diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 42c6427330b45..dab556bf17858 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.157.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.156.0-alpha.0...v2.157.0-alpha.0) (2024-09-09) + ## [2.156.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.155.0-alpha.0...v2.156.0-alpha.0) (2024-09-05) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 9fb346efbade0..598e29dc63723 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.157.0](https://github.com/aws/aws-cdk/compare/v2.156.0...v2.157.0) (2024-09-09) + + +### Features + +* update L1 CloudFormation resource definitions ([#31361](https://github.com/aws/aws-cdk/issues/31361)) ([bc4dbfd](https://github.com/aws/aws-cdk/commit/bc4dbfdb05a1fe02d30c4724958d09f239a3656f)) +* **appsync:** support DEBUG and INFO logging levels for AppSync GraphQL APIs ([#31326](https://github.com/aws/aws-cdk/issues/31326)) ([4b9643f](https://github.com/aws/aws-cdk/commit/4b9643f28edc2c530809931ccd7a17a811891af2)) +* **lambda:** added new property allowAllIpv6Outbound to FunctionOptions ([#31013](https://github.com/aws/aws-cdk/issues/31013)) ([fa55194](https://github.com/aws/aws-cdk/commit/fa55194698960b9161590e05cf1138a813315615)), closes [#30994](https://github.com/aws/aws-cdk/issues/30994) + + +### Bug Fixes + +* **rds:** proxy target group does not depend on database instances when using writer property for database cluster ([#31354](https://github.com/aws/aws-cdk/issues/31354)) ([6542207](https://github.com/aws/aws-cdk/commit/65422077123fa5870106e29594b8f0392484da3f)), closes [#31304](https://github.com/aws/aws-cdk/issues/31304) [/github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/proxy.ts#L535-L539](https://github.com/aws//github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/proxy.ts/issues/L535-L539) + ## [2.156.0](https://github.com/aws/aws-cdk/compare/v2.155.0...v2.156.0) (2024-09-05) diff --git a/packages/@aws-cdk/aws-iot-alpha/README.md b/packages/@aws-cdk/aws-iot-alpha/README.md index 5358794bf22f6..4ec5ccb38e93d 100644 --- a/packages/@aws-cdk/aws-iot-alpha/README.md +++ b/packages/@aws-cdk/aws-iot-alpha/README.md @@ -77,3 +77,17 @@ new iot.TopicRule(this, 'TopicRule', { ``` See also [@aws-cdk/aws-iot-actions-alpha](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-iot-actions-alpha-readme.html) for other actions. + +## Logging + +AWS IoT provides a [logging feature](https://docs.aws.amazon.com/iot/latest/developerguide/configure-logging.html) that allows you to monitor and log AWS IoT activity. + +You can enable IoT logging with the following code: + +```ts +new iot.Logging(this, 'Logging', { + logLevel: iot.LogLevel.INFO, +}); +``` + +**Note**: All logs are forwarded to the `AWSIotLogsV2` log group in CloudWatch. diff --git a/packages/@aws-cdk/aws-iot-alpha/awslint.json b/packages/@aws-cdk/aws-iot-alpha/awslint.json index 0081c0e9b801a..e800657e60d35 100644 --- a/packages/@aws-cdk/aws-iot-alpha/awslint.json +++ b/packages/@aws-cdk/aws-iot-alpha/awslint.json @@ -1,5 +1,6 @@ { "exclude": [ - "no-unused-type:@aws-cdk/aws-iot-alpha.ActionConfig" + "no-unused-type:@aws-cdk/aws-iot-alpha.ActionConfig", + "props-physical-name:@aws-cdk/aws-iot-alpha.LoggingProps" ] } diff --git a/packages/@aws-cdk/aws-iot-alpha/lib/index.ts b/packages/@aws-cdk/aws-iot-alpha/lib/index.ts index eb9fd6bcb0899..727f9fa956d58 100644 --- a/packages/@aws-cdk/aws-iot-alpha/lib/index.ts +++ b/packages/@aws-cdk/aws-iot-alpha/lib/index.ts @@ -1,5 +1,6 @@ export * from './action'; export * from './iot-sql'; +export * from './logging'; export * from './topic-rule'; // AWS::IoT CloudFormation Resources: diff --git a/packages/@aws-cdk/aws-iot-alpha/lib/logging.ts b/packages/@aws-cdk/aws-iot-alpha/lib/logging.ts new file mode 100644 index 0000000000000..5df5afff1276c --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/lib/logging.ts @@ -0,0 +1,140 @@ +import { Resource, Stack, IResource } from 'aws-cdk-lib/core'; +import { Construct } from 'constructs'; +import * as iot from 'aws-cdk-lib/aws-iot'; +import * as iam from 'aws-cdk-lib/aws-iam'; + +/** + * Represents AWS IoT Logging + */ +export interface ILogging extends IResource { + /** + * The log ID + * @attribute + */ + readonly logId: string; +} + +/** + * The log level for the AWS IoT Logging + */ +export enum LogLevel { + /** + * Any error that causes an operation to fail + * + * Logs include ERROR information only + */ + ERROR = 'ERROR', + + /** + * Anything that can potentially cause inconsistencies in the system, but might not cause the operation to fail + * + * Logs include ERROR and WARN information + */ + WARN = 'WARN', + + /** + * High-level information about the flow of things + * + * Logs include INFO, ERROR, and WARN information + */ + INFO = 'INFO', + + /** + * Information that might be helpful when debugging a problem + * + * Logs include DEBUG, INFO, ERROR, and WARN information + */ + DEBUG = 'DEBUG', + + /** + * All logging is disabled + */ + DISABLED = 'DISABLED', +} + +/** + * Properties for defining AWS IoT Logging + */ +export interface LoggingProps { + /** + * The log level for the AWS IoT Logging + * + * @default LogLevel.ERROR + */ + readonly logLevel?: LogLevel; +} + +/** + * Defines AWS IoT Logging + */ +export class Logging extends Resource implements ILogging { + /** + * Import an existing AWS IoT Logging + * + * @param scope The parent creating construct (usually `this`) + * @param id The construct's name + * @param logId AWS IoT Logging ID + */ + public static fromLogId(scope: Construct, id: string, logId: string): ILogging { + class Import extends Resource implements ILogging { + public readonly logId = logId; + } + return new Import(scope, id); + } + + /** + * The logging ID + * @attribute + */ + public readonly logId: string; + + constructor(scope: Construct, id: string, props?: LoggingProps) { + super(scope, id); + + const accountId = Stack.of(this).account; + + // Create a role for logging + // https://docs.aws.amazon.com/iot/latest/developerguide/configure-logging.html#configure-logging-role-and-policy + const role = new iam.Role(this, 'Role', { + assumedBy: new iam.ServicePrincipal('iot.amazonaws.com'), + inlinePolicies: { + LoggingPolicy: new iam.PolicyDocument({ + statements: [ + new iam.PolicyStatement({ + actions: [ + 'logs:CreateLogGroup', + 'logs:CreateLogStream', + 'logs:PutLogEvents', + 'logs:PutMetricFilter', + 'logs:PutRetentionPolicy', + 'iot:GetLoggingOptions', + 'iot:SetLoggingOptions', + 'iot:SetV2LoggingOptions', + 'iot:GetV2LoggingOptions', + 'iot:SetV2LoggingLevel', + 'iot:ListV2LoggingLevels', + 'iot:DeleteV2LoggingLevel', + ], + resources: [ + Stack.of(this).formatArn({ + service: 'logs', + resource: 'log-group', + sep: ':', + resourceName: 'AWSIotLogsV2:*', + }), + ], + }), + ], + }), + }, + }); + + const resource = new iot.CfnLogging(this, 'Resource', { + accountId, + defaultLogLevel: props?.logLevel ?? LogLevel.ERROR, + roleArn: role.roleArn, + }); + + this.logId = resource.ref; + } +} diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets.json new file mode 100644 index 0000000000000..4dda43abc7b6c --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.template.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestDefaultTestDeployAssertB1DE3CEF.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.assets.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.assets.json new file mode 100644 index 0000000000000..24ca7bc8f73fe --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.5", + "files": { + "80dad952a80add47db0c2defb1b49d40b8df265a05c17078bd78e294d48618f5": { + "source": { + "path": "IotLoggingTestStack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "80dad952a80add47db0c2defb1b49d40b8df265a05c17078bd78e294d48618f5.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.template.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.template.json new file mode 100644 index 0000000000000..74027cc5f1906 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/IotLoggingTestStack.template.json @@ -0,0 +1,117 @@ +{ + "Resources": { + "LoggingRoleF8CB8FA1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "iot:DeleteV2LoggingLevel", + "iot:GetLoggingOptions", + "iot:GetV2LoggingOptions", + "iot:ListV2LoggingLevels", + "iot:SetLoggingOptions", + "iot:SetV2LoggingLevel", + "iot:SetV2LoggingOptions", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents", + "logs:PutMetricFilter", + "logs:PutRetentionPolicy" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:AWSIotLogsV2:*" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "LoggingPolicy" + } + ] + } + }, + "Logging019093B9": { + "Type": "AWS::IoT::Logging", + "Properties": { + "AccountId": { + "Ref": "AWS::AccountId" + }, + "DefaultLogLevel": "DEBUG", + "RoleArn": { + "Fn::GetAtt": [ + "LoggingRoleF8CB8FA1", + "Arn" + ] + } + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/cdk.out b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/cdk.out new file mode 100644 index 0000000000000..bd5311dc372de --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.5"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/integ.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/integ.json new file mode 100644 index 0000000000000..10083c25d0703 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.5", + "testCases": { + "IotLoggingTest/DefaultTest": { + "stacks": [ + "IotLoggingTestStack" + ], + "assertionStack": "IotLoggingTest/DefaultTest/DeployAssert", + "assertionStackName": "IotLoggingTestDefaultTestDeployAssertB1DE3CEF" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/manifest.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/manifest.json new file mode 100644 index 0000000000000..17f8892ba9c29 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "36.0.5", + "artifacts": { + "IotLoggingTestStack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IotLoggingTestStack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IotLoggingTestStack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IotLoggingTestStack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/80dad952a80add47db0c2defb1b49d40b8df265a05c17078bd78e294d48618f5.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IotLoggingTestStack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IotLoggingTestStack.assets" + ], + "metadata": { + "/IotLoggingTestStack/Logging/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LoggingRoleF8CB8FA1" + } + ], + "/IotLoggingTestStack/Logging/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Logging019093B9" + } + ], + "/IotLoggingTestStack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/IotLoggingTestStack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "IotLoggingTestStack" + }, + "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IotLoggingTestDefaultTestDeployAssertB1DE3CEF": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IotLoggingTestDefaultTestDeployAssertB1DE3CEF.assets" + ], + "metadata": { + "/IotLoggingTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/IotLoggingTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "IotLoggingTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/tree.json b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/tree.json new file mode 100644 index 0000000000000..2208d4ab90bc6 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.js.snapshot/tree.json @@ -0,0 +1,224 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "IotLoggingTestStack": { + "id": "IotLoggingTestStack", + "path": "IotLoggingTestStack", + "children": { + "Logging": { + "id": "Logging", + "path": "IotLoggingTestStack/Logging", + "children": { + "Role": { + "id": "Role", + "path": "IotLoggingTestStack/Logging/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "IotLoggingTestStack/Logging/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "IotLoggingTestStack/Logging/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "iot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "policies": [ + { + "policyName": "LoggingPolicy", + "policyDocument": { + "Statement": [ + { + "Action": [ + "iot:DeleteV2LoggingLevel", + "iot:GetLoggingOptions", + "iot:GetV2LoggingOptions", + "iot:ListV2LoggingLevels", + "iot:SetLoggingOptions", + "iot:SetV2LoggingLevel", + "iot:SetV2LoggingOptions", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents", + "logs:PutMetricFilter", + "logs:PutRetentionPolicy" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":logs:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":log-group:AWSIotLogsV2:*" + ] + ] + } + } + ], + "Version": "2012-10-17" + } + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "IotLoggingTestStack/Logging/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IoT::Logging", + "aws:cdk:cloudformation:props": { + "accountId": { + "Ref": "AWS::AccountId" + }, + "defaultLogLevel": "DEBUG", + "roleArn": { + "Fn::GetAtt": [ + "LoggingRoleF8CB8FA1", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iot.CfnLogging", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iot-alpha.Logging", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "IotLoggingTestStack/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "IotLoggingTestStack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "IotLoggingTest": { + "id": "IotLoggingTest", + "path": "IotLoggingTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "IotLoggingTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "IotLoggingTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "IotLoggingTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "IotLoggingTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "IotLoggingTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.ts b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.ts new file mode 100644 index 0000000000000..4415b1292515a --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/integ.logging.ts @@ -0,0 +1,19 @@ +import * as cdk from 'aws-cdk-lib'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import * as iot from '../lib'; + +class TestStack extends cdk.Stack { + constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { + super(scope, id, props); + + new iot.Logging(this, 'Logging', { + logLevel: iot.LogLevel.DEBUG, + }); + } +} + +const app = new cdk.App(); +const testCase = new TestStack(app, 'IotLoggingTestStack'); +new integ.IntegTest(app, 'IotLoggingTest', { + testCases: [testCase], +}); diff --git a/packages/@aws-cdk/aws-iot-alpha/test/logging.test.ts b/packages/@aws-cdk/aws-iot-alpha/test/logging.test.ts new file mode 100644 index 0000000000000..c2e4686e64e39 --- /dev/null +++ b/packages/@aws-cdk/aws-iot-alpha/test/logging.test.ts @@ -0,0 +1,99 @@ +import { Template } from 'aws-cdk-lib/assertions'; +import * as cdk from 'aws-cdk-lib'; +import * as iot from '../lib'; + +test('Default property', () => { + const stack = new cdk.Stack(); + + new iot.Logging(stack, 'Logging'); + + Template.fromStack(stack).hasResourceProperties('AWS::IoT::Logging', { + DefaultLogLevel: 'ERROR', + AccountId: { Ref: 'AWS::AccountId' }, + RoleArn: { 'Fn::GetAtt': ['LoggingRoleF8CB8FA1', 'Arn'] }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'iot.amazonaws.com' }, + }, + ], + Version: '2012-10-17', + }, + Policies: [ + { + PolicyDocument: { + Statement: [ + { + Action: [ + 'logs:CreateLogGroup', + 'logs:CreateLogStream', + 'logs:PutLogEvents', + 'logs:PutMetricFilter', + 'logs:PutRetentionPolicy', + 'iot:GetLoggingOptions', + 'iot:SetLoggingOptions', + 'iot:SetV2LoggingOptions', + 'iot:GetV2LoggingOptions', + 'iot:SetV2LoggingLevel', + 'iot:ListV2LoggingLevels', + 'iot:DeleteV2LoggingLevel', + ], + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { Ref: 'AWS::Partition' }, + ':logs:', + { Ref: 'AWS::Region' }, + ':', + { Ref: 'AWS::AccountId' }, + ':log-group:AWSIotLogsV2:*', + ], + ], + }, + }, + ], + Version: '2012-10-17', + }, + PolicyName: 'LoggingPolicy', + }, + ], + }); +}); + +test.each([ + iot.LogLevel.ERROR, + iot.LogLevel.WARN, + iot.LogLevel.INFO, + iot.LogLevel.DEBUG, + iot.LogLevel.DISABLED, +])('Log level %s', (logLevel) => { + const stack = new cdk.Stack(); + + new iot.Logging(stack, 'Logging', { + logLevel, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IoT::Logging', { + DefaultLogLevel: logLevel, + }); +}); + +test('import by Log ID', () => { + const stack = new cdk.Stack(); + + const logId = 'Log-12345'; + + const logging = iot.Logging.fromLogId(stack, 'LoggingFromId', logId); + + expect(logging).toMatchObject({ + logId, + }); +}); diff --git a/version.v2.json b/version.v2.json index 543b3795800ea..3e74324e1d8b2 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.156.0", - "alphaVersion": "2.156.0-alpha.0" + "version": "2.157.0", + "alphaVersion": "2.157.0-alpha.0" } \ No newline at end of file