diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json index 81d460672e410..8bbe077289ad2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "38.0.1", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.assets.json index f2dd96c81a800..16b9ed6375e38 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.assets.json @@ -1,7 +1,7 @@ { - "version": "31.0.0", + "version": "38.0.1", "files": { - "d737b02c2791946e8c85b164fcf9b8853f5f29f5ba2839eecf03d7130d58ee17": { + "a83c04aa3d13aae337040b2062567727e3c7b177081dda963df9493e460f7a58": { "source": { "path": "Stack1.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d737b02c2791946e8c85b164fcf9b8853f5f29f5ba2839eecf03d7130d58ee17.json", + "objectKey": "a83c04aa3d13aae337040b2062567727e3c7b177081dda963df9493e460f7a58.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.template.json index 1d00c191ae091..84fdb041ee73e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/Stack1.template.json @@ -37,13 +37,13 @@ "Code": { "ZipFile": "def handler(event, context):\n return \"success\"" }, + "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "IamAuthFunctionUrlsServiceRole35DF9DE0", "Arn" ] }, - "Handler": "index.handler", "Runtime": "python3.10" }, "DependsOn": [ @@ -99,13 +99,13 @@ "Code": { "ZipFile": "def handler(event, context):\n return \"success\"" }, + "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "NoAuthFunctionUrlsServiceRole7247E6F2", "Arn" ] }, - "Handler": "index.handler", "Runtime": "python3.10" }, "DependsOn": [ @@ -134,8 +134,8 @@ "Arn" ] }, - "Principal": "*", - "FunctionUrlAuthType": "NONE" + "FunctionUrlAuthType": "NONE", + "Principal": "*" } }, "CorsFunctionUrlsServiceRole6227B597": { @@ -175,13 +175,13 @@ "Code": { "ZipFile": "def handler(event, context):\n return \"success\"" }, + "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "CorsFunctionUrlsServiceRole6227B597", "Arn" ] }, - "Handler": "index.handler", "Runtime": "python3.10" }, "DependsOn": [ @@ -192,12 +192,6 @@ "Type": "AWS::Lambda::Url", "Properties": { "AuthType": "NONE", - "TargetFunctionArn": { - "Fn::GetAtt": [ - "CorsFunctionUrlsD81CF424", - "Arn" - ] - }, "Cors": { "AllowMethods": [ "*" @@ -205,6 +199,12 @@ "AllowOrigins": [ "https://example.com" ] + }, + "TargetFunctionArn": { + "Fn::GetAtt": [ + "CorsFunctionUrlsD81CF424", + "Arn" + ] } } }, @@ -218,8 +218,8 @@ "Arn" ] }, - "Principal": "*", - "FunctionUrlAuthType": "NONE" + "FunctionUrlAuthType": "NONE", + "Principal": "*" } }, "StreamFunctionUrlsServiceRoleAF76EC5D": { @@ -259,13 +259,13 @@ "Code": { "ZipFile": "def handler(event, context):\n return \"success\"" }, + "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "StreamFunctionUrlsServiceRoleAF76EC5D", "Arn" ] }, - "Handler": "index.handler", "Runtime": "python3.10" }, "DependsOn": [ @@ -276,13 +276,13 @@ "Type": "AWS::Lambda::Url", "Properties": { "AuthType": "NONE", + "InvokeMode": "RESPONSE_STREAM", "TargetFunctionArn": { "Fn::GetAtt": [ "StreamFunctionUrlsAAB55C9C", "Arn" ] - }, - "InvokeMode": "RESPONSE_STREAM" + } } }, "StreamFunctionUrlsinvokefunctionurl4FD8689D": { @@ -295,8 +295,8 @@ "Arn" ] }, - "Principal": "*", - "FunctionUrlAuthType": "NONE" + "FunctionUrlAuthType": "NONE", + "Principal": "*" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/cdk.out index 7925065efbcc4..c6e612584e352 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"38.0.1"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/integ.json index af28900b46c4e..4de529c8a139a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "38.0.1", "testCases": { "IntegTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/manifest.json index ae8f2a8887315..b1f4b3c3087af 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "38.0.1", "artifacts": { "Stack1.assets": { "type": "cdk:asset-manifest", @@ -14,10 +14,12 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "Stack1.template.json", + "terminationProtection": false, "validateOnSynth": false, + "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d737b02c2791946e8c85b164fcf9b8853f5f29f5ba2839eecf03d7130d58ee17.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a83c04aa3d13aae337040b2062567727e3c7b177081dda963df9493e460f7a58.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -175,7 +177,9 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "IntegTestDefaultTestDeployAssertE3E7D2A4.template.json", + "terminationProtection": false, "validateOnSynth": false, + "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/tree.json index 7edd345204eec..4cc480c2d3d34 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.function-url.js.snapshot/tree.json @@ -78,13 +78,13 @@ "code": { "zipFile": "def handler(event, context):\n return \"success\"" }, + "handler": "index.handler", "role": { "Fn::GetAtt": [ "IamAuthFunctionUrlsServiceRole35DF9DE0", "Arn" ] }, - "handler": "index.handler", "runtime": "python3.10" } }, @@ -207,13 +207,13 @@ "code": { "zipFile": "def handler(event, context):\n return \"success\"" }, + "handler": "index.handler", "role": { "Fn::GetAtt": [ "NoAuthFunctionUrlsServiceRole7247E6F2", "Arn" ] }, - "handler": "index.handler", "runtime": "python3.10" } }, @@ -265,8 +265,8 @@ "Arn" ] }, - "principal": "*", - "functionUrlAuthType": "NONE" + "functionUrlAuthType": "NONE", + "principal": "*" } }, "constructInfo": { @@ -358,13 +358,13 @@ "code": { "zipFile": "def handler(event, context):\n return \"success\"" }, + "handler": "index.handler", "role": { "Fn::GetAtt": [ "CorsFunctionUrlsServiceRole6227B597", "Arn" ] }, - "handler": "index.handler", "runtime": "python3.10" } }, @@ -384,12 +384,6 @@ "aws:cdk:cloudformation:type": "AWS::Lambda::Url", "aws:cdk:cloudformation:props": { "authType": "NONE", - "targetFunctionArn": { - "Fn::GetAtt": [ - "CorsFunctionUrlsD81CF424", - "Arn" - ] - }, "cors": { "allowMethods": [ "*" @@ -397,6 +391,12 @@ "allowOrigins": [ "https://example.com" ] + }, + "targetFunctionArn": { + "Fn::GetAtt": [ + "CorsFunctionUrlsD81CF424", + "Arn" + ] } } }, @@ -424,8 +424,8 @@ "Arn" ] }, - "principal": "*", - "functionUrlAuthType": "NONE" + "functionUrlAuthType": "NONE", + "principal": "*" } }, "constructInfo": { @@ -517,13 +517,13 @@ "code": { "zipFile": "def handler(event, context):\n return \"success\"" }, + "handler": "index.handler", "role": { "Fn::GetAtt": [ "StreamFunctionUrlsServiceRoleAF76EC5D", "Arn" ] }, - "handler": "index.handler", "runtime": "python3.10" } }, @@ -543,13 +543,13 @@ "aws:cdk:cloudformation:type": "AWS::Lambda::Url", "aws:cdk:cloudformation:props": { "authType": "NONE", + "invokeMode": "RESPONSE_STREAM", "targetFunctionArn": { "Fn::GetAtt": [ "StreamFunctionUrlsAAB55C9C", "Arn" ] - }, - "invokeMode": "RESPONSE_STREAM" + } } }, "constructInfo": { @@ -576,8 +576,8 @@ "Arn" ] }, - "principal": "*", - "functionUrlAuthType": "NONE" + "functionUrlAuthType": "NONE", + "principal": "*" } }, "constructInfo": { @@ -634,7 +634,7 @@ "path": "IntegTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -680,7 +680,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, diff --git a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts index 63924c0186c37..560f1bc7d37a8 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts @@ -548,6 +548,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ public static readonly S3_OUTPOSTS = new InterfaceVpcEndpointAwsService('s3-outposts'); public static readonly S3_MULTI_REGION_ACCESS_POINTS = new InterfaceVpcEndpointAwsService('s3-global.accesspoint', 'com.amazonaws', undefined, { global: true }); public static readonly SAGEMAKER_API = new InterfaceVpcEndpointAwsService('sagemaker.api'); + public static readonly SAGEMAKER_EXPERIMENTS = new InterfaceVpcEndpointAwsService('experiments', 'aws.sagemaker'); public static readonly SAGEMAKER_FEATURESTORE_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.featurestore-runtime'); public static readonly SAGEMAKER_GEOSPATIAL = new InterfaceVpcEndpointAwsService('sagemaker-geospatial'); public static readonly SAGEMAKER_METRICS = new InterfaceVpcEndpointAwsService('sagemaker.metrics'); diff --git a/packages/aws-cdk-lib/aws-lambda/lib/function-url.ts b/packages/aws-cdk-lib/aws-lambda/lib/function-url.ts index bed33ec8bae4f..8053c11c265cb 100644 --- a/packages/aws-cdk-lib/aws-lambda/lib/function-url.ts +++ b/packages/aws-cdk-lib/aws-lambda/lib/function-url.ts @@ -202,6 +202,11 @@ export class FunctionUrl extends Resource implements IFunctionUrl { */ public readonly functionArn: string; + /** + * The authentication type used for this Function URL + */ + public readonly authType: FunctionUrlAuthType; + private readonly function: IFunction; constructor(scope: Construct, id: string, props: FunctionUrlProps) { @@ -217,8 +222,10 @@ export class FunctionUrl extends Resource implements IFunctionUrl { ? { targetFunction: props.function.version.lambda, alias: props.function } : { targetFunction: props.function, alias: undefined }; + this.authType = props.authType ?? FunctionUrlAuthType.AWS_IAM; + const resource: CfnUrl = new CfnUrl(this, 'Resource', { - authType: props.authType ?? FunctionUrlAuthType.AWS_IAM, + authType: this.authType, cors: props.cors ? this.renderCors(props.cors) : undefined, invokeMode: props.invokeMode, targetFunctionArn: targetFunction.functionArn, diff --git a/packages/aws-cdk-lib/aws-lambda/test/function-url.test.ts b/packages/aws-cdk-lib/aws-lambda/test/function-url.test.ts index 048fcea4fa1fa..699ad7ff232fc 100644 --- a/packages/aws-cdk-lib/aws-lambda/test/function-url.test.ts +++ b/packages/aws-cdk-lib/aws-lambda/test/function-url.test.ts @@ -231,11 +231,13 @@ describe('FunctionUrl', () => { }); // WHEN - fn.addFunctionUrl({ + const fnUrl = fn.addFunctionUrl({ authType: lambda.FunctionUrlAuthType.NONE, invokeMode: lambda.InvokeMode.BUFFERED, }); + expect(fnUrl.authType).toBe(lambda.FunctionUrlAuthType.NONE); + // THEN Template.fromStack(stack).hasResource('AWS::Lambda::Url', { Properties: {