Merge branch 'master' into njlynch/secretnamesforownedsecrets

aws · Nov 5, 2020 · c7ed6bf · c7ed6bf
2 parents 103561a + 0e0755c
commit c7ed6bf
Show file tree

Hide file tree

Showing 276 changed files with 8,897 additions and 1,687 deletions.
diff --git a/.gitignore b/.gitignore
@@ -45,3 +45,4 @@ yarn-error.log
 
 # Cloud9
 .c9
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,47 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.71.0](https://github.com/aws/aws-cdk/compare/v1.70.0...v1.71.0) (2020-10-29)
+
+
+### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES
+
+* **synthetics:** `runtime` is now a required property.
+
+### ⚠ BREAKING CHANGES
+
+* **core:** Creation stack traces for `Lazy` values are no longer
+captured by default. The `CDK_DEBUG=true` environment variable must be
+set in order to capture stack traces (this is also achieved by using the
+`--debug` option of the `cdk` CLI). Users should not need those stack
+traces most of the time, and should only enable creation stack trace
+captures when tyring to troubleshoot a resolution error that they are
+otherwise unable to trace back.
+
+### Features
+
+* **autoscaling:** CloudFormation init for ASGs ([#9674](https://github.com/aws/aws-cdk/issues/9674)) ([bdf1d30](https://github.com/aws/aws-cdk/commit/bdf1d30a08c034703ca05eebe8e9d0cc5e070949)), closes [#9065](https://github.com/aws/aws-cdk/issues/9065) [#9664](https://github.com/aws/aws-cdk/issues/9664)
+* **cli:** `--all` flag to select all stacks ([#10745](https://github.com/aws/aws-cdk/issues/10745)) ([bcd9d0a](https://github.com/aws/aws-cdk/commit/bcd9d0aa900aceb32e50031ea1a8f8a21e07a963)), closes [#3222](https://github.com/aws/aws-cdk/issues/3222)
+* **cli:** change virtualenv directory to `.venv` to comply with python recommendation ([#10995](https://github.com/aws/aws-cdk/issues/10995)) ([a4a41b5](https://github.com/aws/aws-cdk/commit/a4a41b5e006110304b51ee55c34e91cc3f129281)), closes [#9134](https://github.com/aws/aws-cdk/issues/9134)
+* **cli:** disable version check ([#10975](https://github.com/aws/aws-cdk/issues/10975)) ([575e47e](https://github.com/aws/aws-cdk/commit/575e47e4d6e8b89b4402ddc4b7bdea985b1e6edf)), closes [#10974](https://github.com/aws/aws-cdk/issues/10974)
+* **core:** make creationStack collection for Lazy opt-in ([#11170](https://github.com/aws/aws-cdk/issues/11170)) ([a3fae02](https://github.com/aws/aws-cdk/commit/a3fae02a5256a25fca011bab2a2aa9be58121c6e))
+* **init-templates:** Java init template tests updated to JUnit 5 ([#11101](https://github.com/aws/aws-cdk/issues/11101)) ([e0c00a1](https://github.com/aws/aws-cdk/commit/e0c00a1aafe82d390fd1859090e0bbe1ac249043)), closes [#10694](https://github.com/aws/aws-cdk/issues/10694)
+* upgrade "constructs" to 3.2.0 ([#11145](https://github.com/aws/aws-cdk/issues/11145)) ([d85e3ed](https://github.com/aws/aws-cdk/commit/d85e3eda8a0d97d60d178922bf9db33a31f4abe9))
+* **redshift:** add publiclyAccessible prop ([#11162](https://github.com/aws/aws-cdk/issues/11162)) ([9f8a6de](https://github.com/aws/aws-cdk/commit/9f8a6dee36105f7bbf7f433075881d5068fb5779)), closes [#11161](https://github.com/aws/aws-cdk/issues/11161)
+* **stepfunctions-tasks:** Support for Athena APIs: StartQueryExecution, StopQueryExeuction, GetQueryResults and GetQueryExecution  ([#11045](https://github.com/aws/aws-cdk/issues/11045)) ([19180cc](https://github.com/aws/aws-cdk/commit/19180cc7dd2e3cfbbcc82ef2b45f3a8f60894f8c))
+* **synthetics:** The CloudWatch Synthetics Construct Library is now in Developer Preview ([#11180](https://github.com/aws/aws-cdk/issues/11180)) ([b3b5f48](https://github.com/aws/aws-cdk/commit/b3b5f48ba457d382b6289997f164444ac6dfed0a))
+
+
+### Bug Fixes
+
+* **aws-rds/aws-secretmanager:** `credentials.fromSecret` does not access `secretsmanager.ISecret` ([#11033](https://github.com/aws/aws-cdk/issues/11033)) ([35ad608](https://github.com/aws/aws-cdk/commit/35ad608fb0c9801756b0557b460e3587684b7110)), closes [#11015](https://github.com/aws/aws-cdk/issues/11015)
+* **bootstrap:** same-account modern bootstrapping still requires policy ARNs ([#9867](https://github.com/aws/aws-cdk/issues/9867)) ([f5ab374](https://github.com/aws/aws-cdk/commit/f5ab374eafeafff02f386be445d10863717b51ed)), closes [#8571](https://github.com/aws/aws-cdk/issues/8571)
+* **codebuild:** ReportGroup name is ignored ([#11080](https://github.com/aws/aws-cdk/issues/11080)) ([1e2250a](https://github.com/aws/aws-cdk/commit/1e2250aa8345ee9fe22ed2a7395ba28994fe8ff1)), closes [#11052](https://github.com/aws/aws-cdk/issues/11052)
+* **core:** assets are duplicated between nested Cloud Assemblies ([#11008](https://github.com/aws/aws-cdk/issues/11008)) ([c84217f](https://github.com/aws/aws-cdk/commit/c84217f94cf66cae800d434350b3b3d7676a03b3)), closes [#10877](https://github.com/aws/aws-cdk/issues/10877) [#9627](https://github.com/aws/aws-cdk/issues/9627) [#9917](https://github.com/aws/aws-cdk/issues/9917)
+* **ec2:** `CfnInit` cannot be used with custom constructs ([#11167](https://github.com/aws/aws-cdk/issues/11167)) ([01c52c8](https://github.com/aws/aws-cdk/commit/01c52c84118b101de9aaca3091673b16d6871386))
+* **region-info:** incorrect S3 static website endpoint for us-gov-west-1 ([#10920](https://github.com/aws/aws-cdk/issues/10920)) ([dde9c55](https://github.com/aws/aws-cdk/commit/dde9c5530478e9371726278ef34b82da19624a4b)), closes [40aws-cdk/region-info/build-tools/generate-static-data.ts#L47-L49](https://github.com/40aws-cdk/region-info/build-tools/generate-static-data.ts/issues/L47-L49)
+
+
 ## [1.70.0](https://github.com/aws/aws-cdk/compare/v1.69.0...v1.70.0) (2020-10-23)
 
 

diff --git a/lerna.json b/lerna.json
@@ -11,5 +11,5 @@
     "tools/*"
   ],
   "rejectCycles": "true",
-  "version": "1.70.0"
+  "version": "1.71.0"
 }
diff --git a/package.json b/package.json
@@ -18,9 +18,9 @@
     "fs-extra": "^9.0.1",
     "graceful-fs": "^4.2.4",
     "jest-junit": "^12.0.0",
-    "jsii-diff": "^1.14.0",
-    "jsii-pacmak": "^1.14.0",
-    "jsii-rosetta": "^1.14.0",
+    "jsii-diff": "^1.14.1",
+    "jsii-pacmak": "^1.14.1",
+    "jsii-rosetta": "^1.14.1",
     "lerna": "^3.22.1",
     "standard-version": "^9.0.0",
     "typescript": "~3.9.7"

diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/README.md b/packages/@aws-cdk-containers/ecs-service-extensions/README.md
@@ -16,9 +16,10 @@ The `Service` construct provided by this module can be extended with optional `S
 
 - [AWS X-Ray](https://aws.amazon.com/xray/) for tracing your application
 - [Amazon CloudWatch Agent](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Install-CloudWatch-Agent.html) for capturing per task stats
-- [AWS AppMesh f](https://aws.amazon.com/app-mesh/)or adding your application to a service mesh
+- [AWS AppMesh](https://aws.amazon.com/app-mesh/) for adding your application to a service mesh
 - [Application Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html), for exposing your service to the public
 - [AWS FireLens](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html), for filtering and routing application logs
+- [Community Extensions](#community-extensions), providing support for advanced use cases
 
 The `ServiceExtension` class is an abstract class which you can also implement in
 order to build your own custom service extensions for modifying your service, or
@@ -283,3 +284,30 @@ The above code uses the well known service discovery name for each
 service, and passes it as an environment variable to the container so
 that the container knows what address to use when communicating to
 the other service.
+
+## Importing a pre-existing cluster
+
+To create an environment with a pre-existing cluster, you must import the cluster first, then use `Environment.fromEnvironmentAttributes()`. When a cluster is imported into an environment, the cluster is treated as immutable. As a result, no extension may modify the cluster to change a setting.
+
+```ts
+
+const cluster = ecs.Cluster.fromClusterAttributes(stack, 'Cluster', {
+  ...
+});
+
+const environment = Environment.fromEnvironmentAttributes(stack, 'Environment', {
+  capacityType: EnvironmentCapacityType.EC2, // or `FARGATE`
+  cluster,
+});
+
+```
+
+## Community Extensions
+
+We encourage the development of Community Service Extensions that support
+advanced features. Here are some useful extensions that we have reviewed:
+
+* [ListenerRulesExtension](https://www.npmjs.com/package/@wheatstalk/ecs-service-extension-listener-rules) for more precise control over Application Load Balancer rules
+
+> Please submit a pull request so that we can review your service extension and
+> list it here.
diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/environment.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/environment.ts
@@ -28,13 +28,50 @@ export interface EnvironmentProps {
   readonly capacityType?: EnvironmentCapacityType
 }
 
+/**
+ * An environment into which to deploy a service.
+ */
+export interface IEnvironment {
+  /**
+   * The name of this environment.
+   */
+  readonly id: string;
+
+  /**
+   * The VPC into which environment services should be placed.
+   */
+  readonly vpc: ec2.IVpc;
+
+  /**
+   * The cluster that is providing capacity for this service.
+   */
+  readonly cluster: ecs.ICluster;
+
+  /**
+   * The capacity type used by the service's cluster.
+   */
+  readonly capacityType: EnvironmentCapacityType;
+
+  /**
+   * Add a default cloudmap namespace to the environment's cluster.
+   */
+  addDefaultCloudMapNamespace(options: ecs.CloudMapNamespaceOptions): void;
+}
+
 /**
  * An environment into which to deploy a service. This environment
  * can either be instantiated with a preexisting AWS VPC and ECS cluster,
  * or it can create it's own VPC and cluster. By default it will create
  * a cluster with Fargate capacity.
  */
-export class Environment extends cdk.Construct {
+export class Environment extends cdk.Construct implements IEnvironment {
+  /**
+   * Import an existing environment from its attributes.
+   */
+  public static fromEnvironmentAttributes(scope: cdk.Construct, id: string, attrs: EnvironmentAttributes): IEnvironment {
+    return new ImportedEnvironment(scope, id, attrs);
+  }
+
   /**
    * The name of this environment.
    */
@@ -81,4 +118,47 @@ export class Environment extends cdk.Construct {
       this.capacityType = EnvironmentCapacityType.FARGATE;
     }
   }
+
+  /**
+   * Add a default cloudmap namespace to the environment's cluster.
+   */
+  addDefaultCloudMapNamespace(options: ecs.CloudMapNamespaceOptions) {
+    this.cluster.addDefaultCloudMapNamespace(options);
+  }
+}
+
+export interface EnvironmentAttributes {
+  /**
+   * The capacity type used by the service's cluster.
+   */
+  capacityType: EnvironmentCapacityType;
+
+  /**
+   * The cluster that is providing capacity for this service.
+   */
+  cluster: ecs.ICluster;
 }
+
+export class ImportedEnvironment extends cdk.Construct implements IEnvironment {
+  public readonly capacityType: EnvironmentCapacityType;
+  public readonly cluster: ecs.ICluster;
+  public readonly id: string;
+  public readonly vpc: ec2.IVpc;
+
+  constructor(scope: cdk.Construct, id: string, props: EnvironmentAttributes) {
+    super(scope, id);
+
+    this.id = id;
+    this.capacityType = props.capacityType;
+    this.cluster = props.cluster;
+    this.vpc = props.cluster.vpc;
+  }
+
+  /**
+   * Refuses to add a default cloudmap namespace to the cluster as we don't
+   * own it.
+   */
+  addDefaultCloudMapNamespace(_options: ecs.CloudMapNamespaceOptions) {
+    throw new Error('the cluster environment is immutable when imported');
+  }
+}
diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/appmesh.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/appmesh.ts
@@ -70,7 +70,7 @@ export class AppMeshExtension extends ServiceExtension {
     // Make sure that the parent cluster for this service has
     // a namespace attached.
     if (!this.parentService.cluster.defaultCloudMapNamespace) {
-      this.parentService.cluster.addDefaultCloudMapNamespace({
+      this.parentService.environment.addDefaultCloudMapNamespace({
         // Name the namespace after the environment name.
         // Service DNS will be like <service id>.<environment id>
         name: this.parentService.environment.id,

diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/service.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/service.ts
@@ -1,7 +1,7 @@
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as ecs from '@aws-cdk/aws-ecs';
 import * as cdk from '@aws-cdk/core';
-import { Environment } from './environment';
+import { IEnvironment } from './environment';
 import { EnvironmentCapacityType, ServiceBuild } from './extensions/extension-interfaces';
 import { ServiceDescription } from './service-description';
 
@@ -17,7 +17,7 @@ export interface ServiceProps {
   /**
    * The environment to launch the service in
    */
-  readonly environment: Environment
+  readonly environment: IEnvironment
 }
 
 /**
@@ -44,7 +44,7 @@ export class Service extends cdk.Construct {
    * The cluster that is providing capacity for this service
    * [disable-awslint:ref-via-interface]
    */
-  public readonly cluster: ecs.Cluster;
+  public readonly cluster: ecs.ICluster;
 
   /**
    * The capacity type that this service will use
@@ -59,7 +59,7 @@ export class Service extends cdk.Construct {
   /**
    * The environment this service was launched in
    */
-  public readonly environment: Environment;
+  public readonly environment: IEnvironment;
 
   /**
    * The generated task definition for this service, is only

diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/package.json b/packages/@aws-cdk-containers/ecs-service-extensions/package.json
@@ -40,7 +40,7 @@
     "cdk-build-tools": "0.0.0",
     "cdk-integ-tools": "0.0.0",
     "cfn2ts": "0.0.0",
-    "jest": "^26.6.1",
+    "jest": "^26.6.3",
     "nodeunit": "^0.11.3",
     "pkglint": "0.0.0"
   },