From aca19e18fefc497deebecd3ccf5b37036ba5a0a0 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 26 Oct 2021 17:33:47 +0200 Subject: [PATCH 01/40] chore(appscaling): make examples compile (#17164) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-applicationautoscaling/README.md | 88 ++++++++++--------- .../rosetta/default.ts-fixture | 48 ++++++++++ 2 files changed, 96 insertions(+), 40 deletions(-) create mode 100644 packages/@aws-cdk/aws-applicationautoscaling/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-applicationautoscaling/README.md b/packages/@aws-cdk/aws-applicationautoscaling/README.md index c00dac29ece2c..77f3858b8e6f2 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/README.md +++ b/packages/@aws-cdk/aws-applicationautoscaling/README.md @@ -51,15 +51,19 @@ There are three ways to scale your capacity: The general pattern of autoscaling will look like this: ```ts +declare const resource: SomeScalableResource; + const capacity = resource.autoScaleCapacity({ minCapacity: 5, maxCapacity: 100 }); -// Enable a type of metric scaling and/or schedule scaling -capacity.scaleOnMetric(...); -capacity.scaleToTrackMetric(...); -capacity.scaleOnSchedule(...); +// Then call a method to enable metric scaling and/or schedule scaling +// (explained below): +// +// capacity.scaleOnMetric(...); +// capacity.scaleToTrackMetric(...); +// capacity.scaleOnSchedule(...); ``` ## Step Scaling @@ -82,8 +86,11 @@ a possible one. You will have to determine what thresholds are right for you). You would configure it like this: ```ts +declare const capacity: ScalableAttribute; +declare const cpuUtilization: cloudwatch.Metric; + capacity.scaleOnMetric('ScaleToCPU', { - metric: service.metricCpuUtilization(), + metric: cpuUtilization, scalingSteps: [ { upper: 10, change: -1 }, { lower: 50, change: +1 }, @@ -92,7 +99,7 @@ capacity.scaleOnMetric('ScaleToCPU', { // Change this to AdjustmentType.PercentChangeInCapacity to interpret the // 'change' numbers before as percentages instead of capacity counts. - adjustmentType: autoscaling.AdjustmentType.CHANGE_IN_CAPACITY, + adjustmentType: appscaling.AdjustmentType.CHANGE_IN_CAPACITY, }); ``` @@ -111,6 +118,10 @@ The following example configures the read capacity of a DynamoDB table to be around 60% utilization: ```ts +import * as dynamodb from '@aws-cdk/aws-dynamodb'; + +declare const table: dynamodb.Table; + const readCapacity = table.autoScaleReadCapacity({ minCapacity: 10, maxCapacity: 1000 @@ -145,18 +156,20 @@ The following example scales the fleet out in the morning, and lets natural scaling take over at night: ```ts +declare const resource: SomeScalableResource; + const capacity = resource.autoScaleCapacity({ minCapacity: 1, maxCapacity: 50, }); capacity.scaleOnSchedule('PrescaleInTheMorning', { - schedule: autoscaling.Schedule.cron({ hour: '8', minute: '0' }), + schedule: appscaling.Schedule.cron({ hour: '8', minute: '0' }), minCapacity: 20, }); capacity.scaleOnSchedule('AllowDownscalingAtNight', { - schedule: autoscaling.Schedule.cron({ hour: '20', minute: '0' }), + schedule: appscaling.Schedule.cron({ hour: '20', minute: '0' }), minCapacity: 1 }); ``` @@ -166,35 +179,30 @@ capacity.scaleOnSchedule('AllowDownscalingAtNight', { ### Lambda Provisioned Concurrency Auto Scaling ```ts - const handler = new lambda.Function(this, 'MyFunction', { - runtime: lambda.Runtime.PYTHON_3_7, - handler: 'index.handler', - code: new lambda.InlineCode(` -import json, time -def handler(event, context): - time.sleep(1) - return { - 'statusCode': 200, - 'body': json.dumps('Hello CDK from Lambda!') - }`), - reservedConcurrentExecutions: 2, - }); - - const fnVer = handler.addVersion('CDKLambdaVersion', undefined, 'demo alias', 10); - - new apigateway.LambdaRestApi(this, 'API', { handler: fnVer }) - - const target = new applicationautoscaling.ScalableTarget(this, 'ScalableTarget', { - serviceNamespace: applicationautoscaling.ServiceNamespace.LAMBDA, - maxCapacity: 100, - minCapacity: 10, - resourceId: `function:${handler.functionName}:${fnVer.version}`, - scalableDimension: 'lambda:function:ProvisionedConcurrency', - }) -s - target.scaleToTrackMetric('PceTracking', { - targetValue: 0.9, - predefinedMetric: applicationautoscaling.PredefinedMetric.LAMBDA_PROVISIONED_CONCURRENCY_UTILIZATION, - }) - } - ``` +import * as lambda from '@aws-cdk/aws-lambda'; + +declare const code: lambda.Code; + +const handler = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.PYTHON_3_7, + handler: 'index.handler', + code, + + reservedConcurrentExecutions: 2, +}); + +const fnVer = handler.addVersion('CDKLambdaVersion', undefined, 'demo alias', 10); + +const target = new appscaling.ScalableTarget(this, 'ScalableTarget', { + serviceNamespace: appscaling.ServiceNamespace.LAMBDA, + maxCapacity: 100, + minCapacity: 10, + resourceId: `function:${handler.functionName}:${fnVer.version}`, + scalableDimension: 'lambda:function:ProvisionedConcurrency', +}) + +target.scaleToTrackMetric('PceTracking', { + targetValue: 0.9, + predefinedMetric: appscaling.PredefinedMetric.LAMBDA_PROVISIONED_CONCURRENCY_UTILIZATION, +}) +``` diff --git a/packages/@aws-cdk/aws-applicationautoscaling/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-applicationautoscaling/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..9a75db0061b9d --- /dev/null +++ b/packages/@aws-cdk/aws-applicationautoscaling/rosetta/default.ts-fixture @@ -0,0 +1,48 @@ +// Fixture with packages imported, but nothing else +import { Construct, Node } from 'constructs'; +import { Aspects, CfnOutput, Stack, Duration, Resource, SecretValue } from '@aws-cdk/core'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as appscaling from '@aws-cdk/aws-applicationautoscaling'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as iam from '@aws-cdk/aws-iam'; + + +interface UtilizationScalingProps { + readonly targetUtilizationPercent: number; +} + +class ScalableAttribute { + public scaleOnSchedule(id: string, action: appscaling.ScalingSchedule) { + Array.isArray(id); + Array.isArray(action); + } + public scaleOnUtilization(props: UtilizationScalingProps) { + Array.isArray(props); + } + public scaleOnMetric(id: string, props: appscaling.BasicStepScalingPolicyProps) { + Array.isArray(id); + Array.isArray(props); + } +} + +interface Caps { + readonly minCapacity: number; + readonly maxCapacity: number; +} + +class SomeScalableResource { + public autoScaleCapacity(caps: Caps) { + return new ScalableAttribute(); + } +} + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + + + From 325952324da82265d7043099f2b5287b40266896 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 26 Oct 2021 18:25:37 +0200 Subject: [PATCH 02/40] chore(autoscaling): make examples compile (#17163) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-autoscaling/README.md | 110 +++++++++++++----- .../aws-autoscaling/lib/scheduled-action.ts | 2 - .../@aws-cdk/aws-autoscaling/lib/volume.ts | 5 +- .../rosetta/default.ts-fixture | 18 +++ 4 files changed, 104 insertions(+), 31 deletions(-) create mode 100644 packages/@aws-cdk/aws-autoscaling/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-autoscaling/README.md b/packages/@aws-cdk/aws-autoscaling/README.md index 75aa4f66807e2..11c67226afdb4 100644 --- a/packages/@aws-cdk/aws-autoscaling/README.md +++ b/packages/@aws-cdk/aws-autoscaling/README.md @@ -20,8 +20,7 @@ An `AutoScalingGroup` represents a number of instances on which you run your cod pick the size of the fleet, the instance type and the OS image: ```ts -import * as autoscaling from '@aws-cdk/aws-autoscaling'; -import * as ec2 from '@aws-cdk/aws-ec2'; +declare const vpc: ec2.Vpc; new autoscaling.AutoScalingGroup(this, 'ASG', { vpc, @@ -36,7 +35,9 @@ your instances to be able to start arbitrary connections. Alternatively, you can group to attach to the instances that are launched, rather than have the group create a new one. ```ts -const mySecurityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', {...}); +declare const vpc: ec2.Vpc; + +const mySecurityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', { vpc }); new autoscaling.AutoScalingGroup(this, 'ASG', { vpc, instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), @@ -89,24 +90,31 @@ There are three ways to scale your capacity: The general pattern of autoscaling will look like this: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + const autoScalingGroup = new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + minCapacity: 5, maxCapacity: 100 // ... }); -// Step scaling -autoScalingGroup.scaleOnMetric(...); - -// Target tracking scaling -autoScalingGroup.scaleOnCpuUtilization(...); -autoScalingGroup.scaleOnIncomingBytes(...); -autoScalingGroup.scaleOnOutgoingBytes(...); -autoScalingGroup.scaleOnRequestCount(...); -autoScalingGroup.scaleToTrackMetric(...); - -// Scheduled scaling -autoScalingGroup.scaleOnSchedule(...); +// Then call one of the scaling methods (explained below) +// +// autoScalingGroup.scaleOnMetric(...); +// +// autoScalingGroup.scaleOnCpuUtilization(...); +// autoScalingGroup.scaleOnIncomingBytes(...); +// autoScalingGroup.scaleOnOutgoingBytes(...); +// autoScalingGroup.scaleOnRequestCount(...); +// autoScalingGroup.scaleToTrackMetric(...); +// +// autoScalingGroup.scaleOnSchedule(...); ``` ### Step Scaling @@ -132,12 +140,14 @@ metric representing your worker utilization from your instances. After that, you would configure the scaling something like this: ```ts +declare const autoScalingGroup: autoscaling.AutoScalingGroup; + const workerUtilizationMetric = new cloudwatch.Metric({ namespace: 'MyService', metricName: 'WorkerUtilization' }); -capacity.scaleOnMetric('ScaleToCPU', { +autoScalingGroup.scaleOnMetric('ScaleToCPU', { metric: workerUtilizationMetric, scalingSteps: [ { upper: 10, change: -1 }, @@ -170,6 +180,8 @@ The following example scales to keep the CPU usage of your instances around 50% utilization: ```ts +declare const autoScalingGroup: autoscaling.AutoScalingGroup; + autoScalingGroup.scaleOnCpuUtilization('KeepSpareCPU', { targetUtilizationPercent: 50 }); @@ -178,10 +190,12 @@ autoScalingGroup.scaleOnCpuUtilization('KeepSpareCPU', { To scale on average network traffic in and out of your instances: ```ts +declare const autoScalingGroup: autoscaling.AutoScalingGroup; + autoScalingGroup.scaleOnIncomingBytes('LimitIngressPerInstance', { targetBytesPerSecond: 10 * 1024 * 1024 // 10 MB/s }); -autoScalingGroup.scaleOnOutcomingBytes('LimitEgressPerInstance', { +autoScalingGroup.scaleOnOutgoingBytes('LimitEgressPerInstance', { targetBytesPerSecond: 10 * 1024 * 1024 // 10 MB/s }); ``` @@ -191,6 +205,8 @@ AutoScalingGroups that have been attached to Application Load Balancers): ```ts +declare const autoScalingGroup: autoscaling.AutoScalingGroup; + autoScalingGroup.scaleOnRequestCount('LimitRPS', { targetRequestsPerSecond: 1000 }); @@ -214,6 +230,8 @@ The following example scales the fleet out in the morning, going back to natural scaling (all the way down to 1 instance if necessary) at night: ```ts +declare const autoScalingGroup: autoscaling.AutoScalingGroup; + autoScalingGroup.scaleOnSchedule('PrescaleInTheMorning', { schedule: autoscaling.Schedule.cron({ hour: '8', minute: '0' }), minCapacity: 20, @@ -246,7 +264,15 @@ Here's an example of using CloudFormation Init to write a file to the instance hosts on startup: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + // ... init: ec2.CloudFormationInit.fromElements( @@ -347,16 +373,30 @@ See [EC2 docs](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance To enable group metrics monitoring using the `groupMetrics` property: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + // Enable monitoring of all group metrics -new autoscaling.AutoScalingGroup(stack, 'ASG', { - groupMetrics: [GroupMetrics.all()], +new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + // ... + + groupMetrics: [autoscaling.GroupMetrics.all()], }); // Enable monitoring for a subset of group metrics -new autoscaling.AutoScalingGroup(stack, 'ASG', { - groupMetrics: [new autoscaling.GroupMetrics(GroupMetric.MIN_SIZE, GroupMetric.MAX_SIZE)], +new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + // ... + + groupMetrics: [new autoscaling.GroupMetrics(autoscaling.GroupMetric.MIN_SIZE, autoscaling.GroupMetric.MAX_SIZE)], }); ``` @@ -372,9 +412,18 @@ terminated. EC2 Capacity Providers for Amazon ECS requires this attribute be set to `true`. ```ts -new autoscaling.AutoScalingGroup(stack, 'ASG', { - newInstancesProtectedFromScaleIn: true, +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + +new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + // ... + + newInstancesProtectedFromScaleIn: true, }); ``` @@ -389,9 +438,18 @@ To do this for a single `AutoScalingGroup`, you can use set the `requireImdsv2` The example below demonstrates IMDSv2 being required on a single `AutoScalingGroup`: ```ts -new autoscaling.AutoScalingGroup(stack, 'ASG', { - requireImdsv2: true, +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + +new autoscaling.AutoScalingGroup(this, 'ASG', { + vpc, + instanceType, + machineImage, + // ... + + requireImdsv2: true, }); ``` @@ -401,7 +459,7 @@ The example below demonstrates the `AutoScalingGroupRequireImdsv2Aspect` being u ```ts const aspect = new autoscaling.AutoScalingGroupRequireImdsv2Aspect(); -Aspects.of(stack).add(aspect); +Aspects.of(this).add(aspect); ``` ## Future work diff --git a/packages/@aws-cdk/aws-autoscaling/lib/scheduled-action.ts b/packages/@aws-cdk/aws-autoscaling/lib/scheduled-action.ts index 71fde34af72cd..70a269bde9239 100644 --- a/packages/@aws-cdk/aws-autoscaling/lib/scheduled-action.ts +++ b/packages/@aws-cdk/aws-autoscaling/lib/scheduled-action.ts @@ -14,8 +14,6 @@ export interface BasicScheduledActionProps { * Supports cron expressions. * * For more information about cron expressions, see https://en.wikipedia.org/wiki/Cron. - * - * @example 0 8 * * ? */ readonly schedule: Schedule; diff --git a/packages/@aws-cdk/aws-autoscaling/lib/volume.ts b/packages/@aws-cdk/aws-autoscaling/lib/volume.ts index cbe08bac7c6ab..1c5f5da6dc659 100644 --- a/packages/@aws-cdk/aws-autoscaling/lib/volume.ts +++ b/packages/@aws-cdk/aws-autoscaling/lib/volume.ts @@ -9,7 +9,7 @@ export interface BlockDevice { /** * The device name exposed to the EC2 instance * - * @example '/dev/sdh', 'xvdh' + * Supply a value like `/dev/sdh`, `xvdh`. * * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html */ @@ -18,8 +18,7 @@ export interface BlockDevice { /** * Defines the block device volume, to be either an Amazon EBS volume or an ephemeral instance store volume * - * @example BlockDeviceVolume.ebs(15), BlockDeviceVolume.ephemeral(0) - * + * Supply a value like `BlockDeviceVolume.ebs(15)`, `BlockDeviceVolume.ephemeral(0)`. */ readonly volume: BlockDeviceVolume; diff --git a/packages/@aws-cdk/aws-autoscaling/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-autoscaling/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..314520288f9cb --- /dev/null +++ b/packages/@aws-cdk/aws-autoscaling/rosetta/default.ts-fixture @@ -0,0 +1,18 @@ +// Fixture with packages imported, but nothing else +import { Construct, Node } from 'constructs'; +import { Aspects, CfnOutput, Stack, Duration, Resource, SecretValue } from '@aws-cdk/core'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as autoscaling from '@aws-cdk/aws-autoscaling'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as iam from '@aws-cdk/aws-iam'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + + + From f37991c4de21ecbc7db5117de7f9adc1ecc40f2b Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 26 Oct 2021 19:18:02 +0200 Subject: [PATCH 03/40] chore(cloudwatch): make examples compile (#17158) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-cloudwatch/README.md | 128 ++++++++++++------ .../aws-cloudwatch/rosetta/default.ts-fixture | 17 +++ 2 files changed, 100 insertions(+), 45 deletions(-) create mode 100644 packages/@aws-cdk/aws-cloudwatch/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-cloudwatch/README.md b/packages/@aws-cdk/aws-cloudwatch/README.md index 450fc8ca9821a..67b68ed46e741 100644 --- a/packages/@aws-cdk/aws-cloudwatch/README.md +++ b/packages/@aws-cdk/aws-cloudwatch/README.md @@ -25,6 +25,8 @@ For example, `lambda.Function` objects have the `fn.metricErrors()` method, whic represents the amount of errors reported by that Lambda function: ```ts +declare const fn: lambda.Function; + const errors = fn.metricErrors(); ``` @@ -37,7 +39,7 @@ For example: ```ts const hostedZone = new route53.HostedZone(this, 'MyHostedZone', { zoneName: "example.org" }); -const metric = new Metric({ +const metric = new cloudwatch.Metric({ namespace: 'AWS/Route53', metricName: 'DNSQueries', dimensionsMap: { @@ -52,7 +54,7 @@ If you want to reference a metric that is not yet exposed by an existing constru you can instantiate a `Metric` object to represent it. For example: ```ts -const metric = new Metric({ +const metric = new cloudwatch.Metric({ namespace: 'MyNamespace', metricName: 'MyMetric', dimensionsMap: { @@ -67,11 +69,13 @@ Math expressions are supported by instantiating the `MathExpression` class. For example, a math expression that sums two other metrics looks like this: ```ts -const allProblems = new MathExpression({ - expression: "errors + faults", +declare const fn: lambda.Function; + +const allProblems = new cloudwatch.MathExpression({ + expression: "errors + throttles", usingMetrics: { - errors: myConstruct.metricErrors(), - faults: myConstruct.metricFaults(), + errors: fn.metricErrors(), + faults: fn.metricThrottles(), } }); ``` @@ -80,11 +84,14 @@ You can use `MathExpression` objects like any other metric, including using them in other math expressions: ```ts -const problemPercentage = new MathExpression({ +declare const fn: lambda.Function; +declare const allProblems: cloudwatch.MathExpression; + +const problemPercentage = new cloudwatch.MathExpression({ expression: "(problems / invocations) * 100", usingMetrics: { problems: allProblems, - invocations: myConstruct.metricInvocations() + invocations: fn.metricInvocations() } }); ``` @@ -96,7 +103,7 @@ search expression returns all CPUUtilization metrics that it finds, with the graph showing the Average statistic with an aggregation period of 5 minutes: ```ts -const cpuUtilization = new MathExpression({ +const cpuUtilization = new cloudwatch.MathExpression({ expression: "SEARCH('{AWS/EC2,InstanceId} MetricName=\"CPUUtilization\"', 'Average', 300)" }); ``` @@ -120,6 +127,8 @@ the function or the period), you can do so by passing additional parameters to the metric function call: ```ts +declare const fn: lambda.Function; + const minuteErrorRate = fn.metricErrors({ statistic: 'avg', period: Duration.minutes(1), @@ -153,9 +162,10 @@ useful when embedding them in graphs, see below). Alarms can be created on metrics in one of two ways. Either create an `Alarm` object, passing the `Metric` object to set the alarm on: - ```ts -new Alarm(this, 'Alarm', { +declare const fn: lambda.Function; + +new cloudwatch.Alarm(this, 'Alarm', { metric: fn.metricErrors(), threshold: 100, evaluationPeriods: 2, @@ -165,6 +175,8 @@ new Alarm(this, 'Alarm', { Alternatively, you can call `metric.createAlarm()`: ```ts +declare const fn: lambda.Function; + fn.metricErrors().createAlarm(this, 'Alarm', { threshold: 100, evaluationPeriods: 2, @@ -188,33 +200,36 @@ an SNS topic when an alarm breaches, do the following: ```ts import * as cw_actions from '@aws-cdk/aws-cloudwatch-actions'; +declare const alarm: cloudwatch.Alarm; -// ... -const topic = new sns.Topic(stack, 'Topic'); -const alarm = new cloudwatch.Alarm(stack, 'Alarm', { /* ... */ }); - +const topic = new sns.Topic(this, 'Topic'); alarm.addAlarmAction(new cw_actions.SnsAction(topic)); ``` ### Composite Alarms -[Composite Alarms](https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-cloudwatch-now-allows-you-to-combine-multiple-alarms/) +[Composite Alarms](https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-cloudwatch-now-allows-you-to-combine-multiple-alarms/) can be created from existing Alarm resources. ```ts -const alarmRule = AlarmRule.anyOf( - AlarmRule.allOf( - AlarmRule.anyOf( +declare const alarm1: cloudwatch.Alarm; +declare const alarm2: cloudwatch.Alarm; +declare const alarm3: cloudwatch.Alarm; +declare const alarm4: cloudwatch.Alarm; + +const alarmRule = cloudwatch.AlarmRule.anyOf( + cloudwatch.AlarmRule.allOf( + cloudwatch.AlarmRule.anyOf( alarm1, - AlarmRule.fromAlarm(alarm2, AlarmState.OK), + cloudwatch.AlarmRule.fromAlarm(alarm2, cloudwatch.AlarmState.OK), alarm3, ), - AlarmRule.not(AlarmRule.fromAlarm(alarm4, AlarmState.INSUFFICIENT_DATA)), + cloudwatch.AlarmRule.not(cloudwatch.AlarmRule.fromAlarm(alarm4, cloudwatch.AlarmState.INSUFFICIENT_DATA)), ), - AlarmRule.fromBoolean(false), + cloudwatch.AlarmRule.fromBoolean(false), ); -new CompositeAlarm(this, 'MyAwesomeCompositeAlarm', { +new cloudwatch.CompositeAlarm(this, 'MyAwesomeCompositeAlarm', { alarmRule, }); ``` @@ -260,7 +275,11 @@ A graph widget can display any number of metrics on either the `left` or `right` vertical axis: ```ts -dashboard.addWidgets(new GraphWidget({ +declare const dashboard: cloudwatch.Dashboard; +declare const executionCountMetric: cloudwatch.Metric; +declare const errorCountMetric: cloudwatch.Metric; + +dashboard.addWidgets(new cloudwatch.GraphWidget({ title: "Executions vs error rate", left: [executionCountMetric], @@ -268,7 +287,7 @@ dashboard.addWidgets(new GraphWidget({ right: [errorCountMetric.with({ statistic: "average", label: "Error rate", - color: Color.GREEN + color: cloudwatch.Color.GREEN })] })); ``` @@ -278,12 +297,13 @@ Using the methods `addLeftMetric()` and `addRightMetric()` you can add metrics t Graph widgets can also display annotations attached to the left or the right y-axis. ```ts -dashboard.addWidgets(new GraphWidget({ - // ... +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.GraphWidget({ // ... leftAnnotations: [ - { value: 1800, label: Duration.minutes(30).toHumanString(), color: Color.RED, }, + { value: 1800, label: Duration.minutes(30).toHumanString(), color: cloudwatch.Color.RED, }, { value: 3600, label: '1 hour', color: '#2ca02c', } ], })); @@ -292,19 +312,21 @@ dashboard.addWidgets(new GraphWidget({ The graph legend can be adjusted from the default position at bottom of the widget. ```ts -dashboard.addWidgets(new GraphWidget({ - // ... +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.GraphWidget({ // ... - legendPosition: LegendPosition.RIGHT, + legendPosition: cloudwatch.LegendPosition.RIGHT, })); ``` The graph can publish live data within the last minute that has not been fully aggregated. ```ts -dashboard.addWidgets(new GraphWidget({ - // ... +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.GraphWidget({ // ... liveData: true, @@ -314,11 +336,12 @@ dashboard.addWidgets(new GraphWidget({ The graph view can be changed from default 'timeSeries' to 'bar' or 'pie'. ```ts -dashboard.addWidgets(new GraphWidget({ - // ... +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.GraphWidget({ // ... - view: GraphWidgetView.BAR, + view: cloudwatch.GraphWidgetView.BAR, })); ``` @@ -327,7 +350,10 @@ dashboard.addWidgets(new GraphWidget({ An alarm widget shows the graph and the alarm line of a single alarm: ```ts -dashboard.addWidgets(new AlarmWidget({ +declare const dashboard: cloudwatch.Dashboard; +declare const errorAlarm: cloudwatch.Alarm; + +dashboard.addWidgets(new cloudwatch.AlarmWidget({ title: "Errors", alarm: errorAlarm, })); @@ -339,7 +365,11 @@ A single-value widget shows the latest value of a set of metrics (as opposed to a graph of the value over time): ```ts -dashboard.addWidgets(new SingleValueWidget({ +declare const dashboard: cloudwatch.Dashboard; +declare const visitorCount: cloudwatch.Metric; +declare const purchaseCount: cloudwatch.Metric; + +dashboard.addWidgets(new cloudwatch.SingleValueWidget({ metrics: [visitorCount, purchaseCount], })); ``` @@ -347,9 +377,10 @@ dashboard.addWidgets(new SingleValueWidget({ Show as many digits as can fit, before rounding. ```ts -dashboard.addWidgets(new SingleValueWidget({ - // .. - // .. +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.SingleValueWidget({ + metrics: [ /* ... */ ], fullPrecision: true, })); @@ -361,7 +392,9 @@ A text widget shows an arbitrary piece of MarkDown. Use this to add explanations to your dashboard: ```ts -dashboard.addWidgets(new TextWidget({ +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.TextWidget({ markdown: '# Key Performance Indicators' })); ``` @@ -372,8 +405,11 @@ An alarm status widget displays instantly the status of any type of alarms and g ability to aggregate one or more alarms together in a small surface. ```ts +declare const dashboard: cloudwatch.Dashboard; +declare const errorAlarm: cloudwatch.Alarm; + dashboard.addWidgets( - new AlarmStatusWidget({ + new cloudwatch.AlarmStatusWidget({ alarms: [errorAlarm], }) ); @@ -384,9 +420,11 @@ dashboard.addWidgets( A `LogQueryWidget` shows the results of a query from Logs Insights: ```ts -dashboard.addWidgets(new LogQueryWidget({ +declare const dashboard: cloudwatch.Dashboard; + +dashboard.addWidgets(new cloudwatch.LogQueryWidget({ logGroupNames: ['my-log-group'], - view: LogQueryVisualizationType.TABLE, + view: cloudwatch.LogQueryVisualizationType.TABLE, // The lines will be automatically combined using '\n|'. queryLines: [ 'fields @message', diff --git a/packages/@aws-cdk/aws-cloudwatch/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-cloudwatch/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..85cc6b579f761 --- /dev/null +++ b/packages/@aws-cdk/aws-cloudwatch/rosetta/default.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Stack, Duration } from '@aws-cdk/core'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as route53 from '@aws-cdk/aws-route53'; +import * as sns from '@aws-cdk/aws-sns'; +import * as lambda from '@aws-cdk/aws-lambda'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + + From 76898698d3657ab996e994c7eec79dd818684589 Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Tue, 26 Oct 2021 19:10:41 +0100 Subject: [PATCH 04/40] chore: Revert "feat(sns): addSubscription returns the created Subscription (#16785)" (#17166) This reverts commit 62f389ea0522cbaefca5ca17080228031d401ce6. Changing the return type from void to Subscription is a breaking change for F# customers, where the return type changes from "unit" to "Subscription", potentially breaking `do` statements. Example: https://github.com/aws/aws-cdk/blob/62f389ea0522cbaefca5ca17080228031d401ce6/packages/aws-cdk/lib/init-templates/v1/sample-app/fsharp/src/%25name.PascalCased%25/%25name.PascalCased%25Stack.template.fs#L14 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-sns/lib/topic-base.ts | 6 +++--- packages/@aws-cdk/aws-sns/test/sns.test.ts | 22 --------------------- 2 files changed, 3 insertions(+), 25 deletions(-) diff --git a/packages/@aws-cdk/aws-sns/lib/topic-base.ts b/packages/@aws-cdk/aws-sns/lib/topic-base.ts index 3d9984c86dff0..b867670474177 100644 --- a/packages/@aws-cdk/aws-sns/lib/topic-base.ts +++ b/packages/@aws-cdk/aws-sns/lib/topic-base.ts @@ -31,7 +31,7 @@ export interface ITopic extends IResource, notifications.INotificationRuleTarget /** * Subscribe some endpoint to this topic */ - addSubscription(subscription: ITopicSubscription): Subscription; + addSubscription(subscription: ITopicSubscription): void; /** * Adds a statement to the IAM resource policy associated with this topic. @@ -68,7 +68,7 @@ export abstract class TopicBase extends Resource implements ITopic { /** * Subscribe some endpoint to this topic */ - public addSubscription(subscription: ITopicSubscription): Subscription { + public addSubscription(subscription: ITopicSubscription) { const subscriptionConfig = subscription.bind(this); const scope = subscriptionConfig.subscriberScope || this; @@ -83,7 +83,7 @@ export abstract class TopicBase extends Resource implements ITopic { throw new Error(`A subscription with id "${id}" already exists under the scope ${scope.node.path}`); } - return new Subscription(scope, id, { + new Subscription(scope, id, { topic: this, ...subscriptionConfig, }); diff --git a/packages/@aws-cdk/aws-sns/test/sns.test.ts b/packages/@aws-cdk/aws-sns/test/sns.test.ts index 5bb928bff544e..950aef6cbcef1 100644 --- a/packages/@aws-cdk/aws-sns/test/sns.test.ts +++ b/packages/@aws-cdk/aws-sns/test/sns.test.ts @@ -480,26 +480,4 @@ describe('Topic', () => { }); - - test('result of addSubscription() can be used as a dependency', () => { - // GIVEN - const stack = new cdk.Stack(); - const topic = new sns.Topic(stack, 'Topic'); - const user = new iam.User(stack, 'User'); - - // WHEN - const subscription = topic.addSubscription({ - bind: () => ({ - protocol: sns.SubscriptionProtocol.HTTP, - endpoint: 'http://foo/bar', - subscriberId: 'my-subscription', - }), - }); - user.node.addDependency(subscription); - - // THEN - Template.fromStack(stack).hasResource('AWS::IAM::User', { - DependsOn: ['Topicmysubscription1E605DD7'], - }); - }); }); From fcd17e9c9a9e1b83a29c140d558f696c0290bfd7 Mon Sep 17 00:00:00 2001 From: James Lakin Date: Tue, 26 Oct 2021 21:33:06 +0100 Subject: [PATCH 05/40] feat(rds): support backtrackWindow in DatabaseCluster (#17160) This is a small PR to fix #9369 without needing to use an escape hatch. Fixes #9369 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/lib/cluster.ts | 11 ++++++++++ .../@aws-cdk/aws-rds/test/cluster.test.ts | 20 +++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts index 15f9e60215ebc..7324cacb333c2 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster.ts @@ -40,6 +40,16 @@ interface DatabaseClusterBaseProps { */ readonly instanceProps: InstanceProps; + /** + * The number of seconds to set a cluster's target backtrack window to. + * This feature is only supported by the Aurora MySQL database engine and + * cannot be enabled on existing clusters. + * + * @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Managing.Backtrack.html + * @default 0 seconds (no backtrack) + */ + readonly backtrackWindow?: Duration + /** * Backup settings * @@ -364,6 +374,7 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { deletionProtection: defaultDeletionProtection(props.deletionProtection, props.removalPolicy), enableIamDatabaseAuthentication: props.iamAuthentication, // Admin + backtrackWindow: props.backtrackWindow?.toSeconds(), backupRetentionPeriod: props.backup?.retention?.toDays(), preferredBackupWindow: props.backup?.preferredWindow, preferredMaintenanceWindow: props.preferredMaintenanceWindow, diff --git a/packages/@aws-cdk/aws-rds/test/cluster.test.ts b/packages/@aws-cdk/aws-rds/test/cluster.test.ts index 97d5548611fcd..5adc3d4906643 100644 --- a/packages/@aws-cdk/aws-rds/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/cluster.test.ts @@ -2032,6 +2032,26 @@ describe('cluster', () => { CopyTagsToSnapshot: true, }); }); + + test('cluster has BacktrackWindow in seconds', () => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA, + instanceProps: { + vpc, + }, + backtrackWindow: cdk.Duration.days(1), + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::RDS::DBCluster', { + BacktrackWindow: 24 * 60 * 60, + }); + }); }); test.each([ From ad36306ed206e8102a85ee391136b84ba6f4c6e1 Mon Sep 17 00:00:00 2001 From: Adel Salakh Date: Wed, 27 Oct 2021 02:22:31 +0300 Subject: [PATCH 06/40] docs(lambda-layer-kubctl): fix incorrect versions in README (#16413) Swap Helm and Kubectl versions in the README ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/lambda-layer-kubectl/README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/lambda-layer-kubectl/README.md b/packages/@aws-cdk/lambda-layer-kubectl/README.md index 3782174b1aa72..97329d16c8c50 100644 --- a/packages/@aws-cdk/lambda-layer-kubectl/README.md +++ b/packages/@aws-cdk/lambda-layer-kubectl/README.md @@ -11,8 +11,9 @@ This module exports a single class called `KubectlLayer` which is a `lambda.Layer` that bundles the [`kubectl`](https://kubernetes.io/docs/reference/kubectl/kubectl/) and the [`helm`](https://helm.sh/) command line. -> - Helm Version: 1.20.0 -> - Kubectl Version: 3.4.2 +> - Helm Version: 3.5.4 +> - Kubectl Version: 1.20.0 +> Usage: From 3efd31e478d5060f0fb45668ae3ef1cb44e9fd14 Mon Sep 17 00:00:00 2001 From: peterwoodworth Date: Tue, 26 Oct 2021 16:52:57 -0700 Subject: [PATCH 07/40] chore: add corymhall, peterwoodworth, ryparker to mergify --- .mergify.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.mergify.yml b/.mergify.yml index e460f1d12842f..c30db93044503 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -10,7 +10,7 @@ pull_request_rules: label: add: [ contribution/core ] conditions: - - author~=^(eladb|RomainMuller|garnaat|nija-at|skinny85|rix0rrr|NGL321|Jerry-AWS|MrArnoldPalmer|NetaNir|iliapolo|njlynch|ericzbeard|ccfife|fulghum|pkandasamy91|SoManyHs|uttarasridhar|otaviomacedo|BenChaimberg|madeline-k|BryanPan342|kaizen3031593|comcalvi|Chriscbr)$ + - author~=^(eladb|RomainMuller|garnaat|nija-at|skinny85|rix0rrr|NGL321|Jerry-AWS|MrArnoldPalmer|NetaNir|iliapolo|njlynch|ericzbeard|ccfife|fulghum|pkandasamy91|SoManyHs|uttarasridhar|otaviomacedo|BenChaimberg|madeline-k|BryanPan342|kaizen3031593|comcalvi|Chriscbr|corymhall|peterwoodworth|ryparker)$ - -label~="contribution/core" - name: automatic merge actions: From 7bdd9079d55e503cd625bc5663f0bb73ad94a40f Mon Sep 17 00:00:00 2001 From: Peter Woodworth <44349620+peterwoodworth@users.noreply.github.com> Date: Wed, 27 Oct 2021 00:31:42 -0700 Subject: [PATCH 08/40] chore: update autolabeler config (#17174) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/workflows/issue-label-assign.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/issue-label-assign.yml b/.github/workflows/issue-label-assign.yml index b82a4040658d8..b7bfacd0126b0 100644 --- a/.github/workflows/issue-label-assign.yml +++ b/.github/workflows/issue-label-assign.yml @@ -24,6 +24,7 @@ jobs: {"area":"@aws-cdk/alexa-ask","keywords":["alexa-ask","alexa", "cfnskill"],"labels":["@aws-cdk/alexa-ask"],"assignees":["madeline-k"]}, {"area":"@aws-cdk/app-delivery","keywords":["app-delivery","PipelineDeployStackAction"],"labels":["@aws-cdk/app-delivery"],"assignees":["skinny85"]}, {"area":"@aws-cdk/assert","keywords":["assert"],"labels":["@aws-cdk/assert"],"assignees":["nija-at"]}, + {"area":"@aws-cdk/assertions","keywords":["assertions"],"labels":["@aws-cdk/assertions"],"assignees":["nija-at"]}, {"area":"@aws-cdk/assets","keywords":["assets","staging"],"labels":["@aws-cdk/assets"],"assignees":["eladb"]}, {"area":"@aws-cdk/aws-accessanalyzer","keywords":["aws-accessanalyzer","accessanalyzer","cfnanalyzer"],"labels":["@aws-cdk/aws-accessanalyzer"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-acmpca","keywords":["aws-acmpca","acmpca","certificateauthority"],"labels":["@aws-cdk/aws-acmpca"],"assignees":["skinny85"]}, @@ -56,7 +57,7 @@ jobs: {"area":"@aws-cdk/aws-certificatemanager","keywords":["aws-certificatemanager","certificate-manager","dnsvalidatedcertificate","acm"],"labels":["@aws-cdk/aws-certificatemanager"],"assignees":["njlynch"]}, {"area":"@aws-cdk/aws-chatbot","keywords":["aws-chatbot","chatbot","slackchannelconfiguration"],"labels":["@aws-cdk/aws-chatbot"],"assignees":["kaizen3031593"]}, {"area":"@aws-cdk/aws-cloud9","keywords":["aws-cloud9","cloud 9","ec2environment"],"labels":["@aws-cdk/aws-cloud9"],"assignees":["skinny85"]}, - {"area":"@aws-cdk/aws-cloudformation","keywords":["aws-cloudformation","nestedstack","customresource"],"labels":["@aws-cdk/aws-cloudformation"],"assignees":["rix0rrr"]}, + {"area":"@aws-cdk/aws-cloudformation","keywords":["aws-cloudformation","nestedstack"],"labels":["@aws-cdk/aws-cloudformation"],"assignees":["rix0rrr"]}, {"area":"@aws-cdk/aws-cloudfront","keywords":["aws-cloudfront","cloud front","cachepolicy","cloudfrontwebdistribution"],"labels":["@aws-cdk/aws-cloudfront"],"assignees":["njlynch"]}, {"area":"@aws-cdk/aws-cloudfront-origins","keywords":["aws-cloudfront-origins","cloudfront origins"],"labels":["@aws-cdk/aws-cloudfront-origins"],"assignees":["njlynch"]}, {"area":"@aws-cdk/aws-cloudtrail","keywords":["aws-cloudtrail","cloud trail","trail"],"labels":["@aws-cdk/aws-cloudtrail"],"assignees":["rix0rrr"]}, @@ -68,8 +69,8 @@ jobs: {"area":"@aws-cdk/aws-codedeploy","keywords":["aws-codedeploy","code-deploy","customlambdadeploymentconfig","ecsapplication","lambdaapplication","lambdadeploymentgroup","serverapplication"],"labels":["@aws-cdk/aws-codedeploy"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-codeguruprofiler","keywords":["aws-codeguruprofiler","codeguru-profiler","profilinggroup"],"labels":["@aws-cdk/aws-codeguruprofiler"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-codegurureviewer","keywords":["aws-codegurureviewer","codeguru-reviewer"],"labels":["@aws-cdk/aws-codegurureviewer"],"assignees":["skinny85"]}, - {"area":"@aws-cdk/aws-codepipeline","keywords":["aws-codepipeline","code-pipeline","pipeline"],"labels":["@aws-cdk/aws-codepipeline"],"assignees":["skinny85"]}, - {"area":"@aws-cdk/aws-codepipeline-actions","keywords":["aws-codepipeline-actions","codepipeline actions","jenkinsprovider"],"labels":["@aws-cdk/aws-codepipeline-actions"],"assignees":["skinny85"]}, + {"area":"@aws-cdk/aws-codepipeline","keywords":["aws-codepipeline","code-pipeline"],"labels":["@aws-cdk/aws-codepipeline"],"assignees":["skinny85"]}, + {"area":"@aws-cdk/aws-codepipeline-actions","keywords":["aws-codepipeline-actions","codepipeline-actions","jenkinsprovider"],"labels":["@aws-cdk/aws-codepipeline-actions"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-codestar","keywords":["aws-codestar","codestar","githubrepository"],"labels":["@aws-cdk/aws-codestar"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-codestarconnections","keywords":["aws-codestarconnections","codestar-connections"],"labels":["@aws-cdk/aws-codestarconnections"],"assignees":["skinny85"]}, {"area":"@aws-cdk/aws-codestarnotifications","keywords":["aws-codestarnotifications","codestar-notifications"],"labels":["@aws-cdk/aws-codestarnotifications"],"assignees":["skinny85"]}, From 3ea6873af6e36380d23979bf646451f9cc1a549e Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 27 Oct 2021 05:08:43 -0400 Subject: [PATCH 09/40] docs(kms): make examples compile (#17167) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-kms/README.md | 32 +++++++++---------- .../aws-kms/rosetta/default.ts-fixture | 14 ++++++++ 2 files changed, 30 insertions(+), 16 deletions(-) create mode 100644 packages/@aws-cdk/aws-kms/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-kms/README.md b/packages/@aws-cdk/aws-kms/README.md index 098e643440784..201accf122675 100644 --- a/packages/@aws-cdk/aws-kms/README.md +++ b/packages/@aws-cdk/aws-kms/README.md @@ -14,10 +14,8 @@ Define a KMS key: ```ts -import * as kms from '@aws-cdk/aws-kms'; - new kms.Key(this, 'MyKey', { - enableKeyRotation: true + enableKeyRotation: true, }); ``` @@ -27,7 +25,7 @@ Specifies the number of days in the waiting period before AWS KMS deletes a CMK ```ts const key = new kms.Key(this, 'MyKey', { - pendingWindow: 10 // Default to 30 Days + pendingWindow: Duration.days(10), // Default to 30 Days }); ``` @@ -48,7 +46,7 @@ Valid `keySpec` values depends on `keyUsage` value. ```ts const key = new kms.Key(this, 'MyKey', { keySpec: kms.KeySpec.ECC_SECG_P256K1, // Default to SYMMETRIC_DEFAULT - keyUsage: kms.KeyUsage.SIGN_VERIFY // and ENCRYPT_DECRYPT + keyUsage: kms.KeyUsage.SIGN_VERIFY, // and ENCRYPT_DECRYPT }); ``` @@ -84,10 +82,12 @@ If a Key has an associated Alias, the Alias can be imported by name and used in of the Key as a reference. A common scenario for this is in referencing AWS managed keys. ```ts +import * as cloudtrail from '@aws-cdk/aws-cloudtrail'; + const myKeyAlias = kms.Alias.fromAliasName(this, 'myKey', 'alias/aws/s3'); const trail = new cloudtrail.Trail(this, 'myCloudTrail', { - sendToCloudWatchLogs: true, - kmsKey: myKeyAlias + sendToCloudWatchLogs: true, + kmsKey: myKeyAlias, }); ``` @@ -110,7 +110,7 @@ Here's how `Key.fromLookup()` can be used: ```ts const myKeyLookup = kms.Key.fromLookup(this, 'MyKeyLookup', { - aliasName: 'alias/KeyAlias' + aliasName: 'alias/KeyAlias', }); const role = new iam.Role(this, 'MyRole', { @@ -138,7 +138,7 @@ which is set for all new projects; for existing projects, this same behavior can passing the `trustAccountIdentities` property as `true` when creating the key: ```ts -new kms.Key(stack, 'MyKey', { trustAccountIdentities: true }); +new kms.Key(this, 'MyKey', { trustAccountIdentities: true }); ``` With either the `@aws-cdk/aws-kms:defaultKeyPolicies` feature flag set, @@ -158,8 +158,8 @@ This enables the root account user -- via IAM policies -- to grant access to oth With the above default policy, future permissions can be added to either the key policy or IAM principal policy. ```ts -const key = new kms.Key(stack, 'MyKey'); -const user = new iam.User(stack, 'MyUser'); +const key = new kms.Key(this, 'MyKey'); +const user = new iam.User(this, 'MyUser'); key.grantEncrypt(user); // Adds encrypt permissions to user policy; key policy is unmodified. ``` @@ -177,12 +177,12 @@ A common addition to the key policy would be to add other key admins that are al via the `grantAdmin` method. ```ts -const myTrustedAdminRole = iam.Role.fromRoleArn(stack, 'TrustedRole', 'arn:aws:iam:....'); -const key = new kms.Key(stack, 'MyKey', { +const myTrustedAdminRole = iam.Role.fromRoleArn(this, 'TrustedRole', 'arn:aws:iam:....'); +const key = new kms.Key(this, 'MyKey', { admins: [myTrustedAdminRole], }); -const secondKey = new kms.Key(stack, 'MyKey2'); +const secondKey = new kms.Key(this, 'MyKey2'); secondKey.grantAdmin(myTrustedAdminRole); ``` @@ -193,7 +193,7 @@ and with `trustedAccountIdentities` set to false (the default), specifying a pol provided policy to the default key policy, rather than _replacing_ the default policy. ```ts -const myTrustedAdminRole = iam.Role.fromRoleArn(stack, 'TrustedRole', 'arn:aws:iam:....'); +const myTrustedAdminRole = iam.Role.fromRoleArn(this, 'TrustedRole', 'arn:aws:iam:....'); // Creates a limited admin policy and assigns to the account root. const myCustomPolicy = new iam.PolicyDocument({ statements: [new iam.PolicyStatement({ @@ -208,7 +208,7 @@ const myCustomPolicy = new iam.PolicyDocument({ resources: ['*'], })], }); -const key = new kms.Key(stack, 'MyKey', { +const key = new kms.Key(this, 'MyKey', { policy: myCustomPolicy, }); ``` diff --git a/packages/@aws-cdk/aws-kms/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-kms/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..3e5ab4d8a6ab9 --- /dev/null +++ b/packages/@aws-cdk/aws-kms/rosetta/default.ts-fixture @@ -0,0 +1,14 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Duration, Stack } from '@aws-cdk/core'; +import * as kms from '@aws-cdk/aws-kms'; +import * as iam from '@aws-cdk/aws-iam'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + From a605525ddda34d36ded30cd19bc0a1b45b3b870a Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 27 Oct 2021 06:00:50 -0400 Subject: [PATCH 10/40] docs(ecr): make examples compile (#17169) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ecr/README.md | 24 +++++++++---------- .../aws-ecr/rosetta/default.ts-fixture | 23 ++++++++++++++++++ 2 files changed, 34 insertions(+), 13 deletions(-) create mode 100644 packages/@aws-cdk/aws-ecr/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-ecr/README.md b/packages/@aws-cdk/aws-ecr/README.md index 03172cac6ff82..193d5de2f0645 100644 --- a/packages/@aws-cdk/aws-ecr/README.md +++ b/packages/@aws-cdk/aws-ecr/README.md @@ -27,16 +27,19 @@ const repository = new ecr.Repository(this, 'Repository'); Amazon ECR image scanning helps in identifying software vulnerabilities in your container images. You can manually scan container images stored in Amazon ECR, or you can configure your repositories to scan images when you push them to a repository. To create a new repository to scan on push, simply enable `imageScanOnPush` in the properties ```ts -const repository = new ecr.Repository(stack, 'Repo', { - imageScanOnPush: true +const repository = new ecr.Repository(this, 'Repo', { + imageScanOnPush: true, }); ``` To create an `onImageScanCompleted` event rule and trigger the event target ```ts +declare const repository: ecr.Repository; +declare const target: SomeTarget; + repository.onImageScanCompleted('ImageScanComplete') - .addTarget(...) + .addTarget(target); ``` ### Authorization Token @@ -50,10 +53,7 @@ A Docker authorization token can be obtained using the `GetAuthorizationToken` E grants an IAM user access to call this API. ```ts -import * as iam from '@aws-cdk/aws-iam'; -import * as ecr from '@aws-cdk/aws-ecr'; - -const user = new iam.User(this, 'User', { ... }); +const user = new iam.User(this, 'User'); ecr.AuthorizationToken.grantRead(user); ``` @@ -65,10 +65,7 @@ higher rate and bandwidth limits. The following code snippet grants an IAM user access to retrieve an authorization token for the public gallery. ```ts -import * as iam from '@aws-cdk/aws-iam'; -import * as ecr from '@aws-cdk/aws-ecr'; - -const user = new iam.User(this, 'User', { ... }); +const user = new iam.User(this, 'User'); ecr.PublicGalleryAuthorizationToken.grantRead(user); ``` @@ -79,7 +76,7 @@ This user can then proceed to login to the registry using one of the [authentica You can set tag immutability on images in our repository using the `imageTagMutability` construct prop. ```ts -new ecr.Repository(stack, 'Repo', { imageTagMutability: ecr.TagMutability.IMMUTABLE }); +new ecr.Repository(this, 'Repo', { imageTagMutability: ecr.TagMutability.IMMUTABLE }); ``` ## Automatically clean up repositories @@ -91,6 +88,7 @@ against that image. For example, the following deletes images older than is important here): ```ts +declare const repository: ecr.Repository; repository.addLifecycleRule({ tagPrefixList: ['prod'], maxImageCount: 9999 }); -repository.addLifecycleRule({ maxImageAge: cdk.Duration.days(30) }); +repository.addLifecycleRule({ maxImageAge: Duration.days(30) }); ``` diff --git a/packages/@aws-cdk/aws-ecr/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ecr/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..6381522ef9b78 --- /dev/null +++ b/packages/@aws-cdk/aws-ecr/rosetta/default.ts-fixture @@ -0,0 +1,23 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Duration, Stack } from '@aws-cdk/core'; +import * as ecr from '@aws-cdk/aws-ecr'; +import * as events from '@aws-cdk/aws-events'; +import * as iam from '@aws-cdk/aws-iam'; + +class SomeTarget implements events.IRuleTarget { + public bind(): events.RuleTargetConfig { + return { + arn: 'ARN1', + }; + } +} + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + From f357955b9bd17bf705832336d12835c3de5c3d40 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 27 Oct 2021 06:56:03 -0400 Subject: [PATCH 11/40] docs(ecs-patterns): make examples compile (#17171) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ecs-patterns/README.md | 233 ++++++++++-------- .../rosetta/default.ts-fixture | 17 ++ 2 files changed, 146 insertions(+), 104 deletions(-) create mode 100644 packages/@aws-cdk/aws-ecs-patterns/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-ecs-patterns/README.md b/packages/@aws-cdk/aws-ecs-patterns/README.md index 00212e704e294..386682e0b75d9 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/README.md +++ b/packages/@aws-cdk/aws-ecs-patterns/README.md @@ -24,14 +24,15 @@ To define an Amazon ECS service that is behind an application load balancer, ins * `ApplicationLoadBalancedEc2Service` ```ts -const loadBalancedEcsService = new ecsPatterns.ApplicationLoadBalancedEc2Service(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedEcsService = new ecsPatterns.ApplicationLoadBalancedEc2Service(this, 'Service', { cluster, memoryLimitMiB: 1024, taskImageOptions: { image: ecs.ContainerImage.fromRegistry('test'), environment: { TEST_ENVIRONMENT_VARIABLE1: "test environment variable 1 value", - TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value" + TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value", }, }, desiredCount: 2, @@ -41,7 +42,8 @@ const loadBalancedEcsService = new ecsPatterns.ApplicationLoadBalancedEc2Service * `ApplicationLoadBalancedFargateService` ```ts -const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, cpu: 512, @@ -78,7 +80,8 @@ Additionally, if more than one application target group are needed, instantiate ```ts // One application load balancer with one listener and two target groups. -const loadBalancedEc2Service = new ApplicationMultipleTargetGroupsEc2Service(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedEc2Service = new ecsPatterns.ApplicationMultipleTargetGroupsEc2Service(this, 'Service', { cluster, memoryLimitMiB: 256, taskImageOptions: { @@ -91,9 +94,9 @@ const loadBalancedEc2Service = new ApplicationMultipleTargetGroupsEc2Service(sta { containerPort: 90, pathPattern: 'a/b/c', - priority: 10 - } - ] + priority: 10, + }, + ], }); ``` @@ -101,7 +104,8 @@ const loadBalancedEc2Service = new ApplicationMultipleTargetGroupsEc2Service(sta ```ts // One application load balancer with one listener and two target groups. -const loadBalancedFargateService = new ApplicationMultipleTargetGroupsFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationMultipleTargetGroupsFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, cpu: 512, @@ -115,9 +119,9 @@ const loadBalancedFargateService = new ApplicationMultipleTargetGroupsFargateSer { containerPort: 90, pathPattern: 'a/b/c', - priority: 10 - } - ] + priority: 10, + }, + ], }); ``` @@ -128,14 +132,15 @@ To define an Amazon ECS service that is behind a network load balancer, instanti * `NetworkLoadBalancedEc2Service` ```ts -const loadBalancedEcsService = new ecsPatterns.NetworkLoadBalancedEc2Service(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedEcsService = new ecsPatterns.NetworkLoadBalancedEc2Service(this, 'Service', { cluster, memoryLimitMiB: 1024, taskImageOptions: { image: ecs.ContainerImage.fromRegistry('test'), environment: { TEST_ENVIRONMENT_VARIABLE1: "test environment variable 1 value", - TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value" + TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value", }, }, desiredCount: 2, @@ -145,7 +150,8 @@ const loadBalancedEcsService = new ecsPatterns.NetworkLoadBalancedEc2Service(sta * `NetworkLoadBalancedFargateService` ```ts -const loadBalancedFargateService = new ecsPatterns.NetworkLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.NetworkLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, cpu: 512, @@ -167,7 +173,8 @@ Additionally, if more than one network target group is needed, instantiate one o ```ts // Two network load balancers, each with their own listener and target group. -const loadBalancedEc2Service = new NetworkMultipleTargetGroupsEc2Service(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedEc2Service = new ecsPatterns.NetworkMultipleTargetGroupsEc2Service(this, 'Service', { cluster, memoryLimitMiB: 256, taskImageOptions: { @@ -178,29 +185,29 @@ const loadBalancedEc2Service = new NetworkMultipleTargetGroupsEc2Service(stack, name: 'lb1', listeners: [ { - name: 'listener1' - } - ] + name: 'listener1', + }, + ], }, { name: 'lb2', listeners: [ { - name: 'listener2' - } - ] - } + name: 'listener2', + }, + ], + }, ], targetGroups: [ { containerPort: 80, - listener: 'listener1' + listener: 'listener1', }, { containerPort: 90, - listener: 'listener2' - } - ] + listener: 'listener2', + }, + ], }); ``` @@ -208,7 +215,8 @@ const loadBalancedEc2Service = new NetworkMultipleTargetGroupsEc2Service(stack, ```ts // Two network load balancers, each with their own listener and target group. -const loadBalancedFargateService = new NetworkMultipleTargetGroupsFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.NetworkMultipleTargetGroupsFargateService(this, 'Service', { cluster, memoryLimitMiB: 512, taskImageOptions: { @@ -219,29 +227,29 @@ const loadBalancedFargateService = new NetworkMultipleTargetGroupsFargateService name: 'lb1', listeners: [ { - name: 'listener1' - } - ] + name: 'listener1', + }, + ], }, { name: 'lb2', listeners: [ { - name: 'listener2' - } - ] - } + name: 'listener2', + }, + ], + }, ], targetGroups: [ { containerPort: 80, - listener: 'listener1' + listener: 'listener1', }, { containerPort: 90, - listener: 'listener2' - } - ] + listener: 'listener2', + }, + ], }); ``` @@ -252,7 +260,8 @@ To define a service that creates a queue and reads from that queue, instantiate * `QueueProcessingEc2Service` ```ts -const queueProcessingEc2Service = new QueueProcessingEc2Service(stack, 'Service', { +declare const cluster: ecs.Cluster; +const queueProcessingEc2Service = new ecsPatterns.QueueProcessingEc2Service(this, 'Service', { cluster, memoryLimitMiB: 1024, image: ecs.ContainerImage.fromRegistry('test'), @@ -261,9 +270,8 @@ const queueProcessingEc2Service = new QueueProcessingEc2Service(stack, 'Service' desiredTaskCount: 2, environment: { TEST_ENVIRONMENT_VARIABLE1: "test environment variable 1 value", - TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value" + TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value", }, - queue, maxScalingCapacity: 5, containerName: 'test', }); @@ -272,7 +280,8 @@ const queueProcessingEc2Service = new QueueProcessingEc2Service(stack, 'Service' * `QueueProcessingFargateService` ```ts -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { cluster, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -281,9 +290,8 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' desiredTaskCount: 2, environment: { TEST_ENVIRONMENT_VARIABLE1: "test environment variable 1 value", - TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value" + TEST_ENVIRONMENT_VARIABLE2: "test environment variable 2 value", }, - queue, maxScalingCapacity: 5, containerName: 'test', }); @@ -299,29 +307,31 @@ To define a task that runs periodically, there are 2 options: ```ts // Instantiate an Amazon EC2 Task to run at a scheduled interval -const ecsScheduledTask = new ScheduledEc2Task(stack, 'ScheduledTask', { +declare const cluster: ecs.Cluster; +const ecsScheduledTask = new ecsPatterns.ScheduledEc2Task(this, 'ScheduledTask', { cluster, scheduledEc2TaskImageOptions: { image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), memoryLimitMiB: 256, environment: { name: 'TRIGGER', value: 'CloudWatch Events' }, }, - schedule: events.Schedule.expression('rate(1 minute)'), + schedule: appscaling.Schedule.expression('rate(1 minute)'), enabled: true, - ruleName: 'sample-scheduled-task-rule' + ruleName: 'sample-scheduled-task-rule', }); ``` * `ScheduledFargateTask` ```ts -const scheduledFargateTask = new ScheduledFargateTask(stack, 'ScheduledFargateTask', { +declare const cluster: ecs.Cluster; +const scheduledFargateTask = new ecsPatterns.ScheduledFargateTask(this, 'ScheduledFargateTask', { cluster, scheduledFargateTaskImageOptions: { image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), memoryLimitMiB: 512, }, - schedule: events.Schedule.expression('rate(1 minute)'), + schedule: appscaling.Schedule.expression('rate(1 minute)'), platformVersion: ecs.FargatePlatformVersion.LATEST, }); ``` @@ -333,7 +343,6 @@ In addition to using the constructs, users can also add logic to customize these ### Configure HTTPS on an ApplicationLoadBalancedFargateService ```ts -import { ApplicationLoadBalancedFargateService } from './application-load-balanced-fargate-service'; import { HostedZone } from '@aws-cdk/aws-route53'; import { Certificate } from '@aws-cdk/aws-certificatemanager'; import { SslPolicy } from '@aws-cdk/aws-elasticloadbalancingv2'; @@ -341,8 +350,10 @@ import { SslPolicy } from '@aws-cdk/aws-elasticloadbalancingv2'; const domainZone = HostedZone.fromLookup(this, 'Zone', { domainName: 'example.com' }); const certificate = Certificate.fromCertificateArn(this, 'Cert', 'arn:aws:acm:us-east-1:123456:certificate/abcdefg'); -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { - vpc +declare const vpc: ec2.Vpc; +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { + vpc, cluster, certificate, sslPolicy: SslPolicy.RECOMMENDED, @@ -358,10 +369,8 @@ const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(sta ### Add Schedule-Based Auto-Scaling to an ApplicationLoadBalancedFargateService ```ts -import { Schedule } from '@aws-cdk/aws-applicationautoscaling'; -import { ApplicationLoadBalancedFargateService, ApplicationLoadBalancedFargateServiceProps } from './application-load-balanced-fargate-service'; - -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -377,12 +386,12 @@ const scalableTarget = loadBalancedFargateService.service.autoScaleTaskCount({ }); scalableTarget.scaleOnSchedule('DaytimeScaleDown', { - schedule: Schedule.cron({ hour: '8', minute: '0'}), + schedule: appscaling.Schedule.cron({ hour: '8', minute: '0'}), minCapacity: 1, }); scalableTarget.scaleOnSchedule('EveningRushScaleUp', { - schedule: Schedule.cron({ hour: '20', minute: '0'}), + schedule: appscaling.Schedule.cron({ hour: '20', minute: '0'}), minCapacity: 10, }); ``` @@ -390,9 +399,8 @@ scalableTarget.scaleOnSchedule('EveningRushScaleUp', { ### Add Metric-Based Auto-Scaling to an ApplicationLoadBalancedFargateService ```ts -import { ApplicationLoadBalancedFargateService } from './application-load-balanced-fargate-service'; - -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -419,9 +427,8 @@ scalableTarget.scaleOnMemoryUtilization('MemoryScaling', { ### Change the default Deployment Controller ```ts -import { ApplicationLoadBalancedFargateService } from './application-load-balanced-fargate-service'; - -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -443,7 +450,8 @@ deployment circuit breaker and optionally enable `rollback` for automatic rollba for more details. ```ts -const service = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const service = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -458,7 +466,8 @@ const service = new ApplicationLoadBalancedFargateService(stack, 'Service', { ### Set deployment configuration on QueueProcessingService ```ts -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { cluster, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -466,17 +475,18 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' enableLogging: false, desiredTaskCount: 2, environment: {}, - queue, maxScalingCapacity: 5, maxHealthyPercent: 200, - minHealthPercent: 66, + minHealthyPercent: 66, }); ``` ### Set taskSubnets and securityGroups for QueueProcessingFargateService ```ts -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +declare const vpc: ec2.Vpc; +declare const securityGroup: ec2.SecurityGroup; +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { vpc, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -488,7 +498,8 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' ### Define tasks with public IPs for QueueProcessingFargateService ```ts -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +declare const vpc: ec2.Vpc; +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { vpc, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -499,24 +510,24 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' ### Define tasks with custom queue parameters for QueueProcessingFargateService ```ts -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +declare const vpc: ec2.Vpc; +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { vpc, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), maxReceiveCount: 42, - retentionPeriod: cdk.Duration.days(7), - visibilityTimeout: cdk.Duration.minutes(5), + retentionPeriod: Duration.days(7), + visibilityTimeout: Duration.minutes(5), }); ``` ### Set capacityProviderStrategies for QueueProcessingFargateService ```ts -const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 1 }); -const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); +declare const cluster: ecs.Cluster; cluster.enableFargateCapacityProviders(); -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { cluster, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -536,19 +547,21 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' ### Set capacityProviderStrategies for QueueProcessingEc2Service ```ts -const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 1 }); -const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); -const autoScalingGroup = new autoscaling.AutoScalingGroup(stack, 'asg', { +import * as autoscaling from '@aws-cdk/aws-autoscaling'; + +const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); +const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc }); +const autoScalingGroup = new autoscaling.AutoScalingGroup(this, 'asg', { vpc, instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machineImage: ecs.EcsOptimizedImage.amazonLinux2(), }); -const capacityProvider = new ecs.AsgCapacityProvider(stack, 'provider', { +const capacityProvider = new ecs.AsgCapacityProvider(this, 'provider', { autoScalingGroup, }); cluster.addAsgCapacityProvider(capacityProvider); -const queueProcessingFargateService = new QueueProcessingFargateService(stack, 'Service', { +const queueProcessingFargateService = new ecsPatterns.QueueProcessingFargateService(this, 'Service', { cluster, memoryLimitMiB: 512, image: ecs.ContainerImage.fromRegistry('test'), @@ -563,7 +576,8 @@ const queueProcessingFargateService = new QueueProcessingFargateService(stack, ' ### Select specific vpc subnets for ApplicationLoadBalancedFargateService ```ts -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -571,8 +585,8 @@ const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(sta taskImageOptions: { image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"), }, - vpcSubnets: { - subnets: [ec2.Subnet.fromSubnetId(stack, 'subnet', 'VpcISOLATEDSubnet1Subnet80F07FA0')], + taskSubnets: { + subnets: [ec2.Subnet.fromSubnetId(this, 'subnet', 'VpcISOLATEDSubnet1Subnet80F07FA0')], }, }); ``` @@ -580,13 +594,14 @@ const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(sta ### Set PlatformVersion for ScheduledFargateTask ```ts -const scheduledFargateTask = new ScheduledFargateTask(stack, 'ScheduledFargateTask', { +declare const cluster: ecs.Cluster; +const scheduledFargateTask = new ecsPatterns.ScheduledFargateTask(this, 'ScheduledFargateTask', { cluster, scheduledFargateTaskImageOptions: { image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), memoryLimitMiB: 512, }, - schedule: events.Schedule.expression('rate(1 minute)'), + schedule: appscaling.Schedule.expression('rate(1 minute)'), platformVersion: ecs.FargatePlatformVersion.VERSION1_4, }); ``` @@ -594,18 +609,17 @@ const scheduledFargateTask = new ScheduledFargateTask(stack, 'ScheduledFargateTa ### Set SecurityGroups for ScheduledFargateTask ```ts -const stack = new cdk.Stack(); -const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 1 }); -const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); -const securityGroup = new ec2.SecurityGroup(stack, 'SG', { vpc }); +const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 1 }); +const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc }); +const securityGroup = new ec2.SecurityGroup(this, 'SG', { vpc }); -const scheduledFargateTask = new ScheduledFargateTask(stack, 'ScheduledFargateTask', { +const scheduledFargateTask = new ecsPatterns.ScheduledFargateTask(this, 'ScheduledFargateTask', { cluster, scheduledFargateTaskImageOptions: { image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), memoryLimitMiB: 512, }, - schedule: events.Schedule.expression('rate(1 minute)'), + schedule: appscaling.Schedule.expression('rate(1 minute)'), securityGroups: [securityGroup], }); ``` @@ -626,12 +640,20 @@ If a desiredCount is not passed in as input to the above constructs, CloudFormat To enable the feature flag, ensure that the REMOVE_DEFAULT_DESIRED_COUNT flag within an application stack context is set to true, like so: ```ts +declare const stack: Stack; stack.node.setContext(cxapi.ECS_REMOVE_DEFAULT_DESIRED_COUNT, true); ``` The following is an example of an application with the REMOVE_DEFAULT_DESIRED_COUNT feature flag enabled: -```ts +```ts nofixture +import { App, Stack } from '@aws-cdk/core'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as ecsPatterns from '@aws-cdk/aws-ecs-patterns'; +import * as cxapi from '@aws-cdk/cx-api'; +import * as path from 'path'; + const app = new App(); const stack = new Stack(app, 'aws-ecs-patterns-queue'); @@ -641,7 +663,7 @@ const vpc = new ec2.Vpc(stack, 'VPC', { maxAzs: 2, }); -new QueueProcessingFargateService(stack, 'QueueProcessingService', { +new ecsPatterns.QueueProcessingFargateService(stack, 'QueueProcessingService', { vpc, memoryLimitMiB: 512, image: new ecs.AssetImage(path.join(__dirname, '..', 'sqs-reader')), @@ -653,28 +675,31 @@ new QueueProcessingFargateService(stack, 'QueueProcessingService', { The following is an example of deploying an application along with a metrics sidecar container that utilizes `dockerLabels` for discovery: ```ts -const service = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +declare const vpc: ec2.Vpc; +const service = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, vpc, desiredCount: 1, taskImageOptions: { image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"), + dockerLabels: { + 'application.label.one': 'first_label', + 'application.label.two': 'second_label', + }, }, - dockerLabels: { - 'application.label.one': 'first_label' - 'application.label.two': 'second_label' - } }); service.taskDefinition.addContainer('Sidecar', { - image: ContainerImage.fromRegistry('example/metrics-sidecar') -} + image: ecs.ContainerImage.fromRegistry('example/metrics-sidecar'), +}); ``` ### Select specific load balancer name ApplicationLoadBalancedFargateService ```ts -const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(stack, 'Service', { +declare const cluster: ecs.Cluster; +const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', { cluster, memoryLimitMiB: 1024, desiredCount: 1, @@ -682,8 +707,8 @@ const loadBalancedFargateService = new ApplicationLoadBalancedFargateService(sta taskImageOptions: { image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"), }, - vpcSubnets: { - subnets: [ec2.Subnet.fromSubnetId(stack, 'subnet', 'VpcISOLATEDSubnet1Subnet80F07FA0')], + taskSubnets: { + subnets: [ec2.Subnet.fromSubnetId(this, 'subnet', 'VpcISOLATEDSubnet1Subnet80F07FA0')], }, loadBalancerName: 'application-lb-name', }); diff --git a/packages/@aws-cdk/aws-ecs-patterns/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ecs-patterns/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..e998fef0a9210 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/rosetta/default.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Duration, Stack } from '@aws-cdk/core'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as ecsPatterns from '@aws-cdk/aws-ecs-patterns'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as appscaling from '@aws-cdk/aws-applicationautoscaling'; +import * as cxapi from '@aws-cdk/cx-api'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + From a8528577a841064ccdc11bb1fbd8d8046073fa8a Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Wed, 27 Oct 2021 12:48:43 +0100 Subject: [PATCH 12/40] chore: update DEPRECATED_APIs.md and introduce new plaintext format (#17120) As part of the upcoming v2 GA, we need to update (and lock in) the final list of deprecated APIs that will be removed from V2. At the same time, we need to create the input for `jsii`'s new `--strip-deprecated` file input, where only a subset of deprecated items are stripped away (see #16566). This change does both by introducing a new output format for `list-deprecated-apis` and feeding that value into `jsii` at compile time. fixes #16566 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- DEPRECATED_APIs.md | 286 +++++++- deprecated_apis.txt | 1121 +++++++++++++++++++++++++++++++ scripts/list-deprecated-apis.js | 81 ++- 3 files changed, 1448 insertions(+), 40 deletions(-) create mode 100644 deprecated_apis.txt diff --git a/DEPRECATED_APIs.md b/DEPRECATED_APIs.md index a08cf9de97f86..fdf0a1877b5dc 100644 --- a/DEPRECATED_APIs.md +++ b/DEPRECATED_APIs.md @@ -3,6 +3,8 @@ | Module | API Element | Message | |--------|-------------|---------| | @aws-cdk/core | AppProps.​runtimeInfo | use `versionReporting` instead | +| @aws-cdk/core | Arn.​parse() | use split instead | +| @aws-cdk/core | ArnComponents.​sep | use arnFormat instead | | @aws-cdk/core | AssetHashType.​BUNDLE | use `OUTPUT` instead | | @aws-cdk/core | AssetStaging.​sourceHash | see `assetHash`. | | @aws-cdk/core | AssetStaging.​stagedPath | Use `absoluteStagedPath` instead. | @@ -40,11 +42,13 @@ | @aws-cdk/core | Stack.​parentStack | use `nestedStackParent` | | @aws-cdk/core | Stack.​addDockerImageAsset() | Use `stack.synthesizer.addDockerImageAsset()` if you are calling, and a different `IStackSynthesizer` class if you are implementing. | | @aws-cdk/core | Stack.​addFileAsset() | Use `stack.synthesizer.addFileAsset()` if you are calling, and a different IStackSynthesizer class if you are implementing. | +| @aws-cdk/core | Stack.​parseArn() | use splitArn instead | | @aws-cdk/core | Stack.​prepareCrossReference() | cross reference handling has been moved to `App.prepare()`. | | @aws-cdk/core | Stack.​reportMissingContext() | use `reportMissingContextKey()` | | @aws-cdk/core | SynthesisOptions | use `app.synth()` or `stage.synth()` instead | | @aws-cdk/core | SynthesisOptions.​outdir | use `app.synth()` or `stage.synth()` instead | | @aws-cdk/core | SynthesisOptions.​skipValidation | use `app.synth()` or `stage.synth()` instead | +| @aws-cdk/core | SynthesisOptions.​validateOnSynthesis | use `app.synth()` or `stage.synth()` instead | | @aws-cdk/core | Tag.​add() | use `Tags.of(scope).add()` | | @aws-cdk/core | Tag.​remove() | use `Tags.of(scope).remove()` | | @aws-cdk/cloud-assembly-schema | ContainerImageAssetMetadataEntry.​imageNameParameter | specify `repositoryName` and `imageTag` instead, and then you know where the image will go. | @@ -60,7 +64,7 @@ | @aws-cdk/cx-api | MissingContext.​provider | moved to package 'cloud-assembly-schema' | | @aws-cdk/cx-api | RuntimeInfo | moved to package 'cloud-assembly-schema' | | constructs | Construct.​onValidate() | use `Node.addValidation()` to subscribe validation functions on this construct instead of overriding this method. | -| constructs | Node.​uniqueId | please avoid using this property and use `uid` instead. This algorithm uses MD5, which is not FIPS-complient and also excludes the identity of the root construct from the calculation. | +| constructs | Node.​uniqueId | please avoid using this property and use `addr` to form unique names. This algorithm uses MD5, which is not FIPS-complient and also excludes the identity of the root construct from the calculation. | | @aws-cdk/assets | CopyOptions | see `core.CopyOptions` | | @aws-cdk/assets | CopyOptions.​exclude | see `core.CopyOptions` | | @aws-cdk/assets | CopyOptions.​follow | use `followSymlinks` instead | @@ -77,10 +81,6 @@ | @aws-cdk/assets | Staging | use `core.AssetStaging` | | @aws-cdk/assets | StagingProps | use `core.AssetStagingProps` | | @aws-cdk/assets | StagingProps.​sourcePath | use `core.AssetStagingProps` | -| @aws-cdk/aws-iam | Anyone | use `AnyPrincipal` | -| @aws-cdk/aws-iam | IPrincipal.​addToPolicy() | Use `addToPrincipalPolicy` instead. | -| @aws-cdk/aws-iam | RoleProps.​externalId | see {@link externalIds} | -| @aws-cdk/aws-kms | KeyProps.​trustAccountIdentities | redundant with the `@aws-cdk/aws-kms:defaultKeyPolicies` feature flag | | @aws-cdk/aws-codebuild | LinuxBuildImage.​UBUNTU_​14_​04_​ANDROID_​JAVA8_​24_​4_​1 | Use {@link STANDARD_2_0} and specify runtime in buildspec runtime-versions section | | @aws-cdk/aws-codebuild | LinuxBuildImage.​UBUNTU_​14_​04_​ANDROID_​JAVA8_​26_​1_​1 | Use {@link STANDARD_2_0} and specify runtime in buildspec runtime-versions section | | @aws-cdk/aws-codebuild | LinuxBuildImage.​UBUNTU_​14_​04_​BASE | Use {@link STANDARD_2_0} and specify runtime in buildspec runtime-versions section | @@ -112,10 +112,11 @@ | @aws-cdk/aws-codebuild | LinuxBuildImage.​UBUNTU_​14_​04_​RUBY_​2_​5_​1 | Use {@link STANDARD_2_0} and specify runtime in buildspec runtime-versions section | | @aws-cdk/aws-codebuild | LinuxBuildImage.​UBUNTU_​14_​04_​RUBY_​2_​5_​3 | Use {@link STANDARD_2_0} and specify runtime in buildspec runtime-versions section | | @aws-cdk/aws-codebuild | WindowsBuildImage.​WIN_​SERVER_​CORE_​2016_​BASE | `WindowsBuildImage.WINDOWS_BASE_2_0` should be used instead. | +| @aws-cdk/aws-cloudwatch | CommonMetricOptions.​dimensions | Use 'dimensionsMap' instead. | | @aws-cdk/aws-cloudwatch | CreateAlarmOptions.​period | Use `metric.with({ period: ... })` to encode the period into the Metric object | | @aws-cdk/aws-cloudwatch | CreateAlarmOptions.​statistic | Use `metric.with({ statistic: ... })` to encode the period into the Metric object | -| @aws-cdk/aws-cloudwatch | IMetric.​toAlarmConfig() | Use `toMetricsConfig()` instead. | -| @aws-cdk/aws-cloudwatch | IMetric.​toGraphConfig() | Use `toMetricsConfig()` instead. | +| @aws-cdk/aws-cloudwatch | IMetric.​toAlarmConfig() | Use `toMetricConfig()` instead. | +| @aws-cdk/aws-cloudwatch | IMetric.​toGraphConfig() | Use `toMetricConfig()` instead. | | @aws-cdk/aws-cloudwatch | MathExpression.​toAlarmConfig() | use toMetricConfig() | | @aws-cdk/aws-cloudwatch | MathExpression.​toGraphConfig() | use toMetricConfig() | | @aws-cdk/aws-cloudwatch | Metric.​toAlarmConfig() | use toMetricConfig() | @@ -143,12 +144,21 @@ | @aws-cdk/aws-cloudwatch | MetricRenderingProperties.​color | Replaced by MetricConfig. | | @aws-cdk/aws-cloudwatch | MetricRenderingProperties.​label | Replaced by MetricConfig. | | @aws-cdk/aws-cloudwatch | MetricRenderingProperties.​stat | Replaced by MetricConfig. | +| @aws-cdk/aws-iam | Anyone | use `AnyPrincipal` | +| @aws-cdk/aws-iam | IPrincipal.​addToPolicy() | Use `addToPrincipalPolicy` instead. | +| @aws-cdk/aws-iam | RoleProps.​externalId | see {@link externalIds} | | @aws-cdk/aws-events | EventBus.​grantPutEvents() | use grantAllPutEvents instead | | @aws-cdk/aws-events | RuleTargetConfig.​id | no replacement. we will always use an autogenerated id. | +| @aws-cdk/aws-ec2 | ClientVpnAuthorizationRuleProps.​clientVpnEndoint | Use `clientVpnEndpoint` instead | +| @aws-cdk/aws-ec2 | ClientVpnRouteProps.​clientVpnEndoint | Use `clientVpnEndpoint` instead | | @aws-cdk/aws-ec2 | InterfaceVpcEndpoint.​securityGroupId | use the `connections` object | | @aws-cdk/aws-ec2 | InterfaceVpcEndpointAttributes.​securityGroupId | use `securityGroups` instead | +| @aws-cdk/aws-ec2 | MachineImage.​fromSSMParameter() | Use `MachineImage.fromSsmParameter()` instead | | @aws-cdk/aws-ec2 | NatInstanceProps.​allowAllTraffic | Use `defaultAllowedTraffic`. | +| @aws-cdk/aws-ec2 | SecurityGroup.​securityGroupName | returns the security group ID, rather than the name. | | @aws-cdk/aws-ec2 | SubnetSelection.​subnetName | Use `subnetGroupName` instead | +| @aws-cdk/aws-ec2 | SubnetType.​ISOLATED | use `SubnetType.PRIVATE_ISOLATED` | +| @aws-cdk/aws-ec2 | SubnetType.​PRIVATE | use `PRIVATE_WITH_NAT` | | @aws-cdk/aws-ec2 | Vpc.​natDependencies | This value is no longer used. | | @aws-cdk/aws-ec2 | Vpc.​addDynamoDbEndpoint() | use `addGatewayEndpoint()` instead | | @aws-cdk/aws-ec2 | Vpc.​addS3Endpoint() | use `addGatewayEndpoint()` instead | @@ -168,11 +178,13 @@ | @aws-cdk/aws-ec2 | WindowsVersion.​WINDOWS_​SERVER_​2012_​RTM_​PORTUGESE_​PORTUGAL_​64BIT_​BASE | use WINDOWS_SERVER_2012_RTM_PORTUGUESE_PORTUGAL_64BIT_BASE | | @aws-cdk/aws-ec2 | WindowsVersion.​WINDOWS_​SERVER_​2019_​PORTUGESE_​BRAZIL_​FULL_​BASE | use WINDOWS_SERVER_2019_PORTUGUESE_BRAZIL_FULL_BASE | | @aws-cdk/aws-ec2 | WindowsVersion.​WINDOWS_​SERVER_​2019_​PORTUGESE_​PORTUGAL_​FULL_​BASE | use WINDOWS_SERVER_2019_PORTUGUESE_PORTUGAL_FULL_BASE | +| @aws-cdk/aws-kms | KeyProps.​trustAccountIdentities | redundant with the `@aws-cdk/aws-kms:defaultKeyPolicies` feature flag | | @aws-cdk/aws-s3-assets | Asset.​s3Url | use `httpUrl` | | @aws-cdk/aws-s3-assets | Asset.​sourceHash | see `assetHash` | | @aws-cdk/aws-s3-assets | AssetOptions.​sourceHash | see `assetHash` and `assetHashType` | | @aws-cdk/aws-ecr-assets | DockerImageAsset.​sourceHash | use assetHash | | @aws-cdk/aws-ecr-assets | DockerImageAssetOptions.​repositoryName | to control the location of docker image assets, please override `Stack.addDockerImageAsset`. this feature will be removed in future releases. | +| @aws-cdk/aws-ecr-assets | TarballImageAsset.​sourceHash | use assetHash | | @aws-cdk/aws-secretsmanager | AttachedSecretOptions | use `secret.attach()` instead | | @aws-cdk/aws-secretsmanager | AttachedSecretOptions.​target | use `secret.attach()` instead | | @aws-cdk/aws-secretsmanager | AttachmentTargetType.​INSTANCE | use RDS_DB_INSTANCE instead | @@ -181,6 +193,8 @@ | @aws-cdk/aws-secretsmanager | Secret.​fromSecretName() | use `fromSecretNameV2` | | @aws-cdk/aws-secretsmanager | Secret.​addTargetAttachment() | use `attach()` instead | | @aws-cdk/aws-secretsmanager | SecretAttributes.​secretArn | use `secretCompleteArn` or `secretPartialArn` instead. | +| @aws-cdk/aws-secretsmanager | SecretRotationApplication.​applicationId | only valid when deploying to the 'aws' partition. Use `applicationArnForPartition` instead. | +| @aws-cdk/aws-secretsmanager | SecretRotationApplication.​semanticVersion | only valid when deploying to the 'aws' partition. Use `semanticVersionForPartition` instead. | | @aws-cdk/aws-lambda | Code.​isInline | this value is ignored since inline is now determined based on the the `inlineCode` field of `CodeConfig` returned from `bind()`. | | @aws-cdk/aws-lambda | Code.​asset() | use `fromAsset` | | @aws-cdk/aws-lambda | Code.​bucket() | use `fromBucket` | @@ -188,6 +202,7 @@ | @aws-cdk/aws-lambda | Code.​inline() | use `fromInline` | | @aws-cdk/aws-lambda | Function.​addVersion() | This method will create an AWS::Lambda::Version resource which snapshots the AWS Lambda function *at the time of its creation* and it won't get updated when the function changes. Instead, use `this.currentVersion` to obtain a reference to a version resource that gets automatically recreated when the function configuration (or code) changes. | | @aws-cdk/aws-lambda | FunctionAttributes.​securityGroupId | use `securityGroup` instead | +| @aws-cdk/aws-lambda | FunctionOptions.​architectures | use `architecture` | | @aws-cdk/aws-lambda | FunctionOptions.​securityGroup | This property is deprecated, use securityGroups instead | | @aws-cdk/aws-lambda | LogRetention | use `LogRetention` from ' | | @aws-cdk/aws-lambda | LogRetentionProps | use `LogRetentionProps` from ' | @@ -472,10 +487,10 @@ | @aws-cdk/aws-apigateway | CfnStageV2Props.​routeSettings | moved to package aws-apigatewayv2 | | @aws-cdk/aws-apigateway | CfnStageV2Props.​stageVariables | moved to package aws-apigatewayv2 | | @aws-cdk/aws-apigateway | CfnStageV2Props.​tags | moved to package aws-apigatewayv2 | -| @aws-cdk/aws-apigateway | EmptyModel | You should use | -| @aws-cdk/aws-apigateway | EmptyModel.​modelId | You should use | -| @aws-cdk/aws-apigateway | ErrorModel | You should use | -| @aws-cdk/aws-apigateway | ErrorModel.​modelId | You should use | +| @aws-cdk/aws-apigateway | EmptyModel | You should use Model.EMPTY_MODEL | +| @aws-cdk/aws-apigateway | EmptyModel.​modelId | You should use Model.EMPTY_MODEL | +| @aws-cdk/aws-apigateway | ErrorModel | You should use Model.ERROR_MODEL | +| @aws-cdk/aws-apigateway | ErrorModel.​modelId | You should use Model.ERROR_MODEL | | @aws-cdk/aws-apigateway | IResource.​restApi | Throws an error if this Resource is not associated with an instance of `RestApi`. Use `api` instead. | | @aws-cdk/aws-apigateway | LambdaRestApiProps.​options | the `LambdaRestApiProps` now extends `RestApiProps`, so all options are just available here. Note that the options specified in `options` will be overridden by any props specified at the root level. | | @aws-cdk/aws-apigateway | Method.​restApi | Throws an error if this Resource is not associated with an instance of `RestApi`. Use `api` instead. | @@ -489,6 +504,7 @@ | @aws-cdk/aws-certificatemanager | CertificateProps.​validationDomains | use `validation` instead. | | @aws-cdk/aws-certificatemanager | CertificateProps.​validationMethod | use `validation` instead. | | @aws-cdk/aws-route53 | AddressRecordTarget | Use RecordTarget | +| @aws-cdk/custom-resources | AwsSdkCall.​outputPath | use outputPaths instead | | @aws-cdk/custom-resources | Provider.​bind() | use `provider.serviceToken` instead | | @aws-cdk/aws-cloudformation | CloudFormationCapabilities | use `core.CfnCapabilities` | | @aws-cdk/aws-cloudformation | CloudFormationCapabilities.​NONE | use `core.CfnCapabilities` | @@ -520,6 +536,8 @@ | @aws-cdk/aws-sns | NumericConditions.​whitelist | use `allowlist` | | @aws-cdk/aws-sns | StringConditions.​blacklist | use `denylist` | | @aws-cdk/aws-sns | StringConditions.​whitelist | use `allowlist` | +| @aws-cdk/aws-cognito | StandardAttributes.​emailVerified | this is not a standard attribute and was incorrectly added to the CDK. It is a Cognito built-in attribute and cannot be controlled as part of user pool creation. | +| @aws-cdk/aws-cognito | StandardAttributes.​phoneNumberVerified | this is not a standard attribute and was incorrectly added to the CDK. It is a Cognito built-in attribute and cannot be controlled as part of user pool creation. | | @aws-cdk/aws-elasticloadbalancingv2 | AddFixedResponseProps | Use `ApplicationListener.addAction` instead. | | @aws-cdk/aws-elasticloadbalancingv2 | AddRedirectResponseProps | Use `ApplicationListener.addAction` instead. | | @aws-cdk/aws-elasticloadbalancingv2 | AddRuleProps.​hostHeader | Use `conditions` instead. | @@ -573,6 +591,11 @@ | @aws-cdk/aws-elasticloadbalancingv2 | TargetGroupAttributes.​defaultPort | This property is unused and the wrong type. No need to use it. | | @aws-cdk/aws-elasticloadbalancingv2 | TargetGroupImportProps | Use TargetGroupAttributes instead | | @aws-cdk/aws-apigatewayv2 | IHttpApi.​httpApiId | use apiId instead | +| @aws-cdk/aws-appmesh | Protocol | not for use outside package | +| @aws-cdk/aws-appmesh | Protocol.​HTTP | not for use outside package | +| @aws-cdk/aws-appmesh | Protocol.​TCP | not for use outside package | +| @aws-cdk/aws-appmesh | Protocol.​HTTP2 | not for use outside package | +| @aws-cdk/aws-appmesh | Protocol.​GRPC | not for use outside package | | @aws-cdk/aws-dynamodb | ITable.​metricSystemErrors() | use `metricSystemErrorsForOperations` | | @aws-cdk/aws-dynamodb | Table.​grantListStreams() | Use {@link #grantTableListStreams} for more granular permission | | @aws-cdk/aws-dynamodb | Table.​metricSystemErrors() | use `metricSystemErrorsForOperations`. | @@ -594,6 +617,40 @@ | @aws-cdk/aws-rds | DatabaseInstanceEngine.​oracleSe() | instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341 | | @aws-cdk/aws-rds | DatabaseInstanceEngine.​oracleSe1() | instances can no longer be created with this engine. See https://forums.aws.amazon.com/ann.jspa?annID=7341 | | @aws-cdk/aws-rds | DatabaseInstanceNewProps.​vpcPlacement | use `vpcSubnets` | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​17 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​24 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​28 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​31 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​32 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​34 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​0_​35 | MariaDB 10.0 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​14 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​19 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​23 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​26 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​31 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MariaDbEngineVersion.​VER_​10_​1_​34 | MariaDB 10.1 will reach end of life on May 18, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5_​46 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5_​53 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5_​57 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5_​59 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​5_​61 | MySQL 5.5 will reach end of life on May 25, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​34 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​35 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​37 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​39 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​40 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​41 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​43 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​44 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​46 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​48 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​49 | MySQL 5.6 will reach end of life on August 3, 2021 | +| @aws-cdk/aws-rds | MysqlEngineVersion.​VER_​5_​6_​51 | MySQL 5.6 will reach end of life on August 3, 2021 | | @aws-cdk/aws-rds | OracleLegacyEngineVersion | instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341 | | @aws-cdk/aws-rds | OracleLegacyEngineVersion.​VER_​11_​2 | instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341 | | @aws-cdk/aws-rds | OracleLegacyEngineVersion.​VER_​11_​2_​0_​2_​V2 | instances can no longer be created with these engine versions. See https://forums.aws.amazon.com/ann.jspa?annID=7341 | @@ -641,6 +698,8 @@ | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​21 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​22 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​23 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​24 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​25 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​4 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​6 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​5_​7 | PostgreSQL 9.5 will reach end of life on February 16, 2021 | @@ -657,12 +716,17 @@ | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​18 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​19 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​2 | PostgreSQL 9.6 will reach end of life in November 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​20 | PostgreSQL 9.6 will reach end of life in November 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​21 | PostgreSQL 9.6 will reach end of life in November 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​22 | PostgreSQL 9.6 will reach end of life in November 2021 | +| @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​23 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​3 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​5 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​6 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​8 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | PostgresEngineVersion.​VER_​9_​6_​9 | PostgreSQL 9.6 will reach end of life in November 2021 | | @aws-cdk/aws-rds | SnapshotCredentials.​fromGeneratedPassword() | use `fromGeneratedSecret()` for new Clusters and Instances. Note that switching from `fromGeneratedPassword()` to `fromGeneratedSecret()` for already deployed Clusters or Instances will update their master password. | +| @aws-cdk/aws-rds | SqlServerEngineVersion.​VER_​15_​00_​4043_​23_​V1 | This version is erroneous. You might be looking for {@link SqlServerEngineVersion.VER_15_00_4073_23_V1}, instead. | | @aws-cdk/aws-autoscaling | BlockDevice.​mappingEnabled | use `BlockDeviceVolume.noDevice()` as the volume to supress a mapping. | | @aws-cdk/aws-autoscaling | CommonAutoScalingGroupProps.​notificationsTopic | use `notifications` | | @aws-cdk/aws-autoscaling | CommonAutoScalingGroupProps.​replacingUpdateMinSuccessfulInstancesPercent | Use `signals` instead | @@ -683,17 +747,23 @@ | @aws-cdk/aws-autoscaling | UpdateType.​REPLACING_​UPDATE | Use UpdatePolicy instead | | @aws-cdk/aws-autoscaling | UpdateType.​ROLLING_​UPDATE | Use UpdatePolicy instead | | @aws-cdk/aws-elasticloadbalancing | LoadBalancerListener.​sslCertificateId | use sslCertificateArn instead | +| @aws-cdk/aws-ecs | AddAutoScalingGroupCapacityOptions.​taskDrainTime | The lifecycle draining hook is not configured if using the EC2 Capacity Provider. Enable managed termination protection instead. | | @aws-cdk/aws-ecs | BaseService.​configureAwsVpcNetworking() | use configureAwsVpcNetworkingWithSecurityGroups instead. | -| @aws-cdk/aws-ecs | Ec2ServiceProps.​propagateTaskTagsFrom | Use `propagateTags` instead. | +| @aws-cdk/aws-ecs | BaseServiceOptions.​propagateTaskTagsFrom | Use `propagateTags` instead. | +| @aws-cdk/aws-ecs | Cluster.​addAutoScalingGroup() | Use {@link Cluster.addAsgCapacityProvider} instead. | +| @aws-cdk/aws-ecs | Cluster.​addCapacity() | Use {@link Cluster.addAsgCapacityProvider} instead. | +| @aws-cdk/aws-ecs | Cluster.​addCapacityProvider() | Use {@link enableFargateCapacityProviders} instead. | +| @aws-cdk/aws-ecs | ClusterProps.​capacityProviders | Use {@link ClusterProps.enableFargateCapacityProviders} instead. | | @aws-cdk/aws-ecs | Ec2ServiceProps.​securityGroup | use securityGroups instead. | | @aws-cdk/aws-ecs | EcsOptimizedAmi | see {@link EcsOptimizedImage#amazonLinux}, {@link EcsOptimizedImage#amazonLinux} and {@link EcsOptimizedImage#windows} | | @aws-cdk/aws-ecs | EcsOptimizedAmi.​getImage() | see {@link EcsOptimizedImage#amazonLinux}, {@link EcsOptimizedImage#amazonLinux} and {@link EcsOptimizedImage#windows} | | @aws-cdk/aws-ecs | EcsOptimizedAmiProps | see {@link EcsOptimizedImage} | +| @aws-cdk/aws-ecs | EcsOptimizedAmiProps.​cachedInContext | see {@link EcsOptimizedImage} | | @aws-cdk/aws-ecs | EcsOptimizedAmiProps.​generation | see {@link EcsOptimizedImage} | | @aws-cdk/aws-ecs | EcsOptimizedAmiProps.​hardwareType | see {@link EcsOptimizedImage} | | @aws-cdk/aws-ecs | EcsOptimizedAmiProps.​windowsVersion | see {@link EcsOptimizedImage} | -| @aws-cdk/aws-ecs | FargateServiceProps.​propagateTaskTagsFrom | Use `propagateTags` instead. | | @aws-cdk/aws-ecs | FargateServiceProps.​securityGroup | use securityGroups instead. | +| @aws-cdk/aws-ecs | SplunkLogDriverProps.​token | Use {@link SplunkLogDriverProps.secretToken} instead. | | @aws-cdk/aws-cloudfront | AliasConfiguration | see {@link CloudFrontWebDistributionProps#viewerCertificate} with {@link ViewerCertificate#acmCertificate} | | @aws-cdk/aws-cloudfront | AliasConfiguration.​acmCertRef | see {@link CloudFrontWebDistributionProps#viewerCertificate} with {@link ViewerCertificate#acmCertificate} | | @aws-cdk/aws-cloudfront | AliasConfiguration.​names | see {@link CloudFrontWebDistributionProps#viewerCertificate} with {@link ViewerCertificate#acmCertificate} | @@ -757,6 +827,8 @@ | @aws-cdk/aws-stepfunctions | Task.​next() | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | | @aws-cdk/aws-stepfunctions | Task.​toStateJson() | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | | @aws-cdk/aws-stepfunctions | Task.​whenBoundToGraph() | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | +| @aws-cdk/aws-stepfunctions | TaskInput.​fromContextAt() | Use `fromJsonPathAt`. | +| @aws-cdk/aws-stepfunctions | TaskInput.​fromDataAt() | Use `fromJsonPathAt`. | | @aws-cdk/aws-stepfunctions | TaskProps | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | | @aws-cdk/aws-stepfunctions | TaskProps.​task | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | | @aws-cdk/aws-stepfunctions | TaskProps.​comment | replaced by service integration specific classes (i.e. LambdaInvoke, SnsPublish) | @@ -861,5 +933,193 @@ | @aws-cdk/aws-stepfunctions-tasks | StartExecutionProps.​input | use 'StepFunctionsStartExecution' | | @aws-cdk/aws-stepfunctions-tasks | StartExecutionProps.​integrationPattern | use 'StepFunctionsStartExecution' | | @aws-cdk/aws-stepfunctions-tasks | StartExecutionProps.​name | use 'StepFunctionsStartExecution' | +| @aws-cdk/pipelines | AddManualApprovalOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddManualApprovalOptions.​actionName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddManualApprovalOptions.​runOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStackOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStackOptions.​executeRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStackOptions.​runOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStageOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStageOptions.​extraRunOrderSpace | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AddStageOptions.​manualApprovals | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AdditionalArtifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AdditionalArtifact.​artifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AdditionalArtifact.​directory | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand.​assetId | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand.​assetManifestPath | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand.​assetPublishingRoleArn | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand.​assetSelector | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | AssetPublishingCommand.​assetType | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | BaseStageOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | BaseStageOptions.​confirmBroadeningPermissions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | BaseStageOptions.​securityNotificationTopic | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​codePipeline | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​addApplicationStage() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​addStage() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​stackOutput() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​stage() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipeline.​validate() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​cloudAssemblyArtifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​assetBuildSpec | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​assetPreInstallCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​cdkCliVersion | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​codePipeline | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​crossAccountKeys | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​dockerCredentials | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​enableKeyRotation | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​pipelineName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​selfMutating | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​selfMutationBuildSpec | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​singlePublisherPerType | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​sourceAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​subnetSelection | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​supportDockerAssets | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​synthAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkPipelineProps.​vpc | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStackActionFromArtifactOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStackActionFromArtifactOptions.​stackName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​addActions() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​addApplication() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​addManualApprovalAction() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​addStackArtifactDeployment() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​deploysStack() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStage.​nextSequentialRunOrder() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​cloudAssemblyArtifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​host | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​pipelineStage | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​stageName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​confirmBroadeningPermissions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | CdkStageProps.​securityNotificationTopic | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​actionProperties | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​dependencyStackArtifactIds | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​executeRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​prepareRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​stackName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​stackArtifactId | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​fromStackArtifact() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​bind() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackAction.​onStateChange() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​cloudAssemblyInput | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​baseActionName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​changeSetName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​executeRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​output | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​outputFileName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionOptions.​prepareRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​actionRole | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​stackName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​templatePath | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​cloudFormationExecutionRole | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​dependencyStackArtifactIds | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​region | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​stackArtifactId | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | DeployCdkStackActionProps.​templateConfigurationPath | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions.​cloudAssemblyInput | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions.​executeRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions.​output | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions.​outputFileName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | FromStackArtifactOptions.​prepareRunOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | IStageHost | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | IStageHost.​publishAsset() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | IStageHost.​stackOutputArtifact() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsAction.​actionProperties | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsAction.​addPublishCommand() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsAction.​bind() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsAction.​onStateChange() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​actionName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​assetType | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​cloudAssemblyInput | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​buildSpec | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​cdkCliVersion | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​createBuildspecFile | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​dependable | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​preInstallCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​projectName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​role | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​subnetSelection | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | PublishAssetsActionProps.​vpc | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction.​actionProperties | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction.​grantPrincipal | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction.​project | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction.​bind() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptAction.​onStateChange() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​actionName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​commands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​additionalArtifacts | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​bashOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​environment | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​environmentVariables | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​rolePolicyStatements | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​runOrder | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​securityGroups | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​subnetSelection | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​useOutputs | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | ShellScriptActionProps.​vpc | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​actionProperties | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​grantPrincipal | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​project | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​standardNpmSynth() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​standardYarnSynth() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​bind() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthAction.​onStateChange() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthActionProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthActionProps.​synthCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | | @aws-cdk/pipelines | SimpleSynthActionProps.​buildCommand | Use `buildCommands` instead | +| @aws-cdk/pipelines | SimpleSynthActionProps.​buildCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | | @aws-cdk/pipelines | SimpleSynthActionProps.​installCommand | Use `installCommands` instead | +| @aws-cdk/pipelines | SimpleSynthActionProps.​installCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthActionProps.​testCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​cloudAssemblyArtifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​sourceArtifact | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​actionName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​additionalArtifacts | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​buildSpec | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​copyEnvironmentVariables | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​environment | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​environmentVariables | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​projectName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​rolePolicyStatements | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​subdirectory | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​subnetSelection | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | SimpleSynthOptions.​vpc | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StackOutput | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StackOutput.​artifactFile | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StackOutput.​outputName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardNpmSynthOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardNpmSynthOptions.​buildCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardNpmSynthOptions.​installCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardNpmSynthOptions.​synthCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardNpmSynthOptions.​testCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardYarnSynthOptions | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardYarnSynthOptions.​buildCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardYarnSynthOptions.​installCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardYarnSynthOptions.​synthCommand | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | StandardYarnSynthOptions.​testCommands | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineAction | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineAction.​actionProperties | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineAction.​bind() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineAction.​onStateChange() | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​cloudAssemblyInput | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​pipelineStackHierarchicalId | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​buildSpec | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​cdkCliVersion | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​dockerCredentials | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​pipelineStackName | Use `pipelineStackHierarchicalId` instead. | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​privileged | This class is part of the old API. Use the API based on the `CodePipeline` class instead | +| @aws-cdk/pipelines | UpdatePipelineActionProps.​projectName | This class is part of the old API. Use the API based on the `CodePipeline` class instead | diff --git a/deprecated_apis.txt b/deprecated_apis.txt new file mode 100644 index 0000000000000..cfda6c5068605 --- /dev/null +++ b/deprecated_apis.txt @@ -0,0 +1,1121 @@ +@aws-cdk/core.AppProps#runtimeInfo +@aws-cdk/core.Arn#parse +@aws-cdk/core.ArnComponents#sep +@aws-cdk/core.AssetHashType#BUNDLE +@aws-cdk/core.AssetStaging#sourceHash +@aws-cdk/core.AssetStaging#stagedPath +@aws-cdk/core.BundlingDockerImage +@aws-cdk/core.BundlingDockerImage#image +@aws-cdk/core.BundlingDockerImage#fromAsset +@aws-cdk/core.BundlingDockerImage#fromRegistry +@aws-cdk/core.BundlingDockerImage#cp +@aws-cdk/core.BundlingDockerImage#run +@aws-cdk/core.BundlingDockerImage#toJSON +@aws-cdk/core.CfnInclude +@aws-cdk/core.CfnInclude#template +@aws-cdk/core.CfnIncludeProps +@aws-cdk/core.CfnIncludeProps#template +@aws-cdk/core.ConstructNode#metadata +@aws-cdk/core.ConstructNode#uniqueId +@aws-cdk/core.ConstructNode#prepare +@aws-cdk/core.ConstructNode#synth +@aws-cdk/core.ConstructNode#addError +@aws-cdk/core.ConstructNode#addInfo +@aws-cdk/core.ConstructNode#addWarning +@aws-cdk/core.ConstructNode#applyAspect +@aws-cdk/core.CustomResourceProviderRuntime#NODEJS_12 +@aws-cdk/core.DefaultStackSynthesizerProps#fileAssetKeyArnExportName +@aws-cdk/core.DockerImageAssetSource#repositoryName +@aws-cdk/core.Duration#toISOString +@aws-cdk/core.FileAssetLocation#kmsKeyArn +@aws-cdk/core.FileAssetLocation#s3Url +@aws-cdk/core.ITemplateOptions#transform +@aws-cdk/core.Lazy#anyValue +@aws-cdk/core.Lazy#listValue +@aws-cdk/core.Lazy#numberValue +@aws-cdk/core.Lazy#stringValue +@aws-cdk/core.Size#pebibyte +@aws-cdk/core.Stack#parentStack +@aws-cdk/core.Stack#addDockerImageAsset +@aws-cdk/core.Stack#addFileAsset +@aws-cdk/core.Stack#parseArn +@aws-cdk/core.Stack#prepareCrossReference +@aws-cdk/core.Stack#reportMissingContext +@aws-cdk/core.SynthesisOptions +@aws-cdk/core.SynthesisOptions#outdir +@aws-cdk/core.SynthesisOptions#skipValidation +@aws-cdk/core.SynthesisOptions#validateOnSynthesis +@aws-cdk/core.Tag#add +@aws-cdk/core.Tag#remove +@aws-cdk/cloud-assembly-schema.ContainerImageAssetMetadataEntry#imageNameParameter +@aws-cdk/cloud-assembly-schema.Manifest#load +@aws-cdk/cloud-assembly-schema.Manifest#save +@aws-cdk/cx-api.AssemblyBuildOptions#runtimeInfo +@aws-cdk/cx-api.CloudAssembly#getStack +@aws-cdk/cx-api.CloudFormationStackArtifact#name +@aws-cdk/cx-api.MetadataEntry +@aws-cdk/cx-api.MissingContext +@aws-cdk/cx-api.MissingContext#key +@aws-cdk/cx-api.MissingContext#props +@aws-cdk/cx-api.MissingContext#provider +@aws-cdk/cx-api.RuntimeInfo +constructs.Construct#onValidate +constructs.Node#uniqueId +@aws-cdk/assets.CopyOptions +@aws-cdk/assets.CopyOptions#exclude +@aws-cdk/assets.CopyOptions#follow +@aws-cdk/assets.CopyOptions#ignoreMode +@aws-cdk/assets.FingerprintOptions +@aws-cdk/assets.FingerprintOptions#extraHash +@aws-cdk/assets.FollowMode +@aws-cdk/assets.FollowMode#NEVER +@aws-cdk/assets.FollowMode#ALWAYS +@aws-cdk/assets.FollowMode#EXTERNAL +@aws-cdk/assets.FollowMode#BLOCK_EXTERNAL +@aws-cdk/assets.IAsset +@aws-cdk/assets.IAsset#sourceHash +@aws-cdk/assets.Staging +@aws-cdk/assets.StagingProps +@aws-cdk/assets.StagingProps#sourcePath +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_ANDROID_JAVA8_24_4_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_ANDROID_JAVA8_26_1_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_BASE +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_DOCKER_17_09_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_DOCKER_18_09_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_DOTNET_CORE_1_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_DOTNET_CORE_2_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_DOTNET_CORE_2_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_GOLANG_1_10 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_GOLANG_1_11 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_NODEJS_10_1_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_NODEJS_10_14_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_NODEJS_6_3_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_NODEJS_8_11_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_OPEN_JDK_11 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_OPEN_JDK_8 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_OPEN_JDK_9 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PHP_5_6 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PHP_7_0 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PHP_7_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_2_7_12 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_3_3_6 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_3_4_5 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_3_5_2 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_3_6_5 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_PYTHON_3_7_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_RUBY_2_2_5 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_RUBY_2_3_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_RUBY_2_5_1 +@aws-cdk/aws-codebuild.LinuxBuildImage#UBUNTU_14_04_RUBY_2_5_3 +@aws-cdk/aws-codebuild.WindowsBuildImage#WIN_SERVER_CORE_2016_BASE +@aws-cdk/aws-cloudwatch.CommonMetricOptions#dimensions +@aws-cdk/aws-cloudwatch.CreateAlarmOptions#period +@aws-cdk/aws-cloudwatch.CreateAlarmOptions#statistic +@aws-cdk/aws-cloudwatch.IMetric#toAlarmConfig +@aws-cdk/aws-cloudwatch.IMetric#toGraphConfig +@aws-cdk/aws-cloudwatch.MathExpression#toAlarmConfig +@aws-cdk/aws-cloudwatch.MathExpression#toGraphConfig +@aws-cdk/aws-cloudwatch.Metric#toAlarmConfig +@aws-cdk/aws-cloudwatch.Metric#toGraphConfig +@aws-cdk/aws-cloudwatch.MetricAlarmConfig +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#metricName +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#namespace +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#period +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#dimensions +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#extendedStatistic +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#statistic +@aws-cdk/aws-cloudwatch.MetricAlarmConfig#unit +@aws-cdk/aws-cloudwatch.MetricGraphConfig +@aws-cdk/aws-cloudwatch.MetricGraphConfig#metricName +@aws-cdk/aws-cloudwatch.MetricGraphConfig#namespace +@aws-cdk/aws-cloudwatch.MetricGraphConfig#period +@aws-cdk/aws-cloudwatch.MetricGraphConfig#renderingProperties +@aws-cdk/aws-cloudwatch.MetricGraphConfig#color +@aws-cdk/aws-cloudwatch.MetricGraphConfig#dimensions +@aws-cdk/aws-cloudwatch.MetricGraphConfig#label +@aws-cdk/aws-cloudwatch.MetricGraphConfig#statistic +@aws-cdk/aws-cloudwatch.MetricGraphConfig#unit +@aws-cdk/aws-cloudwatch.MetricRenderingProperties +@aws-cdk/aws-cloudwatch.MetricRenderingProperties#period +@aws-cdk/aws-cloudwatch.MetricRenderingProperties#color +@aws-cdk/aws-cloudwatch.MetricRenderingProperties#label +@aws-cdk/aws-cloudwatch.MetricRenderingProperties#stat +@aws-cdk/aws-iam.Anyone +@aws-cdk/aws-iam.IPrincipal#addToPolicy +@aws-cdk/aws-iam.RoleProps#externalId +@aws-cdk/aws-events.EventBus#grantPutEvents +@aws-cdk/aws-events.RuleTargetConfig#id +@aws-cdk/aws-ec2.ClientVpnAuthorizationRuleProps#clientVpnEndoint +@aws-cdk/aws-ec2.ClientVpnRouteProps#clientVpnEndoint +@aws-cdk/aws-ec2.InterfaceVpcEndpoint#securityGroupId +@aws-cdk/aws-ec2.InterfaceVpcEndpointAttributes#securityGroupId +@aws-cdk/aws-ec2.MachineImage#fromSSMParameter +@aws-cdk/aws-ec2.NatInstanceProps#allowAllTraffic +@aws-cdk/aws-ec2.SecurityGroup#securityGroupName +@aws-cdk/aws-ec2.SubnetSelection#subnetName +@aws-cdk/aws-ec2.SubnetType#ISOLATED +@aws-cdk/aws-ec2.SubnetType#PRIVATE +@aws-cdk/aws-ec2.Vpc#natDependencies +@aws-cdk/aws-ec2.Vpc#addDynamoDbEndpoint +@aws-cdk/aws-ec2.Vpc#addS3Endpoint +@aws-cdk/aws-ec2.VpcEndpointService#whitelistedPrincipals +@aws-cdk/aws-ec2.VpcEndpointServiceProps#vpcEndpointServiceName +@aws-cdk/aws-ec2.VpcEndpointServiceProps#whitelistedPrincipals +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2016_GERMAL_FULL_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_R2_SP1_PORTUGESE_BRAZIL_64BIT_CORE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2016_PORTUGESE_PORTUGAL_FULL_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_R2_RTM_PORTUGESE_BRAZIL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_R2_RTM_PORTUGESE_PORTUGAL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2016_PORTUGESE_BRAZIL_FULL_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_SP2_PORTUGESE_BRAZIL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_RTM_PORTUGESE_BRAZIL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2008_R2_SP1_PORTUGESE_BRAZIL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2008_SP2_PORTUGESE_BRAZIL_32BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2012_RTM_PORTUGESE_PORTUGAL_64BIT_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2019_PORTUGESE_BRAZIL_FULL_BASE +@aws-cdk/aws-ec2.WindowsVersion#WINDOWS_SERVER_2019_PORTUGESE_PORTUGAL_FULL_BASE +@aws-cdk/aws-kms.KeyProps#trustAccountIdentities +@aws-cdk/aws-s3-assets.Asset#s3Url +@aws-cdk/aws-s3-assets.Asset#sourceHash +@aws-cdk/aws-s3-assets.AssetOptions#sourceHash +@aws-cdk/aws-ecr-assets.DockerImageAsset#sourceHash +@aws-cdk/aws-ecr-assets.DockerImageAssetOptions#repositoryName +@aws-cdk/aws-ecr-assets.TarballImageAsset#sourceHash +@aws-cdk/aws-secretsmanager.AttachedSecretOptions +@aws-cdk/aws-secretsmanager.AttachedSecretOptions#target +@aws-cdk/aws-secretsmanager.AttachmentTargetType#INSTANCE +@aws-cdk/aws-secretsmanager.AttachmentTargetType#CLUSTER +@aws-cdk/aws-secretsmanager.Secret#fromSecretArn +@aws-cdk/aws-secretsmanager.Secret#fromSecretName +@aws-cdk/aws-secretsmanager.Secret#addTargetAttachment +@aws-cdk/aws-secretsmanager.SecretAttributes#secretArn +@aws-cdk/aws-secretsmanager.SecretRotationApplication#applicationId +@aws-cdk/aws-secretsmanager.SecretRotationApplication#semanticVersion +@aws-cdk/aws-lambda.Code#isInline +@aws-cdk/aws-lambda.Code#asset +@aws-cdk/aws-lambda.Code#bucket +@aws-cdk/aws-lambda.Code#cfnParameters +@aws-cdk/aws-lambda.Code#inline +@aws-cdk/aws-lambda.Function#addVersion +@aws-cdk/aws-lambda.FunctionAttributes#securityGroupId +@aws-cdk/aws-lambda.FunctionOptions#architectures +@aws-cdk/aws-lambda.FunctionOptions#securityGroup +@aws-cdk/aws-lambda.LogRetention +@aws-cdk/aws-lambda.LogRetentionProps +@aws-cdk/aws-lambda.Runtime#bundlingDockerImage +@aws-cdk/aws-apigateway.CfnApiMappingV2 +@aws-cdk/aws-apigateway.CfnApiMappingV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnApiMappingV2#cfnProperties +@aws-cdk/aws-apigateway.CfnApiMappingV2#apiId +@aws-cdk/aws-apigateway.CfnApiMappingV2#domainName +@aws-cdk/aws-apigateway.CfnApiMappingV2#stage +@aws-cdk/aws-apigateway.CfnApiMappingV2#apiMappingKey +@aws-cdk/aws-apigateway.CfnApiMappingV2#inspect +@aws-cdk/aws-apigateway.CfnApiMappingV2#renderProperties +@aws-cdk/aws-apigateway.CfnApiMappingV2Props +@aws-cdk/aws-apigateway.CfnApiMappingV2Props#apiId +@aws-cdk/aws-apigateway.CfnApiMappingV2Props#domainName +@aws-cdk/aws-apigateway.CfnApiMappingV2Props#stage +@aws-cdk/aws-apigateway.CfnApiMappingV2Props#apiMappingKey +@aws-cdk/aws-apigateway.CfnApiV2 +@aws-cdk/aws-apigateway.CfnApiV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnApiV2#cfnProperties +@aws-cdk/aws-apigateway.CfnApiV2#tags +@aws-cdk/aws-apigateway.CfnApiV2#body +@aws-cdk/aws-apigateway.CfnApiV2#apiKeySelectionExpression +@aws-cdk/aws-apigateway.CfnApiV2#basePath +@aws-cdk/aws-apigateway.CfnApiV2#bodyS3Location +@aws-cdk/aws-apigateway.CfnApiV2#corsConfiguration +@aws-cdk/aws-apigateway.CfnApiV2#credentialsArn +@aws-cdk/aws-apigateway.CfnApiV2#description +@aws-cdk/aws-apigateway.CfnApiV2#disableSchemaValidation +@aws-cdk/aws-apigateway.CfnApiV2#failOnWarnings +@aws-cdk/aws-apigateway.CfnApiV2#name +@aws-cdk/aws-apigateway.CfnApiV2#protocolType +@aws-cdk/aws-apigateway.CfnApiV2#routeKey +@aws-cdk/aws-apigateway.CfnApiV2#routeSelectionExpression +@aws-cdk/aws-apigateway.CfnApiV2#target +@aws-cdk/aws-apigateway.CfnApiV2#version +@aws-cdk/aws-apigateway.CfnApiV2#inspect +@aws-cdk/aws-apigateway.CfnApiV2#renderProperties +@aws-cdk/aws-apigateway.BodyS3LocationProperty +@aws-cdk/aws-apigateway.BodyS3LocationProperty#bucket +@aws-cdk/aws-apigateway.BodyS3LocationProperty#etag +@aws-cdk/aws-apigateway.BodyS3LocationProperty#key +@aws-cdk/aws-apigateway.BodyS3LocationProperty#version +@aws-cdk/aws-apigateway.CorsProperty +@aws-cdk/aws-apigateway.CorsProperty#allowCredentials +@aws-cdk/aws-apigateway.CorsProperty#allowHeaders +@aws-cdk/aws-apigateway.CorsProperty#allowMethods +@aws-cdk/aws-apigateway.CorsProperty#allowOrigins +@aws-cdk/aws-apigateway.CorsProperty#exposeHeaders +@aws-cdk/aws-apigateway.CorsProperty#maxAge +@aws-cdk/aws-apigateway.CfnApiV2Props +@aws-cdk/aws-apigateway.CfnApiV2Props#apiKeySelectionExpression +@aws-cdk/aws-apigateway.CfnApiV2Props#basePath +@aws-cdk/aws-apigateway.CfnApiV2Props#body +@aws-cdk/aws-apigateway.CfnApiV2Props#bodyS3Location +@aws-cdk/aws-apigateway.CfnApiV2Props#corsConfiguration +@aws-cdk/aws-apigateway.CfnApiV2Props#credentialsArn +@aws-cdk/aws-apigateway.CfnApiV2Props#description +@aws-cdk/aws-apigateway.CfnApiV2Props#disableSchemaValidation +@aws-cdk/aws-apigateway.CfnApiV2Props#failOnWarnings +@aws-cdk/aws-apigateway.CfnApiV2Props#name +@aws-cdk/aws-apigateway.CfnApiV2Props#protocolType +@aws-cdk/aws-apigateway.CfnApiV2Props#routeKey +@aws-cdk/aws-apigateway.CfnApiV2Props#routeSelectionExpression +@aws-cdk/aws-apigateway.CfnApiV2Props#tags +@aws-cdk/aws-apigateway.CfnApiV2Props#target +@aws-cdk/aws-apigateway.CfnApiV2Props#version +@aws-cdk/aws-apigateway.CfnAuthorizerV2 +@aws-cdk/aws-apigateway.CfnAuthorizerV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnAuthorizerV2#cfnProperties +@aws-cdk/aws-apigateway.CfnAuthorizerV2#apiId +@aws-cdk/aws-apigateway.CfnAuthorizerV2#authorizerType +@aws-cdk/aws-apigateway.CfnAuthorizerV2#identitySource +@aws-cdk/aws-apigateway.CfnAuthorizerV2#name +@aws-cdk/aws-apigateway.CfnAuthorizerV2#authorizerCredentialsArn +@aws-cdk/aws-apigateway.CfnAuthorizerV2#authorizerResultTtlInSeconds +@aws-cdk/aws-apigateway.CfnAuthorizerV2#authorizerUri +@aws-cdk/aws-apigateway.CfnAuthorizerV2#identityValidationExpression +@aws-cdk/aws-apigateway.CfnAuthorizerV2#jwtConfiguration +@aws-cdk/aws-apigateway.CfnAuthorizerV2#inspect +@aws-cdk/aws-apigateway.CfnAuthorizerV2#renderProperties +@aws-cdk/aws-apigateway.JWTConfigurationProperty +@aws-cdk/aws-apigateway.JWTConfigurationProperty#audience +@aws-cdk/aws-apigateway.JWTConfigurationProperty#issuer +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#apiId +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#authorizerType +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#identitySource +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#name +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#authorizerCredentialsArn +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#authorizerResultTtlInSeconds +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#authorizerUri +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#identityValidationExpression +@aws-cdk/aws-apigateway.CfnAuthorizerV2Props#jwtConfiguration +@aws-cdk/aws-apigateway.CfnDeploymentV2 +@aws-cdk/aws-apigateway.CfnDeploymentV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnDeploymentV2#cfnProperties +@aws-cdk/aws-apigateway.CfnDeploymentV2#apiId +@aws-cdk/aws-apigateway.CfnDeploymentV2#description +@aws-cdk/aws-apigateway.CfnDeploymentV2#stageName +@aws-cdk/aws-apigateway.CfnDeploymentV2#inspect +@aws-cdk/aws-apigateway.CfnDeploymentV2#renderProperties +@aws-cdk/aws-apigateway.CfnDeploymentV2Props +@aws-cdk/aws-apigateway.CfnDeploymentV2Props#apiId +@aws-cdk/aws-apigateway.CfnDeploymentV2Props#description +@aws-cdk/aws-apigateway.CfnDeploymentV2Props#stageName +@aws-cdk/aws-apigateway.CfnDomainNameV2 +@aws-cdk/aws-apigateway.CfnDomainNameV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnDomainNameV2#attrRegionalDomainName +@aws-cdk/aws-apigateway.CfnDomainNameV2#attrRegionalHostedZoneId +@aws-cdk/aws-apigateway.CfnDomainNameV2#cfnProperties +@aws-cdk/aws-apigateway.CfnDomainNameV2#tags +@aws-cdk/aws-apigateway.CfnDomainNameV2#domainName +@aws-cdk/aws-apigateway.CfnDomainNameV2#domainNameConfigurations +@aws-cdk/aws-apigateway.CfnDomainNameV2#inspect +@aws-cdk/aws-apigateway.CfnDomainNameV2#renderProperties +@aws-cdk/aws-apigateway.DomainNameConfigurationProperty +@aws-cdk/aws-apigateway.DomainNameConfigurationProperty#certificateArn +@aws-cdk/aws-apigateway.DomainNameConfigurationProperty#certificateName +@aws-cdk/aws-apigateway.DomainNameConfigurationProperty#endpointType +@aws-cdk/aws-apigateway.CfnDomainNameV2Props +@aws-cdk/aws-apigateway.CfnDomainNameV2Props#domainName +@aws-cdk/aws-apigateway.CfnDomainNameV2Props#domainNameConfigurations +@aws-cdk/aws-apigateway.CfnDomainNameV2Props#tags +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2 +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#cfnProperties +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#apiId +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#integrationId +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#integrationResponseKey +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#responseParameters +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#responseTemplates +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#contentHandlingStrategy +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#templateSelectionExpression +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#inspect +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2#renderProperties +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#apiId +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#integrationId +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#integrationResponseKey +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#contentHandlingStrategy +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#responseParameters +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#responseTemplates +@aws-cdk/aws-apigateway.CfnIntegrationResponseV2Props#templateSelectionExpression +@aws-cdk/aws-apigateway.CfnIntegrationV2 +@aws-cdk/aws-apigateway.CfnIntegrationV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnIntegrationV2#cfnProperties +@aws-cdk/aws-apigateway.CfnIntegrationV2#apiId +@aws-cdk/aws-apigateway.CfnIntegrationV2#integrationType +@aws-cdk/aws-apigateway.CfnIntegrationV2#requestParameters +@aws-cdk/aws-apigateway.CfnIntegrationV2#requestTemplates +@aws-cdk/aws-apigateway.CfnIntegrationV2#connectionType +@aws-cdk/aws-apigateway.CfnIntegrationV2#contentHandlingStrategy +@aws-cdk/aws-apigateway.CfnIntegrationV2#credentialsArn +@aws-cdk/aws-apigateway.CfnIntegrationV2#description +@aws-cdk/aws-apigateway.CfnIntegrationV2#integrationMethod +@aws-cdk/aws-apigateway.CfnIntegrationV2#integrationUri +@aws-cdk/aws-apigateway.CfnIntegrationV2#passthroughBehavior +@aws-cdk/aws-apigateway.CfnIntegrationV2#payloadFormatVersion +@aws-cdk/aws-apigateway.CfnIntegrationV2#templateSelectionExpression +@aws-cdk/aws-apigateway.CfnIntegrationV2#timeoutInMillis +@aws-cdk/aws-apigateway.CfnIntegrationV2#inspect +@aws-cdk/aws-apigateway.CfnIntegrationV2#renderProperties +@aws-cdk/aws-apigateway.CfnIntegrationV2Props +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#apiId +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#integrationType +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#connectionType +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#contentHandlingStrategy +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#credentialsArn +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#description +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#integrationMethod +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#integrationUri +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#passthroughBehavior +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#payloadFormatVersion +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#requestParameters +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#requestTemplates +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#templateSelectionExpression +@aws-cdk/aws-apigateway.CfnIntegrationV2Props#timeoutInMillis +@aws-cdk/aws-apigateway.CfnModelV2 +@aws-cdk/aws-apigateway.CfnModelV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnModelV2#cfnProperties +@aws-cdk/aws-apigateway.CfnModelV2#apiId +@aws-cdk/aws-apigateway.CfnModelV2#name +@aws-cdk/aws-apigateway.CfnModelV2#schema +@aws-cdk/aws-apigateway.CfnModelV2#contentType +@aws-cdk/aws-apigateway.CfnModelV2#description +@aws-cdk/aws-apigateway.CfnModelV2#inspect +@aws-cdk/aws-apigateway.CfnModelV2#renderProperties +@aws-cdk/aws-apigateway.CfnModelV2Props +@aws-cdk/aws-apigateway.CfnModelV2Props#apiId +@aws-cdk/aws-apigateway.CfnModelV2Props#name +@aws-cdk/aws-apigateway.CfnModelV2Props#schema +@aws-cdk/aws-apigateway.CfnModelV2Props#contentType +@aws-cdk/aws-apigateway.CfnModelV2Props#description +@aws-cdk/aws-apigateway.CfnRouteResponseV2 +@aws-cdk/aws-apigateway.CfnRouteResponseV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnRouteResponseV2#cfnProperties +@aws-cdk/aws-apigateway.CfnRouteResponseV2#apiId +@aws-cdk/aws-apigateway.CfnRouteResponseV2#responseModels +@aws-cdk/aws-apigateway.CfnRouteResponseV2#responseParameters +@aws-cdk/aws-apigateway.CfnRouteResponseV2#routeId +@aws-cdk/aws-apigateway.CfnRouteResponseV2#routeResponseKey +@aws-cdk/aws-apigateway.CfnRouteResponseV2#modelSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteResponseV2#inspect +@aws-cdk/aws-apigateway.CfnRouteResponseV2#renderProperties +@aws-cdk/aws-apigateway.ParameterConstraintsProperty +@aws-cdk/aws-apigateway.ParameterConstraintsProperty#required +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#apiId +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#routeId +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#routeResponseKey +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#modelSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#responseModels +@aws-cdk/aws-apigateway.CfnRouteResponseV2Props#responseParameters +@aws-cdk/aws-apigateway.CfnRouteV2 +@aws-cdk/aws-apigateway.CfnRouteV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnRouteV2#cfnProperties +@aws-cdk/aws-apigateway.CfnRouteV2#apiId +@aws-cdk/aws-apigateway.CfnRouteV2#requestModels +@aws-cdk/aws-apigateway.CfnRouteV2#requestParameters +@aws-cdk/aws-apigateway.CfnRouteV2#routeKey +@aws-cdk/aws-apigateway.CfnRouteV2#apiKeyRequired +@aws-cdk/aws-apigateway.CfnRouteV2#authorizationScopes +@aws-cdk/aws-apigateway.CfnRouteV2#authorizationType +@aws-cdk/aws-apigateway.CfnRouteV2#authorizerId +@aws-cdk/aws-apigateway.CfnRouteV2#modelSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteV2#operationName +@aws-cdk/aws-apigateway.CfnRouteV2#routeResponseSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteV2#target +@aws-cdk/aws-apigateway.CfnRouteV2#inspect +@aws-cdk/aws-apigateway.CfnRouteV2#renderProperties +@aws-cdk/aws-apigateway.ParameterConstraintsProperty +@aws-cdk/aws-apigateway.ParameterConstraintsProperty#required +@aws-cdk/aws-apigateway.CfnRouteV2Props +@aws-cdk/aws-apigateway.CfnRouteV2Props#apiId +@aws-cdk/aws-apigateway.CfnRouteV2Props#routeKey +@aws-cdk/aws-apigateway.CfnRouteV2Props#apiKeyRequired +@aws-cdk/aws-apigateway.CfnRouteV2Props#authorizationScopes +@aws-cdk/aws-apigateway.CfnRouteV2Props#authorizationType +@aws-cdk/aws-apigateway.CfnRouteV2Props#authorizerId +@aws-cdk/aws-apigateway.CfnRouteV2Props#modelSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteV2Props#operationName +@aws-cdk/aws-apigateway.CfnRouteV2Props#requestModels +@aws-cdk/aws-apigateway.CfnRouteV2Props#requestParameters +@aws-cdk/aws-apigateway.CfnRouteV2Props#routeResponseSelectionExpression +@aws-cdk/aws-apigateway.CfnRouteV2Props#target +@aws-cdk/aws-apigateway.CfnStageV2 +@aws-cdk/aws-apigateway.CfnStageV2#CFN_RESOURCE_TYPE_NAME +@aws-cdk/aws-apigateway.CfnStageV2#cfnProperties +@aws-cdk/aws-apigateway.CfnStageV2#tags +@aws-cdk/aws-apigateway.CfnStageV2#apiId +@aws-cdk/aws-apigateway.CfnStageV2#routeSettings +@aws-cdk/aws-apigateway.CfnStageV2#stageName +@aws-cdk/aws-apigateway.CfnStageV2#stageVariables +@aws-cdk/aws-apigateway.CfnStageV2#accessLogSettings +@aws-cdk/aws-apigateway.CfnStageV2#autoDeploy +@aws-cdk/aws-apigateway.CfnStageV2#clientCertificateId +@aws-cdk/aws-apigateway.CfnStageV2#defaultRouteSettings +@aws-cdk/aws-apigateway.CfnStageV2#deploymentId +@aws-cdk/aws-apigateway.CfnStageV2#description +@aws-cdk/aws-apigateway.CfnStageV2#inspect +@aws-cdk/aws-apigateway.CfnStageV2#renderProperties +@aws-cdk/aws-apigateway.AccessLogSettingsProperty +@aws-cdk/aws-apigateway.AccessLogSettingsProperty#destinationArn +@aws-cdk/aws-apigateway.AccessLogSettingsProperty#format +@aws-cdk/aws-apigateway.RouteSettingsProperty +@aws-cdk/aws-apigateway.RouteSettingsProperty#dataTraceEnabled +@aws-cdk/aws-apigateway.RouteSettingsProperty#detailedMetricsEnabled +@aws-cdk/aws-apigateway.RouteSettingsProperty#loggingLevel +@aws-cdk/aws-apigateway.RouteSettingsProperty#throttlingBurstLimit +@aws-cdk/aws-apigateway.RouteSettingsProperty#throttlingRateLimit +@aws-cdk/aws-apigateway.CfnStageV2Props +@aws-cdk/aws-apigateway.CfnStageV2Props#apiId +@aws-cdk/aws-apigateway.CfnStageV2Props#stageName +@aws-cdk/aws-apigateway.CfnStageV2Props#accessLogSettings +@aws-cdk/aws-apigateway.CfnStageV2Props#autoDeploy +@aws-cdk/aws-apigateway.CfnStageV2Props#clientCertificateId +@aws-cdk/aws-apigateway.CfnStageV2Props#defaultRouteSettings +@aws-cdk/aws-apigateway.CfnStageV2Props#deploymentId +@aws-cdk/aws-apigateway.CfnStageV2Props#description +@aws-cdk/aws-apigateway.CfnStageV2Props#routeSettings +@aws-cdk/aws-apigateway.CfnStageV2Props#stageVariables +@aws-cdk/aws-apigateway.CfnStageV2Props#tags +@aws-cdk/aws-apigateway.EmptyModel +@aws-cdk/aws-apigateway.EmptyModel#modelId +@aws-cdk/aws-apigateway.ErrorModel +@aws-cdk/aws-apigateway.ErrorModel#modelId +@aws-cdk/aws-apigateway.IResource#restApi +@aws-cdk/aws-apigateway.LambdaRestApiProps#options +@aws-cdk/aws-apigateway.Method#restApi +@aws-cdk/aws-apigateway.Resource#restApi +@aws-cdk/aws-apigateway.ResourceBase#restApi +@aws-cdk/aws-apigateway.ResourceBase#url +@aws-cdk/aws-apigateway.RestApiBase#configureCloudWatchRole +@aws-cdk/aws-apigateway.RestApiBase#configureDeployment +@aws-cdk/aws-apigateway.RestApiOptions +@aws-cdk/aws-apigateway.UsagePlanProps#apiKey +@aws-cdk/aws-certificatemanager.CertificateProps#validationDomains +@aws-cdk/aws-certificatemanager.CertificateProps#validationMethod +@aws-cdk/aws-route53.AddressRecordTarget +@aws-cdk/custom-resources.AwsSdkCall#outputPath +@aws-cdk/custom-resources.Provider#bind +@aws-cdk/aws-cloudformation.CloudFormationCapabilities +@aws-cdk/aws-cloudformation.CloudFormationCapabilities#NONE +@aws-cdk/aws-cloudformation.CloudFormationCapabilities#ANONYMOUS_IAM +@aws-cdk/aws-cloudformation.CloudFormationCapabilities#NAMED_IAM +@aws-cdk/aws-cloudformation.CloudFormationCapabilities#AUTO_EXPAND +@aws-cdk/aws-cloudformation.CustomResource +@aws-cdk/aws-cloudformation.CustomResourceProps +@aws-cdk/aws-cloudformation.CustomResourceProps#provider +@aws-cdk/aws-cloudformation.CustomResourceProps#properties +@aws-cdk/aws-cloudformation.CustomResourceProps#removalPolicy +@aws-cdk/aws-cloudformation.CustomResourceProps#resourceType +@aws-cdk/aws-cloudformation.CustomResourceProvider +@aws-cdk/aws-cloudformation.CustomResourceProvider#serviceToken +@aws-cdk/aws-cloudformation.CustomResourceProvider#fromLambda +@aws-cdk/aws-cloudformation.CustomResourceProvider#fromTopic +@aws-cdk/aws-cloudformation.CustomResourceProvider#lambda +@aws-cdk/aws-cloudformation.CustomResourceProvider#topic +@aws-cdk/aws-cloudformation.CustomResourceProvider#bind +@aws-cdk/aws-cloudformation.CustomResourceProviderConfig +@aws-cdk/aws-cloudformation.CustomResourceProviderConfig#serviceToken +@aws-cdk/aws-cloudformation.ICustomResourceProvider +@aws-cdk/aws-cloudformation.ICustomResourceProvider#bind +@aws-cdk/aws-cloudformation.NestedStack +@aws-cdk/aws-cloudformation.NestedStackProps +@aws-cdk/aws-cloudformation.NestedStackProps#notifications +@aws-cdk/aws-cloudformation.NestedStackProps#parameters +@aws-cdk/aws-cloudformation.NestedStackProps#timeout +@aws-cdk/aws-sns.NumericConditions#whitelist +@aws-cdk/aws-sns.StringConditions#blacklist +@aws-cdk/aws-sns.StringConditions#whitelist +@aws-cdk/aws-cognito.StandardAttributes#emailVerified +@aws-cdk/aws-cognito.StandardAttributes#phoneNumberVerified +@aws-cdk/aws-elasticloadbalancingv2.AddFixedResponseProps +@aws-cdk/aws-elasticloadbalancingv2.AddRedirectResponseProps +@aws-cdk/aws-elasticloadbalancingv2.AddRuleProps#hostHeader +@aws-cdk/aws-elasticloadbalancingv2.AddRuleProps#pathPattern +@aws-cdk/aws-elasticloadbalancingv2.AddRuleProps#pathPatterns +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener#addCertificateArns +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener#addFixedResponse +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListener#addRedirectResponse +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerAttributes#securityGroupAllowsAllOutbound +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerAttributes#securityGroupId +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerCertificateProps#certificateArns +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule#addFixedResponse +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule#addRedirectResponse +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule#addTargetGroup +@aws-cdk/aws-elasticloadbalancingv2.ApplicationListenerRule#setCondition +@aws-cdk/aws-elasticloadbalancingv2.ApplicationTargetGroup#import +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerProps#certificateArns +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerRuleProps#fixedResponse +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerRuleProps#hostHeader +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerRuleProps#pathPattern +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerRuleProps#pathPatterns +@aws-cdk/aws-elasticloadbalancingv2.BaseApplicationListenerRuleProps#redirectResponse +@aws-cdk/aws-elasticloadbalancingv2.ContentType +@aws-cdk/aws-elasticloadbalancingv2.ContentType#TEXT_PLAIN +@aws-cdk/aws-elasticloadbalancingv2.ContentType#TEXT_CSS +@aws-cdk/aws-elasticloadbalancingv2.ContentType#TEXT_HTML +@aws-cdk/aws-elasticloadbalancingv2.ContentType#APPLICATION_JAVASCRIPT +@aws-cdk/aws-elasticloadbalancingv2.ContentType#APPLICATION_JSON +@aws-cdk/aws-elasticloadbalancingv2.FixedResponse +@aws-cdk/aws-elasticloadbalancingv2.FixedResponse#statusCode +@aws-cdk/aws-elasticloadbalancingv2.FixedResponse#contentType +@aws-cdk/aws-elasticloadbalancingv2.FixedResponse#messageBody +@aws-cdk/aws-elasticloadbalancingv2.IApplicationListener#addCertificateArns +@aws-cdk/aws-elasticloadbalancingv2.INetworkListenerCertificateProps +@aws-cdk/aws-elasticloadbalancingv2.InstanceTarget +@aws-cdk/aws-elasticloadbalancingv2.InstanceTarget#attachToApplicationTargetGroup +@aws-cdk/aws-elasticloadbalancingv2.InstanceTarget#attachToNetworkTargetGroup +@aws-cdk/aws-elasticloadbalancingv2.IpTarget +@aws-cdk/aws-elasticloadbalancingv2.IpTarget#attachToApplicationTargetGroup +@aws-cdk/aws-elasticloadbalancingv2.IpTarget#attachToNetworkTargetGroup +@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer#metricHealthyHostCount +@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer#metricUnHealthyHostCount +@aws-cdk/aws-elasticloadbalancingv2.NetworkTargetGroup#import +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#statusCode +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#host +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#path +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#port +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#protocol +@aws-cdk/aws-elasticloadbalancingv2.RedirectResponse#query +@aws-cdk/aws-elasticloadbalancingv2.TargetGroupAttributes#defaultPort +@aws-cdk/aws-elasticloadbalancingv2.TargetGroupImportProps +@aws-cdk/aws-apigatewayv2.IHttpApi#httpApiId +@aws-cdk/aws-appmesh.Protocol +@aws-cdk/aws-appmesh.Protocol#HTTP +@aws-cdk/aws-appmesh.Protocol#TCP +@aws-cdk/aws-appmesh.Protocol#HTTP2 +@aws-cdk/aws-appmesh.Protocol#GRPC +@aws-cdk/aws-dynamodb.ITable#metricSystemErrors +@aws-cdk/aws-dynamodb.Table#grantListStreams +@aws-cdk/aws-dynamodb.Table#metricSystemErrors +@aws-cdk/aws-dynamodb.TableOptions#serverSideEncryption +@aws-cdk/aws-rds.Credentials#fromUsername +@aws-cdk/aws-rds.CredentialsFromUsernameOptions +@aws-cdk/aws-rds.CredentialsFromUsernameOptions#password +@aws-cdk/aws-rds.DatabaseInstanceEngine#MARIADB +@aws-cdk/aws-rds.DatabaseInstanceEngine#MYSQL +@aws-cdk/aws-rds.DatabaseInstanceEngine#ORACLE_EE +@aws-cdk/aws-rds.DatabaseInstanceEngine#ORACLE_SE +@aws-cdk/aws-rds.DatabaseInstanceEngine#ORACLE_SE1 +@aws-cdk/aws-rds.DatabaseInstanceEngine#ORACLE_SE2 +@aws-cdk/aws-rds.DatabaseInstanceEngine#POSTGRES +@aws-cdk/aws-rds.DatabaseInstanceEngine#SQL_SERVER_EE +@aws-cdk/aws-rds.DatabaseInstanceEngine#SQL_SERVER_EX +@aws-cdk/aws-rds.DatabaseInstanceEngine#SQL_SERVER_SE +@aws-cdk/aws-rds.DatabaseInstanceEngine#SQL_SERVER_WEB +@aws-cdk/aws-rds.DatabaseInstanceEngine#oracleSe +@aws-cdk/aws-rds.DatabaseInstanceEngine#oracleSe1 +@aws-cdk/aws-rds.DatabaseInstanceNewProps#vpcPlacement +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_17 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_24 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_28 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_31 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_32 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_34 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_0_35 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_14 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_19 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_23 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_26 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_31 +@aws-cdk/aws-rds.MariaDbEngineVersion#VER_10_1_34 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5_46 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5_53 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5_57 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5_59 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_5_61 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_34 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_35 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_37 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_39 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_40 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_41 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_43 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_44 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_46 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_48 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_49 +@aws-cdk/aws-rds.MysqlEngineVersion#VER_5_6_51 +@aws-cdk/aws-rds.OracleLegacyEngineVersion +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_2_V2 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V1 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V10 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V11 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V12 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V13 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V14 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V15 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V16 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V17 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V18 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V19 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V20 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V21 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V22 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V23 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V24 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V25 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V3 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V4 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V5 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V6 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V7 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V8 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#VER_11_2_0_4_V9 +@aws-cdk/aws-rds.OracleLegacyEngineVersion#oracleLegacyFullVersion +@aws-cdk/aws-rds.OracleLegacyEngineVersion#oracleLegacyMajorVersion +@aws-cdk/aws-rds.OracleSe1InstanceEngineProps +@aws-cdk/aws-rds.OracleSe1InstanceEngineProps#version +@aws-cdk/aws-rds.OracleSeInstanceEngineProps +@aws-cdk/aws-rds.OracleSeInstanceEngineProps#version +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_10 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_12 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_13 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_14 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_15 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_16 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_18 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_19 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_2 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_20 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_21 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_22 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_23 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_24 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_25 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_4 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_6 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_7 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_5_9 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_1 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_10 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_11 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_12 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_14 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_15 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_16 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_17 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_18 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_19 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_2 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_20 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_21 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_22 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_23 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_3 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_5 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_6 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_8 +@aws-cdk/aws-rds.PostgresEngineVersion#VER_9_6_9 +@aws-cdk/aws-rds.SnapshotCredentials#fromGeneratedPassword +@aws-cdk/aws-rds.SqlServerEngineVersion#VER_15_00_4043_23_V1 +@aws-cdk/aws-autoscaling.BlockDevice#mappingEnabled +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#notificationsTopic +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#replacingUpdateMinSuccessfulInstancesPercent +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#resourceSignalCount +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#resourceSignalTimeout +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#rollingUpdateConfiguration +@aws-cdk/aws-autoscaling.CommonAutoScalingGroupProps#updateType +@aws-cdk/aws-autoscaling.RequestCountScalingProps#targetRequestsPerSecond +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#maxBatchSize +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#minInstancesInService +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#minSuccessfulInstancesPercent +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#pauseTime +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#suspendProcesses +@aws-cdk/aws-autoscaling.RollingUpdateConfiguration#waitOnResourceSignals +@aws-cdk/aws-autoscaling.UpdateType +@aws-cdk/aws-autoscaling.UpdateType#NONE +@aws-cdk/aws-autoscaling.UpdateType#REPLACING_UPDATE +@aws-cdk/aws-autoscaling.UpdateType#ROLLING_UPDATE +@aws-cdk/aws-elasticloadbalancing.LoadBalancerListener#sslCertificateId +@aws-cdk/aws-ecs.AddAutoScalingGroupCapacityOptions#taskDrainTime +@aws-cdk/aws-ecs.BaseService#configureAwsVpcNetworking +@aws-cdk/aws-ecs.BaseServiceOptions#propagateTaskTagsFrom +@aws-cdk/aws-ecs.Cluster#addAutoScalingGroup +@aws-cdk/aws-ecs.Cluster#addCapacity +@aws-cdk/aws-ecs.Cluster#addCapacityProvider +@aws-cdk/aws-ecs.ClusterProps#capacityProviders +@aws-cdk/aws-ecs.Ec2ServiceProps#securityGroup +@aws-cdk/aws-ecs.EcsOptimizedAmi +@aws-cdk/aws-ecs.EcsOptimizedAmi#getImage +@aws-cdk/aws-ecs.EcsOptimizedAmiProps +@aws-cdk/aws-ecs.EcsOptimizedAmiProps#cachedInContext +@aws-cdk/aws-ecs.EcsOptimizedAmiProps#generation +@aws-cdk/aws-ecs.EcsOptimizedAmiProps#hardwareType +@aws-cdk/aws-ecs.EcsOptimizedAmiProps#windowsVersion +@aws-cdk/aws-ecs.FargateServiceProps#securityGroup +@aws-cdk/aws-ecs.SplunkLogDriverProps#token +@aws-cdk/aws-cloudfront.AliasConfiguration +@aws-cdk/aws-cloudfront.AliasConfiguration#acmCertRef +@aws-cdk/aws-cloudfront.AliasConfiguration#names +@aws-cdk/aws-cloudfront.AliasConfiguration#securityPolicy +@aws-cdk/aws-cloudfront.AliasConfiguration#sslMethod +@aws-cdk/aws-cloudfront.Behavior#trustedSigners +@aws-cdk/aws-cloudfront.CloudFrontWebDistribution#domainName +@aws-cdk/aws-cloudfront.CloudFrontWebDistributionProps#aliasConfiguration +@aws-cdk/aws-cloudfront.GeoRestriction#blacklist +@aws-cdk/aws-cloudfront.GeoRestriction#whitelist +@aws-cdk/aws-cloudfront.IDistribution#domainName +@aws-cdk/aws-cloudfront.SourceConfiguration#originHeaders +@aws-cdk/aws-cloudfront.SourceConfiguration#originPath +@aws-cdk/aws-cloudtrail.Trail#onCloudTrailEvent +@aws-cdk/aws-cloudtrail.TrailProps#kmsKey +@aws-cdk/aws-codepipeline-actions.BitBucketSourceAction +@aws-cdk/aws-codepipeline-actions.BitBucketSourceAction#actionProperties +@aws-cdk/aws-codepipeline-actions.BitBucketSourceAction#bind +@aws-cdk/aws-codepipeline-actions.BitBucketSourceAction#onStateChange +@aws-cdk/aws-codepipeline-actions.BitBucketSourceActionProps +@aws-cdk/aws-codepipeline-actions.CloudFormationCreateReplaceChangeSetActionProps#capabilities +@aws-cdk/aws-codepipeline-actions.CloudFormationCreateUpdateStackActionProps#capabilities +@aws-cdk/aws-codepipeline-actions.CloudFormationDeleteStackActionProps#capabilities +@aws-cdk/aws-events-targets.EcsTask#securityGroup +@aws-cdk/aws-events-targets.EcsTaskProps#securityGroup +@aws-cdk/aws-stepfunctions.Context +@aws-cdk/aws-stepfunctions.Context#entireContext +@aws-cdk/aws-stepfunctions.Context#taskToken +@aws-cdk/aws-stepfunctions.Context#numberAt +@aws-cdk/aws-stepfunctions.Context#stringAt +@aws-cdk/aws-stepfunctions.Data +@aws-cdk/aws-stepfunctions.Data#entirePayload +@aws-cdk/aws-stepfunctions.Data#isJsonPathString +@aws-cdk/aws-stepfunctions.Data#listAt +@aws-cdk/aws-stepfunctions.Data#numberAt +@aws-cdk/aws-stepfunctions.Data#stringAt +@aws-cdk/aws-stepfunctions.IStepFunctionsTask +@aws-cdk/aws-stepfunctions.IStepFunctionsTask#bind +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#resourceArn +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#heartbeat +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#metricDimensions +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#metricPrefixPlural +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#metricPrefixSingular +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#parameters +@aws-cdk/aws-stepfunctions.StepFunctionsTaskConfig#policyStatements +@aws-cdk/aws-stepfunctions.Task +@aws-cdk/aws-stepfunctions.Task#endStates +@aws-cdk/aws-stepfunctions.Task#addCatch +@aws-cdk/aws-stepfunctions.Task#addRetry +@aws-cdk/aws-stepfunctions.Task#metric +@aws-cdk/aws-stepfunctions.Task#metricFailed +@aws-cdk/aws-stepfunctions.Task#metricHeartbeatTimedOut +@aws-cdk/aws-stepfunctions.Task#metricRunTime +@aws-cdk/aws-stepfunctions.Task#metricScheduled +@aws-cdk/aws-stepfunctions.Task#metricScheduleTime +@aws-cdk/aws-stepfunctions.Task#metricStarted +@aws-cdk/aws-stepfunctions.Task#metricSucceeded +@aws-cdk/aws-stepfunctions.Task#metricTime +@aws-cdk/aws-stepfunctions.Task#metricTimedOut +@aws-cdk/aws-stepfunctions.Task#next +@aws-cdk/aws-stepfunctions.Task#toStateJson +@aws-cdk/aws-stepfunctions.Task#whenBoundToGraph +@aws-cdk/aws-stepfunctions.TaskInput#fromContextAt +@aws-cdk/aws-stepfunctions.TaskInput#fromDataAt +@aws-cdk/aws-stepfunctions.TaskProps +@aws-cdk/aws-stepfunctions.TaskProps#task +@aws-cdk/aws-stepfunctions.TaskProps#comment +@aws-cdk/aws-stepfunctions.TaskProps#inputPath +@aws-cdk/aws-stepfunctions.TaskProps#outputPath +@aws-cdk/aws-stepfunctions.TaskProps#parameters +@aws-cdk/aws-stepfunctions.TaskProps#resultPath +@aws-cdk/aws-stepfunctions.TaskProps#timeout +@aws-cdk/aws-ecs-patterns.ApplicationLoadBalancedServiceBase#desiredCount +@aws-cdk/aws-ecs-patterns.ApplicationMultipleTargetGroupsServiceBase#desiredCount +@aws-cdk/aws-ecs-patterns.NetworkLoadBalancedServiceBase#desiredCount +@aws-cdk/aws-ecs-patterns.NetworkMultipleTargetGroupsServiceBase#desiredCount +@aws-cdk/aws-ecs-patterns.QueueProcessingServiceBase#desiredCount +@aws-cdk/aws-ecs-patterns.QueueProcessingServiceBaseProps#desiredTaskCount +@aws-cdk/aws-eks.NodegroupOptions#instanceType +@aws-cdk/aws-eks.ServiceAccount#addToPolicy +@aws-cdk/aws-s3-deployment.Expires +@aws-cdk/aws-s3-deployment.Expires#value +@aws-cdk/aws-s3-deployment.Expires#after +@aws-cdk/aws-s3-deployment.Expires#atDate +@aws-cdk/aws-s3-deployment.Expires#atTimestamp +@aws-cdk/aws-s3-deployment.Expires#fromString +@aws-cdk/aws-ses.WhiteListReceiptFilter +@aws-cdk/aws-ses.WhiteListReceiptFilterProps +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBase +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBase#connections +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBase#bind +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBase#configureAwsVpcNetworking +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBaseProps +@aws-cdk/aws-stepfunctions-tasks.EcsRunTaskBaseProps#parameters +@aws-cdk/aws-stepfunctions-tasks.InvocationType +@aws-cdk/aws-stepfunctions-tasks.InvocationType#REQUEST_RESPONSE +@aws-cdk/aws-stepfunctions-tasks.InvocationType#EVENT +@aws-cdk/aws-stepfunctions-tasks.InvocationType#DRY_RUN +@aws-cdk/aws-stepfunctions-tasks.InvokeActivity +@aws-cdk/aws-stepfunctions-tasks.InvokeActivity#bind +@aws-cdk/aws-stepfunctions-tasks.InvokeActivityProps +@aws-cdk/aws-stepfunctions-tasks.InvokeActivityProps#heartbeat +@aws-cdk/aws-stepfunctions-tasks.InvokeFunction +@aws-cdk/aws-stepfunctions-tasks.InvokeFunction#bind +@aws-cdk/aws-stepfunctions-tasks.InvokeFunctionProps +@aws-cdk/aws-stepfunctions-tasks.InvokeFunctionProps#payload +@aws-cdk/aws-stepfunctions-tasks.PublishToTopic +@aws-cdk/aws-stepfunctions-tasks.PublishToTopic#bind +@aws-cdk/aws-stepfunctions-tasks.PublishToTopicProps +@aws-cdk/aws-stepfunctions-tasks.PublishToTopicProps#message +@aws-cdk/aws-stepfunctions-tasks.PublishToTopicProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.PublishToTopicProps#messagePerSubscriptionType +@aws-cdk/aws-stepfunctions-tasks.PublishToTopicProps#subject +@aws-cdk/aws-stepfunctions-tasks.RunBatchJob +@aws-cdk/aws-stepfunctions-tasks.RunBatchJob#bind +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#jobDefinitionArn +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#jobName +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#jobQueueArn +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#arraySize +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#attempts +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#containerOverrides +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#dependsOn +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#payload +@aws-cdk/aws-stepfunctions-tasks.RunBatchJobProps#timeout +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2Task +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2TaskProps +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2TaskProps#placementConstraints +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2TaskProps#placementStrategies +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2TaskProps#securityGroup +@aws-cdk/aws-stepfunctions-tasks.RunEcsEc2TaskProps#subnets +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTask +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTaskProps +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTaskProps#assignPublicIp +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTaskProps#platformVersion +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTaskProps#securityGroup +@aws-cdk/aws-stepfunctions-tasks.RunEcsFargateTaskProps#subnets +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTask +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTask#bind +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps#arguments +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps#notifyDelayAfter +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps#securityConfiguration +@aws-cdk/aws-stepfunctions-tasks.RunGlueJobTaskProps#timeout +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTask +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTask#bind +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps#clientContext +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps#invocationType +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps#payload +@aws-cdk/aws-stepfunctions-tasks.RunLambdaTaskProps#qualifier +@aws-cdk/aws-stepfunctions-tasks.SendToQueue +@aws-cdk/aws-stepfunctions-tasks.SendToQueue#bind +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps#messageBody +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps#delay +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps#messageDeduplicationId +@aws-cdk/aws-stepfunctions-tasks.SendToQueueProps#messageGroupId +@aws-cdk/aws-stepfunctions-tasks.StartExecution +@aws-cdk/aws-stepfunctions-tasks.StartExecution#bind +@aws-cdk/aws-stepfunctions-tasks.StartExecutionProps +@aws-cdk/aws-stepfunctions-tasks.StartExecutionProps#input +@aws-cdk/aws-stepfunctions-tasks.StartExecutionProps#integrationPattern +@aws-cdk/aws-stepfunctions-tasks.StartExecutionProps#name +@aws-cdk/pipelines.AddManualApprovalOptions +@aws-cdk/pipelines.AddManualApprovalOptions#actionName +@aws-cdk/pipelines.AddManualApprovalOptions#runOrder +@aws-cdk/pipelines.AddStackOptions +@aws-cdk/pipelines.AddStackOptions#executeRunOrder +@aws-cdk/pipelines.AddStackOptions#runOrder +@aws-cdk/pipelines.AddStageOptions +@aws-cdk/pipelines.AddStageOptions#extraRunOrderSpace +@aws-cdk/pipelines.AddStageOptions#manualApprovals +@aws-cdk/pipelines.AdditionalArtifact +@aws-cdk/pipelines.AdditionalArtifact#artifact +@aws-cdk/pipelines.AdditionalArtifact#directory +@aws-cdk/pipelines.AssetPublishingCommand +@aws-cdk/pipelines.AssetPublishingCommand#assetId +@aws-cdk/pipelines.AssetPublishingCommand#assetManifestPath +@aws-cdk/pipelines.AssetPublishingCommand#assetPublishingRoleArn +@aws-cdk/pipelines.AssetPublishingCommand#assetSelector +@aws-cdk/pipelines.AssetPublishingCommand#assetType +@aws-cdk/pipelines.BaseStageOptions +@aws-cdk/pipelines.BaseStageOptions#confirmBroadeningPermissions +@aws-cdk/pipelines.BaseStageOptions#securityNotificationTopic +@aws-cdk/pipelines.CdkPipeline +@aws-cdk/pipelines.CdkPipeline#codePipeline +@aws-cdk/pipelines.CdkPipeline#addApplicationStage +@aws-cdk/pipelines.CdkPipeline#addStage +@aws-cdk/pipelines.CdkPipeline#stackOutput +@aws-cdk/pipelines.CdkPipeline#stage +@aws-cdk/pipelines.CdkPipeline#validate +@aws-cdk/pipelines.CdkPipelineProps +@aws-cdk/pipelines.CdkPipelineProps#cloudAssemblyArtifact +@aws-cdk/pipelines.CdkPipelineProps#assetBuildSpec +@aws-cdk/pipelines.CdkPipelineProps#assetPreInstallCommands +@aws-cdk/pipelines.CdkPipelineProps#cdkCliVersion +@aws-cdk/pipelines.CdkPipelineProps#codePipeline +@aws-cdk/pipelines.CdkPipelineProps#crossAccountKeys +@aws-cdk/pipelines.CdkPipelineProps#dockerCredentials +@aws-cdk/pipelines.CdkPipelineProps#enableKeyRotation +@aws-cdk/pipelines.CdkPipelineProps#pipelineName +@aws-cdk/pipelines.CdkPipelineProps#selfMutating +@aws-cdk/pipelines.CdkPipelineProps#selfMutationBuildSpec +@aws-cdk/pipelines.CdkPipelineProps#singlePublisherPerType +@aws-cdk/pipelines.CdkPipelineProps#sourceAction +@aws-cdk/pipelines.CdkPipelineProps#subnetSelection +@aws-cdk/pipelines.CdkPipelineProps#supportDockerAssets +@aws-cdk/pipelines.CdkPipelineProps#synthAction +@aws-cdk/pipelines.CdkPipelineProps#vpc +@aws-cdk/pipelines.CdkStackActionFromArtifactOptions +@aws-cdk/pipelines.CdkStackActionFromArtifactOptions#stackName +@aws-cdk/pipelines.CdkStage +@aws-cdk/pipelines.CdkStage#addActions +@aws-cdk/pipelines.CdkStage#addApplication +@aws-cdk/pipelines.CdkStage#addManualApprovalAction +@aws-cdk/pipelines.CdkStage#addStackArtifactDeployment +@aws-cdk/pipelines.CdkStage#deploysStack +@aws-cdk/pipelines.CdkStage#nextSequentialRunOrder +@aws-cdk/pipelines.CdkStageProps +@aws-cdk/pipelines.CdkStageProps#cloudAssemblyArtifact +@aws-cdk/pipelines.CdkStageProps#host +@aws-cdk/pipelines.CdkStageProps#pipelineStage +@aws-cdk/pipelines.CdkStageProps#stageName +@aws-cdk/pipelines.CdkStageProps#confirmBroadeningPermissions +@aws-cdk/pipelines.CdkStageProps#securityNotificationTopic +@aws-cdk/pipelines.DeployCdkStackAction +@aws-cdk/pipelines.DeployCdkStackAction#actionProperties +@aws-cdk/pipelines.DeployCdkStackAction#dependencyStackArtifactIds +@aws-cdk/pipelines.DeployCdkStackAction#executeRunOrder +@aws-cdk/pipelines.DeployCdkStackAction#prepareRunOrder +@aws-cdk/pipelines.DeployCdkStackAction#stackName +@aws-cdk/pipelines.DeployCdkStackAction#stackArtifactId +@aws-cdk/pipelines.DeployCdkStackAction#fromStackArtifact +@aws-cdk/pipelines.DeployCdkStackAction#bind +@aws-cdk/pipelines.DeployCdkStackAction#onStateChange +@aws-cdk/pipelines.DeployCdkStackActionOptions +@aws-cdk/pipelines.DeployCdkStackActionOptions#cloudAssemblyInput +@aws-cdk/pipelines.DeployCdkStackActionOptions#baseActionName +@aws-cdk/pipelines.DeployCdkStackActionOptions#changeSetName +@aws-cdk/pipelines.DeployCdkStackActionOptions#executeRunOrder +@aws-cdk/pipelines.DeployCdkStackActionOptions#output +@aws-cdk/pipelines.DeployCdkStackActionOptions#outputFileName +@aws-cdk/pipelines.DeployCdkStackActionOptions#prepareRunOrder +@aws-cdk/pipelines.DeployCdkStackActionProps +@aws-cdk/pipelines.DeployCdkStackActionProps#actionRole +@aws-cdk/pipelines.DeployCdkStackActionProps#stackName +@aws-cdk/pipelines.DeployCdkStackActionProps#templatePath +@aws-cdk/pipelines.DeployCdkStackActionProps#cloudFormationExecutionRole +@aws-cdk/pipelines.DeployCdkStackActionProps#dependencyStackArtifactIds +@aws-cdk/pipelines.DeployCdkStackActionProps#region +@aws-cdk/pipelines.DeployCdkStackActionProps#stackArtifactId +@aws-cdk/pipelines.DeployCdkStackActionProps#templateConfigurationPath +@aws-cdk/pipelines.FromStackArtifactOptions +@aws-cdk/pipelines.FromStackArtifactOptions#cloudAssemblyInput +@aws-cdk/pipelines.FromStackArtifactOptions#executeRunOrder +@aws-cdk/pipelines.FromStackArtifactOptions#output +@aws-cdk/pipelines.FromStackArtifactOptions#outputFileName +@aws-cdk/pipelines.FromStackArtifactOptions#prepareRunOrder +@aws-cdk/pipelines.IStageHost +@aws-cdk/pipelines.IStageHost#publishAsset +@aws-cdk/pipelines.IStageHost#stackOutputArtifact +@aws-cdk/pipelines.PublishAssetsAction +@aws-cdk/pipelines.PublishAssetsAction#actionProperties +@aws-cdk/pipelines.PublishAssetsAction#addPublishCommand +@aws-cdk/pipelines.PublishAssetsAction#bind +@aws-cdk/pipelines.PublishAssetsAction#onStateChange +@aws-cdk/pipelines.PublishAssetsActionProps +@aws-cdk/pipelines.PublishAssetsActionProps#actionName +@aws-cdk/pipelines.PublishAssetsActionProps#assetType +@aws-cdk/pipelines.PublishAssetsActionProps#cloudAssemblyInput +@aws-cdk/pipelines.PublishAssetsActionProps#buildSpec +@aws-cdk/pipelines.PublishAssetsActionProps#cdkCliVersion +@aws-cdk/pipelines.PublishAssetsActionProps#createBuildspecFile +@aws-cdk/pipelines.PublishAssetsActionProps#dependable +@aws-cdk/pipelines.PublishAssetsActionProps#preInstallCommands +@aws-cdk/pipelines.PublishAssetsActionProps#projectName +@aws-cdk/pipelines.PublishAssetsActionProps#role +@aws-cdk/pipelines.PublishAssetsActionProps#subnetSelection +@aws-cdk/pipelines.PublishAssetsActionProps#vpc +@aws-cdk/pipelines.ShellScriptAction +@aws-cdk/pipelines.ShellScriptAction#actionProperties +@aws-cdk/pipelines.ShellScriptAction#grantPrincipal +@aws-cdk/pipelines.ShellScriptAction#project +@aws-cdk/pipelines.ShellScriptAction#bind +@aws-cdk/pipelines.ShellScriptAction#onStateChange +@aws-cdk/pipelines.ShellScriptActionProps +@aws-cdk/pipelines.ShellScriptActionProps#actionName +@aws-cdk/pipelines.ShellScriptActionProps#commands +@aws-cdk/pipelines.ShellScriptActionProps#additionalArtifacts +@aws-cdk/pipelines.ShellScriptActionProps#bashOptions +@aws-cdk/pipelines.ShellScriptActionProps#environment +@aws-cdk/pipelines.ShellScriptActionProps#environmentVariables +@aws-cdk/pipelines.ShellScriptActionProps#rolePolicyStatements +@aws-cdk/pipelines.ShellScriptActionProps#runOrder +@aws-cdk/pipelines.ShellScriptActionProps#securityGroups +@aws-cdk/pipelines.ShellScriptActionProps#subnetSelection +@aws-cdk/pipelines.ShellScriptActionProps#useOutputs +@aws-cdk/pipelines.ShellScriptActionProps#vpc +@aws-cdk/pipelines.SimpleSynthAction +@aws-cdk/pipelines.SimpleSynthAction#actionProperties +@aws-cdk/pipelines.SimpleSynthAction#grantPrincipal +@aws-cdk/pipelines.SimpleSynthAction#project +@aws-cdk/pipelines.SimpleSynthAction#standardNpmSynth +@aws-cdk/pipelines.SimpleSynthAction#standardYarnSynth +@aws-cdk/pipelines.SimpleSynthAction#bind +@aws-cdk/pipelines.SimpleSynthAction#onStateChange +@aws-cdk/pipelines.SimpleSynthActionProps +@aws-cdk/pipelines.SimpleSynthActionProps#synthCommand +@aws-cdk/pipelines.SimpleSynthActionProps#buildCommand +@aws-cdk/pipelines.SimpleSynthActionProps#buildCommands +@aws-cdk/pipelines.SimpleSynthActionProps#installCommand +@aws-cdk/pipelines.SimpleSynthActionProps#installCommands +@aws-cdk/pipelines.SimpleSynthActionProps#testCommands +@aws-cdk/pipelines.SimpleSynthOptions +@aws-cdk/pipelines.SimpleSynthOptions#cloudAssemblyArtifact +@aws-cdk/pipelines.SimpleSynthOptions#sourceArtifact +@aws-cdk/pipelines.SimpleSynthOptions#actionName +@aws-cdk/pipelines.SimpleSynthOptions#additionalArtifacts +@aws-cdk/pipelines.SimpleSynthOptions#buildSpec +@aws-cdk/pipelines.SimpleSynthOptions#copyEnvironmentVariables +@aws-cdk/pipelines.SimpleSynthOptions#environment +@aws-cdk/pipelines.SimpleSynthOptions#environmentVariables +@aws-cdk/pipelines.SimpleSynthOptions#projectName +@aws-cdk/pipelines.SimpleSynthOptions#rolePolicyStatements +@aws-cdk/pipelines.SimpleSynthOptions#subdirectory +@aws-cdk/pipelines.SimpleSynthOptions#subnetSelection +@aws-cdk/pipelines.SimpleSynthOptions#vpc +@aws-cdk/pipelines.StackOutput +@aws-cdk/pipelines.StackOutput#artifactFile +@aws-cdk/pipelines.StackOutput#outputName +@aws-cdk/pipelines.StandardNpmSynthOptions +@aws-cdk/pipelines.StandardNpmSynthOptions#buildCommand +@aws-cdk/pipelines.StandardNpmSynthOptions#installCommand +@aws-cdk/pipelines.StandardNpmSynthOptions#synthCommand +@aws-cdk/pipelines.StandardNpmSynthOptions#testCommands +@aws-cdk/pipelines.StandardYarnSynthOptions +@aws-cdk/pipelines.StandardYarnSynthOptions#buildCommand +@aws-cdk/pipelines.StandardYarnSynthOptions#installCommand +@aws-cdk/pipelines.StandardYarnSynthOptions#synthCommand +@aws-cdk/pipelines.StandardYarnSynthOptions#testCommands +@aws-cdk/pipelines.UpdatePipelineAction +@aws-cdk/pipelines.UpdatePipelineAction#actionProperties +@aws-cdk/pipelines.UpdatePipelineAction#bind +@aws-cdk/pipelines.UpdatePipelineAction#onStateChange +@aws-cdk/pipelines.UpdatePipelineActionProps +@aws-cdk/pipelines.UpdatePipelineActionProps#cloudAssemblyInput +@aws-cdk/pipelines.UpdatePipelineActionProps#pipelineStackHierarchicalId +@aws-cdk/pipelines.UpdatePipelineActionProps#buildSpec +@aws-cdk/pipelines.UpdatePipelineActionProps#cdkCliVersion +@aws-cdk/pipelines.UpdatePipelineActionProps#dockerCredentials +@aws-cdk/pipelines.UpdatePipelineActionProps#pipelineStackName +@aws-cdk/pipelines.UpdatePipelineActionProps#privileged +@aws-cdk/pipelines.UpdatePipelineActionProps#projectName diff --git a/scripts/list-deprecated-apis.js b/scripts/list-deprecated-apis.js index 284022b4825e1..a4596ebdf1a69 100755 --- a/scripts/list-deprecated-apis.js +++ b/scripts/list-deprecated-apis.js @@ -3,51 +3,78 @@ const path = require('path'); const jsiiReflect = require('jsii-reflect'); -async function main() { +class MarkdownPrinter { + printHeader() { + process.stdout.write(`# List of deprecated APIs in v1\n`); + process.stdout.write('\n'); + process.stdout.write(`| Module | API Element | Message |\n`); + process.stdout.write(`|--------|-------------|---------|\n`); + } + + printIfDeprecated(mod, name, el) { + try { + if (el.docs.deprecated) { + // Add zero-width spaces after . and _ to allow for line breaking long identifiers + // (WindowsVersion.WINDOWS_SERVER_2012_RTM_CHINESE_TRADITIONAL_HONG_KONG_SAR_64BIT_BASE is a fun one...) + // For consistency with the original format, replace the '#' separators with '.' + const apiName = name.replace('#', '.').replace(/(\.|_)/g, '$1\u200B'); + + // Some deprecation reasons start with '- ' for misguided reasons. Get rid of it, and also get rid of newlines. + const reason = el.docs.deprecationReason.replace(/^-/, '').replace(/\n/g, ' ').trim(); + + process.stdout.write(`| ${mod} | ${apiName} | ${reason} |\n`); + } + } catch (e) { + console.error(`While processing ${mod}.${name}:`, e); + } + } +} + +/** For use as input to the --strip-deprecated argument in jsii */ +class StripDeprecatedPrinter { + printHeader() { } + + printIfDeprecated(mod, name, el) { + try { + if (el.docs.deprecated) { + // Remove the method parens + process.stdout.write(`${mod}.${name.replace(/\(\)$/, '')}\n`); + } + } catch (e) { + console.error(`While processing ${mod}.${name}:`, e); + } + } +} + +async function main(printer) { const typesystem = new jsiiReflect.TypeSystem(); // Decdk depends on everything, so that's a perfect directory to load as closure await typesystem.loadNpmDependencies(path.resolve(__dirname, '..', 'packages', 'decdk'), { validate: false }); - process.stdout.write(`# List of deprecated APIs in v1\n`); - process.stdout.write('\n'); - process.stdout.write(`| Module | API Element | Message |\n`); - process.stdout.write(`|--------|-------------|---------|\n`); + printer.printHeader(); for (const assembly of typesystem.assemblies) { for (const type of assembly.types) { - printIfDeprecated(assembly.fqn, type.name, type); + printer.printIfDeprecated(assembly.fqn, type.name, type); if (type.isEnumType()) { - type.members.forEach(e => printIfDeprecated(assembly.fqn, `${type.name}.${e.name}`, e)); + type.members.forEach(e => printer.printIfDeprecated(assembly.fqn, `${type.name}#${e.name}`, e)); } if (type.isInterfaceType() || type.isClassType() || type.isDataType()) { - type.ownProperties.forEach(p => printIfDeprecated(assembly.fqn, `${type.name}.${p.name}`, p)); + type.ownProperties.forEach(p => printer.printIfDeprecated(assembly.fqn, `${type.name}#${p.name}`, p)); type.ownMethods.forEach(method => { - printIfDeprecated(assembly.fqn, `${type.name}.${method.name}()`, method); - method.parameters.forEach(p => printIfDeprecated(assembly.fqn, `${type.name}.${method.name}(): ${p.name}`, p)); + printer.printIfDeprecated(assembly.fqn, `${type.name}#${method.name}()`, method); + method.parameters.forEach(p => printer.printIfDeprecated(assembly.fqn, `${type.name}#${method.name}(): ${p.name}`, p)); }); } } } } -function printIfDeprecated(mod, name, el) { - try { - if (el.docs.deprecated) { - // Add zero-width spaces after . and _ to allow for line breaking long identifiers - // (WindowsVersion.WINDOWS_SERVER_2012_RTM_CHINESE_TRADITIONAL_HONG_KONG_SAR_64BIT_BASE is a fun one...) - const apiName = name.replace(/(\.|_)/g, '$1\u200B'); - - // Some deprecation reasons start with '- ' for misguided reasons. Get rid of it, and also get rid of newlines. - const reason = el.docs.deprecationReason.replace(/^-/, '').replace(/\n/g, ' ').trim(); - - process.stdout.write(`| ${mod} | ${apiName} | ${reason} |\n`); - } - } catch (e) { - console.error(`While processing ${mod}.${name}:`, e); - } -} +const printer = (process.argv.length > 2 && process.argv[2] === '--plain') + ? new StripDeprecatedPrinter() + : new MarkdownPrinter(); -main().catch(e => console.error(e)); +main(printer).catch(e => console.error(e)); From 7640130b9f033ea950941ef8de46343869e523f5 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Wed, 27 Oct 2021 13:42:20 +0100 Subject: [PATCH 13/40] chore(assertions): minor documentation tweaks (#17138) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/assertions/README.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/assertions/README.md b/packages/@aws-cdk/assertions/README.md index 47a27cbbd2513..3c97f387d8398 100644 --- a/packages/@aws-cdk/assertions/README.md +++ b/packages/@aws-cdk/assertions/README.md @@ -45,9 +45,11 @@ template. ```ts const expected = { Resources: { - Type: 'Foo::Bar', - Properties: { - Baz: 'Qux', + BarLogicalId: { + Type: 'Foo::Bar', + Properties: { + Baz: 'Qux', + }, }, }, }; @@ -62,7 +64,7 @@ to change this. Snapshot testing is a common technique to store a snapshot of the output and compare it during future changes. Since CloudFormation templates are human readable, -they are a good target for åßsnapshot testing. +they are a good target for snapshot testing. The `toJSON()` method on the `Template` can be used to produce a well formatted JSON of the CloudFormation template that can be used as a snapshot. From ca02187cba79e04d84b097bfb6838ac746a1a065 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 27 Oct 2021 15:36:00 +0200 Subject: [PATCH 14/40] chore(events): make examples compile (#17157) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-events/README.md | 45 +++++++++++++------ .../aws-events/rosetta/basic.ts-fixture | 12 +++++ .../aws-events/rosetta/default.ts-fixture | 20 +++++++++ 3 files changed, 64 insertions(+), 13 deletions(-) create mode 100644 packages/@aws-cdk/aws-events/rosetta/basic.ts-fixture create mode 100644 packages/@aws-cdk/aws-events/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-events/README.md b/packages/@aws-cdk/aws-events/README.md index 0288407ee094f..13bd483ca54cb 100644 --- a/packages/@aws-cdk/aws-events/README.md +++ b/packages/@aws-cdk/aws-events/README.md @@ -59,6 +59,9 @@ For example, to define an rule that triggers a CodeBuild project build when a commit is pushed to the "master" branch of a CodeCommit repository: ```ts +declare const repo: codecommit.Repository; +declare const project: codebuild.Project; + const onCommitRule = repo.onCommit('OnCommit', { target: new targets.CodeBuildProject(project), branches: ['master'] @@ -73,6 +76,9 @@ topic target which formats a human-readable message for the commit. For example, this adds an SNS topic as a target: ```ts +declare const onCommitRule: events.Rule; +declare const topic: sns.Topic; + onCommitRule.addTarget(new targets.SnsTopic(topic, { message: events.RuleTargetInput.fromText( `A commit was pushed to the repository ${codecommit.ReferenceEvent.repositoryName} on branch ${codecommit.ReferenceEvent.referenceName}` @@ -83,6 +89,9 @@ onCommitRule.addTarget(new targets.SnsTopic(topic, { Or using an Object: ```ts +declare const onCommitRule: events.Rule; +declare const topic: sns.Topic; + onCommitRule.addTarget(new targets.SnsTopic(topic, { message: events.RuleTargetInput.fromObject( { @@ -99,10 +108,15 @@ Rate must be specified in minutes, hours or days. The following example runs a task every day at 4am: -```ts +```ts fixture=basic import { Rule, Schedule } from '@aws-cdk/aws-events'; import { EcsTask } from '@aws-cdk/aws-events-targets'; -... +import { Cluster, TaskDefinition } from '@aws-cdk/aws-ecs'; +import { Role } from '@aws-cdk/aws-iam'; + +declare const cluster: Cluster; +declare const taskDefinition: TaskDefinition; +declare const role: Role; const ecsTaskTarget = new EcsTask({ cluster, taskDefinition, role }); @@ -115,8 +129,12 @@ new Rule(this, 'ScheduleRule', { If you want to specify Fargate platform version, set `platformVersion` in EcsTask's props like the following example: ```ts +declare const cluster: ecs.Cluster; +declare const taskDefinition: ecs.TaskDefinition; +declare const role: iam.Role; + const platformVersion = ecs.FargatePlatformVersion.VERSION1_4; -const ecsTaskTarget = new EcsTask({ cluster, taskDefinition, role, platformVersion }); +const ecsTaskTarget = new targets.EcsTask({ cluster, taskDefinition, role, platformVersion }); ``` ## Event Targets @@ -140,7 +158,7 @@ The following targets are supported: It's possible to have the source of the event and a target in separate AWS accounts and regions: -```ts +```ts nofixture import { App, Stack } from '@aws-cdk/core'; import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codecommit from '@aws-cdk/aws-codecommit'; @@ -148,9 +166,12 @@ import * as targets from '@aws-cdk/aws-events-targets'; const app = new App(); +const account1 = '11111111111'; +const account2 = '22222222222'; + const stack1 = new Stack(app, 'Stack1', { env: { account: account1, region: 'us-west-1' } }); const repo = new codecommit.Repository(stack1, 'Repository', { - // ... + repositoryName: 'myrepository', }); const stack2 = new Stack(app, 'Stack2', { env: { account: account2, region: 'us-east-1' } }); @@ -179,11 +200,7 @@ For more information, see the It is possible to archive all or some events sent to an event bus. It is then possible to [replay these events](https://aws.amazon.com/blogs/aws/new-archive-and-replay-events-with-amazon-eventbridge/). ```ts -import * as cdk from '@aws-cdk/core'; - -const stack = new stack(); - -const bus = new EventBus(stack, 'bus', { +const bus = new events.EventBus(this, 'bus', { eventBusName: 'MyCustomEventBus' }); @@ -191,9 +208,9 @@ bus.archive('MyArchive', { archiveName: 'MyCustomEventBusArchive', description: 'MyCustomerEventBus Archive', eventPattern: { - account: [stack.account], + account: [Stack.of(this).account], }, - retention: cdk.Duration.days(365), + retention: Duration.days(365), }); ``` @@ -205,7 +222,9 @@ or `EventBus.fromEventBusName` factory method. Then, you can use the `grantPutEventsTo` method to grant `event:PutEvents` to the eventBus. ```ts -const eventBus = EventBus.fromEventBusArn(this, 'ImportedEventBus', 'arn:aws:events:us-east-1:111111111:event-bus/my-event-bus'); +declare const lambdaFunction: lambda.Function; + +const eventBus = events.EventBus.fromEventBusArn(this, 'ImportedEventBus', 'arn:aws:events:us-east-1:111111111:event-bus/my-event-bus'); // now you can just call methods on the eventbus eventBus.grantPutEventsTo(lambdaFunction); diff --git a/packages/@aws-cdk/aws-events/rosetta/basic.ts-fixture b/packages/@aws-cdk/aws-events/rosetta/basic.ts-fixture new file mode 100644 index 0000000000000..0cc6d1104d521 --- /dev/null +++ b/packages/@aws-cdk/aws-events/rosetta/basic.ts-fixture @@ -0,0 +1,12 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Stack, Duration } from '@aws-cdk/core'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + diff --git a/packages/@aws-cdk/aws-events/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-events/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..7cb7c6f81aec6 --- /dev/null +++ b/packages/@aws-cdk/aws-events/rosetta/default.ts-fixture @@ -0,0 +1,20 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Stack, Duration } from '@aws-cdk/core'; +import * as events from '@aws-cdk/aws-events'; +import * as targets from '@aws-cdk/aws-events-targets'; +import * as codecommit from '@aws-cdk/aws-codecommit'; +import * as codebuild from '@aws-cdk/aws-codebuild'; +import * as sns from '@aws-cdk/aws-sns'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + From 80369ff69e34a457cd7b27caf71d243d6579c727 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 27 Oct 2021 10:27:07 -0400 Subject: [PATCH 15/40] docs(logs): make examples compile (#17168) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-logs/README.md | 54 ++++++++++--------- .../aws-logs/rosetta/default.ts-fixture | 15 ++++++ 2 files changed, 44 insertions(+), 25 deletions(-) create mode 100644 packages/@aws-cdk/aws-logs/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-logs/README.md b/packages/@aws-cdk/aws-logs/README.md index 497526ca6ec60..1fcd323ca621c 100644 --- a/packages/@aws-cdk/aws-logs/README.md +++ b/packages/@aws-cdk/aws-logs/README.md @@ -61,7 +61,7 @@ Here's a simple example of creating an encrypted Log Group using a KMS CMK. ```ts import * as kms from '@aws-cdk/aws-kms'; -new LogGroup(this, 'LogGroup', { +new logs.LogGroup(this, 'LogGroup', { encryptionKey: new kms.Key(this, 'Key'), }); ``` @@ -83,13 +83,14 @@ Create a `SubscriptionFilter`, initialize it with an appropriate `Pattern` (see below) and supply the intended destination: ```ts -const fn = new lambda.Function(this, 'Lambda', { ... }); -const logGroup = new LogGroup(this, 'LogGroup', { ... }); +import * as destinations from '@aws-cdk/aws-logs-destinations'; +declare const fn: lambda.Function; +declare const logGroup: logs.LogGroup; -new SubscriptionFilter(this, 'Subscription', { - logGroup, - destination: new LogsDestinations.LambdaDestination(fn), - filterPattern: FilterPattern.allTerms("ERROR", "MainThread") +new logs.SubscriptionFilter(this, 'Subscription', { + logGroup, + destination: new destinations.LambdaDestination(fn), + filterPattern: logs.FilterPattern.allTerms("ERROR", "MainThread"), }); ``` @@ -114,6 +115,7 @@ A very simple MetricFilter can be created by using the `logGroup.extractMetric() helper function: ```ts +declare const logGroup: logs.LogGroup; logGroup.extractMetric('$.jsonField', 'Namespace', 'MetricName'); ``` @@ -127,11 +129,12 @@ You can expose a metric on a metric filter by calling the `MetricFilter.metric() This has a default of `statistic = 'avg'` if the statistic is not set in the `props`. ```ts -const mf = new MetricFilter(this, 'MetricFilter', { +declare const logGroup: logs.LogGroup; +const mf = new logs.MetricFilter(this, 'MetricFilter', { logGroup, metricNamespace: 'MyApp', metricName: 'Latency', - filterPattern: FilterPattern.exists('$.latency'), + filterPattern: logs.FilterPattern.exists('$.latency'), metricValue: '$.latency', }); @@ -139,7 +142,7 @@ const mf = new MetricFilter(this, 'MetricFilter', { const metric = mf.metric(); //you can use the metric to create a new alarm -new Alarm(this, 'alarm from metric filter', { +new cloudwatch.Alarm(this, 'alarm from metric filter', { metric, threshold: 100, evaluationPeriods: 2, @@ -175,7 +178,7 @@ line. (substrings) appear in the log event. * `FilterPattern.anyTerm(term, term, ...)`: matches if all of the given terms (substrings) appear in the log event. -* `FilterPattern.anyGroup([term, term, ...], [term, term, ...], ...)`: matches if +* `FilterPattern.anyTermGroup([term, term, ...], [term, term, ...], ...)`: matches if all of the terms in any of the groups (specified as arrays) matches. This is an OR match. @@ -184,14 +187,14 @@ Examples: ```ts // Search for lines that contain both "ERROR" and "MainThread" -const pattern1 = FilterPattern.allTerms('ERROR', 'MainThread'); +const pattern1 = logs.FilterPattern.allTerms('ERROR', 'MainThread'); // Search for lines that either contain both "ERROR" and "MainThread", or // both "WARN" and "Deadlock". -const pattern2 = FilterPattern.anyGroup( - ['ERROR', 'MainThread'], - ['WARN', 'Deadlock'], - ); +const pattern2 = logs.FilterPattern.anyTermGroup( + ['ERROR', 'MainThread'], + ['WARN', 'Deadlock'], +); ``` ## JSON Patterns @@ -235,12 +238,13 @@ Example: // Search for all events where the component field is equal to // "HttpServer" and either error is true or the latency is higher // than 1000. -const pattern = FilterPattern.all( - FilterPattern.stringValue('$.component', '=', 'HttpServer'), - FilterPattern.any( - FilterPattern.booleanValue('$.error', true), - FilterPattern.numberValue('$.latency', '>', 1000) - )); +const pattern = logs.FilterPattern.all( + logs.FilterPattern.stringValue('$.component', '=', 'HttpServer'), + logs.FilterPattern.any( + logs.FilterPattern.booleanValue('$.error', true), + logs.FilterPattern.numberValue('$.latency', '>', 1000), + ), +); ``` ## Space-delimited table patterns @@ -274,9 +278,9 @@ Example: ```ts // Search for all events where the component is "HttpServer" and the // result code is not equal to 200. -const pattern = FilterPattern.spaceDelimited('time', 'component', '...', 'result_code', 'latency') - .whereString('component', '=', 'HttpServer') - .whereNumber('result_code', '!=', 200); +const pattern = logs.FilterPattern.spaceDelimited('time', 'component', '...', 'result_code', 'latency') + .whereString('component', '=', 'HttpServer') + .whereNumber('result_code', '!=', 200); ``` ## Notes diff --git a/packages/@aws-cdk/aws-logs/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-logs/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..27c338ce30a32 --- /dev/null +++ b/packages/@aws-cdk/aws-logs/rosetta/default.ts-fixture @@ -0,0 +1,15 @@ +// Fixture with packages imported, but nothing else +import { Construct } from 'constructs'; +import { Stack } from '@aws-cdk/core'; +import * as logs from '@aws-cdk/aws-logs'; +import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as lambda from '@aws-cdk/aws-lambda'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + From 312c2b614a73ea3176564a1de43a15f0992972d6 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 27 Oct 2021 17:19:55 +0200 Subject: [PATCH 16/40] docs: note that `App`s `outdir` property should not be used (#16670) If this property is passed it has to agree with the CLI's `--output` flag. If this property is not passed, it will default to the CLI's `--output` flag. In either case, it's better to just use `--output` and not pass this property at all; the property only has value inside tests. I tried to add validation (by using `Annotations.of(app).addWarning()` but they are useless anyway: in the CX protocol, metadata can only be attached to `StackArtifacts`, so metadata attached to the `App` will not be rendered. Adding a full framework feature to move metadata to a different place feels like too much risk and work for this small note, so turned it into a documentation fix. Fixes #3717. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/lib/app.ts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/packages/@aws-cdk/core/lib/app.ts b/packages/@aws-cdk/core/lib/app.ts index 6719995d2b837..09ad1a3f81b79 100644 --- a/packages/@aws-cdk/core/lib/app.ts +++ b/packages/@aws-cdk/core/lib/app.ts @@ -25,6 +25,12 @@ export interface AppProps { /** * The output directory into which to emit synthesized artifacts. * + * You should never need to set this value. By default, the value you pass to + * the CLI's `--output` flag will be used, and if you change it to a different + * directory the CLI will fail to pick up the generated Cloud Assembly. + * + * This property is intended for internal and testing use. + * * @default - If this value is _not_ set, considers the environment variable `CDK_OUTDIR`. * If `CDK_OUTDIR` is not defined, uses a temp directory. */ From deccdebc43b4ff79c53ffa5a4171ef5a78f944c4 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 27 Oct 2021 18:12:33 +0200 Subject: [PATCH 17/40] chore(ec2): make examples (mostly) compile (#17183) There is one error left, jsii-rosetta doesn't support array indexing yet (`array[5]`). That's easy enough to add, so we're going to add that to Rosetta. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/README.md | 245 ++++++++++++------ .../@aws-cdk/aws-ec2/lib/security-group.ts | 2 +- packages/@aws-cdk/aws-ec2/lib/user-data.ts | 6 +- packages/@aws-cdk/aws-ec2/lib/volume.ts | 5 +- packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts | 2 + .../aws-ec2/rosetta/client-vpn.ts-fixture | 2 +- .../@aws-cdk/aws-ec2/rosetta/conns.ts-fixture | 26 -- .../aws-ec2/rosetta/default.ts-fixture | 8 +- 8 files changed, 177 insertions(+), 119 deletions(-) delete mode 100644 packages/@aws-cdk/aws-ec2/rosetta/conns.ts-fixture diff --git a/packages/@aws-cdk/aws-ec2/README.md b/packages/@aws-cdk/aws-ec2/README.md index f450e29dfcf20..ca30cc28fe9bd 100644 --- a/packages/@aws-cdk/aws-ec2/README.md +++ b/packages/@aws-cdk/aws-ec2/README.md @@ -93,17 +93,21 @@ must specify the environment where the stack will be deployed. You can gain full control over the availability zones selection strategy by overriding the Stack's [`get availabilityZones()`](https://github.com/aws/aws-cdk/blob/master/packages/@aws-cdk/core/lib/stack.ts) method: -```ts +```text +// This example is only available in TypeScript + class MyStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + // ... + } + get availabilityZones(): string[] { return ['us-west-2a', 'us-west-2b']; } - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - ... - } } ``` @@ -121,11 +125,13 @@ The example below will place the endpoint into two AZs (`us-east-1a` and `us-eas in Isolated subnets: ```ts -new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { +declare const vpc: ec2.Vpc; + +new ec2.InterfaceVpcEndpoint(this, 'VPC Endpoint', { vpc, - service: new InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), + service: new ec2.InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), subnets: { - subnetType: SubnetType.ISOLATED, + subnetType: ec2.SubnetType.ISOLATED, availabilityZones: ['us-east-1a', 'us-east-1c'] } }); @@ -134,9 +140,13 @@ new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { You can also specify specific subnet objects for granular control: ```ts -new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { +declare const vpc: ec2.Vpc; +declare const subnet1: ec2.Subnet; +declare const subnet2: ec2.Subnet; + +new ec2.InterfaceVpcEndpoint(this, 'VPC Endpoint', { vpc, - service: new InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), + service: new ec2.InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), subnets: { subnets: [subnet1, subnet2] } @@ -193,14 +203,16 @@ gets routed, pass `allowAllTraffic: false` and access the `NatInstanceProvider.connections` member after having passed it to the VPC: ```ts -const provider = NatProvider.instance({ - instanceType: /* ... */, +declare const instanceType: ec2.InstanceType; + +const provider = ec2.NatProvider.instance({ + instanceType, allowAllTraffic: false, }); -new Vpc(stack, 'TheVPC', { +new ec2.Vpc(this, 'TheVPC', { natGatewayProvider: provider, }); -provider.connections.allowFrom(Peer.ipv4('1.2.3.4/8'), Port.tcp(80)); +provider.connections.allowFrom(ec2.Peer.ipv4('1.2.3.4/8'), ec2.Port.tcp(80)); ``` ### Advanced Subnet Configuration @@ -284,6 +296,8 @@ DatabaseSubnet3 |`ISOLATED`|`10.0.6.32/28`|#3|Only routes within the VPC If you need access to the internet gateway, you can get its ID like so: ```ts +declare const vpc: ec2.Vpc; + const igwId = vpc.internetGatewayId; ``` @@ -305,18 +319,19 @@ Internet Gateway created for the public subnet - perhaps for routing a VPN connection - you can do so like this: ```ts -const vpc = ec2.Vpc(this, "VPC", { +const vpc = new ec2.Vpc(this, "VPC", { subnetConfiguration: [{ - subnetType: SubnetType.PUBLIC, + subnetType: ec2.SubnetType.PUBLIC, name: 'Public', },{ - subnetType: SubnetType.ISOLATED, + subnetType: ec2.SubnetType.ISOLATED, name: 'Isolated', }] -}) -(vpc.isolatedSubnets[0] as Subnet).addRoute("StaticRoute", { - routerId: vpc.internetGatewayId, - routerType: RouterType.GATEWAY, +}); + +(vpc.isolatedSubnets[0] as ec2.Subnet).addRoute("StaticRoute", { + routerId: vpc.internetGatewayId!, + routerType: ec2.RouterType.GATEWAY, destinationCidrBlock: "8.8.8.8/32", }) ``` @@ -412,7 +427,7 @@ following limitations: Using `Vpc.fromVpcAttributes()` looks like this: ```ts -const vpc = ec2.Vpc.fromVpcAttributes(stack, 'VPC', { +const vpc = ec2.Vpc.fromVpcAttributes(this, 'VPC', { vpcId: 'vpc-1234', availabilityZones: ['us-east-1a', 'us-east-1b'], @@ -423,7 +438,7 @@ const vpc = ec2.Vpc.fromVpcAttributes(stack, 'VPC', { privateSubnetIds: Fn.importListValue('PrivateSubnetIds', 2), // OR: split an imported string to a list of known length - isolatedSubnetIds: Fn.split(',', ssm.StringParameter.valueForStringParameter(stack, `MyParameter`), 2), + isolatedSubnetIds: Fn.split(',', ssm.StringParameter.valueForStringParameter(this, `MyParameter`), 2), }); ``` @@ -457,7 +472,11 @@ have security groups, you have to add an **Egress** rule to one Security Group, and an **Ingress** rule to the other. The connections object will automatically take care of this for you: -```ts fixture=conns +```ts +declare const loadBalancer: elbv2.ApplicationLoadBalancer; +declare const appFleet: autoscaling.AutoScalingGroup; +declare const dbFleet: autoscaling.AutoScalingGroup; + // Allow connections from anywhere loadBalancer.connections.allowFromAnyIpv4(ec2.Port.tcp(443), 'Allow inbound HTTPS'); @@ -472,7 +491,10 @@ appFleet.connections.allowTo(dbFleet, ec2.Port.tcp(443), 'App can call database' There are various classes that implement the connection peer part: -```ts fixture=conns +```ts +declare const appFleet: autoscaling.AutoScalingGroup; +declare const dbFleet: autoscaling.AutoScalingGroup; + // Simple connection peers let peer = ec2.Peer.ipv4('10.0.0.0/16'); peer = ec2.Peer.anyIpv4(); @@ -484,7 +506,11 @@ appFleet.connections.allowTo(peer, ec2.Port.tcp(443), 'Allow outbound HTTPS'); Any object that has a security group can itself be used as a connection peer: -```ts fixture=conns +```ts +declare const fleet1: autoscaling.AutoScalingGroup; +declare const fleet2: autoscaling.AutoScalingGroup; +declare const appFleet: autoscaling.AutoScalingGroup; + // These automatically create appropriate ingress and egress rules in both security groups fleet1.connections.allowTo(fleet2, ec2.Port.tcp(80), 'Allow between fleets'); @@ -518,7 +544,11 @@ If the object you're calling the peering method on has a default port associated For example: -```ts fixture=conns +```ts +declare const listener: elbv2.ApplicationListener; +declare const appFleet: autoscaling.AutoScalingGroup; +declare const rdsDatabase: rds.DatabaseCluster; + // Port implicit in listener listener.connections.allowDefaultPortFromAnyIpv4('Allow public'); @@ -637,9 +667,11 @@ By default, CDK will place a VPC endpoint in one subnet per AZ. If you wish to o use the `subnets` parameter as follows: ```ts -new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { +declare const vpc: ec2.Vpc; + +new ec2.InterfaceVpcEndpoint(this, 'VPC Endpoint', { vpc, - service: new InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), + service: new ec2.InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), // Choose which availability zones to place the VPC endpoint in, based on // available AZs subnets: { @@ -654,9 +686,11 @@ AZs an endpoint service is available in, and will ensure the VPC endpoint is not These AZs will be stored in cdk.context.json. ```ts -new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { +declare const vpc: ec2.Vpc; + +new ec2.InterfaceVpcEndpoint(this, 'VPC Endpoint', { vpc, - service: new InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), + service: new ec2.InterfaceVpcEndpointService('com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc', 443), // Choose which availability zones to place the VPC endpoint in, based on // available AZs lookupSupportedAzs: true @@ -668,7 +702,12 @@ create VPC endpoints without having to configure name, ports, etc. For example, use in your VPC: ``` ts -new InterfaceVpcEndpoint(stack, 'VPC Endpoint', { vpc, service: InterfaceVpcEndpointAwsService.KEYSPACES }); +declare const vpc: ec2.Vpc; + +new ec2.InterfaceVpcEndpoint(this, 'VPC Endpoint', { + vpc, + service: ec2.InterfaceVpcEndpointAwsService.KEYSPACES, +}); ``` #### Security groups for interface VPC endpoints @@ -678,7 +717,9 @@ automatically allowed from the VPC CIDR. Use the `connections` object to allow traffic to flow to the endpoint: -```ts fixture=conns +```ts +declare const myEndpoint: ec2.InterfaceVpcEndpoint; + myEndpoint.connections.allowDefaultPortFromAnyIpv4(); ``` @@ -689,10 +730,13 @@ Alternatively, existing security groups can be used by specifying the `securityG A VPC endpoint service enables you to expose a Network Load Balancer(s) as a provider service to consumers, who connect to your service over a VPC endpoint. You can restrict access to your service via allowed principals (anything that extends ArnPrincipal), and require that new connections be manually accepted. ```ts -new VpcEndpointService(this, 'EndpointService', { +declare const networkLoadBalancer1: elbv2.NetworkLoadBalancer; +declare const networkLoadBalancer2: elbv2.NetworkLoadBalancer; + +new ec2.VpcEndpointService(this, 'EndpointService', { vpcEndpointServiceLoadBalancers: [networkLoadBalancer1, networkLoadBalancer2], acceptanceRequired: true, - allowedPrincipals: [new ArnPrincipal('arn:aws:iam::123456789012:root')] + allowedPrincipals: [new iam.ArnPrincipal('arn:aws:iam::123456789012:root')] }); ``` @@ -700,9 +744,11 @@ Endpoint services support private DNS, which makes it easier for clients to conn You can enable private DNS on an endpoint service like so: ```ts -import { VpcEndpointServiceDomainName } from '@aws-cdk/aws-route53'; +import { HostedZone, VpcEndpointServiceDomainName } from '@aws-cdk/aws-route53'; +declare const zone: HostedZone; +declare const vpces: ec2.VpcEndpointService; -new VpcEndpointServiceDomainName(stack, 'EndpointDomain', { +new VpcEndpointServiceDomainName(this, 'EndpointDomain', { endpointService: vpces, domainName: 'my-stuff.aws-cdk.dev', publicHostedZone: zone, @@ -796,7 +842,15 @@ For the full set of capabilities of this system, see the documentation for Here is an example of applying some configuration to an instance: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + new ec2.Instance(this, 'Instance', { + vpc, + instanceType, + machineImage, + // Showing the most complex setup, if you have simpler requirements // you can use `CloudFormationInit.fromElements()`. init: ec2.CloudFormationInit.fromConfigSets({ @@ -812,9 +866,9 @@ new ec2.Instance(this, 'Instance', { config: new ec2.InitConfig([ // Create a JSON file from tokens (can also create other files) ec2.InitFile.fromObject('/etc/stack.json', { - stackId: stack.stackId, - stackName: stack.stackName, - region: stack.region, + stackId: Stack.of(this).stackId, + stackName: Stack.of(this).stackName, + region: Stack.of(this).region, }), // Create a group and user @@ -834,10 +888,10 @@ new ec2.Instance(this, 'Instance', { timeout: Duration.minutes(30), // Optional, whether to include the --url argument when running cfn-init and cfn-signal commands (false by default) - includeUrl: true + includeUrl: true, // Optional, whether to include the --role argument when running cfn-init and cfn-signal commands (false by default) - includeRole: true + includeRole: true, }, }); ``` @@ -849,11 +903,13 @@ config writes a config file for nginx, extracts an archive to the root directory restarts nginx so that it picks up the new config and files: ```ts +declare const myBucket: s3.Bucket; + const handle = new ec2.InitServiceRestartHandle(); ec2.CloudFormationInit.fromElements( ec2.InitFile.fromString('/etc/nginx/nginx.conf', '...', { serviceRestartHandles: [handle] }), - ec2.InitSource.fromBucket('/var/www/html', myBucket, 'html.zip', { serviceRestartHandles: [handle] }), + ec2.InitSource.fromS3Object('/var/www/html', myBucket, 'html.zip', { serviceRestartHandles: [handle] }), ec2.InitService.enable('nginx', { serviceRestartHandle: handle, }) @@ -887,16 +943,16 @@ with the command `aws ec2-instance-connect send-ssh-public-key` to provide your EBS volume for the bastion host can be encrypted like: -```ts - const host = new ec2.BastionHostLinux(stack, 'BastionHost', { - vpc, - blockDevices: [{ - deviceName: 'EBSBastionHost', - volume: BlockDeviceVolume.ebs(10, { - encrypted: true, - }), - }], - }); +```ts fixture=with-vpc +const host = new ec2.BastionHostLinux(this, 'BastionHost', { + vpc, + blockDevices: [{ + deviceName: 'EBSBastionHost', + volume: ec2.BlockDeviceVolume.ebs(10, { + encrypted: true, + }), + }], +}); ``` ### Block Devices @@ -906,8 +962,17 @@ root device (`/dev/sda1`) size to 50 GiB, and adds another EBS-backed device map size: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + new ec2.Instance(this, 'Instance', { + vpc, + instanceType, + machineImage, + // ... + blockDevices: [ { deviceName: '/dev/sda1', @@ -931,15 +996,12 @@ A notable restriction is that a Volume can only be attached to instances in the The following demonstrates how to create a 500 GiB encrypted Volume in the `us-west-2a` availability zone, and give a role the ability to attach that Volume to a specific instance: ```ts -const instance = new ec2.Instance(this, 'Instance', { - // ... -}); -const role = new iam.Role(stack, 'SomeRole', { - assumedBy: new iam.AccountRootPrincipal(), -}); +declare const instance: ec2.Instance; +declare const role: iam.Role; + const volume = new ec2.Volume(this, 'Volume', { availabilityZone: 'us-west-2a', - size: cdk.Size.gibibytes(500), + size: Size.gibibytes(500), encrypted: true, }); @@ -952,12 +1014,8 @@ If you need to grant an instance the ability to attach/detach an EBS volume to/f will lead to an unresolvable circular reference between the instance role and the instance. In this case, use `grantAttachVolumeByResourceTag` and `grantDetachVolumeByResourceTag` as follows: ```ts -const instance = new ec2.Instance(this, 'Instance', { - // ... -}); -const volume = new ec2.Volume(this, 'Volume', { - // ... -}); +declare const instance: ec2.Instance; +declare const volume: ec2.Volume; const attachGrant = volume.grantAttachVolumeByResourceTag(instance.grantPrincipal, [instance]); const detachGrant = volume.grantDetachVolumeByResourceTag(instance.grantPrincipal, [instance]); @@ -973,12 +1031,9 @@ to attach and detach your Volumes to/from instances, and how to format them for The following is a sample skeleton of EC2 UserData that can be used to attach a Volume to the Linux instance that it is running on: ```ts -const volume = new ec2.Volume(this, 'Volume', { - // ... -}); -const instance = new ec2.Instance(this, 'Instance', { - // ... -}); +declare const instance: ec2.Instance; +declare const volume: ec2.Volume; + volume.grantAttachVolumeByResourceTag(instance.grantPrincipal, [instance]); const targetDevice = '/dev/xvdz'; instance.userData.addCommands( @@ -1005,9 +1060,18 @@ To do this for a single `Instance`, you can use the `requireImdsv2` property. The example below demonstrates IMDSv2 being required on a single `Instance`: ```ts +declare const vpc: ec2.Vpc; +declare const instanceType: ec2.InstanceType; +declare const machineImage: ec2.IMachineImage; + new ec2.Instance(this, 'Instance', { - requireImdsv2: true, + vpc, + instanceType, + machineImage, + // ... + + requireImdsv2: true, }); ``` @@ -1018,7 +1082,7 @@ The following example demonstrates how to use the `InstanceRequireImdsv2Aspect` ```ts const aspect = new ec2.InstanceRequireImdsv2Aspect(); -Aspects.of(stack).add(aspect); +Aspects.of(this).add(aspect); ``` ## VPC Flow Logs @@ -1030,6 +1094,8 @@ By default a flow log will be created with CloudWatch Logs as the destination. You can create a flow log like this: ```ts +declare const vpc: ec2.Vpc; + new ec2.FlowLog(this, 'FlowLog', { resourceType: ec2.FlowLogResourceType.fromVpc(vpc) }) @@ -1066,6 +1132,8 @@ If you want to customize any of the destination resources you can provide your o *CloudWatch Logs* ```ts +declare const vpc: ec2.Vpc; + const logGroup = new logs.LogGroup(this, 'MyCustomLogGroup'); const role = new iam.Role(this, 'MyCustomRole', { @@ -1081,6 +1149,7 @@ new ec2.FlowLog(this, 'FlowLog', { *S3* ```ts +declare const vpc: ec2.Vpc; const bucket = new s3.Bucket(this, 'MyCustomBucket'); @@ -1103,10 +1172,14 @@ User data enables you to run a script when your instances start up. In order to A user data could be configured to run a script found in an asset through the following: ```ts -const asset = new Asset(this, 'Asset', {path: path.join(__dirname, 'configure.sh')}); -const instance = new ec2.Instance(this, 'Instance', { - // ... - }); +import { Asset } from '@aws-cdk/aws-s3-assets'; + +declare const instance: ec2.Instance; + +const asset = new Asset(this, 'Asset', { + path: './configure.sh' +}); + const localPath = instance.userData.addS3DownloadCommand({ bucket:asset.bucket, bucketKey:asset.s3ObjectKey, @@ -1116,7 +1189,7 @@ instance.userData.addExecuteFileCommand({ filePath:localPath, arguments: '--verbose -y' }); -asset.grantRead( instance.role ); +asset.grantRead(instance.role); ``` ### Multipart user data @@ -1152,7 +1225,7 @@ multipartUserData.addPart(ec2.MultipartBody.fromUserData(bootHookConf, 'text/clo // Execute the rest of setup multipartUserData.addPart(ec2.MultipartBody.fromUserData(setupCommands)); -new ec2.LaunchTemplate(stack, '', { +new ec2.LaunchTemplate(this, '', { userData: multipartUserData, blockDevices: [ // Block device configuration rest @@ -1172,7 +1245,7 @@ method on `MultipartUserData` with the `makeDefault` argument set to `true`: ```ts const multipartUserData = new ec2.MultipartUserData(); const commandsUserData = ec2.UserData.forLinux(); -multipartUserData.addUserDataPart(commandsUserData, MultipartBody.SHELL_SCRIPT, true); +multipartUserData.addUserDataPart(commandsUserData, ec2.MultipartBody.SHELL_SCRIPT, true); // Adding commands to the multipartUserData adds them to commandsUserData, and vice-versa. multipartUserData.addCommands('touch /root/multi.txt'); @@ -1193,14 +1266,14 @@ Importing an existing subnet looks like this: ```ts // Supply all properties -const subnet = Subnet.fromSubnetAttributes(this, 'SubnetFromAttributes', { +const subnet1 = ec2.Subnet.fromSubnetAttributes(this, 'SubnetFromAttributes', { subnetId: 's-1234', availabilityZone: 'pub-az-4465', routeTableId: 'rt-145' }); // Supply only subnet id -const subnet = Subnet.fromSubnetId(this, 'SubnetFromId', 's-1234'); +const subnet2 = ec2.Subnet.fromSubnetId(this, 'SubnetFromId', 's-1234'); ``` ## Launch Templates @@ -1214,10 +1287,10 @@ an instance. For information on Launch Templates please see the The following demonstrates how to create a launch template with an Amazon Machine Image, and security group. ```ts -const vpc = new ec2.Vpc(...); -// ... +declare const vpc: ec2.Vpc; + const template = new ec2.LaunchTemplate(this, 'LaunchTemplate', { - machineImage: new ec2.AmazonMachineImage(), + machineImage: ec2.MachineImage.latestAmazonLinux(), securityGroup: new ec2.SecurityGroup(this, 'LaunchTemplateSG', { vpc: vpc, }), diff --git a/packages/@aws-cdk/aws-ec2/lib/security-group.ts b/packages/@aws-cdk/aws-ec2/lib/security-group.ts index 2c01da7aef943..54695f2d17b71 100644 --- a/packages/@aws-cdk/aws-ec2/lib/security-group.ts +++ b/packages/@aws-cdk/aws-ec2/lib/security-group.ts @@ -308,7 +308,7 @@ export interface SecurityGroupImportOptions { * you would import it like this: * * ```ts - * const securityGroup = SecurityGroup.fromSecurityGroupId(this, 'SG', 'sg-12345', { + * const securityGroup = ec2.SecurityGroup.fromSecurityGroupId(this, 'SG', 'sg-12345', { * mutable: false * }); * ``` diff --git a/packages/@aws-cdk/aws-ec2/lib/user-data.ts b/packages/@aws-cdk/aws-ec2/lib/user-data.ts index 14b94d2d2ad4a..1e92eb888e6f8 100644 --- a/packages/@aws-cdk/aws-ec2/lib/user-data.ts +++ b/packages/@aws-cdk/aws-ec2/lib/user-data.ts @@ -489,7 +489,11 @@ export class MultipartUserData extends UserData { * If `makeDefault` is false, then this is the same as calling: * * ```ts - * multiPart.addPart(MultipartBody.fromUserData(userData, contentType)); + * declare const multiPart: ec2.MultipartUserData; + * declare const userData: ec2.UserData; + * declare const contentType: string; + * + * multiPart.addPart(ec2.MultipartBody.fromUserData(userData, contentType)); * ``` * * An undefined `makeDefault` defaults to either: diff --git a/packages/@aws-cdk/aws-ec2/lib/volume.ts b/packages/@aws-cdk/aws-ec2/lib/volume.ts index a25ca459b7c63..87e92b3f5006a 100644 --- a/packages/@aws-cdk/aws-ec2/lib/volume.ts +++ b/packages/@aws-cdk/aws-ec2/lib/volume.ts @@ -19,7 +19,7 @@ export interface BlockDevice { /** * The device name exposed to the EC2 instance * - * @example '/dev/sdh', 'xvdh' + * For example, a value like `/dev/sdh`, `xvdh`. * * @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html */ @@ -28,8 +28,7 @@ export interface BlockDevice { /** * Defines the block device volume, to be either an Amazon EBS volume or an ephemeral instance store volume * - * @example BlockDeviceVolume.ebs(15), BlockDeviceVolume.ephemeral(0) - * + * For example, a value like `BlockDeviceVolume.ebs(15)`, `BlockDeviceVolume.ephemeral(0)`. */ readonly volume: BlockDeviceVolume; diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts index de64072868391..3282da410d09a 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts @@ -121,6 +121,8 @@ export interface GatewayVpcEndpointOptions { * @default - All subnets in the VPC * @example * + * declare const vpc: ec2.Vpc; + * * vpc.addGatewayEndpoint('DynamoDbEndpoint', { * service: ec2.GatewayVpcEndpointAwsService.DYNAMODB, * // Add only to ISOLATED subnets diff --git a/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture b/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture index 4886d590211df..34c83a31ced35 100644 --- a/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture +++ b/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture @@ -9,7 +9,7 @@ class Fixture extends Stack { const vpc = new ec2.Vpc(this, 'VPC'); const samlProvider = new iam.SamlProvider(this, 'Provider', { - metadataDocument: SamlMetadataDocument.fromXml('xml'), + metadataDocument: iam.SamlMetadataDocument.fromXml('xml'), }) /// here diff --git a/packages/@aws-cdk/aws-ec2/rosetta/conns.ts-fixture b/packages/@aws-cdk/aws-ec2/rosetta/conns.ts-fixture deleted file mode 100644 index f29d9a1816a6e..0000000000000 --- a/packages/@aws-cdk/aws-ec2/rosetta/conns.ts-fixture +++ /dev/null @@ -1,26 +0,0 @@ -// Fixture with fake connectables -import { Construct, Stack } from '@aws-cdk/core'; -import ec2 = require('@aws-cdk/aws-ec2'); - -class Fixture extends Stack { - constructor(scope: Construct, id: string) { - super(scope, id); - - const vpc = new ec2.Vpc(this, 'VPC'); - - const loadBalancer = new FakeConnectable(); - const appFleet = new FakeConnectable(); - const dbFleet = new FakeConnectable(); - const rdsDatabase = new FakeConnectable(); - const fleet1 = new FakeConnectable(); - const fleet2 = new FakeConnectable(); - const listener = new FakeConnectable(); - const myEndpoint = new FakeConnectable(); - - /// here - } -} - -class FakeConnectable implements ec2.IConnectable { - public readonly connections = new ec2.Connections({ securityGroups: [] }); -} diff --git a/packages/@aws-cdk/aws-ec2/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-ec2/rosetta/default.ts-fixture index d4ecd7e92a6f1..df2d29f125b46 100644 --- a/packages/@aws-cdk/aws-ec2/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-ec2/rosetta/default.ts-fixture @@ -1,7 +1,13 @@ // Fixture with packages imported, but nothing else -import { Construct, Stack } from '@aws-cdk/core'; +import { Aspects, Construct, Duration, Fn, Size, Stack, StackProps } from '@aws-cdk/core'; import ec2 = require('@aws-cdk/aws-ec2'); +import s3 = require('@aws-cdk/aws-s3'); import iam = require('@aws-cdk/aws-iam'); +import logs = require('@aws-cdk/aws-logs'); +import ssm = require('@aws-cdk/aws-ssm'); +import autoscaling = require('@aws-cdk/aws-autoscaling'); +import elbv2 = require('@aws-cdk/aws-elasticloadbalancingv2'); +import rds = require('@aws-cdk/aws-rds'); class Fixture extends Stack { constructor(scope: Construct, id: string) { From 6aa86d590d5e06c64677161d970eb39a77f8fd99 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 27 Oct 2021 19:04:44 +0200 Subject: [PATCH 18/40] chore(elbv2): make examples compile (#17162) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-elasticloadbalancingv2/README.md | 131 +++++++++++------- .../rosetta/default.ts-fixture | 17 +++ 2 files changed, 100 insertions(+), 48 deletions(-) create mode 100644 packages/@aws-cdk/aws-elasticloadbalancingv2/rosetta/default.ts-fixture diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md index f3d23b5e827cf..34755353fb202 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md @@ -26,13 +26,10 @@ You define an application load balancer by creating an instance of and adding Targets to the Listener: ```ts -import * as ec2 from '@aws-cdk/aws-ec2'; -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import { AutoScalingGroup } from '@aws-cdk/aws-autoscaling'; +declare const asg: AutoScalingGroup; -// ... - -const vpc = new ec2.Vpc(...); +declare const vpc: ec2.Vpc; // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. @@ -54,7 +51,6 @@ const listener = lb.addListener('Listener', { // Create an AutoScaling group and add it as a load balancing // target to the listener. -const asg = new AutoScalingGroup(...); listener.addTargets('ApplicationFleet', { port: 8080, targets: [asg] @@ -68,14 +64,16 @@ One (or more) security groups can be associated with the load balancer; if a security group isn't provided, one will be automatically created. ```ts -const securityGroup1 = new ec2.SecurityGroup(stack, 'SecurityGroup1', { vpc }); +declare const vpc: ec2.Vpc; + +const securityGroup1 = new ec2.SecurityGroup(this, 'SecurityGroup1', { vpc }); const lb = new elbv2.ApplicationLoadBalancer(this, 'LB', { vpc, internetFacing: true, securityGroup: securityGroup1, // Optional - will be automatically created otherwise }); -const securityGroup2 = new ec2.SecurityGroup(stack, 'SecurityGroup2', { vpc }); +const securityGroup2 = new ec2.SecurityGroup(this, 'SecurityGroup2', { vpc }); lb.addSecurityGroup(securityGroup2); ``` @@ -87,11 +85,14 @@ AutoScalingGroup only if the requested host in the request is either for `example.com/ok` or `example.com/path`: ```ts +declare const listener: elbv2.ApplicationListener; +declare const asg: autoscaling.AutoScalingGroup; + listener.addTargets('Example.Com Fleet', { priority: 10, conditions: [ - ListenerCondition.hostHeaders(['example.com']), - ListenerCondition.pathPatterns(['/ok', '/path']), + elbv2.ListenerCondition.hostHeaders(['example.com']), + elbv2.ListenerCondition.pathPatterns(['/ok', '/path']), ], port: 8080, targets: [asg] @@ -149,12 +150,14 @@ Balancer that the other two convenience methods don't: Here's an example of serving a fixed response at the `/ok` URL: ```ts +declare const listener: elbv2.ApplicationListener; + listener.addAction('Fixed', { priority: 10, conditions: [ - ListenerCondition.pathPatterns(['/ok']), + elbv2.ListenerCondition.pathPatterns(['/ok']), ], - action: ListenerAction.fixedResponse(200, { + action: elbv2.ListenerAction.fixedResponse(200, { contentType: elbv2.ContentType.TEXT_PLAIN, messageBody: 'OK', }) @@ -164,12 +167,21 @@ listener.addAction('Fixed', { Here's an example of using OIDC authentication before forwarding to a TargetGroup: ```ts +declare const listener: elbv2.ApplicationListener; +declare const myTargetGroup: elbv2.ApplicationTargetGroup; + listener.addAction('DefaultAction', { - action: ListenerAction.authenticateOidc({ + action: elbv2.ListenerAction.authenticateOidc({ authorizationEndpoint: 'https://example.com/openid', // Other OIDC properties here - // ... - next: ListenerAction.forward([myTargetGroup]), + clientId: '...', + clientSecret: SecretValue.secretsManager('...'), + issuer: '...', + tokenEndpoint: '...', + userInfoEndpoint: '...', + + // Next + next: elbv2.ListenerAction.forward([myTargetGroup]), }), }); ``` @@ -177,6 +189,8 @@ listener.addAction('DefaultAction', { If you just want to redirect all incoming traffic on one port to another port, you can use the following code: ```ts +declare const lb: elbv2.ApplicationLoadBalancer; + lb.addRedirect({ sourceProtocol: elbv2.ApplicationProtocol.HTTPS, sourcePort: 8443, @@ -196,9 +210,8 @@ Network Load Balancers are defined in a similar way to Application Load Balancers: ```ts -import * as ec2 from '@aws-cdk/aws-ec2'; -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; -import * as autoscaling from '@aws-cdk/aws-autoscaling'; +declare const vpc: ec2.Vpc; +declare const asg: autoscaling.AutoScalingGroup; // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. @@ -243,6 +256,10 @@ and add it to the listener by calling `addTargetGroups` instead of `addTargets`. `addTargets()` will always return the Target Group it just created for you: ```ts +declare const listener: elbv2.NetworkListener; +declare const asg1: autoscaling.AutoScalingGroup; +declare const asg2: autoscaling.AutoScalingGroup; + const group = listener.addTargets('AppFleet', { port: 443, targets: [asg1], @@ -258,19 +275,21 @@ By default, an Application Load Balancer routes each request independently to a Application Load Balancers support both duration-based cookies (`lb_cookie`) and application-based cookies (`app_cookie`). The key to managing sticky sessions is determining how long your load balancer should consistently route the user's request to the same target. Sticky sessions are enabled at the target group level. You can use a combination of duration-based stickiness, application-based stickiness, and no stickiness across all of your target groups. ```ts +declare const vpc: ec2.Vpc; + // Target group with duration-based stickiness with load-balancer generated cookie -const tg1 = new elbv2.ApplicationTargetGroup(stack, 'TG1', { +const tg1 = new elbv2.ApplicationTargetGroup(this, 'TG1', { targetType: elbv2.TargetType.INSTANCE, port: 80, - stickinessCookieDuration: cdk.Duration.minutes(5), + stickinessCookieDuration: Duration.minutes(5), vpc, }); // Target group with application-based stickiness -const tg2 = new elbv2.ApplicationTargetGroup(stack, 'TG2', { +const tg2 = new elbv2.ApplicationTargetGroup(this, 'TG2', { targetType: elbv2.TargetType.INSTANCE, port: 80, - stickinessCookieDuration: cdk.Duration.minutes(5), + stickinessCookieDuration: Duration.minutes(5), stickinessCookieName: 'MyDeliciousCookie', vpc, }); @@ -283,7 +302,9 @@ For more information see: https://docs.aws.amazon.com/elasticloadbalancing/lates By default, Application Load Balancers send requests to targets using HTTP/1.1. You can use the [protocol version](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-protocol-version) to send requests to targets using HTTP/2 or gRPC. ```ts -const tg = new elbv2.ApplicationTargetGroup(stack, 'TG', { +declare const vpc: ec2.Vpc; + +const tg = new elbv2.ApplicationTargetGroup(this, 'TG', { targetType: elbv2.TargetType.IP, port: 50051, protocol: elbv2.ApplicationProtocol.HTTP, @@ -303,11 +324,10 @@ To use a Lambda Function as a target, use the integration class in the ```ts import * as lambda from '@aws-cdk/aws-lambda'; -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import * as targets from '@aws-cdk/aws-elasticloadbalancingv2-targets'; -const lambdaFunction = new lambda.Function(...); -const lb = new elbv2.ApplicationLoadBalancer(...); +declare const lambdaFunction: lambda.Function; +declare const lb: elbv2.ApplicationLoadBalancer; const listener = lb.addListener('Listener', { port: 80 }); listener.addTargets('Targets', { @@ -329,11 +349,12 @@ To use a single application load balancer as a target for the network load balan `@aws-cdk/aws-elasticloadbalancingv2-targets` package: ```ts -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import * as targets from '@aws-cdk/aws-elasticloadbalancingv2-targets'; import * as ecs from '@aws-cdk/aws-ecs'; import * as patterns from '@aws-cdk/aws-ecs-patterns'; +declare const vpc: ec2.Vpc; + const task = new ecs.FargateTaskDefinition(this, 'Task', { cpu: 256, memoryLimitMiB: 512 }); task.addContainer('nginx', { image: ecs.ContainerImage.fromRegistry('public.ecr.aws/nginx/nginx:latest'), @@ -369,12 +390,15 @@ Only the network load balancer is allowed to add the application load balancer a Health checks are configured upon creation of a target group: ```ts +declare const listener: elbv2.ApplicationListener; +declare const asg: autoscaling.AutoScalingGroup; + listener.addTargets('AppFleet', { port: 8080, targets: [asg], healthCheck: { path: '/ping', - interval: cdk.Duration.minutes(1), + interval: Duration.minutes(1), } }); ``` @@ -388,15 +412,19 @@ you're routing traffic to, the security group already allows the traffic. If not, you will have to configure the security groups appropriately: ```ts +declare const lb: elbv2.ApplicationLoadBalancer; +declare const listener: elbv2.ApplicationListener; +declare const asg: autoscaling.AutoScalingGroup; + listener.addTargets('AppFleet', { port: 8080, targets: [asg], healthCheck: { - port: 8088, + port: '8088', } }); -listener.connections.allowFrom(lb, ec2.Port.tcp(8088)); +asg.connections.allowFrom(lb, ec2.Port.tcp(8088)); ``` ## Using a Load Balancer from a different Stack @@ -424,12 +452,15 @@ call functions on the load balancer and should return metadata about the load balancing target: ```ts -public attachToApplicationTargetGroup(targetGroup: ApplicationTargetGroup): LoadBalancerTargetProps { - targetGroup.registerConnectable(...); - return { - targetType: TargetType.Instance | TargetType.Ip - targetJson: { id: ..., port: ... }, - }; +class MyTarget implements elbv2.IApplicationLoadBalancerTarget { + public attachToApplicationTargetGroup(targetGroup: elbv2.ApplicationTargetGroup): elbv2.LoadBalancerTargetProps { + // If we need to add security group rules + // targetGroup.registerConnectable(...); + return { + targetType: elbv2.TargetType.IP, + targetJson: { id: '1.2.3.4', port: 8080 }, + }; + } } ``` @@ -445,12 +476,16 @@ group rules. If your load balancer target requires that the TargetGroup has been associated with a LoadBalancer before registration can happen (such as is the case for ECS Services for example), take a resource dependency on -`targetGroup.loadBalancerDependency()` as follows: +`targetGroup.loadBalancerAttached` as follows: ```ts +declare const resource: Resource; +declare const targetGroup: elbv2.ApplicationTargetGroup; + // Make sure that the listener has been created, and so the TargetGroup // has been associated with the LoadBalancer, before 'resource' is created. -resourced.addDependency(targetGroup.loadBalancerDependency()); + +Node.of(resource).addDependency(targetGroup.loadBalancerAttached); ``` ## Looking up Load Balancers and Listeners @@ -478,15 +513,15 @@ provide more specific criteria. **Look up a Application Load Balancer by ARN** ```ts -const loadBalancer = ApplicationLoadBalancer.fromLookup(stack, 'ALB', { - loadBalancerArn: YOUR_ALB_ARN, +const loadBalancer = elbv2.ApplicationLoadBalancer.fromLookup(this, 'ALB', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-2:123456789012:loadbalancer/app/my-load-balancer/1234567890123456', }); ``` **Look up an Application Load Balancer by tags** ```ts -const loadBalancer = ApplicationLoadBalancer.fromLookup(stack, 'ALB', { +const loadBalancer = elbv2.ApplicationLoadBalancer.fromLookup(this, 'ALB', { loadBalancerTags: { // Finds a load balancer matching all tags. some: 'tag', @@ -512,9 +547,9 @@ criteria. **Look up a Listener by associated Load Balancer, Port, and Protocol** ```ts -const listener = ApplicationListener.fromLookup(stack, 'ALBListener', { - loadBalancerArn: YOUR_ALB_ARN, - listenerProtocol: ApplicationProtocol.HTTPS, +const listener = elbv2.ApplicationListener.fromLookup(this, 'ALBListener', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-2:123456789012:loadbalancer/app/my-load-balancer/1234567890123456', + listenerProtocol: elbv2.ApplicationProtocol.HTTPS, listenerPort: 443, }); ``` @@ -522,11 +557,11 @@ const listener = ApplicationListener.fromLookup(stack, 'ALBListener', { **Look up a Listener by associated Load Balancer Tag, Port, and Protocol** ```ts -const listener = ApplicationListener.fromLookup(stack, 'ALBListener', { +const listener = elbv2.ApplicationListener.fromLookup(this, 'ALBListener', { loadBalancerTags: { Cluster: 'MyClusterName', }, - listenerProtocol: ApplicationProtocol.HTTPS, + listenerProtocol: elbv2.ApplicationProtocol.HTTPS, listenerPort: 443, }); ``` @@ -534,11 +569,11 @@ const listener = ApplicationListener.fromLookup(stack, 'ALBListener', { **Look up a Network Listener by associated Load Balancer Tag, Port, and Protocol** ```ts -const listener = NetworkListener.fromLookup(stack, 'ALBListener', { +const listener = elbv2.NetworkListener.fromLookup(this, 'ALBListener', { loadBalancerTags: { Cluster: 'MyClusterName', }, - listenerProtocol: Protocol.TCP, + listenerProtocol: elbv2.Protocol.TCP, listenerPort: 12345, }); ``` diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-elasticloadbalancingv2/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..8a21c6ec4d9a6 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/rosetta/default.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported, but nothing else +import { Construct, Node } from 'constructs'; +import { CfnOutput, Stack, Duration, Resource, SecretValue } from '@aws-cdk/core'; +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as autoscaling from '@aws-cdk/aws-autoscaling'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} + + + From d298696a7d8978296a34294484cea80f91ebe880 Mon Sep 17 00:00:00 2001 From: James Lakin Date: Wed, 27 Oct 2021 18:55:18 +0100 Subject: [PATCH 19/40] feat(core): Docker tags can be prefixed (#17028) This adds a container image equivalent of the `bucketPrefix` option for file assets. CDK assets works very well to make deploying applications easy, but I often find the contents of the S3 bucket and ECR repo to be a mess of alphabetti spaghetti over time. These options should help to provide some context in future cleanup operations. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../stack-synthesizers/default-synthesizer.ts | 19 +++++++++++++-- .../new-style-synthesis.test.ts | 24 +++++++++++++++++++ 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts index aae69e36ef24e..d8e1f8818abc4 100644 --- a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts +++ b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts @@ -168,11 +168,20 @@ export interface DefaultStackSynthesizerProps { /** * bucketPrefix to use while storing S3 Assets * - * * @default - DefaultStackSynthesizer.DEFAULT_FILE_ASSET_PREFIX */ readonly bucketPrefix?: string; + /** + * A prefix to use while tagging and uploading Docker images to ECR. + * + * This does not add any separators - the source hash will be appended to + * this string directly. + * + * @default - DefaultStackSynthesizer.DEFAULT_DOCKER_ASSET_PREFIX + */ + readonly dockerTagPrefix?: string; + /** * Bootstrap stack version SSM parameter. * @@ -242,6 +251,10 @@ export class DefaultStackSynthesizer extends StackSynthesizer { * Default file asset prefix */ public static readonly DEFAULT_FILE_ASSET_PREFIX = ''; + /** + * Default Docker asset prefix + */ + public static readonly DEFAULT_DOCKER_ASSET_PREFIX = ''; /** * Default bootstrap stack version SSM parameter. @@ -258,6 +271,7 @@ export class DefaultStackSynthesizer extends StackSynthesizer { private lookupRoleArn?: string; private qualifier?: string; private bucketPrefix?: string; + private dockerTagPrefix?: string; private bootstrapStackVersionSsmParameter?: string; private readonly files: NonNullable = {}; @@ -319,6 +333,7 @@ export class DefaultStackSynthesizer extends StackSynthesizer { this.imageAssetPublishingRoleArn = specialize(this.props.imageAssetPublishingRoleArn ?? DefaultStackSynthesizer.DEFAULT_IMAGE_ASSET_PUBLISHING_ROLE_ARN); this.lookupRoleArn = specialize(this.props.lookupRoleArn ?? DefaultStackSynthesizer.DEFAULT_LOOKUP_ROLE_ARN); this.bucketPrefix = specialize(this.props.bucketPrefix ?? DefaultStackSynthesizer.DEFAULT_FILE_ASSET_PREFIX); + this.dockerTagPrefix = specialize(this.props.dockerTagPrefix ?? DefaultStackSynthesizer.DEFAULT_DOCKER_ASSET_PREFIX); this.bootstrapStackVersionSsmParameter = replaceAll( this.props.bootstrapStackVersionSsmParameter ?? DefaultStackSynthesizer.DEFAULT_BOOTSTRAP_STACK_VERSION_SSM_PARAMETER, '${Qualifier}', @@ -372,7 +387,7 @@ export class DefaultStackSynthesizer extends StackSynthesizer { assertBound(this.repositoryName); validateDockerImageAssetSource(asset); - const imageTag = asset.sourceHash; + const imageTag = this.dockerTagPrefix + asset.sourceHash; // Add to manifest this.dockerImages[asset.sourceHash] = { diff --git a/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts b/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts index 3a8d8c1e60b31..80303a4bbcf22 100644 --- a/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts +++ b/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts @@ -337,6 +337,30 @@ describe('new style synthesis', () => { }); + test('synthesis with dockerPrefix', () => { + // GIVEN + const myapp = new App(); + + // WHEN + const mystack = new Stack(myapp, 'mystack-dockerPrefix', { + synthesizer: new DefaultStackSynthesizer({ + dockerTagPrefix: 'test-prefix-', + }), + }); + + mystack.synthesizer.addDockerImageAsset({ + directoryName: 'some-folder', + sourceHash: 'docker-asset-hash', + }); + + const asm = myapp.synth(); + + // THEN + const manifest = readAssetManifest(getAssetManifest(asm)); + const imageTag = manifest.dockerImages?.['docker-asset-hash']?.destinations?.['current_account-current_region'].imageTag; + expect(imageTag).toEqual('test-prefix-docker-asset-hash'); + }); + test('cannot use same synthesizer for multiple stacks', () => { // GIVEN const synthesizer = new DefaultStackSynthesizer(); From e5095b2cbda7422bd6e67aab6ad949294b0b8ef2 Mon Sep 17 00:00:00 2001 From: niku <10890+niku@users.noreply.github.com> Date: Thu, 28 Oct 2021 03:48:30 +0900 Subject: [PATCH 20/40] chore(cx-api): return type of futureFlagDefault is incorrect (#17026) If invalid flag were given to futureFlagDefault, it returns `undefined`. As you see in changed files, I don't modify production codes. I only fix return type of the `futureFlagDefault` and add a test to describe when it runs into. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/cx-api/lib/features.ts | 2 +- packages/@aws-cdk/cx-api/test/features.test.ts | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 986be7f4e136b..37c9aace0ce86 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -220,6 +220,6 @@ const FUTURE_FLAGS_DEFAULTS: { [key: string]: boolean } = { [CLOUDFRONT_DEFAULT_SECURITY_POLICY_TLS_V1_2_2021]: false, }; -export function futureFlagDefault(flag: string): boolean { +export function futureFlagDefault(flag: string): boolean | undefined { return FUTURE_FLAGS_DEFAULTS[flag]; } diff --git a/packages/@aws-cdk/cx-api/test/features.test.ts b/packages/@aws-cdk/cx-api/test/features.test.ts index 2aaa774b7b1c5..afc9c0838d7da 100644 --- a/packages/@aws-cdk/cx-api/test/features.test.ts +++ b/packages/@aws-cdk/cx-api/test/features.test.ts @@ -7,6 +7,10 @@ test('all future flags have defaults configured', () => { }); }); +test('futureFlagDefault returns undefined if non existent flag was given', () => { + expect(feats.futureFlagDefault('non-existent-flag')).toEqual(undefined); +}); + testLegacyBehavior('FUTURE_FLAGS_EXPIRED must be empty in CDKv1', Object, () => { expect(feats.FUTURE_FLAGS_EXPIRED.length).toEqual(0); }); From 354686b189377dd1daae7ba616e8fb62488d9855 Mon Sep 17 00:00:00 2001 From: "Michael R. Torres" <6692889+micrictor@users.noreply.github.com> Date: Wed, 27 Oct 2021 12:40:55 -0700 Subject: [PATCH 21/40] fix(custom-resources): invalid service name leads to unhelpful error message (#16718) fix(custom-resources): improve AwsSdkCall service error Makes the error that occurs when an invalid service name is supplied more explicit. Closes #7312 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/aws-custom-resource/runtime/index.ts | 3 ++ .../aws-custom-resource-provider.test.ts | 33 +++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/runtime/index.ts b/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/runtime/index.ts index a805fc8c2bf4d..e88b441637cfc 100644 --- a/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/runtime/index.ts +++ b/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/runtime/index.ts @@ -176,6 +176,9 @@ export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent } + if (!Object.prototype.hasOwnProperty.call(AWS, call.service)) { + throw Error(`Service ${call.service} does not exist in AWS SDK version ${AWS.VERSION}.`); + } const awsService = new (AWS as any)[call.service]({ apiVersion: call.apiVersion, region: call.region, diff --git a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource-provider.test.ts b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource-provider.test.ts index 8a4786a138468..aa8a9589d1fdb 100644 --- a/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource-provider.test.ts +++ b/packages/@aws-cdk/custom-resources/test/aws-custom-resource/aws-custom-resource-provider.test.ts @@ -467,3 +467,36 @@ test('installs the latest SDK', async () => { // clean up aws-sdk install await fs.remove(tmpPath); }); + +test('invalid service name throws explicit error', async () => { + const publishFake = sinon.fake.resolves({}); + + AWS.mock('SNS', 'publish', publishFake); + + const event: AWSLambda.CloudFormationCustomResourceCreateEvent = { + ...eventCommon, + RequestType: 'Create', + ResourceProperties: { + ServiceToken: 'token', + Create: JSON.stringify({ + service: 'thisisnotarealservice', + action: 'publish', + parameters: { + Message: 'message', + TopicArn: 'topic', + }, + physicalResourceId: PhysicalResourceId.of('id'), + } as AwsSdkCall), + }, + }; + + const request = createRequest(body => + body.Status === 'FAILED' && + body.Reason!.startsWith('Service thisisnotarealservice does not exist'), + ); + + await handler(event, {} as AWSLambda.Context); + + expect(request.isDone()).toBeTruthy(); +}); + From 322cf10ef3257b9d20d898882a14de91110a0033 Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Wed, 27 Oct 2021 22:32:54 +0200 Subject: [PATCH 22/40] feat(cli): deployment progress shows stack name (#16604) Allows to filter logs based on stack name, gives more context when looking at a log line in a log file. Useful in CI when multiple stacks are deployed in a run. (similar to lerna adding the package name) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../cloudformation/stack-activity-monitor.ts | 5 ++- .../test/api/stack-activity-monitor.test.ts | 42 +++++++++---------- 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts index 73075a41fee27..e956e63e3704c 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts @@ -523,8 +523,9 @@ export class HistoryActivityPrinter extends ActivityPrinterBase { this.stream.write( util.format( - ' %s%s | %s | %s | %s %s%s%s\n', - (progress !== false ? ` ${this.progress()} | ` : ''), + '%s | %s%s | %s | %s | %s %s%s%s\n', + e.StackName, + (progress !== false ? `${this.progress()} | ` : ''), new Date(e.Timestamp).toLocaleTimeString(), color(padRight(STATUS_WIDTH, (e.ResourceStatus || '').substr(0, STATUS_WIDTH))), // pad left and trim padRight(this.props.resourceTypeColumnWidth, e.ResourceType || ''), diff --git a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts index c76ddda1ceb00..b793acda8b68b 100644 --- a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts +++ b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts @@ -27,12 +27,12 @@ test('prints 0/4 progress report, when addActivity is called with an "IN_PROGRES ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); }); - expect(output[0].trim()).toStrictEqual(`0/4 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 0/4 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); }); test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COMPLETE" ResourceStatus', () => { @@ -51,12 +51,12 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); }); - expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); }); test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COMPLETE_CLEAN_IN_PROGRESS" ResourceStatus', () => { @@ -75,12 +75,12 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); }); - expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE_CLEA')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 1/4 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE_CLEA')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); }); @@ -100,12 +100,12 @@ test('prints 1/4 progress report, when addActivity is called with an "ROLLBACK_C ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); }); - expect(output[0].trim()).toStrictEqual(`1/4 | ${HUMAN_TIME} | ${yellow('ROLLBACK_COMPLETE_CL')} | AWS::CloudFormation::Stack | ${yellow(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 1/4 | ${HUMAN_TIME} | ${yellow('ROLLBACK_COMPLETE_CL')} | AWS::CloudFormation::Stack | ${yellow(bold('stack1'))}`); }); test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAILED" ResourceStatus', () => { @@ -124,12 +124,12 @@ test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAI ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); }); - expect(output[0].trim()).toStrictEqual(`0/4 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 0/4 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); }); @@ -149,7 +149,7 @@ test('does not print "Failed Resources:" list, when all deployments are successf ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); historyActivityPrinter.addActivity({ @@ -160,7 +160,7 @@ test('does not print "Failed Resources:" list, when all deployments are successf ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); historyActivityPrinter.addActivity({ @@ -171,16 +171,16 @@ test('does not print "Failed Resources:" list, when all deployments are successf ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); historyActivityPrinter.stop(); }); expect(output.length).toStrictEqual(3); - expect(output[0].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); - expect(output[1].trim()).toStrictEqual(`1/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); - expect(output[2].trim()).toStrictEqual(`2/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack2'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[1].trim()).toStrictEqual(`stack-name | 1/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack1'))}`); + expect(output[2].trim()).toStrictEqual(`stack-name | 2/2 | ${HUMAN_TIME} | ${green('UPDATE_COMPLETE ')} | AWS::CloudFormation::Stack | ${green(bold('stack2'))}`); }); test('prints "Failed Resources:" list, when at least one deployment fails', () => { @@ -199,7 +199,7 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); historyActivityPrinter.addActivity({ @@ -210,15 +210,15 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = ResourceType: 'AWS::CloudFormation::Stack', StackId: '', EventId: '', - StackName: '', + StackName: 'stack-name', }, }); historyActivityPrinter.stop(); }); expect(output.length).toStrictEqual(4); - expect(output[0].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); - expect(output[1].trim()).toStrictEqual(`0/2 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); + expect(output[0].trim()).toStrictEqual(`stack-name | 0/2 | ${HUMAN_TIME} | ${reset('IN_PROGRESS ')} | AWS::CloudFormation::Stack | ${reset(bold('stack1'))}`); + expect(output[1].trim()).toStrictEqual(`stack-name | 0/2 | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); expect(output[2].trim()).toStrictEqual('Failed resources:'); - expect(output[3].trim()).toStrictEqual(`${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); + expect(output[3].trim()).toStrictEqual(`stack-name | ${HUMAN_TIME} | ${red('UPDATE_FAILED ')} | AWS::CloudFormation::Stack | ${red(bold('stack1'))}`); }); From 3cfe8a2df9edfb3133e470eb8f2274efcc2adda1 Mon Sep 17 00:00:00 2001 From: vincent-turato <39069200+vincent-turato@users.noreply.github.com> Date: Wed, 27 Oct 2021 14:24:25 -0700 Subject: [PATCH 23/40] feat(cloudtrail): selector for management event exclusions (#16546) Closes: #16273 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts | 24 ++++++++ .../aws-cloudtrail/test/cloudtrail.test.ts | 55 ++++++++++++++++++- 2 files changed, 78 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts b/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts index 245c60600c08e..12cf079c5279e 100644 --- a/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts +++ b/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts @@ -334,6 +334,7 @@ export class Trail extends Resource { values: dataResourceValues, }], includeManagementEvents: options.includeManagementEvents, + excludeManagementEventSources: options.excludeManagementEventSources, readWriteType: options.readWriteType, }); } @@ -424,6 +425,28 @@ export interface AddEventSelectorOptions { * @default true */ readonly includeManagementEvents?: boolean; + + /** + * An optional list of service event sources from which you do not want management events to be logged on your trail. + * + * @default [] + */ + readonly excludeManagementEventSources?: ManagementEventSources[]; +} + +/** + * Types of management event sources that can be excluded + */ +export enum ManagementEventSources { + /** + * AWS Key Management Service (AWS KMS) events + */ + KMS = 'kms.amazonaws.com', + + /** + * Data API events + */ + RDS_DATA_API = 'rdsdata.amazonaws.com', } /** @@ -457,6 +480,7 @@ export enum DataResourceType { interface EventSelector { readonly includeManagementEvents?: boolean; + readonly excludeManagementEventSources?: string[]; readonly readWriteType?: ReadWriteType; readonly dataResources?: EventSelectorData[]; } diff --git a/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts b/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts index 9e17345368785..c00f01d43acc4 100644 --- a/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts +++ b/packages/@aws-cdk/aws-cloudtrail/test/cloudtrail.test.ts @@ -7,7 +7,7 @@ import { LogGroup, RetentionDays } from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; import * as sns from '@aws-cdk/aws-sns'; import { Stack } from '@aws-cdk/core'; -import { ReadWriteType, Trail } from '../lib'; +import { ManagementEventSources, ReadWriteType, Trail } from '../lib'; const ExpectedBucketPolicyProperties = { PolicyDocument: { @@ -446,6 +446,59 @@ describe('cloudtrail', () => { }); }); + test('exclude management events', () => { + const stack = getTestStack(); + const bucket = new s3.Bucket(stack, 'testBucket', { bucketName: 'test-bucket' }); + const cloudTrail = new Trail(stack, 'MyAmazingCloudTrail'); + cloudTrail.addS3EventSelector([{ bucket }], { + excludeManagementEventSources: [ + ManagementEventSources.KMS, + ManagementEventSources.RDS_DATA_API, + ], + }); + cloudTrail.addS3EventSelector([{ bucket }], { + excludeManagementEventSources: [], + }); + + expect(stack).toHaveResourceLike('AWS::CloudTrail::Trail', { + EventSelectors: [ + { + DataResources: [{ + Type: 'AWS::S3::Object', + Values: [{ + 'Fn::Join': [ + '', + [ + { 'Fn::GetAtt': ['testBucketDF4D7D1A', 'Arn'] }, + '/', + ], + ], + }], + }], + ExcludeManagementEventSources: [ + 'kms.amazonaws.com', + 'rdsdata.amazonaws.com', + ], + }, + { + DataResources: [{ + Type: 'AWS::S3::Object', + Values: [{ + 'Fn::Join': [ + '', + [ + { 'Fn::GetAtt': ['testBucketDF4D7D1A', 'Arn'] }, + '/', + ], + ], + }], + }], + ExcludeManagementEventSources: [], + }, + ], + }); + }); + test('for Lambda function data event', () => { const stack = getTestStack(); const lambdaFunction = new lambda.Function(stack, 'LambdaFunction', { From dbb3f25904403bfc020a081e94270f5c16a7606f Mon Sep 17 00:00:00 2001 From: Alban Esc Date: Wed, 27 Oct 2021 15:16:33 -0700 Subject: [PATCH 24/40] feat(events): DLQ support for EventBus target (#16383) Closes #15954. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-events-targets/README.md | 22 +++++- .../aws-events-targets/lib/event-bus.ts | 35 ++++++--- .../test/event-bus/event-rule-target.test.ts | 78 ++++++++++++++++++- .../event-bus/integ.event-bus.expected.json | 54 ++++++++++++- .../test/event-bus/integ.event-bus.ts | 7 ++ 5 files changed, 184 insertions(+), 12 deletions(-) diff --git a/packages/@aws-cdk/aws-events-targets/README.md b/packages/@aws-cdk/aws-events-targets/README.md index 76d25eab83dd3..1282cee012c5e 100644 --- a/packages/@aws-cdk/aws-events-targets/README.md +++ b/packages/@aws-cdk/aws-events-targets/README.md @@ -28,7 +28,7 @@ Currently supported are: * Put a record to a Kinesis stream * [Log an event into a LogGroup](#log-an-event-into-a-loggroup) * Put a record to a Kinesis Data Firehose stream -* Put an event on an EventBridge bus +* [Put an event on an EventBridge bus](#put-an-event-on-an-eventbridge-bus) See the README of the `@aws-cdk/aws-events` library for more information on EventBridge. @@ -266,3 +266,23 @@ rule.addTarget( } ), ) ``` + +## Put an event on an EventBridge bus + +Use the `EventBus` target to route event to a different EventBus. + +The code snippet below creates the scheduled event rule that route events to an imported event bus. + +```ts +const rule = new events.Rule(this, 'Rule', { + schedule: events.Schedule.expression('rate(1 minute)'), +}); + +rule.addTarget(new targets.EventBus( + events.EventBus.fromEventBusArn( + this, + 'External', + `arn:aws:events:eu-west-1:999999999999:event-bus/test-bus`, + ), +)); +``` diff --git a/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts b/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts index 8237b8cdd7993..7026273ef5330 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts @@ -1,9 +1,12 @@ import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; -import { singletonEventRole } from './util'; +import * as sqs from '@aws-cdk/aws-sqs'; +import { singletonEventRole, addToDeadLetterQueueResourcePolicy } from './util'; /** * Configuration properties of an Event Bus event + * + * Cannot extend TargetBaseProps. Retry policy is not supported for Event bus targets. */ export interface EventBusProps { /** @@ -12,25 +15,39 @@ export interface EventBusProps { * @default a new role is created. */ readonly role?: iam.IRole; + + /** + * The SQS queue to be used as deadLetterQueue. + * Check out the [considerations for using a dead-letter queue](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations). + * + * The events not successfully delivered are automatically retried for a specified period of time, + * depending on the retry policy of the target. + * If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. + * + * @default - no dead-letter queue + */ + readonly deadLetterQueue?: sqs.IQueue; } /** * Notify an existing Event Bus of an event */ export class EventBus implements events.IRuleTarget { - private readonly role?: iam.IRole; - - constructor(private readonly eventBus: events.IEventBus, props: EventBusProps = {}) { - this.role = props.role; - } + constructor(private readonly eventBus: events.IEventBus, private readonly props: EventBusProps = {}) { } bind(rule: events.IRule, _id?: string): events.RuleTargetConfig { - if (this.role) { - this.role.addToPrincipalPolicy(this.putEventStatement()); + if (this.props.role) { + this.props.role.addToPrincipalPolicy(this.putEventStatement()); } - const role = this.role ?? singletonEventRole(rule, [this.putEventStatement()]); + const role = this.props.role ?? singletonEventRole(rule, [this.putEventStatement()]); + + if (this.props.deadLetterQueue) { + addToDeadLetterQueueResourcePolicy(rule, this.props.deadLetterQueue); + } + return { arn: this.eventBus.eventBusArn, + deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, role, }; } diff --git a/packages/@aws-cdk/aws-events-targets/test/event-bus/event-rule-target.test.ts b/packages/@aws-cdk/aws-events-targets/test/event-bus/event-rule-target.test.ts index 8d188f1550e8b..a6552a10d7a57 100644 --- a/packages/@aws-cdk/aws-events-targets/test/event-bus/event-rule-target.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/event-bus/event-rule-target.test.ts @@ -1,6 +1,7 @@ import '@aws-cdk/assert-internal/jest'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; +import * as sqs from '@aws-cdk/aws-sqs'; import { Stack } from '@aws-cdk/core'; import * as targets from '../../lib'; @@ -90,4 +91,79 @@ test('with supplied role', () => { Ref: 'Role1ABCC5F0', }], }); -}); \ No newline at end of file +}); + +test('with a Dead Letter Queue specified', () => { + const stack = new Stack(); + const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 min)'), + }); + const queue = new sqs.Queue(stack, 'Queue'); + + rule.addTarget(new targets.EventBus( + events.EventBus.fromEventBusArn( + stack, + 'External', + 'arn:aws:events:us-east-1:123456789012:default', + ), + { deadLetterQueue: queue }, + )); + + expect(stack).toHaveResource('AWS::Events::Rule', { + Targets: [{ + Arn: 'arn:aws:events:us-east-1:123456789012:default', + Id: 'Target0', + RoleArn: { + 'Fn::GetAtt': [ + 'RuleEventsRoleC51A4248', + 'Arn', + ], + }, + DeadLetterConfig: { + Arn: { + 'Fn::GetAtt': [ + 'Queue4A7E3555', + 'Arn', + ], + }, + }, + }], + }); + + expect(stack).toHaveResource('AWS::SQS::QueuePolicy', { + PolicyDocument: { + Statement: [ + { + Action: 'sqs:SendMessage', + Condition: { + ArnEquals: { + 'aws:SourceArn': { + 'Fn::GetAtt': [ + 'Rule4C995B7F', + 'Arn', + ], + }, + }, + }, + Effect: 'Allow', + Principal: { + Service: 'events.amazonaws.com', + }, + Resource: { + 'Fn::GetAtt': [ + 'Queue4A7E3555', + 'Arn', + ], + }, + Sid: 'AllowEventRuleRule', + }, + ], + Version: '2012-10-17', + }, + Queues: [ + { + Ref: 'Queue4A7E3555', + }, + ], + }); +}); diff --git a/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.expected.json b/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.expected.json index 632ddf1767598..a10603f0b03b5 100644 --- a/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.expected.json @@ -19,6 +19,14 @@ ] ] }, + "DeadLetterConfig": { + "Arn": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + } + }, "Id": "Target0", "RoleArn": { "Fn::GetAtt": [ @@ -78,6 +86,50 @@ } ] } + }, + "Queue4A7E3555": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "QueuePolicy25439813": { + "Type": "AWS::SQS::QueuePolicy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Condition": { + "ArnEquals": { + "aws:SourceArn": { + "Fn::GetAtt": [ + "Rule4C995B7F", + "Arn" + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": { + "Fn::GetAtt": [ + "Queue4A7E3555", + "Arn" + ] + }, + "Sid": "AllowEventRuleeventsourcestackRuleFCA41174" + } + ], + "Version": "2012-10-17" + }, + "Queues": [ + { + "Ref": "Queue4A7E3555" + } + ] + } } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.ts b/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.ts index c0ec2ea421b85..5a102ea3cba6c 100644 --- a/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.ts +++ b/packages/@aws-cdk/aws-events-targets/test/event-bus/integ.event-bus.ts @@ -1,5 +1,6 @@ /// !cdk-integ pragma:ignore-assets import * as events from '@aws-cdk/aws-events'; +import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; import * as targets from '../../lib'; @@ -12,12 +13,18 @@ class EventSourceStack extends cdk.Stack { const rule = new events.Rule(this, 'Rule', { schedule: events.Schedule.expression('rate(1 minute)'), }); + + const queue = new sqs.Queue(this, 'Queue'); + rule.addTarget(new targets.EventBus( events.EventBus.fromEventBusArn( this, 'External', `arn:aws:events:${this.region}:999999999999:event-bus/test-bus`, ), + { + deadLetterQueue: queue, + }, )); } } From 5831456465fa44af96a268de56db0e3a8d3c2ea6 Mon Sep 17 00:00:00 2001 From: Julian Michel Date: Thu, 28 Oct 2021 01:09:43 +0200 Subject: [PATCH 25/40] fix(core): SecretValue.secretsManager fails for tokenized secret-id (#16230) `SecretValue.secretsManager` fails if a token is used for `secret-id`. This is caused by a validation which should be skipped for tokenized values. Solved by skipping the validation if token is unresolved. Fixes #16166. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/lib/secret-value.ts | 3 +- .../@aws-cdk/core/test/secret-value.test.ts | 47 ++++++++++++++++++- 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/core/lib/secret-value.ts b/packages/@aws-cdk/core/lib/secret-value.ts index 2cd1b772f3207..b57b704bd9ed6 100644 --- a/packages/@aws-cdk/core/lib/secret-value.ts +++ b/packages/@aws-cdk/core/lib/secret-value.ts @@ -1,6 +1,7 @@ import { CfnDynamicReference, CfnDynamicReferenceService } from './cfn-dynamic-reference'; import { CfnParameter } from './cfn-parameter'; import { Intrinsic } from './private/intrinsic'; +import { Token } from './token'; /** * Work with secret values in the CDK @@ -39,7 +40,7 @@ export class SecretValue extends Intrinsic { throw new Error('secretId cannot be empty'); } - if (!secretId.startsWith('arn:') && secretId.includes(':')) { + if (!Token.isUnresolved(secretId) && !secretId.startsWith('arn:') && secretId.includes(':')) { throw new Error(`secret id "${secretId}" is not an ARN but contains ":"`); } diff --git a/packages/@aws-cdk/core/test/secret-value.test.ts b/packages/@aws-cdk/core/test/secret-value.test.ts index a32702b98771d..2efcdffbe808d 100644 --- a/packages/@aws-cdk/core/test/secret-value.test.ts +++ b/packages/@aws-cdk/core/test/secret-value.test.ts @@ -1,4 +1,4 @@ -import { CfnDynamicReference, CfnDynamicReferenceService, CfnParameter, SecretValue, Stack } from '../lib'; +import { CfnDynamicReference, CfnDynamicReferenceService, CfnParameter, SecretValue, Stack, Token } from '../lib'; describe('secret value', () => { test('plainText', () => { @@ -28,6 +28,30 @@ describe('secret value', () => { }); + test('secretsManager with secret-id from token', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const v = SecretValue.secretsManager(Token.asString({ Ref: 'secret-id' }), { + jsonField: 'json-key', + versionStage: 'version-stage', + }); + + // THEN + expect(stack.resolve(v)).toEqual({ + 'Fn::Join': [ + '', + [ + '{{resolve:secretsmanager:', + { Ref: 'secret-id' }, + ':SecretString:json-key:version-stage:}}', + ], + ], + }); + + }); + test('secretsManager with defaults', () => { // GIVEN const stack = new Stack(); @@ -40,6 +64,27 @@ describe('secret value', () => { }); + test('secretsManager with defaults, secret-id from token', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const v = SecretValue.secretsManager(Token.asString({ Ref: 'secret-id' })); + + // THEN + expect(stack.resolve(v)).toEqual({ + 'Fn::Join': [ + '', + [ + '{{resolve:secretsmanager:', + { Ref: 'secret-id' }, + ':SecretString:::}}', + ], + ], + }); + + }); + test('secretsManager with an empty ID', () => { expect(() => SecretValue.secretsManager('')).toThrow(/secretId cannot be empty/); From e55301b635374a87822f78870981a9e06e13d99e Mon Sep 17 00:00:00 2001 From: Anurag Mohapatra Date: Thu, 28 Oct 2021 11:03:33 +1100 Subject: [PATCH 26/40] fix(cli): downgrade bootstrap stack error message needs a hint for new-style synthesis (#16237) Fix to the bootstrap error message on the version comparison to provide to peek at solution so as to warn users about new style stack synthesis not being enabled automatically in the cdk.json as the potential root cause Fixes https://github.com/aws/aws-cdk/issues/16009 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts b/packages/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts index 4d66e59268dcc..49f97e71332c3 100644 --- a/packages/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts +++ b/packages/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts @@ -65,7 +65,7 @@ export class BootstrapStack { const newVersion = bootstrapVersionFromTemplate(template); if (this.currentToolkitInfo.found && newVersion < this.currentToolkitInfo.version && !options.force) { - throw new Error(`Not downgrading existing bootstrap stack from version '${this.currentToolkitInfo.version}' to version '${newVersion}'. Use --force to force.`); + throw new Error(`Not downgrading existing bootstrap stack from version '${this.currentToolkitInfo.version}' to version '${newVersion}'. Use --force to force or set the '@aws-cdk/core:newStyleStackSynthesis' feature flag in cdk.json to use the latest bootstrap version.`); } const outdir = await fs.mkdtemp(path.join(os.tmpdir(), 'cdk-bootstrap')); @@ -114,4 +114,4 @@ export function bootstrapVersionFromTemplate(template: any): number { } } return 0; -} \ No newline at end of file +} From a6aaa64bf9779b984f20d18881b4f6e510ac091a Mon Sep 17 00:00:00 2001 From: James Lakin Date: Thu, 28 Oct 2021 01:56:20 +0100 Subject: [PATCH 27/40] fix(logs): Apply tags to log retention Lambda (#17029) This hopefully fixes #15032 by implementing the `ITaggable` interface on the custom construct and then applying discovered tags to the underlying `CfnResource`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-logs/lib/log-retention.ts | 5 +- .../aws-logs/test/log-retention.test.ts | 19 ++++++++ packages/@aws-cdk/core/lib/tag-manager.ts | 46 ++++++++++++++++++- 3 files changed, 67 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-logs/lib/log-retention.ts b/packages/@aws-cdk/aws-logs/lib/log-retention.ts index f3054cf910f1c..fe4e3e3cff7af 100644 --- a/packages/@aws-cdk/aws-logs/lib/log-retention.ts +++ b/packages/@aws-cdk/aws-logs/lib/log-retention.ts @@ -128,9 +128,11 @@ export class LogRetention extends CoreConstruct { /** * Private provider Lambda function to support the log retention custom resource. */ -class LogRetentionFunction extends CoreConstruct { +class LogRetentionFunction extends CoreConstruct implements cdk.ITaggable { public readonly functionArn: cdk.Reference; + public readonly tags: cdk.TagManager = new cdk.TagManager(cdk.TagType.KEY_VALUE, 'AWS::Lambda::Function'); + constructor(scope: Construct, id: string, props: LogRetentionProps) { super(scope, id); @@ -164,6 +166,7 @@ class LogRetentionFunction extends CoreConstruct { S3Key: asset.s3ObjectKey, }, Role: role.roleArn, + Tags: this.tags.renderedTags, }, }); this.functionArn = resource.getAtt('Arn'); diff --git a/packages/@aws-cdk/aws-logs/test/log-retention.test.ts b/packages/@aws-cdk/aws-logs/test/log-retention.test.ts index 8f8ed85bb4d47..208031bc1744b 100644 --- a/packages/@aws-cdk/aws-logs/test/log-retention.test.ts +++ b/packages/@aws-cdk/aws-logs/test/log-retention.test.ts @@ -156,4 +156,23 @@ describe('log retention', () => { expect(logGroupArn.endsWith(':*')).toEqual(true); }); + + test('retention Lambda CfnResource receives propagated tags', () => { + const stack = new cdk.Stack(); + cdk.Tags.of(stack).add('test-key', 'test-value'); + new LogRetention(stack, 'MyLambda', { + logGroupName: 'group', + retention: RetentionDays.ONE_MONTH, + }); + + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Tags: [ + { + Key: 'test-key', + Value: 'test-value', + }, + ], + }); + + }); }); diff --git a/packages/@aws-cdk/core/lib/tag-manager.ts b/packages/@aws-cdk/core/lib/tag-manager.ts index cdc224500ef1b..8f4893d5036f0 100644 --- a/packages/@aws-cdk/core/lib/tag-manager.ts +++ b/packages/@aws-cdk/core/lib/tag-manager.ts @@ -1,5 +1,7 @@ import { TagType } from './cfn-resource'; import { CfnTag } from './cfn-tag'; +import { Lazy } from './lazy'; +import { IResolvable } from './resolvable'; interface Tag { key: string; @@ -172,7 +174,7 @@ class KeyValueFormatter implements ITagFormatter { Value: tag.value, }); }); - return tags; + return tags.length > 0 ? tags : undefined; } } @@ -228,7 +230,32 @@ export interface TagManagerOptions { } /** - * TagManager facilitates a common implementation of tagging for Constructs. + * TagManager facilitates a common implementation of tagging for Constructs + * + * Normally, you do not need to use this class, as the CloudFormation specification + * will indicate which resources are taggable. However, sometimes you will need this + * to make custom resources taggable. Used `tagManager.renderedTags` to obtain a + * value that will resolve to the tags at synthesis time. + * + * @example + * import * as cdk from '@aws-cdk/core'; + * + * class MyConstruct extends cdk.Resource implements cdk.ITaggable { + * public readonly tags = new cdk.TagManager(cdk.TagType.KEY_VALUE, 'Whatever::The::Type'); + * + * constructor(scope: cdk.Construct, id: string) { + * super(scope, id); + * + * new cdk.CfnResource(this, 'Resource', { + * type: 'Whatever::The::Type', + * properties: { + * // ... + * Tags: this.tags.renderedTags, + * }, + * }); + * } + * } + * */ export class TagManager { @@ -247,6 +274,14 @@ export class TagManager { */ public readonly tagPropertyName: string; + /** + * A lazy value that represents the rendered tags at synthesis time + * + * If you need to make a custom construct taggable, use the value of this + * property to pass to the `tags` property of the underlying construct. + */ + public readonly renderedTags: IResolvable; + private readonly tags = new Map(); private readonly priorities = new Map(); private readonly tagFormatter: ITagFormatter; @@ -260,6 +295,8 @@ export class TagManager { this._setTag(...this.tagFormatter.parseTags(tagStructure, this.initialTagPriority)); } this.tagPropertyName = options.tagPropertyName || 'tags'; + + this.renderedTags = Lazy.any({ produce: () => this.renderTags() }); } /** @@ -287,6 +324,11 @@ export class TagManager { /** * Renders tags into the proper format based on TagType + * + * This method will eagerly render the tags currently applied. In + * most cases, you should be using `tagManager.renderedTags` instead, + * which will return a `Lazy` value that will resolve to the correct + * tags at synthesis time. */ public renderTags(): any { return this.tagFormatter.formatTags(this.sortedTags); From 823c4d6700fdbba7f0defb2cf4daa1543738284b Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Wed, 27 Oct 2021 21:49:12 -0400 Subject: [PATCH 28/40] chore(lambda): make examples compile (#17188) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-lambda/README.md | 218 +++++++++--------- .../aws-lambda/rosetta/default.ts-fixture | 6 +- .../aws-lambda/rosetta/function.ts-fixture | 18 -- 3 files changed, 118 insertions(+), 124 deletions(-) delete mode 100644 packages/@aws-cdk/aws-lambda/rosetta/function.ts-fixture diff --git a/packages/@aws-cdk/aws-lambda/README.md b/packages/@aws-cdk/aws-lambda/README.md index dc97826d51135..bb42d0811994d 100644 --- a/packages/@aws-cdk/aws-lambda/README.md +++ b/packages/@aws-cdk/aws-lambda/README.md @@ -14,10 +14,10 @@ This construct library allows you to define AWS Lambda Functions. ```ts -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), }); ``` @@ -62,8 +62,8 @@ The following `DockerImageFunction` construct uses a local folder with a Dockerfile as the asset that will be used as the function handler. ```ts -new DockerImageFunction(this, 'AssetFunction', { - code: DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-handler')), +new lambda.DockerImageFunction(this, 'AssetFunction', { + code: lambda.DockerImageCode.fromImageAsset(path.join(__dirname, 'docker-handler')), }); ``` @@ -73,8 +73,8 @@ You can also specify an image that already exists in ECR as the function handler import * as ecr from '@aws-cdk/aws-ecr'; const repo = new ecr.Repository(this, 'Repository'); -new DockerImageFunction(this, 'ECRFunction', { - code: DockerImageCode.fromEcr(repo), +new lambda.DockerImageFunction(this, 'ECRFunction', { + code: lambda.DockerImageCode.fromEcr(repo), }); ``` @@ -90,13 +90,13 @@ The autogenerated Role is automatically given permissions to execute the Lambda function. To reference the autogenerated Role: ```ts -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), }); -fn.role // the Role +const role = fn.role; // the Role ``` You can also provide your own IAM role. Provided IAM roles will not automatically @@ -104,15 +104,15 @@ be given permissions to execute the Lambda function. To provide a role and grant it appropriate permissions: ```ts -import * as iam from '@aws-cdk/aws-iam'; const myRole = new iam.Role(this, 'My Role', { assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'), }); -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, + +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), - role: myRole // user-provided role + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + role: myRole, // user-provided role }); myRole.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaBasicExecutionRole")); @@ -128,8 +128,8 @@ functions. You can also restrict permissions given to AWS services by providing a source account or ARN (representing the account and identifier of the resource that accesses the function or layer). -```ts fixture=function -import * as iam from '@aws-cdk/aws-iam'; +```ts +declare const fn: lambda.Function; const principal = new iam.ServicePrincipal('my-service'); fn.grantInvoke(principal); @@ -151,8 +151,8 @@ principal in question has conditions limiting the source account or ARN of the operation (see above), these conditions will be automatically added to the resource policy. -```ts fixture=function -import * as iam from '@aws-cdk/aws-iam'; +```ts +declare const fn: lambda.Function; const servicePrincipal = new iam.ServicePrincipal('my-service'); const sourceArn = 'arn:aws:s3:::my-bucket'; const sourceAccount = '111122223333'; @@ -193,8 +193,8 @@ The function version includes the following information: You could create a version to your lambda function using the `Version` construct. ```ts -const fn = new Function(this, 'MyFunction', ...); -const version = new Version(this, 'MyVersion', { +declare const fn: lambda.Function; +const version = new lambda.Version(this, 'MyVersion', { lambda: fn, }); ``` @@ -211,9 +211,12 @@ latest code. For instance - ```ts const codeVersion = "stringOrMethodToGetCodeVersion"; const fn = new lambda.Function(this, 'MyFunction', { - environment: { - 'CodeVersionString': codeVersion - } + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + environment: { + 'CodeVersionString': codeVersion, + }, }); ``` @@ -291,16 +294,14 @@ specify options for the current version through the `currentVersionOptions` property. ```ts -import * as cdk from '@aws-cdk/core'; - -const fn = new Function(this, 'MyFunction', { +const fn = new lambda.Function(this, 'MyFunction', { currentVersionOptions: { - removalPolicy: cdk.RemovalPolicy.RETAIN, // retain old versions - retryAttempts: 1 // async retry attempts + removalPolicy: RemovalPolicy.RETAIN, // retain old versions + retryAttempts: 1, // async retry attempts }, - runtime: Runtime.NODEJS_12_X, + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), }); fn.currentVersion.addAlias('live'); @@ -318,11 +319,9 @@ By default, updating a layer creates a new layer version, and CloudFormation wil Alternatively, a removal policy can be used to retain the old version: ```ts -import * as cdk from '@aws-cdk/core'; - -new LayerVersion(this, 'MyLayer', { - removalPolicy: cdk.RemovalPolicy.RETAIN, - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), +new lambda.LayerVersion(this, 'MyLayer', { + removalPolicy: RemovalPolicy.RETAIN, + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), }); ``` @@ -336,18 +335,21 @@ for some workloads. A lambda function can be configured to be run on one of these platforms: ```ts -new Function(this, 'MyFunction', { - ... - architecture: Architecture.ARM_64, +new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + architecture: lambda.Architecture.ARM_64, }); ``` Similarly, lambda layer versions can also be tagged with architectures it is compatible with. ```ts -new LayerVersion(this, 'MyLayer', { - ... - compatibleArchitectures: [Architecture.X86_64, Architecture.ARM_64], +new lambda.LayerVersion(this, 'MyLayer', { + removalPolicy: RemovalPolicy.RETAIN, + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + compatibleArchitectures: [lambda.Architecture.X86_64, lambda.Architecture.ARM_64], }); ``` @@ -357,20 +359,24 @@ Lambda functions can be configured to use CloudWatch [Lambda Insights](https://d which provides low-level runtime metrics for a Lambda functions. ```ts -import * as lambda from '@aws-cdk/lambda'; - -new Function(this, 'MyFunction', { - insightsVersion: lambda.LambdaInsightsVersion.VERSION_1_0_98_0 -}) +new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + insightsVersion: lambda.LambdaInsightsVersion.VERSION_1_0_98_0, +}); ``` If the version of insights is not yet available in the CDK, you can also provide the ARN directly as so - ```ts const layerArn = 'arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:14'; -new Function(this, 'MyFunction', { - insightsVersion: lambda.LambdaInsightsVersion.fromInsightVersionArn(layerArn) -}) +new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), + insightsVersion: lambda.LambdaInsightsVersion.fromInsightVersionArn(layerArn), +}); ``` ## Event Rule Target @@ -378,9 +384,11 @@ new Function(this, 'MyFunction', { You can use an AWS Lambda function as a target for an Amazon CloudWatch event rule: -```ts fixture=function +```ts import * as events from '@aws-cdk/aws-events'; import * as targets from '@aws-cdk/aws-events-targets'; + +declare const fn: lambda.Function; const rule = new events.Rule(this, 'Schedule Rule', { schedule: events.Schedule.cron({ minute: '0', hour: '4' }), }); @@ -402,18 +410,22 @@ includes classes for the various event sources supported by AWS Lambda. For example, the following code adds an SQS queue as an event source for a function: -```ts fixture=function +```ts import * as eventsources from '@aws-cdk/aws-lambda-event-sources'; import * as sqs from '@aws-cdk/aws-sqs'; + +declare const fn: lambda.Function; const queue = new sqs.Queue(this, 'Queue'); fn.addEventSource(new eventsources.SqsEventSource(queue)); ``` The following code adds an S3 bucket notification as an event source: -```ts fixture=function +```ts import * as eventsources from '@aws-cdk/aws-lambda-event-sources'; import * as s3 from '@aws-cdk/aws-s3'; + +declare const fn: lambda.Function; const bucket = new s3.Bucket(this, 'Bucket'); fn.addEventSource(new eventsources.S3EventSource(bucket, { events: [ s3.EventType.OBJECT_CREATED, s3.EventType.OBJECT_REMOVED ], @@ -429,11 +441,11 @@ A dead-letter queue can be automatically created for a Lambda function by setting the `deadLetterQueueEnabled: true` configuration. ```ts -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, - handler: 'index.handler', - code: Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), - deadLetterQueueEnabled: true +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), + deadLetterQueueEnabled: true, }); ``` @@ -443,11 +455,11 @@ It is also possible to provide a dead-letter queue instead of getting a new queu import * as sqs from '@aws-cdk/aws-sqs'; const dlq = new sqs.Queue(this, 'DLQ'); -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, - handler: 'index.handler', - code: Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), - deadLetterQueue: dlq +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), + deadLetterQueue: dlq, }); ``` @@ -457,11 +469,11 @@ to learn more about AWS Lambdas and DLQs. ## Lambda with X-Ray Tracing ```ts -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, - handler: 'index.handler', - code: Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), - tracing: Tracing.ACTIVE +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), + tracing: lambda.Tracing.ACTIVE, }); ``` @@ -474,13 +486,11 @@ The following code configures the lambda function with CodeGuru profiling. By de profiling group - ```ts -import * as lambda from '@aws-cdk/aws-lambda'; - -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.PYTHON_3_6, - handler: 'index.handler', - code: Code.fromAsset('lambda-handler'), - profiling: true +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.PYTHON_3_6, + handler: 'index.handler', + code: lambda.Code.fromAsset('lambda-handler'), + profiling: true, }); ``` @@ -494,11 +504,11 @@ to learn more about AWS Lambda's Profiling support. ## Lambda with Reserved Concurrent Executions ```ts -const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, - handler: 'index.handler', - code: Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), - reservedConcurrentExecutions: 100 +const fn = new lambda.Function(this, 'MyFunction', { + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + code: lambda.Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'), + reservedConcurrentExecutions: 100, }); ``` @@ -509,15 +519,17 @@ managing concurrency. You can use Application AutoScaling to automatically configure the provisioned concurrency for your functions. AutoScaling can be set to track utilization or be based on a schedule. To configure AutoScaling on a function alias: -```ts fixture=function +```ts import * as autoscaling from '@aws-cdk/aws-autoscaling'; -const alias = new Alias(this, 'Alias', { + +declare const fn: lambda.Function; +const alias = new lambda.Alias(this, 'Alias', { aliasName: 'prod', version: fn.latestVersion, }); // Create AutoScaling target -const as = alias.addAutoScaling({ maxCapacity: 50 }) +const as = alias.addAutoScaling({ maxCapacity: 50 }); // Configure Target Tracking as.scaleOnUtilization({ @@ -591,12 +603,12 @@ const accessPoint = fileSystem.addAccessPoint('AccessPoint', { }, }); -const fn = new Function(this, 'MyLambda', { +const fn = new lambda.Function(this, 'MyLambda', { // mount the access point to /mnt/msg in the lambda runtime environment - filesystem: FileSystem.fromEfsAccessPoint(accessPoint, '/mnt/msg'), - runtime: Runtime.NODEJS_12_X, + filesystem: lambda.FileSystem.fromEfsAccessPoint(accessPoint, '/mnt/msg'), + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), vpc, }); ``` @@ -626,17 +638,17 @@ Docker container is responsible for putting content at `/asset-output`. The cont Example with Python: ```ts -new Function(this, 'Function', { - code: Code.fromAsset(path.join(__dirname, 'my-python-handler'), { +new lambda.Function(this, 'Function', { + code: lambda.Code.fromAsset(path.join(__dirname, 'my-python-handler'), { bundling: { - image: Runtime.PYTHON_3_9.bundlingImage, + image: lambda.Runtime.PYTHON_3_9.bundlingImage, command: [ 'bash', '-c', 'pip install -r requirements.txt -t /asset-output && cp -au . /asset-output' ], }, }), - runtime: Runtime.PYTHON_3_9, + runtime: lambda.Runtime.PYTHON_3_9, handler: 'index.handler', }); ``` @@ -647,12 +659,10 @@ Use `cdk.DockerImage.fromRegistry(image)` to use an existing image or `cdk.DockerImage.fromBuild(path)` to build a specific image: ```ts -import * as cdk from '@aws-cdk/core'; - -new Function(this, 'Function', { - code: Code.fromAsset('/path/to/handler', { +new lambda.Function(this, 'Function', { + code: lambda.Code.fromAsset('/path/to/handler', { bundling: { - image: cdk.DockerImage.fromBuild('/path/to/dir/with/DockerFile', { + image: DockerImage.fromBuild('/path/to/dir/with/DockerFile', { buildArgs: { ARG1: 'value1', }, @@ -660,7 +670,7 @@ new Function(this, 'Function', { command: ['my', 'cool', 'command'], }, }), - runtime: Runtime.PYTHON_3_9, + runtime: lambda.Runtime.PYTHON_3_9, handler: 'index.handler', }); ``` @@ -679,21 +689,21 @@ When enabled, AWS Lambda checks every code deployment and verifies that the code For more information, see [Configuring code signing for AWS Lambda](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html). The following code configures a function with code signing. -```typescript +```ts import * as signer from '@aws-cdk/aws-signer'; const signingProfile = new signer.SigningProfile(this, 'SigningProfile', { - platform: signer.Platform.AWS_LAMBDA_SHA384_ECDSA + platform: signer.Platform.AWS_LAMBDA_SHA384_ECDSA, }); -const codeSigningConfig = new CodeSigningConfig(this, 'CodeSigningConfig', { +const codeSigningConfig = new lambda.CodeSigningConfig(this, 'CodeSigningConfig', { signingProfiles: [signingProfile], }); -new Function(this, 'Function', { +new lambda.Function(this, 'Function', { codeSigningConfig, - runtime: Runtime.NODEJS_12_X, + runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), + code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')), }); ``` diff --git a/packages/@aws-cdk/aws-lambda/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-lambda/rosetta/default.ts-fixture index 417454806bb9d..f473db8d31bd5 100644 --- a/packages/@aws-cdk/aws-lambda/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-lambda/rosetta/default.ts-fixture @@ -1,7 +1,9 @@ // Fixture with packages imported, but nothing else import * as path from 'path'; -import { Construct, Stack } from '@aws-cdk/core'; -import { Alias, Code, CodeSigningConfig, DockerImageCode, DockerImageFunction, FileSystem, Function, LayerVersion, Runtime, Tracing } from '@aws-cdk/aws-lambda'; +import { Construct } from 'constructs'; +import { DockerImage, RemovalPolicy, Stack } from '@aws-cdk/core'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as iam from '@aws-cdk/aws-iam'; class Fixture extends Stack { constructor(scope: Construct, id: string) { diff --git a/packages/@aws-cdk/aws-lambda/rosetta/function.ts-fixture b/packages/@aws-cdk/aws-lambda/rosetta/function.ts-fixture deleted file mode 100644 index 91eafe0abfcc0..0000000000000 --- a/packages/@aws-cdk/aws-lambda/rosetta/function.ts-fixture +++ /dev/null @@ -1,18 +0,0 @@ -// Fixture with function (`fn`) already created -import * as path from 'path'; -import { Construct, Stack } from '@aws-cdk/core'; -import { Alias, Code, Function, Runtime } from '@aws-cdk/aws-lambda'; - -class Fixture extends Stack { - constructor(scope: Construct, id: string) { - super(scope, id); - - const fn = new Function(this, 'MyFunction', { - runtime: Runtime.NODEJS_12_X, - handler: 'index.handler', - code: Code.fromAsset(path.join(__dirname, 'lambda-handler')), - }); - - /// here - } -} From 029eed9c8341545e090ec48ee97b47d25f4c3c56 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 28 Oct 2021 04:44:23 +0200 Subject: [PATCH 29/40] chore: upgrade to jsii 1.41 (#17190) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 8 +- packages/awslint/package.json | 4 +- packages/decdk/package.json | 4 +- tools/@aws-cdk/cdk-build-tools/package.json | 6 +- yarn.lock | 162 ++++++++------------ 5 files changed, 74 insertions(+), 110 deletions(-) diff --git a/package.json b/package.json index 6115ddc36950c..7a521b7db98e1 100644 --- a/package.json +++ b/package.json @@ -20,10 +20,10 @@ "fs-extra": "^9.1.0", "graceful-fs": "^4.2.8", "jest-junit": "^12.3.0", - "jsii-diff": "^1.40.0", - "jsii-pacmak": "^1.40.0", - "jsii-reflect": "^1.40.0", - "jsii-rosetta": "^1.40.0", + "jsii-diff": "^1.41.0", + "jsii-pacmak": "^1.41.0", + "jsii-reflect": "^1.41.0", + "jsii-rosetta": "^1.41.0", "lerna": "^4.0.0", "patch-package": "^6.4.7", "standard-version": "^9.3.1", diff --git a/packages/awslint/package.json b/packages/awslint/package.json index 1bae6a09ba6cb..df07c732685ef 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -18,11 +18,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.40.0", + "@jsii/spec": "^1.41.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.40.0", + "jsii-reflect": "^1.41.0", "yargs": "^16.2.0" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 6a0a0eb5c0baa..7ebd9cc3d632c 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -244,7 +244,7 @@ "@aws-cdk/region-info": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.40.0", + "jsii-reflect": "^1.41.0", "jsonschema": "^1.4.0", "yaml": "1.10.2", "yargs": "^16.2.0" @@ -255,7 +255,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.14", "jest": "^26.6.3", - "jsii": "^1.40.0" + "jsii": "^1.41.0" }, "keywords": [ "aws", diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index c8dfb507afc46..a99a32059c006 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -56,9 +56,9 @@ "fs-extra": "^9.1.0", "jest": "^27.3.1", "jest-junit": "^11.1.0", - "jsii": "^1.40.0", - "jsii-pacmak": "^1.40.0", - "jsii-reflect": "^1.40.0", + "jsii": "^1.41.0", + "jsii-pacmak": "^1.41.0", + "jsii-reflect": "^1.41.0", "markdownlint-cli": "^0.29.0", "nyc": "^15.1.0", "semver": "^7.3.5", diff --git a/yarn.lock b/yarn.lock index c63b92155ae6a..48ecde5d6ee28 100644 --- a/yarn.lock +++ b/yarn.lock @@ -760,10 +760,18 @@ chalk "^4.1.2" semver "^7.3.5" -"@jsii/spec@^1.40.0": - version "1.40.0" - resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.40.0.tgz#027dd2a9c2c0b49e5974ad6445728dde91569fe3" - integrity sha512-SJ9Kwz0C53bomYWb5PlESt6v8JmfgqqFjc1annNK+foHxcaUzs3trhKbBXgxhcoApE2pMnUIBj3DG9gLNmKdWw== +"@jsii/check-node@1.41.0": + version "1.41.0" + resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.41.0.tgz#17b6895e1fcc0b8bbb8fa81b52b17c47c9c47674" + integrity sha512-lV/vMK1HZQcUye2vXPu6XsmnTk7fEui0GnQsPAX1eLWfRMkxkRblT4VZ9DQTYjMno2HuVP4IH51fiFoICMmnkA== + dependencies: + chalk "^4.1.2" + semver "^7.3.5" + +"@jsii/spec@^1.41.0": + version "1.41.0" + resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.41.0.tgz#d504c8536139a97986b1ec63201d3575972e1e9c" + integrity sha512-sN7x6C0DGLngiO6SkrM/7gVaHyeja59bDZODZtBXIq8kBIC+GgAFS8P0s1e5FpU9mHHvvHq4rvzvcIbxw0nkXw== dependencies: jsonschema "^1.4.0" @@ -2250,11 +2258,6 @@ ansi-regex@^2.0.0: resolved "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8= -ansi-regex@^3.0.0: - version "3.0.0" - resolved "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998" - integrity sha1-7QMXwyIGT3lGbAKWa922Bas32Zg= - ansi-regex@^4.1.0: version "4.1.0" resolved "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz#8b9f8f08cf1acb843756a839ca8c7e3168c51997" @@ -3078,11 +3081,6 @@ co@^4.6.0: resolved "https://registry.npmjs.org/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ= -code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= - codemaker@^1.39.0: version "1.39.0" resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.39.0.tgz#d8103f4b587210b1d6aa073d62ffb510ac20bc42" @@ -3092,10 +3090,10 @@ codemaker@^1.39.0: decamelize "^5.0.1" fs-extra "^9.1.0" -codemaker@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.40.0.tgz#80ed75a433fb08976c602b9080dc7fffbb13dbb9" - integrity sha512-X0dMlXILO5r9/YhNAbiLl9kNIfhATfGS8nAT7xC09zREipANnCEbjZuF8jtFGzrD942/k5QNROmqRtqRaZJ1QQ== +codemaker@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.41.0.tgz#814edff6ffd241727794e76f81c5f9e4df135162" + integrity sha512-Iow0udcpshcVmztwSSJDTRhJxTbH0nXU3pxf7iF0gv6+BWC5Nd2aWQ2W5rHECySQPIvmWn4KEpV/SvXgvfl0aA== dependencies: camelcase "^6.2.0" decamelize "^5.0.1" @@ -5536,18 +5534,6 @@ is-extglob@^2.1.1: resolved "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI= -is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - integrity sha1-754xOG8DGn8NZDr4L95QxFfvAMs= - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - integrity sha1-o7MKXE8ZkYMWeqq5O+764937ZU8= - is-fullwidth-code-point@^3.0.0: version "3.0.0" resolved "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d" @@ -6706,70 +6692,72 @@ jsesc@^2.5.1: resolved "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.40.0.tgz#97668273bc6c7f8ea6c6c27ebd8d70d433e1208d" - integrity sha512-Q0ctTmPE3wZ03CP++MxjPMBV3ynonDHq1gsd5mFUk9DW+cTyKb78KUkyjhgQnuiehXLRDQtoTlWJkH9C5xhEnQ== +jsii-diff@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.41.0.tgz#ef88aa98081e4bb41f13d24074fce9bee1574d24" + integrity sha512-LTfqGh0f0fUuWu8DBkEUgl0fteIBfzyEiExcqLBXbztg/8JRbt3DYUr63hHULJj4O/rnRTaaYNH7oT1sg4gpSQ== dependencies: - "@jsii/check-node" "1.40.0" - "@jsii/spec" "^1.40.0" + "@jsii/check-node" "1.41.0" + "@jsii/spec" "^1.41.0" fs-extra "^9.1.0" - jsii-reflect "^1.40.0" + jsii-reflect "^1.41.0" log4js "^6.3.0" typescript "~3.9.10" yargs "^16.2.0" -jsii-pacmak@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.40.0.tgz#5c0ecd5ff9c0917931bbe66773402dfe5517fbec" - integrity sha512-8IyvvWiD2eUpVhw0WXrYJILz+NSeNEwcWfQB+fUmn2gL8q27hlPZhHE7BVlr8+rb+EJVVLeHmpAMgA/SF9g/vQ== +jsii-pacmak@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.41.0.tgz#b94575f4a7c658d3fbd1c5f30876ce53a22ed126" + integrity sha512-B3ohEObc2xSnWoawK0q4qVkxa9Dh4A+x1y9K31AAS5jGbhdjbdS/FfphlUbukIoSR0NBJLgJg9pT+h/PIlUqdA== dependencies: - "@jsii/check-node" "1.40.0" - "@jsii/spec" "^1.40.0" + "@jsii/check-node" "1.41.0" + "@jsii/spec" "^1.41.0" clone "^2.1.2" - codemaker "^1.40.0" + codemaker "^1.41.0" commonmark "^0.30.0" escape-string-regexp "^4.0.0" fs-extra "^9.1.0" - jsii-reflect "^1.40.0" - jsii-rosetta "^1.40.0" + jsii-reflect "^1.41.0" + jsii-rosetta "^1.41.0" semver "^7.3.5" spdx-license-list "^6.4.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.40.0.tgz#f8715f1506059d49294b32fe2c710753dd9545ba" - integrity sha512-/ccIjkRSfbHCl1MCfwWFaz2RjoAAiNH5teE95Qi11a4gbTu52WcOFIg3Y+8llzHmmLykr9jTDqBtgyzi9WI6dw== +jsii-reflect@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.41.0.tgz#3c8fbcbbb7e2853b7c2a59384524ccbd2d9d832c" + integrity sha512-KQaAXQ38hyREs7IuBChZldSyvW1gezHRezGKGc6BZILwlIX330F3GIauJ2rJKJinh/Lo/DlMfd0k1mxdBz/W9A== dependencies: - "@jsii/check-node" "1.40.0" - "@jsii/spec" "^1.40.0" + "@jsii/check-node" "1.41.0" + "@jsii/spec" "^1.41.0" colors "^1.4.0" fs-extra "^9.1.0" - oo-ascii-tree "^1.40.0" + oo-ascii-tree "^1.41.0" yargs "^16.2.0" -jsii-rosetta@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.40.0.tgz#eff34919ed9d4193ddb4a684f6108c82db3feb7c" - integrity sha512-Gb257CdUbHV8ZRFYflZy7F7alH5X49T+pX2133F7eaoMpRqc0V6jQsphaL4V+S/jK29XOfXtANmq55AvmwsWLQ== +jsii-rosetta@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.41.0.tgz#ddf3f49738489d8330aa4eff96f0a9c8c811792d" + integrity sha512-wSjMqRBhjBKB8kx+gIXE7YXoiOlTFH/ugksHz2K4UwqriPmEHue8b7LkV3d/mD8xuhXWS6ekGAz67Gd1RSB7Sg== dependencies: - "@jsii/check-node" "1.40.0" - "@jsii/spec" "^1.40.0" + "@jsii/check-node" "1.41.0" + "@jsii/spec" "^1.41.0" "@xmldom/xmldom" "^0.7.5" commonmark "^0.30.0" fs-extra "^9.1.0" + sort-json "^2.0.0" typescript "~3.9.10" + workerpool "^6.1.5" yargs "^16.2.0" -jsii@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/jsii/-/jsii-1.40.0.tgz#cc04f2bad5ae9495513af921cfcaca99dc8753d3" - integrity sha512-QUPmQzq7c/FREvtfw9+eIU16LB45hxRPtdLO2Ci2ZX1df4E4+vegtfvvjUJ21diVo2hwVp4UCftKqrXZ/cXEFg== +jsii@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/jsii/-/jsii-1.41.0.tgz#926e033d7ba57c65d6d070dee1d4d19da0fa9508" + integrity sha512-5pjfWjSaMzE+mkpW//llBSGLcXJGNjE0KFSf73USPZTfJC09dBEJ4KJM85SogCNnWHwG5QecEpZStxNvt8GI7g== dependencies: - "@jsii/check-node" "1.40.0" - "@jsii/spec" "^1.40.0" + "@jsii/check-node" "1.41.0" + "@jsii/spec" "^1.41.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.5" @@ -7972,11 +7960,6 @@ null-check@^1.0.0: resolved "https://registry.npmjs.org/null-check/-/null-check-1.0.0.tgz#977dffd7176012b9ec30d2a39db5cf72a0439edd" integrity sha1-l33/1xdgErnsMNKjnbXPcqBDnt0= -number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0= - nwsapi@^2.2.0: version "2.2.0" resolved "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz#204879a9e3d068ff2a55139c2c772780681a38b7" @@ -8113,10 +8096,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.40.0: - version "1.40.0" - resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.40.0.tgz#69005b8f5f140ed23a81e90b3659750dc3a62522" - integrity sha512-nkiEc8TJZwGxPdEB1jRxHWyc/qBTPQSf70KhO+WjuiWzVfLVEWF/dksWRjm8e510YmPrBjfYCJOn+BVlOUojSQ== +oo-ascii-tree@^1.41.0: + version "1.41.0" + resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.41.0.tgz#88883d2b8446ded7082a96faf3294e1092aeeb46" + integrity sha512-WxQIFO+JMCIJBlIMUATsp+PW5kqDMy2CD7u5uC9qQk29XInUMO+RN7/QVZJsPHO3o73eJFN9CFc9XDWQJwVKBQ== open@^7.4.2: version "7.4.2" @@ -9599,7 +9582,7 @@ string-length@^4.0.1: char-regex "^1.0.2" strip-ansi "^6.0.0" -string-width@*, string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: +string-width@*, string-width@^1.0.1, "string-width@^1.0.2 || 2", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -9608,23 +9591,6 @@ string-width@*, string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: is-fullwidth-code-point "^3.0.0" strip-ansi "^6.0.1" -string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M= - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - -"string-width@^1.0.2 || 2": - version "2.1.1" - resolved "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e" - integrity sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw== - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^4.0.0" - string.prototype.repeat@^0.2.0: version "0.2.0" resolved "https://registry.npmjs.org/string.prototype.repeat/-/string.prototype.repeat-0.2.0.tgz#aba36de08dcee6a5a337d49b2ea1da1b28fc0ecf" @@ -9677,13 +9643,6 @@ strip-ansi@^3.0.0, strip-ansi@^3.0.1: dependencies: ansi-regex "^2.0.0" -strip-ansi@^4.0.0: - version "4.0.0" - resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f" - integrity sha1-qEeQIusaw2iocTibY1JixQXuNo8= - dependencies: - ansi-regex "^3.0.0" - strip-ansi@^5.2.0: version "5.2.0" resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae" @@ -10540,6 +10499,11 @@ wordwrap@>=0.0.2, wordwrap@^1.0.0: resolved "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" integrity sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus= +workerpool@^6.1.5: + version "6.1.5" + resolved "https://registry.npmjs.org/workerpool/-/workerpool-6.1.5.tgz#0f7cf076b6215fd7e1da903ff6f22ddd1886b581" + integrity sha512-XdKkCK0Zqc6w3iTxLckiuJ81tiD/o5rBE/m+nXpRCB+/Sq4DqkfXZ/x0jW02DG1tGsfUGXbTJyZDP+eu67haSw== + wrap-ansi@^6.2.0: version "6.2.0" resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz#e9393ba07102e6c91a3b221478f0257cd2856e53" From 5cee43e73a836addf5554d74c617f543a450249d Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 28 Oct 2021 05:41:35 +0200 Subject: [PATCH 30/40] chore: activate 'rosetta infuse' feature (#17191) `jsii-rosetta infuse` will modify all the assemblies in-place to add examples to types that don't have examples yet. This feature depends on jsii 1.41, and should not be merged before jsii has been upgraded to that version (either by #17187 or by #17190). Depends-On: #17190 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- pack.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pack.sh b/pack.sh index 168a17f972406..3c2d7dbce6c1a 100755 --- a/pack.sh +++ b/pack.sh @@ -39,12 +39,17 @@ function lerna_scopes() { # Compile examples with respect to "decdk" directory, as all packages will # be symlinked there so they can all be included. echo "Extracting code samples" >&2 -node --experimental-worker $(which $ROSETTA) \ +$ROSETTA extract \ --compile \ --output samples.tabl.json \ --directory packages/decdk \ $(cat $TMPDIR/jsii.txt) +echo "Infusing examples back into assemblies" >&2 +$ROSETTA infuse \ + samples.tabl.json \ + $(cat $TMPDIR/jsii.txt) + # Jsii packaging (all at once using jsii-pacmak) echo "Packaging jsii modules" >&2 $PACMAK \ From 758568007bf82a97ed6edba3ef4717735b224bf9 Mon Sep 17 00:00:00 2001 From: Kyle Roach Date: Thu, 28 Oct 2021 04:34:47 +0000 Subject: [PATCH 31/40] feat(codebuild): add fromEcrRepository to LinuxGpuBuildImage (#17170) Resolves #16500 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-codebuild/README.md | 2 + .../lib/linux-gpu-build-image.ts | 16 ++ .../test/linux-gpu-build-image.test.ts | 174 ++++++++++++++++++ packages/@aws-cdk/aws-ecr/lib/repository.ts | 4 +- 4 files changed, 195 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-codebuild/README.md b/packages/@aws-cdk/aws-codebuild/README.md index ff73599bca8e4..8a5fa30ac408b 100644 --- a/packages/@aws-cdk/aws-codebuild/README.md +++ b/packages/@aws-cdk/aws-codebuild/README.md @@ -320,6 +320,8 @@ new codebuild.Project(this, 'Project', { }) ``` +Alternatively, you can reference an image available in an ECR repository using the `LinuxGpuBuildImage.fromEcrRepository(repo[, tag])` method. + ## Logs CodeBuild lets you specify an S3 Bucket, CloudWatch Log Group or both to receive logs from your projects. diff --git a/packages/@aws-cdk/aws-codebuild/lib/linux-gpu-build-image.ts b/packages/@aws-cdk/aws-codebuild/lib/linux-gpu-build-image.ts index 6cbf5bcfc2f7e..b26611745afbb 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/linux-gpu-build-image.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/linux-gpu-build-image.ts @@ -91,6 +91,22 @@ export class LinuxGpuBuildImage implements IBindableBuildImage { return new LinuxGpuBuildImage(repositoryName, tag, account); } + + /** + * Returns a GPU image running Linux from an ECR repository. + * + * NOTE: if the repository is external (i.e. imported), then we won't be able to add + * a resource policy statement for it so CodeBuild can pull the image. + * + * @see https://docs.aws.amazon.com/codebuild/latest/userguide/sample-ecr.html + * + * @param repository The ECR repository + * @param tag Image tag (default "latest") + */ + public static fromEcrRepository(repository: ecr.IRepository, tag: string = 'latest'): IBuildImage { + return new LinuxGpuBuildImage(repository.repositoryName, tag, repository.env.account); + } + public readonly type = 'LINUX_GPU_CONTAINER'; public readonly defaultComputeType = ComputeType.LARGE; public readonly imageId: string; diff --git a/packages/@aws-cdk/aws-codebuild/test/linux-gpu-build-image.test.ts b/packages/@aws-cdk/aws-codebuild/test/linux-gpu-build-image.test.ts index 7e32ab033c68c..d3b0d44dde984 100644 --- a/packages/@aws-cdk/aws-codebuild/test/linux-gpu-build-image.test.ts +++ b/packages/@aws-cdk/aws-codebuild/test/linux-gpu-build-image.test.ts @@ -1,5 +1,6 @@ import { arrayWith, objectLike } from '@aws-cdk/assert-internal'; import '@aws-cdk/assert-internal/jest'; +import * as ecr from '@aws-cdk/aws-ecr'; import * as cdk from '@aws-cdk/core'; import * as codebuild from '../lib'; @@ -58,4 +59,177 @@ describe('Linux GPU build image', () => { }); }); }); + + describe('ECR Repository', () => { + test('allows creating a build image from a new ECR repository', () => { + const stack = new cdk.Stack(); + + const repository = new ecr.Repository(stack, 'my-repo'); + + new codebuild.Project(stack, 'Project', { + buildSpec: codebuild.BuildSpec.fromObject({ + version: '0.2', + phases: { + build: { commands: ['ls'] }, + }, + }), + environment: { + buildImage: codebuild.LinuxGpuBuildImage.fromEcrRepository(repository, 'v1'), + }, + }); + + expect(stack).toHaveResourceLike('AWS::CodeBuild::Project', { + Environment: { + ComputeType: 'BUILD_GENERAL1_LARGE', + Image: { + 'Fn::Join': ['', [ + { Ref: 'AWS::AccountId' }, + '.dkr.ecr.', + { Ref: 'AWS::Region' }, + '.', + { Ref: 'AWS::URLSuffix' }, + '/', + { Ref: 'myrepo5DFA62E5' }, + ':v1', + ]], + }, + }, + }); + + expect(stack).toHaveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: arrayWith(objectLike({ + Action: [ + 'ecr:BatchCheckLayerAvailability', + 'ecr:GetDownloadUrlForLayer', + 'ecr:BatchGetImage', + ], + Resource: { + 'Fn::Join': ['', [ + 'arn:', + { Ref: 'AWS::Partition' }, + ':ecr:', + { Ref: 'AWS::Region' }, + ':', + { Ref: 'AWS::AccountId' }, + ':repository/', + { Ref: 'myrepo5DFA62E5' }, + ]], + }, + })), + }, + }); + }); + + test('allows creating a build image from an existing ECR repository', () => { + const stack = new cdk.Stack(); + + const repository = ecr.Repository.fromRepositoryName(stack, 'my-imported-repo', 'test-repo'); + + new codebuild.Project(stack, 'Project', { + buildSpec: codebuild.BuildSpec.fromObject({ + version: '0.2', + phases: { + build: { commands: ['ls'] }, + }, + }), + environment: { + buildImage: codebuild.LinuxGpuBuildImage.fromEcrRepository(repository), + }, + }); + + expect(stack).toHaveResourceLike('AWS::CodeBuild::Project', { + Environment: { + ComputeType: 'BUILD_GENERAL1_LARGE', + Image: { + 'Fn::Join': ['', [ + { Ref: 'AWS::AccountId' }, + '.dkr.ecr.', + { Ref: 'AWS::Region' }, + '.', + { Ref: 'AWS::URLSuffix' }, + '/test-repo:latest', + ]], + }, + }, + }); + + expect(stack).toHaveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: arrayWith(objectLike({ + Action: [ + 'ecr:BatchCheckLayerAvailability', + 'ecr:GetDownloadUrlForLayer', + 'ecr:BatchGetImage', + ], + Resource: { + 'Fn::Join': ['', [ + 'arn:', + { Ref: 'AWS::Partition' }, + ':ecr:', + { Ref: 'AWS::Region' }, + ':', + { Ref: 'AWS::AccountId' }, + ':repository/test-repo', + ]], + }, + })), + }, + }); + }); + + test('allows creating a build image from an existing cross-account ECR repository', () => { + const stack = new cdk.Stack(); + + const repository = ecr.Repository.fromRepositoryArn(stack, 'my-cross-acount-repo', 'arn:aws:ecr:us-east-1:585695036304:repository/foo/bar/foo/fooo'); + + new codebuild.Project(stack, 'Project', { + buildSpec: codebuild.BuildSpec.fromObject({ + version: '0.2', + phases: { + build: { commands: ['ls'] }, + }, + }), + environment: { + buildImage: codebuild.LinuxGpuBuildImage.fromEcrRepository(repository), + }, + }); + + expect(stack).toHaveResourceLike('AWS::CodeBuild::Project', { + Environment: { + ComputeType: 'BUILD_GENERAL1_LARGE', + Image: { + 'Fn::Join': ['', [ + '585695036304.dkr.ecr.', + { Ref: 'AWS::Region' }, + '.', + { Ref: 'AWS::URLSuffix' }, + '/foo/bar/foo/fooo:latest', + ]], + }, + }, + }); + + expect(stack).toHaveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: arrayWith(objectLike({ + Action: [ + 'ecr:BatchCheckLayerAvailability', + 'ecr:GetDownloadUrlForLayer', + 'ecr:BatchGetImage', + ], + Resource: { + 'Fn::Join': ['', [ + 'arn:', + { Ref: 'AWS::Partition' }, + ':ecr:', + { Ref: 'AWS::Region' }, + ':585695036304:repository/foo/bar/foo/fooo', + ]], + }, + })), + }, + }); + }); + }); }); diff --git a/packages/@aws-cdk/aws-ecr/lib/repository.ts b/packages/@aws-cdk/aws-ecr/lib/repository.ts index af8547ba5edaf..0511290e113a5 100644 --- a/packages/@aws-cdk/aws-ecr/lib/repository.ts +++ b/packages/@aws-cdk/aws-ecr/lib/repository.ts @@ -411,7 +411,9 @@ export class Repository extends RepositoryBase { } } - return new Import(scope, id); + return new Import(scope, id, { + environmentFromArn: repositoryArn, + }); } public static fromRepositoryName(scope: Construct, id: string, repositoryName: string): IRepository { From 1f570e84e48e157b36d84bfb8434e50484d7f3e2 Mon Sep 17 00:00:00 2001 From: Madeline Kusters <80541297+madeline-k@users.noreply.github.com> Date: Wed, 27 Oct 2021 22:28:55 -0700 Subject: [PATCH 32/40] chore(aws-applicationautoscaling): add unit tests to increase branch coverage (#17173) increasing branch coverage from 74/75% to 80% ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../test/scalable-target.test.ts | 107 +++++++++++++++--- .../test/{cron.test.ts => schedule.test.ts} | 15 +++ 2 files changed, 105 insertions(+), 17 deletions(-) rename packages/@aws-cdk/aws-applicationautoscaling/test/{cron.test.ts => schedule.test.ts} (79%) diff --git a/packages/@aws-cdk/aws-applicationautoscaling/test/scalable-target.test.ts b/packages/@aws-cdk/aws-applicationautoscaling/test/scalable-target.test.ts index 8628a8624468c..508ae3bb2c9e2 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/test/scalable-target.test.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/test/scalable-target.test.ts @@ -1,5 +1,6 @@ import '@aws-cdk/assert-internal/jest'; import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; +import * as iam from '@aws-cdk/aws-iam'; import * as cdk from '@aws-cdk/core'; import * as appscaling from '../lib'; import { createScalableTarget } from './util'; @@ -26,8 +27,6 @@ describe('scalable target', () => { MinCapacity: 1, MaxCapacity: 20, }); - - }); test('validation does not fail when using Tokens', () => { @@ -51,8 +50,6 @@ describe('scalable target', () => { MinCapacity: 10, MaxCapacity: 1, }); - - }); test('add scheduled scaling', () => { @@ -80,8 +77,6 @@ describe('scalable target', () => { }, ], }); - - }); test('step scaling on MathExpression', () => { @@ -136,21 +131,99 @@ describe('scalable target', () => { ], Threshold: 49, }); + }); + test('test service namespace enum', () => { + expect(appscaling.ServiceNamespace.APPSTREAM).toEqual('appstream'); + expect(appscaling.ServiceNamespace.COMPREHEND).toEqual('comprehend'); + expect(appscaling.ServiceNamespace.CUSTOM_RESOURCE).toEqual('custom-resource'); + expect(appscaling.ServiceNamespace.DYNAMODB).toEqual('dynamodb'); + expect(appscaling.ServiceNamespace.EC2).toEqual('ec2'); + expect(appscaling.ServiceNamespace.ECS).toEqual('ecs'); + expect(appscaling.ServiceNamespace.ELASTIC_MAP_REDUCE).toEqual('elasticmapreduce'); + expect(appscaling.ServiceNamespace.LAMBDA).toEqual('lambda'); + expect(appscaling.ServiceNamespace.RDS).toEqual('rds'); + expect(appscaling.ServiceNamespace.SAGEMAKER).toEqual('sagemaker'); + }); + test('create scalable target with negative minCapacity throws error', () => { + const stack = new cdk.Stack(); + expect(() => { + new appscaling.ScalableTarget(stack, 'Target', { + serviceNamespace: appscaling.ServiceNamespace.DYNAMODB, + scalableDimension: 'test:TestCount', + resourceId: 'test:this/test', + minCapacity: -1, + maxCapacity: 20, + }); + }).toThrow('minCapacity cannot be negative, got: -1'); }); - test('test service namespace enum', () => { - expect(appscaling.ServiceNamespace.APPSTREAM).toEqual( 'appstream'); - expect(appscaling.ServiceNamespace.COMPREHEND).toEqual( 'comprehend'); - expect(appscaling.ServiceNamespace.CUSTOM_RESOURCE).toEqual( 'custom-resource'); - expect(appscaling.ServiceNamespace.DYNAMODB).toEqual( 'dynamodb'); - expect(appscaling.ServiceNamespace.EC2).toEqual( 'ec2'); - expect(appscaling.ServiceNamespace.ECS).toEqual( 'ecs'); - expect(appscaling.ServiceNamespace.ELASTIC_MAP_REDUCE).toEqual( 'elasticmapreduce'); - expect(appscaling.ServiceNamespace.LAMBDA).toEqual( 'lambda'); - expect(appscaling.ServiceNamespace.RDS).toEqual( 'rds'); - expect(appscaling.ServiceNamespace.SAGEMAKER).toEqual( 'sagemaker'); + test('create scalable target with negative maxCapacity throws error', () => { + const stack = new cdk.Stack(); + expect(() => { + new appscaling.ScalableTarget(stack, 'Target', { + serviceNamespace: appscaling.ServiceNamespace.DYNAMODB, + scalableDimension: 'test:TestCount', + resourceId: 'test:this/test', + minCapacity: 1, + maxCapacity: -1, + }); + }).toThrow('maxCapacity cannot be negative, got: -1'); + }); + + test('create scalable target with maxCapacity less than minCapacity throws error', () => { + const stack = new cdk.Stack(); + expect(() => { + new appscaling.ScalableTarget(stack, 'Target', { + serviceNamespace: appscaling.ServiceNamespace.DYNAMODB, + scalableDimension: 'test:TestCount', + resourceId: 'test:this/test', + minCapacity: 2, + maxCapacity: 1, + }); + }).toThrow('minCapacity (2) should be lower than maxCapacity (1)'); + }); + test('create scalable target with custom role', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new appscaling.ScalableTarget(stack, 'Target', { + serviceNamespace: appscaling.ServiceNamespace.DYNAMODB, + scalableDimension: 'test:TestCount', + resourceId: 'test:this/test', + minCapacity: 1, + maxCapacity: 20, + role: new iam.Role(stack, 'Role', { + assumedBy: new iam.ServicePrincipal('test.amazonaws.com'), + }), + }); + + // THEN + expect(stack).toHaveResource('AWS::ApplicationAutoScaling::ScalableTarget', { + ServiceNamespace: 'dynamodb', + ScalableDimension: 'test:TestCount', + ResourceId: 'test:this/test', + MinCapacity: 1, + MaxCapacity: 20, + RoleARN: { + 'Fn::GetAtt': [ + 'Role1ABCC5F0', + 'Arn', + ], + }, + }); + }); + + test('add scheduled scaling with neither of min/maxCapacity defined throws error', () => { + const stack = new cdk.Stack(); + const target = createScalableTarget(stack); + expect(() => { + target.scaleOnSchedule('ScaleUp', { + schedule: appscaling.Schedule.rate(cdk.Duration.minutes(1)), + }); + }).toThrow(/You must supply at least one of minCapacity or maxCapacity, got/); }); }); diff --git a/packages/@aws-cdk/aws-applicationautoscaling/test/cron.test.ts b/packages/@aws-cdk/aws-applicationautoscaling/test/schedule.test.ts similarity index 79% rename from packages/@aws-cdk/aws-applicationautoscaling/test/cron.test.ts rename to packages/@aws-cdk/aws-applicationautoscaling/test/schedule.test.ts index b3c337883146c..6583be41f97c5 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/test/cron.test.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/test/schedule.test.ts @@ -11,7 +11,9 @@ describe('cron', () => { expect(appscaling.Schedule.cron({ hour: '18', minute: '24' }).expressionString).toEqual('cron(24 18 * * ? *)'); }); +}); +describe('rate', () => { test('rate must be whole number of minutes', () => { expect(() => { appscaling.Schedule.rate(Duration.minutes(0.13456)); @@ -53,3 +55,16 @@ describe('cron', () => { }); }); + +describe('expression', () => { + test('test using a literal schedule expression', () => { + expect(appscaling.Schedule.expression('cron(0 18 * * ? *)').expressionString).toEqual('cron(0 18 * * ? *)'); + + }); +}); + +describe('at', () => { + test('test using at with a specific Date', () => { + expect(appscaling.Schedule.at(new Date(2021, 10, 26)).expressionString).toEqual('at(2021-11-26T00:00:00)'); + }); +}); From c4ba858278bffe1a987ea8200c313f17f7f1cbe9 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 28 Oct 2021 12:02:52 +0200 Subject: [PATCH 33/40] chore: revert activate 'rosetta infuse' feature (#17207) The examples we copy into docblocks may contain block comments themselves. However, the docblock renderer does not escape the docblock *closing* text, so the doc block gets terminated early and compiling fails: ```java /** * Initialization props for the `NestedStack` construct. *

* Example: *

* 

{@code
 * // Example automatically generated. See https://github.com/aws/jsii/issues/826
 * import software.amazon.awscdk.core.App;
 * import software.amazon.awscdk.core.CfnOutput;
 * import software.amazon.awscdk.core.NestedStack;
 * import lib.RestApi;
 * import lib.Stage;
 * /**
 *  * This file showcases how to split up a RestApi's Resources and Methods across nested stacks.
 *  *
 *  * The root stack 'RootStack' first defines a RestApi.
 *  * Two nested stacks BooksStack and PetsStack, create corresponding Resources '/books' and '/pets'.
 *  * They are then deployed to a 'prod' Stage via a third nested stack - DeployStack.
 *  *
 *  * To verify this worked, go to the APIGateway
 *  */    <------------ OOOPS!
 * public class RootStack extends Stack {
 *     public RootStack(Construct scope) {
 *         super(scope, "integ-restapi-import-RootStack");
 *         RestApi restApi = RestApi.Builder.cre

```

Revert this until we can address the quoting issue.

Reverts aws/aws-cdk#17191
---
 pack.sh | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/pack.sh b/pack.sh
index 3c2d7dbce6c1a..168a17f972406 100755
--- a/pack.sh
+++ b/pack.sh
@@ -39,17 +39,12 @@ function lerna_scopes() {
 # Compile examples with respect to "decdk" directory, as all packages will
 # be symlinked there so they can all be included.
 echo "Extracting code samples" >&2
-$ROSETTA extract \
+node --experimental-worker $(which $ROSETTA) \
   --compile \
   --output samples.tabl.json \
   --directory packages/decdk \
   $(cat $TMPDIR/jsii.txt)
 
-echo "Infusing examples back into assemblies" >&2
-$ROSETTA infuse \
-  samples.tabl.json \
-  $(cat $TMPDIR/jsii.txt)
-
 # Jsii packaging (all at once using jsii-pacmak)
 echo "Packaging jsii modules" >&2
 $PACMAK \

From bc07cb0e383aa64280a9c7f8ac4870d296830cf7 Mon Sep 17 00:00:00 2001
From: Ryan Parker 
Date: Thu, 28 Oct 2021 04:10:15 -0700
Subject: [PATCH 34/40] feat(aws-route53-targets): Support for Elastic
 Beanstalk environment URLs (#16305)

## Summary

This PR adds a new Route53 target `ElasticBeanstalkEnvironmentTarget` for creating RecordSets that target Elastic Beanstalk environment URLs.

E.g.

```ts
const ebsEnvironmentUrl = 'mysampleenvironment.xyz.us-east-1.elasticbeanstalk.com';

new route53.ARecord(this, 'AliasRecord', {
	zone,
    target: route53.RecordTarget.fromAlias(new alias.ElasticBeanstalkEnvironmentTarget(ebsEnvironmentUrl)),
});
```

[How to find your Elastic Beanstalk environment URL](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-beanstalk-environment.html#routing-to-beanstalk-environment-get-domain-name)

Fixes: https://github.com/aws/aws-cdk/issues/3206


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 .../@aws-cdk/aws-route53-targets/README.md    | 11 +++++++
 .../elastic-beanstalk-environment-target.ts   | 33 +++++++++++++++++++
 .../@aws-cdk/aws-route53-targets/lib/index.ts |  1 +
 ...astic-beanstalk-environment-target.test.ts | 25 ++++++++++++++
 .../region-info/build-tools/fact-tables.ts    | 31 +++++++++++++++++
 .../build-tools/generate-static-data.ts       |  5 ++-
 packages/@aws-cdk/region-info/lib/fact.ts     |  5 +++
 .../@aws-cdk/region-info/lib/region-info.ts   |  7 ++++
 8 files changed, 117 insertions(+), 1 deletion(-)
 create mode 100644 packages/@aws-cdk/aws-route53-targets/lib/elastic-beanstalk-environment-target.ts
 create mode 100644 packages/@aws-cdk/aws-route53-targets/test/elastic-beanstalk-environment-target.test.ts

diff --git a/packages/@aws-cdk/aws-route53-targets/README.md b/packages/@aws-cdk/aws-route53-targets/README.md
index 07be5b2e363d0..6c703ad5adc8f 100644
--- a/packages/@aws-cdk/aws-route53-targets/README.md
+++ b/packages/@aws-cdk/aws-route53-targets/README.md
@@ -129,4 +129,15 @@ See [the Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGu
   });
   ```
 
+* Elastic Beanstalk environment:
+
+**Important:** Only supports Elastic Beanstalk environments created after 2016 that have a regional endpoint.
+
+  ```ts
+  new route53.ARecord(this, 'AliasRecord', {
+    zone,
+    target: route53.RecordTarget.fromAlias(new alias.ElasticBeanstalkEnvironmentEndpointTarget(ebsEnvironmentUrl)),
+  });
+  ```
+
 See the documentation of `@aws-cdk/aws-route53` for more information.
diff --git a/packages/@aws-cdk/aws-route53-targets/lib/elastic-beanstalk-environment-target.ts b/packages/@aws-cdk/aws-route53-targets/lib/elastic-beanstalk-environment-target.ts
new file mode 100644
index 0000000000000..ef48c2845c233
--- /dev/null
+++ b/packages/@aws-cdk/aws-route53-targets/lib/elastic-beanstalk-environment-target.ts
@@ -0,0 +1,33 @@
+import * as route53 from '@aws-cdk/aws-route53';
+import * as cdk from '@aws-cdk/core';
+import { RegionInfo } from '@aws-cdk/region-info';
+
+/**
+ * Use an Elastic Beanstalk environment URL as an alias record target.
+ * E.g. mysampleenvironment.xyz.us-east-1.elasticbeanstalk.com
+ *
+ * Only supports Elastic Beanstalk environments created after 2016 that have a regional endpoint.
+ */
+export class ElasticBeanstalkEnvironmentEndpointTarget implements route53.IAliasRecordTarget {
+  constructor(private readonly environmentEndpoint: string) {
+  }
+
+  public bind(_record: route53.IRecordSet, _zone?: route53.IHostedZone): route53.AliasRecordTargetConfig {
+    if (cdk.Token.isUnresolved(this.environmentEndpoint)) {
+      throw new Error('Cannot use an EBS alias as `environmentEndpoint`. You must find your EBS environment endpoint via the AWS console. See the Elastic Beanstalk developer guide: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html');
+    }
+
+    const dnsName = this.environmentEndpoint;
+    const region = cdk.Fn.select(2, cdk.Fn.split('.', dnsName));
+    const { ebsEnvEndpointHostedZoneId: hostedZoneId } = RegionInfo.get(region);
+
+    if (!hostedZoneId || !dnsName) {
+      throw new Error(`Elastic Beanstalk environment target is not supported for the "${region}" region.`);
+    }
+
+    return {
+      hostedZoneId,
+      dnsName,
+    };
+  }
+}
diff --git a/packages/@aws-cdk/aws-route53-targets/lib/index.ts b/packages/@aws-cdk/aws-route53-targets/lib/index.ts
index 92f1d9ee08d25..714719322b883 100644
--- a/packages/@aws-cdk/aws-route53-targets/lib/index.ts
+++ b/packages/@aws-cdk/aws-route53-targets/lib/index.ts
@@ -1,6 +1,7 @@
 export * from './api-gateway-domain-name';
 export * from './api-gatewayv2-domain-name';
 export * from './bucket-website-target';
+export * from './elastic-beanstalk-environment-target';
 export * from './classic-load-balancer-target';
 export * from './cloudfront-target';
 export * from './load-balancer-target';
diff --git a/packages/@aws-cdk/aws-route53-targets/test/elastic-beanstalk-environment-target.test.ts b/packages/@aws-cdk/aws-route53-targets/test/elastic-beanstalk-environment-target.test.ts
new file mode 100644
index 0000000000000..ed18f49362118
--- /dev/null
+++ b/packages/@aws-cdk/aws-route53-targets/test/elastic-beanstalk-environment-target.test.ts
@@ -0,0 +1,25 @@
+import '@aws-cdk/assert-internal/jest';
+import * as route53 from '@aws-cdk/aws-route53';
+import { Stack } from '@aws-cdk/core';
+import * as targets from '../lib';
+
+test('use EBS environment as record target', () => {
+  // GIVEN
+  const stack = new Stack();
+  const zone = new route53.PublicHostedZone(stack, 'HostedZone', { zoneName: 'test.public' });
+
+  // WHEN
+  new route53.ARecord(stack, 'Alias', {
+    zone,
+    recordName: '_foo',
+    target: route53.RecordTarget.fromAlias(new targets.ElasticBeanstalkEnvironmentEndpointTarget('mysampleenvironment.xyz.us-east-1.elasticbeanstalk.com')),
+  });
+
+  // THEN
+  expect(stack).toHaveResource('AWS::Route53::RecordSet', {
+    AliasTarget: {
+      DNSName: 'mysampleenvironment.xyz.us-east-1.elasticbeanstalk.com',
+      HostedZoneId: 'Z117KPS5GTRQ2G',
+    },
+  });
+});
diff --git a/packages/@aws-cdk/region-info/build-tools/fact-tables.ts b/packages/@aws-cdk/region-info/build-tools/fact-tables.ts
index 0e1f923dc2a02..6d95f24e5a7e8 100644
--- a/packages/@aws-cdk/region-info/build-tools/fact-tables.ts
+++ b/packages/@aws-cdk/region-info/build-tools/fact-tables.ts
@@ -72,6 +72,37 @@ export const ROUTE_53_BUCKET_WEBSITE_ZONE_IDS: { [region: string]: string } = {
   'us-west-2': 'Z3BJ6K6RIION7M',
 };
 
+/**
+ * The hosted zone Id of the Elastic Beanstalk environment.
+ *
+ * @see https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html
+ */
+export const EBS_ENV_ENDPOINT_HOSTED_ZONE_IDS: { [region: string]: string } = {
+  'af-south-1': 'Z1EI3BVKMKK4AM',
+  'ap-east-1': 'ZPWYUBWRU171A',
+  'ap-northeast-1': 'Z1R25G3KIG2GBW',
+  'ap-northeast-2': 'Z3JE5OI70TWKCP',
+  'ap-northeast-3': 'ZNE5GEY1TIAGY',
+  'ap-south-1': 'Z18NTBI3Y7N9TZ',
+  'ap-southeast-1': 'Z16FZ9L249IFLT',
+  'ap-southeast-2': 'Z2PCDNR3VC2G1N',
+  'ca-central-1': 'ZJFCZL7SSZB5I',
+  'eu-central-1': 'Z1FRNW7UH4DEZJ',
+  'eu-north-1': 'Z23GO28BZ5AETM',
+  'eu-south-1': 'Z10VDYYOA2JFKM',
+  'eu-west-1': 'Z2NYPWQ7DFZAZH',
+  'eu-west-2': 'Z1GKAAAUGATPF1',
+  'eu-west-3': 'Z5WN6GAYWG5OB',
+  'me-south-1': 'Z2BBTEKR2I36N2',
+  'sa-east-1': 'Z10X7K2B4QSOFV',
+  'us-east-1': 'Z117KPS5GTRQ2G',
+  'us-east-2': 'Z14LCN19Q5QHIC',
+  'us-gov-east-1': 'Z35TSARG0EJ4VU',
+  'us-gov-west-1': 'Z4KAURWC4UUUG',
+  'us-west-1': 'Z1LQECGX5PH1X',
+  'us-west-2': 'Z38NKT9BP95V3O',
+};
+
 interface Region { partition: string, domainSuffix: string }
 
 export const PARTITION_MAP: { [region: string]: Region } = {
diff --git a/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts b/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts
index dd42309b78c8a..006de89d3994d 100644
--- a/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts
+++ b/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts
@@ -4,7 +4,7 @@ import { Default } from '../lib/default';
 import { AWS_REGIONS, AWS_SERVICES } from './aws-entities';
 import {
   APPMESH_ECR_ACCOUNTS, AWS_CDK_METADATA, AWS_OLDER_REGIONS, CLOUDWATCH_LAMBDA_INSIGHTS_ARNS, DLC_REPOSITORY_ACCOUNTS,
-  ELBV2_ACCOUNTS, FIREHOSE_CIDR_BLOCKS, PARTITION_MAP, ROUTE_53_BUCKET_WEBSITE_ZONE_IDS,
+  ELBV2_ACCOUNTS, FIREHOSE_CIDR_BLOCKS, PARTITION_MAP, ROUTE_53_BUCKET_WEBSITE_ZONE_IDS, EBS_ENV_ENDPOINT_HOSTED_ZONE_IDS,
 } from './fact-tables';
 
 async function main(): Promise {
@@ -57,6 +57,9 @@ async function main(): Promise {
 
     registerFact(region, 'S3_STATIC_WEBSITE_ZONE_53_HOSTED_ZONE_ID', ROUTE_53_BUCKET_WEBSITE_ZONE_IDS[region] || '');
 
+    registerFact(region, 'EBS_ENV_ENDPOINT_HOSTED_ZONE_ID', EBS_ENV_ENDPOINT_HOSTED_ZONE_IDS[region] || '');
+
+
     registerFact(region, 'ELBV2_ACCOUNT', ELBV2_ACCOUNTS[region]);
 
     registerFact(region, 'DLC_REPOSITORY_ACCOUNT', DLC_REPOSITORY_ACCOUNTS[region]);
diff --git a/packages/@aws-cdk/region-info/lib/fact.ts b/packages/@aws-cdk/region-info/lib/fact.ts
index c099aced9fd55..8d4e33802be43 100644
--- a/packages/@aws-cdk/region-info/lib/fact.ts
+++ b/packages/@aws-cdk/region-info/lib/fact.ts
@@ -128,6 +128,11 @@ export class FactName {
    */
   public static readonly S3_STATIC_WEBSITE_ZONE_53_HOSTED_ZONE_ID = 's3-static-website:route-53-hosted-zone-id';
 
+  /**
+   * The hosted zone ID used by Route 53 to alias a EBS environment endpoint in this region (e.g: Z2O1EMRO9K5GLX)
+   */
+  public static readonly EBS_ENV_ENDPOINT_HOSTED_ZONE_ID = 'ebs-environment:route-53-hosted-zone-id';
+
   /**
    * The prefix for VPC Endpoint Service names,
    * cn.com.amazonaws.vpce for China regions,
diff --git a/packages/@aws-cdk/region-info/lib/region-info.ts b/packages/@aws-cdk/region-info/lib/region-info.ts
index baa2c43635892..3482acf66b9a1 100644
--- a/packages/@aws-cdk/region-info/lib/region-info.ts
+++ b/packages/@aws-cdk/region-info/lib/region-info.ts
@@ -77,6 +77,13 @@ export class RegionInfo {
     return Fact.find(this.name, FactName.S3_STATIC_WEBSITE_ZONE_53_HOSTED_ZONE_ID);
   }
 
+  /**
+  * The hosted zone ID used by Route 53 to alias a EBS environment endpoint in this region (e.g: Z2O1EMRO9K5GLX)
+  */
+  public get ebsEnvEndpointHostedZoneId(): string | undefined {
+    return Fact.find(this.name, FactName.EBS_ENV_ENDPOINT_HOSTED_ZONE_ID);
+  }
+
   /**
    * The prefix for VPC Endpoint Service names,
    * cn.com.amazonaws.vpce for China regions,

From c24af54946d3668afa596dbf2a776b7cf21f8a99 Mon Sep 17 00:00:00 2001
From: Zack Ganger 
Date: Thu, 28 Oct 2021 08:08:20 -0400
Subject: [PATCH 35/40] feat(ec2): VPC endpoint for AWS Xray  (#16788)

Adds a static instance of InterfaceVpcEndpointAwsService for Xray to simplify creation of endpoints for users. VPC endpoint support for XRay was [launched](https://aws.amazon.com/about-aws/whats-new/2021/05/aws-x-ray-now-supports-vpc-endpoints/) in May.

Modeled this addition on #16306

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts | 1 +
 packages/@aws-cdk/aws-ec2/package.json        | 1 +
 2 files changed, 2 insertions(+)

diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts
index 3282da410d09a..00c59bbd2a022 100644
--- a/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts
+++ b/packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts
@@ -309,6 +309,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
   public static readonly STEP_FUNCTIONS = new InterfaceVpcEndpointAwsService('states');
   public static readonly LAMBDA = new InterfaceVpcEndpointAwsService('lambda');
   public static readonly TRANSCRIBE = new InterfaceVpcEndpointAwsService('transcribe');
+  public static readonly XRAY = new InterfaceVpcEndpointAwsService('xray');
 
   /**
    * The name of the service.
diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json
index b7ea820e221b5..6cf7d368e25a2 100644
--- a/packages/@aws-cdk/aws-ec2/package.json
+++ b/packages/@aws-cdk/aws-ec2/package.json
@@ -262,6 +262,7 @@
       "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.STEP_FUNCTIONS",
       "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.LAMBDA",
       "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.TRANSCRIBE",
+      "docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.XRAY",
       "docs-public-apis:@aws-cdk/aws-ec2.Port.toString",
       "docs-public-apis:@aws-cdk/aws-ec2.PrivateSubnet.fromPrivateSubnetAttributes",
       "docs-public-apis:@aws-cdk/aws-ec2.PublicSubnet.fromPublicSubnetAttributes",

From 0318253b423bb65ca7e6bf65411df767f2734296 Mon Sep 17 00:00:00 2001
From: Christian Moore 
Date: Thu, 28 Oct 2021 09:03:53 -0400
Subject: [PATCH 36/40] feat(ec2): add c5ad instances (#16428)

Innocuous addition of c5ad instance class

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/@aws-cdk/aws-ec2/lib/instance-types.ts | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
index 97d3d03e55219..4f81f970bf2db 100644
--- a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
+++ b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
@@ -213,6 +213,11 @@ export enum InstanceClass {
    */
   COMPUTE5_NVME_DRIVE = 'c5d',
 
+  /**
+   * Compute optimized instances with local NVME drive, 5th generation
+   */
+  C5D = 'c5d',
+
   /**
    * Compute optimized instances based on AMD EPYC, 5th generation.
    */
@@ -224,9 +229,14 @@ export enum InstanceClass {
   C5A = 'c5a',
 
   /**
-   * Compute optimized instances with local NVME drive, 5th generation
+   * Compute optimized instances with local NVME drive based on AMD EPYC, 5th generation.
    */
-  C5D = 'c5d',
+  COMPUTE5_AMD_NVME_DRIVE = 'c5ad',
+
+  /**
+   * Compute optimized instances with local NVME drive based on AMD EPYC, 5th generation.
+   */
+  C5AD = 'c5ad',
 
   /**
    * Compute optimized instances for high performance computing, 5th generation

From 4b32a25fd118c48999d81c5d4021a55142599cf6 Mon Sep 17 00:00:00 2001
From: Rico Huijbers 
Date: Thu, 28 Oct 2021 15:58:14 +0200
Subject: [PATCH 37/40] chore: disable 'rosetta strict' for all packages
 (#17211)

Currently, `strict` mode in Rosetta will fail the build in the pipeline
without failing the build in a PR review.

This causes unpredictable stoppages in our pipeline that we cannot
afford, so we're disabling the feature for now.

Strict mode will be re-enabled as soon as we are able to add Rosetta
checks to PR reviews.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/@aws-cdk/assertions/package.json                       | 2 +-
 packages/@aws-cdk/aws-kinesisfirehose-destinations/package.json | 2 +-
 packages/@aws-cdk/aws-redshift/package.json                     | 2 +-
 packages/@aws-cdk/cloud-assembly-schema/package.json            | 2 +-
 packages/@aws-cdk/cx-api/package.json                           | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/packages/@aws-cdk/assertions/package.json b/packages/@aws-cdk/assertions/package.json
index ac9a08ae297d6..2fe93a7d79d86 100644
--- a/packages/@aws-cdk/assertions/package.json
+++ b/packages/@aws-cdk/assertions/package.json
@@ -50,7 +50,7 @@
     "metadata": {
       "jsii": {
         "rosetta": {
-          "strict": true
+          "strict": false
         }
       }
     }
diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations/package.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations/package.json
index 36c981f2c54cd..6f1d68d6cedb3 100644
--- a/packages/@aws-cdk/aws-kinesisfirehose-destinations/package.json
+++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations/package.json
@@ -32,7 +32,7 @@
     "metadata": {
       "jsii": {
         "rosetta": {
-          "strict": true
+          "strict": false
         }
       }
     }
diff --git a/packages/@aws-cdk/aws-redshift/package.json b/packages/@aws-cdk/aws-redshift/package.json
index d6ed1ff2f96ca..02fb952ab4c41 100644
--- a/packages/@aws-cdk/aws-redshift/package.json
+++ b/packages/@aws-cdk/aws-redshift/package.json
@@ -32,7 +32,7 @@
     "metadata": {
       "jsii": {
         "rosetta": {
-          "strict": true
+          "strict": false
         }
       }
     }
diff --git a/packages/@aws-cdk/cloud-assembly-schema/package.json b/packages/@aws-cdk/cloud-assembly-schema/package.json
index e6aee07a67f09..11226b0f1521a 100644
--- a/packages/@aws-cdk/cloud-assembly-schema/package.json
+++ b/packages/@aws-cdk/cloud-assembly-schema/package.json
@@ -32,7 +32,7 @@
     "metadata": {
       "jsii": {
         "rosetta": {
-          "strict": true
+          "strict": false
         }
       }
     }
diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json
index 8d4293f2b5ee4..0a92e1c3492b6 100644
--- a/packages/@aws-cdk/cx-api/package.json
+++ b/packages/@aws-cdk/cx-api/package.json
@@ -32,7 +32,7 @@
     "metadata": {
       "jsii": {
         "rosetta": {
-          "strict": true
+          "strict": false
         }
       }
     }

From 6e13adc281722a491c0708954d7ed637ad45033b Mon Sep 17 00:00:00 2001
From: Vishal Gupta 
Date: Thu, 28 Oct 2021 07:52:44 -0700
Subject: [PATCH 38/40] feat(ec2): include p4d instance class (#17147)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Instance class is missing p4d instance class. This PR adds that instance class.
---
 packages/@aws-cdk/aws-ec2/lib/instance-types.ts | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
index 4f81f970bf2db..a2c5ccdadc760 100644
--- a/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
+++ b/packages/@aws-cdk/aws-ec2/lib/instance-types.ts
@@ -452,10 +452,20 @@ export enum InstanceClass {
   PARALLEL3 = 'p3',
 
   /**
-   * Parallel-processing optimized instances, 3nd generation
+   * Parallel-processing optimized instances, 3rd generation
    */
   P3 = 'p3',
 
+  /**
+   * Parallel-processing optimized instances, 4th generation
+   */
+  PARALLEL4 = 'p4d',
+
+  /**
+   * Parallel-processing optimized instances, 4th generation
+   */
+  P4D = 'p4d',
+
   /**
    * Arm processor based instances, 1st generation
    */

From f7e68e9d1cbeb9882e38d91eec1ff19f58da6f1a Mon Sep 17 00:00:00 2001
From: Kyle Roach 
Date: Thu, 28 Oct 2021 11:47:13 -0400
Subject: [PATCH 39/40] chore(apigateway): specify description on `addApiKey()`
 (#17107)

Previously defining a description was not possible when using `addApiKey` method.

This PR enables this by moving the description field to ApiKeyOptions.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/@aws-cdk/aws-apigateway/lib/api-key.ts | 14 +++++++-------
 .../aws-apigateway/test/api-key.test.ts         | 17 +++++++++++++++++
 2 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/packages/@aws-cdk/aws-apigateway/lib/api-key.ts b/packages/@aws-cdk/aws-apigateway/lib/api-key.ts
index f48a01193385f..a8065430fef4c 100644
--- a/packages/@aws-cdk/aws-apigateway/lib/api-key.ts
+++ b/packages/@aws-cdk/aws-apigateway/lib/api-key.ts
@@ -40,6 +40,13 @@ export interface ApiKeyOptions extends ResourceOptions {
    * @default none
    */
   readonly value?: string;
+
+  /**
+   * A description of the purpose of the API key.
+   * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html#cfn-apigateway-apikey-description
+   * @default none
+   */
+  readonly description?: string;
 }
 
 /**
@@ -59,13 +66,6 @@ export interface ApiKeyProps extends ApiKeyOptions {
    */
   readonly customerId?: string;
 
-  /**
-   * A description of the purpose of the API key.
-   * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html#cfn-apigateway-apikey-description
-   * @default none
-   */
-  readonly description?: string;
-
   /**
    * Indicates whether the API key can be used by clients.
    * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html#cfn-apigateway-apikey-enabled
diff --git a/packages/@aws-cdk/aws-apigateway/test/api-key.test.ts b/packages/@aws-cdk/aws-apigateway/test/api-key.test.ts
index f4f348a2a3d23..6fee9378f1217 100644
--- a/packages/@aws-cdk/aws-apigateway/test/api-key.test.ts
+++ b/packages/@aws-cdk/aws-apigateway/test/api-key.test.ts
@@ -41,6 +41,23 @@ describe('api key', () => {
     });
   });
 
+  test('add description to apiKey', () => {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const api = new apigateway.RestApi(stack, 'test-api');
+    api.root.addMethod('GET'); // api must have atleast one method.
+
+    // WHEN
+    api.addApiKey('my-api-key', {
+      description: 'The most secret api key',
+    });
+
+    // THEN
+    expect(stack).toHaveResource('AWS::ApiGateway::ApiKey', {
+      Description: 'The most secret api key',
+    });
+  });
+
   test('use an imported api key', () => {
     // GIVEN
     const stack = new cdk.Stack();

From 7f194000697b85deb410ae0d7f7d4ac3c2654bcc Mon Sep 17 00:00:00 2001
From: Mario Viens 
Date: Thu, 28 Oct 2021 09:40:40 -0700
Subject: [PATCH 40/40] docs(assert): clarify assert library use with monocdk.
 (#17202)

Using monocdk with the @aws-cdk/assert creates problems. I initially was going to create a PR to fix the problem it created (some circular dependency unravelling which JSON.stringify fails on, along with alarms not actually being found to be added to the stack I was testing), but instead I found this is what we should use instead, which this readme update would have saved me a lot of time troubleshooting.

This I believe should put this line right below the quote section in the top of both https://www.npmjs.com/package/@aws-cdk/assert and https://www.npmjs.com/package/@monocdk-experiment/assert

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/@aws-cdk/assert-internal/README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/@aws-cdk/assert-internal/README.md b/packages/@aws-cdk/assert-internal/README.md
index 9256b46d2b154..ae72469dc59e2 100644
--- a/packages/@aws-cdk/assert-internal/README.md
+++ b/packages/@aws-cdk/assert-internal/README.md
@@ -11,6 +11,8 @@
 > announced in the release notes. This means that while you may use them, you may need to update
 > your source code when upgrading to a newer version of this package.
 
+If using monocdk, use [@monocdk-experiment/assert](https://www.npmjs.com/package/@monocdk-experiment/assert) instead.
+
 ---