@aws-cdk/core

Reference

AccountPrincipal

class _aws-cdk_core.AccountPrincipal(accountId)
Extends:ArnPrincipal
Parameters:accountId (any) –
accountId
Type:any (readonly)

AccountRootPrincipal

class _aws-cdk_core.AccountRootPrincipal
Extends:AccountPrincipal

Anyone

class _aws-cdk_core.Anyone

A principal representing all identities in all accounts

Extends:PolicyPrincipal
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
accountId

Interface compatibility with AccountPrincipal for the purposes of the Lambda library The Lambda’s addPermission() call works differently from regular statements, and will use the value of this property directly if present (which leads to the correct statement ultimately).

Type:string (readonly)

App

class _aws-cdk_core.App([argv])

Represents a CDK program.

Extends:Root
Parameters:argv (string or None) –
run() → string

Runs the program

Returns:STDOUT
Return type:string
exec() → string
Return type:string
listStacks() → @aws-cdk/cx-api.StackInfo[]

Lists all stacks in this app.

Return type:StackInfo
synthesizeStack(stackName) → @aws-cdk/cx-api.SynthesizedStack

Synthesize and validate a single stack

Parameters:stackName (string) – The name of the stack to synthesize
Return type:SynthesizedStack
synthesizeStacks(stackNames) → @aws-cdk/cx-api.SynthesizedStack[]

Synthesizes multiple stacks

Parameters:stackNames (string) –
Return type:SynthesizedStack
collectMetadata(stack) → string => @aws-cdk/core.MetadataEntry[]

Returns metadata for all constructs in the stack.

Parameters:stack (Stack) –
Return type:MetadataEntry

Arn

class _aws-cdk_core.Arn([valueOrFunction])

An Amazon Resource Name (ARN). http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Extends:Token
Parameters:valueOrFunction (any or None) –
static fromComponents(components) → @aws-cdk/core.Arn

Creates an ARN from components. If any component is the empty string, an empty string will be inserted into the generated ARN at the location that component corresponds to.

Parameters:components (ArnComponents) –
Return type:Arn
static parse(arn) → @aws-cdk/core.ArnComponents

Given an ARN, parses it and returns components. The ARN it will be parsed and validated. The separator (sep) will be set to ‘/’ if the 6th component includes a ‘/’, in which case, resource will be set to the value before the ‘/’ and resourceName will be the rest. In case there is no ‘/’, resource will be set to the 6th components and resourceName will be set to the rest of the string.

Parameters:arn (string) –
Returns:an ArnComponents object which allows access to the various
components of the ARN.
rtype:ArnComponents

ArnComponents (interface)

class _aws-cdk_core.ArnComponents
partition

The partition that the resource is in. For standard AWS regions, the partition is aws. If you have resources in other partitions, the partition is aws-partitionname. For example, the partition for resources in the China (Beijing) region is aws-cn.

Type:string or None
service

The service namespace that identifies the AWS product (for example, ‘s3’, ‘iam’, ‘codepipline’).

Type:string
region

The region the resource resides in. Note that the ARNs for some resources do not require a region, so this component might be omitted.

Type:string or None
account

The ID of the AWS account that owns the resource, without the hyphens. For example, 123456789012. Note that the ARNs for some resources don’t require an account number, so this component might be omitted.

Type:any or None
resource

Resource type (e.g. “table”, “autoScalingGroup”, “certificate”). For some resource types, e.g. S3 buckets, this field defines the bucket name.

Type:any
sep

Separator between resource type and the resource. Can be either ‘/’ or ‘:’. Will only be used if path is defined.

Type:string or None
resourceName

Resource name or path within the resource (i.e. S3 bucket object key) or a wildcard such as "*". This is service-dependent.

Type:any or None

ArnPrincipal

class _aws-cdk_core.ArnPrincipal(arn)
Extends:PolicyPrincipal
Parameters:arn (any) –
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
arn
Type:any (readonly)

AutoScalingCreationPolicy (interface)

class _aws-cdk_core.AutoScalingCreationPolicy

For an Auto Scaling group replacement update, specifies how many instances must signal success for the update to succeed.

minSuccessfulInstancesPercent

Specifies the percentage of instances in an Auto Scaling replacement update that must signal success for the update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success. If an instance doesn’t send a signal within the time specified by the Timeout property, AWS CloudFormation assumes that the instance wasn’t created.

Type:number or None

AutoScalingReplacingUpdate (interface)

class _aws-cdk_core.AutoScalingReplacingUpdate

Specifies whether an Auto Scaling group and the instances it contains are replaced during an update. During replacement, AWS CloudFormation retains the old group until it finishes creating the new one. If the update fails, AWS CloudFormation can roll back to the old Auto Scaling group and delete the new Auto Scaling group. While AWS CloudFormation creates the new group, it doesn’t detach or attach any instances. After successfully creating the new Auto Scaling group, AWS CloudFormation deletes the old Auto Scaling group during the cleanup process. When you set the WillReplace parameter, remember to specify a matching CreationPolicy. If the minimum number of instances (specified by the MinSuccessfulInstancesPercent property) don’t signal success within the Timeout period (specified in the CreationPolicy policy), the replacement update fails and AWS CloudFormation rolls back to the old Auto Scaling group.

willReplace
Type:boolean or None

AutoScalingRollingUpdate (interface)

class _aws-cdk_core.AutoScalingRollingUpdate

To specify how AWS CloudFormation handles rolling updates for an Auto Scaling group, use the AutoScalingRollingUpdate policy. Rolling updates enable you to specify whether AWS CloudFormation updates instances that are in an Auto Scaling group in batches or all at once.

maxBatchSize

Specifies the maximum number of instances that AWS CloudFormation updates.

Type:number or None
minInstancesInService

Specifies the minimum number of instances that must be in service within the Auto Scaling group while AWS CloudFormation updates old instances.

Type:number or None
minSuccessfulInstancesPercent

Specifies the percentage of instances in an Auto Scaling rolling update that must signal success for an update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success. If an instance doesn’t send a signal within the time specified in the PauseTime property, AWS CloudFormation assumes that the instance wasn’t updated. If you specify this property, you must also enable the WaitOnResourceSignals and PauseTime properties.

Type:number or None
pauseTime

The amount of time that AWS CloudFormation pauses after making a change to a batch of instances to give those instances time to start software applications. For example, you might need to specify PauseTime when scaling up the number of instances in an Auto Scaling group. If you enable the WaitOnResourceSignals property, PauseTime is the amount of time that AWS CloudFormation should wait for the Auto Scaling group to receive the required number of valid signals from added or replaced instances. If the PauseTime is exceeded before the Auto Scaling group receives the required number of signals, the update fails. For best results, specify a time period that gives your applications sufficient time to get started. If the update needs to be rolled back, a short PauseTime can cause the rollback to fail. Specify PauseTime in the ISO8601 duration format (in the format PT#H#M#S, where each # is the number of hours, minutes, and seconds, respectively). The maximum PauseTime is one hour (PT1H).

Type:string or None
suspendProcesses

Specifies the Auto Scaling processes to suspend during a stack update. Suspending processes prevents Auto Scaling from interfering with a stack update. For example, you can suspend alarming so that Auto Scaling doesn’t execute scaling policies associated with an alarm. For valid values, see the ScalingProcesses.member.N parameter for the SuspendProcesses action in the Auto Scaling API Reference.

Type:string or None
waitOnResourceSignals

Specifies whether the Auto Scaling group waits on signals from new instances during an update. Use this property to ensure that instances have completed installing and configuring applications before the Auto Scaling group update proceeds. AWS CloudFormation suspends the update of an Auto Scaling group after new EC2 instances are launched into the group. AWS CloudFormation must receive a signal from each new instance within the specified PauseTime before continuing the update. To signal the Auto Scaling group, use the cfn-signal helper script or SignalResource API. To have instances wait for an Elastic Load Balancing health check before they signal success, add a health-check verification by using the cfn-init helper script. For an example, see the verify_instance_health command in the Auto Scaling rolling updates sample template.

Type:boolean or None

AutoScalingScheduledAction (interface)

class _aws-cdk_core.AutoScalingScheduledAction

With scheduled actions, the group size properties of an Auto Scaling group can change at any time. When you update a stack with an Auto Scaling group and scheduled action, AWS CloudFormation always sets the group size property values of your Auto Scaling group to the values that are defined in the AWS::AutoScaling::AutoScalingGroup resource of your template, even if a scheduled action is in effect. If you do not want AWS CloudFormation to change any of the group size property values when you have a scheduled action in effect, use the AutoScalingScheduledAction update policy to prevent AWS CloudFormation from changing the MinSize, MaxSize, or DesiredCapacity properties unless you have modified these values in your template.

ignoreUnmodifiedGroupSizeProperties
Type:boolean or None

AvailabilityZoneProvider

class _aws-cdk_core.AvailabilityZoneProvider(context)

Context provider that will return the availability zones for the current account and region

Parameters:context (Construct) –
availabilityZones

Return the list of AZs for the current account and region

Type:string (readonly)

AwsAccountId

class _aws-cdk_core.AwsAccountId
Extends:PseudoParameter

AwsDomainSuffix

class _aws-cdk_core.AwsDomainSuffix
Extends:PseudoParameter

AwsNoValue

class _aws-cdk_core.AwsNoValue
Extends:PseudoParameter

AwsNotificationARNs

class _aws-cdk_core.AwsNotificationARNs
Extends:PseudoParameter

AwsPartition

class _aws-cdk_core.AwsPartition
Extends:PseudoParameter

AwsRegion

class _aws-cdk_core.AwsRegion
Extends:PseudoParameter

AwsStackId

class _aws-cdk_core.AwsStackId
Extends:PseudoParameter

AwsStackName

class _aws-cdk_core.AwsStackName
Extends:PseudoParameter

CanonicalUserPrincipal

class _aws-cdk_core.CanonicalUserPrincipal(canonicalUserId)

A policy prinicipal for canonicalUserIds - useful for S3 bucket policies that use Origin Access identities. See https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html and https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html for more details.

Extends:PolicyPrincipal
Parameters:canonicalUserId (any) –
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
canonicalUserId
Type:any (readonly)

Condition

class _aws-cdk_core.Condition(parent, name[, props])

Represents a CloudFormation condition, for resources which must be conditionally created and the determination must be made at deploy time.

Extends:

Referenceable

Parameters:
  • parent (Construct) –
  • name (string) –
  • props (ConditionProps or None) –
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
expression

The condition statement.

Type:FnCondition or None

ConditionProps (interface)

class _aws-cdk_core.ConditionProps
expression
Type:FnCondition or None

Construct

class _aws-cdk_core.Construct(parent, name)

Represents the building block of the construct graph. When a construct is created, it is always added as a child

Parameters:
  • parent (Construct) – The parent construct
  • name (string) –
toString() → string

Returns a string representation of this construct.

Return type:string
toTreeString([depth]) → string

Returns a string with a tree representation of this construct and it’s children.

Parameters:depth (number or None) –
Return type:string
tryFindChild(path) → @aws-cdk/core.Construct

Return a descendant by path, or undefined

Parameters:path (string) –
Returns:a child by path or undefined if not found.
Return type:Construct or None
findChild(path) → @aws-cdk/core.Construct

Return a descendant by path Throws an exception if the descendant is not found.

Parameters:path (string) –
Returns:Child with the given path.
Return type:Construct
setContext(key, value)

This can be used to set contextual values. Context must be set before any children are added, since children may consult context info during construction. If the key already exists, it will be overridden.

Parameters:
  • key (string) – The context key
  • value (any) – The context value
getContext(key) → any

Retrieves a value from tree context. Context is usually initialized at the root, but can be overridden at any point in the tree.

Parameters:key (string) – The context key
Returns:The context value or undefined
Return type:any
requireContext(key) → any

Retrieve a value from tree-global context It is an error if the context object is not available.

Parameters:key (string) –
Return type:any
addMetadata(type, data[, from]) → @aws-cdk/core.Construct

Adds a metadata entry to this construct. Entries are arbitrary values and will also include a stack trace to allow tracing back to the code location for when the entry was added. It can be used, for example, to include source mapping in CloudFormation templates to improve diagnostics.

Parameters:
  • type (string) – a string denoting the type of metadata
  • data (any) – the value of the metadata (can be a Token). If null/undefined, metadata will not be added.
  • from (any or None) – a function under which to restrict the metadata entry’s stack trace (defaults to this.addMetadata)
Return type:

Construct

addWarning(message) → @aws-cdk/core.Construct

Adds a { warning: <message> } metadata entry to this construct.

Parameters:message (string) – The warning message.
Return type:Construct
validate() → string[]

This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.

Returns:An array of validation error messages, or an empty array if there the construct is valid.
Return type:string
validateTree() → @aws-cdk/core.ValidationError[]

Invokes ‘validate’ on all child constructs and then on this construct (depth-first).

Returns:A list of validation errors. If the list is empty, all constructs are valid.
Return type:ValidationError
ancestors([upTo]) → @aws-cdk/core.Construct[]

Return the ancestors (including self) of this Construct up until and excluding the indicated component

Parameters:upTo (Construct or None) –
Return type:Construct
required(props, name) → any

Throws if the props bag doesn’t include the property name. In the future we can add some type-checking here, maybe even auto-generate during compilation.

Parameters:
  • props (any) – The props bag.
  • name (string) – The name of the required property.
Return type:

any

addChild(child, childName)

Adds a child construct to this node.

Parameters:
  • child (Construct) – The child construct
  • childName (string) –
Returns:

The resolved path part name of the child

lock()

Locks this construct from allowing more children to be added. After this call, no more children can be added to this construct or to any children.

unlock()

Unlocks this costruct and allows mutations (adding children).

parent

Returns the parent of this node or undefined if this is a root node.

Type:Construct or None (readonly)
name

The name of this construct

Type:string (readonly)
children

All direct children of this construct.

Type:Construct (readonly)
path

Returns the path of all constructs from root to this construct, in string form.

Type:string (readonly)
metadata

An array of metadata objects associated with this construct. This can be used, for example, to implement support for deprecation notices, source mapping, etc.

Type:MetadataEntry (readonly)

ContextProvider

class _aws-cdk_core.ContextProvider(context)

Base class for the model side of context providers Instances of this class communicate with context provider plugins in the ‘cdk toolkit’ via context variables (input), outputting specialized queries for more context variables (output). ContextProvider needs access to a Construct to hook into the context mechanism.

Parameters:context (Construct) –
getStringValue(provider, scope, args) → string

Read a provider value, verifying it’s a string

Parameters:
  • provider (string) –
  • scope (string) –
  • args (string) –
Return type:

string

getStringListValue(provider, scope, args[, defaultValue]) → string[]

Read a provider value, verifying it’s a list

Parameters:
  • provider (string) –
  • scope (string) –
  • args (string) –
  • defaultValue (string or None) –
Return type:

string

accountRegionScope(providerDescription) → string[]

Helper function to wrap up account and region into a scope tuple

Parameters:providerDescription (string) –
Return type:string

CreationPolicy (interface)

class _aws-cdk_core.CreationPolicy

Associate the CreationPolicy attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals or the timeout period is exceeded. To signal a resource, you can use the cfn-signal helper script or SignalResource API. AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent. The creation policy is invoked only when AWS CloudFormation creates the associated resource. Currently, the only AWS CloudFormation resources that support creation policies are AWS::AutoScaling::AutoScalingGroup, AWS::EC2::Instance, and AWS::CloudFormation::WaitCondition. Use the CreationPolicy attribute when you want to wait on resource configuration actions before stack creation proceeds. For example, if you install and configure software applications on an EC2 instance, you might want those applications to be running before proceeding. In such cases, you can add a CreationPolicy attribute to the instance, and then send a success signal to the instance after the applications are installed and configured. For a detailed example, see Deploying Applications on Amazon EC2 with AWS CloudFormation.

autoScalingCreationPolicy

For an Auto Scaling group replacement update, specifies how many instances must signal success for the update to succeed.

Type:AutoScalingCreationPolicy or None
resourceSignal

When AWS CloudFormation creates the associated resource, configures the number of required success signals and the length of time that AWS CloudFormation waits for those signals.

Type:ResourceSignal or None

DeletionPolicy (enum)

class _aws-cdk_core.DeletionPolicy
Delete
Retain
Snapshot

Environment (interface)

class _aws-cdk_core.Environment

The deployment environment for a stack.

account

The AWS accopunt ID for this environment. If not specified, the context parameter default-account is used.

Type:string or None
region

The AWS region for this environment. If not specified, the context parameter default-region is used.

Type:string or None

FederatedPrincipal

class _aws-cdk_core.FederatedPrincipal(federated, conditions[, assumeRoleAction])
Extends:

PolicyPrincipal

Parameters:
  • federated (any) –
  • conditions (any) –
  • assumeRoleAction (string or None) –
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
federated
Type:any (readonly)
conditions
Type:any (readonly)
assumeRoleAction
Type:string (readonly)

Fn

class _aws-cdk_core.Fn(name, value)

CloudFormation intrinsic functions. http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference.html

Extends:

Token

Parameters:
  • name (string) –
  • value (any) –

FnAnd

class _aws-cdk_core.FnAnd(*condition)

Returns true if all the specified conditions evaluate to true, or returns false if any one of the conditions evaluates to false. Fn::And acts as an AND operator. The minimum number of conditions that you can include is 2, and the maximum is 10.

Extends:FnCondition
Parameters:*condition (FnCondition) –

FnBase64

class _aws-cdk_core.FnBase64(data)

The intrinsic function Fn::Base64 returns the Base64 representation of the input string. This function is typically used to pass encoded data to Amazon EC2 instances by way of the UserData property.

Extends:Fn
Parameters:data (any) – The string value you want to convert to Base64.

FnCidr

class _aws-cdk_core.FnCidr(ipBlock, count[, sizeMask])

The intrinsic function Fn::Cidr returns the specified Cidr address block.

Extends:

Fn

Parameters:
  • ipBlock (any) – The user-specified default Cidr address block.
  • count (any) – The number of subnets’ Cidr block wanted. Count can be 1 to 256.
  • sizeMask (any or None) – The digit covered in the subnet.

FnConcat

class _aws-cdk_core.FnConcat(*listOfValues)

Alias for Fn::Join(‘’, [ values ]).

Extends:FnJoin
Parameters:*listOfValues (any) – The list of values to concatenate.

FnCondition

class _aws-cdk_core.FnCondition(name, value)

You can use intrinsic functions, such as Fn::If, Fn::Equals, and Fn::Not, to conditionally create stack resources. These conditions are evaluated based on input parameters that you declare when you create or update a stack. After you define all your conditions, you can associate them with resources or resource properties in the Resources and Outputs sections of a template. You define all conditions in the Conditions section of a template except for Fn::If conditions. You can use the Fn::If condition in the metadata attribute, update policy attribute, and property values in the Resources section and Outputs sections of a template. You might use conditions when you want to reuse a template that can create resources in different contexts, such as a test environment versus a production environment. In your template, you can add an EnvironmentType input parameter, which accepts either prod or test as inputs. For the production environment, you might include Amazon EC2 instances with certain capabilities; however, for the test environment, you want to use less capabilities to save costs. With conditions, you can define which resources are created and how they’re configured for each environment type.

Extends:

Fn

Parameters:
  • name (string) –
  • value (any) –

FnContains

class _aws-cdk_core.FnContains(listOfStrings, value)

Returns true if a specified string matches at least one value in a list of strings.

Extends:

FnCondition

Parameters:
  • listOfStrings (any) – A list of strings, such as “A”, “B”, “C”.
  • value (string) – A string, such as “A”, that you want to compare against a list of strings.

FnEachMemberEquals

class _aws-cdk_core.FnEachMemberEquals(listOfStrings, value)

Returns true if a specified string matches all values in a list.

Extends:

FnCondition

Parameters:
  • listOfStrings (any) – A list of strings, such as “A”, “B”, “C”.
  • value (string) – A string, such as “A”, that you want to compare against a list of strings.

FnEachMemberIn

class _aws-cdk_core.FnEachMemberIn(stringsToCheck, stringsToMatch)

Returns true if each member in a list of strings matches at least one value in a second list of strings.

Extends:

FnCondition

Parameters:
  • stringsToCheck (any) – A list of strings, such as “A”, “B”, “C”. AWS CloudFormation checks whether each member in the strings_to_check parameter is in the strings_to_match parameter.
  • stringsToMatch (any) – A list of strings, such as “A”, “B”, “C”. Each member in the strings_to_match parameter is compared against the members of the strings_to_check parameter.

FnEquals

class _aws-cdk_core.FnEquals(lhs, rhs)

Compares if two values are equal. Returns true if the two values are equal or false if they aren’t.

Extends:

FnCondition

Parameters:
  • lhs (any) – A value of any type that you want to compare.
  • rhs (any) – A value of any type that you want to compare.

FnFindInMap

class _aws-cdk_core.FnFindInMap(mapName, topLevelKey, secondLevelKey)

The intrinsic function Fn::FindInMap returns the value corresponding to keys in a two-level map that is declared in the Mappings section.

Extends:

Fn

Parameters:
  • mapName (string) – The logical name of a mapping declared in the Mappings section that contains the keys and values.
  • topLevelKey (any) – The top-level key name. Its value is a list of key-value pairs.
  • secondLevelKey (any) – The second-level key name, which is set to one of the keys from the list assigned to TopLevelKey.

FnGetAZs

class _aws-cdk_core.FnGetAZs([region])

The intrinsic function Fn::GetAZs returns an array that lists Availability Zones for a specified region. Because customers have access to different Availability Zones, the intrinsic function Fn::GetAZs enables template authors to write templates that adapt to the calling user’s access. That way you don’t have to hard-code a full list of Availability Zones for a specified region.

Extends:Fn
Parameters:region (string or None) – The name of the region for which you want to get the Availability Zones. You can use the AWS::Region pseudo parameter to specify the region in which the stack is created. Specifying an empty string is equivalent to specifying AWS::Region.

FnGetAtt

class _aws-cdk_core.FnGetAtt(logicalNameOfResource, attributeName)

The Fn::GetAtt intrinsic function returns the value of an attribute from a resource in the template.

Extends:

Fn

Parameters:
  • logicalNameOfResource (string) – The logical name (also called logical ID) of the resource that contains the attribute that you want.
  • attributeName (string) – The name of the resource-specific attribute whose value you want. See the resource’s reference page for details about the attributes available for that resource type.

FnIf

class _aws-cdk_core.FnIf(condition, valueIfTrue, valueIfFalse)

Returns one value if the specified condition evaluates to true and another value if the specified condition evaluates to false. Currently, AWS CloudFormation supports the Fn::If intrinsic function in the metadata attribute, update policy attribute, and property values in the Resources section and Outputs sections of a template. You can use the AWS::NoValue pseudo parameter as a return value to remove the corresponding property.

Extends:

FnCondition

Parameters:
  • condition (string) – A reference to a condition in the Conditions section. Use the condition’s name to reference it.
  • valueIfTrue (any) – A value to be returned if the specified condition evaluates to true.
  • valueIfFalse (any) – A value to be returned if the specified condition evaluates to false.

FnImportValue

class _aws-cdk_core.FnImportValue(sharedValueToImport)

The intrinsic function Fn::ImportValue returns the value of an output exported by another stack. You typically use this function to create cross-stack references. In the following example template snippets, Stack A exports VPC security group values and Stack B imports them.

Extends:Fn
Parameters:sharedValueToImport (string) – The stack output value that you want to import.

FnJoin

class _aws-cdk_core.FnJoin(delimiter, *listOfValues)

The intrinsic function Fn::Join appends a set of values into a single value, separated by the specified delimiter. If a delimiter is the empty string, the set of values are concatenated with no delimiter.

Extends:

Fn

Parameters:
  • delimiter (string) – The value you want to occur between fragments. The delimiter will occur between fragments only. It will not terminate the final value.
  • *listOfValues (any) – The list of values you want combined.

FnNot

class _aws-cdk_core.FnNot(condition)

Returns true for a condition that evaluates to false or returns false for a condition that evaluates to true. Fn::Not acts as a NOT operator.

Extends:FnCondition
Parameters:condition (FnCondition) – A condition such as Fn::Equals that evaluates to true or false.

FnOr

class _aws-cdk_core.FnOr(*condition)

Returns true if any one of the specified conditions evaluate to true, or returns false if all of the conditions evaluates to false. Fn::Or acts as an OR operator. The minimum number of conditions that you can include is 2, and the maximum is 10.

Extends:FnCondition
Parameters:*condition (FnCondition) – A condition that evaluates to true or false.

FnRefAll

class _aws-cdk_core.FnRefAll(parameterType)

Returns all values for a specified parameter type.

Extends:FnCondition
Parameters:parameterType (string) – An AWS-specific parameter type, such as AWS::EC2::SecurityGroup::Id or AWS::EC2::VPC::Id. For more information, see Parameters in the AWS CloudFormation User Guide.

FnSelect

class _aws-cdk_core.FnSelect(index, array)

The intrinsic function Fn::Select returns a single object from a list of objects by index.

Extends:

Fn

Parameters:
  • index (number) – The index of the object to retrieve. This must be a value from zero to N-1, where N represents the number of elements in the array.
  • array (any) – The list of objects to select from. This list must not be null, nor can it have null entries.

FnSplit

class _aws-cdk_core.FnSplit(delimiter, source)

To split a string into a list of string values so that you can select an element from the resulting string list, use the Fn::Split intrinsic function. Specify the location of splits with a delimiter, such as , (a comma). After you split a string, use the Fn::Select function to pick a specific element.

Extends:

Fn

Parameters:
  • delimiter (string) – A string value that determines where the source string is divided.
  • source (any) – The string value that you want to split.

FnSub

class _aws-cdk_core.FnSub(body[, variables])

The intrinsic function Fn::Sub substitutes variables in an input string with values that you specify. In your templates, you can use this function to construct commands or outputs that include values that aren’t available until you create or update a stack.

Extends:

Fn

Parameters:
  • body (string) – A string with variables that AWS CloudFormation substitutes with their associated values at runtime. Write variables as ${MyVarName}. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. If you specify only template parameter names, resource logical IDs, and resource attributes, don’t specify a key-value map.
  • variables (any or None) – The name of a variable that you included in the String parameter. The value that AWS CloudFormation substitutes for the associated variable name at runtime.

FnValueOf

class _aws-cdk_core.FnValueOf(parameterOrLogicalId, attribute)

Returns an attribute value or list of values for a specific parameter and attribute.

Extends:

FnCondition

Parameters:
  • parameterOrLogicalId (string) – The name of a parameter for which you want to retrieve attribute values. The parameter must be declared in the Parameters section of the template.
  • attribute (string) – The name of an attribute from which you want to retrieve a value.

FnValueOfAll

class _aws-cdk_core.FnValueOfAll(parameterType, attribute)

Returns a list of all attribute values for a given parameter type and attribute.

Extends:

FnCondition

Parameters:
  • parameterType (string) – An AWS-specific parameter type, such as AWS::EC2::SecurityGroup::Id or AWS::EC2::VPC::Id. For more information, see Parameters in the AWS CloudFormation User Guide.
  • attribute (string) – The name of an attribute from which you want to retrieve a value. For more information about attributes, see Supported Attributes.

HashedAddressingScheme

class _aws-cdk_core.HashedAddressingScheme

Renders a hashed ID for a resource. In order to make sure logical IDs are unique and stable, we hash the resource construct tree path (i.e. toplevel/secondlevel/…/myresource) and add it as a suffix to the path components joined without a separator (CloudFormation IDs only allow alphanumeric characters). The result will be: <path.join(‘’)><md5(path.join(‘/’)> “human” “hash” If the “human” part of the ID exceeds 240 characters, we simply trim it so the total ID doesn’t exceed CloudFormation’s 255 character limit. We only take 8 characters from the md5 hash (0.000005 chance of collision). Special cases: - If the path only contains a single component (i.e. it’s a top-level resource), we won’t add the hash to it. The hash is not needed for disamiguation and also, it allows for a more straightforward migration an existing CloudFormation template to a CDK stack without logical ID changes (or renames). - For aesthetic reasons, if the last components of the path are the same (i.e. L1/L2/Pipeline/Pipeline), they will be de-duplicated to make the resulting human portion of the ID more pleasing: L1L2Pipeline<HASH> instead of L1L2PipelinePipeline<HASH> - If a component is named “Resource” it will be omitted from the path. This allows L2 construct to use this convention to “hide” the wrapped L1 from the logical ID.

Implements:IAddressingScheme
allocateAddress(addressComponents) → string

Return the logical ID for the given list of Construct names on the path.

Parameters:addressComponents (string) –
Return type:string

IAddressingScheme (interface)

class _aws-cdk_core.IAddressingScheme

Interface for classes that implementation logical ID assignment strategies

allocateAddress(addressComponents) → string

Return the logical ID for the given list of Construct names on the path.

Parameters:addressComponents (string) –
Return type:string

IDependable (interface)

class _aws-cdk_core.IDependable

Represents a construct that can be “depended on” via addDependency.

dependencyElements

Returns the set of all stack elements (resources, parameters, conditions) that should be added when a resource “depends on” this construct.

Type:IDependable (readonly)

Include

class _aws-cdk_core.Include(parent, name, props)

Includes a CloudFormation template into a stack. All elements of the template will be merged into the current stack, together with any elements created programmatically.

Extends:

StackElement

Parameters:
  • parent (Construct) – The parent construct of this template
  • name (string) –
  • props (IncludeProps) –
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
template

The included template.

Type:json (readonly)

IncludeProps (interface)

class _aws-cdk_core.IncludeProps
template

The CloudFormation template to include in the stack (as is).

Type:json

LogicalIDs

class _aws-cdk_core.LogicalIDs(namingScheme)

Class that keeps track of the logical IDs that are assigned to resources Supports renaming the generated IDs.

Parameters:namingScheme (IAddressingScheme) –
renameLogical(oldId, newId)

Rename a logical ID from an old ID to a new ID

Parameters:
  • oldId (string) –
  • newId (string) –
getLogicalId(stackElement) → string

Return the logical ID for the given stack element

Parameters:stackElement (StackElement) –
Return type:string
assertAllRenamesApplied()

Throw an error if not all renames have been used This is to assure that users didn’t make typoes when registering renames.

Mapping

class _aws-cdk_core.Mapping(parent, name, props)

Represents a CloudFormation mapping.

Extends:

Referenceable

Parameters:
  • parent (Construct) –
  • name (string) –
  • props (MappingProps) –
setValue(key1, key2, value)

Sets a value in the map based on the two keys.

Parameters:
  • key1 (string) –
  • key2 (string) –
  • value (any) –
findInMap(key1, key2) → @aws-cdk/core.FnFindInMap
Parameters:
  • key1 (any) –
  • key2 (any) –
Returns:

A reference to a value in the map based on the two keys.

Return type:

FnFindInMap

toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json

MappingProps (interface)

class _aws-cdk_core.MappingProps
mapping
Type:any or None

MetadataEntry (interface)

class _aws-cdk_core.MetadataEntry

An metadata entry in the construct.

type

The type of the metadata entry.

Type:string
data

The data.

Type:any or None
trace

A stack trace for when the entry was created.

Type:string

Output

class _aws-cdk_core.Output(parent, name[, props])
Extends:

StackElement

Parameters:
  • parent (Construct) – The parent construct.
  • name (string) –
  • props (OutputProps or None) – Output properties.
makeImportValue() → @aws-cdk/core.FnImportValue

Returns an FnImportValue bound to this export name.

Return type:FnImportValue
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
description

A String type that describes the output value. The description can be a maximum of 4 K in length.

Type:string or None (readonly)
value

The value of the property returned by the aws cloudformation describe-stacks command. The value of an output can include literals, parameter references, pseudo-parameters, a mapping value, or intrinsic functions.

Type:any or None (readonly)
export

The name of the resource output to be exported for a cross-stack reference. By default, the logical ID of the Output element is used as it’s export name.

Type:string or None (readonly)
condition

A condition from the “Conditions” section to associate with this output value. If the condition evaluates to false, this output value will not be included in the stack.

Type:Condition or None (readonly)
ref
Type:Token (readonly)

OutputProps (interface)

class _aws-cdk_core.OutputProps
description

A String type that describes the output value. The description can be a maximum of 4 K in length.

Type:string or None
value

The value of the property returned by the aws cloudformation describe-stacks command. The value of an output can include literals, parameter references, pseudo-parameters, a mapping value, or intrinsic functions.

Type:any or None
export

The name used to export the value of this output across stacks. To import the value from another stack, use FnImportValue(export). You can create an import value token by calling output.makeImportValue().

Type:string or None
disableExport

Disables the automatic allocation of an export name for this output.

Type:boolean or None
condition

A condition from the “Conditions” section to associate with this output value. If the condition evaluates to false, this output value will not be included in the stack.

Type:Condition or None

Parameter

class _aws-cdk_core.Parameter(parent, name, props)

Use the optional Parameters section to customize your templates. Parameters enable you to input custom values to your template each time you create or update a stack.

Extends:

Referenceable

Parameters:
  • parent (Construct) – The parent construct.
  • name (string) –
  • props (ParameterProps) – The parameter properties.
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
resolve() → any

Allows using parameters as tokens without the need to dereference them. This implicitly implements Token, until we make it an interface.

Return type:any
value

A token that represents the actual value of this parameter.

Type:Token

ParameterProps (interface)

class _aws-cdk_core.ParameterProps
type

The data type for the parameter (DataType).

Type:string
default

A value of the appropriate type for the template to use if no value is specified when a stack is created. If you define constraints for the parameter, you must specify a value that adheres to those constraints.

Type:any or None
allowedPattern

A regular expression that represents the patterns to allow for String types.

Type:string or None
allowedValues

An array containing the list of values allowed for the parameter.

Type:string or None
constraintDescription

A string that explains a constraint when the constraint is violated. For example, without a constraint description, a parameter that has an allowed pattern of [A-Za-z0-9]+ displays the following error message when the user specifies an invalid value:

Type:string or None
description

A string of up to 4000 characters that describes the parameter.

Type:string or None
maxLength

An integer value that determines the largest number of characters you want to allow for String types.

Type:number or None
maxValue

A numeric value that determines the largest numeric value you want to allow for Number types.

Type:number or None
minLength

An integer value that determines the smallest number of characters you want to allow for String types.

Type:number or None
minValue

A numeric value that determines the smallest numeric value you want to allow for Number types.

Type:number or None
noEcho

Whether to mask the parameter value when anyone makes a call that describes the stack. If you set the value to true, the parameter value is masked with asterisks (*****).

Type:boolean or None

PolicyDocument

class _aws-cdk_core.PolicyDocument([baseDocument])
Extends:Token
Parameters:baseDocument (any or None) –
resolve() → any
Return type:any
addStatement(statement) → @aws-cdk/core.PolicyDocument
Parameters:statement (PolicyStatement) –
Return type:PolicyDocument
isEmpty
Type:boolean (readonly)
statementCount

The number of statements already added to this policy. Can be used, for example, to generate uniuqe “sid”s within the policy.

Type:number (readonly)

PolicyPrincipal

class _aws-cdk_core.PolicyPrincipal

Represents an IAM principal.

Abstract:Yes
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
Abstract:Yes
assumeRoleAction

When this Principal is used in an AssumeRole policy, the action to use.

Type:string (readonly)

PolicyStatement

class _aws-cdk_core.PolicyStatement([effect])

Represents a statement in an IAM policy document.

Extends:Token
Parameters:effect (Effect or None) –
addAction(action) → @aws-cdk/core.PolicyStatement
Parameters:action (string) –
Return type:PolicyStatement
addActions(*actions) → @aws-cdk/core.PolicyStatement
Parameters:*actions (string) –
Return type:PolicyStatement
addPrincipal(principal) → @aws-cdk/core.PolicyStatement
Parameters:principal (PolicyPrincipal) –
Return type:PolicyStatement
addAwsPrincipal(arn) → @aws-cdk/core.PolicyStatement
Parameters:arn (any) –
Return type:PolicyStatement
addAwsAccountPrincipal(accountId) → @aws-cdk/core.PolicyStatement
Parameters:accountId (any) –
Return type:PolicyStatement
addServicePrincipal(service) → @aws-cdk/core.PolicyStatement
Parameters:service (any) –
Return type:PolicyStatement
addFederatedPrincipal(federated, conditions) → @aws-cdk/core.PolicyStatement
Parameters:
  • federated (any) –
  • conditions (any) –
Return type:

PolicyStatement

addAccountRootPrincipal() → @aws-cdk/core.PolicyStatement
Return type:PolicyStatement
addResource(resource) → @aws-cdk/core.PolicyStatement
Parameters:resource (any) –
Return type:PolicyStatement
addAllResources() → @aws-cdk/core.PolicyStatement

Adds a "*" resource to this statement.

Return type:PolicyStatement
addResources(*resources) → @aws-cdk/core.PolicyStatement
Parameters:*resources (any) –
Return type:PolicyStatement
describe(sid) → @aws-cdk/core.PolicyStatement
Parameters:sid (any) –
Return type:PolicyStatement
allow() → @aws-cdk/core.PolicyStatement

Sets the permission effect to deny access to resources.

Return type:PolicyStatement
deny() → @aws-cdk/core.PolicyStatement

Sets the permission effect to allow access to resources.

Return type:PolicyStatement
addCondition(key, value) → @aws-cdk/core.PolicyStatement

Add a condition to the Policy

Parameters:
  • key (string) –
  • value (any) –
Return type:

PolicyStatement

addConditions(conditions) → @aws-cdk/core.PolicyStatement

Add multiple conditions to the Policy

Parameters:conditions (any) –
Return type:PolicyStatement
setCondition(key, value) → @aws-cdk/core.PolicyStatement

Add a condition to the Policy.

Parameters:
  • key (string) –
  • value (any) –
Return type:

PolicyStatement

limitToAccount(accountId) → @aws-cdk/core.PolicyStatement
Parameters:accountId (any) –
Return type:PolicyStatement
resolve() → any
Return type:any
toJson() → any
Return type:any
hasPrincipal

Indicates if this permission has a “Principal” section.

Type:boolean (readonly)
hasResource

Indicates if this permission as at least one resource associated with it.

Type:boolean (readonly)
isOnlyStarResource

Indicates if this permission has only a "*" resource associated with it.

Type:boolean (readonly)
class Effect
Allow
Deny

PrincipalPolicyFragment

class _aws-cdk_core.PrincipalPolicyFragment(principalJson[, conditions])

A collection of the fields in a PolicyStatement that can be used to identify a principal. This consists of the JSON used in the “Principal” field, and optionally a set of “Condition”s that need to be applied to the policy.

Parameters:
  • principalJson (any) –
  • conditions (any or None) –
principalJson
Type:any (readonly)
conditions
Type:any (readonly)

Program

class _aws-cdk_core.Program([argv])
Extends:App
Parameters:argv (string or None) –

PseudoParameter

class _aws-cdk_core.PseudoParameter(name)
Extends:Token
Parameters:name (string) –

Referenceable

class _aws-cdk_core.Referenceable(parent, name)

A construct, which is part of a stack and can be referenced using it’s logical ID using the CloudFormation intrinsic function { Ref: ID }.

Extends:

StackElement

Abstract:

Yes

Parameters:
  • parent (Construct) – The parent construct
  • name (string) –
ref

Returns a token to a CloudFormation { Ref } that references this entity based on it’s logical ID.

Type:Token (readonly)

RemovalPolicy (enum)

class _aws-cdk_core.RemovalPolicy
Destroy
Orphan
Forbid

Resource

class _aws-cdk_core.Resource(parent, name, props)

Represents a CloudFormation resource.

Extends:

Referenceable

Parameters:
  • parent (Construct) –
  • name (string) –
  • props (ResourceProps) –
static attribute([customName]) → any

A decoration used to create a CloudFormation attribute property.

Parameters:customName (string or None) – Custom name for the attribute (default is the name of the property) NOTE: we return “any” here to satistfy jsii, which doesn’t support lambdas.
Return type:any
getAtt(attributeName) → @aws-cdk/core.Token

Returns a token for an runtime attribute of this resource. Ideally, use generated attribute accessors (e.g. resource.arn), but this can be used for future compatibility in case there is no generated attribute.

Parameters:attributeName (string) – The name of the attribute.
Return type:Token
addDependency(*other)

Adds a dependency on another resource.

Parameters:*other (IDependable) – The other resource.
toCloudFormation() → json

Emits CloudFormation for this resource.

Return type:json
renderProperties() → string => any
Return type:any
options

Options for this resource, such as condition, update policy etc.

Type:ResourceOptions (readonly)
resourceType

AWS resource type.

Type:string (readonly)
properties

AWS resource properties

Type:any (readonly)

ResourceOptions (interface)

class _aws-cdk_core.ResourceOptions
condition

A condition to associate with this resource. This means that only if the condition evaluates to ‘true’ when the stack is deployed, the resource will be included. This is provided to allow CDK projects to produce legacy templates, but noramlly there is no need to use it in CDK projects.

Type:Condition or None
creationPolicy

Associate the CreationPolicy attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals or the timeout period is exceeded. To signal a resource, you can use the cfn-signal helper script or SignalResource API. AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent.

Type:CreationPolicy or None
deletionPolicy

With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. Note that this capability also applies to update operations that lead to resources being removed.

Type:string or None
updatePolicy

Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group.

Type:UpdatePolicy or None
metadata

Metadata associated with the CloudFormation resource. This is not the same as the construct metadata which can be added using construct.addMetadata(), but would not appear in the CloudFormation template automatically.

Type:any or None

ResourceProps (interface)

class _aws-cdk_core.ResourceProps
type

CloudFormation resource type.

Type:string
properties

CloudFormation properties.

Type:any or None

ResourceSignal (interface)

class _aws-cdk_core.ResourceSignal

When AWS CloudFormation creates the associated resource, configures the number of required success signals and the length of time that AWS CloudFormation waits for those signals.

count

The number of success signals AWS CloudFormation must receive before it sets the resource status as CREATE_COMPLETE. If the resource receives a failure signal or doesn’t receive the specified number of signals before the timeout period expires, the resource creation fails and AWS CloudFormation rolls the stack back.

Type:number or None
timeout

The length of time that AWS CloudFormation waits for the number of signals that was specified in the Count property. The timeout period starts after AWS CloudFormation starts creating the resource, and the timeout expires no sooner than the time you specify but can occur shortly thereafter. The maximum time that you can specify is 12 hours.

Type:string or None

Root

class _aws-cdk_core.Root

Represents the root of a construct tree. No parent and no name.

Extends:Construct

Rule

class _aws-cdk_core.Rule(parent, name[, props])

The Rules that define template constraints in an AWS Service Catalog portfolio describe when end users can use the template and which values they can specify for parameters that are declared in the AWS CloudFormation template used to create the product they are attempting to use. Rules are useful for preventing end users from inadvertently specifying an incorrect value. For example, you can add a rule to verify whether end users specified a valid subnet in a given VPC or used m1.small instance types for test environments. AWS CloudFormation uses rules to validate parameter values before it creates the resources for the product. A rule can include a RuleCondition property and must include an Assertions property. For each rule, you can define only one rule condition; you can define one or more asserts within the Assertions property. You define a rule condition and assertions by using rule-specific intrinsic functions. https://docs.aws.amazon.com/servicecatalog/latest/adminguide/reference-template_constraint_rules.html

Extends:

Referenceable

Parameters:
  • parent (Construct) – The parent construct.
  • name (string) –
  • props (RuleProps or None) – The rule props.
addAssertion(condition, description)

Adds an assertion to the rule.

Parameters:
  • condition (FnCondition) – The expression to evaluation.
  • description (string) – The description of the assertion.
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
ruleCondition

If the rule condition evaluates to false, the rule doesn’t take effect. If the function in the rule condition evaluates to true, expressions in each assert are evaluated and applied.

Type:FnCondition or None
assertions

Assertions which define the rule.

Type:RuleAssertion or None

RuleAssertion (interface)

class _aws-cdk_core.RuleAssertion

A rule assertion.

assert

The assertion.

Type:FnCondition
assertDescription

The assertion description.

Type:string

RuleProps (interface)

class _aws-cdk_core.RuleProps

A rule can include a RuleCondition property and must include an Assertions property. For each rule, you can define only one rule condition; you can define one or more asserts within the Assertions property. You define a rule condition and assertions by using rule-specific intrinsic functions. You can use the following rule-specific intrinsic functions to define rule conditions and assertions: Fn::And Fn::Contains Fn::EachMemberEquals Fn::EachMemberIn Fn::Equals Fn::If Fn::Not Fn::Or Fn::RefAll Fn::ValueOf Fn::ValueOfAll https://docs.aws.amazon.com/servicecatalog/latest/adminguide/reference-template_constraint_rules.html

ruleCondition

If the rule condition evaluates to false, the rule doesn’t take effect. If the function in the rule condition evaluates to true, expressions in each assert are evaluated and applied.

Type:Token or None
assertions

Assertions which define the rule.

Type:RuleAssertion or None

SSMParameterProvider

class _aws-cdk_core.SSMParameterProvider(context)

Context provider that will read values from the SSM parameter store in the indicated account and region

Parameters:context (Construct) –
getString(parameterName) → any

Return the SSM parameter string with the indicated key

Parameters:parameterName (string) –
Return type:any

Secret

class _aws-cdk_core.Secret([valueOrFunction])

A token that represents a value that’s expected to be a secret, like passwords and keys. It is recommended to use the SecretParameter construct in order to import secret values from the SSM Parameter Store instead of storing them in your code. However, you can also just pass in values, like any other token: new Secret(‘bla’)

Extends:Token
Parameters:valueOrFunction (any or None) –

SecretParameter

class _aws-cdk_core.SecretParameter(parent, name, props)

Defines a secret value resolved from the Systems Manager (SSM) Parameter Store during deployment. This is useful for referencing values that you do not wish to include in your code base, such as secrets, passwords and keys. This construct will add a CloudFormation parameter to your template bound to an SSM parameter (of type “AWS::SSM::Parameter::Value<String>”). Deployment will fail if the value doesn’t exist in the target environment. Important: For values other than secrets, prefer to use the SSMParameterProvider which resolves SSM parameter in design-time, and ensures that stack deployments are deterministic.

Extends:

Construct

Parameters:
  • parent (Construct) –
  • name (string) –
  • props (SecretProps) –
resolve() → any
Return type:any
value

A token for the secret value.

Type:Token

SecretProps (interface)

class _aws-cdk_core.SecretProps
ssmParameter

The name of the SSM parameter where the secret value is stored.

Type:string
description

A string of up to 4000 characters that describes the parameter.

Type:string or None
allowedPattern

A regular expression that represents the patterns to allow for String types.

Type:string or None
allowedValues

An array containing the list of values allowed for the parameter.

Type:string or None
constraintDescription

A string that explains a constraint when the constraint is violated. For example, without a constraint description, a parameter that has an allowed pattern of [A-Za-z0-9]+ displays the following error message when the user specifies an invalid value:

Type:string or None
maxLength

An integer value that determines the largest number of characters you want to allow for String types.

Type:number or None
minLength

An integer value that determines the smallest number of characters you want to allow for String types.

Type:number or None

ServicePrincipal

class _aws-cdk_core.ServicePrincipal(service)

An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).

Extends:PolicyPrincipal
Parameters:service (any) –
policyFragment() → @aws-cdk/core.PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Return type:PrincipalPolicyFragment
service
Type:any (readonly)

Stack

class _aws-cdk_core.Stack([parent[, name[, props]]])

A root construct which represents a single CloudFormation stack.

Extends:

Construct

Parameters:
  • parent (App or None) – Parent of this stack, usually a Program instance.
  • name (string or None) –
  • props (StackProps or None) – Stack properties.
static find(node) → @aws-cdk/core.Stack

Traverses the tree and looks up for the Stack root.

Parameters:node (Construct) – A construct in the tree
Returns:The Stack object (throws if the node is not part of a Stack-rooted tree)
Return type:Stack
static annotatePhysicalName(construct[, physicalName])

Adds a metadata annotation “aws:cdk:physical-name” to the construct if physicalName is non-null. This can be used later by tools and aspects to determine if resources have been created with physical names.

Parameters:
  • construct (Construct) –
  • physicalName (string or None) –
findResource(path) → @aws-cdk/core.Resource

Looks up a resource by path.

Parameters:path (string) –
Returns:The Resource or undefined if not found
Return type:Resource or None
toCloudFormation() → any

Returns the CloudFormation template for this stack by traversing the tree and invoking toCloudFormation() on all Entity objects.

Return type:any
requireRegion([why]) → string
Parameters:why (string or None) – more information about why region is required.
Returns:The region in which this stack is deployed. Throws if region is not defined.
Return type:string
reportMissingContext(key, details)

Indicate that a context key was expected Contains instructions on how the key should be supplied.

Parameters:
  • key (string) – Key that uniquely identifies this missing context.
  • details (MissingContext) – The set of parameters needed to obtain the context (specific to context provider).
renameLogical(oldId, newId)

Rename a generated logical identities

Parameters:
  • oldId (string) –
  • newId (string) –
missingContext

Lists all missing contextual information. This is returned when the stack is synthesized under the ‘missing’ attribute and allows tooling to obtain the context and re-synthesize.

Type:MissingContext (readonly)
env

The environment in which this stack is deployed.

Type:Environment (readonly)
isStack

Used to determine if this construct is a stack.

Type:boolean (readonly)
logicalIds

Logical ID generation strategy

Type:LogicalIDs (readonly)
templateOptions

Options for CloudFormation template (like version, transform, description).

Type:TemplateOptions (readonly)

StackElement

class _aws-cdk_core.StackElement(parent, name)

An element of a CloudFormation stack.

Extends:

Construct

Implements:

IDependable

Abstract:

Yes

Parameters:
  • parent (Construct) – The parent construct
  • name (string) –
toCloudFormation() → json

Returns the CloudFormation ‘snippet’ for this entity. The snippet will only be merged at the root level to ensure there are no identity conflicts. For example, a Resource class will return something like: { Resources: { [this.logicalId]: { Type: this.resourceType, Properties: this.props, Condition: this.condition } } }

Return type:json
Abstract:Yes
logicalId

The logical ID for this CloudFormation stack element

Type:string (readonly)
stack

The stack this Construct has been made a part of

Type:Stack
creationStackTrace
Type:string (readonly)
stackPath

Return the path with respect to the stack

Type:string (readonly)
dependencyElements

Returns the set of all stack elements (resources, parameters, conditions) that should be added when a resource “depends on” this construct.

Type:IDependable (readonly)

StackProps (interface)

class _aws-cdk_core.StackProps
env

The AWS environment (account/region) where this stack will be deployed. If not supplied, the default-account and default-region context parameters will be used. If they are undefined, it will not be possible to deploy the stack.

Type:Environment or None
namingScheme

Strategy for logical ID generation Optional. If not supplied, the HashedNamingScheme will be used.

Type:IAddressingScheme or None

StringListOutput

class _aws-cdk_core.StringListOutput(parent, name, props)

An output for a list of strings. Exports a list of Tokens via an Output variable, and return a list of Tokens that selects the imported values for them.

Extends:

Construct

Parameters:
  • parent (Construct) –
  • name (string) –
  • props (StringListOutputProps) –
makeImportValues() → @aws-cdk/core.Token[]

Return an array of imported values for this Output

Return type:Token
length

Number of elements in the stringlist

Type:number (readonly)

StringListOutputProps (interface)

class _aws-cdk_core.StringListOutputProps

Properties for ListOutput

description

A String type that describes the output value. The description can be a maximum of 4 K in length.

Type:string or None (readonly)
values

The list of primitives to export

Type:any (readonly)
separator

The separator to use to separate stringified values

Type:string or None (readonly)
export

The name used to export the value of this output across stacks. To import the value from another stack, use FnImportValue(export). You can create an import value token by calling output.makeImportValue().

Type:string or None (readonly)
disableExport

Disables the automatic allocation of an export name for this output.

Type:boolean or None (readonly)
condition

A condition from the “Conditions” section to associate with this output value. If the condition evaluates to false, this output value will not be included in the stack.

Type:Condition or None (readonly)

Tag (interface)

class _aws-cdk_core.Tag
key
Type:string or Token
value
Type:string or Token

TemplateOptions (interface)

class _aws-cdk_core.TemplateOptions

CloudFormation template options for a stack.

description

Gets or sets the description of this stack. If provided, it will be included in the CloudFormation template’s “Description” attribute.

Type:string or None
templateFormatVersion

Gets or sets the AWSTemplateFormatVersion field of the CloudFormation template.

Type:string or None
transform

Gets or sets the top-level template transform for this stack (e.g. “AWS::Serverless-2016-10-31”).

Type:string or None
metadata

Metadata associated with the CloudFormation template.

Type:any or None

Token

class _aws-cdk_core.Token([valueOrFunction])

Represents a lazy-evaluated value. Can be used to delay evaluation of a certain value in case, for example, that it requires some context or late-bound data.

Parameters:valueOrFunction (any or None) –
resolve() → any
Returns:The resolved value for this token.
Return type:any

UpdatePolicy (interface)

class _aws-cdk_core.UpdatePolicy

Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group.

autoScalingReplacingUpdate

Specifies whether an Auto Scaling group and the instances it contains are replaced during an update. During replacement, AWS CloudFormation retains the old group until it finishes creating the new one. If the update fails, AWS CloudFormation can roll back to the old Auto Scaling group and delete the new Auto Scaling group.

Type:AutoScalingReplacingUpdate or None
autoScalingRollingUpdate

To specify how AWS CloudFormation handles rolling updates for an Auto Scaling group, use the AutoScalingRollingUpdate policy. Rolling updates enable you to specify whether AWS CloudFormation updates instances that are in an Auto Scaling group in batches or all at once.

Type:AutoScalingRollingUpdate or None
autoScalingScheduledAction

To specify how AWS CloudFormation handles updates for the MinSize, MaxSize, and DesiredCapacity properties when the AWS::AutoScaling::AutoScalingGroup resource has an associated scheduled action, use the AutoScalingScheduledAction policy.

Type:AutoScalingScheduledAction or None

ValidationError

class _aws-cdk_core.ValidationError(source, message)
Parameters:
  • source (Construct) –
  • message (string) –
source
Type:Construct (readonly)
message
Type:string (readonly)