87338e19c398ac48c28a014bd8bd Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Tue, 5 Oct 2021 14:45:15 +0300 Subject: [PATCH 17/43] Update CHANGELOG.md --- CHANGELOG.md | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 141f0339af9ef..098c920bd1b54 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,7 @@ an exact match. The default behavior has been updated to be ### Features * **assertions:** matcher support for `templateMatches()` API ([#16789](https://github.com/aws/aws-cdk/issues/16789)) ([0fb2179](https://github.com/aws/aws-cdk/commit/0fb21799b0da3185c2d4ba91a8ef9729c71fbd5a)) -* **aws-apprunner:** support the Service L2 construct ([#15810](https://github.com/aws/aws-cdk/issues/15810)) ([3cea941](https://github.com/aws/aws-cdk/commit/3cea9419b6c02b3b5eb952b7e03b5a132e5e9630)), closes [#14813](https://github.com/aws/aws-cdk/issues/14813) +* **apprunner:** support the Service L2 construct ([#15810](https://github.com/aws/aws-cdk/issues/15810)) ([3cea941](https://github.com/aws/aws-cdk/commit/3cea9419b6c02b3b5eb952b7e03b5a132e5e9630)), closes [#14813](https://github.com/aws/aws-cdk/issues/14813) * **aws-ec2:** userdata cfn-signal signal resource which is different than the attached resource ([#16264](https://github.com/aws/aws-cdk/issues/16264)) ([f24a1ae](https://github.com/aws/aws-cdk/commit/f24a1ae21b30868146b30a0897dc659f99241de4)) * **backup:** expose method to add statements to the vault policy ([#16597](https://github.com/aws/aws-cdk/issues/16597)) ([3ff1537](https://github.com/aws/aws-cdk/commit/3ff15378c1463920d010231df7d4c801d28b4486)) * **cfnspec:** cloudformation spec v42.0.0 ([#16639](https://github.com/aws/aws-cdk/issues/16639)) ([2157acd](https://github.com/aws/aws-cdk/commit/2157acd4287dc9df1ae4642bbe049c181e3432b6)) @@ -28,18 +28,13 @@ an exact match. The default behavior has been updated to be ### Bug Fixes -* **aws-eks:** Support for http proxy in EKS onEvent lambda ([#16609](https://github.com/aws/aws-cdk/issues/16609)) ([cf22280](https://github.com/aws/aws-cdk/commit/cf222806f781c3476dd942c57787ad0f4924dc04)), closes [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) -* **aws-eks:** support http proxy in EKS onEvent lambda ([#16657](https://github.com/aws/aws-cdk/issues/16657)) ([87c9570](https://github.com/aws/aws-cdk/commit/87c957029ba5adecc9dddd72d9190d8a7abb913f)), closes [/github.com/aws/aws-cdk/pull/16657#issuecomment-928260661](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928260661) [/github.com/aws/aws-cdk/pull/16657#issuecomment-928529421](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928529421) [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) +* **eks:** Support for http proxy in EKS onEvent lambda ([#16609](https://github.com/aws/aws-cdk/issues/16609)) ([cf22280](https://github.com/aws/aws-cdk/commit/cf222806f781c3476dd942c57787ad0f4924dc04)), closes [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) +* **eks:** support http proxy in EKS onEvent lambda ([#16657](https://github.com/aws/aws-cdk/issues/16657)) ([87c9570](https://github.com/aws/aws-cdk/commit/87c957029ba5adecc9dddd72d9190d8a7abb913f)), closes [/github.com/aws/aws-cdk/pull/16657#issuecomment-928260661](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928260661) [/github.com/aws/aws-cdk/pull/16657#issuecomment-928529421](https://github.com/aws//github.com/aws/aws-cdk/pull/16657/issues/issuecomment-928529421) [/github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts#L1332](https://github.com/aws//github.com/aws/aws-cdk/blob/7dae114b7aac46321b8d8572e6837428b4c633b2/tools/pkglint/lib/rules.ts/issues/L1332) * **cli:** progress bar overshoots count by 1 for stack updates ([#16168](https://github.com/aws/aws-cdk/issues/16168)) ([0c8ecb8](https://github.com/aws/aws-cdk/commit/0c8ecb8cfc2cec9fd8c9f238c049b604a0f149fe)) * **config:** add SourceAccount condition to Lambda permission ([#16617](https://github.com/aws/aws-cdk/issues/16617)) ([cfcaf45](https://github.com/aws/aws-cdk/commit/cfcaf452da163efa33df752b0ff026b3ea608dfc)) * **elasticloadbalancingv2:** Incorrect validation on `NetworkLoadBalancer.configureHealthCheck()` ([#16445](https://github.com/aws/aws-cdk/issues/16445)) ([140892a](https://github.com/aws/aws-cdk/commit/140892af639c78eebebecf687eb1b37ab75d643d)) * **iam:** `User.fromUserArn` does not work for ARNs that include a path ([#16269](https://github.com/aws/aws-cdk/issues/16269)) ([5c69c94](https://github.com/aws/aws-cdk/commit/5c69c941bc5e7284f5873110e7c7c86cdeba42fb)), closes [40aws-cdk/aws-iam/lib/role.ts#L191-L194](https://github.com/40aws-cdk/aws-iam/lib/role.ts/issues/L191-L194) [#16256](https://github.com/aws/aws-cdk/issues/16256) -* **revert:** "fix: CDK does not honor NO_PROXY settings ([#16751](https://github.com/aws/aws-cdk/issues/16751))" ([#16761](https://github.com/aws/aws-cdk/issues/16761)) ([eda7e84](https://github.com/aws/aws-cdk/commit/eda7e84400d766b8045972c496851e975544c38f)), closes [/github.com/aws/aws-cdk/pull/16751/files#r720549975](https://github.com/aws//github.com/aws/aws-cdk/pull/16751/files/issues/r720549975) * **s3:** setting `autoDeleteObjects` to `false` empties the bucket ([#16756](https://github.com/aws/aws-cdk/issues/16756)) ([21836f2](https://github.com/aws/aws-cdk/commit/21836f249395045a4a697fbfe553fe17e1c5e6a1)), closes [#16603](https://github.com/aws/aws-cdk/issues/16603) -* CDK does not honor NO_PROXY settings ([#16751](https://github.com/aws/aws-cdk/issues/16751)) ([ceab036](https://github.com/aws/aws-cdk/commit/ceab036fa9dfcd13c58c7d818339cd05ed515bec)), closes [#7121](https://github.com/aws/aws-cdk/issues/7121) -* correct package names in support scripts ([ebfd5f2](https://github.com/aws/aws-cdk/commit/ebfd5f2b203106135b2474b327727b2fee400380)) -* remove invalid entry from stale issue bot config ([#16587](https://github.com/aws/aws-cdk/issues/16587)) ([5461859](https://github.com/aws/aws-cdk/commit/546185977cb245b2ed4ddf31da7612d52a20706e)) -* set ROSETTA_MAX_WORKER_COUNT in pack.sh ([#16738](https://github.com/aws/aws-cdk/issues/16738)) ([5d06641](https://github.com/aws/aws-cdk/commit/5d06641cc82d05917a89da21cd79392ec9092c51)) * **route53-targets:** ApiGateway does not accept RestApiBase ([#16610](https://github.com/aws/aws-cdk/issues/16610)) ([20071bb](https://github.com/aws/aws-cdk/commit/20071bb12648adeab96e4dbcb31f5bd50c5f631d)), closes [#16227](https://github.com/aws/aws-cdk/issues/16227) * **sns:** cannot use numeric filter policy with 0 values ([#16551](https://github.com/aws/aws-cdk/issues/16551)) ([62b6762](https://github.com/aws/aws-cdk/commit/62b6762195324cf04758ab96ed20925b4939b773)), closes [#16549](https://github.com/aws/aws-cdk/issues/16549) From b6d098eb502918e37ec89bc76d6faf9fe3fdbfbf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Oct 2021 11:52:33 +0000 Subject: [PATCH 18/43] chore(deps): bump actions/setup-node from 2.4.0 to 2.4.1 (#16778) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.4.0 to 2.4.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2.4.0...v2.4.1) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/yarn-upgrade.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml index 2b5737a13ec1b..1017b89e35505 100644 --- a/.github/workflows/yarn-upgrade.yml +++ b/.github/workflows/yarn-upgrade.yml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@v2 - name: Set up Node - uses: actions/setup-node@v2.4.0 + uses: actions/setup-node@v2.4.1 with: node-version: 10 From ca16e79a934e340545f766b7047f4c09aedb8765 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Tue, 5 Oct 2021 13:09:06 +0000 Subject: [PATCH 19/43] chore: rollback `GenericSSMParameterImage` deprecation (backport #16798) (#16800) This is an automatic backport of pull request #16798 done by [Mergify](https://mergify.io). ---
Mergify commands and options
More conditions and actions can be found in the [documentation](https://docs.mergify.io/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport ` will backport this PR on `` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.io/) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.io/
--- packages/@aws-cdk/aws-ec2/lib/machine-image.ts | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2/lib/machine-image.ts b/packages/@aws-cdk/aws-ec2/lib/machine-image.ts index c7340af1d47e5..731d9ea8d0c43 100644 --- a/packages/@aws-cdk/aws-ec2/lib/machine-image.ts +++ b/packages/@aws-cdk/aws-ec2/lib/machine-image.ts @@ -149,10 +149,12 @@ export interface MachineImageConfig { * on the instance if you are using this image. * * The AMI ID is selected using the values published to the SSM parameter store. - * - * @deprecated Use `MachineImage.fromSsmParameter()` instead */ export class GenericSSMParameterImage implements IMachineImage { + // FIXME: this class ought to be `@deprecated` and removed from v2, but that + // is causing build failure right now. Ref: https://github.com/aws/jsii/issues/3025 + // @-deprecated Use `MachineImage.fromSsmParameter()` instead + /** * Name of the SSM parameter we're looking up */ @@ -679,4 +681,4 @@ function lookupImage(scope: Construct, cachedInContext: boolean | undefined, par return cachedInContext ? ssm.StringParameter.valueFromLookup(scope, parameterName) : ssm.StringParameter.valueForTypedStringParameter(scope, parameterName, ssm.ParameterType.AWS_EC2_IMAGE_ID); -} \ No newline at end of file +} From c980185142c58821b7ae7ef0b88c6c98ca8f0246 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Tue, 5 Oct 2021 14:07:08 -0400 Subject: [PATCH 20/43] chore(assertions): replace `absentProperty()` with `absent()` and support it as a `Matcher` type (#16653) Currently `Match.absentProperty()` is not of type `Matcher` and this introduces a few flaws. For example, `Matcher.isMatcher(Match.absentProperty())` is `false`. This PR fixes this issue by replacing `Match.absentProperty()` with `Match.absent()` that is of type `Matcher`. The decision to change the name is due to supporting this as a general matcher and not just for Properties. BREAKING CHANGE: `Match.absentProperty()` becomes `Match.absent()`, and its type changes from `string` to `Matcher`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/assertions/README.md | 10 ++-- packages/@aws-cdk/assertions/lib/match.ts | 39 ++++++++------- .../@aws-cdk/assertions/test/match.test.ts | 31 ++++++++++-- .../@aws-cdk/assertions/test/template.test.ts | 47 +++++++++++++++-- .../test/http/lambda.test.ts | 2 +- .../aws-apigatewayv2/test/http/api.test.ts | 6 +-- .../aws-cloudwatch/test/alarm.test.ts | 6 +-- .../aws-cognito/test/user-pool-client.test.ts | 50 +++++++++---------- .../aws-cognito/test/user-pool.test.ts | 48 +++++++++--------- .../aws-efs/test/efs-file-system.test.ts | 2 +- packages/@aws-cdk/aws-ivs/test/ivs.test.ts | 2 +- .../test/s3-bucket.test.ts | 4 +- .../test/delivery-stream.test.ts | 12 ++--- .../@aws-cdk/aws-neptune/test/cluster.test.ts | 2 +- .../aws-redshift/test/cluster.test.ts | 4 +- .../aws-synthetics/test/canary.test.ts | 2 +- .../test/example-resource.test.ts | 2 +- 17 files changed, 167 insertions(+), 102 deletions(-) diff --git a/packages/@aws-cdk/assertions/README.md b/packages/@aws-cdk/assertions/README.md index ce480bc152dc4..cb081c32053a2 100644 --- a/packages/@aws-cdk/assertions/README.md +++ b/packages/@aws-cdk/assertions/README.md @@ -194,8 +194,8 @@ match. ### Presence and Absence -The `Match.absentProperty()` matcher can be used to specify that a specific -property should not exist on the target. This can be used within `Match.objectLike()` +The `Match.absent()` matcher can be used to specify that a specific +value should not exist on the target. This can be used within `Match.objectLike()` or outside of any matchers. ```ts @@ -216,15 +216,15 @@ or outside of any matchers. // The following will NOT throw an assertion error assert.hasResourceProperties('Foo::Bar', { Fred: Match.objectLike({ - Bob: Match.absentProperty(), + Bob: Match.absent(), }), }); // The following will throw an assertion error assert.hasResourceProperties('Foo::Bar', { Fred: Match.objectLike({ - Wobble: Match.absentProperty(), - }) + Wobble: Match.absent(), + }), }); ``` diff --git a/packages/@aws-cdk/assertions/lib/match.ts b/packages/@aws-cdk/assertions/lib/match.ts index 9b18400abcbf6..8e4d83a398347 100644 --- a/packages/@aws-cdk/assertions/lib/match.ts +++ b/packages/@aws-cdk/assertions/lib/match.ts @@ -1,8 +1,6 @@ import { Matcher, MatchResult } from './matcher'; import { getType } from './private/type'; -const ABSENT = '{{ABSENT}}'; - /** * Partial and special matching during template assertions. */ @@ -10,8 +8,8 @@ export abstract class Match { /** * Use this matcher in the place of a field's value, if the field must not be present. */ - public static absentProperty(): string { - return ABSENT; + public static absent(): Matcher { + return new AbsentMatch('absent'); } /** @@ -129,10 +127,6 @@ class LiteralMatch extends Matcher { return result; } - if (this.pattern === ABSENT) { - throw new Error('absentProperty() can only be used in an object matcher'); - } - if (actual !== this.pattern) { result.push(this, [], `Expected ${this.pattern} but received ${actual}`); } @@ -185,9 +179,10 @@ class ArrayMatch extends Matcher { const patternElement = this.pattern[patternIdx]; const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement); - if (this.subsequence && matcher instanceof AnyMatch) { - // array subsequence matcher is not compatible with anyValue() matcher. They don't make sense to be used together. - throw new Error('The Matcher anyValue() cannot be nested within arrayWith()'); + const matcherName = matcher.name; + if (this.subsequence && (matcherName == 'absent' || matcherName == 'anyValue')) { + // array subsequence matcher is not compatible with anyValue() or absent() matcher. They don't make sense to be used together. + throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); } const innerResult = matcher.test(actual[actualIdx]); @@ -253,13 +248,7 @@ class ObjectMatch extends Matcher { } for (const [patternKey, patternVal] of Object.entries(this.pattern)) { - if (patternVal === ABSENT) { - if (patternKey in actual) { - result.push(this, [`/${patternKey}`], 'Key should be absent'); - } - continue; - } - if (!(patternKey in actual)) { + if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { result.push(this, [`/${patternKey}`], 'Missing key'); continue; } @@ -339,4 +328,18 @@ class AnyMatch extends Matcher { } return result; } +} + +class AbsentMatch extends Matcher { + constructor(public readonly name: string) { + super(); + } + + public test(actual: any): MatchResult { + const result = new MatchResult(actual); + if (actual !== undefined) { + result.push(this, [], `Received ${actual}, but key should be absent`); + } + return result; + } } \ No newline at end of file diff --git a/packages/@aws-cdk/assertions/test/match.test.ts b/packages/@aws-cdk/assertions/test/match.test.ts index b0c92a2da2c8f..0b1ce784f9023 100644 --- a/packages/@aws-cdk/assertions/test/match.test.ts +++ b/packages/@aws-cdk/assertions/test/match.test.ts @@ -77,7 +77,7 @@ describe('Matchers', () => { }); test('absent', () => { - expect(() => Match.exact(Match.absentProperty()).test('foo')).toThrow(/absentProperty/); + expect(() => Match.exact(Match.absent())).toThrow(/cannot directly contain another matcher/); }); }); @@ -125,8 +125,9 @@ describe('Matchers', () => { expectFailure(matcher, [{ foo: 'baz', fred: 'waldo' }], [/Missing element at pattern index 0/]); }); - test('absent', () => { - expect(() => Match.arrayWith([Match.absentProperty()]).test(['foo'])).toThrow(/absentProperty/); + test('incompatible with absent', () => { + matcher = Match.arrayWith(['foo', Match.absent()]); + expect(() => matcher.test(['foo', 'bar'])).toThrow(/absent\(\) cannot be nested within arrayWith\(\)/); }); test('incompatible with anyValue', () => { @@ -184,9 +185,9 @@ describe('Matchers', () => { }); test('absent', () => { - matcher = Match.objectLike({ foo: Match.absentProperty() }); + matcher = Match.objectLike({ foo: Match.absent() }); expectPass(matcher, { bar: 'baz' }); - expectFailure(matcher, { foo: 'baz' }, [/Key should be absent at \/foo/]); + expectFailure(matcher, { foo: 'baz' }, [/key should be absent at \/foo/]); }); }); @@ -363,6 +364,26 @@ describe('Matchers', () => { expectFailure(matcher, '{ "Foo"', [/invalid JSON string/i]); }); }); + + describe('absent', () => { + let matcher: Matcher; + + test('simple', () => { + matcher = Match.absent(); + expectFailure(matcher, 'foo', ['Received foo, but key should be absent']); + expectPass(matcher, undefined); + }); + + test('nested in object', () => { + matcher = Match.objectLike({ foo: Match.absent() }); + expectFailure(matcher, { foo: 'bar' }, [/key should be absent at \/foo/]); + expectFailure(matcher, { foo: [1, 2] }, [/key should be absent at \/foo/]); + expectFailure(matcher, { foo: null }, [/key should be absent at \/foo/]); + + expectPass(matcher, { foo: undefined }); + expectPass(matcher, {}); + }); + }); }); function expectPass(matcher: Matcher, target: any): void { diff --git a/packages/@aws-cdk/assertions/test/template.test.ts b/packages/@aws-cdk/assertions/test/template.test.ts index 97e7e4ca241a6..92f169488fd69 100644 --- a/packages/@aws-cdk/assertions/test/template.test.ts +++ b/packages/@aws-cdk/assertions/test/template.test.ts @@ -248,11 +248,11 @@ describe('Template', () => { const inspect = Template.fromStack(stack); inspect.hasResource('Foo::Bar', { - Properties: Match.objectLike({ foo: Match.absentProperty() }), + Properties: Match.objectLike({ foo: Match.absent() }), }); expect(() => inspect.hasResource('Foo::Bar', { - Properties: Match.objectLike({ baz: Match.absentProperty() }), - })).toThrow(/Key should be absent at \/Properties\/baz/); + Properties: Match.objectLike({ baz: Match.absent() }), + })).toThrow(/key should be absent at \/Properties\/baz/); }); test('incorrect types', () => { @@ -269,6 +269,47 @@ describe('Template', () => { }); }); + describe('hasResourceProperties', () => { + test('absent', () => { + const stack = new Stack(); + new CfnResource(stack, 'Foo', { + type: 'Foo::Bar', + properties: { baz: 'qux' }, + }); + + const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', { + bar: Match.absent(), + }); + expect(() => inspect.hasResourceProperties('Foo::Bar', { + baz: Match.absent(), + })).toThrow(/key should be absent at \/Properties\/baz/); + }); + + test('absent - no properties on template', () => { + const stack = new Stack(); + new CfnResource(stack, 'Foo', { + type: 'Foo::Bar', + }); + + const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', Match.absent()); + }); + + test('not', () => { + const stack = new Stack(); + new CfnResource(stack, 'Foo', { + type: 'Foo::Bar', + properties: { baz: 'qux' }, + }); + + const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', Match.not({ + baz: 'boo', + })); + }); + }); + describe('getResources', () => { test('matching resource type', () => { const stack = new Stack(); diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/http/lambda.test.ts b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/http/lambda.test.ts index 1f62ad76867b0..c9fdf62c17d57 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/http/lambda.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/test/http/lambda.test.ts @@ -103,7 +103,7 @@ describe('HttpLambdaAuthorizer', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Authorizer', { AuthorizerPayloadFormatVersion: '1.0', - EnableSimpleResponses: Match.absentProperty(), + EnableSimpleResponses: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts index dc096594d0ecd..5b7f1052bfe35 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts @@ -127,7 +127,7 @@ describe('HttpApi', () => { new HttpApi(stack, 'HttpApi'); Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Api', { - CorsConfiguration: Match.absentProperty(), + CorsConfiguration: Match.absent(), }); }); @@ -447,7 +447,7 @@ describe('HttpApi', () => { Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Route', { RouteKey: 'GET /chickens', AuthorizationType: 'NONE', - AuthorizerId: Match.absentProperty(), + AuthorizerId: Match.absent(), }); }); @@ -469,7 +469,7 @@ describe('HttpApi', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Route', { - AuthorizationScopes: Match.absentProperty(), + AuthorizationScopes: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-cloudwatch/test/alarm.test.ts b/packages/@aws-cdk/aws-cloudwatch/test/alarm.test.ts index c2381d2891a86..afb2224eb2f50 100644 --- a/packages/@aws-cdk/aws-cloudwatch/test/alarm.test.ts +++ b/packages/@aws-cdk/aws-cloudwatch/test/alarm.test.ts @@ -126,7 +126,7 @@ describe('Alarm', () => { Namespace: 'CDK/Test', Period: 300, Statistic: 'Maximum', - ExtendedStatistic: Match.absentProperty(), + ExtendedStatistic: Match.absent(), Threshold: 1000, }); @@ -152,7 +152,7 @@ describe('Alarm', () => { MetricName: 'Metric', Namespace: 'CDK/Test', Period: 300, - Statistic: Match.absentProperty(), + Statistic: Match.absent(), ExtendedStatistic: 'p99', Threshold: 1000, }); @@ -270,7 +270,7 @@ describe('Alarm', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::CloudWatch::Alarm', { - Statistic: Match.absentProperty(), + Statistic: Match.absent(), ExtendedStatistic: 'tm99.9999999999', }); diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts index d6fc81f28c43c..2d2a72d48f767 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-client.test.ts @@ -63,7 +63,7 @@ describe('User Pool Client', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { - ExplicitAuthFlows: Match.absentProperty(), + ExplicitAuthFlows: Match.absent(), }); }); @@ -179,7 +179,7 @@ describe('User Pool Client', () => { Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { AllowedOAuthFlows: ['client_credentials'], - CallbackURLs: Match.absentProperty(), + CallbackURLs: Match.absent(), }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { @@ -206,7 +206,7 @@ describe('User Pool Client', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { - CallbackURLs: Match.absentProperty(), + CallbackURLs: Match.absent(), }); }); @@ -447,7 +447,7 @@ describe('User Pool Client', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { UserPoolId: stack.resolve(pool.userPoolId), - PreventUserExistenceErrors: Match.absentProperty(), + PreventUserExistenceErrors: Match.absent(), }); }); @@ -515,8 +515,8 @@ describe('User Pool Client', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { ClientName: 'OAuthDisabled', - AllowedOAuthFlows: Match.absentProperty(), - AllowedOAuthScopes: Match.absentProperty(), + AllowedOAuthFlows: Match.absent(), + AllowedOAuthScopes: Match.absent(), AllowedOAuthFlowsUserPoolClient: false, }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { @@ -551,7 +551,7 @@ describe('User Pool Client', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { - EnableTokenRevocation: Match.absentProperty(), + EnableTokenRevocation: Match.absent(), }); }); @@ -632,42 +632,42 @@ describe('User Pool Client', () => { Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { ClientName: 'Client2', AccessTokenValidity: 60, - IdTokenValidity: Match.absentProperty(), - RefreshTokenValidity: Match.absentProperty(), + IdTokenValidity: Match.absent(), + RefreshTokenValidity: Match.absent(), TokenValidityUnits: { AccessToken: 'minutes', - IdToken: Match.absentProperty(), - RefreshToken: Match.absentProperty(), + IdToken: Match.absent(), + RefreshToken: Match.absent(), }, }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { ClientName: 'Client3', - AccessTokenValidity: Match.absentProperty(), + AccessTokenValidity: Match.absent(), IdTokenValidity: 60, - RefreshTokenValidity: Match.absentProperty(), + RefreshTokenValidity: Match.absent(), TokenValidityUnits: { - AccessToken: Match.absentProperty(), + AccessToken: Match.absent(), IdToken: 'minutes', - RefreshToken: Match.absentProperty(), + RefreshToken: Match.absent(), }, }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { ClientName: 'Client4', - AccessTokenValidity: Match.absentProperty(), - IdTokenValidity: Match.absentProperty(), + AccessTokenValidity: Match.absent(), + IdTokenValidity: Match.absent(), RefreshTokenValidity: 43200, TokenValidityUnits: { - AccessToken: Match.absentProperty(), - IdToken: Match.absentProperty(), + AccessToken: Match.absent(), + IdToken: Match.absent(), RefreshToken: 'minutes', }, }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { ClientName: 'Client5', - TokenValidityUnits: Match.absentProperty(), - IdTokenValidity: Match.absentProperty(), - RefreshTokenValidity: Match.absentProperty(), - AccessTokenValidity: Match.absentProperty(), + TokenValidityUnits: Match.absent(), + IdTokenValidity: Match.absent(), + RefreshTokenValidity: Match.absent(), + AccessTokenValidity: Match.absent(), }); }); @@ -886,8 +886,8 @@ describe('User Pool Client', () => { // EXPECT Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPoolClient', { - ReadAttributes: Match.absentProperty(), - WriteAttributes: Match.absentProperty(), + ReadAttributes: Match.absent(), + WriteAttributes: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts index 0c61312222355..7b132803da2d6 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts @@ -17,7 +17,7 @@ describe('User Pool', () => { Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { AdminCreateUserConfig: { AllowAdminCreateUserOnly: true, - InviteMessageTemplate: Match.absentProperty(), + InviteMessageTemplate: Match.absent(), }, EmailVerificationMessage: 'The verification code to your new account is {####}', EmailVerificationSubject: 'Verify your new account', @@ -28,9 +28,9 @@ describe('User Pool', () => { EmailSubject: 'Verify your new account', SmsMessage: 'The verification code to your new account is {####}', }, - SmsAuthenticationMessage: Match.absentProperty(), - SmsConfiguration: Match.absentProperty(), - lambdaTriggers: Match.absentProperty(), + SmsAuthenticationMessage: Match.absent(), + SmsConfiguration: Match.absent(), + lambdaTriggers: Match.absent(), }); Template.fromStack(stack).hasResource('AWS::Cognito::UserPool', { @@ -68,8 +68,8 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - EmailVerificationMessage: Match.absentProperty(), - EmailVerificationSubject: Match.absentProperty(), + EmailVerificationMessage: Match.absent(), + EmailVerificationSubject: Match.absent(), SmsVerificationMessage: 'The verification code to your new account is {####}', VerificationMessageTemplate: { DefaultEmailOption: 'CONFIRM_WITH_LINK', @@ -415,8 +415,8 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - UsernameAttributes: Match.absentProperty(), - AliasAttributes: Match.absentProperty(), + UsernameAttributes: Match.absent(), + AliasAttributes: Match.absent(), }); }); @@ -438,7 +438,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - UsernameAttributes: Match.absentProperty(), + UsernameAttributes: Match.absent(), AliasAttributes: ['email'], }); }); @@ -455,7 +455,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { UsernameAttributes: ['email', 'phone_number'], - AliasAttributes: Match.absentProperty(), + AliasAttributes: Match.absent(), }); }); @@ -526,7 +526,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - UsernameConfiguration: Match.absentProperty(), + UsernameConfiguration: Match.absent(), }); }); @@ -638,7 +638,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { UserPoolName: 'Pool', - Schema: Match.absentProperty(), + Schema: Match.absent(), }); }); @@ -687,14 +687,14 @@ describe('User Pool', () => { { Name: 'custom-string-attr', AttributeDataType: 'String', - StringAttributeConstraints: Match.absentProperty(), - NumberAttributeConstraints: Match.absentProperty(), + StringAttributeConstraints: Match.absent(), + NumberAttributeConstraints: Match.absent(), }, { Name: 'custom-number-attr', AttributeDataType: 'Number', - StringAttributeConstraints: Match.absentProperty(), - NumberAttributeConstraints: Match.absentProperty(), + StringAttributeConstraints: Match.absent(), + NumberAttributeConstraints: Match.absent(), }, ], }); @@ -759,13 +759,13 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { UserPoolName: 'Pool1', - MfaConfiguration: Match.absentProperty(), - EnabledMfas: Match.absentProperty(), + MfaConfiguration: Match.absent(), + EnabledMfas: Match.absent(), }); Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { UserPoolName: 'Pool2', MfaConfiguration: 'OFF', - EnabledMfas: Match.absentProperty(), + EnabledMfas: Match.absent(), }); }); @@ -1120,7 +1120,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - AccountRecoverySetting: Match.absentProperty(), + AccountRecoverySetting: Match.absent(), }); }); @@ -1153,7 +1153,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - SmsConfiguration: Match.absentProperty(), + SmsConfiguration: Match.absent(), }); }); @@ -1245,7 +1245,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - SmsConfiguration: Match.absentProperty(), + SmsConfiguration: Match.absent(), }); }); @@ -1267,7 +1267,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - SmsConfiguration: Match.absentProperty(), + SmsConfiguration: Match.absent(), }); }); @@ -1351,7 +1351,7 @@ describe('User Pool', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', { - SmsConfiguration: Match.absentProperty(), + SmsConfiguration: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts b/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts index 5e098503de2eb..b417ff5bf106c 100644 --- a/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts +++ b/packages/@aws-cdk/aws-efs/test/efs-file-system.test.ts @@ -42,7 +42,7 @@ testLegacyBehavior('when @aws-cdk/aws-efs:defaultEncryptionAtRest is missing, en }); Template.fromStack(customStack).hasResourceProperties('AWS::EFS::FileSystem', { - Encrypted: Match.absentProperty(), + Encrypted: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-ivs/test/ivs.test.ts b/packages/@aws-cdk/aws-ivs/test/ivs.test.ts index 6e4cd765576e4..4104994ed882c 100644 --- a/packages/@aws-cdk/aws-ivs/test/ivs.test.ts +++ b/packages/@aws-cdk/aws-ivs/test/ivs.test.ts @@ -23,7 +23,7 @@ test('channel default properties', () => { new ivs.Channel(stack, 'Channel'); Template.fromStack(stack).hasResource('AWS::IVS::Channel', { - Properties: Match.absentProperty(), + Properties: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/s3-bucket.test.ts b/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/s3-bucket.test.ts index 448d0b8efcf40..74d37d180f954 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/s3-bucket.test.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations/test/s3-bucket.test.ts @@ -169,7 +169,7 @@ describe('S3 destination', () => { Template.fromStack(stack).resourceCountIs('AWS::Logs::LogGroup', 0); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { ExtendedS3DestinationConfiguration: { - CloudWatchLoggingOptions: Match.absentProperty(), + CloudWatchLoggingOptions: Match.absent(), }, }); }); @@ -548,7 +548,7 @@ describe('S3 destination', () => { Template.fromStack(stack).resourceCountIs('AWS::S3::Bucket', 1); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { ExtendedS3DestinationConfiguration: { - S3BackupConfiguration: Match.absentProperty(), + S3BackupConfiguration: Match.absent(), }, }); }); diff --git a/packages/@aws-cdk/aws-kinesisfirehose/test/delivery-stream.test.ts b/packages/@aws-cdk/aws-kinesisfirehose/test/delivery-stream.test.ts index f716e56a8f326..ec206b739ed01 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose/test/delivery-stream.test.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose/test/delivery-stream.test.ts @@ -47,10 +47,10 @@ describe('delivery stream', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { - DeliveryStreamEncryptionConfigurationInput: Match.absentProperty(), - DeliveryStreamName: Match.absentProperty(), + DeliveryStreamEncryptionConfigurationInput: Match.absent(), + DeliveryStreamName: Match.absent(), DeliveryStreamType: 'DirectPut', - KinesisStreamSourceConfiguration: Match.absentProperty(), + KinesisStreamSourceConfiguration: Match.absent(), ExtendedS3DestinationConfiguration: { BucketARN: bucketArn, RoleARN: roleArn, @@ -205,7 +205,7 @@ describe('delivery stream', () => { Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { DeliveryStreamType: 'DirectPut', DeliveryStreamEncryptionConfigurationInput: { - KeyARN: Match.absentProperty(), + KeyARN: Match.absent(), KeyType: 'AWS_OWNED_CMK', }, }); @@ -222,7 +222,7 @@ describe('delivery stream', () => { Template.fromStack(stack).resourceCountIs('AWS::IAM::Policy', 0); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { DeliveryStreamType: 'DirectPut', - DeliveryStreamEncryptionConfigurationInput: Match.absentProperty(), + DeliveryStreamEncryptionConfigurationInput: Match.absent(), }); }); @@ -326,7 +326,7 @@ describe('delivery stream', () => { DependsOn: [dependableId], }); Template.fromStack(stack).hasResource('AWS::IAM::Role', { - DependsOn: Match.absentProperty(), + DependsOn: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-neptune/test/cluster.test.ts b/packages/@aws-cdk/aws-neptune/test/cluster.test.ts index 74f4770a8a74c..f53af7911dc6c 100644 --- a/packages/@aws-cdk/aws-neptune/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-neptune/test/cluster.test.ts @@ -446,7 +446,7 @@ describe('DatabaseCluster', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Neptune::DBCluster', { - IamAuthEnabled: Match.absentProperty(), + IamAuthEnabled: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-redshift/test/cluster.test.ts b/packages/@aws-cdk/aws-redshift/test/cluster.test.ts index 910319b91bcd4..a1091815a30c1 100644 --- a/packages/@aws-cdk/aws-redshift/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-redshift/test/cluster.test.ts @@ -146,7 +146,7 @@ describe('node count', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Redshift::Cluster', { ClusterType: 'single-node', - NumberOfNodes: Match.absentProperty(), + NumberOfNodes: Match.absent(), }); }); @@ -164,7 +164,7 @@ describe('node count', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Redshift::Cluster', { ClusterType: 'single-node', - NumberOfNodes: Match.absentProperty(), + NumberOfNodes: Match.absent(), }); }); diff --git a/packages/@aws-cdk/aws-synthetics/test/canary.test.ts b/packages/@aws-cdk/aws-synthetics/test/canary.test.ts index c4583ef5494cf..27491d01b2850 100644 --- a/packages/@aws-cdk/aws-synthetics/test/canary.test.ts +++ b/packages/@aws-cdk/aws-synthetics/test/canary.test.ts @@ -229,7 +229,7 @@ test('environment variables are skipped if not provided', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::Synthetics::Canary', { - RunConfig: Match.absentProperty(), + RunConfig: Match.absent(), }); }); diff --git a/packages/@aws-cdk/example-construct-library/test/example-resource.test.ts b/packages/@aws-cdk/example-construct-library/test/example-resource.test.ts index 091c0c7d1f65a..db1e8d68d4830 100644 --- a/packages/@aws-cdk/example-construct-library/test/example-resource.test.ts +++ b/packages/@aws-cdk/example-construct-library/test/example-resource.test.ts @@ -56,7 +56,7 @@ describe('Example Resource', () => { 'Ref': 'ExampleResourceWaitConditionHandle9C53A8D3', }, // this is how you can check a given property is _not_ set - 'RandomProperty': Match.absentProperty(), + 'RandomProperty': Match.absent(), }); }); From 6d5462ebded8c15228c23037d9d573b70770422c Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Tue, 5 Oct 2021 22:36:33 +0300 Subject: [PATCH 21/43] chore(upgrade): use node 12.x (#16805) Since 10.x is end of life we now build against 12.x ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/workflows/yarn-upgrade.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml index 1017b89e35505..ea9f2bee5dd31 100644 --- a/.github/workflows/yarn-upgrade.yml +++ b/.github/workflows/yarn-upgrade.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Node uses: actions/setup-node@v2.4.1 with: - node-version: 10 + node-version: 12 - name: Locate Yarn cache id: yarn-cache From ecb94d792e3fb7055373236e9034da7823a40712 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Tue, 5 Oct 2021 23:04:54 +0200 Subject: [PATCH 22/43] chore: npm-check-updates && yarn upgrade (#16808) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- package.json | 12 +- packages/@aws-cdk/assertions/package.json | 2 +- .../@aws-cdk/aws-lambda-nodejs/package.json | 2 +- .../@aws-cdk/cloudformation-diff/package.json | 2 +- packages/aws-cdk-lib/package.json | 2 +- packages/aws-cdk/package.json | 6 +- packages/awslint/package.json | 10 +- packages/cdk-dasm/package.json | 2 +- packages/decdk/package.json | 4 +- packages/monocdk/package.json | 2 +- tools/@aws-cdk/cdk-build-tools/package.json | 14 +- tools/@aws-cdk/cfn2ts/package.json | 2 +- tools/@aws-cdk/eslint-plugin/package.json | 2 +- tools/@aws-cdk/pkglint/package.json | 6 +- tools/@aws-cdk/prlint/package.json | 2 +- yarn.lock | 702 +++++++++--------- 16 files changed, 387 insertions(+), 385 deletions(-) diff --git a/package.json b/package.json index 038642572d7b1..6ec755e06c01e 100644 --- a/package.json +++ b/package.json @@ -20,17 +20,17 @@ "fs-extra": "^9.1.0", "graceful-fs": "^4.2.8", "jest-junit": "^12.3.0", - "jsii-diff": "^1.35.0", - "jsii-pacmak": "^1.35.0", - "jsii-reflect": "^1.35.0", - "jsii-rosetta": "^1.35.0", + "jsii-diff": "^1.36.0", + "jsii-pacmak": "^1.36.0", + "jsii-reflect": "^1.36.0", + "jsii-rosetta": "^1.36.0", "lerna": "^4.0.0", "patch-package": "^6.4.7", "standard-version": "^9.3.1", "typescript": "~3.9.10" }, "resolutions": { - "string-width": "^4.2.2" + "string-width": "^4.2.3" }, "repository": { "type": "git", @@ -184,6 +184,6 @@ ] }, "dependencies": { - "string-width": "^4.2.2" + "string-width": "^4.2.3" } } diff --git a/packages/@aws-cdk/assertions/package.json b/packages/@aws-cdk/assertions/package.json index 58420966a5bfe..818bf9fa289ed 100644 --- a/packages/@aws-cdk/assertions/package.json +++ b/packages/@aws-cdk/assertions/package.json @@ -71,7 +71,7 @@ "diff": "^5.0.0", "fast-deep-equal": "^3.1.3", "string-width": "^4.2.3", - "table": "^6.7.1" + "table": "^6.7.2" }, "peerDependencies": { "@aws-cdk/cloud-assembly-schema": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index f289622c2e0dd..3bb6766b89ccf 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -71,7 +71,7 @@ "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^26.0.24", "delay": "5.0.0", - "esbuild": "^0.13.3" + "esbuild": "^0.13.4" }, "dependencies": { "@aws-cdk/aws-lambda": "0.0.0", diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 3ce9836319c90..373bdec4b156a 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -29,7 +29,7 @@ "diff": "^5.0.0", "fast-deep-equal": "^3.1.3", "string-width": "^4.2.3", - "table": "^6.7.1" + "table": "^6.7.2" }, "devDependencies": { "@aws-cdk/cdk-build-tools": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index ac9370bacd389..775a12f5ea799 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -120,7 +120,7 @@ "punycode": "^2.1.1", "semver": "^7.3.5", "string-width": "^4.2.3", - "table": "^6.7.1", + "table": "^6.7.2", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index dd93208985bed..69053b354d79c 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -38,7 +38,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/core": "0.0.0", - "@octokit/rest": "^18.11.2", + "@octokit/rest": "^18.11.4", "@types/archiver": "^5.3.0", "@types/fs-extra": "^8.1.2", "@types/glob": "^7.1.4", @@ -71,7 +71,7 @@ "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@jsii/check-node": "1.35.0", + "@jsii/check-node": "1.36.0", "archiver": "^5.3.0", "aws-sdk": "^2.979.0", "camelcase": "^6.2.0", @@ -86,7 +86,7 @@ "proxy-agent": "^5.0.0", "semver": "^7.3.5", "source-map-support": "^0.5.20", - "table": "^6.7.1", + "table": "^6.7.2", "uuid": "^8.3.2", "wrap-ansi": "^7.0.0", "yaml": "1.10.2", diff --git a/packages/awslint/package.json b/packages/awslint/package.json index dfeb04de7c825..bd292947d4fb4 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -18,11 +18,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.35.0", + "@jsii/spec": "^1.36.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.35.0", + "jsii-reflect": "^1.36.0", "yargs": "^16.2.0" }, "devDependencies": { @@ -31,14 +31,14 @@ "@types/yargs": "^15.0.14", "@aws-cdk/pkglint": "0.0.0", "typescript": "~3.9.10", - "@typescript-eslint/eslint-plugin": "^4.32.0", - "@typescript-eslint/parser": "^4.32.0", + "@typescript-eslint/eslint-plugin": "^4.33.0", + "@typescript-eslint/parser": "^4.33.0", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.6", "eslint-import-resolver-typescript": "^2.5.0", "@aws-cdk/eslint-plugin": "0.0.0", "eslint-plugin-import": "^2.24.2", - "eslint-plugin-jest": "^24.5.0", + "eslint-plugin-jest": "^24.5.2", "jest": "^26.6.3" }, "repository": { diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index 5d01252117bb9..d781a93ec1e56 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -28,7 +28,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.35.0", + "codemaker": "^1.36.0", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 7158187c19bea..3af4c634c0146 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -242,7 +242,7 @@ "@aws-cdk/region-info": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.35.0", + "jsii-reflect": "^1.36.0", "jsonschema": "^1.4.0", "yaml": "1.10.2", "yargs": "^16.2.0" @@ -253,7 +253,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.14", "jest": "^26.6.3", - "jsii": "^1.35.0" + "jsii": "^1.36.0" }, "keywords": [ "aws", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index 3556d8f83a862..fe897c32de354 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -117,7 +117,7 @@ "punycode": "^2.1.1", "semver": "^7.3.5", "string-width": "^4.2.3", - "table": "^6.7.1", + "table": "^6.7.2", "yaml": "1.10.2" }, "devDependencies": { diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index a1e7e5eeeeceb..808d73fca527a 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -42,8 +42,8 @@ "@aws-cdk/pkglint": "0.0.0" }, "dependencies": { - "@typescript-eslint/eslint-plugin": "^4.32.0", - "@typescript-eslint/parser": "^4.32.0", + "@typescript-eslint/eslint-plugin": "^4.33.0", + "@typescript-eslint/parser": "^4.33.0", "awslint": "0.0.0", "colors": "^1.4.0", "eslint": "^7.32.0", @@ -51,14 +51,14 @@ "eslint-import-resolver-typescript": "^2.5.0", "@aws-cdk/eslint-plugin": "0.0.0", "eslint-plugin-import": "^2.24.2", - "eslint-plugin-jest": "^24.5.0", + "eslint-plugin-jest": "^24.5.2", "fs-extra": "^9.1.0", "jest": "^26.6.3", "jest-junit": "^11.1.0", - "jsii": "^1.35.0", - "jsii-pacmak": "^1.35.0", - "jsii-reflect": "^1.35.0", - "markdownlint-cli": "^0.28.1", + "jsii": "^1.36.0", + "jsii-pacmak": "^1.36.0", + "jsii-reflect": "^1.36.0", + "markdownlint-cli": "^0.29.0", "nyc": "^15.1.0", "semver": "^7.3.5", "ts-jest": "^26.5.6", diff --git a/tools/@aws-cdk/cfn2ts/package.json b/tools/@aws-cdk/cfn2ts/package.json index 8e63cb8a9c54d..92dbf591de580 100644 --- a/tools/@aws-cdk/cfn2ts/package.json +++ b/tools/@aws-cdk/cfn2ts/package.json @@ -32,7 +32,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.35.0", + "codemaker": "^1.36.0", "fast-json-patch": "^3.1.0", "fs-extra": "^9.1.0", "yargs": "^16.2.0" diff --git a/tools/@aws-cdk/eslint-plugin/package.json b/tools/@aws-cdk/eslint-plugin/package.json index 3b78e3b81fe37..60cf20ed45b16 100644 --- a/tools/@aws-cdk/eslint-plugin/package.json +++ b/tools/@aws-cdk/eslint-plugin/package.json @@ -24,7 +24,7 @@ "typescript": "~3.9.10" }, "dependencies": { - "@typescript-eslint/parser": "^4.32.0", + "@typescript-eslint/parser": "^4.33.0", "eslint": "^7.32.0", "fs-extra": "^9.1.0" }, diff --git a/tools/@aws-cdk/pkglint/package.json b/tools/@aws-cdk/pkglint/package.json index b94b9d921b037..b87f7f7caa817 100644 --- a/tools/@aws-cdk/pkglint/package.json +++ b/tools/@aws-cdk/pkglint/package.json @@ -43,12 +43,12 @@ "@types/jest": "^26.0.24", "@types/semver": "^7.3.8", "@types/yargs": "^15.0.14", - "@typescript-eslint/eslint-plugin": "^4.32.0", - "@typescript-eslint/parser": "^4.32.0", + "@typescript-eslint/eslint-plugin": "^4.33.0", + "@typescript-eslint/parser": "^4.33.0", "eslint-import-resolver-node": "^0.3.6", "eslint-import-resolver-typescript": "^2.5.0", "eslint-plugin-import": "^2.24.2", - "eslint-plugin-jest": "^24.5.0", + "eslint-plugin-jest": "^24.5.2", "eslint": "^7.32.0", "jest": "^26.6.3", "typescript": "~3.9.10" diff --git a/tools/@aws-cdk/prlint/package.json b/tools/@aws-cdk/prlint/package.json index f21df994d1262..1c45caf95233d 100644 --- a/tools/@aws-cdk/prlint/package.json +++ b/tools/@aws-cdk/prlint/package.json @@ -19,7 +19,7 @@ "glob": "^7.2.0" }, "devDependencies": { - "@types/fs-extra": "^9.0.12", + "@types/fs-extra": "^9.0.13", "@types/glob": "^7.1.4", "@types/jest": "^26.0.24", "jest": "^26.6.3", diff --git a/yarn.lock b/yarn.lock index 49164c52f05b2..289f8cfa5a7e4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -576,18 +576,18 @@ "@types/yargs" "^15.0.0" chalk "^4.0.0" -"@jsii/check-node@1.35.0": - version "1.35.0" - resolved "https://registry.yarnpkg.com/@jsii/check-node/-/check-node-1.35.0.tgz#988aaeee0aa0b829f3d58534b1faa30f5cc98168" - integrity sha512-fnybJqSJx6qLi5Qk5ji1qGGJNW/UGlxz7PglLMiq6rtTCiFmIsn3DF1Rr2HJq7Wz69wdka8SqQ7n3rxUA45Ulw== +"@jsii/check-node@1.36.0": + version "1.36.0" + resolved "https://registry.yarnpkg.com/@jsii/check-node/-/check-node-1.36.0.tgz#010db7eb8477f96cc491d9433b3003634764205a" + integrity sha512-/WgRJ93hg7a6H/VTOhE9366VjvrW5HU0wGtO/i3zskxBpK6LmpnYhw69AiGvmAZHyBaUuJ2KGCSa7TEge62NwA== dependencies: chalk "^4.1.2" semver "^7.3.5" -"@jsii/spec@^1.35.0": - version "1.35.0" - resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.35.0.tgz#27ae3f3c6aa05ca5959078437cf574d1540b2bbc" - integrity sha512-zcOdxDKztpe4w/X/aosP3ChPjCsqF82xlk7LyCJwspK333sOIy6ChhIMDOu16ba9iZyQ6DoDy4s1UfFPqZRIlw== +"@jsii/spec@^1.36.0": + version "1.36.0" + resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.36.0.tgz#be7ed06d10c358009b8c329ef8203b7dd8216b60" + integrity sha512-CZrol5FphC3WZdaEYWRyCysbc6IRvaXjHOlFgjin4RJ9MrAdskcH0/x/Hyez1PwFkZl1f2qWFwVG3L9eA5+Fsg== dependencies: jsonschema "^1.4.0" @@ -1327,9 +1327,9 @@ rimraf "^3.0.2" "@npmcli/node-gyp@^1.0.2": - version "1.0.2" - resolved "https://registry.yarnpkg.com/@npmcli/node-gyp/-/node-gyp-1.0.2.tgz#3cdc1f30e9736dbc417373ed803b42b1a0a29ede" - integrity sha512-yrJUe6reVMpktcvagumoqD9r08fH1iRo01gn1u0zoCApa9lnZGEigVKUd2hzsCId4gdtkZZIVscLhNxMECKgRg== + version "1.0.3" + resolved "https://registry.yarnpkg.com/@npmcli/node-gyp/-/node-gyp-1.0.3.tgz#a912e637418ffc5f2db375e93b85837691a43a33" + integrity sha512-fnkhw+fmX65kiLqk6E3BFLXNC26rUhK90zVwe2yncPliVT/Qos3xjhTLE59Df8KnPlcwIERXKVlU1bXoUQ+liA== "@npmcli/promise-spawn@^1.2.0", "@npmcli/promise-spawn@^1.3.2": version "1.3.2" @@ -1386,10 +1386,10 @@ "@octokit/types" "^6.0.3" universal-user-agent "^6.0.0" -"@octokit/openapi-types@^10.6.1": - version "10.6.1" - resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-10.6.1.tgz#4eb303e7da4de3d17216db80e3be6309f03b9fcc" - integrity sha512-53YKy8w8+sHQhUONhTiYt6MqNqPolejYr6rK/3VOevpORAIYGQEX2pmXnnhgdSsjHy176e5ZBgVt0ppOGziS7g== +"@octokit/openapi-types@^10.6.4": + version "10.6.4" + resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-10.6.4.tgz#c8b5b1f5c60ab7c62858abe2ef57bc709f426a30" + integrity sha512-JVmwWzYTIs6jACYOwD6zu5rdrqGIYsiAsLzTCxdrWIPNKNVjEF6vPTL20shmgJ4qZsq7WPBcLXLsaQD+NLChfg== "@octokit/plugin-enterprise-rest@^6.0.1": version "6.0.1" @@ -1403,12 +1403,12 @@ dependencies: "@octokit/types" "^2.0.1" -"@octokit/plugin-paginate-rest@^2.16.0": - version "2.16.5" - resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.5.tgz#4d8098410f4c4697d33979f06f38d2ed2574adf1" - integrity sha512-2PfRGymdBypqRes4Xelu0BAZZRCV/Qg0xgo8UB10UKoghCM+zg640+T5WkRsRD0edwfLBPP3VsJgDyDTG4EIYg== +"@octokit/plugin-paginate-rest@^2.16.4": + version "2.16.7" + resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.7.tgz#d25b6e650ba5a007002986f5fda66958d44e70a4" + integrity sha512-TMlyVhMPx6La1Ud4PSY4YxqAvb9YPEMs/7R1nBSbsw4wNqG73aBqls0r0dRRCWe5Pm0ZUGS9a94N46iAxlOR8A== dependencies: - "@octokit/types" "^6.31.0" + "@octokit/types" "^6.31.3" "@octokit/plugin-request-log@^1.0.0", "@octokit/plugin-request-log@^1.0.4": version "1.0.4" @@ -1423,12 +1423,12 @@ "@octokit/types" "^2.0.1" deprecation "^2.3.1" -"@octokit/plugin-rest-endpoint-methods@5.11.3": - version "5.11.3" - resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.11.3.tgz#d3b01fafb4a64bf7da4e3852f969cb65293e78ae" - integrity sha512-E19gqHqfP3uJa2/hx6Abhx2NrVP5tsNbst2/AeqGxlGM+eL4N8fRbzhd+NEIsGAB4y3R7e9kVE0y8OOghlXUXw== +"@octokit/plugin-rest-endpoint-methods@5.11.4": + version "5.11.4" + resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.11.4.tgz#221dedcbdc45d6bfa54228d469e8c34acb4e0e34" + integrity sha512-iS+GYTijrPUiEiLoDsGJhrbXIvOPfm2+schvr+FxNMs7PeE9Nl4bAMhE8ftfNX3Z1xLxSKwEZh0O7GbWurX5HQ== dependencies: - "@octokit/types" "^6.31.1" + "@octokit/types" "^6.31.2" deprecation "^2.3.1" "@octokit/request-error@^1.0.2": @@ -1450,9 +1450,9 @@ once "^1.4.0" "@octokit/request@^5.2.0", "@octokit/request@^5.6.0": - version "5.6.1" - resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.6.1.tgz#f97aff075c37ab1d427c49082fefeef0dba2d8ce" - integrity sha512-Ls2cfs1OfXaOKzkcxnqw5MR6drMA/zWX/LIS/p8Yjdz7QKTPQLMsB3R+OvoxE6XnXeXEE2X7xe4G4l4X0gRiKQ== + version "5.6.2" + resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.6.2.tgz#1aa74d5da7b9e04ac60ef232edd9a7438dcf32d8" + integrity sha512-je66CvSEVf0jCpRISxkUcCa0UkxmFs6eGDRSbfJtAVwbLH5ceqF+YEyC8lj8ystKyZTy8adWr0qmkY52EfOeLA== dependencies: "@octokit/endpoint" "^6.0.1" "@octokit/request-error" "^2.1.0" @@ -1483,15 +1483,15 @@ once "^1.4.0" universal-user-agent "^4.0.0" -"@octokit/rest@^18.1.0", "@octokit/rest@^18.11.2": - version "18.11.2" - resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-18.11.2.tgz#0a38cd42f5e41128276099fa0513f456044a4a52" - integrity sha512-XZPD5HN0B8AfvXhdztFqoZxNVC6hRgQSZTWS1Eh0xHAoJvduVBwniWJ0t4DsdO9in+odZZ9EYAOFtQuaLVZ44Q== +"@octokit/rest@^18.1.0", "@octokit/rest@^18.11.4": + version "18.11.4" + resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-18.11.4.tgz#9fb6d826244554fbf8c110b9064018d7198eec51" + integrity sha512-QplypCyYxqMK05JdMSm/bDWZO8VWWaBdzQ9tbF9rEV9rIEiICh+v6q+Vu/Y5hdze8JJaxfUC+PBC7vrnEkZvZg== dependencies: "@octokit/core" "^3.5.1" - "@octokit/plugin-paginate-rest" "^2.16.0" + "@octokit/plugin-paginate-rest" "^2.16.4" "@octokit/plugin-request-log" "^1.0.4" - "@octokit/plugin-rest-endpoint-methods" "5.11.3" + "@octokit/plugin-rest-endpoint-methods" "5.11.4" "@octokit/types@^2.0.0", "@octokit/types@^2.0.1": version "2.16.2" @@ -1500,12 +1500,12 @@ dependencies: "@types/node" ">= 8" -"@octokit/types@^6.0.3", "@octokit/types@^6.16.1", "@octokit/types@^6.31.0", "@octokit/types@^6.31.1": - version "6.31.1" - resolved "https://registry.yarnpkg.com/@octokit/types/-/types-6.31.1.tgz#223d062778bb6121635a022d3bf545d506fcc880" - integrity sha512-xkF46eaYcpT8ieO78mZWhMq3bt37zIsP5BUkN+zWgX+mTYDB7jOtUP1MOxcSF8hhJhsjjlB1YDgQAhX0z0oqPw== +"@octokit/types@^6.0.3", "@octokit/types@^6.16.1", "@octokit/types@^6.31.2", "@octokit/types@^6.31.3": + version "6.31.3" + resolved "https://registry.yarnpkg.com/@octokit/types/-/types-6.31.3.tgz#14c2961baea853b2bf148d892256357a936343f8" + integrity sha512-IUG3uMpsLHrtEL6sCVXbxCgnbKcgpkS4K7gVEytLDvYYalkK3XcuMCHK1YPD8xJglSJAOAbL4MgXp47rS9G49w== dependencies: - "@octokit/openapi-types" "^10.6.1" + "@octokit/openapi-types" "^10.6.4" "@sinonjs/commons@^1.6.0", "@sinonjs/commons@^1.7.0", "@sinonjs/commons@^1.8.1", "@sinonjs/commons@^1.8.3": version "1.8.3" @@ -1641,7 +1641,7 @@ dependencies: "@types/node" "*" -"@types/fs-extra@^9.0.12": +"@types/fs-extra@^9.0.13": version "9.0.13" resolved "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.13.tgz#7594fbae04fe7f1918ce8b3d213f74ff44ac1f45" integrity sha512-nEnwB++1u5lVDM2UI4c1+5R+FYaKfaAzS4OococimjVm3nQw3TuzH5UNsocrcTBbhnerblyHj4A49qXbIiZdpA== @@ -1740,9 +1740,9 @@ integrity sha512-uv53RrNdhbkV/3VmVCtfImfYCWC3GTTRn3R11Whni3EJ+gb178tkZBVNj2edLY5CMrB749dQi+SJkg87jsN8UQ== "@types/node@*", "@types/node@>= 8", "@types/node@^16.9.2": - version "16.10.1" - resolved "https://registry.yarnpkg.com/@types/node/-/node-16.10.1.tgz#f3647623199ca920960006b3dccf633ea905f243" - integrity sha512-4/Z9DMPKFexZj/Gn3LylFgamNKHm4K3QDi0gz9B26Uk0c8izYf97B5fxfpspMNkWlFupblKM/nV8+NA9Ffvr+w== + version "16.10.2" + resolved "https://registry.yarnpkg.com/@types/node/-/node-16.10.2.tgz#5764ca9aa94470adb4e1185fe2e9f19458992b2e" + integrity sha512-zCclL4/rx+W5SQTzFs9wyvvyCwoK9QtBpratqz2IYJ3O8Umrn0m3nsTv0wQBk9sRGpvUe9CwPDrQFB10f1FIjQ== "@types/node@^10.17.60": version "10.17.60" @@ -1858,13 +1858,13 @@ resolved "https://registry.yarnpkg.com/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.5.tgz#9639020e1fb65120a2f4387db8f1e8b63efdf229" integrity sha512-8NYnGOctzsI4W0ApsP/BIHD/LnxpJ6XaGf2AZmz4EyDYJMxtprN4279dLNI1CPZcwC9H18qYcaFv4bXi0wmokg== -"@typescript-eslint/eslint-plugin@^4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.32.0.tgz#46d2370ae9311092f2a6f7246d28357daf2d4e89" - integrity sha512-+OWTuWRSbWI1KDK8iEyG/6uK2rTm3kpS38wuVifGUTDB6kjEuNrzBI1MUtxnkneuWG/23QehABe2zHHrj+4yuA== +"@typescript-eslint/eslint-plugin@^4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz#c24dc7c8069c7706bc40d99f6fa87edcb2005276" + integrity sha512-aINiAxGVdOl1eJyVjaWn/YcVAq4Gi/Yo35qHGCnqbWVz61g39D0h23veY/MA0rFFGfxK7TySg2uwDeNv+JgVpg== dependencies: - "@typescript-eslint/experimental-utils" "4.32.0" - "@typescript-eslint/scope-manager" "4.32.0" + "@typescript-eslint/experimental-utils" "4.33.0" + "@typescript-eslint/scope-manager" "4.33.0" debug "^4.3.1" functional-red-black-tree "^1.0.1" ignore "^5.1.8" @@ -1872,60 +1872,60 @@ semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/experimental-utils@4.32.0", "@typescript-eslint/experimental-utils@^4.0.1": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.32.0.tgz#53a8267d16ca5a79134739129871966c56a59dc4" - integrity sha512-WLoXcc+cQufxRYjTWr4kFt0DyEv6hDgSaFqYhIzQZ05cF+kXfqXdUh+//kgquPJVUBbL3oQGKQxwPbLxHRqm6A== +"@typescript-eslint/experimental-utils@4.33.0", "@typescript-eslint/experimental-utils@^4.0.1": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.33.0.tgz#6f2a786a4209fa2222989e9380b5331b2810f7fd" + integrity sha512-zeQjOoES5JFjTnAhI5QY7ZviczMzDptls15GFsI6jyUOq0kOf9+WonkhtlIhh0RgHRnqj5gdNxW5j1EvAyYg6Q== dependencies: "@types/json-schema" "^7.0.7" - "@typescript-eslint/scope-manager" "4.32.0" - "@typescript-eslint/types" "4.32.0" - "@typescript-eslint/typescript-estree" "4.32.0" + "@typescript-eslint/scope-manager" "4.33.0" + "@typescript-eslint/types" "4.33.0" + "@typescript-eslint/typescript-estree" "4.33.0" eslint-scope "^5.1.1" eslint-utils "^3.0.0" -"@typescript-eslint/parser@^4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.32.0.tgz#751ecca0e2fecd3d44484a9b3049ffc1871616e5" - integrity sha512-lhtYqQ2iEPV5JqV7K+uOVlPePjClj4dOw7K4/Z1F2yvjIUvyr13yJnDzkK6uon4BjHYuHy3EG0c2Z9jEhFk56w== +"@typescript-eslint/parser@^4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.33.0.tgz#dfe797570d9694e560528d18eecad86c8c744899" + integrity sha512-ZohdsbXadjGBSK0/r+d87X0SBmKzOq4/S5nzK6SBgJspFo9/CUDJ7hjayuze+JK7CZQLDMroqytp7pOcFKTxZA== dependencies: - "@typescript-eslint/scope-manager" "4.32.0" - "@typescript-eslint/types" "4.32.0" - "@typescript-eslint/typescript-estree" "4.32.0" + "@typescript-eslint/scope-manager" "4.33.0" + "@typescript-eslint/types" "4.33.0" + "@typescript-eslint/typescript-estree" "4.33.0" debug "^4.3.1" -"@typescript-eslint/scope-manager@4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.32.0.tgz#e03c8668f8b954072b3f944d5b799c0c9225a7d5" - integrity sha512-DK+fMSHdM216C0OM/KR1lHXjP1CNtVIhJ54kQxfOE6x8UGFAjha8cXgDMBEIYS2XCYjjCtvTkjQYwL3uvGOo0w== +"@typescript-eslint/scope-manager@4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz#d38e49280d983e8772e29121cf8c6e9221f280a3" + integrity sha512-5IfJHpgTsTZuONKbODctL4kKuQje/bzBRkwHE8UOZ4f89Zeddg+EGZs8PD8NcN4LdM3ygHWYB3ukPAYjvl/qbQ== dependencies: - "@typescript-eslint/types" "4.32.0" - "@typescript-eslint/visitor-keys" "4.32.0" + "@typescript-eslint/types" "4.33.0" + "@typescript-eslint/visitor-keys" "4.33.0" -"@typescript-eslint/types@4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.32.0.tgz#52c633c18da47aee09449144bf59565ab36df00d" - integrity sha512-LE7Z7BAv0E2UvqzogssGf1x7GPpUalgG07nGCBYb1oK4mFsOiFC/VrSMKbZQzFJdN2JL5XYmsx7C7FX9p9ns0w== +"@typescript-eslint/types@4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.33.0.tgz#a1e59036a3b53ae8430ceebf2a919dc7f9af6d72" + integrity sha512-zKp7CjQzLQImXEpLt2BUw1tvOMPfNoTAfb8l51evhYbOEEzdWyQNmHWWGPR6hwKJDAi+1VXSBmnhL9kyVTTOuQ== -"@typescript-eslint/typescript-estree@4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.32.0.tgz#db00ccc41ccedc8d7367ea3f50c6994b8efa9f3b" - integrity sha512-tRYCgJ3g1UjMw1cGG8Yn1KzOzNlQ6u1h9AmEtPhb5V5a1TmiHWcRyF/Ic+91M4f43QeChyYlVTcf3DvDTZR9vw== +"@typescript-eslint/typescript-estree@4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz#0dfb51c2908f68c5c08d82aefeaf166a17c24609" + integrity sha512-rkWRY1MPFzjwnEVHsxGemDzqqddw2QbTJlICPD9p9I9LfsO8fdmfQPOX3uKfUaGRDFJbfrtm/sXhVXN4E+bzCA== dependencies: - "@typescript-eslint/types" "4.32.0" - "@typescript-eslint/visitor-keys" "4.32.0" + "@typescript-eslint/types" "4.33.0" + "@typescript-eslint/visitor-keys" "4.33.0" debug "^4.3.1" globby "^11.0.3" is-glob "^4.0.1" semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/visitor-keys@4.32.0": - version "4.32.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.32.0.tgz#455ba8b51242f2722a497ffae29313f33b14cb7f" - integrity sha512-e7NE0qz8W+atzv3Cy9qaQ7BTLwWsm084Z0c4nIO2l3Bp6u9WIgdqCgyPyV5oSPDMIW3b20H59OOCmVk3jw3Ptw== +"@typescript-eslint/visitor-keys@4.33.0": + version "4.33.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz#2a22f77a41604289b7a186586e9ec48ca92ef1dd" + integrity sha512-uqi/2aSz9g2ftcHWf8uLPJA70rUv6yuMW5Bohw+bwcuzaxQIHaKFZCKGoGXIrc9vkTJ3+0txM73K0Hq3d5wgIg== dependencies: - "@typescript-eslint/types" "4.32.0" + "@typescript-eslint/types" "4.33.0" eslint-visitor-keys "^2.0.0" "@xmldom/xmldom@^0.7.5": @@ -2202,15 +2202,15 @@ array-ify@^1.0.0: integrity sha1-nlKHYrSpBmrRY6aWKjZEGOlibs4= array-includes@^3.1.3: - version "3.1.3" - resolved "https://registry.yarnpkg.com/array-includes/-/array-includes-3.1.3.tgz#c7f619b382ad2afaf5326cddfdc0afc61af7690a" - integrity sha512-gcem1KlBU7c9rB+Rq8/3PPKsK2kjqeEBa3bD5kkQo4nYlOHQCJqIJFqBXDEfwaRuYTT4E+FxA9xez7Gf/e3Q7A== + version "3.1.4" + resolved "https://registry.yarnpkg.com/array-includes/-/array-includes-3.1.4.tgz#f5b493162c760f3539631f005ba2bb46acb45ba9" + integrity sha512-ZTNSQkmWumEbiHO2GF4GmWxYVTiQyJy2XOTa15sdQSrvKn7l+180egQMqlrMOUMCyLMD7pmyQe4mMDUT6Behrw== dependencies: call-bind "^1.0.2" define-properties "^1.1.3" - es-abstract "^1.18.0-next.2" + es-abstract "^1.19.1" get-intrinsic "^1.1.1" - is-string "^1.0.5" + is-string "^1.0.7" array-union@^2.1.0: version "2.1.0" @@ -2223,13 +2223,13 @@ array-unique@^0.3.2: integrity sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg= array.prototype.flat@^1.2.4: - version "1.2.4" - resolved "https://registry.yarnpkg.com/array.prototype.flat/-/array.prototype.flat-1.2.4.tgz#6ef638b43312bd401b4c6199fdec7e2dc9e9a123" - integrity sha512-4470Xi3GAPAjZqFcljX2xzckv1qeKPizoNkiS0+O4IoPR2ZNpcjE0pkhdihlDouK+x6QOast26B4Q/O9DJnwSg== + version "1.2.5" + resolved "https://registry.yarnpkg.com/array.prototype.flat/-/array.prototype.flat-1.2.5.tgz#07e0975d84bbc7c48cd1879d609e682598d33e13" + integrity sha512-KaYU+S+ndVqyUnignHftkwc58o3uVU1jzczILJ1tN2YaIZpFIKBiP/x/j97E5MVPsaCloPbqWLB/8qCTVvT2qg== dependencies: - call-bind "^1.0.0" + call-bind "^1.0.2" define-properties "^1.1.3" - es-abstract "^1.18.0-next.1" + es-abstract "^1.19.0" arrify@^1.0.1: version "1.0.1" @@ -2315,9 +2315,9 @@ aws-sdk-mock@^5.4.0: traverse "^0.6.6" aws-sdk@^2.596.0, aws-sdk@^2.848.0, aws-sdk@^2.928.0, aws-sdk@^2.979.0: - version "2.996.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.996.0.tgz#0cee788fba00df15685f0dc27989824f06b97abc" - integrity sha512-LZcus/r/36lwmGhRcwwllzQUucZ6sozDt3r78lXqdaQzZNbv44K44nXsqCPH2UpTcznrVUSJOW+o5s8yEbKFzg== + version "2.1001.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1001.0.tgz#c4da256aa0058438ba611ae06fa850f4f7d63abc" + integrity sha512-DpmslPU8myCaaRUwMzB/SqAMtD2zQckxYwq3CguIv8BI+JHxDLeTdPCLfA5jffQ8k6dcvISOuiqdpwCZucU0BA== dependencies: buffer "4.9.2" events "1.1.1" @@ -2493,15 +2493,15 @@ browser-process-hrtime@^1.0.0: integrity sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow== browserslist@^4.16.6: - version "4.17.1" - resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.17.1.tgz#a98d104f54af441290b7d592626dd541fa642eb9" - integrity sha512-aLD0ZMDSnF4lUt4ZDNgqi5BUn9BZ7YdQdI/cYlILrhdSSZJLU9aNZoD5/NBmM4SK34APB2e83MOsRt1EnkuyaQ== + version "4.17.3" + resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.17.3.tgz#2844cd6eebe14d12384b0122d217550160d2d624" + integrity sha512-59IqHJV5VGdcJZ+GZ2hU5n4Kv3YiASzW6Xk5g9tf5a/MAzGeFwgGWU39fVzNIOVcgB3+Gp+kiQu0HEfTVU/3VQ== dependencies: - caniuse-lite "^1.0.30001259" - electron-to-chromium "^1.3.846" + caniuse-lite "^1.0.30001264" + electron-to-chromium "^1.3.857" escalade "^3.1.1" - nanocolors "^0.1.5" - node-releases "^1.1.76" + node-releases "^1.1.77" + picocolors "^0.2.1" bs-logger@0.x: version "0.2.6" @@ -2650,10 +2650,10 @@ camelcase@^6.0.0, camelcase@^6.2.0: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.2.0.tgz#924af881c9d525ac9d87f40d964e5cea982a1809" integrity sha512-c7wVvbw3f37nuobQNtgsgG9POC9qMbNuMQmTCqZv23b6MIz0fcYpBiOlv9gEN/hdLdnZTDQhg6e9Dq5M1vKvfg== -caniuse-lite@^1.0.30001259: - version "1.0.30001261" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001261.tgz#96d89813c076ea061209a4e040d8dcf0c66a1d01" - integrity sha512-vM8D9Uvp7bHIN0fZ2KQ4wnmYFpJo/Etb4Vwsuc+ka0tfGDHvOPrFm6S/7CCNLSOkAUjenT2HnUPESdOIL91FaA== +caniuse-lite@^1.0.30001264: + version "1.0.30001264" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001264.tgz#88f625a60efb6724c7c62ac698bc8dbd9757e55b" + integrity sha512-Ftfqqfcs/ePiUmyaySsQ4PUsdcYyXG2rfoBVsk3iY1ahHaJEw65vfb7Suzqm+cEkwwPIv/XWkg27iCpRavH4zA== capture-exit@^2.0.0: version "2.0.0" @@ -2823,13 +2823,13 @@ co@^4.6.0: resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ= -codemaker@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.35.0.tgz#4f486f66f534af79aab29752831b375461aa1968" - integrity sha512-CJTtcTtaHpOl7+N76qF8GIsDJCa8d7xhtMGuL72zdG9X9xvO/aOQc1GA49g4J0qaUSLA8TjIyyL8vgOyUnAlwQ== +codemaker@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.36.0.tgz#d2a859b8db75ee524c201a09a1641f592d6c676b" + integrity sha512-Ey1aIPW5OkkKyRcqoWE61MAc5ghfDrnxysGUmauTy0RyL6sXPjYuxZXQWjqsHHQ35fCH5i7/rifoifE+jkZQhQ== dependencies: camelcase "^6.2.0" - decamelize "^5.0.0" + decamelize "^5.0.1" fs-extra "^9.1.0" collect-v8-coverage@^1.0.0: @@ -2889,10 +2889,10 @@ combined-stream@^1.0.6, combined-stream@^1.0.8, combined-stream@~1.0.6: dependencies: delayed-stream "~1.0.0" -commander@~8.0.0: - version "8.0.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-8.0.0.tgz#1da2139548caef59bd23e66d18908dfb54b02258" - integrity sha512-Xvf85aAtu6v22+E5hfVoLHqyul/jyxh91zvqk/ioJTQuJR7Z78n7H558vMPKanPSRgIEeZemT92I2g9Y8LPbSQ== +commander@~8.2.0: + version "8.2.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-8.2.0.tgz#37fe2bde301d87d47a53adeff8b5915db1381ca8" + integrity sha512-LLKxDvHeL91/8MIyTAD5BFMNtoIwztGPMiM/7Bl8rIPmHCZXRxmSWr91h57dpOpnQ6jIUqEWdXE/uBYMfiVZDA== commondir@^1.0.1: version "1.0.1" @@ -2961,9 +2961,9 @@ console-control-strings@^1.0.0, console-control-strings@~1.1.0: integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= constructs@^3.3.69: - version "3.3.156" - resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.156.tgz#9fc0a2e9806d3f4d3be18af03cd3c2cab3db97e8" - integrity sha512-rlgYsGqXLi3tMSVz251MvzFjXXBCrGPy/8pIfjeh2fuBjPsvIx9I6AMNHnlhEVaEt7YRPHHuYKoVs1488ifAWA== + version "3.3.160" + resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.160.tgz#bdea4785ff99ed76886e83c98ec3f5f2161efbac" + integrity sha512-DFIYE/hzUrIIcm87cpJIg4WlwEnwjnRwEGOlfNMrRImW7nx4v/ErDd1nW1/rWOR0p5e10Hgu+wCNdcGH8felRA== conventional-changelog-angular@^5.0.12: version "5.0.13" @@ -3340,7 +3340,7 @@ decamelize@^1.1.0, decamelize@^1.2.0: resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" integrity sha1-9lNNFRSCabIDUue+4m9QH5oZEpA= -decamelize@^5.0.0, decamelize@^5.0.1: +decamelize@^5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-5.0.1.tgz#db11a92e58c741ef339fb0a2868d8a06a9a7b1e9" integrity sha512-VfxadyCECXgQlkoEAjeghAr5gY3Hf+IKjKb+X8tGVDtveCjN+USwprd2q3QXBR9T1+x2DG0XZF5/w+7HAtSaXA== @@ -3604,10 +3604,10 @@ ecc-jsbn@~0.1.1: jsbn "~0.1.0" safer-buffer "^2.1.0" -electron-to-chromium@^1.3.846: - version "1.3.853" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.853.tgz#f3ed1d31f092cb3a17af188bca6c6a3ec91c3e82" - integrity sha512-W4U8n+U8I5/SUaFcqZgbKRmYZwcyEIQVBDf+j5QQK6xChjXnQD+wj248eGR9X4u+dDmDR//8vIfbu4PrdBBIoQ== +electron-to-chromium@^1.3.857: + version "1.3.859" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.859.tgz#4e0abc918e1c22b306ba13b4c3649f78295f5937" + integrity sha512-gXRXKNWedfdiKIzwr0Mg/VGCvxXzy+4SuK9hp1BDvfbCwx0O5Ot+2f4CoqQkqEJ3Zj/eAV/GoAFgBVFgkBLXuQ== emittery@^0.7.1: version "0.7.2" @@ -3672,10 +3672,10 @@ error-ex@^1.3.1: dependencies: is-arrayish "^0.2.1" -es-abstract@^1.18.0-next.1, es-abstract@^1.18.0-next.2, es-abstract@^1.18.2, es-abstract@^1.18.5: - version "1.18.7" - resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.7.tgz#122daaa523d0a10b0f1be8ed4ce1ee68330c5bb2" - integrity sha512-uFG1gyVX91tZIiDWNmPsL8XNpiCk/6tkB7MZphoSJflS4w+KgWyQ2gjCVDnsPxFAo9WjRXG3eqONNYdfbJjAtw== +es-abstract@^1.18.5, es-abstract@^1.19.0, es-abstract@^1.19.1: + version "1.19.1" + resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.19.1.tgz#d4885796876916959de78edaa0df456627115ec3" + integrity sha512-2vJ6tjA/UfqLm2MPs7jxVybLoB8i1t1Jd9R3kISld20sIxPcTbLuggQOUxeWeAvIUkduv/CfMjuh4WmiXr2v9w== dependencies: call-bind "^1.0.2" es-to-primitive "^1.2.1" @@ -3688,7 +3688,9 @@ es-abstract@^1.18.0-next.1, es-abstract@^1.18.0-next.2, es-abstract@^1.18.2, es- is-callable "^1.2.4" is-negative-zero "^2.0.1" is-regex "^1.1.4" + is-shared-array-buffer "^1.0.1" is-string "^1.0.7" + is-weakref "^1.0.1" object-inspect "^1.11.0" object-keys "^1.1.1" object.assign "^4.1.2" @@ -3729,107 +3731,107 @@ es6-error@^4.0.1: resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== -esbuild-android-arm64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-android-arm64/-/esbuild-android-arm64-0.13.3.tgz#ef734c76eeff42e8c53acdffe901da090164a890" - integrity sha512-jc9E8vGTHkzb0Vwl74H8liANV9BWsqtzLHaKvcsRgf1M+aVCBSF0gUheduAKfDsbDMT0judeMLhwBP34EUesTA== - -esbuild-darwin-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-darwin-64/-/esbuild-darwin-64-0.13.3.tgz#35f29376b7451add79f0640980683ef923365385" - integrity sha512-8bG3Zq+ZNuLlIJebOO2+weI7P2LVf33sOzaUfHj8MuJ+1Ixe4KtQxfYp7qhFnP6xP2ToJaYHxGUfLeiUCEz9hw== - -esbuild-darwin-arm64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-darwin-arm64/-/esbuild-darwin-arm64-0.13.3.tgz#530a1326e7d18d62c9a54b6dce70f2b77ed50eec" - integrity sha512-5E81eImYtTgh8pY7Gq4WQHhWkR/LvYadUXmuYeZBiP+3ADZJZcG60UFceZrjqNPaFOWKr/xmh4aNocwagEubcA== - -esbuild-freebsd-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-freebsd-64/-/esbuild-freebsd-64-0.13.3.tgz#ce2896ac362e06eb82ca5dec06b2568901eb5afc" - integrity sha512-ou+f91KkTGexi8HvF/BdtsITL6plbciQfZGys7QX6/QEwyE96PmL5KnU6ZQwoU7E99Ts6Sc9bUDq8HXJubKtBA== - -esbuild-freebsd-arm64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-freebsd-arm64/-/esbuild-freebsd-arm64-0.13.3.tgz#a20454f99e060bea4e465d131556a9f0533f403f" - integrity sha512-F1zV7nySjHswJuvIgjkiG5liZ63MeazDGXGKViTCeegjZ71sAhOChcaGhKcu6vq9+vqZxlfEi1fmXlx6Pc3coQ== - -esbuild-linux-32@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-32/-/esbuild-linux-32-0.13.3.tgz#ad56f18208ecf007cd9ab16cd39626ca0312b8ee" - integrity sha512-mHHc2v6uLrHH4zaaq5RB/5IWzgimEJ1HGldzf1qtGI513KZWfH0HRRQ8p1di4notJgBn7tDzWQ1f34ZHy69viQ== - -esbuild-linux-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-64/-/esbuild-linux-64-0.13.3.tgz#be1eabadf68d153897ed887678f7496d3949810f" - integrity sha512-FJ1De2O89mrOuqtaEXu41qIYJU6R41F+OA6vheNwcAQcX8fu0aiA13FJeLABq29BYJuTVgRj3cyC8q+tz19/dQ== - -esbuild-linux-arm64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-arm64/-/esbuild-linux-arm64-0.13.3.tgz#329348bb4a19cfb5e9046cc5d97ba5017d8f74ad" - integrity sha512-Cauhr45KSo+wRUojs+1qfycQqQCAXTOvsWvkZ6xmEMAXLAm+f8RQGDQeP8CAf8Yeelnegcn6UNdvzdzLHhWDFg== - -esbuild-linux-arm@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-arm/-/esbuild-linux-arm-0.13.3.tgz#b3b3167c9d5d3038894fbc75b194a4fbe93eaf09" - integrity sha512-9BJNRtLwBh3OP22cln9g3AJdbAQUcjRHqA4BScx9k4RZpGqPokFr548zpeplxWhcwrIjT8qPebwH9CrRVy8Bsw== - -esbuild-linux-mips64le@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-mips64le/-/esbuild-linux-mips64le-0.13.3.tgz#ea1687f28ea2c85399ecc2fe23a48ab343b7b35d" - integrity sha512-YVzJUGCncuuLm2boYyVeuMFsak4ZAhdiBwi0xNDZCC8sy+tS6Boe2mzcrD2uubv5JKAUOrpN186S1DtU4WgBgw== - -esbuild-linux-ppc64le@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-linux-ppc64le/-/esbuild-linux-ppc64le-0.13.3.tgz#a462cf42eae3d7fc29a9f277679f5adee70afa67" - integrity sha512-GU6CqqKtJEoyxC2QWHiJtmuOz9wc/jMv8ZloK2WwiGY5yMvAmM3PI103Dj7xcjebNTHBqITTUw/aigY1wx5A3w== - -esbuild-openbsd-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-openbsd-64/-/esbuild-openbsd-64-0.13.3.tgz#0cb15bd86d20eb19cb548b530f1a533197532cf9" - integrity sha512-HVpkgpn4BQt4BPDAjTOpeMub6mzNWw6Y3gaLQJrpbO24pws6ZwYkY24OI3/Uo3LDCbH6856MM81JxECt92OWjA== - -esbuild-sunos-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-sunos-64/-/esbuild-sunos-64-0.13.3.tgz#53a941241f881010969cc8f1acb1ada49c4cd3c2" - integrity sha512-XncBVOtnEfUbPV4CaiFBxh38ychnBfwCxuTm9iAqcHzIwkmeNRN5qMzDyfE1jyfJje+Bbt6AvIfz6SdYt8/UEQ== - -esbuild-windows-32@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-windows-32/-/esbuild-windows-32-0.13.3.tgz#265dc0d0cdb5374685a851c584857055e12865a4" - integrity sha512-ZlgDz7d1nk8wQACi+z8IDzNZVUlN9iprAme+1YSTsfFDlkyI8jeaGWPk9EQFNY7rJzsLVYm6eZ2mhPioc7uT5A== - -esbuild-windows-64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-windows-64/-/esbuild-windows-64-0.13.3.tgz#ae710c0629ec8c39c5ef1f69e86ed5592bb4128f" - integrity sha512-YX7KvRez3TR+GudlQm9tND/ssj2FsF9vb8ZWzAoZOLxpPzE3y+3SFJNrfDzzQKPzJ0Pnh9KBP4gsaMwJjKHDhw== - -esbuild-windows-arm64@0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild-windows-arm64/-/esbuild-windows-arm64-0.13.3.tgz#a236199a26b1205573dcb571f966189326a4c953" - integrity sha512-nP7H0Y2a6OJd3Qi1Q8sehhyP4x4JoXK4S5y6FzH2vgaJgiyEurzFxjUufGdMaw+RxtxiwD/uRndUgwaZ2JD8lg== - -esbuild@^0.13.3: - version "0.13.3" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.13.3.tgz#cc9fc347fc81ff6440cdd1fdb9fe65c02eddcc97" - integrity sha512-98xovMLKnyhv3gcReUuAEi5Ig1rK6SIgvsJuBIcfwzqGSEHsV8UJjMlmkhHoHMf9XZybMpE9Zax8AA8f7i2hlQ== +esbuild-android-arm64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-android-arm64/-/esbuild-android-arm64-0.13.4.tgz#5178a20d2b7aba741a31c19609f9e67b346996b9" + integrity sha512-elDJt+jNyoHFId0/dKsuVYUPke3EcquIyUwzJCH17a3ERglN3A9aMBI5zbz+xNZ+FbaDNdpn0RaJHCFLbZX+fA== + +esbuild-darwin-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-darwin-64/-/esbuild-darwin-64-0.13.4.tgz#7a3e66c8e1271b650541b25eed65c84f3564a69d" + integrity sha512-zJQGyHRAdZUXlRzbN7W+7ykmEiGC+bq3Gc4GxKYjjWTgDRSEly98ym+vRNkDjXwXYD3gGzSwvH35+MiHAtWvLA== + +esbuild-darwin-arm64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-darwin-arm64/-/esbuild-darwin-arm64-0.13.4.tgz#793feca6032b2a57ef291eb9b2d33768d60a49d6" + integrity sha512-r8oYvAtqSGq8HNTZCAx4TdLE7jZiGhX9ooGi5AQAey37MA6XNaP8ZNlw9OCpcgpx3ryU2WctXwIqPzkHO7a8dg== + +esbuild-freebsd-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-freebsd-64/-/esbuild-freebsd-64-0.13.4.tgz#294aec3c2cf4b41fb6900212fc9c33dd8fbbb4a2" + integrity sha512-u9DRGkn09EN8+lCh6z7FKle7awi17PJRBuAKdRNgSo5ZrH/3m+mYaJK2PR2URHMpAfXiwJX341z231tSdVe3Yw== + +esbuild-freebsd-arm64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-freebsd-arm64/-/esbuild-freebsd-arm64-0.13.4.tgz#09fe66c751c12f9b976976b1d83f3de594cb2787" + integrity sha512-q3B2k68Uf6gfjATjcK16DqxvjqRQkHL8aPoOfj4op+lSqegdXvBacB1d8jw8PxbWJ8JHpdTLdAVUYU80kotQXA== + +esbuild-linux-32@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-32/-/esbuild-linux-32-0.13.4.tgz#a9f0793d7bcc9cef4f4ffa4398c525877fba5839" + integrity sha512-UUYJPHSiKAO8KoN3Ls/iZtgDLZvK5HarES96aolDPWZnq9FLx4dIHM/x2z4Rxv9IYqQ/DxlPoE2Co1UPBIYYeA== + +esbuild-linux-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-64/-/esbuild-linux-64-0.13.4.tgz#c0d0b4c9d62e3bbf8bdf2cece37403aa6d60fc2e" + integrity sha512-+RnohAKiiUW4UHLGRkNR1AnENW1gCuDWuygEtd4jxTNPIoeC7lbXGor7rtgjj9AdUzFgOEvAXyNNX01kJ8NueQ== + +esbuild-linux-arm64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-arm64/-/esbuild-linux-arm64-0.13.4.tgz#1292d97bfa64a08d12728f8a7837bf92776c779b" + integrity sha512-+A188cAdd6QuSRxMIwRrWLjgphQA0LDAQ/ECVlrPVJwnx+1i64NjDZivoqPYLOTkSPIKntiWwMhhf0U5/RrPHQ== + +esbuild-linux-arm@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-arm/-/esbuild-linux-arm-0.13.4.tgz#186cd9b8885ac132b9953a4a0afe668168debd10" + integrity sha512-BH5gKve4jglS7UPSsfwHSX79I5agC/lm4eKoRUEyo8lwQs89frQSRp2Xup+6SFQnxt3md5EsKcd2Dbkqeb3gPA== + +esbuild-linux-mips64le@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-mips64le/-/esbuild-linux-mips64le-0.13.4.tgz#42049bf72bc586817b4a51cc9e32148d13e5e807" + integrity sha512-0xkwtPaUkG5xMTFGaQPe1AadSe5QAiQuD4Gix1O9k5Xo/U8xGIkw9UFUTvfEUeu71vFb6ZgsIacfP1NLoFjWNw== + +esbuild-linux-ppc64le@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-linux-ppc64le/-/esbuild-linux-ppc64le-0.13.4.tgz#adf1ce2ef2302757c4383887da6ac4dd25be9d4f" + integrity sha512-E1+oJPP7A+j23GPo3CEpBhGwG1bni4B8IbTA3/3rvzjURwUMZdcN3Fhrz24rnjzdLSHmULtOE4VsbT42h1Om4Q== + +esbuild-openbsd-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-openbsd-64/-/esbuild-openbsd-64-0.13.4.tgz#1c8122101898c52a20c8786935cf3eb7a19b83b4" + integrity sha512-xEkI1o5HYxDzbv9jSox0EsDxpwraG09SRiKKv0W8pH6O3bt+zPSlnoK7+I7Q69tkvONkpIq5n2o+c55uq0X7cw== + +esbuild-sunos-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-sunos-64/-/esbuild-sunos-64-0.13.4.tgz#4ec95faa14a60f295fe485bebffefff408739337" + integrity sha512-bjXUMcODMnB6hQicLBBmmnBl7OMDyVpFahKvHGXJfDChIi5udiIRKCmFUFIRn+AUAKVlfrofRKdyPC7kBsbvGQ== + +esbuild-windows-32@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-windows-32/-/esbuild-windows-32-0.13.4.tgz#3182c380487b797b04d0ec2c80c2945666869080" + integrity sha512-z4CH07pfyVY0XF98TCsGmLxKCl0kyvshKDbdpTekW9f2d+dJqn5mmoUyWhpSVJ0SfYWJg86FoD9nMbbaMVyGdg== + +esbuild-windows-64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-windows-64/-/esbuild-windows-64-0.13.4.tgz#b9e995f92d81f433a04f33611e603e82f9232e69" + integrity sha512-uVL11vORRPjocGLYam67rwFLd0LvkrHEs+JG+1oJN4UD9MQmNGZPa4gBHo6hDpF+kqRJ9kXgQSeDqUyRy0tj/Q== + +esbuild-windows-arm64@0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild-windows-arm64/-/esbuild-windows-arm64-0.13.4.tgz#fb239532f07b764d158f4cc787178ef4c6fadb5c" + integrity sha512-vA6GLvptgftRcDcWngD5cMlL4f4LbL8JjU2UMT9yJ0MT5ra6hdZNFWnOeOoEtY4GtJ6OjZ0i+81sTqhAB0fMkg== + +esbuild@^0.13.4: + version "0.13.4" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.13.4.tgz#ce2deb56c4fb360938311cbfc67f8e467bb6841b" + integrity sha512-wMA5eUwpavTBiNl+It6j8OQuKVh69l6z4DKDLzoTIqC+gChnPpcmqdA8WNHptUHRnfyML+mKEQPlW7Mybj8gHg== optionalDependencies: - esbuild-android-arm64 "0.13.3" - esbuild-darwin-64 "0.13.3" - esbuild-darwin-arm64 "0.13.3" - esbuild-freebsd-64 "0.13.3" - esbuild-freebsd-arm64 "0.13.3" - esbuild-linux-32 "0.13.3" - esbuild-linux-64 "0.13.3" - esbuild-linux-arm "0.13.3" - esbuild-linux-arm64 "0.13.3" - esbuild-linux-mips64le "0.13.3" - esbuild-linux-ppc64le "0.13.3" - esbuild-openbsd-64 "0.13.3" - esbuild-sunos-64 "0.13.3" - esbuild-windows-32 "0.13.3" - esbuild-windows-64 "0.13.3" - esbuild-windows-arm64 "0.13.3" + esbuild-android-arm64 "0.13.4" + esbuild-darwin-64 "0.13.4" + esbuild-darwin-arm64 "0.13.4" + esbuild-freebsd-64 "0.13.4" + esbuild-freebsd-arm64 "0.13.4" + esbuild-linux-32 "0.13.4" + esbuild-linux-64 "0.13.4" + esbuild-linux-arm "0.13.4" + esbuild-linux-arm64 "0.13.4" + esbuild-linux-mips64le "0.13.4" + esbuild-linux-ppc64le "0.13.4" + esbuild-openbsd-64 "0.13.4" + esbuild-sunos-64 "0.13.4" + esbuild-windows-32 "0.13.4" + esbuild-windows-64 "0.13.4" + esbuild-windows-arm64 "0.13.4" escalade@^3.1.1: version "3.1.1" @@ -3936,10 +3938,10 @@ eslint-plugin-import@^2.24.2: resolve "^1.20.0" tsconfig-paths "^3.11.0" -eslint-plugin-jest@^24.5.0: - version "24.5.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-24.5.0.tgz#a223a0040a19af749a161807254f0e47f5bfdcc3" - integrity sha512-Cm+XdX7Nms2UXGRnivHFVcM3ZmlKheHvc9VD78iZLO1XcqB59WbVjrMSiesCbHDlToxWjMJDiJMgc1CzFE13Vg== +eslint-plugin-jest@^24.5.2: + version "24.5.2" + resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-24.5.2.tgz#f71f98f27fd18b50f55246ca090f36d1730e36a6" + integrity sha512-lrI3sGAyZi513RRmP08sIW241Ti/zMnn/6wbE4ZBhb3M2pJ9ztaZMnSKSKKBUfotVdwqU8W1KtD8ao2/FR8DIg== dependencies: "@typescript-eslint/experimental-utils" "^4.0.1" @@ -4729,7 +4731,7 @@ glob-parent@^5.1.1, glob-parent@^5.1.2: dependencies: is-glob "^4.0.1" -glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@^7.1.7, glob@^7.2.0: +glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@^7.1.7, glob@^7.2.0, glob@~7.2.0: version "7.2.0" resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.0.tgz#d15535af7732e02e948f4c41628bd910293f6023" integrity sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q== @@ -4741,18 +4743,6 @@ glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@^7.1.7, gl once "^1.3.0" path-is-absolute "^1.0.0" -glob@~7.1.7: - version "7.1.7" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.7.tgz#3b193e9233f01d42d0b3f78294bbeeb418f94a90" - integrity sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ== - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - globals@^11.1.0: version "11.12.0" resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e" @@ -5038,9 +5028,9 @@ import-fresh@^3.0.0, import-fresh@^3.2.1: resolve-from "^4.0.0" import-local@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/import-local/-/import-local-3.0.2.tgz#a8cfd0431d1de4a2199703d003e3e62364fa6db6" - integrity sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA== + version "3.0.3" + resolved "https://registry.yarnpkg.com/import-local/-/import-local-3.0.3.tgz#4d51c2c495ca9393da259ec66b62e022920211e0" + integrity sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA== dependencies: pkg-dir "^4.2.0" resolve-cwd "^3.0.0" @@ -5267,9 +5257,9 @@ is-generator-fn@^2.0.0: integrity sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ== is-glob@^4.0.0, is-glob@^4.0.1: - version "4.0.2" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.2.tgz#859fc2e731e58c902f99fcabccb75a7dd07d29d8" - integrity sha512-ZZTOjRcDjuAAAv2cTBQP/lL59ZTArx77+7UzHdWW/XB1mrfp7DEaVpKmZ0XIzx+M7AxfhKcqV+nMetUQmFifwg== + version "4.0.3" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.3.tgz#64f61e42cbbb2eec2071a9dac0b28ba1e65d5084" + integrity sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg== dependencies: is-extglob "^2.1.1" @@ -5357,6 +5347,11 @@ is-set@^2.0.1, is-set@^2.0.2: resolved "https://registry.yarnpkg.com/is-set/-/is-set-2.0.2.tgz#90755fa4c2562dc1c5d4024760d6119b94ca18ec" integrity sha512-+2cnTEZeY5z/iXGbLhPrOAaK/Mau5k5eXq9j14CpRTftq0pAJu2MwVRSZhyZWBzx3o6X795Lz6Bpb6R0GKf37g== +is-shared-array-buffer@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-shared-array-buffer/-/is-shared-array-buffer-1.0.1.tgz#97b0c85fbdacb59c9c446fe653b82cf2b5b7cfe6" + integrity sha512-IU0NmyknYZN0rChcKhRO1X8LYz5Isj/Fsqh8NJOSf+N/hCOTwy29F32Ik7a+QszE63IdvmwdTPDd6cZ5pg4cwA== + is-ssh@^1.3.0: version "1.3.3" resolved "https://registry.yarnpkg.com/is-ssh/-/is-ssh-1.3.3.tgz#7f133285ccd7f2c2c7fc897b771b53d95a2b2c7e" @@ -5416,6 +5411,13 @@ is-weakmap@^2.0.1: resolved "https://registry.yarnpkg.com/is-weakmap/-/is-weakmap-2.0.1.tgz#5008b59bdc43b698201d18f62b37b2ca243e8cf2" integrity sha512-NSBR4kH5oVj1Uwvv970ruUkCV7O1mzgVFO4/rev2cLRda9Tm9HrL70ZPut4rOHgY0FNrUu9BCbXA2sdQ+x0chA== +is-weakref@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-weakref/-/is-weakref-1.0.1.tgz#842dba4ec17fa9ac9850df2d6efbc1737274f2a2" + integrity sha512-b2jKc2pQZjaeFYWEf7ScFj+Be1I+PXmlu572Q8coTXZ+LD/QQZ7ShPMst8h16riVgyXTQwUsFEl74mDvc/3MHQ== + dependencies: + call-bind "^1.0.0" + is-weakset@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/is-weakset/-/is-weakset-2.0.1.tgz#e9a0af88dbd751589f5e50d80f4c98b780884f83" @@ -5997,70 +5999,70 @@ jsesc@^2.5.1: resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.35.0.tgz#968c79fb15ca343aa5371a65fe70cce084fcc076" - integrity sha512-sbKwYB4Irb4+wadjv0WSVRUZploGmptxmzyzZhxB2ZT1T+mKRLnVYwBi2ps9Jf0nvclw5EHfP64FIxDDqUs0Ew== +jsii-diff@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.36.0.tgz#f32d22393844de033710fd67b93fc28e9c155905" + integrity sha512-ejWzph85Vz3rRtrtTer/vFivPn+F2VkzbGaPnpXZTUSRYECg5f9kafq9g3Fm/ntbU8JpmDB6vrh0muv4T/yglw== dependencies: - "@jsii/check-node" "1.35.0" - "@jsii/spec" "^1.35.0" + "@jsii/check-node" "1.36.0" + "@jsii/spec" "^1.36.0" fs-extra "^9.1.0" - jsii-reflect "^1.35.0" + jsii-reflect "^1.36.0" log4js "^6.3.0" typescript "~3.9.10" yargs "^16.2.0" -jsii-pacmak@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.35.0.tgz#2fdd0a6076f788fa61b539f6c2104cae465ca321" - integrity sha512-UF9GSG+FBzk+vpcCsFMrgC8yAtPeWG6jJwmNyYVsDj5byHPl9p8QCfbeNxDRzhKJukIO9K/iUlatjn+PvKXj1A== +jsii-pacmak@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.36.0.tgz#b8c2b11318b6acc28a064904aac6cc625e22b654" + integrity sha512-wRJk6S81OTi1KeXQhpasvWQ3kBXURtg1d99wBBSktDAJAfAj17x/0XbVe43DRFsD/wZARyVj2g1EDC5MexXJZw== dependencies: - "@jsii/check-node" "1.35.0" - "@jsii/spec" "^1.35.0" + "@jsii/check-node" "1.36.0" + "@jsii/spec" "^1.36.0" clone "^2.1.2" - codemaker "^1.35.0" + codemaker "^1.36.0" commonmark "^0.30.0" escape-string-regexp "^4.0.0" fs-extra "^9.1.0" - jsii-reflect "^1.35.0" - jsii-rosetta "^1.35.0" + jsii-reflect "^1.36.0" + jsii-rosetta "^1.36.0" semver "^7.3.5" spdx-license-list "^6.4.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.35.0.tgz#ce40b24e5b2ba40ecd6fd5ba82d6583008f6db15" - integrity sha512-DVSAwbhydNpJoU1/Mj5Mnr8vuJnkCoQCHoBBfR5V1+CmswbPshzK/9fbdtIlSCGxjBKRlW83RBZqP0ON6hvPig== +jsii-reflect@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.36.0.tgz#719a1aadb60b1e46d9fc9140e23ba7a0c651debd" + integrity sha512-MWhRxSTv29QetIAhtoVO9Awne6TofUPmVeK9SU3G0RqoxCx7F6erbLxcSYIa1KqcBbI6fmT1/JT1kdmCgg0QmQ== dependencies: - "@jsii/check-node" "1.35.0" - "@jsii/spec" "^1.35.0" + "@jsii/check-node" "1.36.0" + "@jsii/spec" "^1.36.0" colors "^1.4.0" fs-extra "^9.1.0" - oo-ascii-tree "^1.35.0" + oo-ascii-tree "^1.36.0" yargs "^16.2.0" -jsii-rosetta@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.35.0.tgz#17c662485d455d30999d55042e9e5c88e5801052" - integrity sha512-AKk7llmUmheKDIQXBRXlmHd5B+BU+Si3jpsfZzFdTpU2qR+yvIZ00XpWWnX+zpyKebOaMwAI+R+5DhsrRZ2GBQ== +jsii-rosetta@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.36.0.tgz#116e62717cfb97648ec163e1a66bc7036034034f" + integrity sha512-TML7uw5ihRy0S5QKV8nNRxERzIblIeMTn/+eDG9dw/FOpx3oB3dBo9A277skVbs4QPbZuU8ceWb5n1kg/PlbOw== dependencies: - "@jsii/check-node" "1.35.0" - "@jsii/spec" "^1.35.0" + "@jsii/check-node" "1.36.0" + "@jsii/spec" "^1.36.0" "@xmldom/xmldom" "^0.7.5" commonmark "^0.30.0" fs-extra "^9.1.0" typescript "~3.9.10" yargs "^16.2.0" -jsii@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.35.0.tgz#f1b393694a3aec5d6a8541d004331669b9f2d4d1" - integrity sha512-uk3lk/8b6q0nmKOUTDp5RKzzPEuES7Im+5GxGbvwPo9TjRzZ0VMfiePNYFPwwkw5BTId80ssumq3VOFelxPJ2Q== +jsii@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.36.0.tgz#46fb0046c8116cabe83899d5f04b9ee7adf7d326" + integrity sha512-7wuW6iv3lnYxdUb2W9KRPqFDP7xPPhVMmt3eDQbLQGCcMNQ65QgPWgun23+1X1X1ImCcoh5GWaRS0oF0NAJbQA== dependencies: - "@jsii/check-node" "1.35.0" - "@jsii/spec" "^1.35.0" + "@jsii/check-node" "1.36.0" + "@jsii/spec" "^1.36.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.5" @@ -6339,9 +6341,9 @@ lines-and-columns@^1.1.6: integrity sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA= linkify-it@^3.0.1: - version "3.0.2" - resolved "https://registry.yarnpkg.com/linkify-it/-/linkify-it-3.0.2.tgz#f55eeb8bc1d3ae754049e124ab3bb56d97797fb8" - integrity sha512-gDBO4aHNZS6coiZCKVhSNh43F9ioIL4JwRjLZPkoLIY4yZFwg264Y5lu2x6rb1Js42Gh6Yqm2f6L2AJcnkzinQ== + version "3.0.3" + resolved "https://registry.yarnpkg.com/linkify-it/-/linkify-it-3.0.3.tgz#a98baf44ce45a550efb4d49c769d07524cc2fa2e" + integrity sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ== dependencies: uc.micro "^1.0.1" @@ -6620,10 +6622,10 @@ map-visit@^1.0.0: dependencies: object-visit "^1.0.0" -markdown-it@12.0.4: - version "12.0.4" - resolved "https://registry.yarnpkg.com/markdown-it/-/markdown-it-12.0.4.tgz#eec8247d296327eac3ba9746bdeec9cfcc751e33" - integrity sha512-34RwOXZT8kyuOJy25oJNJoulO8L0bTHYWXcdZBYZqFnjIy3NgjeoM3FmPXIOFQ26/lSHYMr8oc62B6adxXcb3Q== +markdown-it@12.2.0: + version "12.2.0" + resolved "https://registry.yarnpkg.com/markdown-it/-/markdown-it-12.2.0.tgz#091f720fd5db206f80de7a8d1f1a7035fd0d38db" + integrity sha512-Wjws+uCrVQRqOoJvze4HCqkKl1AsSh95iFAeQDwnyfxM09divCBSXlDR1uTvyUP3Grzpn4Ru8GeCxYPM8vkCQg== dependencies: argparse "^2.0.1" entities "~2.1.0" @@ -6631,37 +6633,37 @@ markdown-it@12.0.4: mdurl "^1.0.1" uc.micro "^1.0.5" -markdownlint-cli@^0.28.1: - version "0.28.1" - resolved "https://registry.yarnpkg.com/markdownlint-cli/-/markdownlint-cli-0.28.1.tgz#76f1d8d50f81dce524826c93bf0f95af9cbe9397" - integrity sha512-RBKtRRBzcuAF/H5wMSzb4zvEtbUkyYNEeaDtlQkyH9SoHWPL01emJ2Wrx6NEOa1ZDGwB+seBGvE157Qzc/t/vA== +markdownlint-cli@^0.29.0: + version "0.29.0" + resolved "https://registry.yarnpkg.com/markdownlint-cli/-/markdownlint-cli-0.29.0.tgz#3c56686fd00ace4b68c9cfa3a34a7a9dfdef1417" + integrity sha512-SEXRUT1ri9sXV8xQK88vjGAgmz2X9rxEG2tXdDZMljzW8e++LNTO9zzBBStx3JQWrTDoGTPHNrcurbuiyF97gw== dependencies: - commander "~8.0.0" + commander "~8.2.0" deep-extend "~0.6.0" get-stdin "~8.0.0" - glob "~7.1.7" + glob "~7.2.0" ignore "~5.1.8" js-yaml "^4.1.0" jsonc-parser "~3.0.0" lodash.differencewith "~4.5.0" lodash.flatten "~4.4.0" - markdownlint "~0.23.1" - markdownlint-rule-helpers "~0.14.0" + markdownlint "~0.24.0" + markdownlint-rule-helpers "~0.15.0" minimatch "~3.0.4" minimist "~1.2.5" run-con "~1.2.10" -markdownlint-rule-helpers@~0.14.0: - version "0.14.0" - resolved "https://registry.yarnpkg.com/markdownlint-rule-helpers/-/markdownlint-rule-helpers-0.14.0.tgz#4d0e1ae320e85559d8cbed1490934855791627bb" - integrity sha512-vRTPqSU4JK8vVXmjICHSBhwXUvbfh/VJo+j7hvxqe15tLJyomv3FLgFdFgb8kpj0Fe8SsJa/TZUAXv7/sN+N7A== +markdownlint-rule-helpers@~0.15.0: + version "0.15.0" + resolved "https://registry.yarnpkg.com/markdownlint-rule-helpers/-/markdownlint-rule-helpers-0.15.0.tgz#11434c573649b9235ae70b967314f5711f7d8fa8" + integrity sha512-A+9mswc3m/kkqpJCqntmte/1VKhDJ+tjZsERLz5L4h/Qr7ht2/BkGkgY5E7/wsxIhcpl+ctIfz+oS3PQrMOB2w== -markdownlint@~0.23.1: - version "0.23.1" - resolved "https://registry.yarnpkg.com/markdownlint/-/markdownlint-0.23.1.tgz#98292b5d340d01e9c113f3d7fb3b2ccf89628dc2" - integrity sha512-iOEwhDfNmq2IJlaA8mzEkHYUi/Hwoa6Ss+HO5jkwUR6wQ4quFr0WzSx+Z9rsWZKUaPbyirIdL1zGmJRkWawr4Q== +markdownlint@~0.24.0: + version "0.24.0" + resolved "https://registry.yarnpkg.com/markdownlint/-/markdownlint-0.24.0.tgz#224b53f671367a237d40c8be1745c7be9a322671" + integrity sha512-OJIGsGFV/rC9irI5E1FMy6v9hdACSwaa+EN3224Y5KG8zj2EYzdHOw0pOJovIYmjNfEZ9BtxUY4P7uYHTSNnbQ== dependencies: - markdown-it "12.0.4" + markdown-it "12.2.0" md5@^2.3.0: version "2.3.0" @@ -6736,17 +6738,17 @@ micromatch@^4.0.2, micromatch@^4.0.4: braces "^3.0.1" picomatch "^2.2.3" -mime-db@1.49.0: - version "1.49.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.49.0.tgz#f3dfde60c99e9cf3bc9701d687778f537001cbed" - integrity sha512-CIc8j9URtOVApSFCQIF+VBkX1RwXp/oMMOrqdyXSBXq5RWNEsRfyj1kiRnQgmNXmHxPoFIxOroKA3zcU9P+nAA== +mime-db@1.50.0: + version "1.50.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.50.0.tgz#abd4ac94e98d3c0e185016c67ab45d5fde40c11f" + integrity sha512-9tMZCDlYHqeERXEHO9f/hKfNXhre5dK2eE/krIvUjZbS2KPcqGDfNShIWS1uW9XOTKQKqK6qbeOci18rbfW77A== mime-types@^2.1.12, mime-types@~2.1.19: - version "2.1.32" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.32.tgz#1d00e89e7de7fe02008db61001d9e02852670fd5" - integrity sha512-hJGaVS4G4c9TSMYh2n6SQAGrC4RnfU+daP8G7cSCmaqNjiOoUY0VHCMS42pxnQmVF1GWwFhbHWn3RIxCqTmZ9A== + version "2.1.33" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.33.tgz#1fa12a904472fafd068e48d9e8401f74d3f70edb" + integrity sha512-plLElXp7pRDd0bNZHw+nMd52vRYjLwQjygaNg7ddJ2uJtTlmnTCjWuPKxVu6//AdaRuME84SvLW91sIkBqGT0g== dependencies: - mime-db "1.49.0" + mime-db "1.50.0" mime@^2.5.2: version "2.5.2" @@ -6941,11 +6943,6 @@ mute-stream@0.0.8, mute-stream@~0.0.4: resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.8.tgz#1630c42b2251ff81e2a283de96a5497ea92e5e0d" integrity sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA== -nanocolors@^0.1.5: - version "0.1.12" - resolved "https://registry.yarnpkg.com/nanocolors/-/nanocolors-0.1.12.tgz#8577482c58cbd7b5bb1681db4cf48f11a87fd5f6" - integrity sha512-2nMHqg1x5PU+unxX7PGY7AuYxl2qDx7PSrTRjizr8sxdd3l/3hBuWWaki62qmtYm2U5i4Z5E7GbjlyDFhs9/EQ== - nanomatch@^1.2.9: version "1.2.13" resolved "https://registry.yarnpkg.com/nanomatch/-/nanomatch-1.2.13.tgz#b87a8aa4fc0de8fe6be88895b38983ff265bd119" @@ -7089,10 +7086,10 @@ node-preload@^0.2.1: dependencies: process-on-spawn "^1.0.0" -node-releases@^1.1.76: - version "1.1.76" - resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.76.tgz#df245b062b0cafbd5282ab6792f7dccc2d97f36e" - integrity sha512-9/IECtNr8dXNmPWmFXepT0/7o5eolGesHUa3mtr0KlgnCvnZxwh2qensKL42JJY2vQKC3nIBXetFAqR+PW1CmA== +node-releases@^1.1.77: + version "1.1.77" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.77.tgz#50b0cfede855dd374e7585bf228ff34e57c1c32e" + integrity sha512-rB1DUFUNAN4Gn9keO2K1efO35IDK7yKHCdCaIMvFO7yUYmmZYeDjnGKle26G4rwj+LKRQpjyUUvMkPglwGCYNQ== nopt@^4.0.1: version "4.0.3" @@ -7356,13 +7353,13 @@ object.assign@^4.1.2: object-keys "^1.1.1" object.getownpropertydescriptors@^2.0.3: - version "2.1.2" - resolved "https://registry.yarnpkg.com/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.1.2.tgz#1bd63aeacf0d5d2d2f31b5e393b03a7c601a23f7" - integrity sha512-WtxeKSzfBjlzL+F9b7M7hewDzMwy+C8NRssHd1YrNlzHzIDrXcXiNOMrezdAEM4UXixgV+vvnyBeN7Rygl2ttQ== + version "2.1.3" + resolved "https://registry.yarnpkg.com/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.1.3.tgz#b223cf38e17fefb97a63c10c91df72ccb386df9e" + integrity sha512-VdDoCwvJI4QdC6ndjpqFmoL3/+HxffFBbcJzKi5hwLLqqx3mdbedRpfZDdK0SrOSauj8X4GzBvnDZl4vTN7dOw== dependencies: call-bind "^1.0.2" define-properties "^1.1.3" - es-abstract "^1.18.0-next.2" + es-abstract "^1.19.1" object.pick@^1.3.0: version "1.3.0" @@ -7372,13 +7369,13 @@ object.pick@^1.3.0: isobject "^3.0.1" object.values@^1.1.4: - version "1.1.4" - resolved "https://registry.yarnpkg.com/object.values/-/object.values-1.1.4.tgz#0d273762833e816b693a637d30073e7051535b30" - integrity sha512-TnGo7j4XSnKQoK3MfvkzqKCi0nVe/D9I9IjwTNYdb/fxYHpjrluHVOgw0AF6jrRFGMPHdfuidR09tIDiIvnaSg== + version "1.1.5" + resolved "https://registry.yarnpkg.com/object.values/-/object.values-1.1.5.tgz#959f63e3ce9ef108720333082131e4a459b716ac" + integrity sha512-QUZRW0ilQ3PnPpbNtgdNV1PDbEqLIiSFB3l+EnGtBQ/8SUTLj1PZwtQHABZtLgwpJZTSZhuGLOGk57Drx2IvYg== dependencies: call-bind "^1.0.2" define-properties "^1.1.3" - es-abstract "^1.18.2" + es-abstract "^1.19.1" octokit-pagination-methods@^1.1.0: version "1.1.0" @@ -7399,10 +7396,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.35.0: - version "1.35.0" - resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.35.0.tgz#d59dc2b4c9670adb047140982e8d35153d8c4c68" - integrity sha512-1cvFhd6oN+ZRC2ZdkBRlO7bYr0C9O5DZOntwCFYX0nS3zG6CmnpwwVdwh8o3rArf6eL5U21/UKSujWQPpSCapw== +oo-ascii-tree@^1.36.0: + version "1.36.0" + resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.36.0.tgz#2a44141904a324cc9a77dfa7c24b680007d9f786" + integrity sha512-VGo4IhIbwJgYnwBAtk5+6puhwOjyMdaviPhxZgEteh6/twR7m8T6C47kSNuXIX51H6ogh6y8GeuOIuWyPcc9Cg== open@^7.4.2: version "7.4.2" @@ -7774,6 +7771,11 @@ performance-now@^2.1.0: resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b" integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns= +picocolors@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-0.2.1.tgz#570670f793646851d1ba135996962abad587859f" + integrity sha512-cMlDqaLEqfSaW8Z7N5Jw+lyIW869EzT73/F5lhtY9cLGoVxSXznfgfXMO0Z5K0o0Q2TkTXq+0KFsdnSe3jDViA== + picomatch@^2.0.4, picomatch@^2.2.3: version "2.3.0" resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.0.tgz#f1f061de8f6a4bf022892e2d128234fb98302972" @@ -8528,9 +8530,9 @@ side-channel@^1.0.3, side-channel@^1.0.4: object-inspect "^1.9.0" signal-exit@^3.0.0, signal-exit@^3.0.2, signal-exit@^3.0.3: - version "3.0.4" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.4.tgz#366a4684d175b9cab2081e3681fda3747b6c51d7" - integrity sha512-rqYhcAnZ6d/vTPGghdrw7iumdcbXpsk1b8IG/rz+VWV51DM0p7XCtMoJ3qhPLIbp3tvyt3pKRbaaEMZYpHto8Q== + version "3.0.5" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.5.tgz#9e3e8cc0c75a99472b44321033a7702e7738252f" + integrity sha512-KWcOiKeQj6ZyXx7zq4YxSMgHRlod4czeBQZrPb8OKcohcqAXShm7E20kEMle9WBt26hFcAf0qLOcp5zmY7kOqQ== sinon@^11.1.1: version "11.1.2" @@ -8867,7 +8869,7 @@ string-length@^4.0.1: char-regex "^1.0.2" strip-ansi "^6.0.0" -string-width@*, string-width@^1.0.1, "string-width@^1.0.2 || 2", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.2, string-width@^4.2.3: +string-width@*, string-width@^1.0.1, "string-width@^1.0.2 || 2", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -9010,17 +9012,17 @@ symbol-tree@^3.2.4: resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2" integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw== -table@*, table@^6.0.9, table@^6.7.1: - version "6.7.1" - resolved "https://registry.yarnpkg.com/table/-/table-6.7.1.tgz#ee05592b7143831a8c94f3cee6aae4c1ccef33e2" - integrity sha512-ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg== +table@*, table@^6.0.9, table@^6.7.2: + version "6.7.2" + resolved "https://registry.yarnpkg.com/table/-/table-6.7.2.tgz#a8d39b9f5966693ca8b0feba270a78722cbaf3b0" + integrity sha512-UFZK67uvyNivLeQbVtkiUs8Uuuxv24aSL4/Vil2PJVtMgU8Lx0CYkP12uCGa3kjyQzOSgV1+z9Wkb82fCGsO0g== dependencies: ajv "^8.0.1" lodash.clonedeep "^4.5.0" lodash.truncate "^4.4.2" slice-ansi "^4.0.0" - string-width "^4.2.0" - strip-ansi "^6.0.0" + string-width "^4.2.3" + strip-ansi "^6.0.1" tar-stream@^2.2.0: version "2.2.0" From 7c473a6efa1f7e07799a96f649cb32f66d178e43 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 6 Oct 2021 11:51:31 +0200 Subject: [PATCH 23/43] feat(cfnspec): cloudformation spec v43.0.0 (#16748) * feat: cloudformation spec v43.0.0 * Add queuePolicyId Co-authored-by: AWS CDK Team Co-authored-by: Elad Ben-Israel --- packages/@aws-cdk/aws-sqs/lib/policy.ts | 10 +- packages/@aws-cdk/cfnspec/CHANGELOG.md | 97 +++ packages/@aws-cdk/cfnspec/cfn.version | 2 +- ...0_CloudFormationResourceSpecification.json | 694 +++++++++++++++++- 4 files changed, 785 insertions(+), 18 deletions(-) diff --git a/packages/@aws-cdk/aws-sqs/lib/policy.ts b/packages/@aws-cdk/aws-sqs/lib/policy.ts index c5d323bf60c63..f4116205e69c2 100644 --- a/packages/@aws-cdk/aws-sqs/lib/policy.ts +++ b/packages/@aws-cdk/aws-sqs/lib/policy.ts @@ -23,12 +23,20 @@ export class QueuePolicy extends Resource { */ public readonly document = new PolicyDocument(); + /** + * Not currently supported by AWS CloudFormation. + * @attribute + */ + public readonly queuePolicyId: string; + constructor(scope: Construct, id: string, props: QueuePolicyProps) { super(scope, id); - new CfnQueuePolicy(this, 'Resource', { + const resource = new CfnQueuePolicy(this, 'Resource', { policyDocument: this.document, queues: props.queues.map(q => q.queueUrl), }); + + this.queuePolicyId = resource.attrId; } } diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 2d57129b35373..c834e29f0ac68 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,100 @@ +# CloudFormation Resource Specification v43.0.0 + +## New Resource Types + +* AWS::APS::RuleGroupsNamespace + +## Attribute Changes + +* AWS::MediaConnect::Flow Source.SourceIngestPort (__added__) +* AWS::MediaConnect::FlowSource SourceIngestPort (__added__) +* AWS::OpenSearchService::Domain DomainArn (__added__) +* AWS::SQS::QueuePolicy Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html +* AWS::SQS::QueuePolicy Id (__added__) + +## Property Changes + +* AWS::APS::Workspace AlertManagerDefinition (__added__) +* AWS::EKS::Cluster Logging (__added__) +* AWS::EKS::Cluster Tags (__added__) +* AWS::EKS::Cluster ResourcesVpcConfig.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::KinesisFirehose::DeliveryStream AmazonopensearchserviceDestinationConfiguration (__added__) +* AWS::Lambda::Function Architectures (__added__) +* AWS::Lambda::LayerVersion CompatibleArchitectures (__added__) +* AWS::MediaConnect::FlowOutput MinLatency (__added__) +* AWS::SQS::QueuePolicy PolicyDocument.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html#cfn-sqs-queuepolicy-policydoc + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html#cfn-sqs-queuepolicy-policydocument +* AWS::SQS::QueuePolicy Queues.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html#cfn-sqs-queuepolicy-queues + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html#cfn-sqs-queuepolicy-queues + +## Property Type Changes + +* AWS::EKS::Cluster.Provider (__removed__) +* AWS::EC2::LaunchTemplate.AcceleratorCount (__added__) +* AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB (__added__) +* AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps (__added__) +* AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu (__added__) +* AWS::EC2::LaunchTemplate.MemoryMiB (__added__) +* AWS::EC2::LaunchTemplate.NetworkInterfaceCount (__added__) +* AWS::EC2::LaunchTemplate.TotalLocalStorageGB (__added__) +* AWS::EC2::LaunchTemplate.VCpuCount (__added__) +* AWS::ECR::ReplicationConfiguration.RepositoryFilter (__added__) +* AWS::EKS::Cluster.ClusterLogging (__added__) +* AWS::EKS::Cluster.Logging (__added__) +* AWS::EKS::Cluster.LoggingTypeConfig (__added__) +* AWS::Kendra::DataSource.ProxyConfiguration (__added__) +* AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration (__added__) +* AWS::Kendra::DataSource.WebCrawlerBasicAuthentication (__added__) +* AWS::Kendra::DataSource.WebCrawlerConfiguration (__added__) +* AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration (__added__) +* AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration (__added__) +* AWS::Kendra::DataSource.WebCrawlerUrls (__added__) +* AWS::Kendra::DataSource.WorkDocsConfiguration (__added__) +* AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints (__added__) +* AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration (__added__) +* AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions (__added__) +* AWS::ECR::ReplicationConfiguration.ReplicationRule RepositoryFilters (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.Type (__deleted__) +* AWS::EKS::Cluster.EncryptionConfig Provider.PrimitiveType (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::EKS::Cluster.EncryptionConfig Resources.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::EKS::Cluster.KubernetesNetworkConfig ServiceIpv4Cidr.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPrivateAccess (__added__) +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPublicAccess (__added__) +* AWS::EKS::Cluster.ResourcesVpcConfig PublicAccessCidrs (__added__) +* AWS::EKS::Cluster.ResourcesVpcConfig SecurityGroupIds.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::EKS::Cluster.ResourcesVpcConfig SubnetIds.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Kendra::DataSource.DataSourceConfiguration WebCrawlerConfiguration (__added__) +* AWS::Kendra::DataSource.DataSourceConfiguration WorkDocsConfiguration (__added__) +* AWS::Kendra::DataSource.ServiceNowConfiguration AuthenticationType (__added__) +* AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration FilterQuery (__added__) +* AWS::Kendra::DataSource.SharePointConfiguration SslCertificateS3Path (__added__) +* AWS::MediaConnect::Flow.Encryption Algorithm.Required (__changed__) + * Old: true + * New: false +* AWS::MediaConnect::Flow.Source MinLatency (__added__) +* AWS::MediaConnect::Flow.Source SourceIngestPort (__added__) +* AWS::MediaConnect::FlowOutput.Encryption Algorithm.Required (__changed__) + * Old: true + * New: false + + # CloudFormation Resource Specification v42.0.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 59b3a909cdd4d..f3986a67888db 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -42.0.0 +43.0.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index d7d147ad6d46e..edf7812167810 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -19763,6 +19763,57 @@ } } }, + "AWS::EC2::LaunchTemplate.AcceleratorCount": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratorcount.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratorcount.html#cfn-ec2-launchtemplate-acceleratorcount-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratorcount.html#cfn-ec2-launchtemplate-acceleratorcount-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratortotalmemorymib.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratortotalmemorymib.html#cfn-ec2-launchtemplate-acceleratortotalmemorymib-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-acceleratortotalmemorymib.html#cfn-ec2-launchtemplate-acceleratortotalmemorymib-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-baselineebsbandwidthmbps.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-baselineebsbandwidthmbps.html#cfn-ec2-launchtemplate-baselineebsbandwidthmbps-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-baselineebsbandwidthmbps.html#cfn-ec2-launchtemplate-baselineebsbandwidthmbps-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-blockdevicemapping.html", "Properties": { @@ -20206,6 +20257,40 @@ } } }, + "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorygibpervcpu.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorygibpervcpu.html#cfn-ec2-launchtemplate-memorygibpervcpu-max", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorygibpervcpu.html#cfn-ec2-launchtemplate-memorygibpervcpu-min", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::EC2::LaunchTemplate.MemoryMiB": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorymib.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorymib.html#cfn-ec2-launchtemplate-memorymib-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-memorymib.html#cfn-ec2-launchtemplate-memorymib-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::EC2::LaunchTemplate.MetadataOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-metadataoptions.html", "Properties": { @@ -20338,6 +20423,23 @@ } } }, + "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterfacecount.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterfacecount.html#cfn-ec2-launchtemplate-networkinterfacecount-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterfacecount.html#cfn-ec2-launchtemplate-networkinterfacecount-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::EC2::LaunchTemplate.Placement": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-placement.html", "Properties": { @@ -20461,6 +20563,40 @@ } } }, + "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-totallocalstoragegb.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-totallocalstoragegb.html#cfn-ec2-launchtemplate-totallocalstoragegb-max", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-totallocalstoragegb.html#cfn-ec2-launchtemplate-totallocalstoragegb-min", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::EC2::LaunchTemplate.VCpuCount": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-vcpucount.html", + "Properties": { + "Max": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-vcpucount.html#cfn-ec2-launchtemplate-vcpucount-max", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Min": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-vcpucount.html#cfn-ec2-launchtemplate-vcpucount-min", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::EC2::NetworkAclEntry.Icmp": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-icmp.html", "Properties": { @@ -22041,6 +22177,30 @@ "Required": true, "Type": "List", "UpdateType": "Mutable" + }, + "RepositoryFilters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationrule.html#cfn-ecr-replicationconfiguration-replicationrule-repositoryfilters", + "ItemType": "RepositoryFilter", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html", + "Properties": { + "Filter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html#cfn-ecr-replicationconfiguration-repositoryfilter-filter", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "FilterType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html#cfn-ecr-replicationconfiguration-repositoryfilter-filtertype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" } } }, @@ -23592,21 +23752,33 @@ } } }, + "AWS::EKS::Cluster.ClusterLogging": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html", + "Properties": { + "EnabledTypes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html#cfn-eks-cluster-clusterlogging-enabledtypes", + "ItemType": "LoggingTypeConfig", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::EKS::Cluster.EncryptionConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html", "Properties": { "Provider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html#cfn-eks-cluster-encryptionconfig-provider", + "PrimitiveType": "Json", "Required": false, - "Type": "Provider", - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "Resources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html#cfn-eks-cluster-encryptionconfig-resources", "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Immutable" } } }, @@ -23617,15 +23789,26 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-kubernetesnetworkconfig.html#cfn-eks-cluster-kubernetesnetworkconfig-serviceipv4cidr", "PrimitiveType": "String", "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::EKS::Cluster.Logging": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html", + "Properties": { + "ClusterLogging": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html#cfn-eks-cluster-logging-clusterlogging", + "Required": false, + "Type": "ClusterLogging", "UpdateType": "Mutable" } } }, - "AWS::EKS::Cluster.Provider": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html", + "AWS::EKS::Cluster.LoggingTypeConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html", "Properties": { - "KeyArn": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html#cfn-eks-cluster-provider-keyarn", + "Type": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html#cfn-eks-cluster-loggingtypeconfig-type", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" @@ -23635,19 +23818,38 @@ "AWS::EKS::Cluster.ResourcesVpcConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html", "Properties": { + "EndpointPrivateAccess": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-endpointprivateaccess", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "EndpointPublicAccess": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-endpointpublicaccess", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "PublicAccessCidrs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-publicaccesscidrs", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "SecurityGroupIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-securitygroupids", "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "SubnetIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-subnetids", "PrimitiveItemType": "String", "Required": true, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Immutable" } } }, @@ -37380,6 +37582,18 @@ "Required": false, "Type": "SharePointConfiguration", "UpdateType": "Mutable" + }, + "WebCrawlerConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-datasourceconfiguration.html#cfn-kendra-datasource-datasourceconfiguration-webcrawlerconfiguration", + "Required": false, + "Type": "WebCrawlerConfiguration", + "UpdateType": "Mutable" + }, + "WorkDocsConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-datasourceconfiguration.html#cfn-kendra-datasource-datasourceconfiguration-workdocsconfiguration", + "Required": false, + "Type": "WorkDocsConfiguration", + "UpdateType": "Mutable" } } }, @@ -37598,6 +37812,29 @@ } } }, + "AWS::Kendra::DataSource.ProxyConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-proxyconfiguration.html", + "Properties": { + "Credentials": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-proxyconfiguration.html#cfn-kendra-datasource-proxyconfiguration-credentials", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Host": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-proxyconfiguration.html#cfn-kendra-datasource-proxyconfiguration-host", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Port": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-proxyconfiguration.html#cfn-kendra-datasource-proxyconfiguration-port", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::Kendra::DataSource.S3DataSourceConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-s3datasourceconfiguration.html", "Properties": { @@ -37882,6 +38119,12 @@ "AWS::Kendra::DataSource.ServiceNowConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-servicenowconfiguration.html", "Properties": { + "AuthenticationType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-servicenowconfiguration.html#cfn-kendra-datasource-servicenowconfiguration-authenticationtype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "HostUrl": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-servicenowconfiguration.html#cfn-kendra-datasource-servicenowconfiguration-hosturl", "PrimitiveType": "String", @@ -37949,6 +38192,12 @@ "Type": "List", "UpdateType": "Mutable" }, + "FilterQuery": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-servicenowknowledgearticleconfiguration.html#cfn-kendra-datasource-servicenowknowledgearticleconfiguration-filterquery", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "IncludeAttachmentFilePatterns": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-servicenowknowledgearticleconfiguration.html#cfn-kendra-datasource-servicenowknowledgearticleconfiguration-includeattachmentfilepatterns", "PrimitiveItemType": "String", @@ -38056,6 +38305,12 @@ "Required": true, "UpdateType": "Mutable" }, + "SslCertificateS3Path": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-sharepointconfiguration.html#cfn-kendra-datasource-sharepointconfiguration-sslcertificates3path", + "Required": false, + "Type": "S3Path", + "UpdateType": "Mutable" + }, "Urls": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-sharepointconfiguration.html#cfn-kendra-datasource-sharepointconfiguration-urls", "PrimitiveItemType": "String", @@ -38088,6 +38343,193 @@ } } }, + "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerauthenticationconfiguration.html", + "Properties": { + "BasicAuthentication": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerauthenticationconfiguration.html#cfn-kendra-datasource-webcrawlerauthenticationconfiguration-basicauthentication", + "ItemType": "WebCrawlerBasicAuthentication", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerbasicauthentication.html", + "Properties": { + "Credentials": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerbasicauthentication.html#cfn-kendra-datasource-webcrawlerbasicauthentication-credentials", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Host": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerbasicauthentication.html#cfn-kendra-datasource-webcrawlerbasicauthentication-host", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Port": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerbasicauthentication.html#cfn-kendra-datasource-webcrawlerbasicauthentication-port", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WebCrawlerConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html", + "Properties": { + "AuthenticationConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-authenticationconfiguration", + "Required": false, + "Type": "WebCrawlerAuthenticationConfiguration", + "UpdateType": "Mutable" + }, + "CrawlDepth": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-crawldepth", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxContentSizePerPageInMegaBytes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-maxcontentsizeperpageinmegabytes", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxLinksPerPage": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-maxlinksperpage", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxUrlsPerMinuteCrawlRate": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-maxurlsperminutecrawlrate", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "ProxyConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-proxyconfiguration", + "Required": false, + "Type": "ProxyConfiguration", + "UpdateType": "Mutable" + }, + "UrlExclusionPatterns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-urlexclusionpatterns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "UrlInclusionPatterns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-urlinclusionpatterns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Urls": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerconfiguration.html#cfn-kendra-datasource-webcrawlerconfiguration-urls", + "Required": true, + "Type": "WebCrawlerUrls", + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerseedurlconfiguration.html", + "Properties": { + "SeedUrls": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerseedurlconfiguration.html#cfn-kendra-datasource-webcrawlerseedurlconfiguration-seedurls", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "WebCrawlerMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerseedurlconfiguration.html#cfn-kendra-datasource-webcrawlerseedurlconfiguration-webcrawlermode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlersitemapsconfiguration.html", + "Properties": { + "SiteMaps": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlersitemapsconfiguration.html#cfn-kendra-datasource-webcrawlersitemapsconfiguration-sitemaps", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WebCrawlerUrls": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerurls.html", + "Properties": { + "SeedUrlConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerurls.html#cfn-kendra-datasource-webcrawlerurls-seedurlconfiguration", + "Required": false, + "Type": "WebCrawlerSeedUrlConfiguration", + "UpdateType": "Mutable" + }, + "SiteMapsConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-webcrawlerurls.html#cfn-kendra-datasource-webcrawlerurls-sitemapsconfiguration", + "Required": false, + "Type": "WebCrawlerSiteMapsConfiguration", + "UpdateType": "Mutable" + } + } + }, + "AWS::Kendra::DataSource.WorkDocsConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html", + "Properties": { + "CrawlComments": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-crawlcomments", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "ExclusionPatterns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-exclusionpatterns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "FieldMappings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-fieldmappings", + "ItemType": "DataSourceToIndexFieldMapping", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "InclusionPatterns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-inclusionpatterns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "OrganizationId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-organizationid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "UseChangeLog": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-workdocsconfiguration.html#cfn-kendra-datasource-workdocsconfiguration-usechangelog", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Kendra::Faq.S3Path": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-faq-s3path.html", "Properties": { @@ -39664,6 +40106,117 @@ } } }, + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints.html", + "Properties": { + "IntervalInSeconds": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints-intervalinseconds", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "SizeInMBs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicebufferinghints-sizeinmbs", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html", + "Properties": { + "BufferingHints": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-bufferinghints", + "Required": false, + "Type": "AmazonopensearchserviceBufferingHints", + "UpdateType": "Mutable" + }, + "CloudWatchLoggingOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-cloudwatchloggingoptions", + "Required": false, + "Type": "CloudWatchLoggingOptions", + "UpdateType": "Mutable" + }, + "ClusterEndpoint": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-clusterendpoint", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DomainARN": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-domainarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "IndexName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-indexname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "IndexRotationPeriod": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-indexrotationperiod", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ProcessingConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-processingconfiguration", + "Required": false, + "Type": "ProcessingConfiguration", + "UpdateType": "Mutable" + }, + "RetryOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-retryoptions", + "Required": false, + "Type": "AmazonopensearchserviceRetryOptions", + "UpdateType": "Mutable" + }, + "RoleARN": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "S3BackupMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-s3backupmode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "S3Configuration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-s3configuration", + "Required": true, + "Type": "S3DestinationConfiguration", + "UpdateType": "Mutable" + }, + "TypeName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-typename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "VpcConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration-vpcconfiguration", + "Required": false, + "Type": "VpcConfiguration", + "UpdateType": "Immutable" + } + } + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchserviceretryoptions.html", + "Properties": { + "DurationInSeconds": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchserviceretryoptions.html#cfn-kinesisfirehose-deliverystream-amazonopensearchserviceretryoptions-durationinseconds", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-bufferinghints.html", "Properties": { @@ -42481,7 +43034,7 @@ "Algorithm": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-algorithm", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "ConstantInitializationVector": { @@ -42596,6 +43149,12 @@ "Required": false, "UpdateType": "Mutable" }, + "MinLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-minlatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-name", "PrimitiveType": "String", @@ -42614,6 +43173,12 @@ "Required": false, "UpdateType": "Mutable" }, + "SourceIngestPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-sourceingestport", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "StreamId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-streamid", "PrimitiveType": "String", @@ -42699,7 +43264,7 @@ "Algorithm": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html#cfn-mediaconnect-flowoutput-encryption-algorithm", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "KeyType": { @@ -62661,7 +63226,7 @@ } } }, - "ResourceSpecificationVersion": "42.0.0", + "ResourceSpecificationVersion": "43.0.0", "ResourceTypes": { "AWS::ACMPCA::Certificate": { "Attributes": { @@ -62844,6 +63409,42 @@ } } }, + "AWS::APS::RuleGroupsNamespace": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-rulegroupsnamespace.html", + "Properties": { + "Data": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-rulegroupsnamespace.html#cfn-aps-rulegroupsnamespace-data", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-rulegroupsnamespace.html#cfn-aps-rulegroupsnamespace-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-rulegroupsnamespace.html#cfn-aps-rulegroupsnamespace-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Workspace": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-rulegroupsnamespace.html#cfn-aps-rulegroupsnamespace-workspace", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::APS::Workspace": { "Attributes": { "Arn": { @@ -62858,6 +63459,12 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-workspace.html", "Properties": { + "AlertManagerDefinition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-workspace.html#cfn-aps-workspace-alertmanagerdefinition", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "Alias": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-aps-workspace.html#cfn-aps-workspace-alias", "PrimitiveType": "String", @@ -78068,6 +78675,12 @@ "Type": "KubernetesNetworkConfig", "UpdateType": "Immutable" }, + "Logging": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-logging", + "Required": false, + "Type": "Logging", + "UpdateType": "Mutable" + }, "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-name", "PrimitiveType": "String", @@ -78078,7 +78691,7 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-resourcesvpcconfig", "Required": true, "Type": "ResourcesVpcConfig", - "UpdateType": "Immutable" + "UpdateType": "Mutable" }, "RoleArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-rolearn", @@ -78086,6 +78699,14 @@ "Required": true, "UpdateType": "Immutable" }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "Version": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-version", "PrimitiveType": "String", @@ -87180,6 +87801,12 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesisfirehose-deliverystream.html", "Properties": { + "AmazonopensearchserviceDestinationConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesisfirehose-deliverystream.html#cfn-kinesisfirehose-deliverystream-amazonopensearchservicedestinationconfiguration", + "Required": false, + "Type": "AmazonopensearchserviceDestinationConfiguration", + "UpdateType": "Mutable" + }, "DeliveryStreamEncryptionConfigurationInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesisfirehose-deliverystream.html#cfn-kinesisfirehose-deliverystream-deliverystreamencryptionconfigurationinput", "Required": false, @@ -87562,6 +88189,14 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html", "Properties": { + "Architectures": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-architectures", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "Code": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-code", "Required": true, @@ -87692,6 +88327,13 @@ "AWS::Lambda::LayerVersion": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html", "Properties": { + "CompatibleArchitectures": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatiblearchitectures", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, "CompatibleRuntimes": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatibleruntimes", "PrimitiveItemType": "String", @@ -88989,6 +89631,9 @@ }, "Source.SourceArn": { "PrimitiveType": "String" + }, + "Source.SourceIngestPort": { + "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html", @@ -89117,6 +89762,12 @@ "Required": false, "UpdateType": "Mutable" }, + "MinLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-minlatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-name", "PrimitiveType": "String", @@ -89168,6 +89819,9 @@ }, "SourceArn": { "PrimitiveType": "String" + }, + "SourceIngestPort": { + "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html", @@ -91338,6 +91992,9 @@ "Arn": { "PrimitiveType": "String" }, + "DomainArn": { + "PrimitiveType": "String" + }, "DomainEndpoint": { "PrimitiveType": "String" }, @@ -97286,16 +97943,21 @@ } }, "AWS::SQS::QueuePolicy": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html", + "Attributes": { + "Id": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html", "Properties": { "PolicyDocument": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html#cfn-sqs-queuepolicy-policydoc", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html#cfn-sqs-queuepolicy-policydocument", "PrimitiveType": "Json", "Required": true, "UpdateType": "Mutable" }, "Queues": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html#cfn-sqs-queuepolicy-queues", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queuepolicy.html#cfn-sqs-queuepolicy-queues", "DuplicatesAllowed": true, "PrimitiveItemType": "String", "Required": true, From fc4e7fa2bce511b005ca50585a8111680d9d3031 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 6 Oct 2021 13:30:32 +0200 Subject: [PATCH 24/43] docs(custom-resource): important cases to handle (#16819) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/custom-resources/README.md | 37 ++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/custom-resources/README.md b/packages/@aws-cdk/custom-resources/README.md index ccf5765dea13e..8583e04bc087f 100644 --- a/packages/@aws-cdk/custom-resources/README.md +++ b/packages/@aws-cdk/custom-resources/README.md @@ -201,7 +201,7 @@ must return this name in `PhysicalResourceId` and make sure to handle replacement properly. The `S3File` example demonstrates this through the `objectKey` property. -### Handling Provider Framework Error +### When there are errors As mentioned above, if any of the user handlers fail (i.e. throws an exception) or times out (due to their AWS Lambda timing out), the framework will trap these @@ -225,6 +225,39 @@ lifecycle events: with the previous properties. * If a `Delete` event fails, CloudFormation will abandon this resource. +### Important cases to handle + +You should keep the following list in mind when writing custom resources to +make sure your custom resource behaves correctly in all cases: + +* During `Create`: + * If the create fails, the *provider framework* will make sure you + don't get a subsequent `Delete` event. If your create involves multiple distinct + operations, it is your responsibility to catch and rethrow and clean up + any partial updates that have already been performed. Make sure your + API call timeouts and Lambda timeouts allow for this. +* During `Update`: + * If the update fails, you will get a subsequent `Update` event + to roll back to the previous state (with `ResourceProperties` and + `OldResourceProperties` reversed). + * If you return a different `PhysicalResourceId`, you will subsequently + receive a `Delete` event to clean up the previous state of the resource. +* During `Delete`: + * If the behavior of your custom resource is tied to another AWS resource + (for example, it exists to clean the contents of a stateful resource), keep + in mind that your custom resource may be deleted independently of the other + resource and you must confirm that it is appropriate to perform the action. + * (only if you are *not* using the provider framework) a `Delete` event + may be caused by a failed `Create`. You must be able to handle the case + where the resource you are trying to delete hasn't even been created yet. +* If you update the code of your custom resource and change the format of the + resource properties, be aware that there may still be already-deployed + instances of your custom resource out there, and you may still receive + the *old* property format in `ResourceProperties` (during `Delete` and + rollback `Updates`) or in `OldResourceProperties` (during rollforward + `Update`). You must continue to handle all possible sets of properties + your custom resource could have ever been created with in the past. + ### Provider Framework Execution Policy Similarly to any AWS Lambda function, if the user-defined handlers require @@ -518,7 +551,7 @@ const getParameter = new AwsCustomResource(this, 'AssociateVPCWithHostedZone', { physicalResourceId: PhysicalResourceId.of('${vpcStack.SharedVpc.VpcId}-${vpcStack.Region}-${PrivateHostedZone.HostedZoneId}') }, //Will ignore any resource and use the assumedRoleArn as resource and 'sts:AssumeRole' for service:action - policy: AwsCustomResourcePolicy.fromSdkCalls({resources: AwsCustomResourcePolicy.ANY_RESOURCE}) + policy: AwsCustomResourcePolicy.fromSdkCalls({resources: AwsCustomResourcePolicy.ANY_RESOURCE}) }); ``` From deb0d4de935d9358fb28f0e255ca178bcb1e3f6a Mon Sep 17 00:00:00 2001 From: Romain Marcadier Date: Wed, 6 Oct 2021 15:08:10 +0200 Subject: [PATCH 25/43] chore: downgrade custom resources to Node 12 (#16818) Some AWS regions do not yet support the Node 14.x runtime for Lambda, which makes it challenging to use anything that involves a vended custom resource that uses it. Downgrading all those resources to use Node 12.x instead, which is available in all regions where Lambda is, and hence provides better coverage and usability. Fixes cdklabs/cdk-ops#1686 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../test/integ.assign-public-ip.expected.json | 44 +- .../lib/dns-validated-certificate.ts | 2 +- .../test/dns-validated-certificate.test.ts | 2 +- .../lib/global-table-coordinator.ts | 2 +- .../test/integ.dynamodb.global.expected.json | 3 +- ...teg.eks-cluster-handlers-vpc.expected.json | 132 +-- ...eks-cluster-private-endpoint.expected.json | 181 +++-- .../test/integ.eks-cluster.expected.json | 757 +++++++++++++----- .../integ.eks-oidc-provider.expected.json | 10 +- .../test/integ.fargate-cluster.expected.json | 177 ++-- .../lib/private/database-query.ts | 2 +- .../test/integ.database.expected.json | 26 +- .../test/integ.actions.expected.json | 2 +- packages/@aws-cdk/aws-ses/lib/receipt-rule.ts | 2 +- .../aws-ses/test/integ.receipt.expected.json | 2 +- .../lib/provider-framework/provider.ts | 2 +- .../integ.provider.expected.json | 8 +- .../lib/private/application-security-check.ts | 4 +- .../integ.pipeline-security.expected.json | 4 +- 19 files changed, 953 insertions(+), 409 deletions(-) diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/integ.assign-public-ip.expected.json b/packages/@aws-cdk-containers/ecs-service-extensions/test/integ.assign-public-ip.expected.json index f3a7aeeb43fb1..1c061588d688d 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/integ.assign-public-ip.expected.json +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/integ.assign-public-ip.expected.json @@ -714,7 +714,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3Bucket52DB41A7" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3Bucket1AECFCFD" }, "S3Key": { "Fn::Join": [ @@ -727,7 +727,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3VersionKey0F583551" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3VersionKey2ACFB47F" } ] } @@ -740,7 +740,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3VersionKey0F583551" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3VersionKey2ACFB47F" } ] } @@ -877,7 +877,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3Bucket52DB41A7" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3Bucket1AECFCFD" }, "S3Key": { "Fn::Join": [ @@ -890,7 +890,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3VersionKey0F583551" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3VersionKey2ACFB47F" } ] } @@ -903,7 +903,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3VersionKey0F583551" + "Ref": "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3VersionKey2ACFB47F" } ] } @@ -1044,7 +1044,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -1190,7 +1190,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cS3BucketD609D0D9" + "Ref": "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dS3Bucket4C71F166" }, "S3Key": { "Fn::Join": [ @@ -1203,7 +1203,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cS3VersionKey77CF589B" + "Ref": "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dS3VersionKey0124EFC4" } ] } @@ -1216,7 +1216,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cS3VersionKey77CF589B" + "Ref": "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dS3VersionKey0124EFC4" } ] } @@ -1242,17 +1242,17 @@ } }, "Parameters": { - "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3Bucket52DB41A7": { + "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3Bucket1AECFCFD": { "Type": "String", - "Description": "S3 bucket for asset \"c02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4\"" + "Description": "S3 bucket for asset \"1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3e\"" }, - "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4S3VersionKey0F583551": { + "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eS3VersionKey2ACFB47F": { "Type": "String", - "Description": "S3 key for asset version \"c02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4\"" + "Description": "S3 key for asset version \"1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3e\"" }, - "AssetParametersc02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4ArtifactHash85B8E84D": { + "AssetParameters1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3eArtifactHashC1CF90D5": { "Type": "String", - "Description": "Artifact hash for asset \"c02a0f4f3094701fe7fc414690fc416909b3a1f04dcba086e366807a15f2b0b4\"" + "Description": "Artifact hash for asset \"1cd4a64795df8938c7ff3d71caa4b3fd27d3d5caa222517813b08ae2a6494d3e\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", @@ -1266,17 +1266,17 @@ "Type": "String", "Description": "Artifact hash for asset \"daeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1\"" }, - "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cS3BucketD609D0D9": { + "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dS3Bucket4C71F166": { "Type": "String", - "Description": "S3 bucket for asset \"4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02c\"" + "Description": "S3 bucket for asset \"1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2d\"" }, - "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cS3VersionKey77CF589B": { + "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dS3VersionKey0124EFC4": { "Type": "String", - "Description": "S3 key for asset version \"4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02c\"" + "Description": "S3 key for asset version \"1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2d\"" }, - "AssetParameters4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02cArtifactHash86CFA15D": { + "AssetParameters1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2dArtifactHash6350D824": { "Type": "String", - "Description": "Artifact hash for asset \"4600faecd25ab407ff0a9d16f935c93062aaea5d415e97046bb8befe6c8ec02c\"" + "Description": "Artifact hash for asset \"1c4eb88f5a8270f387281dcff6e3493840634113c4d57044f4aff74e3ef94c2d\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts b/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts index fff0ef7df7d7d..60c965e21a6ab 100644 --- a/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts +++ b/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts @@ -88,7 +88,7 @@ export class DnsValidatedCertificate extends CertificateBase implements ICertifi const requestorFunction = new lambda.Function(this, 'CertificateRequestorFunction', { code: lambda.Code.fromAsset(path.resolve(__dirname, '..', 'lambda-packages', 'dns_validated_certificate_handler', 'lib')), handler: 'index.certificateRequestHandler', - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, timeout: cdk.Duration.minutes(15), role: props.customResourceRole, }); diff --git a/packages/@aws-cdk/aws-certificatemanager/test/dns-validated-certificate.test.ts b/packages/@aws-cdk/aws-certificatemanager/test/dns-validated-certificate.test.ts index 1b0a667b52738..aadce823b74a0 100644 --- a/packages/@aws-cdk/aws-certificatemanager/test/dns-validated-certificate.test.ts +++ b/packages/@aws-cdk/aws-certificatemanager/test/dns-validated-certificate.test.ts @@ -31,7 +31,7 @@ test('creates CloudFormation Custom Resource', () => { }); expect(stack).toHaveResource('AWS::Lambda::Function', { Handler: 'index.certificateRequestHandler', - Runtime: 'nodejs14.x', + Runtime: 'nodejs12.x', Timeout: 900, }); expect(stack).toHaveResource('AWS::IAM::Policy', { diff --git a/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts b/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts index 924c84b9237f1..8605e36fda54b 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts +++ b/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts @@ -19,7 +19,7 @@ export class GlobalTableCoordinator extends cdk.Stack { code: lambda.Code.fromAsset(path.resolve(__dirname, '../', 'lambda-packages', 'aws-global-table-coordinator', 'lib')), description: 'Lambda to make DynamoDB a global table', handler: 'index.handler', - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, timeout: cdk.Duration.minutes(5), uuid: 'D38B65A6-6B54-4FB6-9BAD-9CD40A6DAC12', }); diff --git a/packages/@aws-cdk/aws-dynamodb-global/test/integ.dynamodb.global.expected.json b/packages/@aws-cdk/aws-dynamodb-global/test/integ.dynamodb.global.expected.json index b4dfc40358bd1..3aab4c4f3a64b 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/test/integ.dynamodb.global.expected.json +++ b/packages/@aws-cdk/aws-dynamodb-global/test/integ.dynamodb.global.expected.json @@ -202,10 +202,9 @@ "Arn" ] }, - "Runtime": "nodejs14.x", "Description": "Lambda to make DynamoDB a global table", "Handler": "index.handler", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 300 }, "DependsOn": [ diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json index 02d74f9efcf49..bc3c838b43ef3 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json @@ -84,7 +84,9 @@ "Ref": "EksAllHandlersInVpcStackDefaultVpcIGW916D42F1" } }, - "DependsOn": ["EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4"] + "DependsOn": [ + "EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4" + ] }, "EksAllHandlersInVpcStackDefaultVpcPublicSubnet1EIP9380B54C": { "Type": "AWS::EC2::EIP", @@ -195,7 +197,9 @@ "Ref": "EksAllHandlersInVpcStackDefaultVpcIGW916D42F1" } }, - "DependsOn": ["EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4"] + "DependsOn": [ + "EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4" + ] }, "EksAllHandlersInVpcStackDefaultVpcPublicSubnet2EIP9186922F": { "Type": "AWS::EC2::EIP", @@ -306,7 +310,9 @@ "Ref": "EksAllHandlersInVpcStackDefaultVpcIGW916D42F1" } }, - "DependsOn": ["EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4"] + "DependsOn": [ + "EksAllHandlersInVpcStackDefaultVpcVPCGW5DC3BDB4" + ] }, "EksAllHandlersInVpcStackDefaultVpcPublicSubnet3EIPBF5ED908": { "Type": "AWS::EC2::EIP", @@ -699,7 +705,10 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["EksAllHandlersInVpcStackRoleC36F09F0", "Arn"] + "Fn::GetAtt": [ + "EksAllHandlersInVpcStackRoleC36F09F0", + "Arn" + ] } }, { @@ -715,7 +724,9 @@ "eks:UntagResource" ], "Effect": "Allow", - "Resource": ["*"] + "Resource": [ + "*" + ] }, { "Action": [ @@ -726,7 +737,10 @@ "Resource": "*" }, { - "Action": ["iam:GetRole", "iam:listAttachedRolePolicies"], + "Action": [ + "iam:GetRole", + "iam:listAttachedRolePolicies" + ], "Effect": "Allow", "Resource": "*" }, @@ -806,7 +820,10 @@ "Config": { "version": "1.21", "roleArn": { - "Fn::GetAtt": ["EksAllHandlersInVpcStackRoleC36F09F0", "Arn"] + "Fn::GetAtt": [ + "EksAllHandlersInVpcStackRoleC36F09F0", + "Arn" + ] }, "resourcesVpcConfig": { "subnetIds": [ @@ -842,7 +859,10 @@ } }, "AssumeRoleArn": { - "Fn::GetAtt": ["EksAllHandlersInVpcStackCreationRole0BAA4CDC", "Arn"] + "Fn::GetAtt": [ + "EksAllHandlersInVpcStackCreationRole0BAA4CDC", + "Arn" + ] }, "AttributesRevision": 2 }, @@ -968,12 +988,17 @@ "Ref": "EksAllHandlersInVpcStack9ED695D7" }, "RoleArn": { - "Fn::GetAtt": ["EksAllHandlersInVpcStackCreationRole0BAA4CDC", "Arn"] + "Fn::GetAtt": [ + "EksAllHandlersInVpcStackCreationRole0BAA4CDC", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c8fa2698c0d935568a51a7732ad19350286b302ae8", "Overwrite": true }, - "DependsOn": ["EksAllHandlersInVpcStackKubectlReadyBarrier8687350F"], + "DependsOn": [ + "EksAllHandlersInVpcStackKubectlReadyBarrier8687350F" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -1067,7 +1092,9 @@ ], "AmiType": "AL2_x86_64", "ForceUpdateEnabled": true, - "InstanceTypes": ["m5.large"], + "InstanceTypes": [ + "m5.large" + ], "ScalingConfig": { "DesiredSize": 2, "MaxSize": 2, @@ -1088,7 +1115,7 @@ }, "/", { - "Ref": "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7S3Bucket995BE909" + "Ref": "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742S3BucketA4A228F5" }, "/", { @@ -1098,7 +1125,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7S3VersionKeyFC082341" + "Ref": "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742S3VersionKey6CE1DED5" } ] } @@ -1111,7 +1138,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7S3VersionKeyFC082341" + "Ref": "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742S3VersionKey6CE1DED5" } ] } @@ -1130,11 +1157,11 @@ "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStackDefaultVpcE40EA7ACRef": { "Ref": "EksAllHandlersInVpcStackDefaultVpcBE11D4AE" }, - "referencetoawscdkekshandlersinvpctestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket2733AD2BRef": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9" + "referencetoawscdkekshandlersinvpctestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket4A93429DRef": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C" }, - "referencetoawscdkekshandlersinvpctestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKey97FD1B55Ref": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6" + "referencetoawscdkekshandlersinvpctestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey7F5C23CBRef": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9" }, "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStackDefaultVpcPrivateSubnet1Subnet9479BAA8Ref": { "Ref": "EksAllHandlersInVpcStackDefaultVpcPrivateSubnet1SubnetE2B86978" @@ -1145,11 +1172,11 @@ "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStackDefaultVpcPrivateSubnet3Subnet1B127970Ref": { "Ref": "EksAllHandlersInVpcStackDefaultVpcPrivateSubnet3SubnetA75A8BA9" }, - "referencetoawscdkekshandlersinvpctestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket99F890C4Ref": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42" + "referencetoawscdkekshandlersinvpctestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3BucketE24ADE21Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135" }, - "referencetoawscdkekshandlersinvpctestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey12E014F2Ref": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772" + "referencetoawscdkekshandlersinvpctestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKeyEA8B9B47Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB" }, "referencetoawscdkekshandlersinvpctestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket9D7E9998Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" @@ -1175,7 +1202,7 @@ }, "/", { - "Ref": "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8S3Bucket6909A78C" + "Ref": "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345S3BucketC59A67EA" }, "/", { @@ -1185,7 +1212,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8S3VersionKeyF89BBD63" + "Ref": "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345S3VersionKey10DC54D0" } ] } @@ -1198,7 +1225,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8S3VersionKeyF89BBD63" + "Ref": "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345S3VersionKey10DC54D0" } ] } @@ -1209,7 +1236,10 @@ }, "Parameters": { "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStack429D29C0Arn": { - "Fn::GetAtt": ["EksAllHandlersInVpcStack9ED695D7", "Arn"] + "Fn::GetAtt": [ + "EksAllHandlersInVpcStack9ED695D7", + "Arn" + ] }, "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStackCreationRoleADAAC7FDArn": { "Fn::GetAtt": [ @@ -1305,29 +1335,29 @@ } }, "Parameters": { - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C": { "Type": "String", - "Description": "S3 bucket for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 bucket for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9": { "Type": "String", - "Description": "S3 key for asset version \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 key for asset version \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcArtifactHashC6D6393C": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4ArtifactHash26192139": { "Type": "String", - "Description": "Artifact hash for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "Artifact hash for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135": { "Type": "String", - "Description": "S3 bucket for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 bucket for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB": { "Type": "String", - "Description": "S3 key for asset version \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 key for asset version \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefArtifactHash861FF133": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccArtifactHashCC7E7A09": { "Type": "String", - "Description": "Artifact hash for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "Artifact hash for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", @@ -1377,29 +1407,29 @@ "Type": "String", "Description": "Artifact hash for asset \"ea17febe6d04c66048f3e8e060c71685c0cb53122abceff44842d27bc0d4a03e\"" }, - "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7S3Bucket995BE909": { + "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742S3BucketA4A228F5": { "Type": "String", - "Description": "S3 bucket for asset \"aaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7\"" + "Description": "S3 bucket for asset \"30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742\"" }, - "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7S3VersionKeyFC082341": { + "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742S3VersionKey6CE1DED5": { "Type": "String", - "Description": "S3 key for asset version \"aaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7\"" + "Description": "S3 key for asset version \"30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742\"" }, - "AssetParametersaaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7ArtifactHashABA2E5E1": { + "AssetParameters30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742ArtifactHashBC7D3F16": { "Type": "String", - "Description": "Artifact hash for asset \"aaf0702521101dbd9f595a941bc4553dc343cd8e278677ab192eee285c3cb5f7\"" + "Description": "Artifact hash for asset \"30ee592ed790de2e3261605468c9775597d2246a8fe1db5e656f903f536f3742\"" }, - "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8S3Bucket6909A78C": { + "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345S3BucketC59A67EA": { "Type": "String", - "Description": "S3 bucket for asset \"abc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8\"" + "Description": "S3 bucket for asset \"21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345\"" }, - "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8S3VersionKeyF89BBD63": { + "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345S3VersionKey10DC54D0": { "Type": "String", - "Description": "S3 key for asset version \"abc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8\"" + "Description": "S3 key for asset version \"21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345\"" }, - "AssetParametersabc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8ArtifactHashFAE25270": { + "AssetParameters21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345ArtifactHash9BBC26F6": { "Type": "String", - "Description": "Artifact hash for asset \"abc0a1f8e9cd253f3d630dc9e75261dfb185a252be4394b39e92e90423a7aae8\"" + "Description": "Artifact hash for asset \"21c400ec0eb62a3fa5c541809780b108a89b7772406cc58eb6d989827ce09345\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json index e9c0e267b04f5..b4da9f1c8825f 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json @@ -112,7 +112,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPublicSubnet1EIPD7E02669": { "Type": "AWS::EC2::EIP", @@ -137,7 +139,10 @@ "Ref": "VpcPublicSubnet1Subnet5C2D37C4" }, "AllocationId": { - "Fn::GetAtt": ["VpcPublicSubnet1EIPD7E02669", "AllocationId"] + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] }, "Tags": [ { @@ -220,7 +225,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPublicSubnet3SubnetBE12F0B6": { "Type": "AWS::EC2::Subnet", @@ -291,7 +298,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPrivateSubnet1Subnet536B997A": { "Type": "AWS::EC2::Subnet", @@ -640,7 +649,10 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["ClusterRoleFA261979", "Arn"] + "Fn::GetAtt": [ + "ClusterRoleFA261979", + "Arn" + ] } }, { @@ -656,7 +668,9 @@ "eks:UntagResource" ], "Effect": "Allow", - "Resource": ["*"] + "Resource": [ + "*" + ] }, { "Action": [ @@ -667,7 +681,10 @@ "Resource": "*" }, { - "Action": ["iam:GetRole", "iam:listAttachedRolePolicies"], + "Action": [ + "iam:GetRole", + "iam:listAttachedRolePolicies" + ], "Effect": "Allow", "Resource": "*" }, @@ -743,7 +760,10 @@ "Config": { "version": "1.21", "roleArn": { - "Fn::GetAtt": ["ClusterRoleFA261979", "Arn"] + "Fn::GetAtt": [ + "ClusterRoleFA261979", + "Arn" + ] }, "resourcesVpcConfig": { "subnetIds": [ @@ -779,7 +799,10 @@ } }, "AssumeRoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "AttributesRevision": 2 }, @@ -846,11 +869,17 @@ [ "[{\"apiVersion\":\"v1\",\"kind\":\"ConfigMap\",\"metadata\":{\"name\":\"aws-auth\",\"namespace\":\"kube-system\"},\"data\":{\"mapRoles\":\"[{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] }, "\\\",\\\"groups\\\":[\\\"system:masters\\\"]},{\\\"rolearn\\\":\\\"", { @@ -867,11 +896,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "Overwrite": true }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -965,7 +999,9 @@ ], "AmiType": "AL2_x86_64", "ForceUpdateEnabled": true, - "InstanceTypes": ["m5.large"], + "InstanceTypes": [ + "m5.large" + ], "ScalingConfig": { "DesiredSize": 2, "MaxSize": 2, @@ -987,10 +1023,15 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] } }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -1007,7 +1048,7 @@ }, "/", { - "Ref": "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eS3Bucket880F308A" + "Ref": "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890S3Bucket02F74E4B" }, "/", { @@ -1017,7 +1058,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eS3VersionKey67C8FBE4" + "Ref": "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890S3VersionKey0582948B" } ] } @@ -1030,7 +1071,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eS3VersionKey67C8FBE4" + "Ref": "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890S3VersionKey0582948B" } ] } @@ -1041,19 +1082,22 @@ }, "Parameters": { "referencetoawscdkeksclusterprivateendpointtestClusterCreationRole990BAAEAArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, - "referencetoawscdkeksclusterprivateendpointtestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3BucketE0A870AERef": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9" + "referencetoawscdkeksclusterprivateendpointtestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3BucketE84B7538Ref": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C" }, - "referencetoawscdkeksclusterprivateendpointtestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKey087D1457Ref": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6" + "referencetoawscdkeksclusterprivateendpointtestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey5FC346A2Ref": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9" }, - "referencetoawscdkeksclusterprivateendpointtestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket3935A25BRef": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42" + "referencetoawscdkeksclusterprivateendpointtestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3BucketF4479BE8Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135" }, - "referencetoawscdkeksclusterprivateendpointtestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKeyAEEB2678Ref": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772" + "referencetoawscdkeksclusterprivateendpointtestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKeyBBC4B419Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB" }, "referencetoawscdkeksclusterprivateendpointtestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket7DDAFC04Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" @@ -1079,7 +1123,7 @@ }, "/", { - "Ref": "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5S3BucketEFCDE17E" + "Ref": "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026S3BucketAF6BC29D" }, "/", { @@ -1089,7 +1133,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5S3VersionKey45DCD631" + "Ref": "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026S3VersionKey979EE7C4" } ] } @@ -1102,7 +1146,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5S3VersionKey45DCD631" + "Ref": "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026S3VersionKey979EE7C4" } ] } @@ -1113,10 +1157,16 @@ }, "Parameters": { "referencetoawscdkeksclusterprivateendpointtestClusterF4CF4FE8Arn": { - "Fn::GetAtt": ["Cluster9EE0221C", "Arn"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Arn" + ] }, "referencetoawscdkeksclusterprivateendpointtestClusterCreationRole990BAAEAArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "referencetoawscdkeksclusterprivateendpointtestAssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3Bucket5F23B36DRef": { "Ref": "AssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3BucketC6FAEEC9" @@ -1134,7 +1184,10 @@ "Ref": "VpcPrivateSubnet3SubnetF258B56E" }, "referencetoawscdkeksclusterprivateendpointtestClusterF4CF4FE8ClusterSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "referencetoawscdkeksclusterprivateendpointtestAssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3BucketFD6C4D26Ref": { "Ref": "AssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3BucketAEADE8C7" @@ -1172,7 +1225,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] } ] ] @@ -1189,7 +1245,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] } ] ] @@ -1197,29 +1256,29 @@ } }, "Parameters": { - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C": { "Type": "String", - "Description": "S3 bucket for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 bucket for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9": { "Type": "String", - "Description": "S3 key for asset version \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 key for asset version \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcArtifactHashC6D6393C": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4ArtifactHash26192139": { "Type": "String", - "Description": "Artifact hash for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "Artifact hash for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135": { "Type": "String", - "Description": "S3 bucket for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 bucket for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB": { "Type": "String", - "Description": "S3 key for asset version \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 key for asset version \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefArtifactHash861FF133": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccArtifactHashCC7E7A09": { "Type": "String", - "Description": "Artifact hash for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "Artifact hash for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", @@ -1269,29 +1328,29 @@ "Type": "String", "Description": "Artifact hash for asset \"ea17febe6d04c66048f3e8e060c71685c0cb53122abceff44842d27bc0d4a03e\"" }, - "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eS3Bucket880F308A": { + "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890S3Bucket02F74E4B": { "Type": "String", - "Description": "S3 bucket for asset \"2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85e\"" + "Description": "S3 bucket for asset \"a56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890\"" }, - "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eS3VersionKey67C8FBE4": { + "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890S3VersionKey0582948B": { "Type": "String", - "Description": "S3 key for asset version \"2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85e\"" + "Description": "S3 key for asset version \"a56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890\"" }, - "AssetParameters2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85eArtifactHash5B39BCF8": { + "AssetParametersa56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890ArtifactHash67434B72": { "Type": "String", - "Description": "Artifact hash for asset \"2b4b27a5dbac433df377885ab4121999042fe5e0b5ba995556de20f74c03b85e\"" + "Description": "Artifact hash for asset \"a56d8928013d02a98785ea769489d44faab804343ca2ee759e7f29a34f05c890\"" }, - "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5S3BucketEFCDE17E": { + "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026S3BucketAF6BC29D": { "Type": "String", - "Description": "S3 bucket for asset \"15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5\"" + "Description": "S3 bucket for asset \"b9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026\"" }, - "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5S3VersionKey45DCD631": { + "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026S3VersionKey979EE7C4": { "Type": "String", - "Description": "S3 key for asset version \"15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5\"" + "Description": "S3 key for asset version \"b9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026\"" }, - "AssetParameters15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5ArtifactHash155A4596": { + "AssetParametersb9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026ArtifactHash8B6627D0": { "Type": "String", - "Description": "Artifact hash for asset \"15015fc8ee187f2f31b7de5655eca3d8eff4e1c48e7c7243f61841f14cf5d6f5\"" + "Description": "Artifact hash for asset \"b9c099cddd88daf1512888f8ad4404f0f292ed3432f712d6a0eeddd74499b026\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json index 252abae7c493c..8ec7f02e4bd0c 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json @@ -143,7 +143,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPublicSubnet1EIPD7E02669": { "Type": "AWS::EC2::EIP", @@ -168,7 +170,10 @@ "Ref": "VpcPublicSubnet1Subnet5C2D37C4" }, "AllocationId": { - "Fn::GetAtt": ["VpcPublicSubnet1EIPD7E02669", "AllocationId"] + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] }, "Tags": [ { @@ -251,7 +256,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPublicSubnet3SubnetBE12F0B6": { "Type": "AWS::EC2::Subnet", @@ -322,7 +329,9 @@ "Ref": "VpcIGWD7BA715C" } }, - "DependsOn": ["VpcVPCGWBF912B6E"] + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] }, "VpcPrivateSubnet1Subnet536B997A": { "Type": "AWS::EC2::Subnet", @@ -610,10 +619,16 @@ "Description": "from awscdkeksclustertestClusterNodesInstanceSecurityGroupD0B64C54:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "ToPort": 443 } @@ -625,7 +640,10 @@ "Description": "from awscdkeksclustertestClusterNodesArmInstanceSecurityGroup52C45858:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -643,7 +661,10 @@ "Description": "from awscdkeksclustertestClusterBottlerocketNodesInstanceSecurityGroup83FE7914:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -661,10 +682,16 @@ "Description": "from awscdkeksclustertestClusterspotInstanceSecurityGroupF50F5D47:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "ToPort": 443 } @@ -676,7 +703,10 @@ "Description": "from awscdkeksclustertestClusterInferenceInstancesInstanceSecurityGroup42C57C51:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -755,7 +785,10 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["ClusterRoleFA261979", "Arn"] + "Fn::GetAtt": [ + "ClusterRoleFA261979", + "Arn" + ] } }, { @@ -771,7 +804,9 @@ "eks:UntagResource" ], "Effect": "Allow", - "Resource": ["*"] + "Resource": [ + "*" + ] }, { "Action": [ @@ -782,7 +817,10 @@ "Resource": "*" }, { - "Action": ["iam:GetRole", "iam:listAttachedRolePolicies"], + "Action": [ + "iam:GetRole", + "iam:listAttachedRolePolicies" + ], "Effect": "Allow", "Resource": "*" }, @@ -813,7 +851,10 @@ ], "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["SecretsKey317DCF94", "Arn"] + "Fn::GetAtt": [ + "SecretsKey317DCF94", + "Arn" + ] } }, { @@ -880,16 +921,24 @@ "Config": { "version": "1.21", "roleArn": { - "Fn::GetAtt": ["ClusterRoleFA261979", "Arn"] + "Fn::GetAtt": [ + "ClusterRoleFA261979", + "Arn" + ] }, "encryptionConfig": [ { "provider": { "keyArn": { - "Fn::GetAtt": ["SecretsKey317DCF94", "Arn"] + "Fn::GetAtt": [ + "SecretsKey317DCF94", + "Arn" + ] } }, - "resources": ["secrets"] + "resources": [ + "secrets" + ] } ], "resourcesVpcConfig": { @@ -926,7 +975,10 @@ } }, "AssumeRoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "AttributesRevision": 2 }, @@ -987,10 +1039,16 @@ "Description": "from awscdkeksclustertestClusterNodesInstanceSecurityGroupD0B64C54:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "ToPort": 443 } @@ -1002,7 +1060,10 @@ "Description": "from awscdkeksclustertestClusterNodesArmInstanceSecurityGroup52C45858:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -1020,7 +1081,10 @@ "Description": "from awscdkeksclustertestClusterBottlerocketNodesInstanceSecurityGroup83FE7914:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -1038,10 +1102,16 @@ "Description": "from awscdkeksclustertestClusterspotInstanceSecurityGroupF50F5D47:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "ToPort": 443 } @@ -1053,7 +1123,10 @@ "Description": "from awscdkeksclustertestClusterInferenceInstancesInstanceSecurityGroup42C57C51:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "SourceSecurityGroupId": { "Fn::GetAtt": [ @@ -1079,11 +1152,17 @@ [ "[{\"apiVersion\":\"v1\",\"kind\":\"ConfigMap\",\"metadata\":{\"name\":\"aws-auth\",\"namespace\":\"kube-system\",\"labels\":{\"aws.cdk.eks/prune-c842be348c45337cd97b8759de76d5a68b4910d487\":\"\"}},\"data\":{\"mapRoles\":\"[{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] }, "\\\",\\\"groups\\\":[\\\"system:masters\\\"]},{\\\"rolearn\\\":\\\"", { @@ -1101,11 +1180,17 @@ }, "\\\",\\\"username\\\":\\\"system:node:{{SessionName}}\\\",\\\"groups\\\":[\\\"system:bootstrappers\\\",\\\"system:nodes\\\",\\\"system:node-proxier\\\"]},{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["ClusterNodesInstanceRoleC3C01328", "Arn"] + "Fn::GetAtt": [ + "ClusterNodesInstanceRoleC3C01328", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"system:node:{{EC2PrivateDNSName}}\\\",\\\"groups\\\":[\\\"system:bootstrappers\\\",\\\"system:nodes\\\"]},{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["ClusterNodesArmInstanceRoleB93D3298", "Arn"] + "Fn::GetAtt": [ + "ClusterNodesArmInstanceRoleB93D3298", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"system:node:{{EC2PrivateDNSName}}\\\",\\\"groups\\\":[\\\"system:bootstrappers\\\",\\\"system:nodes\\\"]},{\\\"rolearn\\\":\\\"", { @@ -1116,7 +1201,10 @@ }, "\\\",\\\"username\\\":\\\"system:node:{{EC2PrivateDNSName}}\\\",\\\"groups\\\":[\\\"system:bootstrappers\\\",\\\"system:nodes\\\"]},{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["ClusterspotInstanceRole39043830", "Arn"] + "Fn::GetAtt": [ + "ClusterspotInstanceRole39043830", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"system:node:{{EC2PrivateDNSName}}\\\",\\\"groups\\\":[\\\"system:bootstrappers\\\",\\\"system:nodes\\\"]},{\\\"rolearn\\\":\\\"", { @@ -1161,12 +1249,17 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c842be348c45337cd97b8759de76d5a68b4910d487", "Overwrite": true }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -1260,7 +1353,9 @@ ], "AmiType": "AL2_x86_64", "ForceUpdateEnabled": true, - "InstanceTypes": ["m5.large"], + "InstanceTypes": [ + "m5.large" + ], "ScalingConfig": { "DesiredSize": 2, "MaxSize": 2, @@ -1309,7 +1404,10 @@ ] }, "AssumeRoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "Config": { "clusterName": { @@ -1359,10 +1457,16 @@ "IpProtocol": "-1", "Description": "from awscdkeksclustertestClusterNodesInstanceSecurityGroupD0B64C54:ALL TRAFFIC", "GroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] } } }, @@ -1373,10 +1477,16 @@ "Description": "from awscdkeksclustertestClusterClusterSecurityGroupF7265A32:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 443 } @@ -1388,10 +1498,16 @@ "Description": "from awscdkeksclustertestClusterControlPlaneSecurityGroup2F130134:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 443 } @@ -1403,10 +1519,16 @@ "Description": "from awscdkeksclustertestClusterClusterSecurityGroupF7265A32:1025-65535", "FromPort": 1025, "GroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 65535 } @@ -1418,10 +1540,16 @@ "Description": "from awscdkeksclustertestClusterControlPlaneSecurityGroup2F130134:1025-65535", "FromPort": 1025, "GroupId": { - "Fn::GetAtt": ["ClusterNodesInstanceSecurityGroup899246BD", "GroupId"] + "Fn::GetAtt": [ + "ClusterNodesInstanceSecurityGroup899246BD", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 65535 } @@ -1539,7 +1667,10 @@ ] }, { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } ], "UserData": { @@ -1553,11 +1684,17 @@ }, " --kubelet-extra-args \"--node-labels lifecycle=OnDemand\" --apiserver-endpoint '", { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] }, "' --b64-cluster-ca '", { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] }, "' --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack aws-cdk-eks-cluster-test --resource ClusterNodesASGF172BD19 --region test-region" ] @@ -1565,7 +1702,9 @@ } } }, - "DependsOn": ["ClusterNodesInstanceRoleC3C01328"] + "DependsOn": [ + "ClusterNodesInstanceRoleC3C01328" + ] }, "ClusterNodesASGF172BD19": { "Type": "AWS::AutoScaling::AutoScalingGroup", @@ -1669,7 +1808,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 443 } @@ -1687,7 +1829,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 443 } @@ -1705,7 +1850,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 65535 } @@ -1723,7 +1871,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 65535 } @@ -1841,7 +1992,10 @@ ] }, { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } ], "UserData": { @@ -1855,11 +2009,17 @@ }, " --kubelet-extra-args \"--node-labels lifecycle=OnDemand\" --apiserver-endpoint '", { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] }, "' --b64-cluster-ca '", { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] }, "' --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack aws-cdk-eks-cluster-test --resource ClusterNodesArmASG40A593D0 --region test-region" ] @@ -1867,7 +2027,9 @@ } } }, - "DependsOn": ["ClusterNodesArmInstanceRoleB93D3298"] + "DependsOn": [ + "ClusterNodesArmInstanceRoleB93D3298" + ] }, "ClusterNodesArmASG40A593D0": { "Type": "AWS::AutoScaling::AutoScalingGroup", @@ -1971,7 +2133,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 443 } @@ -1989,7 +2154,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 443 } @@ -2007,7 +2175,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 65535 } @@ -2025,7 +2196,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 65535 } @@ -2143,7 +2317,10 @@ ] }, { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } ], "UserData": { @@ -2153,11 +2330,17 @@ [ "\n[settings.kubernetes]\napi-server=\"", { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] }, "\"\ncluster-certificate=\"", { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] }, "\"\ncluster-name=\"", { @@ -2169,7 +2352,9 @@ } } }, - "DependsOn": ["ClusterBottlerocketNodesInstanceRole68E4BCFB"] + "DependsOn": [ + "ClusterBottlerocketNodesInstanceRole68E4BCFB" + ] }, "ClusterBottlerocketNodesASGA27A9B70": { "Type": "AWS::AutoScaling::AutoScalingGroup", @@ -2247,10 +2432,16 @@ "IpProtocol": "-1", "Description": "from awscdkeksclustertestClusterspotInstanceSecurityGroupF50F5D47:ALL TRAFFIC", "GroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] } } }, @@ -2261,10 +2452,16 @@ "Description": "from awscdkeksclustertestClusterClusterSecurityGroupF7265A32:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 443 } @@ -2276,10 +2473,16 @@ "Description": "from awscdkeksclustertestClusterControlPlaneSecurityGroup2F130134:443", "FromPort": 443, "GroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 443 } @@ -2291,10 +2494,16 @@ "Description": "from awscdkeksclustertestClusterClusterSecurityGroupF7265A32:1025-65535", "FromPort": 1025, "GroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 65535 } @@ -2306,10 +2515,16 @@ "Description": "from awscdkeksclustertestClusterControlPlaneSecurityGroup2F130134:1025-65535", "FromPort": 1025, "GroupId": { - "Fn::GetAtt": ["ClusterspotInstanceSecurityGroup01F7B1CE", "GroupId"] + "Fn::GetAtt": [ + "ClusterspotInstanceSecurityGroup01F7B1CE", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 65535 } @@ -2427,7 +2642,10 @@ ] }, { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } ], "SpotPrice": "0.1094", @@ -2442,11 +2660,17 @@ }, " --kubelet-extra-args \"--node-labels lifecycle=Ec2Spot --register-with-taints=spotInstance=true:PreferNoSchedule --node-labels foo=bar,goo=far\" --apiserver-endpoint '", { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] }, "' --b64-cluster-ca '", { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] }, "' --use-max-pods true --aws-api-retry-attempts 5\n/opt/aws/bin/cfn-signal --exit-code $? --stack aws-cdk-eks-cluster-test --resource ClusterspotASG857494B6 --region test-region" ] @@ -2454,7 +2678,9 @@ } } }, - "DependsOn": ["ClusterspotInstanceRole39043830"] + "DependsOn": [ + "ClusterspotInstanceRole39043830" + ] }, "ClusterspotASG857494B6": { "Type": "AWS::AutoScaling::AutoScalingGroup", @@ -2517,7 +2743,10 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "Release": "ksclustertestclusterchartspotinterrupthandlerf41ba997", "Chart": "aws-node-termination-handler", @@ -2527,7 +2756,9 @@ "Repository": "https://aws.github.io/eks-charts", "CreateNamespace": true }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -2585,7 +2816,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 443 } @@ -2603,7 +2837,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 443 } @@ -2621,7 +2858,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "ToPort": 65535 } @@ -2639,7 +2879,10 @@ ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["ClusterControlPlaneSecurityGroupD274242C", "GroupId"] + "Fn::GetAtt": [ + "ClusterControlPlaneSecurityGroupD274242C", + "GroupId" + ] }, "ToPort": 65535 } @@ -2757,7 +3000,10 @@ ] }, { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } ], "UserData": { @@ -2771,11 +3017,17 @@ }, " --kubelet-extra-args \"--node-labels lifecycle=OnDemand\" --apiserver-endpoint '", { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] }, "' --b64-cluster-ca '", { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] }, "' --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack aws-cdk-eks-cluster-test --resource ClusterInferenceInstancesASGE90717C7 --region test-region" ] @@ -2783,7 +3035,9 @@ } } }, - "DependsOn": ["ClusterInferenceInstancesInstanceRole59AC6F56"] + "DependsOn": [ + "ClusterInferenceInstancesInstanceRole59AC6F56" + ] }, "ClusterInferenceInstancesASGE90717C7": { "Type": "AWS::AutoScaling::AutoScalingGroup", @@ -2847,11 +3101,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c88223d575036bcf663303b6778373ae4854f1fe3b" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -2927,7 +3186,10 @@ "Ref": "Cluster9EE0221C" }, "NodeRole": { - "Fn::GetAtt": ["ClusterNodegroupextrangNodeGroupRole23AE23D0", "Arn"] + "Fn::GetAtt": [ + "ClusterNodegroupextrangNodeGroupRole23AE23D0", + "Arn" + ] }, "Subnets": [ { @@ -2942,7 +3204,9 @@ ], "AmiType": "AL2_x86_64", "ForceUpdateEnabled": true, - "InstanceTypes": ["t3.small"], + "InstanceTypes": [ + "t3.small" + ], "ScalingConfig": { "DesiredSize": 1, "MaxSize": 1, @@ -3041,7 +3305,11 @@ "AmiType": "AL2_x86_64", "CapacityType": "SPOT", "ForceUpdateEnabled": true, - "InstanceTypes": ["c5.large", "c5a.large", "c5d.large"], + "InstanceTypes": [ + "c5.large", + "c5a.large", + "c5d.large" + ], "ScalingConfig": { "DesiredSize": 3, "MaxSize": 3, @@ -3139,7 +3407,9 @@ ], "AmiType": "AL2_ARM_64", "ForceUpdateEnabled": true, - "InstanceTypes": ["m6g.medium"], + "InstanceTypes": [ + "m6g.medium" + ], "ScalingConfig": { "DesiredSize": 1, "MaxSize": 1, @@ -3176,7 +3446,10 @@ "Ref": "LaunchTemplate" }, "Version": { - "Fn::GetAtt": ["LaunchTemplate", "DefaultVersionNumber"] + "Fn::GetAtt": [ + "LaunchTemplate", + "DefaultVersionNumber" + ] } }, "ScalingConfig": { @@ -3200,11 +3473,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c8f0f7140f7358e29b7f58e81b507dcf744a3908f4" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3221,7 +3499,10 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "Release": "awscdkeksclustertestclusterchartdashboard1f3d83fe", "Chart": "kubernetes-dashboard", @@ -3229,7 +3510,9 @@ "Repository": "https://kubernetes.github.io/dashboard/", "CreateNamespace": true }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3258,11 +3541,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c8cd9cb2e127e0b0375ebc544f18d8513721895a27" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3280,11 +3568,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c84fd26f70b01a84daa5d3646e813820af6fde0970" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3301,7 +3594,10 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "Release": "awscdkeksclustertestclusterchartnginxingressa7f70129", "Chart": "nginx-ingress", @@ -3408,7 +3704,10 @@ [ "[{\"apiVersion\":\"v1\",\"kind\":\"ServiceAccount\",\"metadata\":{\"name\":\"awscdkeksclustertestclustermyserviceaccount4080bcdd\",\"namespace\":\"default\",\"labels\":{\"aws.cdk.eks/prune-c8f8dbf23319159cc2fef46283f7450b814e818252\":\"\",\"app.kubernetes.io/name\":\"awscdkeksclustertestclustermyserviceaccount4080bcdd\"},\"annotations\":{\"eks.amazonaws.com/role-arn\":\"", { - "Fn::GetAtt": ["ClusterMyServiceAccountRole85337B29", "Arn"] + "Fn::GetAtt": [ + "ClusterMyServiceAccountRole85337B29", + "Arn" + ] }, "\"}}}]" ] @@ -3418,11 +3717,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c8f8dbf23319159cc2fef46283f7450b814e818252" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3435,10 +3739,17 @@ "Arn" ] }, - "ClientIDList": ["sts.amazonaws.com"], - "ThumbprintList": ["9e99a48a9960b14926bb7f3b02e22da2b0ab7280"], + "ClientIDList": [ + "sts.amazonaws.com" + ], + "ThumbprintList": [ + "9e99a48a9960b14926bb7f3b02e22da2b0ab7280" + ], "Url": { - "Fn::GetAtt": ["Cluster9EE0221C", "OpenIdConnectIssuerUrl"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "OpenIdConnectIssuerUrl" + ] } }, "UpdateReplacePolicy": "Delete", @@ -3458,11 +3769,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c8b6a5b3e6f9f4f1aa9dc400a13c96633da4822b2d" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3481,7 +3797,10 @@ [ "[{\"kind\":\"Service\",\"apiVersion\":\"v1\",\"metadata\":{\"name\":\"webservice\",\"annotations\":{\"service.beta.kubernetes.io/aws-load-balancer-internal\":\"true\",\"service.beta.kubernetes.io/aws-load-balancer-extra-security-groups\":\"", { - "Fn::GetAtt": ["WebServiceSecurityGroupA556AEB5", "GroupId"] + "Fn::GetAtt": [ + "WebServiceSecurityGroupA556AEB5", + "GroupId" + ] }, "\"},\"labels\":{\"aws.cdk.eks/prune-c84c09bc8d75d4cc4d672e0d3872dcdb35f628dc2c\":\"\"}},\"spec\":{\"type\":\"LoadBalancer\",\"ports\":[{\"port\":9000,\"targetPort\":80}],\"selector\":{\"app\":\"simple-web\"}}}]" ] @@ -3491,11 +3810,16 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c84c09bc8d75d4cc4d672e0d3872dcdb35f628dc2c" }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3512,7 +3836,10 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "ObjectType": "service", "ObjectName": "webservice", @@ -3520,7 +3847,9 @@ "JsonPath": ".status.loadBalancer.ingress[0].hostname", "TimeoutSeconds": 300 }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3537,7 +3866,7 @@ }, "/", { - "Ref": "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996S3BucketDEC09A4A" + "Ref": "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cS3Bucket43FFBFD7" }, "/", { @@ -3547,7 +3876,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996S3VersionKey454B1BD5" + "Ref": "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cS3VersionKeyC7429316" } ] } @@ -3560,7 +3889,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996S3VersionKey454B1BD5" + "Ref": "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cS3VersionKeyC7429316" } ] } @@ -3571,19 +3900,22 @@ }, "Parameters": { "referencetoawscdkeksclustertestClusterCreationRole95F44854Arn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, - "referencetoawscdkeksclustertestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3BucketF0C34111Ref": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9" + "referencetoawscdkeksclustertestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3BucketB7F30483Ref": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C" }, - "referencetoawscdkeksclustertestAssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKey01A2F046Ref": { - "Ref": "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6" + "referencetoawscdkeksclustertestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKeyC41131F8Ref": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9" }, - "referencetoawscdkeksclustertestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket1C7DAFD3Ref": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42" + "referencetoawscdkeksclustertestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3BucketEA485873Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135" }, - "referencetoawscdkeksclustertestAssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey6FBDB806Ref": { - "Ref": "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772" + "referencetoawscdkeksclustertestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey2E164B3ERef": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB" }, "referencetoawscdkeksclustertestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket0815E7B5Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" @@ -3609,7 +3941,7 @@ }, "/", { - "Ref": "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52S3Bucket1BC62BBD" + "Ref": "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22S3Bucket0782C98E" }, "/", { @@ -3619,7 +3951,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52S3VersionKey94294964" + "Ref": "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22S3VersionKey5E9D14CC" } ] } @@ -3632,7 +3964,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52S3VersionKey94294964" + "Ref": "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22S3VersionKey5E9D14CC" } ] } @@ -3643,10 +3975,16 @@ }, "Parameters": { "referencetoawscdkeksclustertestClusterD76DFF87Arn": { - "Fn::GetAtt": ["Cluster9EE0221C", "Arn"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Arn" + ] }, "referencetoawscdkeksclustertestClusterCreationRole95F44854Arn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "referencetoawscdkeksclustertestAssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3Bucket3929FA93Ref": { "Ref": "AssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3BucketC6FAEEC9" @@ -3664,7 +4002,10 @@ "Ref": "VpcPrivateSubnet3SubnetF258B56E" }, "referencetoawscdkeksclustertestClusterD76DFF87ClusterSecurityGroupId": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] }, "referencetoawscdkeksclustertestAssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3BucketB4E9C142Ref": { "Ref": "AssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3BucketAEADE8C7" @@ -3727,12 +4068,17 @@ "Ref": "Cluster9EE0221C" }, "RoleArn": { - "Fn::GetAtt": ["ClusterCreationRole360249B6", "Arn"] + "Fn::GetAtt": [ + "ClusterCreationRole360249B6", + "Arn" + ] }, "PruneLabel": "aws.cdk.eks/prune-c89cbcc5d9bdd35cfc69c0334c0a9af21d1e0e372e", "SkipValidation": true }, - "DependsOn": ["ClusterKubectlReadyBarrier200052AF"], + "DependsOn": [ + "ClusterKubectlReadyBarrier200052AF" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -3909,7 +4255,9 @@ }, "Runtime": "nodejs12.x" }, - "DependsOn": ["AWSCDKCfnUtilsProviderCustomResourceProviderRoleFE0EE867"] + "DependsOn": [ + "AWSCDKCfnUtilsProviderCustomResourceProviderRoleFE0EE867" + ] }, "WebServiceSecurityGroupA556AEB5": { "Type": "AWS::EC2::SecurityGroup", @@ -3934,10 +4282,16 @@ "Description": "allow http 9000 access from myself", "FromPort": 9000, "GroupId": { - "Fn::GetAtt": ["WebServiceSecurityGroupA556AEB5", "GroupId"] + "Fn::GetAtt": [ + "WebServiceSecurityGroupA556AEB5", + "GroupId" + ] }, "SourceSecurityGroupId": { - "Fn::GetAtt": ["WebServiceSecurityGroupA556AEB5", "GroupId"] + "Fn::GetAtt": [ + "WebServiceSecurityGroupA556AEB5", + "GroupId" + ] }, "ToPort": 9000 } @@ -4027,7 +4381,10 @@ } }, "Role": { - "Fn::GetAtt": ["ServicePingerFunctionServiceRole3120191B", "Arn"] + "Fn::GetAtt": [ + "ServicePingerFunctionServiceRole3120191B", + "Arn" + ] }, "Handler": "index.handler", "Runtime": "python3.6", @@ -4035,7 +4392,10 @@ "VpcConfig": { "SecurityGroupIds": [ { - "Fn::GetAtt": ["WebServiceSecurityGroupA556AEB5", "GroupId"] + "Fn::GetAtt": [ + "WebServiceSecurityGroupA556AEB5", + "GroupId" + ] } ], "SubnetIds": [ @@ -4051,7 +4411,9 @@ ] } }, - "DependsOn": ["ServicePingerFunctionServiceRole3120191B"] + "DependsOn": [ + "ServicePingerFunctionServiceRole3120191B" + ] }, "ServicePingerProviderframeworkonEventServiceRole3DB083B7": { "Type": "AWS::IAM::Role", @@ -4093,7 +4455,10 @@ "Action": "lambda:InvokeFunction", "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["ServicePingerFunctionADF51BAF", "Arn"] + "Fn::GetAtt": [ + "ServicePingerFunctionADF51BAF", + "Arn" + ] } } ], @@ -4158,12 +4523,15 @@ "Environment": { "Variables": { "USER_ON_EVENT_FUNCTION_ARN": { - "Fn::GetAtt": ["ServicePingerFunctionADF51BAF", "Arn"] + "Fn::GetAtt": [ + "ServicePingerFunctionADF51BAF", + "Arn" + ] } } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -4175,7 +4543,10 @@ "Type": "AWS::CloudFormation::CustomResource", "Properties": { "ServiceToken": { - "Fn::GetAtt": ["ServicePingerProviderframeworkonEventEC59DE20", "Arn"] + "Fn::GetAtt": [ + "ServicePingerProviderframeworkonEventEC59DE20", + "Arn" + ] }, "Url": { "Fn::Join": [ @@ -4209,7 +4580,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] } ] ] @@ -4226,7 +4600,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["AdminRole38563C57", "Arn"] + "Fn::GetAtt": [ + "AdminRole38563C57", + "Arn" + ] } ] ] @@ -4234,32 +4611,50 @@ }, "Response": { "Value": { - "Fn::GetAtt": ["ServicePinger01F6DA06", "Value"] + "Fn::GetAtt": [ + "ServicePinger01F6DA06", + "Value" + ] } }, "ClusterEndpoint": { "Value": { - "Fn::GetAtt": ["Cluster9EE0221C", "Endpoint"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Endpoint" + ] } }, "ClusterArn": { "Value": { - "Fn::GetAtt": ["Cluster9EE0221C", "Arn"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "Arn" + ] } }, "ClusterCertificateAuthorityData": { "Value": { - "Fn::GetAtt": ["Cluster9EE0221C", "CertificateAuthorityData"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "CertificateAuthorityData" + ] } }, "ClusterSecurityGroupId": { "Value": { - "Fn::GetAtt": ["Cluster9EE0221C", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "ClusterSecurityGroupId" + ] } }, "ClusterEncryptionConfigKeyArn": { "Value": { - "Fn::GetAtt": ["Cluster9EE0221C", "EncryptionConfigKeyArn"] + "Fn::GetAtt": [ + "Cluster9EE0221C", + "EncryptionConfigKeyArn" + ] } }, "ClusterName": { @@ -4269,29 +4664,29 @@ } }, "Parameters": { - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3Bucket85C441D9": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C": { "Type": "String", - "Description": "S3 bucket for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 bucket for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcS3VersionKeyABBEC6F6": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9": { "Type": "String", - "Description": "S3 key for asset version \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "S3 key for asset version \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersf9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffcArtifactHashC6D6393C": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4ArtifactHash26192139": { "Type": "String", - "Description": "Artifact hash for asset \"f9e3ed49f5734f267f6dfffed3c6038e2d31d096ca7e70ce257b16aa613a3ffc\"" + "Description": "Artifact hash for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3Bucket208EDB42": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135": { "Type": "String", - "Description": "S3 bucket for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 bucket for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefS3VersionKey08C22772": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB": { "Type": "String", - "Description": "S3 key for asset version \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "S3 key for asset version \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParameters80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaefArtifactHash861FF133": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccArtifactHashCC7E7A09": { "Type": "String", - "Description": "Artifact hash for asset \"80bcd5b0641df4315e277c71a1069094a5d7c76f9e2565c46b68a990c522eaef\"" + "Description": "Artifact hash for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", @@ -4377,29 +4772,29 @@ "Type": "String", "Description": "Artifact hash for asset \"5f49893093e1ad14831626016699156d48da5f0890f19eb930bc3c46cf5f636d\"" }, - "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996S3BucketDEC09A4A": { + "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cS3Bucket43FFBFD7": { "Type": "String", - "Description": "S3 bucket for asset \"4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996\"" + "Description": "S3 bucket for asset \"814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8c\"" }, - "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996S3VersionKey454B1BD5": { + "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cS3VersionKeyC7429316": { "Type": "String", - "Description": "S3 key for asset version \"4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996\"" + "Description": "S3 key for asset version \"814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8c\"" }, - "AssetParameters4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996ArtifactHashC56B9B67": { + "AssetParameters814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8cArtifactHash52827559": { "Type": "String", - "Description": "Artifact hash for asset \"4eac204c18d7034bdb83d685748ca8f285edfd054338f3a045a749dbbf285996\"" + "Description": "Artifact hash for asset \"814bd2987aca76da9dffdab2f4cd144ebec3a7f5c35d6cd55548442ec311be8c\"" }, - "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52S3Bucket1BC62BBD": { + "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22S3Bucket0782C98E": { "Type": "String", - "Description": "S3 bucket for asset \"0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52\"" + "Description": "S3 bucket for asset \"8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22\"" }, - "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52S3VersionKey94294964": { + "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22S3VersionKey5E9D14CC": { "Type": "String", - "Description": "S3 key for asset version \"0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52\"" + "Description": "S3 key for asset version \"8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22\"" }, - "AssetParameters0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52ArtifactHash179183BB": { + "AssetParameters8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22ArtifactHash75F0D468": { "Type": "String", - "Description": "Artifact hash for asset \"0504b861a4c2a9b4228d6d618fb8a60f19b1c36575b96db9f1716e0eb6a2ee52\"" + "Description": "Artifact hash for asset \"8a135d8a645edaff330758972da87b3dddc295ce07475e8d9ea8fad8c35dcb22\"" }, "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Type": "AWS::SSM::Parameter::Value", @@ -4418,4 +4813,4 @@ "Default": "/aws/service/eks/optimized-ami/1.21/amazon-linux-2-gpu/recommended/image_id" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-oidc-provider.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-oidc-provider.expected.json index e6c0db319aae8..0f0a5c61cdf67 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-oidc-provider.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-oidc-provider.expected.json @@ -9,8 +9,12 @@ "Arn" ] }, - "ClientIDList": ["sts.amazonaws.com"], - "ThumbprintList": ["9e99a48a9960b14926bb7f3b02e22da2b0ab7280"], + "ClientIDList": [ + "sts.amazonaws.com" + ], + "ThumbprintList": [ + "9e99a48a9960b14926bb7f3b02e22da2b0ab7280" + ], "Url": { "Fn::Join": [ "", @@ -141,4 +145,4 @@ "Description": "Artifact hash for asset \"b7d38dc0eeb2c5d024919020e09d2590b68559eab4a5264c3b1aa7a429d1edd4\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json index 8b4f65a8578c6..72efc126137d7 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json @@ -84,7 +84,9 @@ "Ref": "FargateClusterDefaultVpcIGWFD9278DA" } }, - "DependsOn": ["FargateClusterDefaultVpcVPCGWA7F012E1"] + "DependsOn": [ + "FargateClusterDefaultVpcVPCGWA7F012E1" + ] }, "FargateClusterDefaultVpcPublicSubnet1EIP0093A4E0": { "Type": "AWS::EC2::EIP", @@ -195,7 +197,9 @@ "Ref": "FargateClusterDefaultVpcIGWFD9278DA" } }, - "DependsOn": ["FargateClusterDefaultVpcVPCGWA7F012E1"] + "DependsOn": [ + "FargateClusterDefaultVpcVPCGWA7F012E1" + ] }, "FargateClusterDefaultVpcPublicSubnet2EIPA4C07B68": { "Type": "AWS::EC2::EIP", @@ -306,7 +310,9 @@ "Ref": "FargateClusterDefaultVpcIGWFD9278DA" } }, - "DependsOn": ["FargateClusterDefaultVpcVPCGWA7F012E1"] + "DependsOn": [ + "FargateClusterDefaultVpcVPCGWA7F012E1" + ] }, "FargateClusterDefaultVpcPublicSubnet3EIP46E028EF": { "Type": "AWS::EC2::EIP", @@ -699,7 +705,10 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": { - "Fn::GetAtt": ["FargateClusterRole8E36B33A", "Arn"] + "Fn::GetAtt": [ + "FargateClusterRole8E36B33A", + "Arn" + ] } }, { @@ -715,7 +724,9 @@ "eks:UntagResource" ], "Effect": "Allow", - "Resource": ["*"] + "Resource": [ + "*" + ] }, { "Action": [ @@ -726,7 +737,10 @@ "Resource": "*" }, { - "Action": ["iam:GetRole", "iam:listAttachedRolePolicies"], + "Action": [ + "iam:GetRole", + "iam:listAttachedRolePolicies" + ], "Effect": "Allow", "Resource": "*" }, @@ -816,7 +830,10 @@ "Config": { "version": "1.21", "roleArn": { - "Fn::GetAtt": ["FargateClusterRole8E36B33A", "Arn"] + "Fn::GetAtt": [ + "FargateClusterRole8E36B33A", + "Arn" + ] }, "resourcesVpcConfig": { "subnetIds": [ @@ -852,7 +869,10 @@ } }, "AssumeRoleArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, "AttributesRevision": 2 }, @@ -953,11 +973,17 @@ [ "[{\"apiVersion\":\"v1\",\"kind\":\"ConfigMap\",\"metadata\":{\"name\":\"aws-auth\",\"namespace\":\"kube-system\"},\"data\":{\"mapRoles\":\"[{\\\"rolearn\\\":\\\"", { - "Fn::GetAtt": ["FargateClusterMastersRole50BAF9FD", "Arn"] + "Fn::GetAtt": [ + "FargateClusterMastersRole50BAF9FD", + "Arn" + ] }, "\\\",\\\"username\\\":\\\"", { - "Fn::GetAtt": ["FargateClusterMastersRole50BAF9FD", "Arn"] + "Fn::GetAtt": [ + "FargateClusterMastersRole50BAF9FD", + "Arn" + ] }, "\\\",\\\"groups\\\":[\\\"system:masters\\\"]},{\\\"rolearn\\\":\\\"", { @@ -974,11 +1000,16 @@ "Ref": "FargateCluster019F03E8" }, "RoleArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, "Overwrite": true }, - "DependsOn": ["FargateClusterKubectlReadyBarrier93746934"], + "DependsOn": [ + "FargateClusterKubectlReadyBarrier93746934" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -999,11 +1030,16 @@ "Ref": "FargateCluster019F03E8" }, "RoleArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, "PatchType": "strategic" }, - "DependsOn": ["FargateClusterKubectlReadyBarrier93746934"], + "DependsOn": [ + "FargateClusterKubectlReadyBarrier93746934" + ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, @@ -1048,7 +1084,10 @@ ] }, "AssumeRoleArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, "Config": { "clusterName": { @@ -1086,7 +1125,7 @@ }, "/", { - "Ref": "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1S3BucketDA43FC2B" + "Ref": "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566S3BucketBE3E205B" }, "/", { @@ -1096,7 +1135,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1S3VersionKey8EEC8DF7" + "Ref": "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566S3VersionKeyAEF361AA" } ] } @@ -1109,7 +1148,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1S3VersionKey8EEC8DF7" + "Ref": "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566S3VersionKeyAEF361AA" } ] } @@ -1120,19 +1159,22 @@ }, "Parameters": { "referencetoawscdkeksfargateclustertestFargateClusterCreationRoleFB2229CFArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, - "referencetoawscdkeksfargateclustertestAssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3Bucket276E8116Ref": { - "Ref": "AssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3Bucket575E2F4C" + "referencetoawscdkeksfargateclustertestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5CC464F5Ref": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C" }, - "referencetoawscdkeksfargateclustertestAssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3VersionKey0311C20FRef": { - "Ref": "AssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3VersionKeyFB3EB544" + "referencetoawscdkeksfargateclustertestAssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey610B35BCRef": { + "Ref": "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9" }, - "referencetoawscdkeksfargateclustertestAssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3Bucket4227CCC8Ref": { - "Ref": "AssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3Bucket04F6B25B" + "referencetoawscdkeksfargateclustertestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket3165858DRef": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135" }, - "referencetoawscdkeksfargateclustertestAssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3VersionKeyD7B57F35Ref": { - "Ref": "AssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3VersionKey6A7508AF" + "referencetoawscdkeksfargateclustertestAssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey1A1207D1Ref": { + "Ref": "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB" }, "referencetoawscdkeksfargateclustertestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket8EEF0922Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" @@ -1158,7 +1200,7 @@ }, "/", { - "Ref": "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730S3Bucket9850F63C" + "Ref": "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dS3Bucket92B50C24" }, "/", { @@ -1168,7 +1210,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730S3VersionKey916810E5" + "Ref": "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dS3VersionKeyB7108D30" } ] } @@ -1181,7 +1223,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730S3VersionKey916810E5" + "Ref": "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dS3VersionKeyB7108D30" } ] } @@ -1192,10 +1234,16 @@ }, "Parameters": { "referencetoawscdkeksfargateclustertestFargateCluster8588769EArn": { - "Fn::GetAtt": ["FargateCluster019F03E8", "Arn"] + "Fn::GetAtt": [ + "FargateCluster019F03E8", + "Arn" + ] }, "referencetoawscdkeksfargateclustertestFargateClusterCreationRoleFB2229CFArn": { - "Fn::GetAtt": ["FargateClusterCreationRole8C524AD8", "Arn"] + "Fn::GetAtt": [ + "FargateClusterCreationRole8C524AD8", + "Arn" + ] }, "referencetoawscdkeksfargateclustertestAssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3BucketC4DF4301Ref": { "Ref": "AssetParameters4129bbca38164ecb28fee8e5b674f0d05e5957b4b8ed97d9c950527b5cc4ce10S3BucketC6FAEEC9" @@ -1213,7 +1261,10 @@ "Ref": "FargateClusterDefaultVpcPrivateSubnet3Subnet1F8A52F1" }, "referencetoawscdkeksfargateclustertestFargateCluster8588769EClusterSecurityGroupId": { - "Fn::GetAtt": ["FargateCluster019F03E8", "ClusterSecurityGroupId"] + "Fn::GetAtt": [ + "FargateCluster019F03E8", + "ClusterSecurityGroupId" + ] }, "referencetoawscdkeksfargateclustertestAssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3Bucket4F20F642Ref": { "Ref": "AssetParameterse9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68S3BucketAEADE8C7" @@ -1251,7 +1302,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["FargateClusterMastersRole50BAF9FD", "Arn"] + "Fn::GetAtt": [ + "FargateClusterMastersRole50BAF9FD", + "Arn" + ] } ] ] @@ -1268,7 +1322,10 @@ }, " --region test-region --role-arn ", { - "Fn::GetAtt": ["FargateClusterMastersRole50BAF9FD", "Arn"] + "Fn::GetAtt": [ + "FargateClusterMastersRole50BAF9FD", + "Arn" + ] } ] ] @@ -1276,29 +1333,29 @@ } }, "Parameters": { - "AssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3Bucket575E2F4C": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3Bucket5B1EB03C": { "Type": "String", - "Description": "S3 bucket for asset \"2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7e\"" + "Description": "S3 bucket for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eS3VersionKeyFB3EB544": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4S3VersionKey51E064E9": { "Type": "String", - "Description": "S3 key for asset version \"2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7e\"" + "Description": "S3 key for asset version \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParameters2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7eArtifactHashDB8E8B5A": { + "AssetParametersd78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4ArtifactHash26192139": { "Type": "String", - "Description": "Artifact hash for asset \"2fbc509041827d9042c1a07f5a1b3629c583224b5543800048ed8be264460e7e\"" + "Description": "Artifact hash for asset \"d78765b92df2a80d8f6054e616200f6099a238f29fe81a199c2c217ffe1a12b4\"" }, - "AssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3Bucket04F6B25B": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3Bucket40405135": { "Type": "String", - "Description": "S3 bucket for asset \"d1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6\"" + "Description": "S3 bucket for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6S3VersionKey6A7508AF": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccS3VersionKey50B477EB": { "Type": "String", - "Description": "S3 key for asset version \"d1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6\"" + "Description": "S3 key for asset version \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, - "AssetParametersd1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6ArtifactHashF7473C14": { + "AssetParametersca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864ccArtifactHashCC7E7A09": { "Type": "String", - "Description": "Artifact hash for asset \"d1380bb36e9a4e378cf1d8fe7779efa967f218e380fd40aad493f588a9872dd6\"" + "Description": "Artifact hash for asset \"ca2c913ffc0cd2016ee8bae9a571d12d6eca2284408cb99dd0ebff5b061864cc\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", @@ -1348,29 +1405,29 @@ "Type": "String", "Description": "Artifact hash for asset \"ea17febe6d04c66048f3e8e060c71685c0cb53122abceff44842d27bc0d4a03e\"" }, - "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1S3BucketDA43FC2B": { + "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566S3BucketBE3E205B": { "Type": "String", - "Description": "S3 bucket for asset \"4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1\"" + "Description": "S3 bucket for asset \"9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566\"" }, - "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1S3VersionKey8EEC8DF7": { + "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566S3VersionKeyAEF361AA": { "Type": "String", - "Description": "S3 key for asset version \"4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1\"" + "Description": "S3 key for asset version \"9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566\"" }, - "AssetParameters4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1ArtifactHashBE7188C3": { + "AssetParameters9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566ArtifactHashE4B867B7": { "Type": "String", - "Description": "Artifact hash for asset \"4c4969b4a5efb3bab0be954e7004f3c4f427bb7ebcf996b97782bff6d1c7c8c1\"" + "Description": "Artifact hash for asset \"9528c3c9068ee4a23508464ed79290c4fa16c4d17230421015fdc585ec202566\"" }, - "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730S3Bucket9850F63C": { + "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dS3Bucket92B50C24": { "Type": "String", - "Description": "S3 bucket for asset \"43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730\"" + "Description": "S3 bucket for asset \"6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802d\"" }, - "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730S3VersionKey916810E5": { + "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dS3VersionKeyB7108D30": { "Type": "String", - "Description": "S3 key for asset version \"43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730\"" + "Description": "S3 key for asset version \"6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802d\"" }, - "AssetParameters43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730ArtifactHash20D7E89E": { + "AssetParameters6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802dArtifactHashE3B502E1": { "Type": "String", - "Description": "Artifact hash for asset \"43ce4fd59055093cb506c39ae8eccdf3cdbe53b4d310ac381b3a9db3c523d730\"" + "Description": "Artifact hash for asset \"6b899044dd4c0806c8b311f44f756b062c8da54e6ff69ae3ed28d6dab912802d\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/lib/private/database-query.ts b/packages/@aws-cdk/aws-redshift/lib/private/database-query.ts index 2f724334b637a..7acb424a66594 100644 --- a/packages/@aws-cdk/aws-redshift/lib/private/database-query.ts +++ b/packages/@aws-cdk/aws-redshift/lib/private/database-query.ts @@ -36,7 +36,7 @@ export class DatabaseQuery extends CoreConstruct implements iam.IG const adminUser = this.getAdminUser(props); const handler = new lambda.SingletonFunction(this, 'Handler', { code: lambda.Code.fromAsset(path.join(__dirname, 'database-query-provider')), - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', timeout: cdk.Duration.minutes(1), uuid: '3de5bea7-27da-4796-8662-5efb56431b5f', diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.expected.json b/packages/@aws-cdk/aws-redshift/test/integ.database.expected.json index b346d3e7abfb3..16d60bb08c0d0 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.expected.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.expected.json @@ -841,7 +841,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -996,7 +996,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -1129,7 +1129,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49S3Bucket148631C8" + "Ref": "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fS3Bucket3B967306" }, "S3Key": { "Fn::Join": [ @@ -1142,7 +1142,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49S3VersionKey1A4E04E7" + "Ref": "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fS3VersionKeyC171429B" } ] } @@ -1155,7 +1155,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49S3VersionKey1A4E04E7" + "Ref": "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fS3VersionKeyC171429B" } ] } @@ -1172,7 +1172,7 @@ ] }, "Handler": "index.handler", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 60 }, "DependsOn": [ @@ -1302,7 +1302,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -1349,17 +1349,17 @@ } }, "Parameters": { - "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49S3Bucket148631C8": { + "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fS3Bucket3B967306": { "Type": "String", - "Description": "S3 bucket for asset \"483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49\"" + "Description": "S3 bucket for asset \"7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4f\"" }, - "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49S3VersionKey1A4E04E7": { + "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fS3VersionKeyC171429B": { "Type": "String", - "Description": "S3 key for asset version \"483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49\"" + "Description": "S3 key for asset version \"7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4f\"" }, - "AssetParameters483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49ArtifactHashEB952795": { + "AssetParameters7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4fArtifactHash0EE8CD3D": { "Type": "String", - "Description": "Artifact hash for asset \"483841e46ab98aa099d0371a7800e2ace3ddbbb12cb8efb3162ca172ebdafd49\"" + "Description": "Artifact hash for asset \"7eb6a250bd5ce32c07f08f536377d71e59ad43e16e25b9aa6e50f6fc20fdfc4f\"" }, "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1": { "Type": "String", diff --git a/packages/@aws-cdk/aws-ses-actions/test/integ.actions.expected.json b/packages/@aws-cdk/aws-ses-actions/test/integ.actions.expected.json index 4379649e02d69..fbb346b959470 100644 --- a/packages/@aws-cdk/aws-ses-actions/test/integ.actions.expected.json +++ b/packages/@aws-cdk/aws-ses-actions/test/integ.actions.expected.json @@ -385,7 +385,7 @@ ] }, "Handler": "index.handler", - "Runtime": "nodejs14.x" + "Runtime": "nodejs12.x" }, "DependsOn": [ "SingletonLambda224e77f9a32e4b4dac32983477abba16ServiceRole3037F5B4" diff --git a/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts b/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts index 7f6f1fe914a6b..7d6a4bad92bb0 100644 --- a/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts +++ b/packages/@aws-cdk/aws-ses/lib/receipt-rule.ts @@ -176,7 +176,7 @@ export class DropSpamReceiptRule extends CoreConstruct { super(scope, id); const fn = new lambda.SingletonFunction(this, 'Function', { - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', code: lambda.Code.fromAsset(path.join(__dirname, 'drop-spam-handler')), uuid: '224e77f9-a32e-4b4d-ac32-983477abba16', diff --git a/packages/@aws-cdk/aws-ses/test/integ.receipt.expected.json b/packages/@aws-cdk/aws-ses/test/integ.receipt.expected.json index 0a9442a97f6a0..f0a9a624f4f3f 100644 --- a/packages/@aws-cdk/aws-ses/test/integ.receipt.expected.json +++ b/packages/@aws-cdk/aws-ses/test/integ.receipt.expected.json @@ -141,7 +141,7 @@ ] }, "Handler": "index.handler", - "Runtime": "nodejs14.x" + "Runtime": "nodejs12.x" }, "DependsOn": [ "SingletonLambda224e77f9a32e4b4dac32983477abba16ServiceRole3037F5B4" diff --git a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts index 8d99963627a4a..c2f7ef69c98bb 100644 --- a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts +++ b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts @@ -202,7 +202,7 @@ export class Provider extends CoreConstruct implements ICustomResourceProvider { const fn = new lambda.Function(this, `framework-${entrypoint}`, { code: lambda.Code.fromAsset(RUNTIME_HANDLER_PATH), description: `AWS CDK resource provider framework - ${entrypoint} (${this.node.path})`.slice(0, 256), - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, handler: `framework.${entrypoint}`, timeout: FRAMEWORK_HANDLER_TIMEOUT, logRetention: this.logRetention, diff --git a/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json b/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json index b9a9edfe958cc..aa0407ca5b164 100644 --- a/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json +++ b/packages/@aws-cdk/custom-resources/test/provider-framework/integ.provider.expected.json @@ -254,7 +254,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -643,7 +643,7 @@ } }, "Handler": "framework.onEvent", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -783,7 +783,7 @@ } }, "Handler": "framework.isComplete", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ @@ -923,7 +923,7 @@ } }, "Handler": "framework.onTimeout", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 900 }, "DependsOn": [ diff --git a/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts b/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts index b8d7a7fd0d2bb..ad4ddbd76fdde 100644 --- a/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts +++ b/packages/@aws-cdk/pipelines/lib/private/application-security-check.ts @@ -62,7 +62,7 @@ export class ApplicationSecurityCheck extends CoreConstruct { this.preApproveLambda = new lambda.Function(this, 'CDKPipelinesAutoApprove', { handler: 'index.handler', - runtime: lambda.Runtime.NODEJS_14_X, + runtime: lambda.Runtime.NODEJS_12_X, code: lambda.Code.fromAsset(path.resolve(__dirname, 'approve-lambda')), timeout: Duration.minutes(5), }); @@ -180,4 +180,4 @@ const ifElse = ({ condition, thenStatements, elseStatements }: ifElseOptions): s } return `${statement} fi`; -}; \ No newline at end of file +}; diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json index 82ad5c418fb70..b72a78754a1d2 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json @@ -1800,7 +1800,7 @@ ] }, "Handler": "index.handler", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 300 }, "DependsOn": [ @@ -2111,7 +2111,7 @@ ] }, "Handler": "index.handler", - "Runtime": "nodejs14.x", + "Runtime": "nodejs12.x", "Timeout": 300 }, "DependsOn": [ From 071756c695ca5d7fdbf94552efdf08511acdbee4 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 6 Oct 2021 16:42:57 +0200 Subject: [PATCH 26/43] feat(cfnspec): cloudformation spec v43.0.0 (#16820) * feat: cloudformation spec v43.0.0 * feat: cloudformation spec v43.0.0 * patch lightsail Co-authored-by: AWS CDK Team Co-authored-by: Elad Ben-Israel Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- packages/@aws-cdk/aws-lightsail/.eslintrc.js | 3 + packages/@aws-cdk/aws-lightsail/.gitignore | 19 + packages/@aws-cdk/aws-lightsail/.npmignore | 29 + packages/@aws-cdk/aws-lightsail/LICENSE | 201 ++++++ packages/@aws-cdk/aws-lightsail/NOTICE | 2 + packages/@aws-cdk/aws-lightsail/README.md | 20 + .../@aws-cdk/aws-lightsail/jest.config.js | 2 + packages/@aws-cdk/aws-lightsail/lib/index.ts | 2 + packages/@aws-cdk/aws-lightsail/package.json | 103 +++ .../aws-lightsail/test/lightsail.test.ts | 6 + packages/@aws-cdk/cfnspec/CHANGELOG.md | 74 +++ ...0_CloudFormationResourceSpecification.json | 608 +++++++++++++++++- .../cfnspec/spec-source/000_sam.spec.json | 25 +- .../902_Lightsail_Instance_patch.json | 16 + .../@aws-cdk/cfnspec/test/spec-validators.ts | 4 +- .../cloudformation-include/package.json | 2 + packages/aws-cdk-lib/package.json | 9 +- packages/decdk/package.json | 1 + packages/monocdk/package.json | 9 +- 19 files changed, 1115 insertions(+), 20 deletions(-) create mode 100644 packages/@aws-cdk/aws-lightsail/.eslintrc.js create mode 100644 packages/@aws-cdk/aws-lightsail/.gitignore create mode 100644 packages/@aws-cdk/aws-lightsail/.npmignore create mode 100644 packages/@aws-cdk/aws-lightsail/LICENSE create mode 100644 packages/@aws-cdk/aws-lightsail/NOTICE create mode 100644 packages/@aws-cdk/aws-lightsail/README.md create mode 100644 packages/@aws-cdk/aws-lightsail/jest.config.js create mode 100644 packages/@aws-cdk/aws-lightsail/lib/index.ts create mode 100644 packages/@aws-cdk/aws-lightsail/package.json create mode 100644 packages/@aws-cdk/aws-lightsail/test/lightsail.test.ts create mode 100644 packages/@aws-cdk/cfnspec/spec-source/902_Lightsail_Instance_patch.json diff --git a/packages/@aws-cdk/aws-lightsail/.eslintrc.js b/packages/@aws-cdk/aws-lightsail/.eslintrc.js new file mode 100644 index 0000000000000..2658ee8727166 --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('@aws-cdk/cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-lightsail/.gitignore b/packages/@aws-cdk/aws-lightsail/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-lightsail/.npmignore b/packages/@aws-cdk/aws-lightsail/.npmignore new file mode 100644 index 0000000000000..f931fede67c44 --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/.npmignore @@ -0,0 +1,29 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ +!*.lit.ts diff --git a/packages/@aws-cdk/aws-lightsail/LICENSE b/packages/@aws-cdk/aws-lightsail/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-lightsail/NOTICE b/packages/@aws-cdk/aws-lightsail/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-lightsail/README.md b/packages/@aws-cdk/aws-lightsail/README.md new file mode 100644 index 0000000000000..09d952a84e6c7 --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/README.md @@ -0,0 +1,20 @@ +# AWS::Lightsail Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import lightsail = require('@aws-cdk/aws-lightsail'); +``` diff --git a/packages/@aws-cdk/aws-lightsail/jest.config.js b/packages/@aws-cdk/aws-lightsail/jest.config.js new file mode 100644 index 0000000000000..3a2fd93a1228a --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('@aws-cdk/cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-lightsail/lib/index.ts b/packages/@aws-cdk/aws-lightsail/lib/index.ts new file mode 100644 index 0000000000000..f7da3b26e282a --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::Lightsail CloudFormation Resources: +export * from './lightsail.generated'; diff --git a/packages/@aws-cdk/aws-lightsail/package.json b/packages/@aws-cdk/aws-lightsail/package.json new file mode 100644 index 0000000000000..d78b43898b89c --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/package.json @@ -0,0 +1,103 @@ +{ + "name": "@aws-cdk/aws-lightsail", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::Lightsail", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.Lightsail", + "packageId": "Amazon.CDK.AWS.Lightsail", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.lightsail", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "lightsail" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-lightsail", + "module": "aws_cdk.aws_lightsail" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-lightsail" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test": "yarn build && yarn test", + "build+test+package": "yarn build+test && yarn package", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract", + "build+extract": "yarn build && yarn rosetta:extract", + "build+test+extract": "yarn build+test && yarn rosetta:extract" + }, + "cdk-build": { + "cloudformation": "AWS::Lightsail", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::Lightsail", + "aws-lightsail" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assertions": "0.0.0", + "@aws-cdk/cdk-build-tools": "0.0.0", + "@aws-cdk/cfn2ts": "0.0.0", + "@aws-cdk/pkglint": "0.0.0", + "@types/jest": "^26.0.22" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "publishConfig": { + "tag": "latest" + } +} diff --git a/packages/@aws-cdk/aws-lightsail/test/lightsail.test.ts b/packages/@aws-cdk/aws-lightsail/test/lightsail.test.ts new file mode 100644 index 0000000000000..465c7bdea0693 --- /dev/null +++ b/packages/@aws-cdk/aws-lightsail/test/lightsail.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assertions'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index c834e29f0ac68..8ee6bf55e0aa1 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -2,6 +2,80 @@ ## New Resource Types +* AWS::Backup::Framework +* AWS::Backup::ReportPlan +* AWS::Lightsail::Disk +* AWS::Lightsail::Instance + +## Attribute Changes + + +## Property Changes + +* AWS::EKS::Cluster Logging (__deleted__) +* AWS::EKS::Cluster Tags (__deleted__) +* AWS::EKS::Cluster ResourcesVpcConfig.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::SSM::MaintenanceWindowTask CutoffBehavior (__added__) + +## Property Type Changes + +* AWS::EKS::Cluster.ClusterLogging (__removed__) +* AWS::EKS::Cluster.Logging (__removed__) +* AWS::EKS::Cluster.LoggingTypeConfig (__removed__) +* AWS::EKS::Cluster.Provider (__added__) +* AWS::Backup::BackupVault.LockConfigurationType changeableForDays (__deleted__) +* AWS::Backup::BackupVault.LockConfigurationType maxRetentionDays (__deleted__) +* AWS::Backup::BackupVault.LockConfigurationType minRetentionDays (__deleted__) +* AWS::Backup::BackupVault.LockConfigurationType ChangeableForDays (__added__) +* AWS::Backup::BackupVault.LockConfigurationType MaxRetentionDays (__added__) +* AWS::Backup::BackupVault.LockConfigurationType MinRetentionDays (__added__) +* AWS::EC2::LaunchTemplate.MetadataOptions HttpProtocolIpv6 (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.PrimitiveType (__deleted__) +* AWS::EKS::Cluster.EncryptionConfig Provider.Type (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.EncryptionConfig Resources.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.KubernetesNetworkConfig ServiceIpv4Cidr.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPrivateAccess (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPublicAccess (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig PublicAccessCidrs (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig SecurityGroupIds.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.ResourcesVpcConfig SubnetIds.UpdateType (__changed__) + * Old: Immutable + * New: Mutable + +# Serverless Application Model (SAM) Resource Specification v2016-10-31 + +## New Resource Types + + +## Attribute Changes + + +## Property Changes + + +## Property Type Changes + +* AWS::Serverless::Function.EventInvokeDestinationConfig (__added__) +* AWS::Serverless::Function.DestinationConfig OnSuccess (__deleted__) +* AWS::Serverless::Function.EventInvokeConfig DestinationConfig.Type (__changed__) + * Old: DestinationConfig + * New: EventInvokeDestinationConfig + +# CloudFormation Resource Specification v43.0.0 + +## New Resource Types + * AWS::APS::RuleGroupsNamespace ## Attribute Changes diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index edf7812167810..3da6206bf3b2b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -9374,22 +9374,22 @@ "AWS::Backup::BackupVault.LockConfigurationType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html", "Properties": { - "changeableForDays": { + "ChangeableForDays": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-changeablefordays", "PrimitiveType": "Double", "Required": false, "UpdateType": "Mutable" }, - "maxRetentionDays": { + "MaxRetentionDays": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-maxretentiondays", "PrimitiveType": "Double", "Required": false, "UpdateType": "Mutable" }, - "minRetentionDays": { + "MinRetentionDays": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupvault-lockconfigurationtype.html#cfn-backup-backupvault-lockconfigurationtype-minretentiondays", "PrimitiveType": "Double", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -9413,6 +9413,48 @@ } } }, + "AWS::Backup::Framework.ControlInputParameter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html", + "Properties": { + "ParameterName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html#cfn-backup-framework-controlinputparameter-parametername", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ParameterValue": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-controlinputparameter.html#cfn-backup-framework-controlinputparameter-parametervalue", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::Backup::Framework.FrameworkControl": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html", + "Properties": { + "ControlInputParameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlinputparameters", + "DuplicatesAllowed": false, + "ItemType": "ControlInputParameter", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "ControlName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ControlScope": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-framework-frameworkcontrol.html#cfn-backup-framework-frameworkcontrol-controlscope", + "PrimitiveType": "Json", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Batch::ComputeEnvironment.ComputeResources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html", "Properties": { @@ -20300,6 +20342,12 @@ "Required": false, "UpdateType": "Mutable" }, + "HttpProtocolIpv6": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-metadataoptions.html#cfn-ec2-launchtemplate-launchtemplatedata-metadataoptions-httpprotocolipv6", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "HttpPutResponseHopLimit": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-metadataoptions.html#cfn-ec2-launchtemplate-launchtemplatedata-metadataoptions-httpputresponsehoplimit", "PrimitiveType": "Integer", @@ -41890,6 +41938,277 @@ } } }, + "AWS::Lightsail::Disk.AddOn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-addon.html", + "Properties": { + "AddOnType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-addon.html#cfn-lightsail-disk-addon-addontype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "AutoSnapshotAddOnRequest": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-addon.html#cfn-lightsail-disk-addon-autosnapshotaddonrequest", + "Required": false, + "Type": "AutoSnapshotAddOn", + "UpdateType": "Mutable" + }, + "Status": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-addon.html#cfn-lightsail-disk-addon-status", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Disk.AutoSnapshotAddOn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-autosnapshotaddon.html", + "Properties": { + "SnapshotTimeOfDay": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-disk-autosnapshotaddon.html#cfn-lightsail-disk-autosnapshotaddon-snapshottimeofday", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.AddOn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-addon.html", + "Properties": { + "AddOnType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-addon.html#cfn-lightsail-instance-addon-addontype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "AutoSnapshotAddOnRequest": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-addon.html#cfn-lightsail-instance-addon-autosnapshotaddonrequest", + "Required": false, + "Type": "AutoSnapshotAddOn", + "UpdateType": "Mutable" + }, + "Status": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-addon.html#cfn-lightsail-instance-addon-status", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.AutoSnapshotAddOn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-autosnapshotaddon.html", + "Properties": { + "SnapshotTimeOfDay": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-autosnapshotaddon.html#cfn-lightsail-instance-autosnapshotaddon-snapshottimeofday", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.Disk": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html", + "Properties": { + "AttachedTo": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-attachedto", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "AttachmentState": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-attachmentstate", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DiskName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-diskname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "IOPS": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-iops", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "IsSystemDisk": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-issystemdisk", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "Path": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-path", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SizeInGb": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-disk.html#cfn-lightsail-instance-disk-sizeingb", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.Hardware": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-hardware.html", + "Properties": { + "CpuCount": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-hardware.html#cfn-lightsail-instance-hardware-cpucount", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Disks": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-hardware.html#cfn-lightsail-instance-hardware-disks", + "DuplicatesAllowed": false, + "ItemType": "Disk", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "RamSizeInGb": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-hardware.html#cfn-lightsail-instance-hardware-ramsizeingb", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.Location": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-location.html", + "Properties": { + "AvailabilityZone": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-location.html#cfn-lightsail-instance-location-availabilityzone", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RegionName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-location.html#cfn-lightsail-instance-location-regionname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.MonthlyTransfer": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-monthlytransfer.html", + "Properties": { + "GbPerMonthAllocated": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-monthlytransfer.html#cfn-lightsail-instance-monthlytransfer-gbpermonthallocated", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.Networking": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-networking.html", + "Properties": { + "MonthlyTransfer": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-networking.html#cfn-lightsail-instance-networking-monthlytransfer", + "Required": false, + "UpdateType": "Mutable" + }, + "Ports": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-networking.html#cfn-lightsail-instance-networking-ports", + "DuplicatesAllowed": false, + "ItemType": "Port", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.Port": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html", + "Properties": { + "AccessDirection": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-accessdirection", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "AccessFrom": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-accessfrom", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "AccessType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-accesstype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "CidrListAliases": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-cidrlistaliases", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Cidrs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-cidrs", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "CommonName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-commonname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FromPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-fromport", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Ipv6Cidrs": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-ipv6cidrs", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Protocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-protocol", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ToPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-port.html#cfn-lightsail-instance-port-toport", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance.State": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-state.html", + "Properties": { + "Code": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-state.html#cfn-lightsail-instance-state-code", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-instance-state.html#cfn-lightsail-instance-state-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Location::Map.MapConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-location-map-mapconfiguration.html", "Properties": { @@ -68369,6 +68688,93 @@ } } }, + "AWS::Backup::Framework": { + "Attributes": { + "CreationTime": { + "PrimitiveType": "Double" + }, + "DeploymentStatus": { + "PrimitiveType": "String" + }, + "FrameworkArn": { + "PrimitiveType": "String" + }, + "FrameworkStatus": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html", + "Properties": { + "FrameworkControls": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html#cfn-backup-framework-frameworkcontrols", + "DuplicatesAllowed": false, + "ItemType": "FrameworkControl", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "FrameworkDescription": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html#cfn-backup-framework-frameworkdescription", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FrameworkName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html#cfn-backup-framework-frameworkname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "FrameworkTags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-framework.html#cfn-backup-framework-frameworktags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Backup::ReportPlan": { + "Attributes": { + "ReportPlanArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html", + "Properties": { + "ReportDeliveryChannel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html#cfn-backup-reportplan-reportdeliverychannel", + "PrimitiveType": "Json", + "Required": true, + "UpdateType": "Mutable" + }, + "ReportPlanDescription": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html#cfn-backup-reportplan-reportplandescription", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ReportPlanName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html#cfn-backup-reportplan-reportplanname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "ReportPlanTags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html#cfn-backup-reportplan-reportplantags", + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "ReportSetting": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-backup-reportplan.html#cfn-backup-reportplan-reportsetting", + "PrimitiveType": "Json", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::Batch::ComputeEnvironment": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-batch-computeenvironment.html", "Properties": { @@ -88607,6 +89013,194 @@ } } }, + "AWS::Lightsail::Disk": { + "Attributes": { + "AttachedTo": { + "PrimitiveType": "String" + }, + "AttachmentState": { + "PrimitiveType": "String" + }, + "DiskArn": { + "PrimitiveType": "String" + }, + "Iops": { + "PrimitiveType": "Integer" + }, + "IsAttached": { + "PrimitiveType": "Boolean" + }, + "Path": { + "PrimitiveType": "String" + }, + "ResourceType": { + "PrimitiveType": "String" + }, + "State": { + "PrimitiveType": "String" + }, + "SupportCode": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html", + "Properties": { + "AddOns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html#cfn-lightsail-disk-addons", + "ItemType": "AddOn", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "AvailabilityZone": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html#cfn-lightsail-disk-availabilityzone", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "DiskName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html#cfn-lightsail-disk-diskname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "SizeInGb": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html#cfn-lightsail-disk-sizeingb", + "PrimitiveType": "Integer", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-disk.html#cfn-lightsail-disk-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::Lightsail::Instance": { + "Attributes": { + "Hardware.CpuCount": { + "PrimitiveType": "Integer" + }, + "Hardware.RamSizeInGb": { + "PrimitiveType": "Integer" + }, + "InstanceArn": { + "PrimitiveType": "String" + }, + "IsStaticIp": { + "PrimitiveType": "Boolean" + }, + "KeyPairName": { + "PrimitiveType": "String" + }, + "Location.AvailabilityZone": { + "PrimitiveType": "String" + }, + "Location.RegionName": { + "PrimitiveType": "String" + }, + "Networking.MonthlyTransfer.GbPerMonthAllocated": { + "PrimitiveType": "String" + }, + "PrivateIpAddress": { + "PrimitiveType": "String" + }, + "PublicIpAddress": { + "PrimitiveType": "String" + }, + "ResourceType": { + "PrimitiveType": "String" + }, + "SshKeyName": { + "PrimitiveType": "String" + }, + "State.Code": { + "PrimitiveType": "Integer" + }, + "State.Name": { + "PrimitiveType": "String" + }, + "SupportCode": { + "PrimitiveType": "String" + }, + "UserData": { + "PrimitiveType": "String" + }, + "UserName": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html", + "Properties": { + "AddOns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-addons", + "ItemType": "AddOn", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "AvailabilityZone": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-availabilityzone", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "BlueprintId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-blueprintid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "BundleId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-bundleid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Hardware": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-hardware", + "Required": false, + "Type": "Hardware", + "UpdateType": "Mutable" + }, + "InstanceName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-instancename", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Location": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-location", + "Required": false, + "Type": "Location", + "UpdateType": "Mutable" + }, + "Networking": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-networking", + "Required": false, + "Type": "Networking", + "UpdateType": "Mutable" + }, + "State": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-state", + "Required": false, + "Type": "State", + "UpdateType": "Mutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-instance.html#cfn-lightsail-instance-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::Location::GeofenceCollection": { "Attributes": { "Arn": { @@ -98254,6 +98848,12 @@ "AWS::SSM::MaintenanceWindowTask": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html", "Properties": { + "CutoffBehavior": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html#cfn-ssm-maintenancewindowtask-cutoffbehavior", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "Description": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html#cfn-ssm-maintenancewindowtask-description", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json b/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json index ae7bf4601634e..5510475b3e7d2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json @@ -491,12 +491,6 @@ "Required": true, "Type": "Destination", "UpdateType": "Immutable" - }, - "OnSuccess": { - "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#destination-config-object", - "Required": true, - "Type": "Destination", - "UpdateType": "Immutable" } } }, @@ -615,7 +609,7 @@ "DestinationConfig": { "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#event-invoke-config-object", "Required": false, - "Type": "DestinationConfig", + "Type": "EventInvokeDestinationConfig", "UpdateType": "Immutable" }, "MaximumEventAgeInSeconds": { @@ -632,6 +626,23 @@ } } }, + "AWS::Serverless::Function.EventInvokeDestinationConfig": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#event-invoke-destination-config-object", + "Properties": { + "OnFailure": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#event-invoke-destination-config-object", + "Required": true, + "Type": "Destination", + "UpdateType": "Immutable" + }, + "OnSuccess": { + "Documentation": "https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#event-invoke-destination-config-object", + "Required": true, + "Type": "Destination", + "UpdateType": "Immutable" + } + } + }, "AWS::Serverless::Function.EventSource": { "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#event-source-object", "Properties": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/902_Lightsail_Instance_patch.json b/packages/@aws-cdk/cfnspec/spec-source/902_Lightsail_Instance_patch.json new file mode 100644 index 0000000000000..2198e6445bc89 --- /dev/null +++ b/packages/@aws-cdk/cfnspec/spec-source/902_Lightsail_Instance_patch.json @@ -0,0 +1,16 @@ +{ + "PropertyTypes": { + "patch": { + "description": "Add type", + "operations": [ + { + "op": "add", + "path": "/AWS::Lightsail::Instance.Networking/Properties/MonthlyTransfer", + "value": { + "PrimitiveType": "Integer" + } + } + ] + } + } +} diff --git a/packages/@aws-cdk/cfnspec/test/spec-validators.ts b/packages/@aws-cdk/cfnspec/test/spec-validators.ts index d7507f2753d27..408febb3e1b50 100644 --- a/packages/@aws-cdk/cfnspec/test/spec-validators.ts +++ b/packages/@aws-cdk/cfnspec/test/spec-validators.ts @@ -109,7 +109,9 @@ function validateProperties( } } else { - expect(false).toBeTruthy(); //`${typeName}.Properties.${name} has known type` + // eslint-disable-next-line no-console + console.error(`${typeName}.Properties.${name} has known type: ${JSON.stringify(property)}`); + expect(false).toBeTruthy(); } expect(without(Object.keys(property), expectedKeys)).toEqual([]); diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index 28c53e5d49c01..28e63ecaed94c 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -172,6 +172,7 @@ "@aws-cdk/aws-lakeformation": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-licensemanager": "0.0.0", + "@aws-cdk/aws-lightsail": "0.0.0", "@aws-cdk/aws-location": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-lookoutequipment": "0.0.0", @@ -346,6 +347,7 @@ "@aws-cdk/aws-lakeformation": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-licensemanager": "0.0.0", + "@aws-cdk/aws-lightsail": "0.0.0", "@aws-cdk/aws-location": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-lookoutequipment": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 775a12f5ea799..ad2aeeace6cd1 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -255,6 +255,7 @@ "@aws-cdk/aws-lambda-nodejs": "0.0.0", "@aws-cdk/aws-lambda-python": "0.0.0", "@aws-cdk/aws-licensemanager": "0.0.0", + "@aws-cdk/aws-lightsail": "0.0.0", "@aws-cdk/aws-location": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-logs-destinations": "0.0.0", @@ -327,6 +328,7 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/aws-xray": "0.0.0", + "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-include": "0.0.0", "@aws-cdk/core": "0.0.0", @@ -336,16 +338,15 @@ "@aws-cdk/lambda-layer-kubectl": "0.0.0", "@aws-cdk/lambda-layer-node-proxy-agent": "0.0.0", "@aws-cdk/pipelines": "0.0.0", + "@aws-cdk/pkglint": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/ubergen": "0.0.0", "@types/fs-extra": "^8.1.2", "@types/node": "^10.17.60", - "@aws-cdk/cdk-build-tools": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "@aws-cdk/pkglint": "0.0.0", "ts-node": "^9.1.1", - "typescript": "~3.8.3", - "@aws-cdk/ubergen": "0.0.0" + "typescript": "~3.8.3" }, "peerDependencies": { "constructs": "^3.3.69" diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 3af4c634c0146..88e8392ad3741 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -158,6 +158,7 @@ "@aws-cdk/aws-lambda-nodejs": "0.0.0", "@aws-cdk/aws-lambda-python": "0.0.0", "@aws-cdk/aws-licensemanager": "0.0.0", + "@aws-cdk/aws-lightsail": "0.0.0", "@aws-cdk/aws-location": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-logs-destinations": "0.0.0", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index fe897c32de354..526eb3ce967b3 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -252,6 +252,7 @@ "@aws-cdk/aws-lambda-nodejs": "0.0.0", "@aws-cdk/aws-lambda-python": "0.0.0", "@aws-cdk/aws-licensemanager": "0.0.0", + "@aws-cdk/aws-lightsail": "0.0.0", "@aws-cdk/aws-location": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-logs-destinations": "0.0.0", @@ -324,6 +325,7 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/aws-xray": "0.0.0", + "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-include": "0.0.0", "@aws-cdk/core": "0.0.0", @@ -333,17 +335,16 @@ "@aws-cdk/lambda-layer-kubectl": "0.0.0", "@aws-cdk/lambda-layer-node-proxy-agent": "0.0.0", "@aws-cdk/pipelines": "0.0.0", + "@aws-cdk/pkglint": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/ubergen": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.2", "@types/node": "^10.17.60", - "@aws-cdk/cdk-build-tools": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "@aws-cdk/pkglint": "0.0.0", "ts-node": "^9.1.1", - "typescript": "~3.8.3", - "@aws-cdk/ubergen": "0.0.0" + "typescript": "~3.8.3" }, "peerDependencies": { "constructs": "^3.3.69" From 435b66d963f144cdafa1401b3dee17d8e5f5cb01 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 6 Oct 2021 17:38:09 +0200 Subject: [PATCH 27/43] chore: npm-check-updates && yarn upgrade (#16823) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- yarn.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/yarn.lock b/yarn.lock index 289f8cfa5a7e4..f37ef2380facc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1740,9 +1740,9 @@ integrity sha512-uv53RrNdhbkV/3VmVCtfImfYCWC3GTTRn3R11Whni3EJ+gb178tkZBVNj2edLY5CMrB749dQi+SJkg87jsN8UQ== "@types/node@*", "@types/node@>= 8", "@types/node@^16.9.2": - version "16.10.2" - resolved "https://registry.yarnpkg.com/@types/node/-/node-16.10.2.tgz#5764ca9aa94470adb4e1185fe2e9f19458992b2e" - integrity sha512-zCclL4/rx+W5SQTzFs9wyvvyCwoK9QtBpratqz2IYJ3O8Umrn0m3nsTv0wQBk9sRGpvUe9CwPDrQFB10f1FIjQ== + version "16.10.3" + resolved "https://registry.yarnpkg.com/@types/node/-/node-16.10.3.tgz#7a8f2838603ea314d1d22bb3171d899e15c57bd5" + integrity sha512-ho3Ruq+fFnBrZhUYI46n/bV2GjwzSkwuT4dTf0GkuNFmnb8nq4ny2z9JEVemFi6bdEJanHLlYfy9c6FN9B9McQ== "@types/node@^10.17.60": version "10.17.60" @@ -2651,9 +2651,9 @@ camelcase@^6.0.0, camelcase@^6.2.0: integrity sha512-c7wVvbw3f37nuobQNtgsgG9POC9qMbNuMQmTCqZv23b6MIz0fcYpBiOlv9gEN/hdLdnZTDQhg6e9Dq5M1vKvfg== caniuse-lite@^1.0.30001264: - version "1.0.30001264" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001264.tgz#88f625a60efb6724c7c62ac698bc8dbd9757e55b" - integrity sha512-Ftfqqfcs/ePiUmyaySsQ4PUsdcYyXG2rfoBVsk3iY1ahHaJEw65vfb7Suzqm+cEkwwPIv/XWkg27iCpRavH4zA== + version "1.0.30001265" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001265.tgz#0613c9e6c922e422792e6fcefdf9a3afeee4f8c3" + integrity sha512-YzBnspggWV5hep1m9Z6sZVLOt7vrju8xWooFAgN6BA5qvy98qPAPb7vNUzypFaoh2pb3vlfzbDO8tB57UPGbtw== capture-exit@^2.0.0: version "2.0.0" @@ -3605,9 +3605,9 @@ ecc-jsbn@~0.1.1: safer-buffer "^2.1.0" electron-to-chromium@^1.3.857: - version "1.3.859" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.859.tgz#4e0abc918e1c22b306ba13b4c3649f78295f5937" - integrity sha512-gXRXKNWedfdiKIzwr0Mg/VGCvxXzy+4SuK9hp1BDvfbCwx0O5Ot+2f4CoqQkqEJ3Zj/eAV/GoAFgBVFgkBLXuQ== + version "1.3.860" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.860.tgz#d612e54ed75fa524c12af8da3ad8121ebfe2802b" + integrity sha512-gWwGZ+Wv4Mou2SJRH6JQzhTPjL5f95SX7n6VkLTQ/Q/INsZLZNQ1vH2GlZjozKyvT0kkFuCmWTwIoCj+/hUDPw== emittery@^0.7.1: version "0.7.2" From bdbe8b6cf6ab1ae261dddeb39576749e768183b3 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 6 Oct 2021 12:26:04 -0400 Subject: [PATCH 28/43] feat(appsync): Lambda Authorizer for AppSync GraphqlApi (#16743) Adds the relatively new [Lambda Authorizer for GraphqlApi](https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/). Closes: #16380. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-appsync/README.md | 36 +++- .../@aws-cdk/aws-appsync/lib/graphqlapi.ts | 59 +++++ .../aws-appsync/test/appsync-auth.test.ts | 204 ++++++++++++++++++ 3 files changed, 298 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-appsync/README.md b/packages/@aws-cdk/aws-appsync/README.md index 0145beae621f6..a191b51a86483 100644 --- a/packages/@aws-cdk/aws-appsync/README.md +++ b/packages/@aws-cdk/aws-appsync/README.md @@ -28,7 +28,7 @@ APIs that use GraphQL. ### DynamoDB -Example of a GraphQL API with `AWS_IAM` authorization resolving into a DynamoDb +Example of a GraphQL API with `AWS_IAM` [authorization](#authorization) resolving into a DynamoDb backend data source. GraphQL schema file `schema.graphql`: @@ -345,6 +345,40 @@ If you don't specify `graphqlArn` in `fromXxxAttributes`, CDK will autogenerate the expected `arn` for the imported api, given the `apiId`. For creating data sources and resolvers, an `apiId` is sufficient. +## Authorization + +There are multiple authorization types available for GraphQL API to cater to different +access use cases. They are: + +- API Keys (`AuthorizationType.API_KEY`) +- Amazon Cognito User Pools (`AuthorizationType.USER_POOL`) +- OpenID Connect (`AuthorizationType.OPENID_CONNECT`) +- AWS Identity and Access Management (`AuthorizationType.AWS_IAM`) +- AWS Lambda (`AuthorizationType.AWS_LAMBDA`) + +These types can be used simultaneously in a single API, allowing different types of clients to +access data. When you specify an authorization type, you can also specify the corresponding +authorization mode to finish defining your authorization. For example, this is a GraphQL API +with AWS Lambda Authorization. + +```ts +authFunction = new lambda.Function(stack, 'auth-function', {}); + +new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: authFunction, + // can also specify `resultsCacheTtl` and `validationRegex`. + }, + }, + }, +}); +``` + ## Permissions When using `AWS_IAM` as the authorization type for GraphQL API, an IAM Role diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index 8b0252bed9eb4..93c9078e32358 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -1,5 +1,6 @@ import { IUserPool } from '@aws-cdk/aws-cognito'; import { ManagedPolicy, Role, IRole, ServicePrincipal, Grant, IGrantable } from '@aws-cdk/aws-iam'; +import { IFunction } from '@aws-cdk/aws-lambda'; import { CfnResource, Duration, Expiration, IResolvable, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnApiKey, CfnGraphQLApi, CfnGraphQLSchema } from './appsync.generated'; @@ -29,6 +30,10 @@ export enum AuthorizationType { * OpenID Connect authorization type */ OIDC = 'OPENID_CONNECT', + /** + * Lambda authorization type + */ + LAMBDA = 'AWS_LAMBDA', } /** @@ -58,6 +63,11 @@ export interface AuthorizationMode { * @default - none */ readonly openIdConnectConfig?: OpenIdConnectConfig; + /** + * If authorizationType is `AuthorizationType.LAMBDA`, this option is required. + * @default - none + */ + readonly lambdaAuthorizerConfig?: LambdaAuthorizerConfig; } /** @@ -150,6 +160,38 @@ export interface OpenIdConnectConfig { readonly oidcProvider: string; } +/** + * Configuration for Lambda authorization in AppSync. Note that you can only have a single AWS Lambda function configured to authorize your API. + */ +export interface LambdaAuthorizerConfig { + /** + * The authorizer lambda function. + * Note: This Lambda function must have the following resource-based policy assigned to it. + * When configuring Lambda authorizers in the console, this is done for you. + * To do so with the AWS CLI, run the following: + * + * `aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction` + * + * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-graphqlapi-lambdaauthorizerconfig.html + */ + readonly handler: IFunction; + + /** + * How long the results are cached. + * Disable caching by setting this to 0. + * + * @default Duration.minutes(5) + */ + readonly resultsCacheTtl?: Duration; + + /** + * A regular expression for validation of tokens before the Lambda function is called. + * + * @default - no regex filter will be applied. + */ + readonly validationRegex?: string; +} + /** * Configuration of the API authorization modes. */ @@ -418,6 +460,7 @@ export class GraphqlApi extends GraphqlApiBase { logConfig: this.setupLogConfig(props.logConfig), openIdConnectConfig: this.setupOpenIdConnectConfig(defaultMode.openIdConnectConfig), userPoolConfig: this.setupUserPoolConfig(defaultMode.userPoolConfig), + lambdaAuthorizerConfig: this.setupLambdaAuthorizerConfig(defaultMode.lambdaAuthorizerConfig), additionalAuthenticationProviders: this.setupAdditionalAuthorizationModes(additionalModes), xrayEnabled: props.xrayEnabled, }); @@ -490,6 +533,9 @@ export class GraphqlApi extends GraphqlApiBase { } private validateAuthorizationProps(modes: AuthorizationMode[]) { + if (modes.filter((mode) => mode.authorizationType === AuthorizationType.LAMBDA).length > 1) { + throw new Error('You can only have a single AWS Lambda function configured to authorize your API.'); + } modes.map((mode) => { if (mode.authorizationType === AuthorizationType.OIDC && !mode.openIdConnectConfig) { throw new Error('Missing OIDC Configuration'); @@ -497,6 +543,9 @@ export class GraphqlApi extends GraphqlApiBase { if (mode.authorizationType === AuthorizationType.USER_POOL && !mode.userPoolConfig) { throw new Error('Missing User Pool Configuration'); } + if (mode.authorizationType === AuthorizationType.LAMBDA && !mode.lambdaAuthorizerConfig) { + throw new Error('Missing Lambda Configuration'); + } }); if (modes.filter((mode) => mode.authorizationType === AuthorizationType.API_KEY).length > 1) { throw new Error('You can\'t duplicate API_KEY configuration. See https://docs.aws.amazon.com/appsync/latest/devguide/security.html'); @@ -551,6 +600,15 @@ export class GraphqlApi extends GraphqlApiBase { }; } + private setupLambdaAuthorizerConfig(config?: LambdaAuthorizerConfig) { + if (!config) return undefined; + return { + authorizerResultTtlInSeconds: config.resultsCacheTtl?.toSeconds(), + authorizerUri: config.handler.functionArn, + identityValidationExpression: config.validationRegex, + }; + } + private setupAdditionalAuthorizationModes(modes?: AuthorizationMode[]) { if (!modes || modes.length === 0) return undefined; return modes.reduce((acc, mode) => [ @@ -558,6 +616,7 @@ export class GraphqlApi extends GraphqlApiBase { authenticationType: mode.authorizationType, userPoolConfig: this.setupUserPoolConfig(mode.userPoolConfig), openIdConnectConfig: this.setupOpenIdConnectConfig(mode.openIdConnectConfig), + lambdaAuthorizerConfig: this.setupLambdaAuthorizerConfig(mode.lambdaAuthorizerConfig), }, ], []); } diff --git a/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts b/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts index a137e54b0423f..67f12ae4bc13a 100644 --- a/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts +++ b/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts @@ -1,6 +1,7 @@ import * as path from 'path'; import { Template } from '@aws-cdk/assertions'; import * as cognito from '@aws-cdk/aws-cognito'; +import * as lambda from '@aws-cdk/aws-lambda'; import * as cdk from '@aws-cdk/core'; import * as appsync from '../lib'; @@ -630,3 +631,206 @@ describe('AppSync OIDC Authorization', () => { }); }); }); + +describe('AppSync Lambda Authorization', () => { + let fn: lambda.Function; + beforeEach(() => { + fn = new lambda.Function(stack, 'auth-function', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromInline('/* lambda authentication code here.*/'), + }); + }); + + test('Lambda authorization configurable in default authorization has default configuration', () => { + // WHEN + new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + }, + }, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { + AuthenticationType: 'AWS_LAMBDA', + LambdaAuthorizerConfig: { + AuthorizerUri: { + 'Fn::GetAtt': [ + 'authfunction96361832', + 'Arn', + ], + }, + }, + }); + }); + + test('Lambda authorization configurable in default authorization', () => { + // WHEN + new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + resultsCacheTtl: cdk.Duration.seconds(300), + validationRegex: 'custom-.*', + }, + }, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { + AuthenticationType: 'AWS_LAMBDA', + LambdaAuthorizerConfig: { + AuthorizerUri: { + 'Fn::GetAtt': [ + 'authfunction96361832', + 'Arn', + ], + }, + AuthorizerResultTtlInSeconds: 300, + IdentityValidationExpression: 'custom-.*', + }, + }); + }); + + test('Lambda authorization configurable in additional authorization has default configuration', () => { + // WHEN + new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + additionalAuthorizationModes: [{ + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + }, + }], + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { + AdditionalAuthenticationProviders: [{ + AuthenticationType: 'AWS_LAMBDA', + LambdaAuthorizerConfig: { + AuthorizerUri: { + 'Fn::GetAtt': [ + 'authfunction96361832', + 'Arn', + ], + }, + }, + }], + }); + }); + + test('Lambda authorization configurable in additional authorization', () => { + // WHEN + new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + additionalAuthorizationModes: [{ + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + resultsCacheTtl: cdk.Duration.seconds(300), + validationRegex: 'custom-.*', + }, + }], + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { + AdditionalAuthenticationProviders: [{ + AuthenticationType: 'AWS_LAMBDA', + LambdaAuthorizerConfig: { + AuthorizerUri: { + 'Fn::GetAtt': [ + 'authfunction96361832', + 'Arn', + ], + }, + AuthorizerResultTtlInSeconds: 300, + IdentityValidationExpression: 'custom-.*', + }, + }], + }); + }); + + test('Lambda authorization throws with multiple lambda authorization', () => { + expect(() => new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + }, + }, + additionalAuthorizationModes: [ + { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + resultsCacheTtl: cdk.Duration.seconds(300), + validationRegex: 'custom-.*', + }, + }, + ], + }, + })).toThrow('You can only have a single AWS Lambda function configured to authorize your API.'); + + expect(() => new appsync.GraphqlApi(stack, 'api2', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { authorizationType: appsync.AuthorizationType.IAM }, + additionalAuthorizationModes: [ + { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + resultsCacheTtl: cdk.Duration.seconds(300), + validationRegex: 'custom-.*', + }, + }, + { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + resultsCacheTtl: cdk.Duration.seconds(300), + validationRegex: 'custom-.*', + }, + }, + ], + }, + })).toThrow('You can only have a single AWS Lambda function configured to authorize your API.'); + }); + + test('throws if authorization type and mode do not match', () => { + expect(() => new appsync.GraphqlApi(stack, 'api', { + name: 'api', + schema: appsync.Schema.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + openIdConnectConfig: { oidcProvider: 'test' }, + }, + }, + })).toThrow('Missing Lambda Configuration'); + }); +}); \ No newline at end of file From d6a4de9c29d8ce5fd99536edde1163d0b321214d Mon Sep 17 00:00:00 2001 From: Ryan Parker Date: Wed, 6 Oct 2021 10:35:17 -0700 Subject: [PATCH 29/43] docs(aws-s3): Clarify update is required before setting `autoDeleteObjects` to `false` (#16828) ## Summary This PR: - Updates the documentation of the `aws-s3/Bucket`'s `autoDeleteObjects` prop to clarify that a user must first deploy with the latest CDK package before updating `autoDeleteObjects`'s value to `false` (to prevent the bucket from being emptied). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-s3/lib/bucket.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index 1da58cd3db260..d9065d0719c72 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -937,7 +937,7 @@ export interface BucketMetrics { * Specifies a list of tag filters to use as a metrics configuration filter. * The metrics configuration includes only objects that meet the filter's criteria. */ - readonly tagFilters?: {[tag: string]: any}; + readonly tagFilters?: { [tag: string]: any }; } /** @@ -1231,8 +1231,8 @@ export interface BucketProps { * * **Warning** if you have deployed a bucket with `autoDeleteObjects: true`, * switching this to `false` in a CDK version *before* `1.126.0` will lead to - * all objects in the bucket being deleted. Be sure to update to version `1.126.0` - * or later before switching this value to `false`. + * all objects in the bucket being deleted. Be sure to update your bucket resources + * by deploying with CDK version `1.126.0` or later **before** switching this value to `false`. * * @default false */ @@ -1797,7 +1797,7 @@ export class Bucket extends BucketBase { } } - private parseTagFilters(tagFilters?: {[tag: string]: any}) { + private parseTagFilters(tagFilters?: { [tag: string]: any }) { if (!tagFilters || tagFilters.length === 0) { return undefined; } From 6f0a5076b1e074fd33ed118af8e48b72d7593418 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 6 Oct 2021 14:59:50 -0400 Subject: [PATCH 30/43] fix(assertions): `hasResourceProperties` is incompatible with `Match.not` and `Match.absent` (#16678) Fixes #16626. This PR modifies `hasResourceProperties()` so that it accounts for the special case where `Properties` does not exist on the template. The following assertions previously behaved incorrectly when `Properties` were not in the template and are now fixed: ```ts template.fromStack(stack); // some template with no `Properties`. // assert that `Properties` does not exist in the template. Returns true. template.hasResourceProperties('Foo::Bar', Match.absent()); // assert that `baz` is not a `Property` of 'Foo::Bar'. Returns true. template.hasResourceProperties('Foo::Bar', { baz: Match.absent(), }; // assert that `baz` does not have a value of `qux` in the `Properties` object. Returns true. template.hasResourceProperties('Foo::Bar', Match.not({baz: 'qux'}); ``` It also moves `AbsentMatch` into the `private` folder so that it can be exposed internally as a special case for `hasResourceProperties()`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/assertions/lib/match.ts | 15 +------ .../assertions/lib/private/matchers/absent.ts | 15 +++++++ .../assertions/lib/private/resources.ts | 29 +++++++++++++- packages/@aws-cdk/assertions/lib/template.ts | 9 +++-- .../@aws-cdk/assertions/test/template.test.ts | 39 +++++++++++++++++-- 5 files changed, 85 insertions(+), 22 deletions(-) create mode 100644 packages/@aws-cdk/assertions/lib/private/matchers/absent.ts diff --git a/packages/@aws-cdk/assertions/lib/match.ts b/packages/@aws-cdk/assertions/lib/match.ts index 8e4d83a398347..70ad96dbee300 100644 --- a/packages/@aws-cdk/assertions/lib/match.ts +++ b/packages/@aws-cdk/assertions/lib/match.ts @@ -1,4 +1,5 @@ import { Matcher, MatchResult } from './matcher'; +import { AbsentMatch } from './private/matchers/absent'; import { getType } from './private/type'; /** @@ -329,17 +330,3 @@ class AnyMatch extends Matcher { return result; } } - -class AbsentMatch extends Matcher { - constructor(public readonly name: string) { - super(); - } - - public test(actual: any): MatchResult { - const result = new MatchResult(actual); - if (actual !== undefined) { - result.push(this, [], `Received ${actual}, but key should be absent`); - } - return result; - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/assertions/lib/private/matchers/absent.ts b/packages/@aws-cdk/assertions/lib/private/matchers/absent.ts new file mode 100644 index 0000000000000..0681f8ada8214 --- /dev/null +++ b/packages/@aws-cdk/assertions/lib/private/matchers/absent.ts @@ -0,0 +1,15 @@ +import { Matcher, MatchResult } from '../../matcher'; + +export class AbsentMatch extends Matcher { + constructor(public readonly name: string) { + super(); + } + + public test(actual: any): MatchResult { + const result = new MatchResult(actual); + if (actual !== undefined) { + result.push(this, [], `Received ${actual}, but key should be absent`); + } + return result; + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/assertions/lib/private/resources.ts b/packages/@aws-cdk/assertions/lib/private/resources.ts index aeb2037d81ad4..68e8e6c2ddff8 100644 --- a/packages/@aws-cdk/assertions/lib/private/resources.ts +++ b/packages/@aws-cdk/assertions/lib/private/resources.ts @@ -1,3 +1,5 @@ +import { Match, Matcher } from '..'; +import { AbsentMatch } from './matchers/absent'; import { formatFailure, matchSection } from './section'; import { Resource, Template } from './template'; @@ -15,7 +17,6 @@ export function findResources(template: Template, type: string, props: any = {}) export function hasResource(template: Template, type: string, props: any): string | void { const section = template.Resources; const result = matchSection(filterType(section, type), props); - if (result.match) { return; } @@ -30,6 +31,20 @@ export function hasResource(template: Template, type: string, props: any): strin ].join('\n'); } +export function hasResourceProperties(template: Template, type: string, props: any): string | void { + // amended needs to be a deep copy to avoid modifying the template. + let amended = JSON.parse(JSON.stringify(template)); + + // special case to exclude AbsentMatch because adding an empty Properties object will affect its evaluation. + if (!Matcher.isMatcher(props) || !(props instanceof AbsentMatch)) { + amended = addEmptyProperties(amended); + } + + return hasResource(amended, type, Match.objectLike({ + Properties: props, + })); +} + export function countResources(template: Template, type: string): number { const section = template.Resources; const types = filterType(section, type); @@ -37,6 +52,18 @@ export function countResources(template: Template, type: string): number { return Object.entries(types).length; } +function addEmptyProperties(template: Template): Template { + let section = template.Resources; + + Object.keys(section).map((key) => { + if (!section[key].hasOwnProperty('Properties')) { + section[key].Properties = {}; + } + }); + + return template; +} + function filterType(section: { [key: string]: Resource }, type: string): { [key: string]: Resource } { return Object.entries(section ?? {}) .filter(([_, v]) => v.Type === type) diff --git a/packages/@aws-cdk/assertions/lib/template.ts b/packages/@aws-cdk/assertions/lib/template.ts index d3871c6cda36b..01e0d3376dc8c 100644 --- a/packages/@aws-cdk/assertions/lib/template.ts +++ b/packages/@aws-cdk/assertions/lib/template.ts @@ -3,7 +3,7 @@ import { Match } from './match'; import { Matcher } from './matcher'; import { findMappings, hasMapping } from './private/mappings'; import { findOutputs, hasOutput } from './private/outputs'; -import { countResources, findResources, hasResource } from './private/resources'; +import { countResources, findResources, hasResource, hasResourceProperties } from './private/resources'; import { Template as TemplateType } from './private/template'; /** @@ -74,9 +74,10 @@ export class Template { * @param props the 'Properties' section of the resource as should be expected in the template. */ public hasResourceProperties(type: string, props: any): void { - this.hasResource(type, Match.objectLike({ - Properties: Matcher.isMatcher(props) ? props : Match.objectLike(props), - })); + const matchError = hasResourceProperties(this.template, type, props); + if (matchError) { + throw new Error(matchError); + } } /** diff --git a/packages/@aws-cdk/assertions/test/template.test.ts b/packages/@aws-cdk/assertions/test/template.test.ts index 92f169488fd69..3384cda21207f 100644 --- a/packages/@aws-cdk/assertions/test/template.test.ts +++ b/packages/@aws-cdk/assertions/test/template.test.ts @@ -270,7 +270,24 @@ describe('Template', () => { }); describe('hasResourceProperties', () => { - test('absent', () => { + test('exact match', () => { + const stack = new Stack(); + new CfnResource(stack, 'Foo', { + type: 'Foo::Bar', + properties: { baz: 'qux' }, + }); + + const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', { baz: 'qux' }); + + expect(() => inspect.hasResourceProperties('Foo::Bar', { baz: 'waldo' })) + .toThrow(/Expected waldo but received qux at \/Properties\/baz/); + + expect(() => inspect.hasResourceProperties('Foo::Bar', { baz: 'qux', fred: 'waldo' })) + .toThrow(/Missing key at \/Properties\/fred/); + }); + + test('absent - with properties', () => { const stack = new Stack(); new CfnResource(stack, 'Foo', { type: 'Foo::Bar', @@ -278,25 +295,31 @@ describe('Template', () => { }); const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', { bar: Match.absent(), }); + expect(() => inspect.hasResourceProperties('Foo::Bar', { baz: Match.absent(), })).toThrow(/key should be absent at \/Properties\/baz/); }); - test('absent - no properties on template', () => { + test('absent - no properties', () => { const stack = new Stack(); new CfnResource(stack, 'Foo', { type: 'Foo::Bar', }); const inspect = Template.fromStack(stack); + + expect(() => inspect.hasResourceProperties('Foo::Bar', { bar: Match.absent(), baz: 'qux' })) + .toThrow(/Missing key at \/Properties\/baz/); + inspect.hasResourceProperties('Foo::Bar', Match.absent()); }); - test('not', () => { + test('not - with properties', () => { const stack = new Stack(); new CfnResource(stack, 'Foo', { type: 'Foo::Bar', @@ -308,6 +331,16 @@ describe('Template', () => { baz: 'boo', })); }); + + test('not - no properties', () => { + const stack = new Stack(); + new CfnResource(stack, 'Foo', { + type: 'Foo::Bar', + }); + + const inspect = Template.fromStack(stack); + inspect.hasResourceProperties('Foo::Bar', Match.not({ baz: 'qux' })); + }); }); describe('getResources', () => { From 6d468d2f742aad8bc9de6bfe9650c3cdccd30a32 Mon Sep 17 00:00:00 2001 From: Julian Michel Date: Wed, 6 Oct 2021 23:37:15 +0200 Subject: [PATCH 31/43] feat(ec2): add X2gd instances (#16810) Add support for X2gd instances. Announcement: https://aws.amazon.com/about-aws/whats-new/2021/03/announcing-new-amazon-ec2-x2gd-instances-powered-by-aws-graviton2-processors/ Closes #16794. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/lib/instance-types.ts | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts index 013f7d3389f3c..1b778fee66e6e 100644 --- a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts +++ b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts @@ -372,6 +372,16 @@ export enum InstanceClass { */ X1E = 'x1e', + /** + * Memory-intensive instances, 2nd generation with Graviton2 processors and local NVME drive + */ + MEMORY_INTENSIVE_2_GRAVITON2_NVME_DRIVE = 'x2gd', + + /** + * Memory-intensive instances, 2nd generation with Graviton2 processors and local NVME drive + */ + X2GD = 'x2gd', + /** * Instances with customizable hardware acceleration, 1st generation */ From d29a20bece48829e5dddbf3fd9045a96f1440c02 Mon Sep 17 00:00:00 2001 From: Xiao Yuan Kong Date: Wed, 6 Oct 2021 19:55:18 -0300 Subject: [PATCH 32/43] feat(aws-chatbot): allow adding a sns topic in existing SlackChannel (#16643) closes #15588 --- packages/@aws-cdk/aws-chatbot/README.md | 3 +++ .../lib/slack-channel-configuration.ts | 19 ++++++++++++++-- .../test/slack-channel-configuration.test.ts | 22 ++++++++++++++++++- 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-chatbot/README.md b/packages/@aws-cdk/aws-chatbot/README.md index d8242bf30bea2..5e871bb81db48 100644 --- a/packages/@aws-cdk/aws-chatbot/README.md +++ b/packages/@aws-cdk/aws-chatbot/README.md @@ -17,6 +17,7 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw ```ts import * as chatbot from '@aws-cdk/aws-chatbot'; +import * as sns from '@aws-cdk/aws-sns'; const slackChannel = new chatbot.SlackChannelConfiguration(this, 'MySlackChannel', { slackChannelConfigurationName: 'YOUR_CHANNEL_NAME', @@ -31,6 +32,8 @@ slackChannel.addToRolePolicy(new iam.PolicyStatement({ ], resources: ['arn:aws:s3:::abc/xyz/123.txt'], })); + +slackChannel.addNotificationTopic(new sns.Topic(this, 'MyTopic')) ``` ## Log Group diff --git a/packages/@aws-cdk/aws-chatbot/lib/slack-channel-configuration.ts b/packages/@aws-cdk/aws-chatbot/lib/slack-channel-configuration.ts index 690bb95c9bffd..d7d48f9efc9f2 100644 --- a/packages/@aws-cdk/aws-chatbot/lib/slack-channel-configuration.ts +++ b/packages/@aws-cdk/aws-chatbot/lib/slack-channel-configuration.ts @@ -239,7 +239,6 @@ export class SlackChannelConfiguration extends SlackChannelConfigurationBase { } else { this.slackChannelConfigurationName = resourceName.substring('slack-channel/'.length); } - } } @@ -268,6 +267,12 @@ export class SlackChannelConfiguration extends SlackChannelConfigurationBase { readonly grantPrincipal: iam.IPrincipal; + /** + * The SNS topic that deliver notifications to AWS Chatbot. + * @attribute + */ + private readonly notificationTopics: sns.ITopic[]; + constructor(scope: Construct, id: string, props: SlackChannelConfigurationProps) { super(scope, id, { physicalName: props.slackChannelConfigurationName, @@ -279,12 +284,14 @@ export class SlackChannelConfiguration extends SlackChannelConfigurationBase { this.grantPrincipal = this.role; + this.notificationTopics = props.notificationTopics ?? []; + const configuration = new CfnSlackChannelConfiguration(this, 'Resource', { configurationName: props.slackChannelConfigurationName, iamRoleArn: this.role.roleArn, slackWorkspaceId: props.slackWorkspaceId, slackChannelId: props.slackChannelId, - snsTopicArns: props.notificationTopics?.map(topic => topic.topicArn), + snsTopicArns: cdk.Lazy.list({ produce: () => this.notificationTopics.map(topic => topic.topicArn) }, { omitEmpty: true } ), loggingLevel: props.loggingLevel?.toString(), }); @@ -303,5 +310,13 @@ export class SlackChannelConfiguration extends SlackChannelConfigurationBase { this.slackChannelConfigurationArn = configuration.ref; this.slackChannelConfigurationName = props.slackChannelConfigurationName; } + + /** + * Adds a SNS topic that deliver notifications to AWS Chatbot. + * @param notificationTopic + */ + public addNotificationTopic(notificationTopic: sns.ITopic): void { + this.notificationTopics.push(notificationTopic); + } } diff --git a/packages/@aws-cdk/aws-chatbot/test/slack-channel-configuration.test.ts b/packages/@aws-cdk/aws-chatbot/test/slack-channel-configuration.test.ts index 63bf61b46d21c..01aa5d88c2c5d 100644 --- a/packages/@aws-cdk/aws-chatbot/test/slack-channel-configuration.test.ts +++ b/packages/@aws-cdk/aws-chatbot/test/slack-channel-configuration.test.ts @@ -1,5 +1,5 @@ -import '@aws-cdk/assert-internal/jest'; import { ABSENT } from '@aws-cdk/assert-internal'; +import '@aws-cdk/assert-internal/jest'; import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; @@ -99,6 +99,26 @@ describe('SlackChannelConfiguration', () => { }); }); + test('allows adding a Topic after creating the SlackChannel', () => { + const slackChannel = new chatbot.SlackChannelConfiguration(stack, 'MySlackChannel', { + slackWorkspaceId: 'ABC123', + slackChannelId: 'DEF456', + slackChannelConfigurationName: 'Test', + }); + + const topic = new sns.Topic(stack, 'MyTopic'); + slackChannel.addNotificationTopic(topic); + + expect(stack).toHaveResourceLike('AWS::Chatbot::SlackChannelConfiguration', { + ConfigurationName: 'Test', + SnsTopicArns: [ + { + Ref: 'MyTopic86869434', + }, + ], + }); + }); + test('created with existing role', () => { const role = iam.Role.fromRoleArn(stack, 'Role', 'arn:aws:iam:::role/test-role'); From 13f67e7dbcf2ca7a921e7ffb932f260c74005408 Mon Sep 17 00:00:00 2001 From: Amir Szekely <73248943+amirfireeye@users.noreply.github.com> Date: Wed, 6 Oct 2021 22:42:23 -0700 Subject: [PATCH 33/43] feat(ecr-assets): control docker image asset hash (#16070) Docker build args are meant for build system specific configuration like http proxy or CodeArtifact tokens. Give the user an option to not hash build args so the DockerImageAsset hash can remain consistent even when using build args. An inconsistent hash means the asset is built every synth and that wastes time and space. This change is backwards compatible as the default hashing behavior remains the same. closes #15936 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ecr-assets/README.md | 7 ++- .../aws-ecr-assets/lib/image-asset.ts | 57 ++++++++++++++++-- .../aws-ecr-assets/test/image-asset.test.ts | 59 +++++++++++++++++++ 3 files changed, 117 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-ecr-assets/README.md b/packages/@aws-cdk/aws-ecr-assets/README.md index 8221fe8091d14..b106c952007b8 100644 --- a/packages/@aws-cdk/aws-ecr-assets/README.md +++ b/packages/@aws-cdk/aws-ecr-assets/README.md @@ -50,13 +50,18 @@ Use `asset.imageUri` to reference the image. It includes both the ECR image URL and tag. You can optionally pass build args to the `docker build` command by specifying -the `buildArgs` property: +the `buildArgs` property. It is recommended to skip hashing of `buildArgs` for +values that can change between different machines to maintain a consistent +asset hash. ```ts const asset = new DockerImageAsset(this, 'MyBuildImage', { directory: path.join(__dirname, 'my-image'), buildArgs: { HTTP_PROXY: 'http://10.20.30.2:1234' + }, + invalidation: { + buildArgs: false } }); ``` diff --git a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts index 7003fc6931826..e579baf55ac41 100644 --- a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts +++ b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts @@ -12,6 +12,46 @@ import { FingerprintOptions, FollowMode, IAsset } from '@aws-cdk/assets'; // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; +/** + * Options to control invalidation of `DockerImageAsset` asset hashes + */ +export interface DockerImageAssetInvalidationOptions { + /** + * Use `extraHash` while calculating the asset hash + * + * @default true + */ + readonly extraHash?: boolean; + + /** + * Use `buildArgs` while calculating the asset hash + * + * @default true + */ + readonly buildArgs?: boolean; + + /** + * Use `target` while calculating the asset hash + * + * @default true + */ + readonly target?: boolean; + + /** + * Use `file` while calculating the asset hash + * + * @default true + */ + readonly file?: boolean; + + /** + * Use `repositoryName` while calculating the asset hash + * + * @default true + */ + readonly repositoryName?: boolean; +} + /** * Options for DockerImageAsset */ @@ -54,6 +94,13 @@ export interface DockerImageAssetOptions extends FingerprintOptions, FileFingerp * @default 'Dockerfile' */ readonly file?: string; + + /** + * Options to control which parameters are used to invalidate the asset hash. + * + * @default - hash all parameters + */ + readonly invalidation?: DockerImageAssetInvalidationOptions; } /** @@ -150,11 +197,11 @@ export class DockerImageAsset extends CoreConstruct implements IAsset { // include build context in "extra" so it will impact the hash const extraHash: { [field: string]: any } = {}; - if (props.extraHash) { extraHash.user = props.extraHash; } - if (props.buildArgs) { extraHash.buildArgs = props.buildArgs; } - if (props.target) { extraHash.target = props.target; } - if (props.file) { extraHash.file = props.file; } - if (props.repositoryName) { extraHash.repositoryName = props.repositoryName; } + if (props.invalidation?.extraHash !== false && props.extraHash) { extraHash.user = props.extraHash; } + if (props.invalidation?.buildArgs !== false && props.buildArgs) { extraHash.buildArgs = props.buildArgs; } + if (props.invalidation?.target !== false && props.target) { extraHash.target = props.target; } + if (props.invalidation?.file !== false && props.file) { extraHash.file = props.file; } + if (props.invalidation?.repositoryName !== false && props.repositoryName) { extraHash.repositoryName = props.repositoryName; } // add "salt" to the hash in order to invalidate the image in the upgrade to // 1.21.0 which removes the AdoptedRepository resource (and will cause the diff --git a/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts b/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts index 667a2ba9d0145..e08ef41d2d868 100644 --- a/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts +++ b/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts @@ -55,6 +55,65 @@ describe('image asset', () => { }); + testFutureBehavior('with hash options', flags, App, (app) => { + // WHEN + const stack = new Stack(app); + new DockerImageAsset(stack, 'Image1', { + directory: path.join(__dirname, 'demo-image'), + buildArgs: { + a: 'b', + }, + invalidation: { + buildArgs: false, + }, + }); + new DockerImageAsset(stack, 'Image2', { + directory: path.join(__dirname, 'demo-image'), + buildArgs: { + a: 'c', + }, + invalidation: { + buildArgs: false, + }, + }); + new DockerImageAsset(stack, 'Image3', { + directory: path.join(__dirname, 'demo-image'), + buildArgs: { + a: 'b', + }, + }); + + // THEN + const asm = app.synth(); + const artifact = asm.getStackArtifact(stack.artifactId); + expect(artifact.template).toEqual({}); + expect(artifact.assets).toEqual([ + { + 'buildArgs': { + 'a': 'b', + }, + repositoryName: 'aws-cdk/assets', + imageTag: '8c1d9ca9f5d37b1c4870c13a9f855301bb42c1848dbcdd5edc8fe2c6c7261d48', + id: '8c1d9ca9f5d37b1c4870c13a9f855301bb42c1848dbcdd5edc8fe2c6c7261d48', + packaging: 'container-image', + path: 'asset.8c1d9ca9f5d37b1c4870c13a9f855301bb42c1848dbcdd5edc8fe2c6c7261d48', + sourceHash: '8c1d9ca9f5d37b1c4870c13a9f855301bb42c1848dbcdd5edc8fe2c6c7261d48', + }, + { + 'buildArgs': { + 'a': 'b', + }, + 'id': 'd4bbfde4749763cef9707486f81ce1e95d25cedaf4cc34cfcdab7232ec1948ff', + 'imageTag': 'd4bbfde4749763cef9707486f81ce1e95d25cedaf4cc34cfcdab7232ec1948ff', + 'packaging': 'container-image', + 'path': 'asset.d4bbfde4749763cef9707486f81ce1e95d25cedaf4cc34cfcdab7232ec1948ff', + 'repositoryName': 'aws-cdk/assets', + 'sourceHash': 'd4bbfde4749763cef9707486f81ce1e95d25cedaf4cc34cfcdab7232ec1948ff', + }, + ]); + + }); + testFutureBehavior('with target', flags, App, (app) => { // WHEN const stack = new Stack(app); From 42d43db12bc2ee7cf254424f41571348f8cd6222 Mon Sep 17 00:00:00 2001 From: Ryan Parker Date: Thu, 7 Oct 2021 00:55:38 -0700 Subject: [PATCH 34/43] fix(aws-eks,sdk-provider): full proxy support (#16840) ## Summary CDK was extracting the value of HTTPS?_PROXY and passing this to proxy-agent explicitly, which resulted in not honoring the NO_PROXY setting. This removes that behavior and lets proxy-agent delegate to proxy-from-env, which will leverage values in HTTPS?_PROXY and NO_PROXY correctly. Tested by deploying [this sample repo](https://github.com/ryparker/aws-cdk-sample-eks) and monitoring Squid proxy logs while triggering the "onEvent" Lambda. Fixes #7121 Related PRs: https://github.com/aws/aws-cdk/pull/16751, https://github.com/aws/aws-cdk/pull/16751 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/cluster-resource-handler/common.ts | 26 ++++----------- .../aws-cdk/lib/api/aws-auth/sdk-provider.ts | 33 ++++++------------- 2 files changed, 16 insertions(+), 43 deletions(-) diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts index 1adb2eb328564..8f563de833bf6 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts @@ -38,19 +38,15 @@ export abstract class ResourceHandler { RoleArn: roleToAssume, RoleSessionName: `AWSCDK.EKSCluster.${this.requestType}.${this.requestId}`, }); - - const proxyAddress = this.httpProxyFromEnvironment(); - if (proxyAddress) { - this.log(`Using proxy server: ${proxyAddress}`); - // eslint-disable-next-line @typescript-eslint/no-require-imports, import/no-extraneous-dependencies - const ProxyAgent: any = require('proxy-agent'); - aws.config.update({ - httpOptions: { agent: new ProxyAgent(proxyAddress) }, - }); - } } public onEvent() { + // eslint-disable-next-line @typescript-eslint/no-require-imports, import/no-extraneous-dependencies + const ProxyAgent: any = require('proxy-agent'); + aws.config.update({ + httpOptions: { agent: new ProxyAgent() }, + }); + switch (this.requestType) { case 'Create': return this.onCreate(); case 'Update': return this.onUpdate(); @@ -75,16 +71,6 @@ export abstract class ResourceHandler { console.log(JSON.stringify(x, undefined, 2)); } - private httpProxyFromEnvironment(): string | undefined { - if (process.env.http_proxy) { - return process.env.http_proxy; - } - if (process.env.HTTP_PROXY) { - return process.env.HTTP_PROXY; - } - return undefined; - } - protected abstract async onCreate(): Promise; protected abstract async onDelete(): Promise; protected abstract async onUpdate(): Promise<(OnEventResponse & EksUpdateId) | void>; diff --git a/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts b/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts index d06fba8a59529..4621d171bc357 100644 --- a/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts +++ b/packages/aws-cdk/lib/api/aws-auth/sdk-provider.ts @@ -374,48 +374,35 @@ function parseHttpOptions(options: SdkHttpOptions) { } config.customUserAgent = userAgent; - const proxyAddress = options.proxyAddress || httpsProxyFromEnvironment(); const caBundlePath = options.caBundlePath || caBundlePathFromEnvironment(); - if (proxyAddress && caBundlePath) { - throw new Error(`At the moment, cannot specify Proxy (${proxyAddress}) and CA Bundle (${caBundlePath}) at the same time. See https://github.com/aws/aws-cdk/issues/5804`); + if (options.proxyAddress && caBundlePath) { + throw new Error(`At the moment, cannot specify Proxy (${options.proxyAddress}) and CA Bundle (${caBundlePath}) at the same time. See https://github.com/aws/aws-cdk/issues/5804`); // Maybe it's possible after all, but I've been staring at // https://github.com/TooTallNate/node-proxy-agent/blob/master/index.js#L79 // a while now trying to figure out what to pass in so that the underlying Agent // object will get the 'ca' argument. It's not trivial and I don't want to risk it. } - if (proxyAddress) { // Ignore empty string on purpose - // https://aws.amazon.com/blogs/developer/using-the-aws-sdk-for-javascript-from-behind-a-proxy/ - debug('Using proxy server: %s', proxyAddress); - // eslint-disable-next-line @typescript-eslint/no-require-imports - const ProxyAgent: any = require('proxy-agent'); - config.httpOptions.agent = new ProxyAgent(proxyAddress); - } if (caBundlePath) { debug('Using CA bundle path: %s', caBundlePath); config.httpOptions.agent = new https.Agent({ ca: readIfPossible(caBundlePath), keepAlive: true, }); + } else { + // Configure the proxy agent. By default, this will use HTTPS?_PROXY and + // NO_PROXY environment variables to determine which proxy to use for each + // request. + // + // eslint-disable-next-line @typescript-eslint/no-require-imports + const ProxyAgent: any = require('proxy-agent'); + config.httpOptions.agent = new ProxyAgent(); } return config; } -/** - * Find and return the configured HTTPS proxy address - */ -function httpsProxyFromEnvironment(): string | undefined { - if (process.env.https_proxy) { - return process.env.https_proxy; - } - if (process.env.HTTPS_PROXY) { - return process.env.HTTPS_PROXY; - } - return undefined; -} - /** * Find and return a CA certificate bundle path to be passed into the SDK. */ From ebb211ba889acdcddbfb9338a4258009ccd494a2 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Thu, 7 Oct 2021 11:53:37 +0200 Subject: [PATCH 35/43] feat(cfnspec): cloudformation spec v43.0.0 (#16842) Co-authored-by: AWS CDK Team --- packages/@aws-cdk/cfnspec/CHANGELOG.md | 44 +++++++++++ ...0_CloudFormationResourceSpecification.json | 76 +++---------------- 2 files changed, 54 insertions(+), 66 deletions(-) diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 8ee6bf55e0aa1..19c814c818182 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -2,6 +2,50 @@ ## New Resource Types + +## Attribute Changes + + +## Property Changes + +* AWS::EKS::Cluster Logging (__deleted__) +* AWS::EKS::Cluster Tags (__deleted__) +* AWS::EKS::Cluster ResourcesVpcConfig.UpdateType (__changed__) + * Old: Mutable + * New: Immutable + +## Property Type Changes + +* AWS::EKS::Cluster.ClusterLogging (__removed__) +* AWS::EKS::Cluster.Logging (__removed__) +* AWS::EKS::Cluster.LoggingTypeConfig (__removed__) +* AWS::EKS::Cluster.Provider (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.PrimitiveType (__deleted__) +* AWS::EKS::Cluster.EncryptionConfig Provider.Type (__added__) +* AWS::EKS::Cluster.EncryptionConfig Provider.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.EncryptionConfig Resources.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.KubernetesNetworkConfig ServiceIpv4Cidr.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPrivateAccess (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig EndpointPublicAccess (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig PublicAccessCidrs (__deleted__) +* AWS::EKS::Cluster.ResourcesVpcConfig SecurityGroupIds.UpdateType (__changed__) + * Old: Immutable + * New: Mutable +* AWS::EKS::Cluster.ResourcesVpcConfig SubnetIds.UpdateType (__changed__) + * Old: Immutable + * New: Mutable + + +# CloudFormation Resource Specification v43.0.0 + +## New Resource Types + * AWS::Backup::Framework * AWS::Backup::ReportPlan * AWS::Lightsail::Disk diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index 3da6206bf3b2b..b5b29349fe4e4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -23800,33 +23800,21 @@ } } }, - "AWS::EKS::Cluster.ClusterLogging": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html", - "Properties": { - "EnabledTypes": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html#cfn-eks-cluster-clusterlogging-enabledtypes", - "ItemType": "LoggingTypeConfig", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::EKS::Cluster.EncryptionConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html", "Properties": { "Provider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html#cfn-eks-cluster-encryptionconfig-provider", - "PrimitiveType": "Json", "Required": false, - "UpdateType": "Immutable" + "Type": "Provider", + "UpdateType": "Mutable" }, "Resources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html#cfn-eks-cluster-encryptionconfig-resources", "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Immutable" + "UpdateType": "Mutable" } } }, @@ -23837,26 +23825,15 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-kubernetesnetworkconfig.html#cfn-eks-cluster-kubernetesnetworkconfig-serviceipv4cidr", "PrimitiveType": "String", "Required": false, - "UpdateType": "Immutable" - } - } - }, - "AWS::EKS::Cluster.Logging": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html", - "Properties": { - "ClusterLogging": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html#cfn-eks-cluster-logging-clusterlogging", - "Required": false, - "Type": "ClusterLogging", "UpdateType": "Mutable" } } }, - "AWS::EKS::Cluster.LoggingTypeConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html", + "AWS::EKS::Cluster.Provider": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html", "Properties": { - "Type": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html#cfn-eks-cluster-loggingtypeconfig-type", + "KeyArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html#cfn-eks-cluster-provider-keyarn", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" @@ -23866,38 +23843,19 @@ "AWS::EKS::Cluster.ResourcesVpcConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html", "Properties": { - "EndpointPrivateAccess": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-endpointprivateaccess", - "PrimitiveType": "Boolean", - "Required": false, - "UpdateType": "Mutable" - }, - "EndpointPublicAccess": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-endpointpublicaccess", - "PrimitiveType": "Boolean", - "Required": false, - "UpdateType": "Mutable" - }, - "PublicAccessCidrs": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-publicaccesscidrs", - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - }, "SecurityGroupIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-securitygroupids", "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Immutable" + "UpdateType": "Mutable" }, "SubnetIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html#cfn-eks-cluster-resourcesvpcconfig-subnetids", "PrimitiveItemType": "String", "Required": true, "Type": "List", - "UpdateType": "Immutable" + "UpdateType": "Mutable" } } }, @@ -79081,12 +79039,6 @@ "Type": "KubernetesNetworkConfig", "UpdateType": "Immutable" }, - "Logging": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-logging", - "Required": false, - "Type": "Logging", - "UpdateType": "Mutable" - }, "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-name", "PrimitiveType": "String", @@ -79097,7 +79049,7 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-resourcesvpcconfig", "Required": true, "Type": "ResourcesVpcConfig", - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "RoleArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-rolearn", @@ -79105,14 +79057,6 @@ "Required": true, "UpdateType": "Immutable" }, - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-tags", - "DuplicatesAllowed": false, - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - }, "Version": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html#cfn-eks-cluster-version", "PrimitiveType": "String", From 6829a2abe4d020d6a6eae7ff31e23b43d8762920 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 7 Oct 2021 12:57:26 +0200 Subject: [PATCH 36/43] fix(iam): not possible to represent `Principal: *` (#16843) Some service's resource policies require the specification of `Principal: *`, and will not accept `Principal: { AWS: * }`. Our code was making assumptions that the two were compatible, and could be interchangeably used. Our modelling made it impossible to represent `Principal: *`. - Fix an issue in `PolicyStatement.fromJson()` which would incorrectly normalize away `Principal: *`. - Add a new principal class, `StarPrincipal`, which represents the principal of that type in the CDK object model. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-iam/lib/policy-statement.ts | 20 +++++++--- packages/@aws-cdk/aws-iam/lib/principals.ts | 40 ++++++++++++++++++- packages/@aws-cdk/aws-iam/lib/util.ts | 16 +++++++- .../aws-iam/test/policy-document.test.ts | 1 + .../aws-iam/test/policy-statement.test.ts | 25 ++++++++++++ .../@aws-cdk/aws-iam/test/principals.test.ts | 29 ++++++++++++++ packages/@aws-cdk/aws-msk/lib/cluster.ts | 2 +- 7 files changed, 124 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts index 14ca172de5506..ecedbe7c2ded5 100644 --- a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts +++ b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts @@ -1,10 +1,11 @@ import * as cdk from '@aws-cdk/core'; +import { AnyPrincipal } from '.'; import { Group } from './group'; import { - AccountPrincipal, AccountRootPrincipal, Anyone, ArnPrincipal, CanonicalUserPrincipal, + AccountPrincipal, AccountRootPrincipal, ArnPrincipal, CanonicalUserPrincipal, FederatedPrincipal, IPrincipal, PrincipalBase, PrincipalPolicyFragment, ServicePrincipal, ServicePrincipalOpts, } from './principals'; -import { mergePrincipal } from './util'; +import { LITERAL_STRING_KEY, mergePrincipal } from './util'; const ensureArrayOrUndefined = (field: any) => { if (field === undefined) { @@ -239,7 +240,7 @@ export class PolicyStatement { * Adds all identities in all accounts ("*") to this policy statement */ public addAnyPrincipal() { - this.addPrincipals(new Anyone()); + this.addPrincipals(new AnyPrincipal()); } // @@ -370,6 +371,11 @@ export class PolicyStatement { function _normPrincipal(principal: { [key: string]: any[] }) { const keys = Object.keys(principal); if (keys.length === 0) { return undefined; } + + if (LITERAL_STRING_KEY in principal) { + return principal[LITERAL_STRING_KEY][0]; + } + const result: any = {}; for (const key of keys) { const normVal = _norm(principal[key]); @@ -600,9 +606,13 @@ class JsonPrincipal extends PrincipalBase { constructor(json: any = { }) { super(); - // special case: if principal is a string, turn it into an "AWS" principal + // special case: if principal is a string, turn it into a "LiteralString" principal, + // so we render the exact same string back out. if (typeof(json) === 'string') { - json = { AWS: json }; + json = { [LITERAL_STRING_KEY]: [json] }; + } + if (typeof(json) !== 'object') { + throw new Error(`JSON IAM principal should be an object, got ${JSON.stringify(json)}`); } this.policyFragment = { diff --git a/packages/@aws-cdk/aws-iam/lib/principals.ts b/packages/@aws-cdk/aws-iam/lib/principals.ts index 2c89f96749324..001792cbcc475 100644 --- a/packages/@aws-cdk/aws-iam/lib/principals.ts +++ b/packages/@aws-cdk/aws-iam/lib/principals.ts @@ -3,7 +3,7 @@ import { Default, RegionInfo } from '@aws-cdk/region-info'; import { IOpenIdConnectProvider } from './oidc-provider'; import { Condition, Conditions, PolicyStatement } from './policy-statement'; import { ISamlProvider } from './saml-provider'; -import { mergePrincipal } from './util'; +import { LITERAL_STRING_KEY, mergePrincipal } from './util'; /** * Any object that has an associated principal that a permission can be granted to @@ -252,6 +252,15 @@ export class PrincipalWithConditions implements IPrincipal { * * This consists of the JSON used in the "Principal" field, and optionally a * set of "Condition"s that need to be applied to the policy. + * + * Generally, a principal looks like: + * + * { '': ['ID', 'ID', ...] } + * + * And this is also the type of the field `principalJson`. However, there is a + * special type of principal that is just the string '*', which is treated + * differently by some services. To represent that principal, `principalJson` + * should contain `{ 'LiteralString': ['*'] }`. */ export class PrincipalPolicyFragment { /** @@ -545,7 +554,14 @@ export class AccountRootPrincipal extends AccountPrincipal { } /** - * A principal representing all identities in all accounts + * A principal representing all AWS identities in all accounts + * + * Some services behave differently when you specify `Principal: '*'` + * or `Principal: { AWS: "*" }` in their resource policy. + * + * `AnyPrincipal` renders to `Principal: { AWS: "*" }`. This is correct + * most of the time, but in cases where you need the other principal, + * use `StarPrincipal` instead. */ export class AnyPrincipal extends ArnPrincipal { constructor() { @@ -563,6 +579,26 @@ export class AnyPrincipal extends ArnPrincipal { */ export class Anyone extends AnyPrincipal { } +/** + * A principal that uses a literal '*' in the IAM JSON language + * + * Some services behave differently when you specify `Principal: "*"` + * or `Principal: { AWS: "*" }` in their resource policy. + * + * `StarPrincipal` renders to `Principal: *`. Most of the time, you + * should use `AnyPrincipal` instead. + */ +export class StarPrincipal extends PrincipalBase { + public readonly policyFragment: PrincipalPolicyFragment = { + principalJson: { [LITERAL_STRING_KEY]: ['*'] }, + conditions: {}, + }; + + public toString() { + return 'StarPrincipal()'; + } +} + /** * Represents a principal that has multiple types of principals. A composite principal cannot * have conditions. i.e. multiple ServicePrincipals that form a composite principal diff --git a/packages/@aws-cdk/aws-iam/lib/util.ts b/packages/@aws-cdk/aws-iam/lib/util.ts index 19fcbffe09639..11ef02a44ff5c 100644 --- a/packages/@aws-cdk/aws-iam/lib/util.ts +++ b/packages/@aws-cdk/aws-iam/lib/util.ts @@ -4,6 +4,8 @@ import { IPolicy } from './policy'; const MAX_POLICY_NAME_LEN = 128; +export const LITERAL_STRING_KEY = 'LiteralString'; + export function undefinedIfEmpty(f: () => string[]): string[] { return Lazy.list({ produce: () => { @@ -67,10 +69,18 @@ export class AttachedPolicies { /** * Merge two dictionaries that represent IAM principals + * + * Does an in-place merge. */ export function mergePrincipal(target: { [key: string]: string[] }, source: { [key: string]: string[] }) { + // If one represents a literal string, the other one must be empty + if ((LITERAL_STRING_KEY in source && !isEmptyObject(target)) || + (LITERAL_STRING_KEY in target && !isEmptyObject(source))) { + throw new Error(`Cannot merge principals ${JSON.stringify(target)} and ${JSON.stringify(source)}; if one uses a literal principal string the other one must be empty`); + } + for (const key of Object.keys(source)) { - target[key] = target[key] || []; + target[key] = target[key] ?? []; let value = source[key]; if (!Array.isArray(value)) { @@ -123,4 +133,8 @@ export class UniqueStringSet implements IResolvable, IPostProcessor { public toString(): string { return Token.asString(this); } +} + +function isEmptyObject(x: { [key: string]: any }): boolean { + return Object.keys(x).length === 0; } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iam/test/policy-document.test.ts b/packages/@aws-cdk/aws-iam/test/policy-document.test.ts index c548b1aeb63fd..bf93e31901c6c 100644 --- a/packages/@aws-cdk/aws-iam/test/policy-document.test.ts +++ b/packages/@aws-cdk/aws-iam/test/policy-document.test.ts @@ -764,6 +764,7 @@ describe('IAM policy document', () => { }); }).toThrow(/Statement must be an array/); }); + }); test('adding another condition with the same operator does not delete the original', () => { diff --git a/packages/@aws-cdk/aws-iam/test/policy-statement.test.ts b/packages/@aws-cdk/aws-iam/test/policy-statement.test.ts index 929343ac240c7..09b6e30b1e4c0 100644 --- a/packages/@aws-cdk/aws-iam/test/policy-statement.test.ts +++ b/packages/@aws-cdk/aws-iam/test/policy-statement.test.ts @@ -39,7 +39,32 @@ describe('IAM policy statement', () => { const doc2 = PolicyDocument.fromJson(doc1.toJSON()); expect(stack.resolve(doc2)).toEqual(stack.resolve(doc1)); + }); + + test('should not convert `Principal: *` to `Principal: { AWS: * }`', () => { + const stack = new Stack(); + const s = PolicyStatement.fromJson({ + Action: ['service:action1'], + Principal: '*', + Resource: '*', + }); + + const doc1 = new PolicyDocument(); + doc1.addStatements(s); + + const rendered = stack.resolve(doc1); + expect(rendered).toEqual({ + Statement: [ + { + Action: 'service:action1', + Effect: 'Allow', + Principal: '*', + Resource: '*', + }, + ], + Version: '2012-10-17', + }); }); test('parses a given notPrincipal', () => { diff --git a/packages/@aws-cdk/aws-iam/test/principals.test.ts b/packages/@aws-cdk/aws-iam/test/principals.test.ts index 1914f174adfd4..1bf7d47950875 100644 --- a/packages/@aws-cdk/aws-iam/test/principals.test.ts +++ b/packages/@aws-cdk/aws-iam/test/principals.test.ts @@ -167,6 +167,35 @@ test('SAML principal', () => { }); }); +test('StarPrincipal', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const pol = new iam.PolicyDocument({ + statements: [ + new iam.PolicyStatement({ + actions: ['service:action'], + resources: ['*'], + principals: [new iam.StarPrincipal()], + }), + ], + }); + + // THEN + expect(stack.resolve(pol)).toEqual({ + Statement: [ + { + Action: 'service:action', + Effect: 'Allow', + Principal: '*', + Resource: '*', + }, + ], + Version: '2012-10-17', + }); +}); + test('PrincipalWithConditions.addCondition should work', () => { // GIVEN const stack = new Stack(); diff --git a/packages/@aws-cdk/aws-msk/lib/cluster.ts b/packages/@aws-cdk/aws-msk/lib/cluster.ts index be29d3a7a749d..8dfdae4561004 100644 --- a/packages/@aws-cdk/aws-msk/lib/cluster.ts +++ b/packages/@aws-cdk/aws-msk/lib/cluster.ts @@ -540,7 +540,7 @@ export class Cluster extends ClusterBase { new iam.PolicyStatement({ sid: 'Allow access through AWS Secrets Manager for all principals in the account that are authorized to use AWS Secrets Manager', - principals: [new iam.Anyone()], + principals: [new iam.AnyPrincipal()], actions: [ 'kms:Encrypt', 'kms:Decrypt', From 5436ce27a39499d019d45c0f2bb523d5e9d17607 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 7 Oct 2021 13:46:20 +0200 Subject: [PATCH 37/43] docs(apigateway): make examples compile (#16825) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-apigateway/README.md | 200 ++++++++++++------ .../@aws-cdk/aws-apigateway/lib/access-log.ts | 20 +- .../aws-apigateway/lib/api-definition.ts | 3 +- .../aws-apigateway/lib/integrations/lambda.ts | 5 +- .../@aws-cdk/aws-apigateway/lib/method.ts | 9 +- .../aws-apigateway/rosetta/default.ts-fixture | 17 ++ .../test/integ.restapi-import.lit.ts | 8 +- 7 files changed, 177 insertions(+), 85 deletions(-) create mode 100644 packages/@aws-cdk/aws-apigateway/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-apigateway/README.md b/packages/@aws-cdk/aws-apigateway/README.md index 620b728b91435..4789a8cc62410 100644 --- a/packages/@aws-cdk/aws-apigateway/README.md +++ b/packages/@aws-cdk/aws-apigateway/README.md @@ -11,7 +11,6 @@ - Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. Create an API to access data, business logic, or functionality from your back-end services, such @@ -79,7 +78,7 @@ The following code defines a REST API that routes all requests to the specified AWS Lambda function: ```ts -const backend = new lambda.Function(...); +declare const backend: lambda.Function; new apigateway.LambdaRestApi(this, 'myapi', { handler: backend, }); @@ -89,7 +88,7 @@ You can also supply `proxy: false`, in which case you will have to explicitly define the API model: ```ts -const backend = new lambda.Function(...); +declare const backend: lambda.Function; const api = new apigateway.LambdaRestApi(this, 'myapi', { handler: backend, proxy: false @@ -134,7 +133,9 @@ The following example shows how to integrate the `GET /book/{book_id}` method to an AWS Lambda function: ```ts -const getBookHandler = new lambda.Function(...); +declare const getBookHandler: lambda.Function; +declare const book: apigateway.Resource; + const getBookIntegration = new apigateway.LambdaIntegration(getBookHandler); book.addMethod('GET', getBookIntegration); ``` @@ -142,6 +143,9 @@ book.addMethod('GET', getBookIntegration); Integration options can be optionally be specified: ```ts +declare const getBookHandler: lambda.Function; +declare const getBookIntegration: apigateway.LambdaIntegration; + const getBookIntegration = new apigateway.LambdaIntegration(getBookHandler, { contentHandling: apigateway.ContentHandling.CONVERT_TO_TEXT, // convert to base64 credentialsPassthrough: true, // use caller identity to invoke the function @@ -151,6 +155,9 @@ const getBookIntegration = new apigateway.LambdaIntegration(getBookHandler, { Method options can optionally be specified when adding methods: ```ts +declare const book: apigateway.Resource; +declare const getBookIntegration: apigateway.LambdaIntegration; + book.addMethod('GET', getBookIntegration, { authorizationType: apigateway.AuthorizationType.IAM, apiKeyRequired: true @@ -162,9 +169,9 @@ It is possible to also integrate with AWS services in a different region. The fo ```ts const getMessageIntegration = new apigateway.AwsIntegration({ - service: 'sqs', - path: 'queueName', - region: 'eu-west-1' + service: 'sqs', + path: 'queueName', + region: 'eu-west-1' }); ``` @@ -172,11 +179,13 @@ const getMessageIntegration = new apigateway.AwsIntegration({ A usage plan specifies who can access one or more deployed API stages and methods, and the rate at which they can be accessed. The plan uses API keys to identify API clients and meters access to the associated API stages for each key. -Usage plans also allow configuring throttling limits and quota limits that are enforced on individual client API keys. +Usage plans also allow configuring throttling limits and quota limits that are enforced on individual client API keys. The following example shows how to create and asscociate a usage plan and an API key: ```ts +declare const integration: apigateway.LambdaIntegration; + const api = new apigateway.RestApi(this, 'hello-api'); const v1 = api.root.addResource('v1'); @@ -198,6 +207,10 @@ plan.addApiKey(key); To associate a plan to a given RestAPI stage: ```ts +declare const plan: apigateway.UsagePlan; +declare const api: apigateway.RestApi; +declare const echoMethod: apigateway.Method; + plan.addApiStage({ stage: api.deploymentStage, throttle: [ @@ -215,13 +228,14 @@ plan.addApiStage({ Existing usage plans can be imported into a CDK app using its id. ```ts -const importedUsagePlan = UsagePlan.fromUsagePlanId(stack, 'imported-usage-plan', ''); +const importedUsagePlan = apigateway.UsagePlan.fromUsagePlanId(this, 'imported-usage-plan', ''); ``` The name and value of the API Key can be specified at creation; if not provided, a name and value will be automatically generated by API Gateway. ```ts +declare const api: apigateway.RestApi; const key = api.addApiKey('ApiKey', { apiKeyName: 'myApiKey1', value: 'MyApiKeyThatIsAtLeast20Characters', @@ -231,14 +245,16 @@ const key = api.addApiKey('ApiKey', { Existing API keys can also be imported into a CDK app using its id. ```ts -const importedKey = ApiKey.fromApiKeyId(this, 'imported-key', ''); +const importedKey = apigateway.ApiKey.fromApiKeyId(this, 'imported-key', ''); ``` The "grant" methods can be used to give prepackaged sets of permissions to other resources. The following code provides read permission to an API key. ```ts -importedKey.grantRead(lambda); +declare const importedKey: apigateway.ApiKey; +declare const lambdaFn: lambda.Function; +importedKey.grantRead(lambdaFn); ``` ### ⚠️ Multiple API Keys @@ -254,6 +270,9 @@ being deleted remain unchanged. Make note of the logical ids of these API keys before removing any, and set it as part of the `addApiKey()` method: ```ts +declare const usageplan: apigateway.UsagePlan; +declare const apiKey: apigateway.ApiKey; + usageplan.addApiKey(apiKey, { overrideLogicalId: '...', }); @@ -271,6 +290,8 @@ The API key created has the specified rate limits, such as quota and throttles, The following example shows how to use a rate limited api key : ```ts +declare const api: apigateway.RestApi; + const key = new apigateway.RateLimitedApiKey(this, 'rate-limited-api-key', { customerId: 'hello-customer', resources: [api], @@ -300,7 +321,9 @@ const resource = api.root.addResource('v1'); You can define more parameters on the integration to tune the behavior of API Gateway ```ts -const integration = new LambdaIntegration(hello, { +declare const hello: lambda.Function; + +const integration = new apigateway.LambdaIntegration(hello, { proxy: false, requestParameters: { // You can define mapping parameters from your method to your integration @@ -317,7 +340,7 @@ const integration = new LambdaIntegration(hello, { 'application/json': JSON.stringify({ action: 'sayHello', pollId: "$util.escapeJavaScript($input.params('who'))" }) }, // This parameter defines the behavior of the engine is no suitable response template is found - passthroughBehavior: PassthroughBehavior.NEVER, + passthroughBehavior: apigateway.PassthroughBehavior.NEVER, integrationResponses: [ { // Successful response from the Lambda function, no filter defined @@ -360,17 +383,19 @@ const integration = new LambdaIntegration(hello, { You can define models for your responses (and requests) ```ts +declare const api: apigateway.RestApi; + // We define the JSON Schema for the transformed valid response const responseModel = api.addModel('ResponseModel', { contentType: 'application/json', modelName: 'ResponseModel', schema: { - schema: JsonSchemaVersion.DRAFT4, + schema: apigateway.JsonSchemaVersion.DRAFT4, title: 'pollResponse', - type: JsonSchemaType.OBJECT, + type: apigateway.JsonSchemaType.OBJECT, properties: { - state: { type: JsonSchemaType.STRING }, - greeting: { type: JsonSchemaType.STRING } + state: { type: apigateway.JsonSchemaType.STRING }, + greeting: { type: apigateway.JsonSchemaType.STRING } } } }); @@ -380,12 +405,12 @@ const errorResponseModel = api.addModel('ErrorResponseModel', { contentType: 'application/json', modelName: 'ErrorResponseModel', schema: { - schema: JsonSchemaVersion.DRAFT4, + schema: apigateway.JsonSchemaVersion.DRAFT4, title: 'errorResponse', - type: JsonSchemaType.OBJECT, + type: apigateway.JsonSchemaType.OBJECT, properties: { - state: { type: JsonSchemaType.STRING }, - message: { type: JsonSchemaType.STRING } + state: { type: apigateway.JsonSchemaType.STRING }, + message: { type: apigateway.JsonSchemaType.STRING } } } }); @@ -395,6 +420,11 @@ const errorResponseModel = api.addModel('ErrorResponseModel', { And reference all on your method definition. ```ts +declare const integration: apigateway.LambdaIntegration; +declare const resource: apigateway.Resource; +declare const responseModel: apigateway.Model; +declare const errorResponseModel: apigateway.Model; + resource.addMethod('GET', integration, { // We can mark the parameters as required requestParameters: { @@ -405,7 +435,7 @@ resource.addMethod('GET', integration, { requestValidatorName: 'test-validator', validateRequestBody: true, validateRequestParameters: false - } + }, methodResponses: [ { // Successful response from the integration @@ -455,12 +485,12 @@ integration. This means that all API methods that do not explicitly define an integration will be routed to this AWS Lambda function. ```ts -const booksBackend = new apigateway.LambdaIntegration(...); +declare const booksBackend: apigateway.LambdaIntegration; const api = new apigateway.RestApi(this, 'books', { defaultIntegration: booksBackend }); -const books = new api.root.addResource('books'); +const books = api.root.addResource('books'); books.addMethod('GET'); // integrated with `booksBackend` books.addMethod('POST'); // integrated with `booksBackend` @@ -477,8 +507,10 @@ Read more about authorization scopes Authorization scopes for a Method can be configured using the `authorizationScopes` property as shown below - ```ts +declare const books: apigateway.Resource; + books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), { - authorizationType: AuthorizationType.COGNITO, + authorizationType: apigateway.AuthorizationType.COGNITO, authorizationScopes: ['Scope1','Scope2'] }); ``` @@ -489,8 +521,10 @@ The `addProxy` method can be used to install a greedy `{proxy+}` resource on a path. By default, this also installs an `"ANY"` method: ```ts +declare const resource: apigateway.Resource; +declare const handler: lambda.Function; const proxy = resource.addProxy({ - defaultIntegration: new LambdaIntegration(handler), + defaultIntegration: new apigateway.LambdaIntegration(handler), // "false" will require explicitly adding methods on the `proxy` resource anyMethod: true // "true" is the default @@ -507,6 +541,9 @@ that can be used for controlling access to your REST APIs. The following CDK code provides 'execute-api' permission to an IAM user, via IAM policies, for the 'GET' method on the `books` resource: ```ts +declare const books: apigateway.Resource; +declare const iamUser: iam.User; + const getBooks = books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), { authorizationType: apigateway.AuthorizationType.IAM }); @@ -541,10 +578,8 @@ inputs and outputs of the Lambda handler. The following code attaches a token-based Lambda authorizer to the 'GET' Method of the Book resource: ```ts -const authFn = new lambda.Function(this, 'booksAuthorizerLambda', { - // ... - // ... -}); +declare const authFn: lambda.Function; +declare const books: apigateway.Resource; const auth = new apigateway.TokenAuthorizer(this, 'booksAuthorizer', { handler: authFn @@ -583,14 +618,12 @@ inputs and outputs of the Lambda handler. The following code attaches a request-based Lambda authorizer to the 'GET' Method of the Book resource: ```ts -const authFn = new lambda.Function(this, 'booksAuthorizerLambda', { - // ... - // ... -}); +declare const authFn: lambda.Function; +declare const books: apigateway.Resource; const auth = new apigateway.RequestAuthorizer(this, 'booksAuthorizer', { handler: authFn, - identitySources: [IdentitySource.header('Authorization')] + identitySources: [apigateway.IdentitySource.header('Authorization')] }); books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), { @@ -616,12 +649,13 @@ API Gateway also allows [Amazon Cognito user pools as authorizer](https://docs.a The following snippet configures a Cognito user pool as an authorizer: ```ts -const userPool = new cognito.UserPool(stack, 'UserPool'); +const userPool = new cognito.UserPool(this, 'UserPool'); const auth = new apigateway.CognitoUserPoolsAuthorizer(this, 'booksAuthorizer', { cognitoUserPools: [userPool] }); +declare const books: apigateway.Resource; books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), { authorizer: auth, authorizationType: apigateway.AuthorizationType.COGNITO, @@ -633,11 +667,13 @@ books.addMethod('GET', new apigateway.HttpIntegration('http://amazon.com'), { Mutual TLS can be configured to limit access to your API based by using client certificates instead of (or as an extension of) using authorization headers. ```ts -new apigw.DomainName(this, 'domain-name', { +declare const acm: any; + +new apigateway.DomainName(this, 'domain-name', { domainName: 'example.com', certificate: acm.Certificate.fromCertificateArn(this, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'), mtls: { - bucket: new Bucket(this, 'bucket'), + bucket: new s3.Bucket(this, 'bucket'), key: 'truststore.pem', version: 'version', }, @@ -712,7 +748,9 @@ To associate an API with a custom domain, use the `domainName` configuration whe you define your API: ```ts -const api = new apigw.RestApi(this, 'MyDomain', { +declare const acmCertificateForExampleCom: any; + +const api = new apigateway.RestApi(this, 'MyDomain', { domainName: { domainName: 'example.com', certificate: acmCertificateForExampleCom, @@ -734,6 +772,9 @@ CNAME records only for subdomains.) import * as route53 from '@aws-cdk/aws-route53'; import * as targets from '@aws-cdk/aws-route53-targets'; +declare const api: apigateway.RestApi; +declare const hostedZoneForExampleCom: any; + new route53.ARecord(this, 'CustomDomainAliasRecord', { zone: hostedZoneForExampleCom, target: route53.RecordTarget.fromAlias(new targets.ApiGateway(api)) @@ -743,11 +784,13 @@ new route53.ARecord(this, 'CustomDomainAliasRecord', { You can also define a `DomainName` resource directly in order to customize the default behavior: ```ts -new apigw.DomainName(this, 'custom-domain', { +declare const acmCertificateForExampleCom: any; + +new apigateway.DomainName(this, 'custom-domain', { domainName: 'example.com', certificate: acmCertificateForExampleCom, - endpointType: apigw.EndpointType.EDGE, // default is REGIONAL - securityPolicy: apigw.SecurityPolicy.TLS_1_2 + endpointType: apigateway.EndpointType.EDGE, // default is REGIONAL + securityPolicy: apigateway.SecurityPolicy.TLS_1_2 }); ``` @@ -756,6 +799,10 @@ The following example will map the URL to the `api1` API and to the `api2` API. ```ts +declare const domain: apigateway.DomainName; +declare const api1: apigateway.RestApi; +declare const api2: apigateway.RestApi; + domain.addBasePathMapping(api1, { basePath: 'go-to-api1' }); domain.addBasePathMapping(api2, { basePath: 'boom' }); ``` @@ -764,10 +811,13 @@ You can specify the API `Stage` to which this base path URL will map to. By defa `deploymentStage` of the `RestApi`. ```ts -const betaDeploy = new Deployment(this, 'beta-deployment', { +declare const domain: apigateway.DomainName; +declare const restapi: apigateway.RestApi; + +const betaDeploy = new apigateway.Deployment(this, 'beta-deployment', { api: restapi, }); -const betaStage = new Stage(this, 'beta-stage', { +const betaStage = new apigateway.Stage(this, 'beta-stage', { deployment: betaDeploy, }); domain.addBasePathMapping(restapi, { basePath: 'api/beta', stage: betaStage }); @@ -777,6 +827,8 @@ If you don't specify `basePath`, all URLs under this domain will be mapped to the API, and you won't be able to map another API to the same domain: ```ts +declare const domain: apigateway.DomainName; +declare const api: apigateway.RestApi; domain.addBasePathMapping(api); ``` @@ -786,6 +838,9 @@ domain as demonstrated above. If you wish to setup this domain with an Amazon Route53 alias, use the `targets.ApiGatewayDomain`: ```ts +declare const hostedZoneForExampleCom: any; +declare const domainName: apigateway.DomainName; + import * as route53 from '@aws-cdk/aws-route53'; import * as targets from '@aws-cdk/aws-route53-targets'; @@ -809,17 +864,17 @@ Gateway](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-log ```ts // production stage -const prdLogGroup = new cwlogs.LogGroup(this, "PrdLogs"); +const prdLogGroup = new logs.LogGroup(this, "PrdLogs"); const api = new apigateway.RestApi(this, 'books', { deployOptions: { accessLogDestination: new apigateway.LogGroupLogDestination(prdLogGroup), accessLogFormat: apigateway.AccessLogFormat.jsonWithStandardFields() } }) -const deployment = new apigateway.Deployment(stack, 'Deployment', {api}); +const deployment = new apigateway.Deployment(this, 'Deployment', {api}); // development stage -const devLogGroup = new cwlogs.LogGroup(this, "DevLogs"); +const devLogGroup = new logs.LogGroup(this, "DevLogs"); new apigateway.Stage(this, 'dev', { deployment, accessLogDestination: new apigateway.LogGroupLogDestination(devLogGroup), @@ -840,7 +895,7 @@ new apigateway.Stage(this, 'dev', { The following code will generate the access log in the [CLF format](https://en.wikipedia.org/wiki/Common_Log_Format). ```ts -const logGroup = new cwlogs.LogGroup(this, "ApiGatewayAccessLogs"); +const logGroup = new logs.LogGroup(this, "ApiGatewayAccessLogs"); const api = new apigateway.RestApi(this, 'books', { deployOptions: { accessLogDestination: new apigateway.LogGroupLogDestination(logGroup), @@ -852,12 +907,12 @@ You can also configure your own access log format by using the `AccessLogFormat. `AccessLogField` provides commonly used fields. The following code configures access log to contain. ```ts -const logGroup = new cwlogs.LogGroup(this, "ApiGatewayAccessLogs"); +const logGroup = new logs.LogGroup(this, "ApiGatewayAccessLogs"); new apigateway.RestApi(this, 'books', { deployOptions: { accessLogDestination: new apigateway.LogGroupLogDestination(logGroup), accessLogFormat: apigateway.AccessLogFormat.custom( - `${AccessLogField.contextRequestId()} ${AccessLogField.contextErrorMessage()} ${AccessLogField.contextErrorMessageString()}` + `${apigateway.AccessLogField.contextRequestId()} ${apigateway.AccessLogField.contextErrorMessage()} ${apigateway.AccessLogField.contextErrorMessageString()}` ) } }); @@ -924,6 +979,8 @@ The following example will add an OPTIONS method to the `myResource` API resourc only allows GET and PUT HTTP requests from the origin ```ts +declare const myResource: apigateway.Resource; + myResource.addCorsPreflight({ allowOrigins: [ 'https://amazon.com' ], allowMethods: [ 'GET', 'PUT' ] @@ -937,6 +994,8 @@ API reference for a detailed list of supported configuration options. You can specify defaults this at the resource level, in which case they will be applied to the entire resource sub-tree: ```ts +declare const resource: apigateway.Resource; + const subtree = resource.addResource('subtree', { defaultCorsPreflightOptions: { allowOrigins: [ 'https://amazon.com' ] @@ -957,9 +1016,9 @@ API gateway allows you to specify an To define an endpoint type for the API gateway, use `endpointConfiguration` property: ```ts -const api = new apigw.RestApi(stack, 'api', { +const api = new apigateway.RestApi(this, 'api', { endpointConfiguration: { - types: [ apigw.EndpointType.EDGE ] + types: [ apigateway.EndpointType.EDGE ] } }); ``` @@ -972,10 +1031,11 @@ Route53 Alias DNS record which you can use to invoke your private APIs. More inf Here is an example: ```ts -const someEndpoint: IVpcEndpoint = /* Get or Create endpoint here */ -const api = new apigw.RestApi(stack, 'api', { +declare const someEndpoint: ec2.IVpcEndpoint; + +const api = new apigateway.RestApi(this, 'api', { endpointConfiguration: { - types: [ apigw.EndpointType.PRIVATE ], + types: [ apigateway.EndpointType.PRIVATE ], vpcEndpoints: [ someEndpoint ] } }); @@ -998,18 +1058,20 @@ Method. The following code sets up a private integration with a network load balancer - ```ts -const vpc = new ec2.Vpc(stack, 'VPC'); -const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; + +const vpc = new ec2.Vpc(this, 'VPC'); +const nlb = new elbv2.NetworkLoadBalancer(this, 'NLB', { vpc, }); -const link = new apigw.VpcLink(stack, 'link', { +const link = new apigateway.VpcLink(this, 'link', { targets: [nlb], }); -const integration = new apigw.Integration({ - type: apigw.IntegrationType.HTTP_PROXY, +const integration = new apigateway.Integration({ + type: apigateway.IntegrationType.HTTP_PROXY, options: { - connectionType: apigw.ConnectionType.VPC_LINK, + connectionType: apigateway.ConnectionType.VPC_LINK, vpcLink: link, }, }); @@ -1023,9 +1085,7 @@ property. Any existing `VpcLink` resource can be imported into the CDK app via the `VpcLink.fromVpcLinkId()`. ```ts -const stack = new Stack(app, 'my-stack'); - -const awesomeLink = VpcLink.fromVpcLinkId(stack, 'awesome-vpc-link', 'us-east-1_oiuR12Abd'); +const awesomeLink = apigateway.VpcLink.fromVpcLinkId(this, 'awesome-vpc-link', 'us-east-1_oiuR12Abd'); ``` ## Gateway response @@ -1042,7 +1102,7 @@ The following code configures a Gateway Response when the response is 'access de ```ts const api = new apigateway.RestApi(this, 'books-api'); api.addGatewayResponse('test-response', { - type: ResponseType.ACCESS_DENIED, + type: apigateway.ResponseType.ACCESS_DENIED, statusCode: '500', responseHeaders: { 'Access-Control-Allow-Origin': "test.com", @@ -1063,12 +1123,14 @@ OpenAPI](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gatewa The following code creates a REST API using an external OpenAPI definition JSON file - ```ts +declare const integration: apigateway.Integration; + const api = new apigateway.SpecRestApi(this, 'books-api', { apiDefinition: apigateway.ApiDefinition.fromAsset('path-to-file.json') }); const booksResource = api.root.addResource('books') -booksResource.addMethod('GET', ...); +booksResource.addMethod('GET', integration); ``` It is possible to use the `addResource()` API to define additional API Gateway Resources. @@ -1095,8 +1157,10 @@ By default, `SpecRestApi` will create an edge optimized endpoint. This can be modified as shown below: ```ts +declare const apiDefinition: apigateway.ApiDefinition; + const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', { - // ... + apiDefinition, endpointTypes: [apigateway.EndpointType.PRIVATE] }); ``` @@ -1114,7 +1178,7 @@ The APIs with the `metric` prefix can be used to get reference to specific metri the method below refers to the client side errors metric for this API. ```ts -const api = new apigw.RestApi(stack, 'my-api'); +const api = new apigateway.RestApi(this, 'my-api'); const clientErrorMetric = api.metricClientError(); ``` diff --git a/packages/@aws-cdk/aws-apigateway/lib/access-log.ts b/packages/@aws-cdk/aws-apigateway/lib/access-log.ts index 726a6928315ee..bc73b13d78604 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/access-log.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/access-log.ts @@ -486,15 +486,17 @@ export class AccessLogFormat { * Custom log format. * You can create any log format string. You can easily get the $ context variable by using the methods of AccessLogField. * @param format - * @example custom(JSON.stringify({ - * requestId: AccessLogField.contextRequestId(), - * sourceIp: AccessLogField.contextIdentitySourceIp(), - * method: AccessLogFiled.contextHttpMethod(), - * userContext: { - * sub: AccessLogField.contextAuthorizerClaims('sub'), - * email: AccessLogField.contextAuthorizerClaims('email') - * } - * })) + * @example + * + * apigateway.AccessLogFormat.custom(JSON.stringify({ + * requestId: apigateway.AccessLogField.contextRequestId(), + * sourceIp: apigateway.AccessLogField.contextIdentitySourceIp(), + * method: apigateway.AccessLogField.contextHttpMethod(), + * userContext: { + * sub: apigateway.AccessLogField.contextAuthorizerClaims('sub'), + * email: apigateway.AccessLogField.contextAuthorizerClaims('email') + * } + * })) */ public static custom(format: string): AccessLogFormat { return new AccessLogFormat(format); diff --git a/packages/@aws-cdk/aws-apigateway/lib/api-definition.ts b/packages/@aws-cdk/aws-apigateway/lib/api-definition.ts index 7b138cfcf23d1..850087920f152 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/api-definition.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/api-definition.ts @@ -21,7 +21,8 @@ export abstract class ApiDefinition { * schema of OpenAPI 2.0 or OpenAPI 3.0 * * @example - * ApiDefinition.fromInline({ + * + * apigateway.ApiDefinition.fromInline({ * openapi: '3.0.2', * paths: { * '/pets': { diff --git a/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts b/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts index 97772fe7eddb5..fb0c9a1e84934 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/integrations/lambda.ts @@ -32,8 +32,9 @@ export interface LambdaIntegrationOptions extends IntegrationOptions { * * @example * - * const handler = new lambda.Function(this, 'MyFunction', ...); - * api.addMethod('GET', new LambdaIntegration(handler)); + * declare const resource: apigateway.Resource; + * declare const handler: lambda.Function; + * resource.addMethod('GET', new apigateway.LambdaIntegration(handler)); * */ export class LambdaIntegration extends AwsIntegration { diff --git a/packages/@aws-cdk/aws-apigateway/lib/method.ts b/packages/@aws-cdk/aws-apigateway/lib/method.ts index ff9c4aaef47dd..919d27e6573be 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/method.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/method.ts @@ -74,15 +74,18 @@ export interface MethodOptions { * * @example * + * declare const api: apigateway.RestApi; + * declare const userLambda: lambda.Function; + * * const userModel: apigateway.Model = api.addModel('UserModel', { * schema: { - * type: apigateway.JsonSchemaType.OBJECT + * type: apigateway.JsonSchemaType.OBJECT, * properties: { * userId: { - * type: apigateway.JsonSchema.STRING + * type: apigateway.JsonSchemaType.STRING * }, * name: { - * type: apigateway.JsonSchema.STRING + * type: apigateway.JsonSchemaType.STRING * } * }, * required: ['userId'] diff --git a/packages/@aws-cdk/aws-apigateway/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-apigateway/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..54f81e82e4460 --- /dev/null +++ b/packages/@aws-cdk/aws-apigateway/rosetta/default.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported, but nothing else +import { Construct, Stack } from '@aws-cdk/core'; +import apigateway = require('@aws-cdk/aws-apigateway'); +import cognito = require('@aws-cdk/aws-cognito'); +import lambda = require('@aws-cdk/aws-lambda'); +import iam = require('@aws-cdk/aws-iam'); +import s3 = require('@aws-cdk/aws-s3'); +import ec2 = require('@aws-cdk/aws-ec2'); +import logs = require('@aws-cdk/aws-logs'); + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/@aws-cdk/aws-apigateway/test/integ.restapi-import.lit.ts b/packages/@aws-cdk/aws-apigateway/test/integ.restapi-import.lit.ts index 2607281fbc923..77094eb60b600 100644 --- a/packages/@aws-cdk/aws-apigateway/test/integ.restapi-import.lit.ts +++ b/packages/@aws-cdk/aws-apigateway/test/integ.restapi-import.lit.ts @@ -31,7 +31,7 @@ class RootStack extends Stack { }); new DeployStack(this, { restApiId: restApi.restApiId, - methods: [...petsStack.methods, ...booksStack.methods], + methods: petsStack.methods.concat(booksStack.methods), }); new CfnOutput(this, 'PetsURL', { @@ -117,7 +117,11 @@ class DeployStack extends NestedStack { const deployment = new Deployment(this, 'Deployment', { api: RestApi.fromRestApiId(this, 'RestApi', props.restApiId), }); - (props.methods ?? []).forEach((method) => deployment.node.addDependency(method)); + if (props.methods) { + for (const method of props.methods) { + deployment.node.addDependency(method); + } + } new Stage(this, 'Stage', { deployment }); } } From b0752c5dcd0f1fa64b39d1b80ab2c0e0a99a72b0 Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Thu, 7 Oct 2021 13:34:51 +0100 Subject: [PATCH 38/43] fix(cloudfront): EdgeFunctions cannot be created when IDs contain spaces (#16845) The EdgeFunction uses a SSM string parameter under the hood to pass the Function ARN between the different regions. The name of the parameter is derived from the node path; this path may contain characters (e.g., spaces) that are invalid as SSM parameter names. Two fixes here: introduce new validation for SSM parameter names, and sanitize the path prior to passing to SSM. fixes #16832 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/experimental/edge-function.ts | 4 ++- .../test/experimental/edge-function.test.ts | 10 ++++++ packages/@aws-cdk/aws-ssm/lib/parameter.ts | 18 +++++++---- .../@aws-cdk/aws-ssm/test/parameter.test.ts | 32 +++++++++++++++++-- 4 files changed, 55 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts index a45bc0ce6db97..4a3974c2af632 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts @@ -148,7 +148,9 @@ export class EdgeFunction extends Resource implements lambda.IVersion { if (Token.isUnresolved(this.env.region)) { throw new Error('stacks which use EdgeFunctions must have an explicitly set region'); } - const parameterName = `${parameterNamePrefix}/${this.env.region}/${this.node.path}`; + // SSM parameter names must only contain letters, numbers, ., _, -, or /. + const sanitizedPath = this.node.path.replace(/[^\/\w.-]/g, '_'); + const parameterName = `${parameterNamePrefix}/${this.env.region}/${sanitizedPath}`; const functionStack = this.edgeStack(props.stackId); const edgeFunction = new lambda.Function(functionStack, id, props); diff --git a/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts index 4a22798eb48a1..55d6f3689103c 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts @@ -298,6 +298,16 @@ test('cross-region stack supports new-style synthesis with assets', () => { expect(() => app.synth()).not.toThrow(); }); +test('SSM parameter name is sanitized to remove disallowed characters', () => { + new cloudfront.experimental.EdgeFunction(stack, 'My Bad#Fn$Name-With.Bonus', defaultEdgeFunctionProps()); + + const fnStack = getFnStack(); + + expect(fnStack).toHaveResourceLike('AWS::SSM::Parameter', { + Name: '/cdk/EdgeFunctionArn/testregion/Stack/My_Bad_Fn_Name-With.Bonus', + }); +}); + function defaultEdgeFunctionProps(stackId?: string) { return { code: lambda.Code.fromInline('foo'), diff --git a/packages/@aws-cdk/aws-ssm/lib/parameter.ts b/packages/@aws-cdk/aws-ssm/lib/parameter.ts index a33759d7cf014..cbec2073cbe1f 100644 --- a/packages/@aws-cdk/aws-ssm/lib/parameter.ts +++ b/packages/@aws-cdk/aws-ssm/lib/parameter.ts @@ -430,9 +430,7 @@ export class StringParameter extends ParameterBase implements IStringParameter { _assertValidValue(props.stringValue, props.allowedPattern); } - if (this.physicalName.length > 2048) { - throw new Error('Name cannot be longer than 2048 characters.'); - } + validateParameterName(this.physicalName); if (props.description && props.description?.length > 1024) { throw new Error('Description cannot be longer than 1024 characters.'); @@ -497,9 +495,7 @@ export class StringListParameter extends ParameterBase implements IStringListPar props.stringListValue.forEach(str => _assertValidValue(str, props.allowedPattern!)); } - if (this.physicalName.length > 2048) { - throw new Error('Name cannot be longer than 2048 characters.'); - } + validateParameterName(this.physicalName); if (props.description && props.description?.length > 1024) { throw new Error('Description cannot be longer than 1024 characters.'); @@ -546,3 +542,13 @@ function _assertValidValue(value: string, allowedPattern: string): void { function makeIdentityForImportedValue(parameterName: string) { return `SsmParameterValue:${parameterName}:C96584B6-F00A-464E-AD19-53AFF4B05118`; } + +function validateParameterName(parameterName: string) { + if (Token.isUnresolved(parameterName)) { return; } + if (parameterName.length > 2048) { + throw new Error('name cannot be longer than 2048 characters.'); + } + if (!parameterName.match(/^[\/\w.-]+$/)) { + throw new Error(`name must only contain letters, numbers, and the following 4 symbols .-_/; got ${parameterName}`); + } +} diff --git a/packages/@aws-cdk/aws-ssm/test/parameter.test.ts b/packages/@aws-cdk/aws-ssm/test/parameter.test.ts index 2e40e4626cbd3..17b2af748d9ef 100644 --- a/packages/@aws-cdk/aws-ssm/test/parameter.test.ts +++ b/packages/@aws-cdk/aws-ssm/test/parameter.test.ts @@ -141,7 +141,21 @@ test('String SSM Parameter throws on long names', () => { Nam eget dui. Etiam rhoncus. Maecenas tempus, tellus eget condimentum rhoncus, sem quam semper libero, sit amet adipiscing \ sem neque sed ipsum.', }); - }).toThrow(/Name cannot be longer than 2048 characters./); + }).toThrow(/name cannot be longer than 2048 characters./); +}); + +test.each([ + '/parameter/with spaces', + 'charactersOtherThan^allowed', + 'trying;this', +])('String SSM Parameter throws on invalid name %s', (parameterName) => { + // GIVEN + const stack = new cdk.Stack(); + + // THEN + expect(() => { + new ssm.StringParameter(stack, 'Parameter', { stringValue: 'Foo', parameterName }); + }).toThrow(/name must only contain letters, numbers, and the following 4 symbols.*/); }); test('StringList SSM Parameter throws on long descriptions', () => { @@ -194,7 +208,21 @@ test('StringList SSM Parameter throws on long names', () => { Nam eget dui. Etiam rhoncus. Maecenas tempus, tellus eget condimentum rhoncus, sem quam semper libero, sit amet adipiscing \ sem neque sed ipsum.', }); - }).toThrow(/Name cannot be longer than 2048 characters./); + }).toThrow(/name cannot be longer than 2048 characters./); +}); + +test.each([ + '/parameter/with spaces', + 'charactersOtherThan^allowed', + 'trying;this', +])('StringList SSM Parameter throws on invalid name %s', (parameterName) => { + // GIVEN + const stack = new cdk.Stack(); + + // THEN + expect(() => { + new ssm.StringListParameter(stack, 'Parameter', { stringListValue: ['Foo'], parameterName }); + }).toThrow(/name must only contain letters, numbers, and the following 4 symbols.*/); }); test('StringList SSM Parameter values cannot contain commas', () => { From 6194ad48a7d76b75781d97b065cfe6287c20c1fb Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Thu, 7 Oct 2021 15:55:26 +0200 Subject: [PATCH 39/43] chore: npm-check-updates && yarn upgrade (#16847) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- package.json | 8 +- packages/@aws-cdk/aws-lightsail/package.json | 2 +- packages/aws-cdk/package.json | 2 +- packages/awslint/package.json | 4 +- packages/cdk-dasm/package.json | 2 +- packages/decdk/package.json | 4 +- tools/@aws-cdk/cdk-build-tools/package.json | 6 +- tools/@aws-cdk/cfn2ts/package.json | 2 +- yarn.lock | 182 +++++++++---------- 9 files changed, 106 insertions(+), 106 deletions(-) diff --git a/package.json b/package.json index 6ec755e06c01e..16119e88be83a 100644 --- a/package.json +++ b/package.json @@ -20,10 +20,10 @@ "fs-extra": "^9.1.0", "graceful-fs": "^4.2.8", "jest-junit": "^12.3.0", - "jsii-diff": "^1.36.0", - "jsii-pacmak": "^1.36.0", - "jsii-reflect": "^1.36.0", - "jsii-rosetta": "^1.36.0", + "jsii-diff": "^1.38.0", + "jsii-pacmak": "^1.38.0", + "jsii-reflect": "^1.38.0", + "jsii-rosetta": "^1.38.0", "lerna": "^4.0.0", "patch-package": "^6.4.7", "standard-version": "^9.3.1", diff --git a/packages/@aws-cdk/aws-lightsail/package.json b/packages/@aws-cdk/aws-lightsail/package.json index d78b43898b89c..4af08f90eb479 100644 --- a/packages/@aws-cdk/aws-lightsail/package.json +++ b/packages/@aws-cdk/aws-lightsail/package.json @@ -81,7 +81,7 @@ "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", - "@types/jest": "^26.0.22" + "@types/jest": "^26.0.24" }, "dependencies": { "@aws-cdk/core": "0.0.0" diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 69053b354d79c..9df63052c00c5 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -71,7 +71,7 @@ "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@jsii/check-node": "1.36.0", + "@jsii/check-node": "1.38.0", "archiver": "^5.3.0", "aws-sdk": "^2.979.0", "camelcase": "^6.2.0", diff --git a/packages/awslint/package.json b/packages/awslint/package.json index bd292947d4fb4..c3303317ce6e8 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -18,11 +18,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.36.0", + "@jsii/spec": "^1.38.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.36.0", + "jsii-reflect": "^1.38.0", "yargs": "^16.2.0" }, "devDependencies": { diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index d781a93ec1e56..b0fc6a3e4d5d4 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -28,7 +28,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.36.0", + "codemaker": "^1.38.0", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 88e8392ad3741..2032a5a1de378 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -243,7 +243,7 @@ "@aws-cdk/region-info": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.36.0", + "jsii-reflect": "^1.38.0", "jsonschema": "^1.4.0", "yaml": "1.10.2", "yargs": "^16.2.0" @@ -254,7 +254,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.14", "jest": "^26.6.3", - "jsii": "^1.36.0" + "jsii": "^1.38.0" }, "keywords": [ "aws", diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index 808d73fca527a..e3ea1cbc93a34 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -55,9 +55,9 @@ "fs-extra": "^9.1.0", "jest": "^26.6.3", "jest-junit": "^11.1.0", - "jsii": "^1.36.0", - "jsii-pacmak": "^1.36.0", - "jsii-reflect": "^1.36.0", + "jsii": "^1.38.0", + "jsii-pacmak": "^1.38.0", + "jsii-reflect": "^1.38.0", "markdownlint-cli": "^0.29.0", "nyc": "^15.1.0", "semver": "^7.3.5", diff --git a/tools/@aws-cdk/cfn2ts/package.json b/tools/@aws-cdk/cfn2ts/package.json index 92dbf591de580..c1a2f4c805fec 100644 --- a/tools/@aws-cdk/cfn2ts/package.json +++ b/tools/@aws-cdk/cfn2ts/package.json @@ -32,7 +32,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.36.0", + "codemaker": "^1.38.0", "fast-json-patch": "^3.1.0", "fs-extra": "^9.1.0", "yargs": "^16.2.0" diff --git a/yarn.lock b/yarn.lock index f37ef2380facc..27c96a200ce69 100644 --- a/yarn.lock +++ b/yarn.lock @@ -32,10 +32,10 @@ dependencies: "@babel/highlight" "^7.10.4" -"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.14.5": - version "7.14.5" - resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.14.5.tgz#23b08d740e83f49c5e59945fbf1b43e80bbf4edb" - integrity sha512-9pzDqyc6OLDaqe+zbACgFkb6fKMNG6CObKpnYXChRsvYGyEdc7CA2BaqeOM+vOtCS5ndmJicPJhKAwYRI6UfFw== +"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.14.5", "@babel/code-frame@^7.15.8": + version "7.15.8" + resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.15.8.tgz#45990c47adadb00c03677baa89221f7cc23d2503" + integrity sha512-2IAnmn8zbvC/jKYhq5Ki9I+DwjlrtMPUCH/CpHvqI4dNnlwHwsxoIhlc8WcYY5LSYknXQtAlFYuHfqAFCvQ4Wg== dependencies: "@babel/highlight" "^7.14.5" @@ -45,19 +45,19 @@ integrity sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA== "@babel/core@^7.1.0", "@babel/core@^7.7.5": - version "7.15.5" - resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.15.5.tgz#f8ed9ace730722544609f90c9bb49162dc3bf5b9" - integrity sha512-pYgXxiwAgQpgM1bNkZsDEq85f0ggXMA5L7c+o3tskGMh2BunCI9QUwB9Z4jpvXUOuMdyGKiGKQiRe11VS6Jzvg== + version "7.15.8" + resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.15.8.tgz#195b9f2bffe995d2c6c159e72fe525b4114e8c10" + integrity sha512-3UG9dsxvYBMYwRv+gS41WKHno4K60/9GPy1CJaH6xy3Elq8CTtvtjT5R5jmNhXfCYLX2mTw+7/aq5ak/gOE0og== dependencies: - "@babel/code-frame" "^7.14.5" - "@babel/generator" "^7.15.4" + "@babel/code-frame" "^7.15.8" + "@babel/generator" "^7.15.8" "@babel/helper-compilation-targets" "^7.15.4" - "@babel/helper-module-transforms" "^7.15.4" + "@babel/helper-module-transforms" "^7.15.8" "@babel/helpers" "^7.15.4" - "@babel/parser" "^7.15.5" + "@babel/parser" "^7.15.8" "@babel/template" "^7.15.4" "@babel/traverse" "^7.15.4" - "@babel/types" "^7.15.4" + "@babel/types" "^7.15.6" convert-source-map "^1.7.0" debug "^4.1.0" gensync "^1.0.0-beta.2" @@ -65,12 +65,12 @@ semver "^6.3.0" source-map "^0.5.0" -"@babel/generator@^7.15.4": - version "7.15.4" - resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.15.4.tgz#85acb159a267ca6324f9793986991ee2022a05b0" - integrity sha512-d3itta0tu+UayjEORPNz6e1T3FtvWlP5N4V5M+lhp/CxT4oAA7/NcScnpRyspUMLK6tu9MNHmQHxRykuN2R7hw== +"@babel/generator@^7.15.4", "@babel/generator@^7.15.8": + version "7.15.8" + resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.15.8.tgz#fa56be6b596952ceb231048cf84ee499a19c0cd1" + integrity sha512-ECmAKstXbp1cvpTTZciZCgfOt6iN64lR0d+euv3UZisU5awfRawOvg07Utn/qBGuH4bRIEZKrA/4LzZyXhZr8g== dependencies: - "@babel/types" "^7.15.4" + "@babel/types" "^7.15.6" jsesc "^2.5.1" source-map "^0.5.0" @@ -121,10 +121,10 @@ dependencies: "@babel/types" "^7.15.4" -"@babel/helper-module-transforms@^7.15.4": - version "7.15.7" - resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.15.7.tgz#7da80c8cbc1f02655d83f8b79d25866afe50d226" - integrity sha512-ZNqjjQG/AuFfekFTY+7nY4RgBSklgTu970c7Rj3m/JOhIu5KPBUuTA9AY6zaKcUvk4g6EbDXdBnhi35FAssdSw== +"@babel/helper-module-transforms@^7.15.8": + version "7.15.8" + resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.15.8.tgz#d8c0e75a87a52e374a8f25f855174786a09498b2" + integrity sha512-DfAfA6PfpG8t4S6npwzLvTUpp0sS7JrcuaMiy1Y5645laRJIp/LiLGIBbQKaXSInK8tiGNI7FL7L8UvB8gdUZg== dependencies: "@babel/helper-module-imports" "^7.15.4" "@babel/helper-replace-supers" "^7.15.4" @@ -199,10 +199,10 @@ chalk "^2.0.0" js-tokens "^4.0.0" -"@babel/parser@^7.1.0", "@babel/parser@^7.15.4", "@babel/parser@^7.15.5": - version "7.15.7" - resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.15.7.tgz#0c3ed4a2eb07b165dfa85b3cc45c727334c4edae" - integrity sha512-rycZXvQ+xS9QyIcJ9HXeDWf1uxqlbVFAUq0Rq0dbc50Zb/+wUe/ehyfzGfm9KZZF0kBejYgxltBXocP+gKdL2g== +"@babel/parser@^7.1.0", "@babel/parser@^7.15.4", "@babel/parser@^7.15.8": + version "7.15.8" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.15.8.tgz#7bacdcbe71bdc3ff936d510c15dcea7cf0b99016" + integrity sha512-BRYa3wcQnjS/nqI8Ac94pYYpJfojHVvVXJ97+IDCImX4Jc8W8Xv1+47enbruk+q1etOpsQNwnfFcNGw+gtPGxA== "@babel/plugin-syntax-async-generators@^7.8.4": version "7.8.4" @@ -576,18 +576,18 @@ "@types/yargs" "^15.0.0" chalk "^4.0.0" -"@jsii/check-node@1.36.0": - version "1.36.0" - resolved "https://registry.yarnpkg.com/@jsii/check-node/-/check-node-1.36.0.tgz#010db7eb8477f96cc491d9433b3003634764205a" - integrity sha512-/WgRJ93hg7a6H/VTOhE9366VjvrW5HU0wGtO/i3zskxBpK6LmpnYhw69AiGvmAZHyBaUuJ2KGCSa7TEge62NwA== +"@jsii/check-node@1.38.0": + version "1.38.0" + resolved "https://registry.yarnpkg.com/@jsii/check-node/-/check-node-1.38.0.tgz#4d9df1aac07d69401da240a3fff456f55c2b3e3d" + integrity sha512-VlEu2/nqxgGHVlfMlzGCPN3ivS3iPNjXSLSHLNCxHzjumcVjJnj88KzrIXrtNy3Dwuy72ulQYJp7aa/TSsCZNw== dependencies: chalk "^4.1.2" semver "^7.3.5" -"@jsii/spec@^1.36.0": - version "1.36.0" - resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.36.0.tgz#be7ed06d10c358009b8c329ef8203b7dd8216b60" - integrity sha512-CZrol5FphC3WZdaEYWRyCysbc6IRvaXjHOlFgjin4RJ9MrAdskcH0/x/Hyez1PwFkZl1f2qWFwVG3L9eA5+Fsg== +"@jsii/spec@^1.38.0": + version "1.38.0" + resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.38.0.tgz#503ae6c0c7e4deae48857ffff1e6a11d318d533e" + integrity sha512-SvZU6QxH1HOlHuXJhzHcaoflGqx4PXlNbva9Ox73qw2P/QuNY0H8/MIB/dZniT01H1nVDGVJm7/4Se6eSWKzdQ== dependencies: jsonschema "^1.4.0" @@ -2315,9 +2315,9 @@ aws-sdk-mock@^5.4.0: traverse "^0.6.6" aws-sdk@^2.596.0, aws-sdk@^2.848.0, aws-sdk@^2.928.0, aws-sdk@^2.979.0: - version "2.1001.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1001.0.tgz#c4da256aa0058438ba611ae06fa850f4f7d63abc" - integrity sha512-DpmslPU8myCaaRUwMzB/SqAMtD2zQckxYwq3CguIv8BI+JHxDLeTdPCLfA5jffQ8k6dcvISOuiqdpwCZucU0BA== + version "2.1002.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1002.0.tgz#8f2d3143109a08b19385b21433c9a7178b3f5295" + integrity sha512-duG9sJL1RETBXV0ZNx1wCVX/Y2xURXdG+jJo380nOI5xlvxyiZxSDhdYYaxNjT4Jgaz/qzGJ7mbkVFu1zQ3/1w== dependencies: buffer "4.9.2" events "1.1.1" @@ -2823,10 +2823,10 @@ co@^4.6.0: resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ= -codemaker@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.36.0.tgz#d2a859b8db75ee524c201a09a1641f592d6c676b" - integrity sha512-Ey1aIPW5OkkKyRcqoWE61MAc5ghfDrnxysGUmauTy0RyL6sXPjYuxZXQWjqsHHQ35fCH5i7/rifoifE+jkZQhQ== +codemaker@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.38.0.tgz#571458cc9f361f5d885e67817a652b4e6ad67470" + integrity sha512-X2CsWa6zCc8VnH84neidddw5NC+0CHh7iTzd1arUsVFc6s+vnB4i05py394nzqvY5c/ckeDCOLDix/L6NmqFEw== dependencies: camelcase "^6.2.0" decamelize "^5.0.1" @@ -2961,9 +2961,9 @@ console-control-strings@^1.0.0, console-control-strings@~1.1.0: integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= constructs@^3.3.69: - version "3.3.160" - resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.160.tgz#bdea4785ff99ed76886e83c98ec3f5f2161efbac" - integrity sha512-DFIYE/hzUrIIcm87cpJIg4WlwEnwjnRwEGOlfNMrRImW7nx4v/ErDd1nW1/rWOR0p5e10Hgu+wCNdcGH8felRA== + version "3.3.161" + resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.161.tgz#9726b1d450f3b9aca7907230f2248e3fd4058ce4" + integrity sha512-/27vW3fo0iyb3py4vKI1BduEYmv8vv8uJgLXvI+5F0Jbnn0/E+As2wkGMa7bumhzCd0Ckv/USkAXstGYVXTYQA== conventional-changelog-angular@^5.0.12: version "5.0.13" @@ -3605,9 +3605,9 @@ ecc-jsbn@~0.1.1: safer-buffer "^2.1.0" electron-to-chromium@^1.3.857: - version "1.3.860" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.860.tgz#d612e54ed75fa524c12af8da3ad8121ebfe2802b" - integrity sha512-gWwGZ+Wv4Mou2SJRH6JQzhTPjL5f95SX7n6VkLTQ/Q/INsZLZNQ1vH2GlZjozKyvT0kkFuCmWTwIoCj+/hUDPw== + version "1.3.861" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.861.tgz#981e37a79af7a7b29bbaeed36376f4795527de13" + integrity sha512-GZyflmpMnZRdZ1e2yAyvuFwz1MPSVQelwHX4TJZyXypB8NcxdPvPNwy5lOTxnlkrK13EiQzyTPugRSnj6cBgKg== emittery@^0.7.1: version "0.7.2" @@ -5473,9 +5473,9 @@ isstream@~0.1.2: integrity sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo= istanbul-lib-coverage@^3.0.0, istanbul-lib-coverage@^3.0.0-alpha.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.1.tgz#e8900b3ed6069759229cf30f7067388d148aeb5e" - integrity sha512-GvCYYTxaCPqwMjobtVcVKvSHtAGe48MNhGjpK8LtVF8K0ISX7hCKl85LgtuaSneWVyQmaGcW3iXVV3GaZSLpmQ== + version "3.0.0" + resolved "https://registry.yarnpkg.com/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz#f5944a37c70b550b02a78a5c3b2055b280cec8ec" + integrity sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg== istanbul-lib-hook@^3.0.0: version "3.0.0" @@ -5526,9 +5526,9 @@ istanbul-lib-source-maps@^4.0.0: source-map "^0.6.1" istanbul-reports@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/istanbul-reports/-/istanbul-reports-3.0.2.tgz#d593210e5000683750cb09fc0644e4b6e27fd53b" - integrity sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw== + version "3.0.3" + resolved "https://registry.yarnpkg.com/istanbul-reports/-/istanbul-reports-3.0.3.tgz#974d682037f6d12b15dc55f9a2a5f8f1ea923831" + integrity sha512-0i77ZFLsb9U3DHi22WzmIngVzfoyxxbQcZRqlF3KoKmCJGq9nhFHoGi8FqBztN2rE8w6hURnZghetn0xpkVb6A== dependencies: html-escaper "^2.0.0" istanbul-lib-report "^3.0.0" @@ -5999,70 +5999,70 @@ jsesc@^2.5.1: resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.36.0.tgz#f32d22393844de033710fd67b93fc28e9c155905" - integrity sha512-ejWzph85Vz3rRtrtTer/vFivPn+F2VkzbGaPnpXZTUSRYECg5f9kafq9g3Fm/ntbU8JpmDB6vrh0muv4T/yglw== +jsii-diff@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.38.0.tgz#a7fcc2e3eab9d5eec57fca2f41d4380c45e1920b" + integrity sha512-aBrqOCYZ5PvjCZ29tabYaELh9OtsAKYpiYP3enzPMo7yLuGJUODtJuZhtJCeMAaz9cbadj121f6EinwDyYhIgA== dependencies: - "@jsii/check-node" "1.36.0" - "@jsii/spec" "^1.36.0" + "@jsii/check-node" "1.38.0" + "@jsii/spec" "^1.38.0" fs-extra "^9.1.0" - jsii-reflect "^1.36.0" + jsii-reflect "^1.38.0" log4js "^6.3.0" typescript "~3.9.10" yargs "^16.2.0" -jsii-pacmak@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.36.0.tgz#b8c2b11318b6acc28a064904aac6cc625e22b654" - integrity sha512-wRJk6S81OTi1KeXQhpasvWQ3kBXURtg1d99wBBSktDAJAfAj17x/0XbVe43DRFsD/wZARyVj2g1EDC5MexXJZw== +jsii-pacmak@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.38.0.tgz#e43c6c29d3589b3991dc21b5194a3290c736356c" + integrity sha512-QhaOto/7F/5cPaZPaupxXfD5PW10QOnVJjBhTcfIg3Pziqvs7tYuGh6I1EBs9dbZ1kCBq15ATYXqoljNIP78aw== dependencies: - "@jsii/check-node" "1.36.0" - "@jsii/spec" "^1.36.0" + "@jsii/check-node" "1.38.0" + "@jsii/spec" "^1.38.0" clone "^2.1.2" - codemaker "^1.36.0" + codemaker "^1.38.0" commonmark "^0.30.0" escape-string-regexp "^4.0.0" fs-extra "^9.1.0" - jsii-reflect "^1.36.0" - jsii-rosetta "^1.36.0" + jsii-reflect "^1.38.0" + jsii-rosetta "^1.38.0" semver "^7.3.5" spdx-license-list "^6.4.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.36.0.tgz#719a1aadb60b1e46d9fc9140e23ba7a0c651debd" - integrity sha512-MWhRxSTv29QetIAhtoVO9Awne6TofUPmVeK9SU3G0RqoxCx7F6erbLxcSYIa1KqcBbI6fmT1/JT1kdmCgg0QmQ== +jsii-reflect@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.38.0.tgz#4d9d52a148922dddd8d2647937747455f92e02bb" + integrity sha512-KH5Gi5gqcLVdPqCbC1fZf4hhOrGhNnYRjgAS5jyVpBfydsTaQFPqtu6Lyz/BntQ495u4rax1Teqk3ITafdFCoA== dependencies: - "@jsii/check-node" "1.36.0" - "@jsii/spec" "^1.36.0" + "@jsii/check-node" "1.38.0" + "@jsii/spec" "^1.38.0" colors "^1.4.0" fs-extra "^9.1.0" - oo-ascii-tree "^1.36.0" + oo-ascii-tree "^1.38.0" yargs "^16.2.0" -jsii-rosetta@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.36.0.tgz#116e62717cfb97648ec163e1a66bc7036034034f" - integrity sha512-TML7uw5ihRy0S5QKV8nNRxERzIblIeMTn/+eDG9dw/FOpx3oB3dBo9A277skVbs4QPbZuU8ceWb5n1kg/PlbOw== +jsii-rosetta@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.38.0.tgz#5da6bb478f0c68a7b06db7b52bd6bec355c1537f" + integrity sha512-UwYFMXyoHZMV/NX4FcTZ4vj22giVBO1+Bj2xYDqI4PVm1Nmad+8XwfnVFRYYJjQ4y1RWOWDkOOe1B/NH8kKWAg== dependencies: - "@jsii/check-node" "1.36.0" - "@jsii/spec" "^1.36.0" + "@jsii/check-node" "1.38.0" + "@jsii/spec" "^1.38.0" "@xmldom/xmldom" "^0.7.5" commonmark "^0.30.0" fs-extra "^9.1.0" typescript "~3.9.10" yargs "^16.2.0" -jsii@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.36.0.tgz#46fb0046c8116cabe83899d5f04b9ee7adf7d326" - integrity sha512-7wuW6iv3lnYxdUb2W9KRPqFDP7xPPhVMmt3eDQbLQGCcMNQ65QgPWgun23+1X1X1ImCcoh5GWaRS0oF0NAJbQA== +jsii@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.38.0.tgz#2de03bba8adefe469e0412b41d5c8f249a347df3" + integrity sha512-FSqjFhMTAedl7voMgCz2cbEoSoXmwog6wYUQ91zUD5u2gDBIPY3K9LJhS18aUr7KMn+An8SecgOcMia5p6haAQ== dependencies: - "@jsii/check-node" "1.36.0" - "@jsii/spec" "^1.36.0" + "@jsii/check-node" "1.38.0" + "@jsii/spec" "^1.38.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.5" @@ -7396,10 +7396,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.36.0: - version "1.36.0" - resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.36.0.tgz#2a44141904a324cc9a77dfa7c24b680007d9f786" - integrity sha512-VGo4IhIbwJgYnwBAtk5+6puhwOjyMdaviPhxZgEteh6/twR7m8T6C47kSNuXIX51H6ogh6y8GeuOIuWyPcc9Cg== +oo-ascii-tree@^1.38.0: + version "1.38.0" + resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.38.0.tgz#749c258bf2e3d74c5cc210c6bc98e05c567706b4" + integrity sha512-TyOg2fULmdzeVi/mbHwLHFdi/jcuhXN2HIhxPrSHqgL+Fu2WYtz9PIakFkeCuEdBWjUlYiJx89Xn0iOIhv17gA== open@^7.4.2: version "7.4.2" From 8a0d3699d7fc3dff70aa6416d30a30b57d29ff7e Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Thu, 7 Oct 2021 17:49:11 +0100 Subject: [PATCH 40/43] fix(lambda): currentVersion fails when architecture specified (#16849) The cause for this is that the new 'Architecture' property added to the CloudFormation specification is not classified as version locked or not. Added a test to ensure that any missing properties are caught in the future. Further, deprecated the `architectures` property and replaced with a singular `architecture` prop. Lambda Functions only support one architecture. Additionally, removed the CFN spec patch, now that the CloudFormation resource specification includes the Architecture fields. fixes #16814 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-lambda/lib/function-hash.ts | 8 ++-- packages/@aws-cdk/aws-lambda/lib/function.ts | 19 ++++++++- packages/@aws-cdk/aws-lambda/package.json | 1 + .../aws-lambda/test/function-hash.test.ts | 11 ++++- .../@aws-cdk/aws-lambda/test/function.test.ts | 40 +++++++++++++++++- .../spec-source/530_Lambda_ARM_patch.json | 41 ------------------- 6 files changed, 72 insertions(+), 48 deletions(-) delete mode 100644 packages/@aws-cdk/cfnspec/spec-source/530_Lambda_ARM_patch.json diff --git a/packages/@aws-cdk/aws-lambda/lib/function-hash.ts b/packages/@aws-cdk/aws-lambda/lib/function-hash.ts index c651aee68cd4d..0b7eff434ba65 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function-hash.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function-hash.ts @@ -49,11 +49,13 @@ export function trimFromStart(s: string, maxLength: number) { * must not be generated. * * Adding a new property to this list - If the property is part of the UpdateFunctionConfiguration - * API, then it must be classified as true, otherwise false. - * See https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionConfiguration.html + * API or UpdateFunctionCode API, then it must be classified as true, otherwise false. + * See https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionConfiguration.html and + * https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionConfiguration.html */ -const VERSION_LOCKED: { [key: string]: boolean } = { +export const VERSION_LOCKED: { [key: string]: boolean } = { // locked to the version + Architectures: true, Code: true, DeadLetterConfig: true, Description: true, diff --git a/packages/@aws-cdk/aws-lambda/lib/function.ts b/packages/@aws-cdk/aws-lambda/lib/function.ts index 72ae40d5babbe..7505cdf463a1b 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function.ts @@ -313,10 +313,17 @@ export interface FunctionOptions extends EventInvokeConfigOptions { readonly codeSigningConfig?: ICodeSigningConfig; /** - * The system architectures compatible with this lambda function. + * DEPRECATED * @default [Architecture.X86_64] + * @deprecated use `architecture` */ readonly architectures?: Architecture[]; + + /** + * The system architectures compatible with this lambda function. + * @default Architecture.X86_64 + */ + readonly architecture?: Architecture; } export interface FunctionProps extends FunctionOptions { @@ -655,6 +662,14 @@ export class Function extends FunctionBase { }]; } + if (props.architecture && props.architectures !== undefined) { + throw new Error('Either architecture or architectures must be specified but not both.'); + } + if (props.architectures && props.architectures.length > 1) { + throw new Error('Only one architecture must be specified.'); + } + const architecture = props.architecture ?? (props.architectures && props.architectures[0]); + const resource: CfnFunction = new CfnFunction(this, 'Resource', { functionName: this.physicalName, description: props.description, @@ -687,7 +702,7 @@ export class Function extends FunctionBase { kmsKeyArn: props.environmentEncryption?.keyArn, fileSystemConfigs, codeSigningConfigArn: props.codeSigningConfig?.codeSigningConfigArn, - architectures: props.architectures?.map(a => a.name), + architectures: architecture ? [architecture.name] : undefined, }); resource.node.addDependency(this.role); diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 3e5d5286bc86e..b00072d041a4d 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -80,6 +80,7 @@ "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cdk-integ-tools": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", + "@aws-cdk/cfnspec": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/aws-lambda": "^8.10.83", "@types/jest": "^26.0.24", diff --git a/packages/@aws-cdk/aws-lambda/test/function-hash.test.ts b/packages/@aws-cdk/aws-lambda/test/function-hash.test.ts index b1b4ab5200ea4..dbadd01b0975b 100644 --- a/packages/@aws-cdk/aws-lambda/test/function-hash.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/function-hash.test.ts @@ -1,9 +1,10 @@ import '@aws-cdk/assert-internal/jest'; import * as path from 'path'; +import { resourceSpecification } from '@aws-cdk/cfnspec'; import { App, CfnOutput, CfnResource, Stack } from '@aws-cdk/core'; import { LAMBDA_RECOGNIZE_VERSION_PROPS } from '@aws-cdk/cx-api'; import * as lambda from '../lib'; -import { calculateFunctionHash, trimFromStart } from '../lib/function-hash'; +import { calculateFunctionHash, trimFromStart, VERSION_LOCKED } from '../lib/function-hash'; describe('function hash', () => { describe('trimFromStart', () => { @@ -274,5 +275,13 @@ describe('function hash', () => { (fn1.node.defaultChild as CfnResource).addPropertyOverride('UnclassifiedProp', 'Value'); expect(calculateFunctionHash(fn1)).toEqual(original); }); + + test('all CFN properties are classified', () => { + const spec = resourceSpecification('AWS::Lambda::Function'); + expect(spec.Properties).toBeDefined(); + const expected = Object.keys(spec.Properties!).sort(); + const actual = Object.keys(VERSION_LOCKED).sort(); + expect(actual).toEqual(expected); + }); }); }); diff --git a/packages/@aws-cdk/aws-lambda/test/function.test.ts b/packages/@aws-cdk/aws-lambda/test/function.test.ts index a4aa4a31e10cc..66d18e663e7f9 100644 --- a/packages/@aws-cdk/aws-lambda/test/function.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/function.test.ts @@ -2174,7 +2174,7 @@ describe('function', () => { })).toThrow(/Layers are not supported for container image functions/); }); - test('specified architecture is recognized', () => { + test('specified architectures is recognized', () => { const stack = new cdk.Stack(); new lambda.Function(stack, 'MyFunction', { code: lambda.Code.fromInline('foo'), @@ -2189,6 +2189,44 @@ describe('function', () => { }); }); + test('specified architecture is recognized', () => { + const stack = new cdk.Stack(); + new lambda.Function(stack, 'MyFunction', { + code: lambda.Code.fromInline('foo'), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + + architecture: lambda.Architecture.ARM_64, + }); + + expect(stack).toHaveResource('AWS::Lambda::Function', { + Architectures: ['arm64'], + }); + }); + + test('both architectures and architecture are not recognized', () => { + const stack = new cdk.Stack(); + expect(() => new lambda.Function(stack, 'MyFunction', { + code: lambda.Code.fromInline('foo'), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + + architecture: lambda.Architecture.ARM_64, + architectures: [lambda.Architecture.X86_64], + })).toThrow(/architecture or architectures must be specified/); + }); + + test('Only one architecture allowed', () => { + const stack = new cdk.Stack(); + expect(() => new lambda.Function(stack, 'MyFunction', { + code: lambda.Code.fromInline('foo'), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + + architectures: [lambda.Architecture.X86_64, lambda.Architecture.ARM_64], + })).toThrow(/one architecture must be specified/); + }); + }); function newTestLambda(scope: constructs.Construct) { diff --git a/packages/@aws-cdk/cfnspec/spec-source/530_Lambda_ARM_patch.json b/packages/@aws-cdk/cfnspec/spec-source/530_Lambda_ARM_patch.json deleted file mode 100644 index 13c481eff424d..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/530_Lambda_ARM_patch.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "ResourceType": { - "AWS::Lambda::Function": { - "patch": { - "description": "AWS::Lambda::Function changes for early support of Lambda ARM launch. Remove once CFN spec is updated", - "operations": [ - { - "op": "add", - "path": "/Properties/Architectures", - "value": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-architectures", - "UpdateType": "Mutable", - "Required": false, - "Type": "List", - "PrimitiveItemType": "String", - "DuplicatesAllowed": true - } - } - ] - } - }, - "AWS::Lambda::LayerVersion": { - "patch": { - "description": "AWS::Lambda::LayerVersion changes for early support of Lambda ARM launch. Remove once CFN spec is updated", - "operations": [ - { - "op": "add", - "path": "/Properties/CompatibleArchitectures", - "value": { - "PrimitiveItemType": "String", - "Type": "List", - "Required": false, - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatiblearchitectures", - "UpdateType": "Immutable" - } - } - ] - } - } - } -} \ No newline at end of file From 27cc82186c73db5e68e00448133dd6e79e13d90c Mon Sep 17 00:00:00 2001 From: Pahud Hsieh Date: Fri, 8 Oct 2021 02:25:15 +0800 Subject: [PATCH 41/43] feat(elbv2): support ALB target for NLB (#16687) This PR allows NLB to have a single ALB as the target. Fixes: #16679 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/alb-target.ts | 45 ++ .../lib/index.ts | 1 + .../package.json | 4 +- .../test/alb-target.test.ts | 68 ++ .../test/integ.alb-target.expected.json | 673 ++++++++++++++++++ .../test/integ.alb-target.ts | 49 ++ .../aws-elasticloadbalancingv2/README.md | 41 ++ .../lib/shared/enums.ts | 5 + 8 files changed, 885 insertions(+), 1 deletion(-) create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/alb-target.ts create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/alb-target.test.ts create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.expected.json create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.ts diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/alb-target.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/alb-target.ts new file mode 100644 index 0000000000000..3cc67a0984a2e --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/alb-target.ts @@ -0,0 +1,45 @@ +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; + +/** + * A single Application Load Balancer as the target for load balancing. + */ +export class AlbArnTarget implements elbv2.INetworkLoadBalancerTarget { + /** + * Create a new alb target + * + * @param albArn The ARN of the application load balancer to load balance to + * @param port The port on which the target is listening + */ + constructor(private readonly albArn: string, private readonly port: number) { + } + + /** + * Register this alb target with a load balancer + * + * Don't call this, it is called automatically when you add the target to a + * load balancer. + */ + public attachToNetworkTargetGroup(targetGroup: elbv2.INetworkTargetGroup): elbv2.LoadBalancerTargetProps { + return this.attach(targetGroup); + } + + private attach(_targetGroup: elbv2.ITargetGroup): elbv2.LoadBalancerTargetProps { + return { + targetType: elbv2.TargetType.ALB, + targetJson: { id: this.albArn, port: this.port }, + }; + } +} + +/** + * A single Application Load Balancer as the target for load balancing. + */ +export class AlbTarget extends AlbArnTarget { + /** + * @param alb The application load balancer to load balance to + * @param port The port on which the target is listening + */ + constructor(alb: elbv2.ApplicationLoadBalancer, port: number) { + super(alb.loadBalancerArn, port); + } +} diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/index.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/index.ts index 145ac293c4a98..dce98a495a5d6 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/index.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/lib/index.ts @@ -1,3 +1,4 @@ +export * from './alb-target'; export * from './ip-target'; export * from './instance-target'; export * from './lambda-target'; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json index 37f4fe6c1d5ce..e9b09e29964ff 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json @@ -70,7 +70,9 @@ "@aws-cdk/cdk-integ-tools": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^26.0.24", - "jest": "^26.6.3" + "jest": "^26.6.3", + "@aws-cdk/aws-ecs": "0.0.0", + "@aws-cdk/aws-ecs-patterns": "0.0.0" }, "dependencies": { "@aws-cdk/aws-ec2": "0.0.0", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/alb-target.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/alb-target.test.ts new file mode 100644 index 0000000000000..1ccea0b91d1b2 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/alb-target.test.ts @@ -0,0 +1,68 @@ +import { expect, haveResource } from '@aws-cdk/assert-internal'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import { Stack } from '@aws-cdk/core'; +import * as targets from '../lib'; + +test('Can create target groups with alb target', () => { + // GIVEN + const stack = new Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc }); + const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { vpc }); + const listener = nlb.addListener('Listener', { port: 80 }); + + // WHEN + listener.addTargets('Targets', { + targets: [new targets.AlbTarget(alb, 80)], + port: 80, + }); + + // THEN + expect(stack).to(haveResource('AWS::ElasticLoadBalancingV2::TargetGroup', { + Port: 80, + Protocol: 'TCP', + Targets: [ + { + Id: { + Ref: 'ALBAEE750D2', + }, + Port: 80, + }, + ], + TargetType: 'alb', + VpcId: { + Ref: 'Stack8A423254', + }, + })); +}); + +test('Can create target groups with alb arn target', () => { + // GIVEN + const stack = new Stack(); + const vpc = new ec2.Vpc(stack, 'Stack'); + const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { vpc }); + const listener = nlb.addListener('Listener', { port: 80 }); + + // WHEN + listener.addTargets('Targets', { + targets: [new targets.AlbArnTarget('MOCK_ARN', 80)], + port: 80, + }); + + // THEN + expect(stack).to(haveResource('AWS::ElasticLoadBalancingV2::TargetGroup', { + Port: 80, + Protocol: 'TCP', + Targets: [ + { + Id: 'MOCK_ARN', + Port: 80, + }, + ], + TargetType: 'alb', + VpcId: { + Ref: 'Stack8A423254', + }, + })); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.expected.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.expected.json new file mode 100644 index 0000000000000..8832e3edf3726 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.expected.json @@ -0,0 +1,673 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.64.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.128.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "TestStack/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.192.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "TestStack/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "TestStack/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "TaskTaskRoleE98524A1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "Task79114B6B": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "public.ecr.aws/nginx/nginx:latest", + "Name": "nginx", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "256", + "Family": "TestStackTask24CEEDF4", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "TaskTaskRoleE98524A1", + "Arn" + ] + } + } + }, + "ServiceLBE9A1ADBC": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + } + ], + "Scheme": "internal", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ServiceLBSecurityGroupF7435A5C", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "Type": "application" + } + }, + "ServiceLBSecurityGroupF7435A5C": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB TestStackServiceLBD3BB32E9", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 80", + "FromPort": 80, + "IpProtocol": "tcp", + "ToPort": 80 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ServiceLBSecurityGrouptoTestStackServiceSecurityGroup59159BDD804A6BA8AC": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "ServiceLBSecurityGroupF7435A5C", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "ServiceSecurityGroupEEA09B68", + "GroupId" + ] + }, + "FromPort": 80, + "ToPort": 80 + } + }, + "ServiceLBPublicListener46709EAA": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "ServiceLBE9A1ADBC" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "ServiceLBPublicListenerECSGroup0CC8688C": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "Service9571FDD8": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "EcsDefaultClusterMnL3mNNYNVpc18E0451A" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "nginx", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "ServiceLBPublicListenerECSGroup0CC8688C" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ServiceSecurityGroupEEA09B68", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "Task79114B6B" + } + }, + "DependsOn": [ + "ServiceLBPublicListenerECSGroup0CC8688C", + "ServiceLBPublicListener46709EAA" + ] + }, + "ServiceSecurityGroupEEA09B68": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "TestStack/Service/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ServiceSecurityGroupfromTestStackServiceLBSecurityGroup76260E3B8004FB511A": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "ServiceSecurityGroupEEA09B68", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "ServiceLBSecurityGroupF7435A5C", + "GroupId" + ] + }, + "ToPort": 80 + } + }, + "EcsDefaultClusterMnL3mNNYNVpc18E0451A": { + "Type": "AWS::ECS::Cluster" + }, + "NlbBCDB97FE": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "LoadBalancerAttributes": [ + { + "Key": "deletion_protection.enabled", + "Value": "false" + }, + { + "Key": "load_balancing.cross_zone.enabled", + "Value": "true" + } + ], + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "network" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "NlblistenerBE297616": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "NlblistenerTargetsGroupDD2A3CB0" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "NlbBCDB97FE" + }, + "Port": 80, + "Protocol": "TCP" + } + }, + "NlblistenerTargetsGroupDD2A3CB0": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckProtocol": "HTTP", + "Port": 80, + "Protocol": "TCP", + "Targets": [ + { + "Id": { + "Ref": "ServiceLBE9A1ADBC" + }, + "Port": 80 + } + ], + "TargetType": "alb", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + } + }, + "Outputs": { + "ServiceLoadBalancerDNSEC5B149E": { + "Value": { + "Fn::GetAtt": [ + "ServiceLBE9A1ADBC", + "DNSName" + ] + } + }, + "ServiceServiceURL250C0FB6": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "ServiceLBE9A1ADBC", + "DNSName" + ] + } + ] + ] + } + }, + "NlbEndpoint": { + "Value": { + "Fn::Join": [ + "", + [ + "http://", + { + "Fn::GetAtt": [ + "NlbBCDB97FE", + "DNSName" + ] + } + ] + ] + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.ts new file mode 100644 index 0000000000000..80a5e6880ffab --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.alb-target.ts @@ -0,0 +1,49 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as patterns from '@aws-cdk/aws-ecs-patterns'; +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import { App, CfnOutput, Stack, StackProps } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as targets from '../lib'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 2, natGateways: 1 }); + + const task = new ecs.FargateTaskDefinition(this, 'Task', { cpu: 256, memoryLimitMiB: 512 }); + task.addContainer('nginx', { + image: ecs.ContainerImage.fromRegistry('public.ecr.aws/nginx/nginx:latest'), + portMappings: [{ containerPort: 80 }], + }); + const svc = new patterns.ApplicationLoadBalancedFargateService(this, 'Service', { + vpc, + taskDefinition: task, + publicLoadBalancer: false, + }); + + const nlb = new elbv2.NetworkLoadBalancer(this, 'Nlb', { + vpc, + crossZoneEnabled: true, + internetFacing: true, + }); + const listener = nlb.addListener('listener', { + port: 80, + }); + + listener.addTargets('Targets', { + targets: [new targets.AlbTarget(svc.loadBalancer, 80)], + port: 80, + healthCheck: { + protocol: elbv2.Protocol.HTTP, + }, + }); + + new CfnOutput(this, 'NlbEndpoint', { value: `http://${nlb.loadBalancerDnsName}` }); + } +} + +const app = new App(); +new TestStack(app, 'TestStack'); +app.synth(); diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md index 200322e52999e..f3d23b5e827cf 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md @@ -323,6 +323,47 @@ listener.addTargets('Targets', { Only a single Lambda function can be added to a single listener rule. +## Using Application Load Balancer Targets + +To use a single application load balancer as a target for the network load balancer, use the integration class in the +`@aws-cdk/aws-elasticloadbalancingv2-targets` package: + +```ts +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import * as targets from '@aws-cdk/aws-elasticloadbalancingv2-targets'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as patterns from '@aws-cdk/aws-ecs-patterns'; + +const task = new ecs.FargateTaskDefinition(this, 'Task', { cpu: 256, memoryLimitMiB: 512 }); +task.addContainer('nginx', { + image: ecs.ContainerImage.fromRegistry('public.ecr.aws/nginx/nginx:latest'), + portMappings: [{ containerPort: 80 }], +}); + +const svc = new patterns.ApplicationLoadBalancedFargateService(this, 'Service', { + vpc, + taskDefinition: task, + publicLoadBalancer: false, +}); + +const nlb = new elbv2.NetworkLoadBalancer(this, 'Nlb', { + vpc, + crossZoneEnabled: true, + internetFacing: true, +}); + +const listener = nlb.addListener('listener', { port: 80 }); + +listener.addTargets('Targets', { + targets: [new targets.AlbTarget(svc.loadBalancer, 80)], + port: 80, +}); + +new CfnOutput(this, 'NlbEndpoint', { value: `http://${nlb.loadBalancerDnsName}`}) +``` + +Only the network load balancer is allowed to add the application load balancer as the target. + ## Configuring Health Checks Health checks are configured upon creation of a target group: diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts index a711211a44065..2dc293e1b8905 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/enums.ts @@ -170,6 +170,11 @@ export enum TargetType { * Target is a single Lambda Function */ LAMBDA = 'lambda', + + /** + * Target is a single Application Load Balancer + */ + ALB = 'alb', } /** From 969673c358ba3134933ab5ec8e17e612a43ff57a Mon Sep 17 00:00:00 2001 From: Ryan Parker Date: Thu, 7 Oct 2021 13:08:21 -0700 Subject: [PATCH 42/43] docs(aws-s3 README): Clarify `autoDeleteObjects` warning to include "deploy" step. (#16857) ## Summary This PR is a continuation of https://github.com/aws/aws-cdk/pull/16828#pullrequestreview-773025044 We want to make sure users know to deploy with the latest CDK version before toggling the `autoDeleteObjects` prop to `false`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-s3/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-s3/README.md b/packages/@aws-cdk/aws-s3/README.md index 60f97010b9a20..dab9af9a9d7f8 100644 --- a/packages/@aws-cdk/aws-s3/README.md +++ b/packages/@aws-cdk/aws-s3/README.md @@ -447,6 +447,6 @@ const bucket = new Bucket(this, 'MyTempFileBucket', { ``` **Warning** if you have deployed a bucket with `autoDeleteObjects: true`, -switching this to `false` in a CDK version *before* `1.126.0` will lead to all -objects in the bucket being deleted. Be sure to update to version `1.126.0` or -later before switching this value to `false`. +switching this to `false` in a CDK version *before* `1.126.0` will lead to +all objects in the bucket being deleted. Be sure to update your bucket resources +by deploying with CDK version `1.126.0` or later **before** switching this value to `false`. From c3417f651e45170efd339960fbb0e4957bcbd3a3 Mon Sep 17 00:00:00 2001 From: Calvin Combs <66279577+comcalvi@users.noreply.github.com> Date: Thu, 7 Oct 2021 17:34:31 -0700 Subject: [PATCH 43/43] feat(cli): hotswap deployments for StepFunctions State Machines (#16489) This adds support for `StepFunctions::StateMachines` to be hotswapped. Only changes to the `DefinitionString` property will trigger hotswaps. Changes to other properties (or resources, except Lambda functions) will require full deployments. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/README.md | 1 + packages/aws-cdk/lib/api/aws-auth/sdk.ts | 5 + .../aws-cdk/lib/api/hotswap-deployments.ts | 87 +++- packages/aws-cdk/lib/api/hotswap/common.ts | 40 +- .../lib/api/hotswap/lambda-functions.ts | 49 +- .../hotswap/stepfunctions-state-machines.ts | 62 +++ .../api/hotswap/hotswap-deployments.test.ts | 242 +++++++++ .../test/api/hotswap/hotswap-test-setup.ts | 95 ++++ .../lambda-hotswap-deployments.test.ts} | 245 ++++++--- .../state-machine-hotswap-deployments.test.ts | 483 ++++++++++++++++++ packages/aws-cdk/test/util/mock-sdk.ts | 5 + 11 files changed, 1173 insertions(+), 141 deletions(-) create mode 100644 packages/aws-cdk/lib/api/hotswap/stepfunctions-state-machines.ts create mode 100644 packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts create mode 100644 packages/aws-cdk/test/api/hotswap/hotswap-test-setup.ts rename packages/aws-cdk/test/api/{hotswap-deployments.test.ts => hotswap/lambda-hotswap-deployments.test.ts} (56%) create mode 100644 packages/aws-cdk/test/api/hotswap/state-machine-hotswap-deployments.test.ts diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index 3a1b2882b2506..9690c6f9d9258 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -362,6 +362,7 @@ Hotswapping is currently supported for the following changes (additional changes will be supported in the future): - Code asset changes of AWS Lambda functions. +- Definition changes of AWS Step Functions State Machines. **⚠ Note #1**: This command deliberately introduces drift in CloudFormation stacks in order to speed up deployments. For this reason, only use it for development purposes. diff --git a/packages/aws-cdk/lib/api/aws-auth/sdk.ts b/packages/aws-cdk/lib/api/aws-auth/sdk.ts index 0f1468b4d08b8..9090a59c8d792 100644 --- a/packages/aws-cdk/lib/api/aws-auth/sdk.ts +++ b/packages/aws-cdk/lib/api/aws-auth/sdk.ts @@ -32,6 +32,7 @@ export interface ISDK { elbv2(): AWS.ELBv2; secretsManager(): AWS.SecretsManager; kms(): AWS.KMS; + stepFunctions(): AWS.StepFunctions; } /** @@ -128,6 +129,10 @@ export class SDK implements ISDK { return this.wrapServiceErrorHandling(new AWS.KMS(this.config)); } + public stepFunctions(): AWS.StepFunctions { + return this.wrapServiceErrorHandling(new AWS.StepFunctions(this.config)); + } + public async currentAccount(): Promise { // Get/refresh if necessary before we can access `accessKeyId` await this.forceCredentialRetrieval(); diff --git a/packages/aws-cdk/lib/api/hotswap-deployments.ts b/packages/aws-cdk/lib/api/hotswap-deployments.ts index 5812e50a605ef..7f002b6c684cb 100644 --- a/packages/aws-cdk/lib/api/hotswap-deployments.ts +++ b/packages/aws-cdk/lib/api/hotswap-deployments.ts @@ -3,9 +3,10 @@ import * as cxapi from '@aws-cdk/cx-api'; import { CloudFormation } from 'aws-sdk'; import { ISDK, Mode, SdkProvider } from './aws-auth'; import { DeployStackResult } from './deploy-stack'; -import { ChangeHotswapImpact, ChangeHotswapResult, HotswapOperation, ListStackResources } from './hotswap/common'; +import { ChangeHotswapImpact, ChangeHotswapResult, HotswapOperation, ListStackResources, HotswappableChangeCandidate } from './hotswap/common'; import { EvaluateCloudFormationTemplate } from './hotswap/evaluate-cloudformation-template'; import { isHotswappableLambdaFunctionChange } from './hotswap/lambda-functions'; +import { isHotswappableStateMachineChange } from './hotswap/stepfunctions-state-machines'; import { CloudFormationStack } from './util/cloudformation'; /** @@ -57,24 +58,80 @@ export async function tryHotswapDeployment( async function findAllHotswappableChanges( stackChanges: cfn_diff.TemplateDiff, evaluateCfnTemplate: EvaluateCloudFormationTemplate, ): Promise { - const promises = new Array>(); - stackChanges.resources.forEachDifference(async (logicalId: string, change: cfn_diff.ResourceDifference) => { - promises.push(isHotswappableLambdaFunctionChange(logicalId, change, evaluateCfnTemplate)); + let foundNonHotswappableChange = false; + const promises: Array>> = []; + + // gather the results of the detector functions + stackChanges.resources.forEachDifference((logicalId: string, change: cfn_diff.ResourceDifference) => { + const resourceHotswapEvaluation = isCandidateForHotswapping(change); + + if (resourceHotswapEvaluation === ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT) { + foundNonHotswappableChange = true; + } else if (resourceHotswapEvaluation === ChangeHotswapImpact.IRRELEVANT) { + // empty 'if' just for flow-aware typing to kick in... + } else { + promises.push([ + isHotswappableLambdaFunctionChange(logicalId, resourceHotswapEvaluation, evaluateCfnTemplate), + isHotswappableStateMachineChange(logicalId, resourceHotswapEvaluation, evaluateCfnTemplate), + ]); + } }); - return Promise.all(promises).then(hotswapDetectionResults => { - const hotswappableResources = new Array(); - let foundNonHotswappableChange = false; - for (const lambdaFunctionShortCircuitChange of hotswapDetectionResults) { - if (lambdaFunctionShortCircuitChange === ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT) { + + const changesDetectionResults: Array> = []; + for (const detectorResultPromises of promises) { + const hotswapDetectionResults = await Promise.all(detectorResultPromises); + changesDetectionResults.push(hotswapDetectionResults); + } + + const hotswappableResources = new Array(); + + // resolve all detector results + for (const hotswapDetectionResults of changesDetectionResults) { + const perChangeHotswappableResources = new Array(); + + for (const result of hotswapDetectionResults) { + if (typeof result !== 'string') { + perChangeHotswappableResources.push(result); + } + } + + // if we found any hotswappable changes, return now + if (perChangeHotswappableResources.length > 0) { + hotswappableResources.push(...perChangeHotswappableResources); + continue; + } + + // no hotswappable changes found, so any REQUIRES_FULL_DEPLOYMENTs imply a non-hotswappable change + for (const result of hotswapDetectionResults) { + if (result === ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT) { foundNonHotswappableChange = true; - } else if (lambdaFunctionShortCircuitChange === ChangeHotswapImpact.IRRELEVANT) { - // empty 'if' just for flow-aware typing to kick in... - } else { - hotswappableResources.push(lambdaFunctionShortCircuitChange); } } - return foundNonHotswappableChange ? undefined : hotswappableResources; - }); + // no REQUIRES_FULL_DEPLOYMENT implies that all results are IRRELEVANT + } + + return foundNonHotswappableChange ? undefined : hotswappableResources; +} + +/** + * returns `ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT` if a resource was deleted, or a change that we cannot short-circuit occured. + * Returns `ChangeHotswapImpact.IRRELEVANT` if a change that does not impact shortcircuiting occured, such as a metadata change. + */ +export function isCandidateForHotswapping(change: cfn_diff.ResourceDifference): HotswappableChangeCandidate | ChangeHotswapImpact { + // a resource has been removed OR a resource has been added; we can't short-circuit that change + if (!change.newValue || !change.oldValue) { + return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; + } + + // Ignore Metadata changes + if (change.newValue.Type === 'AWS::CDK::Metadata') { + return ChangeHotswapImpact.IRRELEVANT; + } + + return { + newValue: change.newValue, + propertyUpdates: change.propertyUpdates, + }; } async function applyAllHotswappableChanges( diff --git a/packages/aws-cdk/lib/api/hotswap/common.ts b/packages/aws-cdk/lib/api/hotswap/common.ts index c11b29d1d7daa..1e482d112aef4 100644 --- a/packages/aws-cdk/lib/api/hotswap/common.ts +++ b/packages/aws-cdk/lib/api/hotswap/common.ts @@ -1,6 +1,7 @@ import * as cfn_diff from '@aws-cdk/cloudformation-diff'; import { CloudFormation } from 'aws-sdk'; import { ISDK } from '../aws-auth'; +import { CfnEvaluationException, EvaluateCloudFormationTemplate } from './evaluate-cloudformation-template'; export interface ListStackResources { listStackResources(): Promise; @@ -33,6 +34,43 @@ export enum ChangeHotswapImpact { export type ChangeHotswapResult = HotswapOperation | ChangeHotswapImpact; -export function assetMetadataChanged(change: cfn_diff.ResourceDifference): boolean { +/** + * Represents a change that can be hotswapped. + */ +export class HotswappableChangeCandidate { + /** + * The value the resource is being updated to. + */ + public readonly newValue: cfn_diff.Resource; + + /** + * The changes made to the resource properties. + */ + public readonly propertyUpdates: { [key: string]: cfn_diff.PropertyDifference }; + + public constructor(newValue: cfn_diff.Resource, propertyUpdates: { [key: string]: cfn_diff.PropertyDifference }) { + this.newValue = newValue; + this.propertyUpdates = propertyUpdates; + } +} + +export async function establishResourcePhysicalName( + logicalId: string, physicalNameInCfnTemplate: any, evaluateCfnTemplate: EvaluateCloudFormationTemplate, +): Promise { + if (physicalNameInCfnTemplate != null) { + try { + return await evaluateCfnTemplate.evaluateCfnExpression(physicalNameInCfnTemplate); + } catch (e) { + // If we can't evaluate the resource's name CloudFormation expression, + // just look it up in the currently deployed Stack + if (!(e instanceof CfnEvaluationException)) { + throw e; + } + } + } + return evaluateCfnTemplate.findPhysicalNameFor(logicalId); +} + +export function assetMetadataChanged(change: HotswappableChangeCandidate): boolean { return !!change.newValue?.Metadata['aws:asset:path']; } diff --git a/packages/aws-cdk/lib/api/hotswap/lambda-functions.ts b/packages/aws-cdk/lib/api/hotswap/lambda-functions.ts index c110a66b6c9db..6aae68738acca 100644 --- a/packages/aws-cdk/lib/api/hotswap/lambda-functions.ts +++ b/packages/aws-cdk/lib/api/hotswap/lambda-functions.ts @@ -1,7 +1,6 @@ -import * as cfn_diff from '@aws-cdk/cloudformation-diff'; import { ISDK } from '../aws-auth'; -import { assetMetadataChanged, ChangeHotswapImpact, ChangeHotswapResult, HotswapOperation } from './common'; -import { CfnEvaluationException, EvaluateCloudFormationTemplate } from './evaluate-cloudformation-template'; +import { assetMetadataChanged, ChangeHotswapImpact, ChangeHotswapResult, HotswapOperation, HotswappableChangeCandidate, establishResourcePhysicalName } from './common'; +import { EvaluateCloudFormationTemplate } from './evaluate-cloudformation-template'; /** * Returns `false` if the change cannot be short-circuited, @@ -10,7 +9,7 @@ import { CfnEvaluationException, EvaluateCloudFormationTemplate } from './evalua * or a LambdaFunctionResource if the change can be short-circuited. */ export async function isHotswappableLambdaFunctionChange( - logicalId: string, change: cfn_diff.ResourceDifference, evaluateCfnTemplate: EvaluateCloudFormationTemplate, + logicalId: string, change: HotswappableChangeCandidate, evaluateCfnTemplate: EvaluateCloudFormationTemplate, ): Promise { const lambdaCodeChange = await isLambdaFunctionCodeOnlyChange(change, evaluateCfnTemplate); if (typeof lambdaCodeChange === 'string') { @@ -24,7 +23,7 @@ export async function isHotswappableLambdaFunctionChange( return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; } - const functionName = await establishFunctionPhysicalName(logicalId, change, evaluateCfnTemplate); + const functionName = await establishResourcePhysicalName(logicalId, change.newValue.Properties?.FunctionName, evaluateCfnTemplate); if (!functionName) { return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; } @@ -37,34 +36,21 @@ export async function isHotswappableLambdaFunctionChange( } /** - * Returns `true` if the change is not for a AWS::Lambda::Function, + * Returns `ChangeHotswapImpact.IRRELEVANT` if the change is not for a AWS::Lambda::Function, * but doesn't prevent short-circuiting * (like a change to CDKMetadata resource), - * `false` if the change is to a AWS::Lambda::Function, + * `ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT` if the change is to a AWS::Lambda::Function, * but not only to its Code property, * or a LambdaFunctionCode if the change is to a AWS::Lambda::Function, * and only affects its Code property. */ async function isLambdaFunctionCodeOnlyChange( - change: cfn_diff.ResourceDifference, evaluateCfnTemplate: EvaluateCloudFormationTemplate, + change: HotswappableChangeCandidate, evaluateCfnTemplate: EvaluateCloudFormationTemplate, ): Promise { - if (!change.newValue) { - return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; - } const newResourceType = change.newValue.Type; - // Ignore Metadata changes - if (newResourceType === 'AWS::CDK::Metadata') { - return ChangeHotswapImpact.IRRELEVANT; - } - // The only other resource change we should see is a Lambda function if (newResourceType !== 'AWS::Lambda::Function') { return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; } - if (change.oldValue?.Type == null) { - // this means this is a brand-new Lambda function - - // obviously, we can't short-circuit that! - return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; - } /* * On first glance, we would want to initialize these using the "previous" values (change.oldValue), @@ -83,9 +69,6 @@ async function isLambdaFunctionCodeOnlyChange( const propertyUpdates = change.propertyUpdates; for (const updatedPropName in propertyUpdates) { const updatedProp = propertyUpdates[updatedPropName]; - if (updatedProp.newValue === undefined) { - return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; - } for (const newPropName in updatedProp.newValue) { switch (newPropName) { case 'S3Bucket': @@ -132,21 +115,3 @@ class LambdaFunctionHotswapOperation implements HotswapOperation { }).promise(); } } - -async function establishFunctionPhysicalName( - logicalId: string, change: cfn_diff.ResourceDifference, evaluateCfnTemplate: EvaluateCloudFormationTemplate, -): Promise { - const functionNameInCfnTemplate = change.newValue?.Properties?.FunctionName; - if (functionNameInCfnTemplate != null) { - try { - return await evaluateCfnTemplate.evaluateCfnExpression(functionNameInCfnTemplate); - } catch (e) { - // If we can't evaluate the function's name CloudFormation expression, - // just look it up in the currently deployed Stack - if (!(e instanceof CfnEvaluationException)) { - throw e; - } - } - } - return evaluateCfnTemplate.findPhysicalNameFor(logicalId); -} diff --git a/packages/aws-cdk/lib/api/hotswap/stepfunctions-state-machines.ts b/packages/aws-cdk/lib/api/hotswap/stepfunctions-state-machines.ts new file mode 100644 index 0000000000000..c4a7a4eae8750 --- /dev/null +++ b/packages/aws-cdk/lib/api/hotswap/stepfunctions-state-machines.ts @@ -0,0 +1,62 @@ +import { ISDK } from '../aws-auth'; +import { ChangeHotswapImpact, ChangeHotswapResult, HotswapOperation, HotswappableChangeCandidate, establishResourcePhysicalName } from './common'; +import { EvaluateCloudFormationTemplate } from './evaluate-cloudformation-template'; + +export async function isHotswappableStateMachineChange( + logicalId: string, change: HotswappableChangeCandidate, evaluateCfnTemplate: EvaluateCloudFormationTemplate, +): Promise { + const stateMachineDefinitionChange = await isStateMachineDefinitionOnlyChange(change, evaluateCfnTemplate); + if (stateMachineDefinitionChange === ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT || + stateMachineDefinitionChange === ChangeHotswapImpact.IRRELEVANT) { + return stateMachineDefinitionChange; + } + + const machineNameInCfnTemplate = change.newValue?.Properties?.StateMachineName; + const machineName = await establishResourcePhysicalName(logicalId, machineNameInCfnTemplate, evaluateCfnTemplate); + if (!machineName) { + return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; + } + + return new StateMachineHotswapOperation({ + definition: stateMachineDefinitionChange, + stateMachineName: machineName, + }); +} + +async function isStateMachineDefinitionOnlyChange( + change: HotswappableChangeCandidate, evaluateCfnTemplate: EvaluateCloudFormationTemplate, +): Promise { + const newResourceType = change.newValue.Type; + if (newResourceType !== 'AWS::StepFunctions::StateMachine') { + return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; + } + + const propertyUpdates = change.propertyUpdates; + for (const updatedPropName in propertyUpdates) { + // ensure that only changes to the definition string result in a hotswap + if (updatedPropName !== 'DefinitionString') { + return ChangeHotswapImpact.REQUIRES_FULL_DEPLOYMENT; + } + } + + return evaluateCfnTemplate.evaluateCfnExpression(propertyUpdates.DefinitionString.newValue); +} + +interface StateMachineResource { + readonly stateMachineName: string; + readonly definition: string; +} + +class StateMachineHotswapOperation implements HotswapOperation { + constructor(private readonly stepFunctionResource: StateMachineResource) { + } + + public async apply(sdk: ISDK): Promise { + // not passing the optional properties leaves them unchanged + return sdk.stepFunctions().updateStateMachine({ + // even though the name of the property is stateMachineArn, passing the name of the state machine is allowed here + stateMachineArn: this.stepFunctionResource.stateMachineName, + definition: this.stepFunctionResource.definition, + }).promise(); + } +} diff --git a/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts b/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts new file mode 100644 index 0000000000000..26a8d08c27290 --- /dev/null +++ b/packages/aws-cdk/test/api/hotswap/hotswap-deployments.test.ts @@ -0,0 +1,242 @@ +import { Lambda, StepFunctions } from 'aws-sdk'; +import * as setup from './hotswap-test-setup'; + +let cfnMockProvider: setup.CfnMockProvider; +let mockUpdateLambdaCode: (params: Lambda.Types.UpdateFunctionCodeRequest) => Lambda.Types.FunctionConfiguration; +let mockUpdateMachineDefinition: (params: StepFunctions.Types.UpdateStateMachineInput) => StepFunctions.Types.UpdateStateMachineOutput; + +beforeEach(() => { + cfnMockProvider = setup.setupHotswapTests(); + mockUpdateLambdaCode = jest.fn(); + mockUpdateMachineDefinition = jest.fn(); + cfnMockProvider.setUpdateFunctionCodeMock(mockUpdateLambdaCode); + cfnMockProvider.setUpdateStateMachineMock(mockUpdateMachineDefinition); +}); + +test('returns a deployStackResult with noOp=true when it receives an empty set of changes', async () => { + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(setup.cdkStackArtifactOf()); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(deployStackResult?.noOp).toBeTruthy(); + expect(deployStackResult?.stackArn).toEqual(setup.STACK_ID); +}); + +test('A change to only a non-hotswappable resource results in a full deployment', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + SomethingElse: { + Type: 'AWS::CloudFormation::SomethingElse', + Properties: { + Prop: 'old-value', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + SomethingElse: { + Type: 'AWS::CloudFormation::SomethingElse', + Properties: { + Prop: 'new-value', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); + +test('A change to both a hotswappable resource and a non-hotswappable resource results in a full deployment', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + FunctionName: 'my-function', + }, + Metadata: { + 'aws:asset:path': 'old-path', + }, + }, + SomethingElse: { + Type: 'AWS::CloudFormation::SomethingElse', + Properties: { + Prop: 'old-value', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }, + FunctionName: 'my-function', + }, + Metadata: { + 'aws:asset:path': 'new-path', + }, + }, + SomethingElse: { + Type: 'AWS::CloudFormation::SomethingElse', + Properties: { + Prop: 'new-value', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); + +test('changes only to CDK::Metadata result in a noOp', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + MetaData: { + Type: 'AWS::CDK::MetaData', + Properties: { + Prop: 'old-value', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + MetaData: { + Type: 'AWS::CDK::Metadata', + Properties: { + Prop: 'new-value', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(deployStackResult?.noOp).toEqual(true); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); + +test('resource deletions require full deployments', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf(); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); +}); + +test('can correctly reference AWS::Partition in hotswappable changes', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + FunctionName: { + 'Fn::Join': [ + '', + [ + { Ref: 'AWS::Partition' }, + '-', + 'my-function', + ], + ], + }, + }, + Metadata: { + 'aws:asset:path': 'new-path', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }, + FunctionName: { + 'Fn::Join': [ + '', + [ + { Ref: 'AWS::Partition' }, + '-', + 'my-function', + ], + ], + }, + }, + Metadata: { + 'aws:asset:path': 'new-path', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateLambdaCode).toHaveBeenCalledWith({ + FunctionName: 'aws-my-function', + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }); +}); diff --git a/packages/aws-cdk/test/api/hotswap/hotswap-test-setup.ts b/packages/aws-cdk/test/api/hotswap/hotswap-test-setup.ts new file mode 100644 index 0000000000000..00d1a706a66e7 --- /dev/null +++ b/packages/aws-cdk/test/api/hotswap/hotswap-test-setup.ts @@ -0,0 +1,95 @@ +import * as cxapi from '@aws-cdk/cx-api'; +import { CloudFormation } from 'aws-sdk'; +import * as lambda from 'aws-sdk/clients/lambda'; +import * as stepfunctions from 'aws-sdk/clients/stepfunctions'; +import { DeployStackResult } from '../../../lib'; +import * as deployments from '../../../lib/api/hotswap-deployments'; +import { Template } from '../../../lib/api/util/cloudformation'; +import { testStack, TestStackArtifact } from '../../util'; +import { MockSdkProvider } from '../../util/mock-sdk'; +import { FakeCloudformationStack } from '../fake-cloudformation-stack'; + +const STACK_NAME = 'withouterrors'; +export const STACK_ID = 'stackId'; + +let cfnMockProvider: CfnMockProvider; +let currentCfnStack: FakeCloudformationStack; +const currentCfnStackResources: CloudFormation.StackResourceSummary[] = []; + +export function setupHotswapTests() { + jest.resetAllMocks(); + // clear the array + currentCfnStackResources.splice(0); + cfnMockProvider = new CfnMockProvider(); + currentCfnStack = new FakeCloudformationStack({ + stackName: STACK_NAME, + stackId: STACK_ID, + }); + + return cfnMockProvider; +} + +export function cdkStackArtifactOf(testStackArtifact: Partial = {}): cxapi.CloudFormationStackArtifact { + return testStack({ + stackName: STACK_NAME, + ...testStackArtifact, + }); +} + +export function pushStackResourceSummaries(...items: CloudFormation.StackResourceSummary[]) { + currentCfnStackResources.push(...items); +} + +export function setCurrentCfnStackTemplate(template: Template) { + currentCfnStack.setTemplate(template); +} + +export function stackSummaryOf(logicalId: string, resourceType: string, physicalResourceId: string): CloudFormation.StackResourceSummary { + return { + LogicalResourceId: logicalId, + PhysicalResourceId: physicalResourceId, + ResourceType: resourceType, + ResourceStatus: 'CREATE_COMPLETE', + LastUpdatedTimestamp: new Date(), + }; +} + +export class CfnMockProvider { + private mockSdkProvider: MockSdkProvider; + + constructor() { + this.mockSdkProvider = new MockSdkProvider({ realSdk: false }); + + this.mockSdkProvider.stubCloudFormation({ + listStackResources: ({ StackName: stackName }) => { + if (stackName !== STACK_NAME) { + throw new Error(`Expected Stack name in listStackResources() call to be: '${STACK_NAME}', but received: ${stackName}'`); + } + return { + StackResourceSummaries: currentCfnStackResources, + }; + }, + }); + } + + public setUpdateStateMachineMock(mockUpdateMachineDefinition: + (input: stepfunctions.UpdateStateMachineInput) => + stepfunctions.UpdateStateMachineOutput) { + this.mockSdkProvider.stubStepFunctions({ + updateStateMachine: mockUpdateMachineDefinition, + }); + } + + public setUpdateFunctionCodeMock(mockUpdateLambdaCode: (input: lambda.UpdateFunctionCodeRequest) => lambda.FunctionConfiguration) { + this.mockSdkProvider.stubLambda({ + updateFunctionCode: mockUpdateLambdaCode, + }); + } + + public tryHotswapDeployment( + stackArtifact: cxapi.CloudFormationStackArtifact, + assetParams: { [key: string]: string } = {}, + ): Promise { + return deployments.tryHotswapDeployment(this.mockSdkProvider, assetParams, currentCfnStack, stackArtifact); + } +} diff --git a/packages/aws-cdk/test/api/hotswap-deployments.test.ts b/packages/aws-cdk/test/api/hotswap/lambda-hotswap-deployments.test.ts similarity index 56% rename from packages/aws-cdk/test/api/hotswap-deployments.test.ts rename to packages/aws-cdk/test/api/hotswap/lambda-hotswap-deployments.test.ts index 5bb6ff8b7b466..1a81a8dc21ca8 100644 --- a/packages/aws-cdk/test/api/hotswap-deployments.test.ts +++ b/packages/aws-cdk/test/api/hotswap/lambda-hotswap-deployments.test.ts @@ -1,56 +1,18 @@ -import * as cxapi from '@aws-cdk/cx-api'; -import { CloudFormation, Lambda } from 'aws-sdk'; -import { tryHotswapDeployment } from '../../lib/api/hotswap-deployments'; -import { testStack, TestStackArtifact } from '../util'; -import { MockSdkProvider } from '../util/mock-sdk'; -import { FakeCloudformationStack } from './fake-cloudformation-stack'; +import { Lambda } from 'aws-sdk'; +import * as setup from './hotswap-test-setup'; -const STACK_NAME = 'withouterrors'; -const STACK_ID = 'stackId'; - -let mockSdkProvider: MockSdkProvider; let mockUpdateLambdaCode: (params: Lambda.Types.UpdateFunctionCodeRequest) => Lambda.Types.FunctionConfiguration; -let currentCfnStack: FakeCloudformationStack; -const currentCfnStackResources: CloudFormation.StackResourceSummary[] = []; +let cfnMockProvider: setup.CfnMockProvider; beforeEach(() => { - jest.resetAllMocks(); - mockSdkProvider = new MockSdkProvider({ realSdk: false }); + cfnMockProvider = setup.setupHotswapTests(); mockUpdateLambdaCode = jest.fn(); - mockSdkProvider.stubLambda({ - updateFunctionCode: mockUpdateLambdaCode, - }); - // clear the array - currentCfnStackResources.splice(0); - mockSdkProvider.stubCloudFormation({ - listStackResources: ({ StackName: stackName }) => { - if (stackName !== STACK_NAME) { - throw new Error(`Expected Stack name in listStackResources() call to be: '${STACK_NAME}', but received: ${stackName}'`); - } - return { - StackResourceSummaries: currentCfnStackResources, - }; - }, - }); - currentCfnStack = new FakeCloudformationStack({ - stackName: STACK_NAME, - stackId: STACK_ID, - }); -}); - -test('returns a deployStackResult with noOp=true when it receives an empty set of changes', async () => { - // WHEN - const deployStackResult = await tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifactOf()); - - // THEN - expect(deployStackResult).not.toBeUndefined(); - expect(deployStackResult?.noOp).toBeTruthy(); - expect(deployStackResult?.stackArn).toEqual(STACK_ID); + cfnMockProvider.setUpdateFunctionCodeMock(mockUpdateLambdaCode); }); -test('returns undefined when it a new Lambda function is added to the Stack', async () => { +test('returns undefined when a new Lambda function is added to the Stack', async () => { // GIVEN - const cdkStackArtifact = cdkStackArtifactOf({ + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Resources: { Func: { @@ -61,7 +23,7 @@ test('returns undefined when it a new Lambda function is added to the Stack', as }); // WHEN - const deployStackResult = await tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifact); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); // THEN expect(deployStackResult).toBeUndefined(); @@ -69,7 +31,7 @@ test('returns undefined when it a new Lambda function is added to the Stack', as test('calls the updateLambdaCode() API when it receives only a code difference in a Lambda function', async () => { // GIVEN - currentCfnStack.setTemplate({ + setup.setCurrentCfnStackTemplate({ Resources: { Func: { Type: 'AWS::Lambda::Function', @@ -86,7 +48,7 @@ test('calls the updateLambdaCode() API when it receives only a code difference i }, }, }); - const cdkStackArtifact = cdkStackArtifactOf({ + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Resources: { Func: { @@ -107,7 +69,7 @@ test('calls the updateLambdaCode() API when it receives only a code difference i }); // WHEN - const deployStackResult = await tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifact); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); // THEN expect(deployStackResult).not.toBeUndefined(); @@ -120,7 +82,7 @@ test('calls the updateLambdaCode() API when it receives only a code difference i test("correctly evaluates the function's name when it references a different resource from the template", async () => { // GIVEN - currentCfnStack.setTemplate({ + setup.setCurrentCfnStackTemplate({ Resources: { Bucket: { Type: 'AWS::S3::Bucket', @@ -146,8 +108,8 @@ test("correctly evaluates the function's name when it references a different res }, }, }); - currentCfnStackResources.push(stackSummaryOf('Bucket', 'AWS::S3::Bucket', 'mybucket')); - const cdkStackArtifact = cdkStackArtifactOf({ + setup.pushStackResourceSummaries(setup.stackSummaryOf('Bucket', 'AWS::S3::Bucket', 'mybucket')); + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Resources: { Bucket: { @@ -177,7 +139,7 @@ test("correctly evaluates the function's name when it references a different res }); // WHEN - const deployStackResult = await tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifact); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); // THEN expect(deployStackResult).not.toBeUndefined(); @@ -190,7 +152,7 @@ test("correctly evaluates the function's name when it references a different res test("correctly falls back to taking the function's name from the current stack if it can't evaluate it in the template", async () => { // GIVEN - currentCfnStack.setTemplate({ + setup.setCurrentCfnStackTemplate({ Parameters: { Param1: { Type: 'String' }, AssetBucketParam: { Type: 'String' }, @@ -211,8 +173,8 @@ test("correctly falls back to taking the function's name from the current stack }, }, }); - currentCfnStackResources.push(stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-function')); - const cdkStackArtifact = cdkStackArtifactOf({ + setup.pushStackResourceSummaries(setup.stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-function')); + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Parameters: { Param1: { Type: 'String' }, @@ -237,9 +199,7 @@ test("correctly falls back to taking the function's name from the current stack }); // WHEN - const deployStackResult = await tryHotswapDeployment(mockSdkProvider, { - AssetBucketParam: 'asset-bucket', - }, currentCfnStack, cdkStackArtifact); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact, { AssetBucketParam: 'asset-bucket' }); // THEN expect(deployStackResult).not.toBeUndefined(); @@ -252,7 +212,7 @@ test("correctly falls back to taking the function's name from the current stack test("will not perform a hotswap deployment if it cannot find a Ref target (outside the function's name)", async () => { // GIVEN - currentCfnStack.setTemplate({ + setup.setCurrentCfnStackTemplate({ Parameters: { Param1: { Type: 'String' }, }, @@ -271,8 +231,8 @@ test("will not perform a hotswap deployment if it cannot find a Ref target (outs }, }, }); - currentCfnStackResources.push(stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-func')); - const cdkStackArtifact = cdkStackArtifactOf({ + setup.pushStackResourceSummaries(setup.stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-func')); + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Parameters: { Param1: { Type: 'String' }, @@ -296,13 +256,13 @@ test("will not perform a hotswap deployment if it cannot find a Ref target (outs // THEN await expect(() => - tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifact), + cfnMockProvider.tryHotswapDeployment(cdkStackArtifact), ).rejects.toThrow(/Parameter or resource 'Param1' could not be found for evaluation/); }); test("will not perform a hotswap deployment if it doesn't know how to handle a specific attribute (outside the function's name)", async () => { // GIVEN - currentCfnStack.setTemplate({ + setup.setCurrentCfnStackTemplate({ Resources: { Bucket: { Type: 'AWS::S3::Bucket', @@ -321,11 +281,11 @@ test("will not perform a hotswap deployment if it doesn't know how to handle a s }, }, }); - currentCfnStackResources.push( - stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-func'), - stackSummaryOf('Bucket', 'AWS::S3::Bucket', 'my-bucket'), + setup.pushStackResourceSummaries( + setup.stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-func'), + setup.stackSummaryOf('Bucket', 'AWS::S3::Bucket', 'my-bucket'), ); - const cdkStackArtifact = cdkStackArtifactOf({ + const cdkStackArtifact = setup.cdkStackArtifactOf({ template: { Resources: { Bucket: { @@ -349,23 +309,142 @@ test("will not perform a hotswap deployment if it doesn't know how to handle a s // THEN await expect(() => - tryHotswapDeployment(mockSdkProvider, {}, currentCfnStack, cdkStackArtifact), + cfnMockProvider.tryHotswapDeployment(cdkStackArtifact), ).rejects.toThrow("We don't support the 'UnknownAttribute' attribute of the 'AWS::S3::Bucket' resource. This is a CDK limitation. Please report it at https://github.com/aws/aws-cdk/issues/new/choose"); }); -function cdkStackArtifactOf(testStackArtifact: Partial = {}): cxapi.CloudFormationStackArtifact { - return testStack({ - stackName: STACK_NAME, - ...testStackArtifact, +test('calls the updateLambdaCode() API when it receives a code difference in a Lambda function with no name', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + }, + Metadata: { + 'aws:asset:path': 'current-path', + }, + }, + }, }); -} + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }, + }, + Metadata: { + 'aws:asset:path': 'current-path', + }, + }, + }, + }, + }); + + // WHEN + setup.pushStackResourceSummaries(setup.stackSummaryOf('Func', 'AWS::Lambda::Function', 'mock-function-resource-id')); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateLambdaCode).toHaveBeenCalledWith({ + FunctionName: 'mock-function-resource-id', + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }); +}); -function stackSummaryOf(logicalId: string, resourceType: string, physicalResourceId: string): CloudFormation.StackResourceSummary { - return { - LogicalResourceId: logicalId, - PhysicalResourceId: physicalResourceId, - ResourceType: resourceType, - ResourceStatus: 'CREATE_COMPLETE', - LastUpdatedTimestamp: new Date(), - }; -} +test('does not call the updateLambdaCode() API when it receives a change that is not a code difference in a Lambda function', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + PackageType: 'Zip', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + PackageType: 'Image', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); + +test('does not call the updateLambdaCode() API when a resource with type that is not AWS::Lambda::Function but has the same properties is changed', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::NotLambda::NotAFunction', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'current-key', + }, + }, + Metadata: { + 'aws:asset:path': 'old-path', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::NotLambda::NotAFunction', + Properties: { + Code: { + S3Bucket: 'current-bucket', + S3Key: 'new-key', + }, + }, + Metadata: { + 'aws:asset:path': 'old-path', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateLambdaCode).not.toHaveBeenCalled(); +}); diff --git a/packages/aws-cdk/test/api/hotswap/state-machine-hotswap-deployments.test.ts b/packages/aws-cdk/test/api/hotswap/state-machine-hotswap-deployments.test.ts new file mode 100644 index 0000000000000..5ece4a3621c38 --- /dev/null +++ b/packages/aws-cdk/test/api/hotswap/state-machine-hotswap-deployments.test.ts @@ -0,0 +1,483 @@ +import { StepFunctions } from 'aws-sdk'; +import * as setup from './hotswap-test-setup'; + +let mockUpdateMachineDefinition: (params: StepFunctions.Types.UpdateStateMachineInput) => StepFunctions.Types.UpdateStateMachineOutput; +let cfnMockProvider: setup.CfnMockProvider; + +beforeEach(() => { + cfnMockProvider = setup.setupHotswapTests(); + mockUpdateMachineDefinition = jest.fn(); + cfnMockProvider.setUpdateStateMachineMock(mockUpdateMachineDefinition); +}); + +test('returns undefined when a new StateMachine is added to the Stack', async () => { + // GIVEN + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); +}); + +test('calls the updateStateMachine() API when it receives only a definitionString change without Fn::Join in a state machine', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ Prop: "old-value" }', + StateMachineName: 'my-machine', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ Prop: "new-value" }', + StateMachineName: 'my-machine', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateMachineDefinition).toHaveBeenCalledWith({ + definition: '{ Prop: "new-value" }', + stateMachineArn: 'my-machine', + }); +}); + +test('calls the updateStateMachine() API when it receives only a definitionString change with Fn::Join in a state machine', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '\n', + [ + '{', + ' "StartAt" : "SuccessState"', + ' "States" : {', + ' "SuccessState": {', + ' "Type": "Pass"', + ' "Result": "Success"', + ' "End": true', + ' }', + ' }', + '}', + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '\n', + [ + '{', + ' "StartAt": "SuccessState",', + ' "States": {', + ' "SuccessState": {', + ' "Type": "Succeed"', + ' }', + ' }', + '}', + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateMachineDefinition).toHaveBeenCalledWith({ + definition: JSON.stringify({ + StartAt: 'SuccessState', + States: { + SuccessState: { + Type: 'Succeed', + }, + }, + }, null, 2), + stateMachineArn: 'my-machine', + }); +}); + +test('calls the updateStateMachine() API when it receives a change to the definitionString in a state machine that has no name', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ "Prop" : "old-value" }', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ "Prop" : "new-value" }', + }, + }, + }, + }, + }); + + // WHEN + setup.pushStackResourceSummaries(setup.stackSummaryOf('Machine', 'AWS::StepFunctions::StateMachine', 'mock-machine-resource-id')); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateMachineDefinition).toHaveBeenCalledWith({ + definition: '{ "Prop" : "new-value" }', + stateMachineArn: 'mock-machine-resource-id', // the sdk will convert the ID to the arn in a production environment + }); +}); + +test('does not call the updateStateMachine() API when it receives a change to a property that is not the definitionString in a state machine', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ "Prop" : "old-value" }', + LoggingConfiguration: { // non-definitionString property + IncludeExecutionData: true, + }, + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: '{ "Prop" : "new-value" }', + LoggingConfiguration: { + IncludeExecutionData: false, + }, + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); +}); + +test('does not call the updateStateMachine() API when a resource has a DefinitionString property but is not an AWS::StepFunctions::StateMachine is changed', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Machine: { + Type: 'AWS::NotStepFunctions::NotStateMachine', + Properties: { + DefinitionString: '{ Prop: "old-value" }', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Machine: { + Type: 'AWS::NotStepFunctions::NotStateMachine', + Properties: { + DefinitionString: '{ Prop: "new-value" }', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).toBeUndefined(); + expect(mockUpdateMachineDefinition).not.toHaveBeenCalled(); +}); + +test('can correctly hotswap old style synth changes', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Parameters: { AssetParam1: { Type: 'String' } }, + Resources: { + SM: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { Ref: 'AssetParam1' }, + StateMachineName: 'machine-name', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Parameters: { AssetParam2: { Type: String } }, + Resources: { + SM: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { Ref: 'AssetParam2' }, + StateMachineName: 'machine-name', + }, + }, + }, + }, + }); + + // WHEN + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact, { AssetParam2: 'asset-param-2' }); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateMachineDefinition).toHaveBeenCalledWith({ + definition: 'asset-param-2', + stateMachineArn: 'machine-name', + }); +}); + +test('calls the updateStateMachine() API when it receives a change to the definitionString that uses Attributes in a state machine', async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + }, + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '\n', + [ + '{', + ' "StartAt" : "SuccessState"', + ' "States" : {', + ' "SuccessState": {', + ' "Type": "Succeed"', + ' }', + ' }', + '}', + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Func: { + Type: 'AWS::Lambda::Function', + }, + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '', + [ + '"Resource": ', + { 'Fn::GetAtt': ['Func', 'Arn'] }, + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }, + }); + + // WHEN + setup.pushStackResourceSummaries( + setup.stackSummaryOf('Machine', 'AWS::StepFunctions::StateMachine', 'mock-machine-resource-id'), + setup.stackSummaryOf('Func', 'AWS::Lambda::Function', 'my-func'), + ); + const deployStackResult = await cfnMockProvider.tryHotswapDeployment(cdkStackArtifact); + + // THEN + expect(deployStackResult).not.toBeUndefined(); + expect(mockUpdateMachineDefinition).toHaveBeenCalledWith({ + definition: '"Resource": arn:aws:lambda:here:123456789012:function:my-func', + stateMachineArn: 'my-machine', + }); +}); + +test("will not perform a hotswap deployment if it cannot find a Ref target (outside the state machine's name)", async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Parameters: { + Param1: { Type: 'String' }, + }, + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '', + [ + '{ Prop: "old-value" }, ', + '{ "Param" : ', + { 'Fn::Sub': '${Param1}' }, + ' }', + ], + ], + }, + }, + }, + }, + }); + setup.pushStackResourceSummaries(setup.stackSummaryOf('Machine', 'AWS::StepFunctions::StateMachine', 'my-machine')); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Parameters: { + Param1: { Type: 'String' }, + }, + Resources: { + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '', + [ + '{ Prop: "new-value" }, ', + '{ "Param" : ', + { 'Fn::Sub': '${Param1}' }, + ' }', + ], + ], + }, + }, + }, + }, + }, + }); + + // THEN + await expect(() => + cfnMockProvider.tryHotswapDeployment(cdkStackArtifact), + ).rejects.toThrow(/Parameter or resource 'Param1' could not be found for evaluation/); +}); + +test("will not perform a hotswap deployment if it doesn't know how to handle a specific attribute (outside the state machines's name)", async () => { + // GIVEN + setup.setCurrentCfnStackTemplate({ + Resources: { + Bucket: { + Type: 'AWS::S3::Bucket', + }, + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '', + [ + '{ Prop: "old-value" }, ', + '{ "S3Bucket" : ', + { 'Fn::GetAtt': ['Bucket', 'UnknownAttribute'] }, + ' }', + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }); + setup.pushStackResourceSummaries( + setup.stackSummaryOf('Machine', 'AWS::StepFunctions::StateMachine', 'my-machine'), + setup.stackSummaryOf('Bucket', 'AWS::S3::Bucket', 'my-bucket'), + ); + const cdkStackArtifact = setup.cdkStackArtifactOf({ + template: { + Resources: { + Bucket: { + Type: 'AWS::Lambda::Function', + }, + Machine: { + Type: 'AWS::StepFunctions::StateMachine', + Properties: { + DefinitionString: { + 'Fn::Join': [ + '', + [ + '{ Prop: "new-value" }, ', + '{ "S3Bucket" : ', + { 'Fn::GetAtt': ['Bucket', 'UnknownAttribute'] }, + ' }', + ], + ], + }, + StateMachineName: 'my-machine', + }, + }, + }, + }, + }); + + // THEN + await expect(() => + cfnMockProvider.tryHotswapDeployment(cdkStackArtifact), + ).rejects.toThrow("We don't support the 'UnknownAttribute' attribute of the 'AWS::S3::Bucket' resource. This is a CDK limitation. Please report it at https://github.com/aws/aws-cdk/issues/new/choose"); +}); diff --git a/packages/aws-cdk/test/util/mock-sdk.ts b/packages/aws-cdk/test/util/mock-sdk.ts index 19ab5ae3cc9f5..c6075853c78ba 100644 --- a/packages/aws-cdk/test/util/mock-sdk.ts +++ b/packages/aws-cdk/test/util/mock-sdk.ts @@ -101,6 +101,10 @@ export class MockSdkProvider extends SdkProvider { public stubLambda(stubs: SyncHandlerSubsetOf) { (this.sdk as any).lambda = jest.fn().mockReturnValue(partialAwsService(stubs)); } + + public stubStepFunctions(stubs: SyncHandlerSubsetOf) { + (this.sdk as any).stepFunctions = jest.fn().mockReturnValue(partialAwsService(stubs)); + } } export class MockSdk implements ISDK { @@ -115,6 +119,7 @@ export class MockSdk implements ISDK { public readonly elbv2 = jest.fn(); public readonly secretsManager = jest.fn(); public readonly kms = jest.fn(); + public readonly stepFunctions = jest.fn(); public currentAccount(): Promise { return Promise.resolve({ accountId: '123456789012', partition: 'aws' });