diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json new file mode 100644 index 0000000000000..87dfbae32bf67 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "IntegTestDefaultTestDeployAssertE3E7D2A4.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/IntegTestDefaultTestDeployAssertE3E7D2A4.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.assets.json new file mode 100644 index 0000000000000..8f7c454fad3a8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "1f0b70fee539164daa39552cb9c3732db76af1ca7fe9fb500018562a9d713f85": { + "source": { + "path": "aws-stepfunctions-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "1f0b70fee539164daa39552cb9c3732db76af1ca7fe9fb500018562a9d713f85.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.template.json new file mode 100644 index 0000000000000..530ce2193a3b1 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/aws-stepfunctions-integ.template.json @@ -0,0 +1,163 @@ +{ + "Resources": { + "LogGroupF5B46931": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "StateMachineWithLoggingALLRole0984788E": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachineWithLoggingALLRoleDefaultPolicy12972CD9": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogDelivery", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "StateMachineWithLoggingALLRoleDefaultPolicy12972CD9", + "Roles": [ + { + "Ref": "StateMachineWithLoggingALLRole0984788E" + } + ] + } + }, + "StateMachineWithLoggingALL687B0F0F": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": "{\"StartAt\":\"Pass\",\"States\":{\"Pass\":{\"Type\":\"Pass\",\"End\":true}}}", + "LoggingConfiguration": { + "Destinations": [ + { + "CloudWatchLogsLogGroup": { + "LogGroupArn": { + "Fn::GetAtt": [ + "LogGroupF5B46931", + "Arn" + ] + } + } + } + ], + "Level": "ALL" + }, + "RoleArn": { + "Fn::GetAtt": [ + "StateMachineWithLoggingALLRole0984788E", + "Arn" + ] + } + }, + "DependsOn": [ + "StateMachineWithLoggingALLRoleDefaultPolicy12972CD9", + "StateMachineWithLoggingALLRole0984788E" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "StateMachineWithLoggingOFFRole726E8117": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachineWithLoggingOFFF82B7349": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": "{\"StartAt\":\"Pass\",\"States\":{\"Pass\":{\"Type\":\"Pass\",\"End\":true}}}", + "LoggingConfiguration": { + "Level": "OFF" + }, + "RoleArn": { + "Fn::GetAtt": [ + "StateMachineWithLoggingOFFRole726E8117", + "Arn" + ] + } + }, + "DependsOn": [ + "StateMachineWithLoggingOFFRole726E8117" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/integ.json new file mode 100644 index 0000000000000..bcdcfee1e9edd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "IntegTest/DefaultTest": { + "stacks": [ + "aws-stepfunctions-integ" + ], + "assertionStack": "IntegTest/DefaultTest/DeployAssert", + "assertionStackName": "IntegTestDefaultTestDeployAssertE3E7D2A4" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/manifest.json new file mode 100644 index 0000000000000..df977409d080e --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/manifest.json @@ -0,0 +1,143 @@ +{ + "version": "36.0.0", + "artifacts": { + "aws-stepfunctions-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-stepfunctions-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-stepfunctions-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-stepfunctions-integ.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1f0b70fee539164daa39552cb9c3732db76af1ca7fe9fb500018562a9d713f85.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-stepfunctions-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-stepfunctions-integ.assets" + ], + "metadata": { + "/aws-stepfunctions-integ/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LogGroupF5B46931" + } + ], + "/aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineWithLoggingALLRole0984788E" + } + ], + "/aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineWithLoggingALLRoleDefaultPolicy12972CD9" + } + ], + "/aws-stepfunctions-integ/StateMachineWithLoggingALL/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineWithLoggingALL687B0F0F" + } + ], + "/aws-stepfunctions-integ/StateMachineWithLoggingOFF/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineWithLoggingOFFRole726E8117" + } + ], + "/aws-stepfunctions-integ/StateMachineWithLoggingOFF/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineWithLoggingOFFF82B7349" + } + ], + "/aws-stepfunctions-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-stepfunctions-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-stepfunctions-integ" + }, + "IntegTestDefaultTestDeployAssertE3E7D2A4.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IntegTestDefaultTestDeployAssertE3E7D2A4.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IntegTestDefaultTestDeployAssertE3E7D2A4": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegTestDefaultTestDeployAssertE3E7D2A4.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IntegTestDefaultTestDeployAssertE3E7D2A4.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IntegTestDefaultTestDeployAssertE3E7D2A4.assets" + ], + "metadata": { + "/IntegTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/IntegTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "IntegTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/tree.json new file mode 100644 index 0000000000000..8238ab82b00f8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.js.snapshot/tree.json @@ -0,0 +1,337 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-stepfunctions-integ": { + "id": "aws-stepfunctions-integ", + "path": "aws-stepfunctions-integ", + "children": { + "LogGroup": { + "id": "LogGroup", + "path": "aws-stepfunctions-integ/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": { + "retentionInDays": 731 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.LogGroup", + "version": "0.0.0" + } + }, + "StateMachineWithLoggingALL": { + "id": "StateMachineWithLoggingALL", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL", + "children": { + "Role": { + "id": "Role", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogDelivery", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "StateMachineWithLoggingALLRoleDefaultPolicy12972CD9", + "roles": [ + { + "Ref": "StateMachineWithLoggingALLRole0984788E" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingALL/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": "{\"StartAt\":\"Pass\",\"States\":{\"Pass\":{\"Type\":\"Pass\",\"End\":true}}}", + "loggingConfiguration": { + "destinations": [ + { + "cloudWatchLogsLogGroup": { + "logGroupArn": { + "Fn::GetAtt": [ + "LogGroupF5B46931", + "Arn" + ] + } + } + } + ], + "level": "ALL" + }, + "roleArn": { + "Fn::GetAtt": [ + "StateMachineWithLoggingALLRole0984788E", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" + } + }, + "StateMachineWithLoggingOFF": { + "id": "StateMachineWithLoggingOFF", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingOFF", + "children": { + "Role": { + "id": "Role", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingOFF/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingOFF/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingOFF/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-integ/StateMachineWithLoggingOFF/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": "{\"StartAt\":\"Pass\",\"States\":{\"Pass\":{\"Type\":\"Pass\",\"End\":true}}}", + "loggingConfiguration": { + "level": "OFF" + }, + "roleArn": { + "Fn::GetAtt": [ + "StateMachineWithLoggingOFFRole726E8117", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-stepfunctions-integ/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-stepfunctions-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "IntegTest": { + "id": "IntegTest", + "path": "IntegTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "IntegTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "IntegTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "IntegTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "IntegTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "IntegTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.ts new file mode 100644 index 0000000000000..945c6170d9bbb --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions/test/integ.state-machine-logging.ts @@ -0,0 +1,32 @@ +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as cdk from 'aws-cdk-lib'; +import * as logs from 'aws-cdk-lib/aws-logs'; +import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; +/* + * Stack verification steps: + * + * -- aws stepfunctions describe-state-machine --state-machine-arn has a status of `ACTIVE` + * -- aws iam get-role-policy --role-name --policy-name has logging permissions. + */ +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-stepfunctions-integ'); + +const logGroup = new logs.LogGroup(stack, 'LogGroup', { + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); + +new sfn.StateMachine(stack, 'StateMachineWithLoggingALL', { + definitionBody: sfn.DefinitionBody.fromString('{"StartAt":"Pass","States":{"Pass":{"Type":"Pass","End":true}}}'), + logs: { destination: logGroup, level: sfn.LogLevel.ALL }, +}); + +new sfn.StateMachine(stack, 'StateMachineWithLoggingOFF', { + definitionBody: sfn.DefinitionBody.fromString('{"StartAt":"Pass","States":{"Pass":{"Type":"Pass","End":true}}}'), + logs: { level: sfn.LogLevel.OFF }, +}); + +new IntegTest(app, 'IntegTest', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts b/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts index 5fea9d8ab09e4..395ec11fde3aa 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts @@ -63,8 +63,10 @@ export enum LogLevel { export interface LogOptions { /** * The log group where the execution history events will be logged. + * + * @default No log group. Required if your log level is not set to OFF. */ - readonly destination: logs.ILogGroup; + readonly destination?: logs.ILogGroup; /** * Determines whether execution data is included in your log. @@ -444,6 +446,9 @@ export class StateMachine extends StateMachineBase { if (props.stateMachineName !== undefined) { this.validateStateMachineName(props.stateMachineName); } + if (props.logs) { + this.validateLogOptions(props.logs); + } this.role = props.role || new iam.Role(this, 'Role', { assumedBy: new iam.ServicePrincipal('states.amazonaws.com'), @@ -560,27 +565,38 @@ export class StateMachine extends StateMachineBase { } } + private validateLogOptions(logOptions: LogOptions) { + if (logOptions.level !== LogLevel.OFF && !logOptions.destination) { + throw new Error('Logs destination is required when level is not OFF.'); + } + } + private buildLoggingConfiguration(logOptions: LogOptions): CfnStateMachine.LoggingConfigurationProperty { - // https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html#cloudwatch-iam-policy - this.addToRolePolicy(new iam.PolicyStatement({ - effect: iam.Effect.ALLOW, - actions: [ - 'logs:CreateLogDelivery', - 'logs:GetLogDelivery', - 'logs:UpdateLogDelivery', - 'logs:DeleteLogDelivery', - 'logs:ListLogDeliveries', - 'logs:PutResourcePolicy', - 'logs:DescribeResourcePolicies', - 'logs:DescribeLogGroups', - ], - resources: ['*'], - })); + let destinations; - return { - destinations: [{ + if (logOptions.destination) { + // https://docs.aws.amazon.com/step-functions/latest/dg/cw-logs.html#cloudwatch-iam-policy + this.addToRolePolicy(new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + actions: [ + 'logs:CreateLogDelivery', + 'logs:GetLogDelivery', + 'logs:UpdateLogDelivery', + 'logs:DeleteLogDelivery', + 'logs:ListLogDeliveries', + 'logs:PutResourcePolicy', + 'logs:DescribeResourcePolicies', + 'logs:DescribeLogGroups', + ], + resources: ['*'], + })); + destinations = [{ cloudWatchLogsLogGroup: { logGroupArn: logOptions.destination.logGroupArn }, - }], + }]; + } + + return { + destinations, includeExecutionData: logOptions.includeExecutionData, level: logOptions.level || 'ERROR', }; diff --git a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts index bacb2308bbe6a..ad9323d9b2acc 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions/test/state-machine.test.ts @@ -309,6 +309,37 @@ describe('State Machine', () => { }); }); + test('log configuration with level OFF', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new sfn.StateMachine(stack, 'MyStateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(sfn.Chain.start(new sfn.Pass(stack, 'Pass'))), + logs: { level: sfn.LogLevel.OFF }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::StepFunctions::StateMachine', { + DefinitionString: '{"StartAt":"Pass","States":{"Pass":{"Type":"Pass","End":true}}}', + LoggingConfiguration: { + Level: 'OFF', + }, + }); + }); + + test('log configuration throws when no destination specified', () => { + // GIVEN + const stack = new cdk.Stack(); + + expect(() => { + new sfn.StateMachine(stack, 'MyStateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(sfn.Chain.start(new sfn.Pass(stack, 'Pass'))), + logs: { level: sfn.LogLevel.ERROR }, + }); + }).toThrow('Logs destination is required when level is not OFF.'); + }); + test('tracing configuration', () => { // GIVEN const stack = new cdk.Stack();