From 8dbba1816823c831bc5663f0751c36fbc4253653 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 23 Jul 2024 06:29:00 +0900 Subject: [PATCH 1/7] add setAcceptanceRequired --- .../aws-ec2/lib/vpc-endpoint-service.ts | 11 ++++++-- .../aws-ec2/test/vpc-endpoint-service.test.ts | 27 +++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts index 0e611adc996cc..492e40a3b5b02 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts @@ -1,7 +1,7 @@ import { Construct } from 'constructs'; import { CfnVPCEndpointService, CfnVPCEndpointServicePermissions } from './ec2.generated'; import { ArnPrincipal } from '../../aws-iam'; -import { Aws, Fn, IResource, Resource, Stack, Token } from '../../core'; +import { Aws, Fn, IResource, Lazy, Resource, Stack, Token } from '../../core'; import { RegionInfo } from '../../region-info'; /** @@ -118,7 +118,7 @@ export class VpcEndpointService extends Resource implements IVpcEndpointService this.endpointService = new CfnVPCEndpointService(this, id, { networkLoadBalancerArns: this.vpcEndpointServiceLoadBalancers.map(lb => lb.loadBalancerArn), - acceptanceRequired: this.acceptanceRequired, + acceptanceRequired: Lazy.any({ produce: () => this.acceptanceRequired }), contributorInsightsEnabled: this.contributorInsightsEnabled, }); @@ -137,6 +137,13 @@ export class VpcEndpointService extends Resource implements IVpcEndpointService }); } } + + /** + * Sets the acceptance required for the VPC Endpoint Service. + */ + public setAcceptanceRequired(acceptanceRequired: boolean) { + this.endpointService.acceptanceRequired = acceptanceRequired; + } } /** diff --git a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts index 5ffc11c5025e2..048323337d983 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts @@ -129,6 +129,33 @@ describe('vpc endpoint service', () => { }); + test('with acceptance required set by `setAcceptanceRequired`', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const lb = new DummyEndpointLoadBalacer('arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/Test/9bn6qkf4e9jrw77a'); + const service = new VpcEndpointService(stack, 'EndpointService', { + vpcEndpointServiceLoadBalancers: [lb], + allowedPrincipals: [new ArnPrincipal('arn:aws:iam::123456789012:root')], + acceptanceRequired: true, + }); + service.setAcceptanceRequired(false); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpointService', { + NetworkLoadBalancerArns: ['arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/Test/9bn6qkf4e9jrw77a'], + AcceptanceRequired: false, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpointServicePermissions', { + ServiceId: { + Ref: 'EndpointServiceED36BE1F', + }, + AllowedPrincipals: ['arn:aws:iam::123456789012:root'], + }); + }); + test('with contributor insights enabled', () => { // GIVEN const stack = new Stack(); From 8920efddda29756f34c8c0992da755116339c7c5 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 23 Jul 2024 06:33:47 +0900 Subject: [PATCH 2/7] update integ --- .../test/aws-ec2/test/integ.vpc-endpoint-service.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts index 508f81a528dfd..64a77cc735b93 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts @@ -13,11 +13,12 @@ class TestStack extends cdk.Stack { const loadBalancer = new elbv2.NetworkLoadBalancer(this, 'NLB', { vpc }); - new ec2.VpcEndpointService(this, 'vpcEndpointService', { + const service = new ec2.VpcEndpointService(this, 'vpcEndpointService', { vpcEndpointServiceLoadBalancers: [loadBalancer], - acceptanceRequired: true, + acceptanceRequired: false, contributorInsights: true, }); + service.setAcceptanceRequired(true); } } From af75fe68de09bd0cb0f2ef74042dbe068a8edace Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 23 Jul 2024 06:50:46 +0900 Subject: [PATCH 3/7] update integ tests --- .../TestStackLoadBalancer.assets.json | 4 +- .../TestStackLoadBalancer.template.json | 2 +- .../manifest.json | 2 +- .../tree.json | 194 +++++++++--------- .../test/integ.vpc-endpoint-service.ts | 4 +- packages/aws-cdk-lib/aws-ec2/README.md | 11 + 6 files changed, 114 insertions(+), 103 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.assets.json index 66c27f15a0150..92812ccb9c744 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.assets.json @@ -14,7 +14,7 @@ } } }, - "0be03344ff0a7f0148d6c71c551b021ab6ded967d68f471f125be5cda63fc65d": { + "5f0a3fa3c0e936a7d0fcb82b0860c69c03dde88d33ca4e1135cd990086740194": { "source": { "path": "TestStackLoadBalancer.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0be03344ff0a7f0148d6c71c551b021ab6ded967d68f471f125be5cda63fc65d.json", + "objectKey": "5f0a3fa3c0e936a7d0fcb82b0860c69c03dde88d33ca4e1135cd990086740194.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.template.json index ffda13c0709e6..b9d7098f84314 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/TestStackLoadBalancer.template.json @@ -503,7 +503,7 @@ "vpcEndpointService08751094": { "Type": "AWS::EC2::VPCEndpointService", "Properties": { - "AcceptanceRequired": true, + "AcceptanceRequired": false, "ContributorInsightsEnabled": true, "NetworkLoadBalancerArns": [ { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json index a238507d02a45..a474f63d22e7a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0be03344ff0a7f0148d6c71c551b021ab6ded967d68f471f125be5cda63fc65d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/5f0a3fa3c0e936a7d0fcb82b0860c69c03dde88d33ca4e1135cd990086740194.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/tree.json index 59336e2cf93bf..83883e0dab40c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.js.snapshot/tree.json @@ -31,8 +31,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "PublicSubnet1": { @@ -75,16 +75,16 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Acl": { "id": "Acl", "path": "TestStackLoadBalancer/Vpc/PublicSubnet1/Acl", "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTable": { @@ -105,8 +105,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTableAssociation": { @@ -124,8 +124,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "DefaultRoute": { @@ -144,8 +144,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "EIP": { @@ -164,8 +164,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "NATGateway": { @@ -192,14 +192,14 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "PublicSubnet2": { @@ -242,16 +242,16 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Acl": { "id": "Acl", "path": "TestStackLoadBalancer/Vpc/PublicSubnet2/Acl", "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTable": { @@ -272,8 +272,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTableAssociation": { @@ -291,8 +291,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "DefaultRoute": { @@ -311,14 +311,14 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "PrivateSubnet1": { @@ -361,16 +361,16 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Acl": { "id": "Acl", "path": "TestStackLoadBalancer/Vpc/PrivateSubnet1/Acl", "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTable": { @@ -391,8 +391,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTableAssociation": { @@ -410,8 +410,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "DefaultRoute": { @@ -430,14 +430,14 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "PrivateSubnet2": { @@ -480,16 +480,16 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Acl": { "id": "Acl", "path": "TestStackLoadBalancer/Vpc/PrivateSubnet2/Acl", "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTable": { @@ -510,8 +510,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RouteTableAssociation": { @@ -529,8 +529,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "DefaultRoute": { @@ -549,14 +549,14 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "IGW": { @@ -574,8 +574,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "VPCGW": { @@ -593,8 +593,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "RestrictDefaultSecurityGroupCustomResource": { @@ -605,28 +605,28 @@ "id": "Default", "path": "TestStackLoadBalancer/Vpc/RestrictDefaultSecurityGroupCustomResource/Default", "constructInfo": { - "fqn": "aws-cdk-lib.CfnResource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.CustomResource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.Vpc", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "LatestNodeRuntimeMap": { "id": "LatestNodeRuntimeMap", "path": "TestStackLoadBalancer/LatestNodeRuntimeMap", "constructInfo": { - "fqn": "aws-cdk-lib.CfnMapping", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Custom::VpcRestrictDefaultSGCustomResourceProvider": { @@ -637,30 +637,30 @@ "id": "Staging", "path": "TestStackLoadBalancer/Custom::VpcRestrictDefaultSGCustomResourceProvider/Staging", "constructInfo": { - "fqn": "aws-cdk-lib.AssetStaging", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Role": { "id": "Role", "path": "TestStackLoadBalancer/Custom::VpcRestrictDefaultSGCustomResourceProvider/Role", "constructInfo": { - "fqn": "aws-cdk-lib.CfnResource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "Handler": { "id": "Handler", "path": "TestStackLoadBalancer/Custom::VpcRestrictDefaultSGCustomResourceProvider/Handler", "constructInfo": { - "fqn": "aws-cdk-lib.CfnResource", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.CustomResourceProviderBase", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "NLB": { @@ -692,14 +692,14 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkLoadBalancer", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "vpcEndpointService": { @@ -712,7 +712,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpointService", "aws:cdk:cloudformation:props": { - "acceptanceRequired": true, + "acceptanceRequired": false, "contributorInsightsEnabled": true, "networkLoadBalancerArns": [ { @@ -722,36 +722,36 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpointService", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.VpcEndpointService", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "TestStackLoadBalancer/BootstrapVersion", "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "TestStackLoadBalancer/CheckBootstrapVersion", "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "VpcEndpointservice": { @@ -778,22 +778,22 @@ "id": "BootstrapVersion", "path": "VpcEndpointservice/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "VpcEndpointservice/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, @@ -818,8 +818,8 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts index 64a77cc735b93..ea1c1bb8be0fd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts @@ -15,10 +15,10 @@ class TestStack extends cdk.Stack { const service = new ec2.VpcEndpointService(this, 'vpcEndpointService', { vpcEndpointServiceLoadBalancers: [loadBalancer], - acceptanceRequired: false, + acceptanceRequired: true, contributorInsights: true, }); - service.setAcceptanceRequired(true); + service.setAcceptanceRequired(false); } } diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index 5d10fd95d7e5f..19169865e5a47 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -1121,6 +1121,17 @@ Note: The domain name must be owned (registered through Route53) by the account The VpcEndpointServiceDomainName will handle the AWS side of domain verification, the process for which can be found [here](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) +You can set `acceptanceRequired` not only `acceptanceRequired` prop but also `setAcceptanceRequired()` method. + +```ts +const endpointService = new ec2.VpcEndpointService(this, 'EndpointService', { + vpcEndpointServiceLoadBalancers: [networkLoadBalancer1, networkLoadBalancer2], +}); + +// update acceptanceRequired +endpointService.setAcceptanceRequired(false); +``` + ### Client VPN endpoint AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS From 13bda1479140016b4d9600ba15b9ca14047513f6 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Tue, 23 Jul 2024 06:57:35 +0900 Subject: [PATCH 4/7] update function name --- .../test/aws-ec2/test/integ.vpc-endpoint-service.ts | 2 +- packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts | 2 +- packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts index ea1c1bb8be0fd..1babaa0b44786 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-service.ts @@ -18,7 +18,7 @@ class TestStack extends cdk.Stack { acceptanceRequired: true, contributorInsights: true, }); - service.setAcceptanceRequired(false); + service.enableAcceptanceRequired(false); } } diff --git a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts index 492e40a3b5b02..95d4db8b3276f 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint-service.ts @@ -141,7 +141,7 @@ export class VpcEndpointService extends Resource implements IVpcEndpointService /** * Sets the acceptance required for the VPC Endpoint Service. */ - public setAcceptanceRequired(acceptanceRequired: boolean) { + public enableAcceptanceRequired(acceptanceRequired: boolean) { this.endpointService.acceptanceRequired = acceptanceRequired; } } diff --git a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts index 048323337d983..0d8728beaad66 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts @@ -140,7 +140,7 @@ describe('vpc endpoint service', () => { allowedPrincipals: [new ArnPrincipal('arn:aws:iam::123456789012:root')], acceptanceRequired: true, }); - service.setAcceptanceRequired(false); + service.enableAcceptanceRequired(false); // THEN Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpointService', { From 34585c0949ffbc5b77278c711be2951ef5daeb22 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Wed, 24 Jul 2024 12:46:37 +0900 Subject: [PATCH 5/7] update readme --- packages/aws-cdk-lib/aws-ec2/README.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index 19169865e5a47..942c29afb82b0 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -1121,15 +1121,17 @@ Note: The domain name must be owned (registered through Route53) by the account The VpcEndpointServiceDomainName will handle the AWS side of domain verification, the process for which can be found [here](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) -You can set `acceptanceRequired` not only `acceptanceRequired` prop but also `setAcceptanceRequired()` method. +You can set `acceptanceRequired` not only `acceptanceRequired` prop but also `enableAcceptanceRequired()` method. ```ts +declare const networkLoadBalancer: elbv2.NetworkLoadBalancer; + const endpointService = new ec2.VpcEndpointService(this, 'EndpointService', { - vpcEndpointServiceLoadBalancers: [networkLoadBalancer1, networkLoadBalancer2], + vpcEndpointServiceLoadBalancers: [networkLoadBalancer], }); // update acceptanceRequired -endpointService.setAcceptanceRequired(false); +endpointService.enableAcceptanceRequired(false); ``` ### Client VPN endpoint From b6971bf300a082afedd1ecccd60627c70be51340 Mon Sep 17 00:00:00 2001 From: Kazuho Cryer-Shinozuka Date: Sun, 28 Jul 2024 02:43:13 +0900 Subject: [PATCH 6/7] Update README.md Co-authored-by: Luca Pizzini --- packages/aws-cdk-lib/aws-ec2/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index 08085ffd408f4..c80bcf7ff4dd1 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -1121,7 +1121,7 @@ Note: The domain name must be owned (registered through Route53) by the account The VpcEndpointServiceDomainName will handle the AWS side of domain verification, the process for which can be found [here](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) -You can set `acceptanceRequired` not only `acceptanceRequired` prop but also `enableAcceptanceRequired()` method. +To update the `acceptanceRequired` property after initialization use the `enableAcceptanceRequired()` method: ```ts declare const networkLoadBalancer: elbv2.NetworkLoadBalancer; From 46467ac87766ccda8c1f9c307a906e0c98c98737 Mon Sep 17 00:00:00 2001 From: Kazuho Cryer-Shinozuka Date: Sun, 28 Jul 2024 02:43:32 +0900 Subject: [PATCH 7/7] Update README.md Co-authored-by: Luca Pizzini --- packages/aws-cdk-lib/aws-ec2/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md index c80bcf7ff4dd1..50c198b49c51a 100644 --- a/packages/aws-cdk-lib/aws-ec2/README.md +++ b/packages/aws-cdk-lib/aws-ec2/README.md @@ -1128,9 +1128,9 @@ declare const networkLoadBalancer: elbv2.NetworkLoadBalancer; const endpointService = new ec2.VpcEndpointService(this, 'EndpointService', { vpcEndpointServiceLoadBalancers: [networkLoadBalancer], + acceptanceRequired: true, }); -// update acceptanceRequired endpointService.enableAcceptanceRequired(false); ```