Skip to content

Commit 4517917

Browse files
corymhallStephen Potter
corymhall
authored and
Stephen Potter
committed
chore(aws-cloudtrail): fix broken integration tests (aws#19658)
Upgrades lambda runtime from NODEJS_10 (deprecated) to NODEJS_14. Also enables autoDeleteObjects on the S3 buckets so that all the resources are cleaned up. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
1 parent 03b6773 commit 4517917

4 files changed

+449
-10
lines changed

packages/@aws-cdk/aws-cloudtrail/test/integ.cloudtrail-supplied-bucket.lit.expected.json

+250-3
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,177 @@
22
"Resources": {
33
"Bucket83908E77": {
44
"Type": "AWS::S3::Bucket",
5+
"Properties": {
6+
"Tags": [
7+
{
8+
"Key": "aws-cdk:auto-delete-objects",
9+
"Value": "true"
10+
}
11+
]
12+
},
13+
"UpdateReplacePolicy": "Delete",
14+
"DeletionPolicy": "Delete"
15+
},
16+
"BucketPolicyE9A3008A": {
17+
"Type": "AWS::S3::BucketPolicy",
18+
"Properties": {
19+
"Bucket": {
20+
"Ref": "Bucket83908E77"
21+
},
22+
"PolicyDocument": {
23+
"Statement": [
24+
{
25+
"Action": [
26+
"s3:DeleteObject*",
27+
"s3:GetBucket*",
28+
"s3:List*"
29+
],
30+
"Effect": "Allow",
31+
"Principal": {
32+
"AWS": {
33+
"Fn::GetAtt": [
34+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
35+
"Arn"
36+
]
37+
}
38+
},
39+
"Resource": [
40+
{
41+
"Fn::GetAtt": [
42+
"Bucket83908E77",
43+
"Arn"
44+
]
45+
},
46+
{
47+
"Fn::Join": [
48+
"",
49+
[
50+
{
51+
"Fn::GetAtt": [
52+
"Bucket83908E77",
53+
"Arn"
54+
]
55+
},
56+
"/*"
57+
]
58+
]
59+
}
60+
]
61+
}
62+
],
63+
"Version": "2012-10-17"
64+
}
65+
}
66+
},
67+
"BucketAutoDeleteObjectsCustomResourceBAFD23C2": {
68+
"Type": "Custom::S3AutoDeleteObjects",
69+
"Properties": {
70+
"ServiceToken": {
71+
"Fn::GetAtt": [
72+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
73+
"Arn"
74+
]
75+
},
76+
"BucketName": {
77+
"Ref": "Bucket83908E77"
78+
}
79+
},
80+
"DependsOn": [
81+
"BucketPolicyE9A3008A"
82+
],
583
"UpdateReplacePolicy": "Delete",
684
"DeletionPolicy": "Delete"
785
},
86+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
87+
"Type": "AWS::IAM::Role",
88+
"Properties": {
89+
"AssumeRolePolicyDocument": {
90+
"Version": "2012-10-17",
91+
"Statement": [
92+
{
93+
"Action": "sts:AssumeRole",
94+
"Effect": "Allow",
95+
"Principal": {
96+
"Service": "lambda.amazonaws.com"
97+
}
98+
}
99+
]
100+
},
101+
"ManagedPolicyArns": [
102+
{
103+
"Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
104+
}
105+
]
106+
}
107+
},
108+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
109+
"Type": "AWS::Lambda::Function",
110+
"Properties": {
111+
"Code": {
112+
"S3Bucket": {
113+
"Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232"
114+
},
115+
"S3Key": {
116+
"Fn::Join": [
117+
"",
118+
[
119+
{
120+
"Fn::Select": [
121+
0,
122+
{
123+
"Fn::Split": [
124+
"||",
125+
{
126+
"Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE"
127+
}
128+
]
129+
}
130+
]
131+
},
132+
{
133+
"Fn::Select": [
134+
1,
135+
{
136+
"Fn::Split": [
137+
"||",
138+
{
139+
"Ref": "AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE"
140+
}
141+
]
142+
}
143+
]
144+
}
145+
]
146+
]
147+
}
148+
},
149+
"Timeout": 900,
150+
"MemorySize": 128,
151+
"Handler": "__entrypoint__.handler",
152+
"Role": {
153+
"Fn::GetAtt": [
154+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
155+
"Arn"
156+
]
157+
},
158+
"Runtime": "nodejs12.x",
159+
"Description": {
160+
"Fn::Join": [
161+
"",
162+
[
163+
"Lambda function for auto-deleting objects in ",
164+
{
165+
"Ref": "Bucket83908E77"
166+
},
167+
" S3 bucket."
168+
]
169+
]
170+
}
171+
},
172+
"DependsOn": [
173+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
174+
]
175+
},
8176
"LambdaFunctionServiceRoleC555A460": {
9177
"Type": "AWS::IAM::Role",
10178
"Properties": {
@@ -49,16 +217,24 @@
49217
]
50218
},
51219
"Handler": "hello.handler",
52-
"Runtime": "nodejs10.x"
220+
"Runtime": "nodejs14.x"
53221
},
54222
"DependsOn": [
55223
"LambdaFunctionServiceRoleC555A460"
56224
]
57225
},
58226
"S3486F821D": {
59227
"Type": "AWS::S3::Bucket",
60-
"UpdateReplacePolicy": "Retain",
61-
"DeletionPolicy": "Retain"
228+
"Properties": {
229+
"Tags": [
230+
{
231+
"Key": "aws-cdk:auto-delete-objects",
232+
"Value": "true"
233+
}
234+
]
235+
},
236+
"UpdateReplacePolicy": "Delete",
237+
"DeletionPolicy": "Delete"
62238
},
63239
"S3Policy2E4AA1D6": {
64240
"Type": "AWS::S3::BucketPolicy",
@@ -68,6 +244,44 @@
68244
},
69245
"PolicyDocument": {
70246
"Statement": [
247+
{
248+
"Action": [
249+
"s3:DeleteObject*",
250+
"s3:GetBucket*",
251+
"s3:List*"
252+
],
253+
"Effect": "Allow",
254+
"Principal": {
255+
"AWS": {
256+
"Fn::GetAtt": [
257+
"CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
258+
"Arn"
259+
]
260+
}
261+
},
262+
"Resource": [
263+
{
264+
"Fn::GetAtt": [
265+
"S3486F821D",
266+
"Arn"
267+
]
268+
},
269+
{
270+
"Fn::Join": [
271+
"",
272+
[
273+
{
274+
"Fn::GetAtt": [
275+
"S3486F821D",
276+
"Arn"
277+
]
278+
},
279+
"/*"
280+
]
281+
]
282+
}
283+
]
284+
},
71285
{
72286
"Action": "s3:GetBucketAcl",
73287
"Effect": "Allow",
@@ -116,6 +330,25 @@
116330
}
117331
}
118332
},
333+
"S3AutoDeleteObjectsCustomResource5A4102C9": {
334+
"Type": "Custom::S3AutoDeleteObjects",
335+
"Properties": {
336+
"ServiceToken": {
337+
"Fn::GetAtt": [
338+
"CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
339+
"Arn"
340+
]
341+
},
342+
"BucketName": {
343+
"Ref": "S3486F821D"
344+
}
345+
},
346+
"DependsOn": [
347+
"S3Policy2E4AA1D6"
348+
],
349+
"UpdateReplacePolicy": "Delete",
350+
"DeletionPolicy": "Delete"
351+
},
119352
"Trail022F0CF2": {
120353
"Type": "AWS::CloudTrail::Trail",
121354
"Properties": {
@@ -171,5 +404,19 @@
171404
"S3Policy2E4AA1D6"
172405
]
173406
}
407+
},
408+
"Parameters": {
409+
"AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3Bucket09A62232": {
410+
"Type": "String",
411+
"Description": "S3 bucket for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\""
412+
},
413+
"AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824S3VersionKeyA28118BE": {
414+
"Type": "String",
415+
"Description": "S3 key for asset version \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\""
416+
},
417+
"AssetParametersbe270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824ArtifactHash76F8FCF2": {
418+
"Type": "String",
419+
"Description": "Artifact hash for asset \"be270bbdebe0851c887569796e3997437cca54ce86893ed94788500448e92824\""
420+
}
174421
}
175422
}

packages/@aws-cdk/aws-cloudtrail/test/integ.cloudtrail-supplied-bucket.lit.ts

+10-3
Original file line numberDiff line numberDiff line change
@@ -8,17 +8,24 @@ import * as cloudtrail from '../lib';
88
const app = new cdk.App();
99
const stack = new cdk.Stack(app, 'integ-cloudtrail');
1010

11-
const bucket = new s3.Bucket(stack, 'Bucket', { removalPolicy: cdk.RemovalPolicy.DESTROY });
11+
const bucket = new s3.Bucket(stack, 'Bucket', {
12+
removalPolicy: cdk.RemovalPolicy.DESTROY,
13+
autoDeleteObjects: true,
14+
});
1215
const lambdaFunction = new lambda.Function(stack, 'LambdaFunction', {
13-
runtime: lambda.Runtime.NODEJS_10_X,
16+
runtime: lambda.Runtime.NODEJS_14_X,
1417
handler: 'hello.handler',
1518
code: lambda.Code.fromInline('exports.handler = {}'),
1619
});
1720

1821
// using exctecy the same code as inside the cloudtrail class to produce the supplied bucket and policy
1922
const cloudTrailPrincipal = new iam.ServicePrincipal('cloudtrail.amazonaws.com');
2023

21-
const Trailbucket = new s3.Bucket(stack, 'S3', { encryption: s3.BucketEncryption.UNENCRYPTED });
24+
const Trailbucket = new s3.Bucket(stack, 'S3', {
25+
encryption: s3.BucketEncryption.UNENCRYPTED,
26+
removalPolicy: cdk.RemovalPolicy.DESTROY,
27+
autoDeleteObjects: true,
28+
});
2229

2330
Trailbucket.addToResourcePolicy(new iam.PolicyStatement({
2431
resources: [Trailbucket.bucketArn],

0 commit comments

Comments
 (0)