From 6aa1b1b02ab3782b0e6419f8d5a340663cb47c81 Mon Sep 17 00:00:00 2001 From: Luca Pizzini Date: Fri, 8 Dec 2023 18:48:03 +0100 Subject: [PATCH 01/24] feat(eks): support Bottlerocket Nvidia AMIs (#28287) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds support for `BOTTLEROCKET_ARM_64_NVIDIA` and `BOTTLEROCKET_x86_64_NVIDIA` AMI types. Closes #28241. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-eks/README.md | 11 +++++ .../aws-eks/lib/managed-nodegroup.ts | 29 +++++++++---- .../aws-eks/test/nodegroup.test.ts | 42 +++++++++++++++++-- 3 files changed, 71 insertions(+), 11 deletions(-) diff --git a/packages/aws-cdk-lib/aws-eks/README.md b/packages/aws-cdk-lib/aws-eks/README.md index fba788290d009..262a3758b1dd9 100644 --- a/packages/aws-cdk-lib/aws-eks/README.md +++ b/packages/aws-cdk-lib/aws-eks/README.md @@ -558,6 +558,17 @@ For example, if the Amazon EKS cluster version is `1.17`, the Bottlerocket AMI v Please note Bottlerocket does not allow to customize bootstrap options and `bootstrapOptions` properties is not supported when you create the `Bottlerocket` capacity. +To create a Bottlerocket managed nodegroup with Nvidia-based EC2 instance types use the `BOTTLEROCKET_X86_64_NVIDIA` or +`BOTTLEROCKET_ARM_64_NVIDIA` AMIs: + +```ts +declare const cluster: eks.Cluster; +cluster.addNodegroupCapacity('BottlerocketNvidiaNG', { + amiType: eks.NodegroupAmiType.BOTTLEROCKET_X86_64_NVIDIA, + instanceTypes: [new ec2.InstanceType('g4dn.xlarge')], +}); +``` + For more details about Bottlerocket, see [Bottlerocket FAQs](https://aws.amazon.com/bottlerocket/faqs/) and [Bottlerocket Open Source Blog](https://aws.amazon.com/blogs/opensource/announcing-the-general-availability-of-bottlerocket-an-open-source-linux-distribution-purpose-built-to-run-containers/). ### Endpoint Access diff --git a/packages/aws-cdk-lib/aws-eks/lib/managed-nodegroup.ts b/packages/aws-cdk-lib/aws-eks/lib/managed-nodegroup.ts index b59b941318323..be4bd439f727f 100644 --- a/packages/aws-cdk-lib/aws-eks/lib/managed-nodegroup.ts +++ b/packages/aws-cdk-lib/aws-eks/lib/managed-nodegroup.ts @@ -17,9 +17,13 @@ export interface INodegroup extends IResource { } /** - * The AMI type for your node group. GPU instance types should use the `AL2_x86_64_GPU` AMI type, which uses the - * Amazon EKS-optimized Linux AMI with GPU support. Non-GPU instances should use the `AL2_x86_64` AMI type, which - * uses the Amazon EKS-optimized Linux AMI. + * The AMI type for your node group. + * + * GPU instance types should use the `AL2_x86_64_GPU` AMI type, which uses the + * Amazon EKS-optimized Linux AMI with GPU support or the `BOTTLEROCKET_ARM_64_NVIDIA` or `BOTTLEROCKET_X86_64_NVIDIA` + * AMI types, which uses the Amazon EKS-optimized Linux AMI with Nvidia-GPU support. + * + * Non-GPU instances should use the `AL2_x86_64` AMI type, which uses the Amazon EKS-optimized Linux AMI. */ export enum NodegroupAmiType { /** @@ -35,13 +39,21 @@ export enum NodegroupAmiType { */ AL2_ARM_64 = 'AL2_ARM_64', /** - * Bottlerocket Linux(ARM-64) + * Bottlerocket Linux (ARM-64) */ BOTTLEROCKET_ARM_64 = 'BOTTLEROCKET_ARM_64', /** - * Bottlerocket(x86-64) + * Bottlerocket (x86-64) */ BOTTLEROCKET_X86_64 = 'BOTTLEROCKET_x86_64', + /** + * Bottlerocket Linux with Nvidia-GPU support (ARM-64) + */ + BOTTLEROCKET_ARM_64_NVIDIA = 'BOTTLEROCKET_ARM_64_NVIDIA', + /** + * Bottlerocket with Nvidia-GPU support (x86-64) + */ + BOTTLEROCKET_X86_64_NVIDIA = 'BOTTLEROCKET_x86_64_NVIDIA', /** * Windows Core 2019 (x86-64) */ @@ -215,7 +227,7 @@ export interface NodegroupOptions { /** * The instance type to use for your node group. Currently, you can specify a single instance type for a node group. * The default value for this parameter is `t3.medium`. If you choose a GPU instance type, be sure to specify the - * `AL2_x86_64_GPU` with the amiType parameter. + * `AL2_x86_64_GPU`, `BOTTLEROCKET_ARM_64_NVIDIA`, or `BOTTLEROCKET_x86_64_NVIDIA` with the amiType parameter. * * @default t3.medium * @deprecated Use `instanceTypes` instead. @@ -409,7 +421,7 @@ export class Nodegroup extends Resource implements INodegroup { // if the user explicitly configured an ami type, make sure it's included in the possibleAmiTypes if (props.amiType && !possibleAmiTypes.includes(props.amiType)) { - throw new Error(`The specified AMI does not match the instance types architecture, either specify one of ${possibleAmiTypes} or don't specify any`); + throw new Error(`The specified AMI does not match the instance types architecture, either specify one of ${possibleAmiTypes.join(', ')} or don't specify any`); } //if the user explicitly configured a Windows ami type, make sure the instanceType is allowed @@ -550,7 +562,8 @@ const x8664AmiTypes: NodegroupAmiType[] = [NodegroupAmiType.AL2_X86_64, Nodegrou const windowsAmiTypes: NodegroupAmiType[] = [NodegroupAmiType.WINDOWS_CORE_2019_X86_64, NodegroupAmiType.WINDOWS_CORE_2022_X86_64, NodegroupAmiType.WINDOWS_FULL_2019_X86_64, NodegroupAmiType.WINDOWS_FULL_2022_X86_64]; -const gpuAmiTypes: NodegroupAmiType[] = [NodegroupAmiType.AL2_X86_64_GPU]; +const gpuAmiTypes: NodegroupAmiType[] = [NodegroupAmiType.AL2_X86_64_GPU, + NodegroupAmiType.BOTTLEROCKET_X86_64_NVIDIA, NodegroupAmiType.BOTTLEROCKET_ARM_64_NVIDIA]; /** * This function check if the instanceType is GPU instance. diff --git a/packages/aws-cdk-lib/aws-eks/test/nodegroup.test.ts b/packages/aws-cdk-lib/aws-eks/test/nodegroup.test.ts index 585c682b60958..51a58b6ab2e73 100644 --- a/packages/aws-cdk-lib/aws-eks/test/nodegroup.test.ts +++ b/packages/aws-cdk-lib/aws-eks/test/nodegroup.test.ts @@ -558,7 +558,7 @@ describe('node group', () => { new ec2.InstanceType('p3.large'), new ec2.InstanceType('g3.large'), ], - })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64_GPU or don't specify any/); + })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64_GPU, BOTTLEROCKET_x86_64_NVIDIA, BOTTLEROCKET_ARM_64_NVIDIA or don't specify any/); }); /** @@ -580,7 +580,7 @@ describe('node group', () => { new ec2.InstanceType('c5.large'), new ec2.InstanceType('m5.large'), ], - })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64,BOTTLEROCKET_x86_64,WINDOWS_CORE_2019_x86_64,WINDOWS_CORE_2022_x86_64,WINDOWS_FULL_2019_x86_64,WINDOWS_FULL_2022_x86_64 or don't specify any/); + })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64, BOTTLEROCKET_x86_64, WINDOWS_CORE_2019_x86_64, WINDOWS_CORE_2022_x86_64, WINDOWS_FULL_2019_x86_64, WINDOWS_FULL_2022_x86_64 or don't specify any/); }); test('throws when AmiType is Windows and forbidden instanceType is selected', () => { @@ -619,7 +619,43 @@ describe('node group', () => { new ec2.InstanceType('c5.large'), new ec2.InstanceType('m5.large'), ], - })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64,BOTTLEROCKET_x86_64,WINDOWS_CORE_2019_x86_64,WINDOWS_CORE_2022_x86_64,WINDOWS_FULL_2019_x86_64,WINDOWS_FULL_2022_x86_64 or don't specify any/); + })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64, BOTTLEROCKET_x86_64, WINDOWS_CORE_2019_x86_64, WINDOWS_CORE_2022_x86_64, WINDOWS_FULL_2019_x86_64, WINDOWS_FULL_2022_x86_64 or don't specify any/); + }); + + test('throws when LaunchTemplate is undefined, amiType is BOTTLEROCKET_ARM_64_NVIDIA and instanceTypes are not GPU', () => { + // GIVEN + const { stack, vpc } = testFixture(); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); + // THEN + expect(() => cluster.addNodegroupCapacity('ng', { + amiType: NodegroupAmiType.BOTTLEROCKET_ARM_64_NVIDIA, + instanceTypes: [ + new ec2.InstanceType('c5.large'), + new ec2.InstanceType('m5.large'), + ], + })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64, BOTTLEROCKET_x86_64, WINDOWS_CORE_2019_x86_64, WINDOWS_CORE_2022_x86_64, WINDOWS_FULL_2019_x86_64, WINDOWS_FULL_2022_x86_64 or don't specify any/); + }); + + test('throws when LaunchTemplate is undefined, amiType is BOTTLEROCKET_X86_64_NVIDIA and instanceTypes are not GPU', () => { + // GIVEN + const { stack, vpc } = testFixture(); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); + // THEN + expect(() => cluster.addNodegroupCapacity('ng', { + amiType: NodegroupAmiType.BOTTLEROCKET_X86_64_NVIDIA, + instanceTypes: [ + new ec2.InstanceType('c5.large'), + new ec2.InstanceType('m5.large'), + ], + })).toThrow(/The specified AMI does not match the instance types architecture, either specify one of AL2_x86_64, BOTTLEROCKET_x86_64, WINDOWS_CORE_2019_x86_64, WINDOWS_CORE_2022_x86_64, WINDOWS_FULL_2019_x86_64, WINDOWS_FULL_2022_x86_64 or don't specify any/); }); /** From fe30921c358e535bf734c768fdfb64aca1c4c4ab Mon Sep 17 00:00:00 2001 From: awsmjs <142322013+awsmjs@users.noreply.github.com> Date: Fri, 8 Dec 2023 15:06:47 -0500 Subject: [PATCH 02/24] =?UTF-8?q?feat(ROADMAP):=20updates=20to=20public=20?= =?UTF-8?q?roadmap=20=F0=9F=9A=80=20=20(#28302)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit update to public roadmap ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ROADMAP.md | 137 +++++++++++++++++++++++++++-------------------------- 1 file changed, 70 insertions(+), 67 deletions(-) diff --git a/ROADMAP.md b/ROADMAP.md index 96f53bd34dda2..9cbe133793b84 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -1,102 +1,105 @@ # AWS CDK Roadmap -The [AWS CDK Roadmap] lets developers know about our upcoming features and priorities to help them -plan how to best leverage the CDK and identify opportunities to contribute to the project. The roadmap -provides a high-level view of our work in progress across the [aws-cdk], [aws-cdk-rfcs], and [jsii] -repositories, and creates an opportunity for customers to engage in a conversation with AWS CDK engineers to -give us direct feedback. +The roadmap priorities for the AWS CDK (Cloud Development Kit) are informed by what we hear from customers and interactions on Github, CDK.dev Slack, Stack Overflow, and Twitter. This document outlines the high level direction we are working towards, and for each project there is a tracking issue where you can leave feedback. We update this doc on a quarterly basis to reflect any changing priorities. + +Follow [CDK Live!](https://www.youtube.com/@CDK-Live) and [cdk.dev](https://cdk.dev/) to learn what's new in AWS CDK. + +Security and stability of the CDK is a top priority. If you think you’ve found a potential security issue, please do not post it as an issue or a discussion thread in this repository. Instead, please follow the instructions [here](https://aws.amazon.com/security/vulnerability-reporting/) or directly email [AWS security](mailto:aws-security@amazon.com). -[AWS CDK Roadmap]: https://github.com/orgs/aws/projects/88 [aws-cdk]: https://github.com/aws/aws-cdk [aws-cdk-rfcs]: https://github.com/aws/aws-cdk-rfcs [jsii]: https://github.com/aws/jsii -## Tenets -The core values for CDK on how to prioritize work, keep engaged with the community and deliver what matters. -1. **Be transparent** +## Our Core Tenets (which guide prioritization decisions) -The AWS CDK team’s current work should be easily visible. +* **We empower CDK builders to innovate with confidence, without sacrificing security.** The CDK provides customers with conviction by providing a clear and streamlined direction to building secure, modernized, industry leading innovations with AWS. +* **Productivity through simplicity.** The CDK measurably improves developer productivity in building with AWS. We make Infrastructure as Code simple to define, understand, change, and troubleshoot. +* **Be transparent.** The AWS CDK team’s current work should be easily visible. +* **Listen to customers.** Allow them to participate in design decisions and to vote on and propose new AWS CDK features. We will periodically reprioritize the roadmap based on customer feedback. -2. **Listen to customers** +## List of Annotations -Allow them to participate in design decisions and to vote on and propose new AWS CDK features. We will periodically re-prioritize the roadmap based on customer feedback. +| Symbol | Description | +| :--- | :----: | +| 🔍 | Exploration | +| 👂🏽 | Waiting for feedback | +| 🚦 | Work ready to begin | +| 🛠️ | Work in progress | +| 🚀 | Released | -3. **Stay up-to-date** +## Themes -Be informed and incorporate best practices. +### User Experience +* 🚀 [App Staging Synthesizer for Resource Isolation](https://aws.amazon.com/blogs/devops/enhancing-resource-isolation-in-aws-cdk-with-the-app-staging-synthesizer/) - This feature enhances resource isolation and cleanup control by creating separate staging resources for each application +* 👂🏽 [CDK Refactoring](https://github.com/aws/aws-cdk-rfcs/issues/162) - We’re looking into providing built-in support for builder refactoring work. +* 🛠️ [Understand deployment progress within CloudFormation](https://github.com/aws/aws-cdk-rfcs/issues/586) - This will help builders understand what CloudFormation is doing as deployments are in progress. -4. **Provide the right level of detail** +### Speed up development and testing +* 🚀 [Enable CloudFormation builders to migrate existing infrastructure to CDK](https://github.com/aws/aws-cdk/blob/6004a17c593728e36ad4f5c3dcdd578ff46fa9bb/packages/aws-cdk/README.md#cdk-migrate) - CloudFormation builders can now generate a CDK application using an existing CloudFormation template in JSON or YAML format using cdk migrate! +* 🚀 [Policy Validation at Synth](https://docs.aws.amazon.com/cdk/v2/guide/policy-validation-synthesis.html) - Builders can now check their policies immediately after synthesis using CloudFormation Guard or OPA! +* 👂🏽 [Adding more resource support to Hotswap](https://github.com/aws/aws-cdk/issues/25418) - Apart from Lambda, we are looking into expanding resource support for Hotswap. Please share your feedback in this linked ticket! +* 🔍 [Local application testing](https://github.com/aws/aws-cdk-rfcs/issues/585) - We are investigating how to improve CDK testing on builders’ locals. We would love to hear everyone’s feedback here on what they would like to see as part of this experience. +* 🔍 [Upgrade deployment debugging experience](https://github.com/aws/aws-cdk-rfcs/issues/583) - We also are looking into providing more debugging support at time of deployment. Please drop a note in this tagged ticket if you have any opinions related to this experience! -The overview should indicate all work in progress at a glance, while allowing a deep dive into the details via provided references. +### CI/CD +* 🚀 [Secure CDK Deployments with IAM Permission Boundaries](https://aws.amazon.com/blogs/devops/secure-cdk-deployments-with-iam-permission-boundaries/) - CDK builders can now enact IAM permission boundaries, which help to ensure that all actions are within the overlap of the users permissions and the boundary, and ensure that any IAM entities that are created also have the same boundary applied! +* 👂🏽 [CDK CLI Upgrade](https://github.com/aws/aws-cdk-rfcs/issues/300) - We are looking into how to further improve the CLI experience. This includes allowing builders to automate necessary tasks and integrate the CDK into CI/CD pipelines if they desire to. Please share your feedback in this ticket if you have anything you would like noted! +* 👂🏽 [CDK CLI Triggers](https://github.com/aws/aws-cdk-rfcs/issues/228) - CLI enhancements are also being considered for post command hooks. -5. **Guide the community** +### L2 Abstractions +* 🔍 [CloudFront Origin Access Control L2](https://github.com/aws/aws-cdk-rfcs/issues/491) -Align on what can be worked on that is not currently handled by the team. -Offer help and unblock contributors in their efforts. +We are currently investigating other L2s to build out next. Feel free to create an RFC to request. -## Roadmap FAQs -**Q: How do you manage the roadmap?** +## Community Engagement +We would love to hear from you on how the CDK operates today and how it should grow in the future. To report a bug or create a small feature request, please [create an issue here](https://github.com/aws/aws-cdk/issues/new/choose). If you are seeking to request a change in strategic direction or make a CDK core framework change, please [create a Request for Comments (RFC) ticket here](https://github.com/aws/aws-cdk-rfcs/issues/new/choose). If you are ever unsure about where your feature request should live, it is best to follow the first link within the aws-cdk repo. -A: CDK customers are making decisions and plans based on what we are developing. We strive to provide the -required information, when that is not sufficient, we take note of the feedback we receive and iterate on how -to bring improvements to our current processes and available information. +![image](https://github.com/aws/aws-cdk/assets/142322013/ea006330-caa7-4c00-8eba-8e8fe379ef6b) -**Q: How do you mark work in progress?** +Listening and working with the open source community is really important to us. If you would like to give us your feedback on how we are doing, feel free to reach out to our team via cdk.dev slack. -A: For the [aws-cdk] repository, any issue that is currently worked on will have the `CDK Construct Squad` project -listed, with the current status. +## Educational Content -* **Needs Review** - We’re thinking about it, but cannot commit if, or when, we will work on items in this list. - This means we are still designing the feature and evaluating how it might work. This is the phase when we collect - customer use cases and feedback on how they want to see something implemented. There is no firm commitment to deliver - functionality listed in the Needs Review column, and there might be situations where we remove items from the Needs - Review column. -* **Backlog** - We want to do this, but no one has picked it up yet. We have made an implied commitment to work on items - in this bucket, they have some level of design spec’ed out. Items might linger in this bucket as we work through the implementation details, or scope stuff out. Think several months out until a developer preview release, give or take. -* **In Progress** - Someone on the CDK team is actively working on this. If all goes well, issues in this bucket should - be released in the coming weeks. -* **In review** - It’s implementation is done and we are reviewing the code. -* **Done** - It’s available now, fully supported by AWS. +To make the CDK more accessible and easier to understand, we publish educational content like blog posts, videos and workshops. Here are some from AWS. -For the [aws-cdk-rfcs], the README file contains the overview and statuses. They can also be checked per RFC by selecting any of the relevant [issues](https://github.com/aws/aws-cdk-rfcs/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) and seeing how far along is its `Workflow`. +* [Workshop] [The AWS CDK Workshop](https://cdkworkshop.com/) +* [Workshop] [Extended CDK Workshop](https://catalog.us-east-1.prod.workshops.aws/workshops/071bbc60-6c1f-47b6-8c66-e84f5dc96b3f/en-US) +* [Workshop] [Automating your workload deployments in AWS Local Zones](https://catalog.workshops.aws/localzone-cdk/en-US) +* [Blogpost] [Using AWS CloudFormation and AWS Cloud Development Kit to provision multicloud resources](https://aws.amazon.com/blogs/devops/using-aws-cloudformation-and-aws-cloud-development-kit-to-provision-multicloud-resources/) +* [Blogpost] [CDK Pipelines: Continuous delivery for AWS CDK applications](https://aws.amazon.com/blogs/developer/cdk-pipelines-continuous-delivery-for-aws-cdk-applications/) +* [Blogpost] [Better together: AWS SAM and AWS CDK](https://aws.amazon.com/blogs/compute/better-together-aws-sam-and-aws-cdk/) +* [Videos] [CDK Live!](https://www.youtube.com/@CDK-Live) +* [CDK Day] [Track 1 (English) for CDK Day 2023](https://www.youtube.com/watch?v=qlUR5jVBC6c) +* [CDK Day] [Track 2 (English) for CDK Day 2023](https://www.youtube.com/watch?v=b-nSH18gFQk) +* [CDK Day] [Track 3 (Spanish) for CDK Day 2023](https://www.youtube.com/watch?v=ZAQC-cOXL4M) +* [re:Invent Content] Search through [all content here](https://www.youtube.com/@amazonwebservices) -**Q: How do items on the roadmap move across the project board?** +## 2024 Updates -A: The [AWS Construct Library module lifecycle -document](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0107-construct-library-module-lifecycle.md) describes how -we graduate packages from experimental, to developer preview, to generally available. +Stay tuned for more updates for 2024! -**Q: Why are there no dates on this roadmap?** +## Disclaimer -A: Security and operational stability are our main priority and we will not ship a feature until these criteria are met, -therefore we generally don’t provide specific target dates for releases. +The AWS CDK team values feedback and guidance from its community of users, although final decisions on inclusion into the project will be made by AWS. We determine the high-level direction for our open roadmap based on customer feedback and popularity (👍🏽 and comments), security and operational impacts, and business value. Where features don’t meet our goals and longer-term strategy, we will communicate that clearly and openly as quickly as possible with an explanation of why the decision was made. -**Q: Is every feature on the roadmap?** +## FAQs -A: The AWS Cloud Development Kit roadmap provides transparency on our priority for adding new programming languages, -developer experience improvements, and service coverage in the AWS Construct Library. The AWS CDK toolkit and AWS -Construct Library are such a large surface areas we are intentionally keeping the roadmap at a high-level, so not every -CDK feature request will appear on the roadmap. Instead, the roadmap will include a tracking issue -for each deliverable that provides a feature overview and contains links to relevant, more granular issues and pull -requests. If you want to track the status of a specific issue or pull request, you can do so by monitoring that work -item in the [aws-cdk] GitHub repository. +**Q: Why did you build an open roadmap?** +A: Your feedback and suggestions would help in ensuring that we are working on the most important and impactful issues. And if you are making decisions and plans based on what we are developing, this will provide insights on what is coming down the road for the CDK. -**Q: What is a tracking issue?** +**Q: Why are there no dates on your roadmap?** +A: Because security and operational stability are our highest priorities, the above new features cannot be provided specific target dates. The roadmap is subject to change at any time, and roadmap issues in this repository do not guarantee a feature will be launched as proposed. -A: We create a tracking issue for each CDK feature, AWS Construct Library module, and jsii-supported programming language. Tracking issues provide a brief summary of the feature and a consolidated view of the work scoped for the release. They include links to design documentation, implementation details, and relevant issues. Tracking issues are living documents that start from a basic template and grow more robust over time as we experiment and learn. You can easily find tracking issues by filtering on the [management/tracking label](https://github.com/aws/aws-cdk/labels/management%2Ftracking). +**Q: Is everything on the roadmap?** +A: We will publish high-level direction that is within the scope of the CDK. Minor features and performance improvement tasks are not on the roadmap currently, but we are constantly trying to improve the roadmap so please leave your suggestions [here](https://github.com/aws/aws-sam-cli/issues/3267). -**Q: How can I provide feedback on the roadmap or ask for more information about a feature?** +**Q: How can I provide feedback or ask for more information?** +A: When in doubt, please create an issue! Issues will be reviewed and/or forwarded appropriately. A great time to provide feedback is when the project is in Exploration, RFC stage, or when the feature is in beta release. As always, we listen to your feedback and adapt our plans if needed. -A: Please open an issue! Or engage by 👍 existing ones. +**Q: Can I 👍🏽 existing issues?** +A: We strongly encourage you to do so, as it helps us understand which issues will have the widest impact. You can navigate to the issue details page and add a reaction (👍🏽). **Q: How can I request a feature be added to the roadmap?** +A: We encourage you to open an issue, even if you’ve requested it before via other channels. Issues submitted will be reviewed by the roadmap maintainers. If you find an issue already created for the feature, please upvote it (👍🏽) and leave comments specific to your use case. To report a bug or create a small feature request, please [create an issue here](https://github.com/aws/aws-cdk/issues/new/choose). If you are seeking to request a change in the CDK’s strategic direction or make a CDK core framework change, please [create a Request for Comments (RFC) ticket here](https://github.com/aws/aws-cdk-rfcs/issues/new/choose). -A: Please open an issue! Community submitted issues will be tagged “feature-request” and will be reviewed by the team. - -**Q: Can I “+1” tracking issues and feature requests?** - -A: We strongly encourage you to do so, as it helps us understand which issues will have the broadest impact. You can navigate to the issue details page and add a reaction. There are six types of reactions (👍 +1, 👎 -1, 😕 confused, ❤️ heart, 👀 watching, 😄 smile, and 🎉 celebration) you can use to help us decide which items will benefit you most. - -**Q: Will you accept a pull request to the aws-cdk repo?** - -A: Yes! We take PRs very seriously and will review for inclusion. You can read how to contribute to the CDK [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md). +Please do not be discouraged if your ticket is closed—that may happen if it is not a priority during the quarter it was submitted. The CDK team closes tickets in an effort to display what is prioritized at a given moment. If this happens, we invite you to try submitting it again later in the year. From 8b91e106e649e6a75b396f350dae9266770ad6cb Mon Sep 17 00:00:00 2001 From: sakurai-ryo <58683719+sakurai-ryo@users.noreply.github.com> Date: Sat, 9 Dec 2023 05:35:09 +0900 Subject: [PATCH 03/24] fix(scheduler): typo in metricSentToDLQ... methods (#28307) This PR includes breaking changes to the `aws-scheduler-alpha` module. ## Description This PR introduces breaking changes by correcting typos in the method names of the Schedule and Group constructs. Specifically, the method name `metricSentToDLQTrunacted` has been changed to `metricSentToDLQTruncated`, and `metricAllSentToDLQTrunacted` has been changed to `metricAllSentToDLQTruncated`. https://docs.aws.amazon.com/scheduler/latest/UserGuide/monitoring-cloudwatch.html BREAKING CHANGE: The typos in the Schedule and Group construct method names have been fixed, changing `metricSentToDLQTrunacted` to `metricSentToDLQTruncated` and `metricAllSentToDLQTrunacted` to `metricAllSentToDLQTruncated`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-scheduler-alpha/lib/group.ts | 4 ++-- packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/group.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/group.ts index 96cd5fd24af2c..f9e15f2d3b0fe 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/lib/group.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/group.ts @@ -100,7 +100,7 @@ export interface IGroup extends IResource { * * @default - sum over 5 minutes */ - metricSentToDLQTrunacted(props?: cloudwatch.MetricOptions): cloudwatch.Metric; + metricSentToDLQTruncated(props?: cloudwatch.MetricOptions): cloudwatch.Metric; /** * Grant the indicated permissions on this group to the given principal @@ -224,7 +224,7 @@ abstract class GroupBase extends Resource implements IGroup { * * @default - sum over 5 minutes */ - public metricSentToDLQTrunacted(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + public metricSentToDLQTruncated(props?: cloudwatch.MetricOptions): cloudwatch.Metric { return this.metric('InvocationsSentToDeadLetterCount_Truncated_MessageSizeExceeded', props); } diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts index bd8d1e004a43d..47286a81c9b33 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts @@ -209,7 +209,7 @@ export class Schedule extends Resource implements ISchedule { * * @default - sum over 5 minutes */ - public static metricAllSentToDLQTrunacted(props?: cloudwatch.MetricOptions): cloudwatch.Metric { + public static metricAllSentToDLQTruncated(props?: cloudwatch.MetricOptions): cloudwatch.Metric { return this.metricAll('InvocationsSentToDeadLetterCount_Truncated_MessageSizeExceeded', props); } From d64a85b843e32c7d1dac0c54eb2069f010ed09ba Mon Sep 17 00:00:00 2001 From: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> Date: Fri, 8 Dec 2023 19:47:31 -0500 Subject: [PATCH 04/24] chore: add awsmjs to core contributors (#28305) And remove outdated information. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Signed-off-by: Vinayak Kukreja Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Vinayak Kukreja --- .github/workflows/github-merit-badger.yml | 2 +- .mergify.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/github-merit-badger.yml b/.github/workflows/github-merit-badger.yml index b9aa7c0249568..4448cd03cda10 100644 --- a/.github/workflows/github-merit-badger.yml +++ b/.github/workflows/github-merit-badger.yml @@ -17,4 +17,4 @@ jobs: badges: '[beginning-contributor,repeat-contributor,valued-contributor,admired-contributor,star-contributor,distinguished-contributor]' thresholds: '[0,3,6,13,25,50]' badge-type: 'achievement' - ignore-usernames: '[rix0rrr,MrArnoldPalmer,iliapolo,otaviomacedo,madeline-k,kaizencc,comcalvi,corymhall,peterwoodworth,TheRealAmazonKendra,vinayak-kukreja,mrgrain,pahud,cgarvis,kellertk,HBobertz,sumupitchayan,SankyRed,udaypant,colifran,khushail,scanlonp,mikewrighton,moelasmar,paulhcsun,aws-cdk-automation,dependabot[bot],mergify[bot]]' + ignore-usernames: '[rix0rrr,MrArnoldPalmer,iliapolo,otaviomacedo,madeline-k,kaizencc,comcalvi,TheRealAmazonKendra,vinayak-kukreja,mrgrain,pahud,cgarvis,kellertk,HBobertz,sumupitchayan,SankyRed,udaypant,colifran,khushail,scanlonp,mikewrighton,moelasmar,paulhcsun,awsmjs,aws-cdk-automation,dependabot[bot],mergify[bot]]' diff --git a/.mergify.yml b/.mergify.yml index 9e43ee52ddb3e..79a262849fc8d 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -11,7 +11,7 @@ pull_request_rules: label: add: [ contribution/core ] conditions: - - author~=^(rix0rrr|MrArnoldPalmer|iliapolo|otaviomacedo|madeline-k|kaizencc|comcalvi|corymhall|peterwoodworth|TheRealAmazonKendra|vinayak-kukreja|mrgrain|pahud|cgarvis|kellertk|HBobertz|sumupitchayan|SankyRed|udaypant|colifran|scanlonp|mikewrighton|moelasmar|paulhcsun)$ + - author~=^(rix0rrr|MrArnoldPalmer|iliapolo|otaviomacedo|madeline-k|kaizencc|comcalvi|TheRealAmazonKendra|vinayak-kukreja|mrgrain|pahud|cgarvis|kellertk|HBobertz|sumupitchayan|SankyRed|udaypant|colifran|scanlonp|mikewrighton|moelasmar|paulhcsun|awsmjs)$ - -label~="contribution/core" - name: automatic merge actions: From 207555919e0462686f6c434d1598e371687679c8 Mon Sep 17 00:00:00 2001 From: Jane Chen <125300057+chenjane-dev@users.noreply.github.com> Date: Fri, 8 Dec 2023 20:15:42 -0500 Subject: [PATCH 05/24] fix(appconfig-alpha): extensions always create cdk diff (#28264) Fixing extensions CDK diff since before it would always generate a new diff even if nothing changed. Closes #27676. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-appconfig-alpha/lib/application.ts | 2 +- .../aws-appconfig-alpha/lib/configuration.ts | 4 +- .../aws-appconfig-alpha/lib/environment.ts | 2 +- .../aws-appconfig-alpha/lib/extension.ts | 59 +- .../test/application.test.ts | 90 ++- .../test/extension.test.ts | 52 +- .../aws-appconfig-extension.assets.json | 6 +- .../aws-appconfig-extension.template.json | 411 +++++++---- ...efaultTestDeployAssert64BA6C4E.assets.json | 2 +- .../test/integ.extension.js.snapshot/cdk.out | 2 +- .../integ.extension.js.snapshot/integ.json | 2 +- .../integ.extension.js.snapshot/manifest.json | 66 +- .../integ.extension.js.snapshot/tree.json | 654 ++++++++++++------ .../test/integ.extension.ts | 4 - 14 files changed, 889 insertions(+), 467 deletions(-) diff --git a/packages/@aws-cdk/aws-appconfig-alpha/lib/application.ts b/packages/@aws-cdk/aws-appconfig-alpha/lib/application.ts index cd6eb38adcbb2..27b38f506b571 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/lib/application.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/lib/application.ts @@ -352,7 +352,7 @@ export class Application extends ApplicationBase { resourceName: this.applicationId, }); - this.extensible = new ExtensibleBase(scope, this.applicationArn, this.name); + this.extensible = new ExtensibleBase(this, this.applicationArn, this.name); } } diff --git a/packages/@aws-cdk/aws-appconfig-alpha/lib/configuration.ts b/packages/@aws-cdk/aws-appconfig-alpha/lib/configuration.ts index 3d141089cd637..6f0e7306f5b25 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/lib/configuration.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/lib/configuration.ts @@ -455,7 +455,7 @@ export class HostedConfiguration extends ConfigurationBase { resource: 'application', resourceName: `${this.applicationId}/configurationprofile/${this.configurationProfileId}`, }); - this.extensible = new ExtensibleBase(scope, this.configurationProfileArn, this.name); + this.extensible = new ExtensibleBase(this, this.configurationProfileArn, this.name); this.content = props.content.content; this.contentType = props.content.contentType; @@ -617,7 +617,7 @@ export class SourcedConfiguration extends ConfigurationBase { resource: 'application', resourceName: `${this.applicationId}/configurationprofile/${this.configurationProfileId}`, }); - this.extensible = new ExtensibleBase(scope, this.configurationProfileArn, this.name); + this.extensible = new ExtensibleBase(this, this.configurationProfileArn, this.name); this.addExistingEnvironmentsToApplication(); this.deployConfigToEnvironments(); diff --git a/packages/@aws-cdk/aws-appconfig-alpha/lib/environment.ts b/packages/@aws-cdk/aws-appconfig-alpha/lib/environment.ts index 70109132b7443..e4216a569ab87 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/lib/environment.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/lib/environment.ts @@ -269,7 +269,7 @@ export class Environment extends EnvironmentBase { resource: 'application', resourceName: `${this.applicationId}/environment/${this.environmentId}`, }); - this.extensible = new ExtensibleBase(scope, this.environmentArn, this.name); + this.extensible = new ExtensibleBase(this, this.environmentArn, this.name); this.application.addExistingEnvironment(this); } diff --git a/packages/@aws-cdk/aws-appconfig-alpha/lib/extension.ts b/packages/@aws-cdk/aws-appconfig-alpha/lib/extension.ts index 3f21307843370..72f6d1bc9c739 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/lib/extension.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/lib/extension.ts @@ -75,6 +75,12 @@ export class LambdaDestination implements IEventDestination { this.policyDocument = new iam.PolicyDocument({ statements: [policy], }); + + if (!func.permissionsNode.tryFindChild('AppConfigPermission')) { + func.addPermission('AppConfigPermission', { + principal: new iam.ServicePrincipal('appconfig.amazonaws.com'), + }); + } } } @@ -500,21 +506,19 @@ export class Extension extends Resource implements IExtension { this.parameters = props.parameters; const resource = new CfnExtension(this, 'Resource', { - actions: this.actions.reduce((acc: {[key: string]: {[key: string]: string}[]}, cur: Action) => { + actions: this.actions.reduce((acc: {[key: string]: {[key: string]: string}[]}, cur: Action, index: number) => { const extensionUri = cur.eventDestination.extensionUri; const sourceType = cur.eventDestination.type; this.executionRole = cur.executionRole; + const name = cur.name ?? `${this.name}-${index}`; cur.actionPoints.forEach((actionPoint) => { acc[actionPoint] = [ { - Name: cur.name || Names.uniqueResourceName(this, { - maxLength: 64, - separator: '-', - }), + Name: name, Uri: extensionUri, ...(sourceType === SourceType.EVENTS || cur.invokeWithoutExecutionRole ? {} - : { RoleArn: this.executionRole?.roleArn || this.getExecutionRole(cur.eventDestination).roleArn }), + : { RoleArn: this.executionRole?.roleArn || this.getExecutionRole(cur.eventDestination, name).roleArn }), ...(cur.description ? { Description: cur.description } : {}), }, ]; @@ -543,8 +547,10 @@ export class Extension extends Resource implements IExtension { }); } - private getExecutionRole(eventDestination: IEventDestination): iam.IRole { - this.executionRole = new iam.Role(this, `Role${getHash(eventDestination.extensionUri)}`, { + private getExecutionRole(eventDestination: IEventDestination, actionName: string): iam.IRole { + const versionNumber = this.latestVersionNumber ? this.latestVersionNumber + 1 : 1; + const combinedObjects = stringifyObjects(this.name, versionNumber, actionName); + this.executionRole = new iam.Role(this, `Role${getHash(combinedObjects)}`, { roleName: PhysicalName.GENERATE_IF_NEEDED, assumedBy: new iam.ServicePrincipal('appconfig.amazonaws.com'), inlinePolicies: { @@ -652,13 +658,13 @@ export class ExtensibleBase implements IExtensible { } public addExtension(extension: IExtension) { - this.addExtensionAssociation(extension, { - parameters: extension.parameters, - }); + this.addExtensionAssociation(extension); } private getExtensionForActionPoint(eventDestination: IEventDestination, actionPoint: ActionPoint, options?: ExtensionOptions) { - const extension = new Extension(this.scope, `Extension${this.getExtensionHash(eventDestination, actionPoint, options)}`, { + const name = options?.name || this.getExtensionDefaultName(); + const versionNumber = options?.latestVersionNumber ? options?.latestVersionNumber + 1 : 1; + const extension = new Extension(this.scope, `Extension${this.getExtensionHash(name, versionNumber)}`, { actions: [ new Action({ eventDestination, @@ -667,20 +673,22 @@ export class ExtensibleBase implements IExtensible { ], }), ], + name, ...(options?.description ? { description: options.description } : {}), ...(options?.latestVersionNumber ? { latestVersionNumber: options.latestVersionNumber } : {}), - ...(options?.name ? { name: options.name } : {}), ...(options?.parameters ? { parameters: options.parameters } : {}), }); - this.addExtensionAssociation(extension, options); + this.addExtensionAssociation(extension); } - private addExtensionAssociation(extension: IExtension, options?: ExtensionOptions) { - new CfnExtensionAssociation(this.scope, `AssociationResource${this.getExtensionAssociationHash(extension)}`, { + private addExtensionAssociation(extension: IExtension) { + const versionNumber = extension?.latestVersionNumber ? extension?.latestVersionNumber + 1 : 1; + const name = extension.name ?? this.getExtensionDefaultName(); + new CfnExtensionAssociation(this.scope, `AssociationResource${this.getExtensionAssociationHash(name, versionNumber)}`, { extensionIdentifier: extension.extensionId, resourceIdentifier: this.resourceArn, extensionVersionNumber: extension.extensionVersionNumber, - parameters: options?.parameters?.reduce((acc: {[key: string]: string}, cur: Parameter) => { + parameters: extension.parameters?.reduce((acc: {[key: string]: string}, cur: Parameter) => { if (cur.value) { acc[cur.name] = cur.value; } @@ -689,16 +697,23 @@ export class ExtensibleBase implements IExtensible { }); } - private getExtensionHash(eventDestination: IEventDestination, actionPoint: ActionPoint, options?: ExtensionOptions) { - const combinedString = stringifyObjects(eventDestination, actionPoint, options); + private getExtensionHash(name: string, versionNumber: number) { + const combinedString = stringifyObjects(name, versionNumber); return getHash(combinedString); } - private getExtensionAssociationHash(extension: IExtension) { - const resourceIdentifier = this.resourceName ? this.resourceName : this.resourceArn; - const combinedString = stringifyObjects(resourceIdentifier, extension.name, extension.extensionVersionNumber); + private getExtensionAssociationHash(name: string, versionNumber: number) { + const resourceIdentifier = this.resourceName ?? this.resourceArn; + const combinedString = stringifyObjects(resourceIdentifier, name, versionNumber); return getHash(combinedString); } + + private getExtensionDefaultName() { + return Names.uniqueResourceName(this.scope, { + maxLength: 54, + separator: '-', + }) + '-Extension'; + } } /** diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/application.test.ts b/packages/@aws-cdk/aws-appconfig-alpha/test/application.test.ts index a94427b770681..a5c85dad77d95 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/application.test.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/application.test.ts @@ -64,7 +64,7 @@ describe('appconfig', () => { }); }); - test('pre create hosted configuration version', () => { + test('specifying action point for extensible action on', () => { const stack = new cdk.Stack(); const appconfig = new Application(stack, 'MyAppConfig'); const func = new Function(stack, 'MyFunc', { @@ -72,29 +72,26 @@ describe('appconfig', () => { runtime: Runtime.PYTHON_3_7, code: Code.fromInline('# this is my code'), }); - Object.defineProperty(func, 'functionArn', { - value: 'arn:lambda:us-east-1:123456789012:function:my-function', - }); appconfig.on(ActionPoint.ON_DEPLOYMENT_STEP, new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'Extension28486', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_STEP: [ { - Name: 'Extension28486', - RoleArn: { 'Fn::GetAtt': ['Extension28486RoleFD36712B5D791', 'Arn'] }, - Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, + Uri: { 'Fn::GetAtt': ['MyFunc8A243A2C', 'Arn'] }, }, ], }, }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension28486EB468E25', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension28486EB468E25', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -122,9 +119,6 @@ describe('appconfig', () => { runtime: Runtime.PYTHON_3_7, code: Code.fromInline('# this is my code'), }); - Object.defineProperty(func, 'functionArn', { - value: 'arn:lambda:us-east-1:123456789012:function:my-function', - }); appconfig.preCreateHostedConfigurationVersion(new LambdaDestination(func), { description: 'This is my description', name: 'MyExtension', @@ -141,9 +135,9 @@ describe('appconfig', () => { Actions: { PRE_CREATE_HOSTED_CONFIGURATION_VERSION: [ { - Name: 'Extension8D9D7', - RoleArn: { 'Fn::GetAtt': ['Extension8D9D7RoleFD367F4FA01C5', 'Arn'] }, - Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionE4CCERole467D69791333F', 'Arn'] }, + Uri: { 'Fn::GetAtt': ['MyFunc8A243A2C', 'Arn'] }, }, ], }, @@ -153,10 +147,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension8D9D75657615A', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionE4CCE34485313', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension8D9D75657615A', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionE4CCE34485313', 'VersionNumber'], }, Parameters: { myparam: 'val', @@ -193,12 +187,12 @@ describe('appconfig', () => { appconfig.preStartDeployment(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'Extension6253E', + Name: 'MyAppConfig-Extension', Actions: { PRE_START_DEPLOYMENT: [ { - Name: 'Extension6253E', - RoleArn: { 'Fn::GetAtt': ['Extension6253ERoleFD367F586E17D', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -206,10 +200,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension6253ED4CE66CE', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension6253ED4CE66CE', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -246,12 +240,12 @@ describe('appconfig', () => { appconfig.onDeploymentStart(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'ExtensionB65DC', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_START: [ { - Name: 'ExtensionB65DC', - RoleArn: { 'Fn::GetAtt': ['ExtensionB65DCRoleFD3677AFA6FE0', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -259,10 +253,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['ExtensionB65DC00D22C6E', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['ExtensionB65DC00D22C6E', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -296,12 +290,12 @@ describe('appconfig', () => { appconfig.onDeploymentStep(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'Extension28486', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_STEP: [ { - Name: 'Extension28486', - RoleArn: { 'Fn::GetAtt': ['Extension28486RoleFD36712B5D791', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -309,10 +303,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension28486EB468E25', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension28486EB468E25', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -346,12 +340,12 @@ describe('appconfig', () => { appconfig.onDeploymentComplete(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'Extension32166', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'Extension32166', - RoleArn: { 'Fn::GetAtt': ['Extension32166RoleFD367EE1FF117', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -359,10 +353,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension32166E58405A0', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension32166E58405A0', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -396,12 +390,12 @@ describe('appconfig', () => { appconfig.onDeploymentBaking(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'Extension1CAD4', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_BAKING: [ { - Name: 'Extension1CAD4', - RoleArn: { 'Fn::GetAtt': ['Extension1CAD4RoleFD367FC09E8DE', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -409,10 +403,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['Extension1CAD47F07C609', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['Extension1CAD47F07C609', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ @@ -446,12 +440,12 @@ describe('appconfig', () => { appconfig.onDeploymentRolledBack(new LambdaDestination(func)); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::Extension', { - Name: 'ExtensionC8347', + Name: 'MyAppConfig-Extension', Actions: { ON_DEPLOYMENT_ROLLED_BACK: [ { - Name: 'ExtensionC8347', - RoleArn: { 'Fn::GetAtt': ['ExtensionC8347RoleFD36716A1DE61', 'Arn'] }, + Name: 'MyAppConfig-Extension-0', + RoleArn: { 'Fn::GetAtt': ['MyAppConfigExtensionF845ERole0D30970E5A7E5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -459,10 +453,10 @@ describe('appconfig', () => { }); Template.fromStack(stack).hasResourceProperties('AWS::AppConfig::ExtensionAssociation', { ExtensionIdentifier: { - 'Fn::GetAtt': ['ExtensionC83470CE85F6C', 'Id'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'Id'], }, ExtensionVersionNumber: { - 'Fn::GetAtt': ['ExtensionC83470CE85F6C', 'VersionNumber'], + 'Fn::GetAtt': ['MyAppConfigExtensionF845EC11D4079', 'VersionNumber'], }, ResourceIdentifier: { 'Fn::Join': [ diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/extension.test.ts b/packages/@aws-cdk/aws-appconfig-alpha/test/extension.test.ts index 7be5ace16bc12..4bef613850bbf 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/extension.test.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/extension.test.ts @@ -28,9 +28,6 @@ describe('extension', () => { code: lambda.Code.fromInline('# dummy func'), handler: 'index.handler', }); - Object.defineProperty(func, 'functionArn', { - value: 'arn:lambda:us-east-1:123456789012:function:my-function', - }); new Extension(stack, 'MyExtension', { actions: [ new Action({ @@ -48,16 +45,16 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, - Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, + Uri: { 'Fn::GetAtt': ['MyFunction3BAA72D1', 'Arn'] }, }, ], ON_DEPLOYMENT_ROLLED_BACK: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, - Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, + Uri: { 'Fn::GetAtt': ['MyFunction3BAA72D1', 'Arn'] }, }, ], }, @@ -69,7 +66,7 @@ describe('extension', () => { Statement: [ { Effect: Effect.ALLOW, - Resource: 'arn:lambda:us-east-1:123456789012:function:my-function', + Resource: { 'Fn::GetAtt': ['MyFunction3BAA72D1', 'Arn'] }, Action: [ 'lambda:InvokeFunction', 'lambda:InvokeAsync', @@ -123,15 +120,15 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], ON_DEPLOYMENT_ROLLED_BACK: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRole78071F4E7B10A', 'Arn'] }, + Name: 'MyExtension-1', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleBE614F182C70A', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-diff-function', }, ], @@ -214,8 +211,8 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, + Name: 'TestExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleCA98491716207', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -300,7 +297,7 @@ describe('extension', () => { { Description: 'This is my action description', Name: 'ActionTestName', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleC3C234A0DDBAB', 'Arn'] }, + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole76B022BC4F2BC', 'Arn'] }, Uri: 'arn:sqs:us-east-1:123456789012:my-queue', }, ], @@ -346,8 +343,8 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_BAKING: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRole600FCFE1621BF', 'Arn'] }, + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, Uri: 'arn:sns:us-east-1:123456789012:my-topic', }, ], @@ -393,7 +390,7 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_BAKING: [ { - Name: 'MyExtension', + Name: 'MyExtension-0', Uri: 'arn:aws:events:us-east-1:123456789012:event-bus/aws.partner/PartnerName/acct1/repo1', }, ], @@ -431,8 +428,8 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -516,8 +513,8 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyExtensionRoleFD367BEA2AE12', 'Arn'] }, + Name: 'MyExtension-0', + RoleArn: { 'Fn::GetAtt': ['MyExtensionRole467D6FCDEEFA5', 'Arn'] }, Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], @@ -582,6 +579,9 @@ describe('extension', () => { const role = new Role(stack, 'MyRole', { assumedBy: new ServicePrincipal('appconfig.amazonaws.com'), }); + Object.defineProperty(role, 'roleArn', { + value: 'arn:iam::123456789012:role/my-role', + }); new Extension(stack, 'MyExtension', { actions: [ new Action({ @@ -599,8 +599,8 @@ describe('extension', () => { Actions: { ON_DEPLOYMENT_COMPLETE: [ { - Name: 'MyExtension', - RoleArn: { 'Fn::GetAtt': ['MyRoleF48FFE04', 'Arn'] }, + Name: 'MyExtension-0', + RoleArn: 'arn:iam::123456789012:role/my-role', Uri: 'arn:lambda:us-east-1:123456789012:function:my-function', }, ], diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.assets.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.assets.json index 8336092ae5e5a..01f0d93290980 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.assets.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.assets.json @@ -1,7 +1,7 @@ { - "version": "32.0.0", + "version": "35.0.0", "files": { - "1b3fd18c823d863a4f13c60e5b79b85a1c059750ecd97aef1f9ea43c85d23de0": { + "02bbe1ffe7441a077ae005cb5c2021e9fa0695eaf317fee128db4b28b2919512": { "source": { "path": "aws-appconfig-extension.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1b3fd18c823d863a4f13c60e5b79b85a1c059750ecd97aef1f9ea43c85d23de0.json", + "objectKey": "02bbe1ffe7441a077ae005cb5c2021e9fa0695eaf317fee128db4b28b2919512.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.template.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.template.json index 9da058b2463bc..b9f858767e182 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.template.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/aws-appconfig-extension.template.json @@ -50,52 +50,26 @@ "MyFunctionServiceRole3C357FF2" ] }, - "MyApplication5C63EC1D": { - "Type": "AWS::AppConfig::Application", - "Properties": { - "Name": "AppForExtensionTest" - } - }, - "MyApplicationMyEnv55DE3293": { - "Type": "AWS::AppConfig::Environment", + "MyFunctionAppConfigPermission673BEA35": { + "Type": "AWS::Lambda::Permission", "Properties": { - "ApplicationId": { - "Ref": "MyApplication5C63EC1D" + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] }, - "Name": "awsappconfigextension-MyApplication-MyEnv-0FA5092F" + "Principal": "appconfig.amazonaws.com" } }, - "MyLambdaExtensionAFA1476A": { - "Type": "AWS::AppConfig::Extension", + "MyApplication5C63EC1D": { + "Type": "AWS::AppConfig::Application", "Properties": { - "Actions": { - "PRE_CREATE_HOSTED_CONFIGURATION_VERSION": [ - { - "Name": "awsappconfigextension-MyLambdaExtension-68C15290", - "Uri": { - "Fn::GetAtt": [ - "MyFunction3BAA72D1", - "Arn" - ] - } - } - ], - "ON_DEPLOYMENT_START": [ - { - "Name": "awsappconfigextension-MyLambdaExtension-68C15290", - "Uri": { - "Fn::GetAtt": [ - "MyFunction3BAA72D1", - "Arn" - ] - } - } - ] - }, - "Name": "awsappconfigextension-MyLambdaExtension-68C15290" + "Name": "AppForExtensionTest" } }, - "AssociationResource3FA55": { + "MyApplicationAssociationResource3FA55E02ED1FB": { "Type": "AWS::AppConfig::ExtensionAssociation", "Properties": { "ExtensionIdentifier": { @@ -135,31 +109,7 @@ } } }, - "MyQueueE6CA6235": { - "Type": "AWS::SQS::Queue", - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "MyQueueExtension872C5D27": { - "Type": "AWS::AppConfig::Extension", - "Properties": { - "Actions": { - "ON_DEPLOYMENT_START": [ - { - "Name": "awsappconfigextension-MyQueueExtension-EF6112FA", - "Uri": { - "Fn::GetAtt": [ - "MyQueueE6CA6235", - "Arn" - ] - } - } - ] - }, - "Name": "awsappconfigextension-MyQueueExtension-EF6112FA" - } - }, - "AssociationResourceBAC86": { + "MyApplicationAssociationResourceBAC86D18B66DB": { "Type": "AWS::AppConfig::ExtensionAssociation", "Properties": { "ExtensionIdentifier": { @@ -199,40 +149,64 @@ } } }, - "MyTopic86869434": { - "Type": "AWS::SNS::Topic" - }, - "MyTopicExtension9B6DF691": { - "Type": "AWS::AppConfig::Extension", + "MyApplicationAssociationResource7F3E1F71FC034": { + "Type": "AWS::AppConfig::ExtensionAssociation", "Properties": { - "Actions": { - "ON_DEPLOYMENT_START": [ - { - "Name": "awsappconfigextension-MyTopicExtension-37440DA2", - "Uri": { - "Ref": "MyTopic86869434" - } - } + "ExtensionIdentifier": { + "Fn::GetAtt": [ + "MyTopicExtension9B6DF691", + "Id" ] }, - "Name": "awsappconfigextension-MyTopicExtension-37440DA2" + "ExtensionVersionNumber": { + "Fn::GetAtt": [ + "MyTopicExtension9B6DF691", + "VersionNumber" + ] + }, + "ResourceIdentifier": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":appconfig:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":application/", + { + "Ref": "MyApplication5C63EC1D" + } + ] + ] + } } }, - "AssociationResource7F3E1": { + "MyApplicationAssociationResource689DE159F9BFC": { "Type": "AWS::AppConfig::ExtensionAssociation", "Properties": { "ExtensionIdentifier": { "Fn::GetAtt": [ - "MyTopicExtension9B6DF691", + "MyEventBusExtensionADFE2273", "Id" ] }, "ExtensionVersionNumber": { "Fn::GetAtt": [ - "MyTopicExtension9B6DF691", + "MyEventBusExtensionADFE2273", "VersionNumber" ] }, + "Parameters": { + "testParam": "true" + }, "ResourceIdentifier": { "Fn::Join": [ "", @@ -258,6 +232,223 @@ } } }, + "MyApplicationMyEnv55DE3293": { + "Type": "AWS::AppConfig::Environment", + "Properties": { + "ApplicationId": { + "Ref": "MyApplication5C63EC1D" + }, + "Name": "awsappconfigextension-MyApplication-MyEnv-0FA5092F" + } + }, + "MyLambdaExtensionRoleBC958D3F13B04": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "lambda:InvokeAsync", + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "AllowAppConfigInvokeExtensionEventSourcePolicy" + } + ] + } + }, + "MyLambdaExtensionAFA1476A": { + "Type": "AWS::AppConfig::Extension", + "Properties": { + "Actions": { + "PRE_CREATE_HOSTED_CONFIGURATION_VERSION": [ + { + "Name": "awsappconfigextension-MyLambdaExtension-68C15290-0", + "Uri": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyLambdaExtensionRoleBC958D3F13B04", + "Arn" + ] + } + } + ], + "ON_DEPLOYMENT_START": [ + { + "Name": "awsappconfigextension-MyLambdaExtension-68C15290-0", + "Uri": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyLambdaExtensionRoleBC958D3F13B04", + "Arn" + ] + } + } + ] + }, + "Name": "awsappconfigextension-MyLambdaExtension-68C15290" + } + }, + "MyQueueE6CA6235": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "MyQueueExtensionRole63F1970B4A7A6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyQueueE6CA6235", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "AllowAppConfigInvokeExtensionEventSourcePolicy" + } + ] + } + }, + "MyQueueExtension872C5D27": { + "Type": "AWS::AppConfig::Extension", + "Properties": { + "Actions": { + "ON_DEPLOYMENT_START": [ + { + "Name": "awsappconfigextension-MyQueueExtension-EF6112FA-0", + "Uri": { + "Fn::GetAtt": [ + "MyQueueE6CA6235", + "Arn" + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyQueueExtensionRole63F1970B4A7A6", + "Arn" + ] + } + } + ] + }, + "Name": "awsappconfigextension-MyQueueExtension-EF6112FA" + } + }, + "MyTopic86869434": { + "Type": "AWS::SNS::Topic" + }, + "MyTopicExtensionRole39BF2474FECA3": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "MyTopic86869434" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "AllowAppConfigInvokeExtensionEventSourcePolicy" + } + ] + } + }, + "MyTopicExtension9B6DF691": { + "Type": "AWS::AppConfig::Extension", + "Properties": { + "Actions": { + "ON_DEPLOYMENT_START": [ + { + "Name": "awsappconfigextension-MyTopicExtension-37440DA2-0", + "Uri": { + "Ref": "MyTopic86869434" + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyTopicExtensionRole39BF2474FECA3", + "Arn" + ] + } + } + ] + }, + "Name": "awsappconfigextension-MyTopicExtension-37440DA2" + } + }, "MyEventBusExtensionADFE2273": { "Type": "AWS::AppConfig::Extension", "Properties": { @@ -300,49 +491,6 @@ } } }, - "AssociationResource689DE": { - "Type": "AWS::AppConfig::ExtensionAssociation", - "Properties": { - "ExtensionIdentifier": { - "Fn::GetAtt": [ - "MyEventBusExtensionADFE2273", - "Id" - ] - }, - "ExtensionVersionNumber": { - "Fn::GetAtt": [ - "MyEventBusExtensionADFE2273", - "VersionNumber" - ] - }, - "Parameters": { - "testParam": "true" - }, - "ResourceIdentifier": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":appconfig:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":application/", - { - "Ref": "MyApplication5C63EC1D" - } - ] - ] - } - } - }, "MyDeployStrategy062CAEA2": { "Type": "AWS::AppConfig::DeploymentStrategy", "Properties": { @@ -365,8 +513,11 @@ "DependsOn": [ "MyEventBusExtensionADFE2273", "MyLambdaExtensionAFA1476A", + "MyLambdaExtensionRoleBC958D3F13B04", "MyQueueExtension872C5D27", - "MyTopicExtension9B6DF691" + "MyQueueExtensionRole63F1970B4A7A6", + "MyTopicExtension9B6DF691", + "MyTopicExtensionRole39BF2474FECA3" ] }, "HostedConfiguration257746B4": { @@ -384,8 +535,11 @@ "DependsOn": [ "MyEventBusExtensionADFE2273", "MyLambdaExtensionAFA1476A", + "MyLambdaExtensionRoleBC958D3F13B04", "MyQueueExtension872C5D27", - "MyTopicExtension9B6DF691" + "MyQueueExtensionRole63F1970B4A7A6", + "MyTopicExtension9B6DF691", + "MyTopicExtensionRole39BF2474FECA3" ], "UpdateReplacePolicy": "Retain", "DeletionPolicy": "Retain" @@ -412,8 +566,11 @@ "DependsOn": [ "MyEventBusExtensionADFE2273", "MyLambdaExtensionAFA1476A", + "MyLambdaExtensionRoleBC958D3F13B04", "MyQueueExtension872C5D27", - "MyTopicExtension9B6DF691" + "MyQueueExtensionRole63F1970B4A7A6", + "MyTopicExtension9B6DF691", + "MyTopicExtensionRole39BF2474FECA3" ] } }, diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.assets.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.assets.json index 635d1e188e6e3..d235322fb9ff1 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.assets.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.assets.json @@ -1,5 +1,5 @@ { - "version": "32.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/cdk.out b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/cdk.out index f0b901e7c06e5..c5cb2e5de6344 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"32.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/integ.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/integ.json index f615688162cdc..c7a092c06e3cc 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "32.0.0", + "version": "35.0.0", "testCases": { "aws-appconfig-extension/MyApplication/appconfig-extension/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/manifest.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/manifest.json index e5aeb013fdaa8..f259850222e03 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "32.0.0", + "version": "35.0.0", "artifacts": { "awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.assets": { "type": "cdk:asset-manifest", @@ -14,6 +14,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "awsappconfigextensionMyApplicationappconfigextensionDefaultTestDeployAssert64BA6C4E.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", @@ -61,10 +62,11 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "aws-appconfig-extension.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1b3fd18c823d863a4f13c60e5b79b85a1c059750ecd97aef1f9ea43c85d23de0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/02bbe1ffe7441a077ae005cb5c2021e9fa0695eaf317fee128db4b28b2919512.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -92,28 +94,58 @@ "data": "MyFunction3BAA72D1" } ], + "/aws-appconfig-extension/MyFunction/AppConfigPermission": [ + { + "type": "aws:cdk:logicalId", + "data": "MyFunctionAppConfigPermission673BEA35" + } + ], "/aws-appconfig-extension/MyApplication/Resource": [ { "type": "aws:cdk:logicalId", "data": "MyApplication5C63EC1D" } ], + "/aws-appconfig-extension/MyApplication/AssociationResource3FA55": [ + { + "type": "aws:cdk:logicalId", + "data": "MyApplicationAssociationResource3FA55E02ED1FB" + } + ], + "/aws-appconfig-extension/MyApplication/AssociationResourceBAC86": [ + { + "type": "aws:cdk:logicalId", + "data": "MyApplicationAssociationResourceBAC86D18B66DB" + } + ], + "/aws-appconfig-extension/MyApplication/AssociationResource7F3E1": [ + { + "type": "aws:cdk:logicalId", + "data": "MyApplicationAssociationResource7F3E1F71FC034" + } + ], + "/aws-appconfig-extension/MyApplication/AssociationResource689DE": [ + { + "type": "aws:cdk:logicalId", + "data": "MyApplicationAssociationResource689DE159F9BFC" + } + ], "/aws-appconfig-extension/MyApplication/MyEnv/Resource": [ { "type": "aws:cdk:logicalId", "data": "MyApplicationMyEnv55DE3293" } ], - "/aws-appconfig-extension/MyLambdaExtension/Resource": [ + "/aws-appconfig-extension/MyLambdaExtension/RoleBC958/Resource": [ { "type": "aws:cdk:logicalId", - "data": "MyLambdaExtensionAFA1476A" + "data": "MyLambdaExtensionRoleBC958D3F13B04" } ], - "/aws-appconfig-extension/AssociationResource3FA55": [ + "/aws-appconfig-extension/MyLambdaExtension/Resource": [ { "type": "aws:cdk:logicalId", - "data": "AssociationResource3FA55" + "data": "MyLambdaExtensionAFA1476A" } ], "/aws-appconfig-extension/MyQueue/Resource": [ @@ -122,16 +154,16 @@ "data": "MyQueueE6CA6235" } ], - "/aws-appconfig-extension/MyQueueExtension/Resource": [ + "/aws-appconfig-extension/MyQueueExtension/Role63F19/Resource": [ { "type": "aws:cdk:logicalId", - "data": "MyQueueExtension872C5D27" + "data": "MyQueueExtensionRole63F1970B4A7A6" } ], - "/aws-appconfig-extension/AssociationResourceBAC86": [ + "/aws-appconfig-extension/MyQueueExtension/Resource": [ { "type": "aws:cdk:logicalId", - "data": "AssociationResourceBAC86" + "data": "MyQueueExtension872C5D27" } ], "/aws-appconfig-extension/MyTopic/Resource": [ @@ -140,16 +172,16 @@ "data": "MyTopic86869434" } ], - "/aws-appconfig-extension/MyTopicExtension/Resource": [ + "/aws-appconfig-extension/MyTopicExtension/Role39BF2/Resource": [ { "type": "aws:cdk:logicalId", - "data": "MyTopicExtension9B6DF691" + "data": "MyTopicExtensionRole39BF2474FECA3" } ], - "/aws-appconfig-extension/AssociationResource7F3E1": [ + "/aws-appconfig-extension/MyTopicExtension/Resource": [ { "type": "aws:cdk:logicalId", - "data": "AssociationResource7F3E1" + "data": "MyTopicExtension9B6DF691" } ], "/aws-appconfig-extension/MyEventBusExtension/Resource": [ @@ -158,12 +190,6 @@ "data": "MyEventBusExtensionADFE2273" } ], - "/aws-appconfig-extension/AssociationResource689DE": [ - { - "type": "aws:cdk:logicalId", - "data": "AssociationResource689DE" - } - ], "/aws-appconfig-extension/MyDeployStrategy/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/tree.json b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/tree.json index 578580b4ce0e5..2e6b8c58a9c55 100644 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.js.snapshot/tree.json @@ -92,6 +92,27 @@ "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", "version": "0.0.0" } + }, + "AppConfigPermission": { + "id": "AppConfigPermission", + "path": "aws-appconfig-extension/MyFunction/AppConfigPermission", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] + }, + "principal": "appconfig.amazonaws.com" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", + "version": "0.0.0" + } } }, "constructInfo": { @@ -117,6 +138,201 @@ "version": "0.0.0" } }, + "AssociationResource3FA55": { + "id": "AssociationResource3FA55", + "path": "aws-appconfig-extension/MyApplication/AssociationResource3FA55", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", + "aws:cdk:cloudformation:props": { + "extensionIdentifier": { + "Fn::GetAtt": [ + "MyLambdaExtensionAFA1476A", + "Id" + ] + }, + "extensionVersionNumber": { + "Fn::GetAtt": [ + "MyLambdaExtensionAFA1476A", + "VersionNumber" + ] + }, + "resourceIdentifier": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":appconfig:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":application/", + { + "Ref": "MyApplication5C63EC1D" + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "version": "0.0.0" + } + }, + "AssociationResourceBAC86": { + "id": "AssociationResourceBAC86", + "path": "aws-appconfig-extension/MyApplication/AssociationResourceBAC86", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", + "aws:cdk:cloudformation:props": { + "extensionIdentifier": { + "Fn::GetAtt": [ + "MyQueueExtension872C5D27", + "Id" + ] + }, + "extensionVersionNumber": { + "Fn::GetAtt": [ + "MyQueueExtension872C5D27", + "VersionNumber" + ] + }, + "resourceIdentifier": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":appconfig:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":application/", + { + "Ref": "MyApplication5C63EC1D" + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "version": "0.0.0" + } + }, + "AssociationResource7F3E1": { + "id": "AssociationResource7F3E1", + "path": "aws-appconfig-extension/MyApplication/AssociationResource7F3E1", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", + "aws:cdk:cloudformation:props": { + "extensionIdentifier": { + "Fn::GetAtt": [ + "MyTopicExtension9B6DF691", + "Id" + ] + }, + "extensionVersionNumber": { + "Fn::GetAtt": [ + "MyTopicExtension9B6DF691", + "VersionNumber" + ] + }, + "resourceIdentifier": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":appconfig:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":application/", + { + "Ref": "MyApplication5C63EC1D" + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "version": "0.0.0" + } + }, + "AssociationResource689DE": { + "id": "AssociationResource689DE", + "path": "aws-appconfig-extension/MyApplication/AssociationResource689DE", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", + "aws:cdk:cloudformation:props": { + "extensionIdentifier": { + "Fn::GetAtt": [ + "MyEventBusExtensionADFE2273", + "Id" + ] + }, + "extensionVersionNumber": { + "Fn::GetAtt": [ + "MyEventBusExtensionADFE2273", + "VersionNumber" + ] + }, + "parameters": { + "testParam": "true" + }, + "resourceIdentifier": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":appconfig:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":application/", + { + "Ref": "MyApplication5C63EC1D" + } + ] + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "version": "0.0.0" + } + }, "MyEnv": { "id": "MyEnv", "path": "aws-appconfig-extension/MyApplication/MyEnv", @@ -140,7 +356,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-appconfig-alpha.Environment", "version": "0.0.0" } }, @@ -157,7 +373,7 @@ "path": "aws-appconfig-extension/MyApplication/appconfig-extension/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.69" + "version": "10.3.0" } }, "DeployAssert": { @@ -200,7 +416,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-appconfig-alpha.Application", "version": "0.0.0" } }, @@ -208,6 +424,72 @@ "id": "MyLambdaExtension", "path": "aws-appconfig-extension/MyLambdaExtension", "children": { + "RoleBC958": { + "id": "RoleBC958", + "path": "aws-appconfig-extension/MyLambdaExtension/RoleBC958", + "children": { + "ImportRoleBC958": { + "id": "ImportRoleBC958", + "path": "aws-appconfig-extension/MyLambdaExtension/RoleBC958/ImportRoleBC958", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-appconfig-extension/MyLambdaExtension/RoleBC958/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "policies": [ + { + "policyName": "AllowAppConfigInvokeExtensionEventSourcePolicy", + "policyDocument": { + "Statement": [ + { + "Action": [ + "lambda:InvokeAsync", + "lambda:InvokeFunction" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyFunction3BAA72D1", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + } + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "aws-appconfig-extension/MyLambdaExtension/Resource", @@ -217,23 +499,35 @@ "actions": { "PRE_CREATE_HOSTED_CONFIGURATION_VERSION": [ { - "Name": "awsappconfigextension-MyLambdaExtension-68C15290", + "Name": "awsappconfigextension-MyLambdaExtension-68C15290-0", "Uri": { "Fn::GetAtt": [ "MyFunction3BAA72D1", "Arn" ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyLambdaExtensionRoleBC958D3F13B04", + "Arn" + ] } } ], "ON_DEPLOYMENT_START": [ { - "Name": "awsappconfigextension-MyLambdaExtension-68C15290", + "Name": "awsappconfigextension-MyLambdaExtension-68C15290-0", "Uri": { "Fn::GetAtt": [ "MyFunction3BAA72D1", "Arn" ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyLambdaExtensionRoleBC958D3F13B04", + "Arn" + ] } } ] @@ -248,55 +542,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "AssociationResource3FA55": { - "id": "AssociationResource3FA55", - "path": "aws-appconfig-extension/AssociationResource3FA55", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", - "aws:cdk:cloudformation:props": { - "extensionIdentifier": { - "Fn::GetAtt": [ - "MyLambdaExtensionAFA1476A", - "Id" - ] - }, - "extensionVersionNumber": { - "Fn::GetAtt": [ - "MyLambdaExtensionAFA1476A", - "VersionNumber" - ] - }, - "resourceIdentifier": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":appconfig:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":application/", - { - "Ref": "MyApplication5C63EC1D" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "fqn": "@aws-cdk/aws-appconfig-alpha.Extension", "version": "0.0.0" } }, @@ -326,6 +572,69 @@ "id": "MyQueueExtension", "path": "aws-appconfig-extension/MyQueueExtension", "children": { + "Role63F19": { + "id": "Role63F19", + "path": "aws-appconfig-extension/MyQueueExtension/Role63F19", + "children": { + "ImportRole63F19": { + "id": "ImportRole63F19", + "path": "aws-appconfig-extension/MyQueueExtension/Role63F19/ImportRole63F19", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-appconfig-extension/MyQueueExtension/Role63F19/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "policies": [ + { + "policyName": "AllowAppConfigInvokeExtensionEventSourcePolicy", + "policyDocument": { + "Statement": [ + { + "Action": "sqs:SendMessage", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "MyQueueE6CA6235", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + } + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "aws-appconfig-extension/MyQueueExtension/Resource", @@ -335,12 +644,18 @@ "actions": { "ON_DEPLOYMENT_START": [ { - "Name": "awsappconfigextension-MyQueueExtension-EF6112FA", + "Name": "awsappconfigextension-MyQueueExtension-EF6112FA-0", "Uri": { "Fn::GetAtt": [ "MyQueueE6CA6235", "Arn" ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyQueueExtensionRole63F1970B4A7A6", + "Arn" + ] } } ] @@ -355,55 +670,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "AssociationResourceBAC86": { - "id": "AssociationResourceBAC86", - "path": "aws-appconfig-extension/AssociationResourceBAC86", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", - "aws:cdk:cloudformation:props": { - "extensionIdentifier": { - "Fn::GetAtt": [ - "MyQueueExtension872C5D27", - "Id" - ] - }, - "extensionVersionNumber": { - "Fn::GetAtt": [ - "MyQueueExtension872C5D27", - "VersionNumber" - ] - }, - "resourceIdentifier": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":appconfig:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":application/", - { - "Ref": "MyApplication5C63EC1D" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "fqn": "@aws-cdk/aws-appconfig-alpha.Extension", "version": "0.0.0" } }, @@ -433,6 +700,66 @@ "id": "MyTopicExtension", "path": "aws-appconfig-extension/MyTopicExtension", "children": { + "Role39BF2": { + "id": "Role39BF2", + "path": "aws-appconfig-extension/MyTopicExtension/Role39BF2", + "children": { + "ImportRole39BF2": { + "id": "ImportRole39BF2", + "path": "aws-appconfig-extension/MyTopicExtension/Role39BF2/ImportRole39BF2", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-appconfig-extension/MyTopicExtension/Role39BF2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "appconfig.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "policies": [ + { + "policyName": "AllowAppConfigInvokeExtensionEventSourcePolicy", + "policyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": { + "Ref": "MyTopic86869434" + } + } + ], + "Version": "2012-10-17" + } + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "aws-appconfig-extension/MyTopicExtension/Resource", @@ -442,9 +769,15 @@ "actions": { "ON_DEPLOYMENT_START": [ { - "Name": "awsappconfigextension-MyTopicExtension-37440DA2", + "Name": "awsappconfigextension-MyTopicExtension-37440DA2-0", "Uri": { "Ref": "MyTopic86869434" + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyTopicExtensionRole39BF2474FECA3", + "Arn" + ] } } ] @@ -459,55 +792,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "AssociationResource7F3E1": { - "id": "AssociationResource7F3E1", - "path": "aws-appconfig-extension/AssociationResource7F3E1", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", - "aws:cdk:cloudformation:props": { - "extensionIdentifier": { - "Fn::GetAtt": [ - "MyTopicExtension9B6DF691", - "Id" - ] - }, - "extensionVersionNumber": { - "Fn::GetAtt": [ - "MyTopicExtension9B6DF691", - "VersionNumber" - ] - }, - "resourceIdentifier": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":appconfig:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":application/", - { - "Ref": "MyApplication5C63EC1D" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "fqn": "@aws-cdk/aws-appconfig-alpha.Extension", "version": "0.0.0" } }, @@ -575,58 +860,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "AssociationResource689DE": { - "id": "AssociationResource689DE", - "path": "aws-appconfig-extension/AssociationResource689DE", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AppConfig::ExtensionAssociation", - "aws:cdk:cloudformation:props": { - "extensionIdentifier": { - "Fn::GetAtt": [ - "MyEventBusExtensionADFE2273", - "Id" - ] - }, - "extensionVersionNumber": { - "Fn::GetAtt": [ - "MyEventBusExtensionADFE2273", - "VersionNumber" - ] - }, - "parameters": { - "testParam": "true" - }, - "resourceIdentifier": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":appconfig:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":application/", - { - "Ref": "MyApplication5C63EC1D" - } - ] - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_appconfig.CfnExtensionAssociation", + "fqn": "@aws-cdk/aws-appconfig-alpha.Extension", "version": "0.0.0" } }, @@ -654,7 +888,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-appconfig-alpha.DeploymentStrategy", "version": "0.0.0" } }, @@ -731,8 +965,8 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.69" + "fqn": "@aws-cdk/aws-appconfig-alpha.HostedConfiguration", + "version": "0.0.0" } }, "BootstrapVersion": { @@ -762,7 +996,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.69" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.ts b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.ts index 7e6becd0d0e90..94b3c38897037 100755 --- a/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.ts +++ b/packages/@aws-cdk/aws-appconfig-alpha/test/integ.extension.ts @@ -41,7 +41,6 @@ const lambdaExtension = new Extension(stack, 'MyLambdaExtension', { ActionPoint.ON_DEPLOYMENT_START, ], eventDestination: new LambdaDestination(lambda), - invokeWithoutExecutionRole: true, }), ], }); @@ -56,7 +55,6 @@ const queueExtension = new Extension(stack, 'MyQueueExtension', { ActionPoint.ON_DEPLOYMENT_START, ], eventDestination: new SqsDestination(queue), - invokeWithoutExecutionRole: true, }), ], }); @@ -71,7 +69,6 @@ const topicExtension = new Extension(stack, 'MyTopicExtension', { ActionPoint.ON_DEPLOYMENT_START, ], eventDestination: new SnsDestination(topic), - invokeWithoutExecutionRole: true, }), ], }); @@ -88,7 +85,6 @@ const busExtension = new Extension(stack, 'MyEventBusExtension', { eventDestination: new EventBridgeDestination(bus), description: 'My event bus action', name: 'MyEventBusPreHostedConfigVersionAction', - invokeWithoutExecutionRole: true, }), ], parameters: [ From 4c56390b6eb38a244fdb719c5540e002130b5dcd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 10:47:11 +0000 Subject: [PATCH 06/24] chore(deps): Bump tj-actions/changed-files from 40.2.1 to 40.2.2 (#28323) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 40.2.1 to 40.2.2.
Release notes

Sourced from tj-actions/changed-files's releases.

v40.2.2

What's Changed

Full Changelog: https://github.com/tj-actions/changed-files/compare/v40...v40.2.2

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

40.2.2 - (2023-12-10)

🐛 Bug Fixes

  • Bug recovering deleted files for submodules (#1784) (9454999) - (Tonye Jack)

➖ Remove

  • Deleted .github/workflows/auto-approve.yml (a661767) - (Tonye Jack)

🔄 Update

  • Updated README.md (#1786)

Co-authored-by: jackton1 jackton1@users.noreply.github.com (7611ff3) - (tj-actions[bot])

  • Update README.md (c116f52) - (Tonye Jack)
  • Updated README.md (#1779)

Co-authored-by: jackton1 jackton1@users.noreply.github.com (0b0b642) - (tj-actions[bot])

  • Update README.md (f732c37) - (Tonye Jack)
  • Updated README.md (#1778)

Co-authored-by: jackton1 jackton1@users.noreply.github.com (04c0045) - (tj-actions[bot])

  • Update README.md (5cee511) - (Tonye Jack)
  • Update README.md (399525a) - (Tonye Jack)
  • Update README.md (c075bd2) - (Tonye Jack)
  • Update README.md (2918913) - (Tonye Jack)

📚 Documentation

  • Add rodrigorfk as a contributor for code, test, and bug (#1785) (187cf1e) - (allcontributors[bot])

⚙️ Miscellaneous Tasks

  • deps: Bump tj-actions/branch-names from 7 to 8 (#1782) (e1e532c) - (dependabot[bot])
  • deps: Update dependency @​types/node to v20.10.4 (dfecec4) - (renovate[bot])
  • deps: Update dependency typescript to v5.3.3 (208b83f) - (renovate[bot])
  • deps-dev: Bump @​types/jest from 29.5.10 to 29.5.11 (#1775) (ccb109a) - (dependabot[bot])
  • Update package.json (#1774) (95642a1) - (Tonye Jack)
  • Create SECURITY.md (#1773) (726e06f) - (Tonye Jack)
  • deps: Update typescript-eslint monorepo to v6.13.2 (d96fe5d) - (renovate[bot])

⬆️ Upgrades

  • Upgraded to v40.2.1 (#1771)

Co-authored-by: jackton1 jackton1@users.noreply.github.com (4ae611e) - (tj-actions[bot])

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tj-actions/changed-files&package-manager=github_actions&previous-version=40.2.1&new-version=40.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/request-cli-integ-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/request-cli-integ-test.yml b/.github/workflows/request-cli-integ-test.yml index b9ea9c22cf673..d6d9830433bbd 100644 --- a/.github/workflows/request-cli-integ-test.yml +++ b/.github/workflows/request-cli-integ-test.yml @@ -19,7 +19,7 @@ jobs: persist-credentials: false - name: Find changed cli files id: changed-cli-files - uses: tj-actions/changed-files@1c938490c880156b746568a518594309cfb3f66b + uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 with: base_sha: ${{ github.event.pull_request.base.sha }} files_yaml: | From 2d17b97fd3781f94a85cb4e17ce8b3d2f8498cee Mon Sep 17 00:00:00 2001 From: Momo Kornher Date: Mon, 11 Dec 2023 14:18:16 +0000 Subject: [PATCH 07/24] chore: include basic changelog in service spec database upgrade PRs (#28324) Currently it's very difficult to figure out which PR introduced a specific change to the model. Ideally the changelog would be in a nice narrative form suitable for humans, but in lack of a tool that produces this, the "raw" database diff is better than nothing. Test-run: https://github.com/aws/aws-cdk/actions/runs/7168292995 https://github.com/aws/aws-cdk/pull/28326 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/workflows/spec-update.yml | 74 +++++++++++++++++++++++++++++-- 1 file changed, 70 insertions(+), 4 deletions(-) diff --git a/.github/workflows/spec-update.yml b/.github/workflows/spec-update.yml index e7bf5e35d3f8c..61a242b9c654b 100644 --- a/.github/workflows/spec-update.yml +++ b/.github/workflows/spec-update.yml @@ -25,8 +25,19 @@ jobs: env: NODE_OPTIONS: "--max-old-space-size=8196 --experimental-worker ${NODE_OPTIONS:-}" + # Install all current dependencies - name: Yarn Install run: yarn install --frozen-lockfile + + # Upload the current db to be used later + - name: Upload base database + uses: actions/upload-artifact@v3 + with: + name: db.base.json.gz + path: node_modules/@aws-cdk/aws-service-spec/db.json.gz + if-no-files-found: error + + # Perform the actual upgrade of the relevant packages - name: Install ncu tool run: npm -g install lerna npm-check-updates - name: Run "ncu" for service spec packages @@ -36,6 +47,14 @@ jobs: - name: Install latest version & update lockfile run: yarn upgrade @aws-cdk/aws-service-spec @aws-cdk/service-spec-importers @aws-cdk/service-spec-types + # Now that we have updated the database, upload the new candidate db + - name: Upload head database + uses: actions/upload-artifact@v3 + with: + name: db.head.json.gz + path: node_modules/@aws-cdk/aws-service-spec/db.json.gz + if-no-files-found: error + # Build @aws-cdk/spec2cdk and run L1 gen script to generate base files for new modules - name: Build @aws-cdk/spec2cdk run: lerna run build --stream --no-progress --skip-nx-cache --scope @aws-cdk/spec2cdk @@ -55,9 +74,51 @@ jobs: name: update-spec.patch path: ${{ runner.temp }}/update-spec.patch + diff-db: + needs: update-spec + runs-on: ubuntu-latest + permissions: + contents: write + id-token: none + pull-requests: write + env: + CI: "true" + steps: + - name: Download base database + uses: actions/download-artifact@v3 + with: + name: db.base.json.gz + path: base + - name: Download head database + uses: actions/download-artifact@v3 + with: + name: db.head.json.gz + path: head + - name: Diff databases + id: diff-db + run: npx --yes --package=@aws-cdk/service-spec-importers@latest -c 'diff-db base/db.json.gz head/db.json.gz' > DIFF || echo "diff-result=true" >> $GITHUB_OUTPUT + continue-on-error: true + - name: Create PR body file + run: |- + echo 'Update AWS Service Spec packages to latest versions' >> PR.md + - name: Add model changelog to PR body file + if: steps.diff-db.outputs.diff-result + run: |- + echo '' >> PR.md + echo '**@aws-cdk/aws-service-spec changes:**' >> PR.md + echo '```' >> PR.md + cat DIFF >> PR.md + echo '```' >> PR.md + - name: Upload PR body file + uses: actions/upload-artifact@v3 + with: + name: PR.md + path: PR.md pr: name: Create Pull Request - needs: update-spec + needs: + - update-spec + - diff-db permissions: contents: write pull-requests: write @@ -75,6 +136,12 @@ jobs: - name: Apply patch run: '[ -s ${{ runner.temp }}/update-spec.patch ] && git apply ${{ runner.temp }}/update-spec.patch || echo "Empty patch. Skipping."' + - name: Download PR body file + uses: actions/download-artifact@v3 + with: + name: PR.md + path: ${{ runner.temp }} + - name: Make Pull Request uses: peter-evans/create-pull-request@v5 with: @@ -83,11 +150,10 @@ jobs: author: aws-cdk-automation commit-message: |- feat: update AWS Service Spec - AWS Service Spec packages to latest versions. + Update AWS Service Spec packages to latest versions # Pull Request details title: "feat: update AWS Service Spec" - body: |- - AWS Service Spec packages to latest versions. + body-path: ${{ runner.temp }}/PR.md labels: contribution/core,dependencies,auto-approve,pr-linter/exempt-integ-test,pr-linter/exempt-readme,pr-linter/exempt-test team-reviewers: aws-cdk-team # Github prevents further Github actions to be run if the default Github token is used. From 97130bd7ffaacc3761322c62afe19059803d2bc8 Mon Sep 17 00:00:00 2001 From: Mitchell Valine Date: Mon, 11 Dec 2023 06:57:59 -0800 Subject: [PATCH 08/24] chore: CONTRIBUTING.md clarifications (#28314) Clarify some preferred strategies for our design process for contributors. Highlight readme driven development as the preferred route for new L2s in existing services and third party package publishing for anything else. Additionally remove the strict requirement of an RFC for any L2 contribution. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- CONTRIBUTING.md | 23 ++++++++++++--------- docs/NEW_CONSTRUCTS_GUIDE.md | 39 ++++++++++++++++++------------------ 2 files changed, 32 insertions(+), 30 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0c202b8ee980e..564695c76a0ec 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -14,6 +14,10 @@ This document describes how to set up a development environment and submit your let us know if it's not up-to-date (even better, submit a PR with your corrections ;-)). - [Where To Contribute](#where-to-contribute) + - [Demonstrating Value](#demonstrating-value) + - [Publishing Your Own Package](#publishing-your-own-package) + - [Trust and Third Party Packages](#trust-and-third-party-packages) + - [Third Party Package Administration](#third-party-package-administration) - [Getting Started](#getting-started) - [Local setup](#setup) - [Dev Container](#dev-container) @@ -99,7 +103,7 @@ Here are some things we look at when evaluating a contribution: 1. Signal - Is there a github issue, or possibly multiple related ones, that the contribution addresses. Do the issues have a lot of engagement, such as comments, +1 reactions, etc that indicate that many users are affected by it? 1. Size - Is the contribution limited to a relatively self-contained surface area? Is it broken up into the smallest possible unit of functionality that makes sense? 1. Priority - Does the contribution address an issue in, or add a new feature of, a service that has a high priority for coverage? These are generally core services most commonly used on AWS such as IAM, EC2, Lambda, and ECS. -1. Quality - Does the contribution take into account all of the guidance provided in our documentation regarding design patterns, test coverage, and best practices as it relates to code within the aws-cdk repository? Does it also make an effort to follow patterns commonly used within the aws-cdk repository and not deviate unecessarily from these conventions? +1. Quality - Does the contribution take into account all of the guidance provided in our documentation regarding [design patterns](./docs/DESIGN_GUIDELINES.md), test coverage, and best practices as it relates to code within the aws-cdk repository? Does it also make an effort to follow patterns commonly used within the aws-cdk repository and not deviate unecessarily from these conventions? 1. Breaking Changes - Does the contribution introduce any risk for breaking existing users applications? Specifically, does it require any code changes or can it trigger any resource replacement in cloudformation that would result in downtime? ### Demonstrating Value @@ -362,16 +366,15 @@ much more likely to give a PR for those issues prompt attention. ### Step 2: Design -In some cases, it is useful to seek feedback by iterating on a design document. This is useful -when you plan a big change or feature, or you want advice on what would be the best path forward. +In some cases, it is useful to seek feedback by iterating on a design document. This is useful when you plan a big change or feature, or you want advice on what would be the best path forward. -In many cases, the GitHub issue is sufficient for such discussions, and can be -sufficient to get clarity on what you plan to do. If the changes are -significant or intrusive to the existing CDK experience, and especially for a -brand new L2 construct implementation, please write an RFC in our [RFC -repository](https://github.com/aws/aws-cdk-rfcs) before jumping into the code -base. L2 construct implementation pull requests will not be reviewed without -linking an approved RFC. +In many cases, the comments section of the relevant Github issue is sufficent for such discussion, and can be a good place to socialize and get feedback on what you plan to do. If the changes are significant in scope, require a longer form medium to communicate, or you just want to ensure that the core team agrees with your planned implementation before you submit it for review to avoid wasted work, there are a few different strategies you can pursue. + +1. README driven development - This is the core team's preferred method for reviewing new APIs. Submit a draft PR with updates to the README for the package that you intend to change that clearly describes how the functionality will be used. For new L2s, include usage examples that cover common use cases and showcase the features of the API you're designing. The most important thing to consider for any feature is the public API and this will help to give a clear picture of what changes users can expect. +1. Write an [RFC](aws/aws-cdk-rfcs) - This is a process for discussing new functionality that is large in scope, may incur breaking changes, or may otherwise warrant discussion from multiple stakeholders on the core team or within the community. Spefically, it is a good place to discuss new features in the core CDK framework or the CLI that are unable to be decoupled from the core cdk codebase. +1. Publish a package - A separate package is the best place to demonstrate the value of new functionality that you believe should be included within the CDK core libraries. It not only illustrates a complete solution with it's entire API surface area available to review, it also proves that your design works! When publishing a package with the goal for eventual inclusion within aws-cdk-lib, make sure to follow our [design guidelines](./docs/DESIGN_GUIDELINES.md) wherever relevant. + +Performing any of the above processes helps us to ensure that expectations are clearly set before a contribution is made. We want to ensure that everyone is able to contribute to the CDK ecosystem effectively. If you make a contribution that is ultimately not merged by into aws-cdk-lib, but you believe it should be, we encourage you to keep pursuing it. The scope of the core framework is intentionally limited to ensure that we can effectively maintain it's surface area and ensure code quality and reliablity over the long term. However, new patterns may emerge in the ecosystem that clearly provide better solutions than those currently in aws-cdk-lib. If your solutions gains popularity within the community, and you want us to re-evaluate it's inclusion, reach out to us on cdk.dev or create a github issue with a feature request and references to your package. See [demonstrating value](#demonstrating-value) for more information. ### Step 3: Work your Magic diff --git a/docs/NEW_CONSTRUCTS_GUIDE.md b/docs/NEW_CONSTRUCTS_GUIDE.md index 307a748bf7f0d..63e3d217188de 100644 --- a/docs/NEW_CONSTRUCTS_GUIDE.md +++ b/docs/NEW_CONSTRUCTS_GUIDE.md @@ -11,8 +11,9 @@ If you wish to create new L2 (or potentially L3) constructs, this guide can help Users of the aws-cdk can use constructs from a number of packages within their application. `aws-cdk-lib` and/or any of the other constructs vended from npm, maven, pypi, nuget, or GitHub (for go) that are publicly available are indexed and searchable on [Construct Hub](constructs.dev). Anyone can create and publish new constructs that will be indexed on Construct Hub using repositories and packages that they own. However, if you believe your constructs should be part of the core aws construct library, here are some guidelines that they must adhere to. 1. They meet the definition of [L2 constructs](https://github.com/aws/aws-cdk/blob/e4fdb0217edd7ecccdd4cbc20de958e3ba1a2349/docs/DESIGN_GUIDELINES.md?plain=1#L139-L147) -2. They follow the relevant [design guidelines](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) -3. They can follow the aws-cdk's versioning and release strategy, ie: if they are to be vended in aws-cdk-lib they must be stable or instead be vended in an `-alpha` package. +1. They follow the relevant [design guidelines](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) +1. They can follow the aws-cdk's versioning and release strategy, ie: if they are to be vended in aws-cdk-lib they must be stable or instead be vended in an `-alpha` package. +1. They provide constructs for a service that intersect with core aws usage patterns. For example, IAM, Lambda, EC2, DynamoDB, RDS, etc. 100% L2 coverage of every AWS service is not a goal of aws-cdk-lib. If your constructs do not meet these guidelines, see the [publishing your own package](#publishing-your-own-package) section of this guide, otherwise, you may choose to [publish your own package](#publishing-your-own-package) or [open a PR to aws-cdk-lib](#open-a-pr-to-aws-cdk-lib). @@ -22,22 +23,21 @@ Whether you want to pursue inclusion of your new constructs in aws-cdk-lib or no To get started creating your own construct package, we recommend using [`projen`](https://github.com/projen/projen). Additionally you can follow [this guide](https://dev.to/aws-builders/a-beginner-s-guide-to-create-aws-cdk-construct-library-with-projen-5eh4) which will help you setup your repository, packages and tooling step by step. -Once your constructs have been published for some time and you feel that the apis are stable and bugs have been identified, you can continue to distribute it as a separate package and/or attempt to add them to `aws-cdk-lib` via a PR +Once your constructs have been published for some time and you feel that the apis are stable and bugs have been identified, you can continue to distribute it as a separate package and/or attempt to add them to `aws-cdk-lib` via a PR. ## Open a PR to `aws-cdk-lib` You can [create a PR](https://github.com/aws/aws-cdk/compare) in the `aws/aws-cdk` repository with your constructs at any time if you believe they are ready for inclusion. Here are some cases where opening a PR directly without publishing your own package first is ideal. 1. It is a small addition to a service that has had stable L2 constructs for some time -2. The service usage is well known and the API is unlikely to change. -3. The defaults provided by the L2 are well known best practice +1. The service usage is well known and the API is unlikely to change. +1. The defaults provided by the L2 are well known best practice -If any of the above are true and your constructs adhere to [the relevant guidelines](#do-my-constructs-belong-in-aws-cdk-lib), we encourage you to follow the [contributing guide](../CONTRIBUTING.md) and create a new pull request. Since the bandwidth of the aws-cdk team is limited, reviews and iteration may take some time. Additionally pull requests for new constructs are more likely to be accepted if they have any of the following: +If all of the above are true and your constructs adhere to [the relevant guidelines](#do-my-constructs-belong-in-aws-cdk-lib), we encourage you to follow the [contributing guide](../CONTRIBUTING.md) and create a new pull request. Specifically, see the section on within the [Design](../CONTRIBUTING.md#step-2-design) section. Since the bandwidth of the aws-cdk team is limited, reviews and iteration may take some time. Additionally pull requests for new constructs are more likely to be accepted if they have any of the following: -1. An [RFC](https://github.com/aws/aws-cdk-rfcs) with detailed design that has been reviewed by a member of AWS -2. An existing package with users who have used and tested the Constructs and provided feedback -3. Strong documentation -4. Good unit and integration test coverage +1. An existing package with users who have used and tested the Constructs and provided feedback +1. Strong documentation +1. Good unit and integration test coverage ## New Construct Development lifecycle @@ -47,16 +47,15 @@ Whether publishing your own package or making a PR against aws-cdk-lib immediate ### Self Publishing 1. Publish: design, write, and publish your new constructs -2. Iterate: respond to issues from users, fix bugs, optimize usage patterns and gain consensus -3. Stabilize: settle on the api - +1. Iterate: respond to issues from users, fix bugs, optimize usage patterns and gain consensus +1. Stabilize: settle on the api *Optionally* -4. Upstream: open a PR to aws-cdk-lib to include if still relevant +1. Upstream: open a PR to aws-cdk-lib to include if still relevant ### Alpha CDK Package -1. Design: create an [rfc](http://github.com/aws/aws-cdk-rfcs), socialize, and gain consensus -2. Implement: write the construct as designed and create a new pull requests -3. Iterate: respond to feedback from pull request reviewers on the aws-cdk team -4. Publish: publish your new constructs as an alpha module -5. Iterate: respond to issues from users, fix bugs and optimize usage patterns -6. Stabilize: settle on the api and create a new PR migrating all constructs stability to "stable" +1. Design: create a draft PR with the new README detailing the API, socialize, and gain consensus +1. Implement: write the construct as designed and create a new pull requests +1. Iterate: respond to feedback from pull request reviewers on the aws-cdk team +1. Publish: publish your new constructs as an alpha module +1. Iterate: respond to issues from users, fix bugs and optimize usage patterns +1. Stabilize: settle on the api and create a new PR migrating all constructs stability to "stable" From 2af78638aa113fb2b68f32e8b393c1ab3fd6716a Mon Sep 17 00:00:00 2001 From: Masashi Tomooka Date: Tue, 12 Dec 2023 00:24:29 +0900 Subject: [PATCH 09/24] docs(apigateway): set integrationHttpMethod for vpc link integration (#28299) As written in #6404, a VPC link integration fails to deploy unless we set `integrationHttpMethod` prop explicitly. In this PR we fix the sample code accordingly. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-apigateway/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/aws-cdk-lib/aws-apigateway/README.md b/packages/aws-cdk-lib/aws-apigateway/README.md index fc3af88c46443..2a6be5ad2b12a 100644 --- a/packages/aws-cdk-lib/aws-apigateway/README.md +++ b/packages/aws-cdk-lib/aws-apigateway/README.md @@ -1453,6 +1453,7 @@ const link = new apigateway.VpcLink(this, 'link', { const integration = new apigateway.Integration({ type: apigateway.IntegrationType.HTTP_PROXY, + integrationHttpMethod: 'ANY', options: { connectionType: apigateway.ConnectionType.VPC_LINK, vpcLink: link, From 15c7bb2908cff1ab8bebacacc09f26bbab6ec391 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Mon, 11 Dec 2023 08:31:49 -0800 Subject: [PATCH 10/24] feat: update AWS Service Spec (#28328) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update AWS Service Spec packages to latest versions **@aws-cdk/aws-service-spec changes:** ``` ├[~] service aws-autoscaling │ └ resources │ ├[~] resource AWS::AutoScaling::AutoScalingGroup │ │ └ types │ │ └[~] type InstanceRequirements │ │ └ properties │ │ ├ MemoryMiB: - MemoryMiBRequest │ │ │ + MemoryMiBRequest (required) │ │ └ VCpuCount: - VCpuCountRequest │ │ + VCpuCountRequest (required) │ └[~] resource AWS::AutoScaling::ScalingPolicy │ └ types │ └[~] type MetricStat │ └ - documentation: `MetricStat` is a property of the [AWS::AutoScaling::ScalingPolicy MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-metricdataquery.html) property type. │ This structure defines the CloudWatch metric to return, along with the statistic, period, and unit. │ For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* . │ + documentation: `MetricStat` is a property of the [AWS::AutoScaling::ScalingPolicy MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-metricdataquery.html) property type. │ This structure defines the CloudWatch metric to return, along with the statistic and unit. │ For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* . ├[~] service aws-billingconductor │ └ resources │ └[~] resource AWS::BillingConductor::CustomLineItem │ └ properties │ └[+] AccountId: string (immutable) ├[~] service aws-cleanrooms │ └ resources │ ├[~] resource AWS::CleanRooms::Collaboration │ │ ├ properties │ │ │ └ CreatorPaymentConfiguration: (documentation changed) │ │ └ types │ │ ├[~] type MemberSpecification │ │ │ └ properties │ │ │ └ PaymentConfiguration: (documentation changed) │ │ ├[~] type PaymentConfiguration │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: An object representing the collaboration member's payment responsibilities set by the collaboration creator. │ │ │ └ properties │ │ │ └ QueryCompute: (documentation changed) │ │ └[~] type QueryComputePaymentConfig │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the collaboration member's payment responsibilities set by the collaboration creator for query compute costs. │ │ └ properties │ │ └ IsResponsible: (documentation changed) │ └[~] resource AWS::CleanRooms::Membership │ ├ properties │ │ └ PaymentConfiguration: (documentation changed) │ └ types │ ├[~] type MembershipPaymentConfiguration │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the payment responsibilities accepted by the collaboration member. │ │ └ properties │ │ └ QueryCompute: (documentation changed) │ └[~] type MembershipQueryComputePaymentConfig │ ├ - documentation: undefined │ │ + documentation: An object representing the payment responsibilities accepted by the collaboration member for query compute costs. │ └ properties │ └ IsResponsible: (documentation changed) ├[~] service aws-cloudformation │ └ resources │ └[~] resource AWS::CloudFormation::StackSet │ └ types │ └[~] type OperationPreferences │ └ properties │ └ RegionOrder: (documentation changed) ├[~] service aws-cloudtrail │ └ resources │ └[~] resource AWS::CloudTrail::EventDataStore │ └ properties │ ├[+] FederationEnabled: boolean │ └[+] FederationRoleArn: string ├[~] service aws-codedeploy │ └ resources │ └[~] resource AWS::CodeDeploy::DeploymentConfig │ ├ - documentation: The `AWS::CodeDeploy::DeploymentConfig` resource creates a set of deployment rules, deployment success conditions, and deployment failure conditions that AWS CodeDeploy uses during a deployment. The deployment configuration specifies, through the use of a `MinimumHealthyHosts` value, the number or percentage of instances that must remain available at any time during a deployment. │ │ + documentation: The `AWS::CodeDeploy::DeploymentConfig` resource creates a set of deployment rules, deployment success conditions, and deployment failure conditions that AWS CodeDeploy uses during a deployment. The deployment configuration specifies the number or percentage of instances that must remain available at any time during a deployment. │ ├ properties │ │ └[+] ZonalConfig: ZonalConfig (immutable) │ └ types │ ├[+] type MinimumHealthyHostsPerZone │ │ ├ name: MinimumHealthyHostsPerZone │ │ └ properties │ │ ├Value: integer (required) │ │ └Type: string (required) │ └[+] type ZonalConfig │ ├ name: ZonalConfig │ └ properties │ ├FirstZoneMonitorDurationInSeconds: integer │ ├MonitorDurationInSeconds: integer │ └MinimumHealthyHostsPerZone: MinimumHealthyHostsPerZone ├[~] service aws-connect │ └ resources │ └[~] resource AWS::Connect::Instance │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ └[+] Tags: Array ├[~] service aws-dlm │ └ resources │ └[~] resource AWS::DLM::LifecyclePolicy │ ├ properties │ │ └ DefaultPolicy: (documentation changed) │ └ types │ └[~] type PolicyDetails │ └ properties │ └ PolicyType: (documentation changed) ├[~] service aws-dms │ └ resources │ ├[+] resource AWS::DMS::DataProvider │ │ ├ name: DataProvider │ │ │ cloudFormationType: AWS::DMS::DataProvider │ │ │ documentation: Resource schema for AWS::DMS::DataProvider │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├DataProviderName: string │ │ │ ├DataProviderIdentifier: string │ │ │ ├Description: string │ │ │ ├Engine: string (required) │ │ │ ├ExactSettings: boolean (default=false) │ │ │ ├Settings: Settings │ │ │ └Tags: Array │ │ ├ attributes │ │ │ ├DataProviderArn: string │ │ │ └DataProviderCreationTime: string │ │ └ types │ │ ├type Settings │ │ │├ documentation: PostgreSqlSettings property identifier. │ │ ││ name: Settings │ │ │└ properties │ │ │ └PostgreSqlSettings: PostgreSqlSettings │ │ └type PostgreSqlSettings │ │ ├ name: PostgreSqlSettings │ │ └ properties │ │ ├ServerName: string │ │ ├Port: integer │ │ ├DatabaseName: string │ │ ├SslMode: string │ │ └CertificateArn: string │ ├[+] resource AWS::DMS::InstanceProfile │ │ ├ name: InstanceProfile │ │ │ cloudFormationType: AWS::DMS::InstanceProfile │ │ │ documentation: Resource schema for AWS::DMS::InstanceProfile. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├InstanceProfileIdentifier: string │ │ │ ├AvailabilityZone: string │ │ │ ├Description: string │ │ │ ├KmsKeyArn: string │ │ │ ├PubliclyAccessible: boolean (default=false) │ │ │ ├NetworkType: string │ │ │ ├InstanceProfileName: string │ │ │ ├SubnetGroupIdentifier: string │ │ │ ├VpcSecurityGroups: Array │ │ │ └Tags: Array │ │ └ attributes │ │ ├InstanceProfileArn: string │ │ └InstanceProfileCreationTime: string │ └[+] resource AWS::DMS::MigrationProject │ ├ name: MigrationProject │ │ cloudFormationType: AWS::DMS::MigrationProject │ │ documentation: Resource schema for AWS::DMS::MigrationProject │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ ├ properties │ │ ├MigrationProjectName: string │ │ ├MigrationProjectIdentifier: string │ │ ├MigrationProjectCreationTime: string (deprecated=WARN) │ │ ├InstanceProfileIdentifier: string │ │ ├InstanceProfileName: string │ │ ├InstanceProfileArn: string │ │ ├TransformationRules: string │ │ ├Description: string │ │ ├SchemaConversionApplicationAttributes: SchemaConversionApplicationAttributes │ │ ├SourceDataProviderDescriptors: Array │ │ ├TargetDataProviderDescriptors: Array │ │ └Tags: Array │ ├ attributes │ │ └MigrationProjectArn: string │ └ types │ ├type SchemaConversionApplicationAttributes │ │├ documentation: The property describes schema conversion application attributes for the migration project. │ ││ name: SchemaConversionApplicationAttributes │ │└ properties │ │ ├S3BucketPath: string │ │ └S3BucketRoleArn: string │ └type DataProviderDescriptor │ ├ documentation: It is an object that describes Source and Target DataProviders and credentials for connecting to databases that are used in MigrationProject │ │ name: DataProviderDescriptor │ └ properties │ ├DataProviderIdentifier: string │ ├DataProviderName: string │ ├DataProviderArn: string │ ├SecretsManagerSecretId: string │ └SecretsManagerAccessRoleArn: string ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ └ AcceleratorNames: (documentation changed) │ ├[~] resource AWS::EC2::LaunchTemplate │ │ └ types │ │ ├[~] type ConnectionTrackingSpecification │ │ │ ├ - documentation: Allows customer to specify Connection Tracking options │ │ │ │ + documentation: A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon Elastic Compute Cloud User Guide* . │ │ │ └ properties │ │ │ ├ TcpEstablishedTimeout: (documentation changed) │ │ │ ├ UdpStreamTimeout: (documentation changed) │ │ │ └ UdpTimeout: (documentation changed) │ │ ├[~] type InstanceRequirements │ │ │ └ properties │ │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ │ └ AcceleratorNames: (documentation changed) │ │ └[~] type NetworkInterface │ │ └ properties │ │ ├ ConnectionTrackingSpecification: (documentation changed) │ │ └ EnaSrdSpecification: (documentation changed) │ ├[~] resource AWS::EC2::SpotFleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ └ AcceleratorNames: (documentation changed) │ ├[~] resource AWS::EC2::Subnet │ │ └ properties │ │ ├ Ipv4NetmaskLength: (documentation changed) │ │ └ Ipv6NetmaskLength: (documentation changed) │ ├[~] resource AWS::EC2::TransitGateway │ │ └ attributes │ │ └ TransitGatewayArn: (documentation changed) │ └[~] resource AWS::EC2::VerifiedAccessTrustProvider │ └ types │ └[~] type DeviceOptions │ └ properties │ └[+] PublicSigningKeyUrl: string ├[~] service aws-ecs │ └ resources │ └[~] resource AWS::ECS::CapacityProvider │ └ types │ └[~] type AutoScalingGroupProvider │ └ properties │ └[+] ManagedDraining: string ├[~] service aws-efs │ └ resources │ └[~] resource AWS::EFS::AccessPoint │ └ types │ └[~] type RootDirectory │ └ - documentation: Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's `RootDirectory` and it's subdirectories. │ + documentation: Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's `RootDirectory` and its subdirectories. ├[~] service aws-emr │ └ resources │ └[~] resource AWS::EMR::Studio │ └ properties │ ├[+] EncryptionKeyArn: string (immutable) │ ├[+] IdcInstanceArn: string (immutable) │ ├[+] IdcUserAssignment: string (immutable) │ └[+] TrustedIdentityPropagationEnabled: boolean (immutable) ├[~] service aws-eventschemas │ └ resources │ ├[~] resource AWS::EventSchemas::Discoverer │ │ └ attributes │ │ └ State: (documentation changed) │ └[~] resource AWS::EventSchemas::Registry ├[~] service aws-fis │ └ resources │ ├[~] resource AWS::FIS::ExperimentTemplate │ │ ├ - documentation: Specifies an experiment template. │ │ │ An experiment template includes the following components: │ │ │ - *Targets* : A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags. │ │ │ - *Actions* : The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment. │ │ │ - *Stop conditions* : If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm. │ │ │ For more information, see [Experiment templates](https://docs.aws.amazon.com/fis/latest/userguide/experiment-templates.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes an experiment template. │ │ ├ properties │ │ │ └[+] ExperimentOptions: ExperimentTemplateExperimentOptions │ │ ├ attributes │ │ │ └ Id: (documentation changed) │ │ └ types │ │ ├[~] type ExperimentTemplateAction │ │ │ └ - documentation: Specifies an action for an experiment template. │ │ │ For more information, see [Actions](https://docs.aws.amazon.com/fis/latest/userguide/actions.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes an action for an experiment template. │ │ ├[+] type ExperimentTemplateExperimentOptions │ │ │ ├ documentation: Describes the experiment options for an experiment template. │ │ │ │ name: ExperimentTemplateExperimentOptions │ │ │ └ properties │ │ │ ├AccountTargeting: string │ │ │ └EmptyTargetResolutionMode: string │ │ ├[~] type ExperimentTemplateLogConfiguration │ │ │ ├ - documentation: Specifies the configuration for experiment logging. │ │ │ │ For more information, see [Experiment logging](https://docs.aws.amazon.com/fis/latest/userguide/monitoring-logging.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ │ + documentation: Describes the configuration for experiment logging. │ │ │ └ properties │ │ │ ├ CloudWatchLogsConfiguration: (documentation changed) │ │ │ └ S3Configuration: (documentation changed) │ │ ├[~] type ExperimentTemplateStopCondition │ │ │ └ - documentation: Specifies a stop condition for an experiment template. │ │ │ For more information, see [Stop conditions](https://docs.aws.amazon.com/fis/latest/userguide/stop-conditions.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes a stop condition for an experiment template. │ │ ├[~] type ExperimentTemplateTarget │ │ │ ├ - documentation: Specifies a target for an experiment. You must specify at least one Amazon Resource Name (ARN) or at least one resource tag. You cannot specify both ARNs and tags. │ │ │ │ For more information, see [Targets](https://docs.aws.amazon.com/fis/latest/userguide/targets.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ │ + documentation: Describes a target for an experiment template. │ │ │ └ properties │ │ │ └ Parameters: (documentation changed) │ │ └[~] type ExperimentTemplateTargetFilter │ │ └ - documentation: Specifies a filter used for the target resource input in an experiment template. │ │ For more information, see [Resource filters](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters) in the *AWS Fault Injection Simulator User Guide* . │ │ + documentation: Describes a filter used for the target resources in an experiment template. │ └[+] resource AWS::FIS::TargetAccountConfiguration │ ├ name: TargetAccountConfiguration │ │ cloudFormationType: AWS::FIS::TargetAccountConfiguration │ │ documentation: Creates a target account configuration for the experiment template. A target account configuration is required when `accountTargeting` of `experimentOptions` is set to `multi-account` . For more information, see [experiment options](https://docs.aws.amazon.com/fis/latest/userguide/experiment-options.html) in the *AWS Fault Injection Simulator User Guide* . │ └ properties │ ├ExperimentTemplateId: string (required, immutable) │ ├AccountId: string (required, immutable) │ ├RoleArn: string (required) │ └Description: string ├[~] service aws-internetmonitor │ └ resources │ └[~] resource AWS::InternetMonitor::Monitor │ └ types │ ├[~] type InternetMeasurementsLogDelivery │ │ └ properties │ │ └ S3Config: (documentation changed) │ └[~] type S3Config │ ├ - documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) bucket prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` if you choose to deliver internet measurements to S3 logs, and `DISABLED` otherwise. │ │ The measurements are also published to Amazon CloudWatch Logs. │ │ + documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs. │ └ properties │ ├ BucketName: (documentation changed) │ ├ BucketPrefix: (documentation changed) │ └ LogDeliveryStatus: (documentation changed) ├[~] service aws-lambda │ └ resources │ └[~] resource AWS::Lambda::Function │ └ properties │ └[-] Policy: json ├[~] service aws-lightsail │ └ resources │ └[~] resource AWS::Lightsail::Database │ └ properties │ └ BackupRetention: (documentation changed) ├[~] service aws-opensearchservice │ └ resources │ └[~] resource AWS::OpenSearchService::Domain │ ├ properties │ │ └[+] IPAddressType: string │ └ attributes │ └[+] DomainEndpointV2: string ├[~] service aws-osis │ └ resources │ └[~] resource AWS::OSIS::Pipeline │ ├ properties │ │ ├[+] BufferOptions: BufferOptions │ │ └[+] EncryptionAtRestOptions: EncryptionAtRestOptions │ └ types │ ├[+] type BufferOptions │ │ ├ documentation: Key-value pairs to configure buffering. │ │ │ name: BufferOptions │ │ └ properties │ │ └PersistentBufferEnabled: boolean (required) │ ├[~] type CloudWatchLogDestination │ │ └ properties │ │ └ LogGroup: - string │ │ + string (required) │ ├[+] type EncryptionAtRestOptions │ │ ├ documentation: Key-value pairs to configure encryption at rest. │ │ │ name: EncryptionAtRestOptions │ │ └ properties │ │ └KmsKeyArn: string (required) │ └[~] type VpcOptions │ └ properties │ └ SubnetIds: - Array │ + Array (required) ├[~] service aws-rds │ └ resources │ ├[~] resource AWS::RDS::DBInstance │ │ └ properties │ │ ├ AllocatedStorage: (documentation changed) │ │ ├ DBName: (documentation changed) │ │ ├ Domain: (documentation changed) │ │ ├ EnableCloudwatchLogsExports: (documentation changed) │ │ ├ Engine: (documentation changed) │ │ ├ EngineVersion: (documentation changed) │ │ ├ Iops: (documentation changed) │ │ ├ LicenseModel: (documentation changed) │ │ ├ MasterUsername: (documentation changed) │ │ ├ MasterUserPassword: (documentation changed) │ │ └ Port: (documentation changed) │ ├[~] resource AWS::RDS::DBParameterGroup │ │ └ properties │ │ └ Parameters: (documentation changed) │ └[~] resource AWS::RDS::DBProxy │ └ properties │ └ EngineFamily: (documentation changed) ├[~] service aws-resiliencehub │ └ resources │ └[~] resource AWS::ResilienceHub::App │ └ types │ └[~] type ResourceMapping │ └ properties │ ├ EksSourceName: (documentation changed) │ ├ LogicalStackName: (documentation changed) │ ├ MappingType: (documentation changed) │ ├ ResourceName: (documentation changed) │ └ TerraformSourceName: (documentation changed) ├[~] service aws-rolesanywhere │ └ resources │ ├[~] resource AWS::RolesAnywhere::Profile │ │ ├ - documentation: Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. │ │ │ *Required permissions:* `rolesanywhere:CreateProfile` . │ │ │ + documentation: Creates a Profile. │ │ └ properties │ │ ├ DurationSeconds: (documentation changed) │ │ ├ Enabled: (documentation changed) │ │ ├ ManagedPolicyArns: (documentation changed) │ │ ├ Name: (documentation changed) │ │ ├ RequireInstanceProperties: (documentation changed) │ │ ├ RoleArns: (documentation changed) │ │ ├ SessionPolicy: (documentation changed) │ │ └ Tags: (documentation changed) │ └[~] resource AWS::RolesAnywhere::TrustAnchor │ ├ - documentation: Creates a trust anchor to establish trust between IAM Roles Anywhere and your certificate authority (CA). You can define a trust anchor as a reference to an AWS Private Certificate Authority ( AWS Private CA ) or by uploading a CA certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary AWS credentials. │ │ *Required permissions:* `rolesanywhere:CreateTrustAnchor` . │ │ + documentation: Creates a TrustAnchor. │ └ types │ ├[~] type Source │ │ ├ - documentation: The trust anchor type and its related certificate data. │ │ │ + documentation: Object representing the TrustAnchor type and its related certificate data. │ │ └ properties │ │ ├ SourceData: (documentation changed) │ │ └ SourceType: (documentation changed) │ └[~] type SourceData │ └ - documentation: The data field of the trust anchor depending on its type. │ + documentation: A union object representing the data field of the TrustAnchor depending on its type ├[~] service aws-s3 │ └ resources │ └[~] resource AWS::S3::Bucket │ └ types │ └[~] type InventoryConfiguration │ └ properties │ ├ OptionalFields: (documentation changed) │ └ ScheduleFrequency: (documentation changed) ├[~] service aws-s3express │ └ resources │ └[~] resource AWS::S3Express::DirectoryBucket │ └ properties │ └ BucketName: (documentation changed) ├[~] service aws-sagemaker │ └ resources │ ├[~] resource AWS::SageMaker::FeatureGroup │ │ └ types │ │ └[~] type OnlineStoreConfig │ │ └ properties │ │ └[+] StorageType: string │ └[~] resource AWS::SageMaker::Model │ └ types │ ├[~] type ContainerDefinition │ │ └ properties │ │ └ ModelDataSource: (documentation changed) │ ├[~] type ModelDataSource │ │ ├ - documentation: undefined │ │ │ + documentation: Specifies the location of ML model data to deploy. If specified, you must specify one and only one of the available data sources. │ │ └ properties │ │ └ S3DataSource: (documentation changed) │ └[~] type S3DataSource │ ├ - documentation: undefined │ │ + documentation: Describes the S3 data source. │ │ Your input bucket must be in the same AWS region as your training job. │ └ properties │ ├ S3DataType: (documentation changed) │ └ S3Uri: (documentation changed) ├[~] service aws-sns │ └ resources │ └[~] resource AWS::SNS::Topic │ ├ properties │ │ └[+] DeliveryStatusLogging: Array │ └ types │ └[+] type LoggingConfig │ ├ name: LoggingConfig │ └ properties │ ├Protocol: string (required) │ ├SuccessFeedbackRoleArn: string │ ├SuccessFeedbackSampleRate: string │ └FailureFeedbackRoleArn: string └[~] service aws-workspacesthinclient └ resources └[~] resource AWS::WorkSpacesThinClient::Environment ├ - documentation: Resource type definition for AWS::WorkSpacesThinClient::Environment. │ + documentation: Describes an environment. ├ properties │ ├ DesktopArn: (documentation changed) │ ├ DesktopEndpoint: (documentation changed) │ ├ MaintenanceWindow: (documentation changed) │ └ Tags: (documentation changed) ├ attributes │ ├ ActivationCode: (documentation changed) │ ├ Arn: (documentation changed) │ ├ CreatedAt: (documentation changed) │ ├ DesktopType: (documentation changed) │ ├ RegisteredDevicesCount: (documentation changed) │ └ UpdatedAt: (documentation changed) └ types └[~] type MaintenanceWindow ├ - documentation: undefined │ + documentation: Describes the maintenance window for a thin client device. └ properties ├ ApplyTimeOf: (documentation changed) ├ DaysOfTheWeek: (documentation changed) ├ EndTimeHour: (documentation changed) ├ EndTimeMinute: (documentation changed) ├ StartTimeHour: (documentation changed) ├ StartTimeMinute: (documentation changed) └ Type: (documentation changed) ``` --- .../@aws-cdk/cloudformation-diff/package.json | 4 +-- packages/@aws-cdk/integ-runner/package.json | 2 +- .../aws-lambda/lib/function-hash.ts | 1 - packages/aws-cdk-lib/package.json | 2 +- tools/@aws-cdk/spec2cdk/package.json | 6 ++-- yarn.lock | 28 +++++++++---------- 6 files changed, 21 insertions(+), 22 deletions(-) diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index c97b0e3b77928..f518ea5e7a149 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.34", - "@aws-cdk/service-spec-types": "^0.0.34", + "@aws-cdk/aws-service-spec": "^0.0.35", + "@aws-cdk/service-spec-types": "^0.0.35", "chalk": "^4", "diff": "^5.1.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index 9d68652f35ff0..5e04182868c24 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -74,7 +74,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.0.34", + "@aws-cdk/aws-service-spec": "^0.0.35", "cdk-assets": "0.0.0", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/aws-lambda/lib/function-hash.ts b/packages/aws-cdk-lib/aws-lambda/lib/function-hash.ts index 2e5d100116bc8..660d1c5f188b1 100644 --- a/packages/aws-cdk-lib/aws-lambda/lib/function-hash.ts +++ b/packages/aws-cdk-lib/aws-lambda/lib/function-hash.ts @@ -73,7 +73,6 @@ export const VERSION_LOCKED: { [key: string]: boolean } = { // not locked to the version CodeSigningConfigArn: false, - Policy: true, ReservedConcurrentExecutions: false, Tags: false, }; diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 3d7069027e068..8163c74978145 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -133,7 +133,7 @@ "yaml": "1.10.2" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.0.34", + "@aws-cdk/aws-service-spec": "^0.0.35", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index e445807d3c301..a27c05f84c917 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.34", - "@aws-cdk/service-spec-importers": "^0.0.10", - "@aws-cdk/service-spec-types": "^0.0.34", + "@aws-cdk/aws-service-spec": "^0.0.35", + "@aws-cdk/service-spec-importers": "^0.0.11", + "@aws-cdk/service-spec-types": "^0.0.35", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/yarn.lock b/yarn.lock index 618912028d629..521b94f18df9f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -56,12 +56,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac" integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg== -"@aws-cdk/aws-service-spec@^0.0.34": - version "0.0.34" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.34.tgz#0c04646e76c995bfb520f380ed84411521c1562b" - integrity sha512-4M7SEhG05BmqXROKrXYyUFJR0dbE66feqo+lnyq/xNSfoJR6PMSRWpsOWvty8iy1Ih8N4tjKAW0Zbzw+Y8gG4A== +"@aws-cdk/aws-service-spec@^0.0.35": + version "0.0.35" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.35.tgz#d6a225a5a306a595c6d51a920141337dd39a0407" + integrity sha512-75rNt8JBVMIv7iE/OfaYli5uVNXhzO/S5ExfXa8IgcXXykyMiYvTgBm7xPN85/pcqWvPIXP0C7ttsmF0JZYEng== dependencies: - "@aws-cdk/service-spec-types" "^0.0.34" + "@aws-cdk/service-spec-types" "^0.0.35" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/lambda-layer-kubectl-v24@^2.0.242": @@ -69,12 +69,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/lambda-layer-kubectl-v24/-/lambda-layer-kubectl-v24-2.0.242.tgz#4273a5ad7714f933a7eba155eb9280823086db71" integrity sha512-7/wIOo685tmrEe4hh6zqDELhBZh5OQGf3Hd2FU2Vnwy2ZubW8qTmEw5gqJCsCrGKeYDoa1BcVhDRZ/nzjkaqyA== -"@aws-cdk/service-spec-importers@^0.0.10": - version "0.0.10" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.10.tgz#47dd42fccb1252eb4edfb9ca1f525fe0b28a0053" - integrity sha512-hQk7iEeD8B2fCz3XlmYUA3vysVojMazcoOZNa2J7cNkHbL0RZb3O8jxA9IswT6eQJX2ws89XXYu9Z9f7nRGu8w== +"@aws-cdk/service-spec-importers@^0.0.11": + version "0.0.11" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.11.tgz#f7e60063337934313036d573a96d1e67ed9922d9" + integrity sha512-EjEpNx7rZNVuUwpJcttwAfQOKhCUojbDOZvu5k/0AcMKs6E/y/zGRdyt5xXxW04979ciLKcdWwgcGf4CcX9CSg== dependencies: - "@aws-cdk/service-spec-types" "^0.0.34" + "@aws-cdk/service-spec-types" "^0.0.35" "@cdklabs/tskb" "^0.0.3" ajv "^6" canonicalize "^2.0.0" @@ -85,10 +85,10 @@ glob "^8" sort-json "^2.0.1" -"@aws-cdk/service-spec-types@^0.0.34": - version "0.0.34" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.34.tgz#79203599ad1fdf3534fead56cf946c4c3809ce26" - integrity sha512-ydG/wOXlbpDLTe5mmKDW2AKZP5/gwMCJPH7YEyR4N51Zs1+4rhYhODWk8ME/KXHs+TUpjWz4q0yE80BJQdhOvw== +"@aws-cdk/service-spec-types@^0.0.35": + version "0.0.35" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.35.tgz#0d599074f6f09e741eea8621aa06de29fe4a1653" + integrity sha512-+XqMpPxyH2Hot/ifSF0eWmHUEYBIpUGvjEs4yxCdOrVAxOTYyJv6Ch/MZokOBmNF3Y03gxmaS0lPBhf8isT9EA== dependencies: "@cdklabs/tskb" "^0.0.3" From f3dafa49ec900fc044384441a9163d7ed6a63dda Mon Sep 17 00:00:00 2001 From: Clare Liguori Date: Mon, 11 Dec 2023 12:18:21 -0800 Subject: [PATCH 11/24] feat(stepfunctions-tasks): support for the Step Functions optimized integration for Bedrock InvokeModel API (#28276) Step Functions recently released an optimized integration for Bedrock InvokeModel API, and these changes add support for adding the Bedrock InvokeModel task to Step Functions state machines. Closes https://github.com/aws/aws-cdk/issues/28268. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...efaultTestDeployAssert9C0D2DFC.assets.json | 19 + ...aultTestDeployAssert9C0D2DFC.template.json | 36 ++ ...sks-bedrock-invoke-model-integ.assets.json | 19 + ...s-bedrock-invoke-model-integ.template.json | 140 +++++++ .../integ.invoke-model.js.snapshot/cdk.out | 1 + .../integ.invoke-model.js.snapshot/integ.json | 12 + .../manifest.json | 125 ++++++ .../integ.invoke-model.js.snapshot/tree.json | 275 +++++++++++++ .../test/bedrock/integ.invoke-model.ts | 66 ++++ packages/aws-cdk-lib/aws-bedrock/.jsiirc.json | 13 + packages/aws-cdk-lib/aws-bedrock/README.md | 32 ++ packages/aws-cdk-lib/aws-bedrock/index.ts | 1 + .../aws-bedrock/lib/foundation-model.ts | 119 ++++++ packages/aws-cdk-lib/aws-bedrock/lib/index.ts | 3 + .../aws-cdk-lib/aws-bedrock/lib/model-base.ts | 13 + .../aws-bedrock/lib/provisioned-model.ts | 30 ++ .../aws-bedrock/test/model.test.ts | 41 ++ .../aws-stepfunctions-tasks/README.md | 38 ++ .../lib/bedrock/invoke-model.ts | 217 +++++++++++ .../aws-stepfunctions-tasks/lib/index.ts | 1 + .../test/bedrock/invoke-model.test.ts | 363 ++++++++++++++++++ packages/aws-cdk-lib/index.ts | 1 + packages/aws-cdk-lib/package.json | 1 + 23 files changed, 1566 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/.jsiirc.json create mode 100644 packages/aws-cdk-lib/aws-bedrock/README.md create mode 100644 packages/aws-cdk-lib/aws-bedrock/index.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/lib/foundation-model.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/lib/index.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/lib/model-base.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/lib/provisioned-model.ts create mode 100644 packages/aws-cdk-lib/aws-bedrock/test/model.test.ts create mode 100644 packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts create mode 100644 packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json new file mode 100644 index 0000000000000..ec22c34fcf613 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json new file mode 100644 index 0000000000000..2d7004e16caf5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf": { + "source": { + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json new file mode 100644 index 0000000000000..ce41a5e96cc20 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json @@ -0,0 +1,140 @@ +{ + "Resources": { + "StateMachineRoleB840431D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachineRoleDefaultPolicyDF1E6607": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "bedrock:InvokeModel", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "StateMachineRoleDefaultPolicyDF1E6607", + "Roles": [ + { + "Ref": "StateMachineRoleB840431D" + } + ] + } + }, + "StateMachine2E01A3A5": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"Prompt1\",\"States\":{\"Prompt1\":{\"Next\":\"Prompt2\",\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"End\":true,\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}}},\"TimeoutSeconds\":30}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + } + }, + "DependsOn": [ + "StateMachineRoleDefaultPolicyDF1E6607", + "StateMachineRoleB840431D" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c5cb2e5de6344 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json new file mode 100644 index 0000000000000..5eb622d1d7b82 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "35.0.0", + "testCases": { + "InvokeModel/DefaultTest": { + "stacks": [ + "aws-stepfunctions-tasks-bedrock-invoke-model-integ" + ], + "assertionStack": "InvokeModel/DefaultTest/DeployAssert", + "assertionStackName": "InvokeModelDefaultTestDeployAssert9C0D2DFC" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json new file mode 100644 index 0000000000000..60de1b8de8ab7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json @@ -0,0 +1,125 @@ +{ + "version": "35.0.0", + "artifacts": { + "aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-stepfunctions-tasks-bedrock-invoke-model-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets" + ], + "metadata": { + "/aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineRoleB840431D" + } + ], + "/aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineRoleDefaultPolicyDF1E6607" + } + ], + "/aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachine2E01A3A5" + } + ], + "/aws-stepfunctions-tasks-bedrock-invoke-model-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-stepfunctions-tasks-bedrock-invoke-model-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-stepfunctions-tasks-bedrock-invoke-model-integ" + }, + "InvokeModelDefaultTestDeployAssert9C0D2DFC.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "InvokeModelDefaultTestDeployAssert9C0D2DFC": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "InvokeModelDefaultTestDeployAssert9C0D2DFC.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "InvokeModelDefaultTestDeployAssert9C0D2DFC.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "InvokeModelDefaultTestDeployAssert9C0D2DFC.assets" + ], + "metadata": { + "/InvokeModel/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/InvokeModel/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "InvokeModel/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json new file mode 100644 index 0000000000000..b3a2882dbd6fb --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json @@ -0,0 +1,275 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-stepfunctions-tasks-bedrock-invoke-model-integ": { + "id": "aws-stepfunctions-tasks-bedrock-invoke-model-integ", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ", + "children": { + "Prompt1": { + "id": "Prompt1", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/Prompt1", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.BedrockInvokeModel", + "version": "0.0.0" + } + }, + "Prompt2": { + "id": "Prompt2", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/Prompt2", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.BedrockInvokeModel", + "version": "0.0.0" + } + }, + "StateMachine": { + "id": "StateMachine", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine", + "children": { + "Role": { + "id": "Role", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "bedrock:InvokeModel", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "StateMachineRoleDefaultPolicyDF1E6607", + "roles": [ + { + "Ref": "StateMachineRoleB840431D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"Prompt1\",\"States\":{\"Prompt1\":{\"Next\":\"Prompt2\",\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"End\":true,\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":bedrock:", + { + "Ref": "AWS::Region" + }, + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}}},\"TimeoutSeconds\":30}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "InvokeModel": { + "id": "InvokeModel", + "path": "InvokeModel", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "InvokeModel/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "InvokeModel/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "InvokeModel/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "InvokeModel/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "InvokeModel/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts new file mode 100644 index 0000000000000..95860f09e624e --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts @@ -0,0 +1,66 @@ +import * as bedrock from 'aws-cdk-lib/aws-bedrock'; +import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; +import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import { BedrockInvokeModel } from 'aws-cdk-lib/aws-stepfunctions-tasks'; + +/* + * Stack verification steps: + * * aws stepfunctions start-execution --state-machine-arn : should return execution arn + * * aws stepfunctions describe-execution --execution-arn : should return status as SUCCEEDED + * This integ test does not actually verify a Step Functions execution, as not all AWS accounts have Bedrock model access. + */ +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-stepfunctions-tasks-bedrock-invoke-model-integ'); + +const model = bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', bedrock.FoundationModelIdentifier.AMAZON_TITAN_TEXT_G1_EXPRESS_V1); + +const prompt1 = new BedrockInvokeModel(stack, 'Prompt1', { + model, + body: sfn.TaskInput.fromObject( + { + inputText: 'Generate a list of five first names.', + textGenerationConfig: { + maxTokenCount: 100, + temperature: 1, + }, + }, + ), + resultSelector: { + names: sfn.JsonPath.stringAt('$.Body.results[0].outputText'), + }, + resultPath: '$', +}); + +const prompt2 = new BedrockInvokeModel(stack, 'Prompt2', { + model, + body: sfn.TaskInput.fromObject( + { + inputText: sfn.JsonPath.format( + 'Alphabetize this list of first names:\n{}', + sfn.JsonPath.stringAt('$.names'), + ), + textGenerationConfig: { + maxTokenCount: 100, + temperature: 1, + }, + }, + ), + resultSelector: { + names: sfn.JsonPath.stringAt('$.Body.results[0].outputText'), + }, + resultPath: '$', +}); + +const chain = sfn.Chain.start(prompt1).next(prompt2); + +new sfn.StateMachine(stack, 'StateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(chain), + timeout: cdk.Duration.seconds(30), +}); + +new IntegTest(app, 'InvokeModel', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/aws-cdk-lib/aws-bedrock/.jsiirc.json b/packages/aws-cdk-lib/aws-bedrock/.jsiirc.json new file mode 100644 index 0000000000000..5d9d8fdd12efe --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/.jsiirc.json @@ -0,0 +1,13 @@ +{ + "targets": { + "java": { + "package": "software.amazon.awscdk.services.bedrock" + }, + "dotnet": { + "namespace": "Amazon.CDK.AWS.Bedrock" + }, + "python": { + "module": "aws_cdk.aws_bedrock" + } + } +} diff --git a/packages/aws-cdk-lib/aws-bedrock/README.md b/packages/aws-cdk-lib/aws-bedrock/README.md new file mode 100644 index 0000000000000..cc353def5f1eb --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/README.md @@ -0,0 +1,32 @@ +# Amazon Bedrock Construct Library + +Amazon Bedrock is a fully managed service that offers a choice of foundation models (FMs) +along with a broad set of capabilities for building generative AI applications. + +CloudFormation does not currently support any Bedrock resource types. +This construct library is a collection of constructs that can look up existing Bedrock models +for use with other services' CDK constructs, such as AWS Step Functions. + +To look up a Bedrock base foundation model: + +```ts +import * as bedrock from 'aws-cdk-lib/aws-bedrock'; + +bedrock.FoundationModel.fromFoundationModelId( + this, + 'Model', + bedrock.FoundationModelIdentifier.ANTHROPIC_CLAUDE_V2, +); +``` + +To look up a Bedrock provisioned throughput model: + +```ts +import * as bedrock from 'aws-cdk-lib/aws-bedrock'; + +bedrock.ProvisionedModel.fromProvisionedModelArn( + this, + 'Model', + 'arn:aws:bedrock:us-east-2:123456789012:provisioned-model/abc-123', +); +``` diff --git a/packages/aws-cdk-lib/aws-bedrock/index.ts b/packages/aws-cdk-lib/aws-bedrock/index.ts new file mode 100644 index 0000000000000..f41a696fd204d --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/index.ts @@ -0,0 +1 @@ +export * from './lib'; diff --git a/packages/aws-cdk-lib/aws-bedrock/lib/foundation-model.ts b/packages/aws-cdk-lib/aws-bedrock/lib/foundation-model.ts new file mode 100644 index 0000000000000..b4e0a31d9c7fc --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/lib/foundation-model.ts @@ -0,0 +1,119 @@ +import { Construct } from 'constructs'; +import { IModel } from './model-base'; +import { ArnFormat, Stack } from '../../core'; + +/** + * The model identifiers for the Bedrock base foundation models. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/model-ids-arns.html + */ +export class FoundationModelIdentifier { + /** Base model "ai21.j2-mid-v1". */ + public static readonly AI21_LABS_JURASSIC_2_MID_V1 = new FoundationModelIdentifier('ai21.j2-mid-v1'); + + /** Base model "ai21.j2-ultra-v1". */ + public static readonly AI21_LABS_JURASSIC_2_ULTRA_V1 = new FoundationModelIdentifier('ai21.j2-ultra-v1'); + + /** Base model "amazon.titan-embed-text-v1". */ + public static readonly AMAZON_TITAN_EMBEDDINGS_G1_TEXT_V1 = new FoundationModelIdentifier('amazon.titan-embed-text-v1'); + + /** Base model "amazon.titan-text-express-v1". */ + public static readonly AMAZON_TITAN_TEXT_G1_EXPRESS_V1 = new FoundationModelIdentifier('amazon.titan-text-express-v1'); + + /** Base model "amazon.titan-embed-image-v1". */ + public static readonly AMAZON_TITAN_MULTIMODAL_EMBEDDINGS_G1_V1 = new FoundationModelIdentifier('amazon.titan-embed-image-v1'); + + /** Base model "amazon.titan-image-generator-v1". */ + public static readonly AMAZON_TITAN_IMAGE_GENERATOR_G1_V1 = new FoundationModelIdentifier('amazon.titan-image-generator-v1'); + + /** Base model "anthropic.claude-v1". */ + public static readonly ANTHROPIC_CLAUDE_V1 = new FoundationModelIdentifier('anthropic.claude-v1'); + + /** Base model "anthropic.claude-v2". */ + public static readonly ANTHROPIC_CLAUDE_V2 = new FoundationModelIdentifier('anthropic.claude-v2'); + + /** Base model "anthropic.claude-v2:1". */ + public static readonly ANTHROPIC_CLAUDE_V2_1 = new FoundationModelIdentifier('anthropic.claude-v2:1'); + + /** Base model "anthropic.claude-instant-v1". */ + public static readonly ANTHROPIC_CLAUDE_INSTANT_V1 = new FoundationModelIdentifier('anthropic.claude-instant-v1'); + + /** Base model "cohere.command-text-v14". */ + public static readonly COHERE_COMMAND_V14 = new FoundationModelIdentifier('cohere.command-text-v14'); + + /** Base model "cohere.command-light-text-v14". */ + public static readonly COHERE_COMMAND_LIGHT_V14 = new FoundationModelIdentifier('cohere.command-light-text-v14'); + + /** Base model "cohere.embed-english-v3". */ + public static readonly COHERE_EMBED_ENGLISH_V3 = new FoundationModelIdentifier('cohere.embed-english-v3'); + + /** Base model "cohere.embed-multilingual-v3". */ + public static readonly COHERE_EMBED_MULTILINGUAL_V3 = new FoundationModelIdentifier('cohere.embed-multilingual-v3'); + + /** Base model "meta.llama2-13b-chat-v1". */ + public static readonly META_LLAMA_2_CHAT_13B_V1 = new FoundationModelIdentifier('meta.llama2-13b-chat-v1'); + + /** Base model "meta.llama2-70b-chat-v1". */ + public static readonly META_LLAMA_2_CHAT_70B_V1 = new FoundationModelIdentifier('meta.llama2-70b-chat-v1'); + + /** + * Constructor for foundation model identifier + * @param modelId the model identifier + */ + public constructor(public readonly modelId: string) { } +} + +/** + * Construction properties of `FoundationModel`. + * Module-private, as the constructor of `FoundationModel` is private. + */ +interface FoundationModelProps { + readonly modelId: string; + readonly modelArn: string; +} + +/** + * A Bedrock base foundation model. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html + */ +export class FoundationModel implements IModel { + /** + * Construct a Bedrock base foundation model given the model identifier. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/model-ids-arns.html + * + * @param scope The parent construct + * @param _id The name of the model construct + * @param foundationModelId The model identifier such as 'amazon.titan-text-express-v1' + * @returns A Bedrock base foundation model. + */ + public static fromFoundationModelId(scope: Construct, _id: string, foundationModelId: FoundationModelIdentifier): FoundationModel { + return new FoundationModel({ + modelId: foundationModelId.modelId, + modelArn: Stack.of(scope).formatArn({ + service: 'bedrock', + account: '', + resource: 'foundation-model', + resourceName: foundationModelId.modelId, + arnFormat: ArnFormat.SLASH_RESOURCE_NAME, + }), + }); + } + + /** + * The foundation model ID. + * @example 'amazon.titan-text-express-v1' + */ + public readonly modelId: string; + + /** + * The foundation model ARN. + */ + public readonly modelArn: string; + + private constructor(props: FoundationModelProps) { + this.modelId = props.modelId; + this.modelArn = props.modelArn; + } +} diff --git a/packages/aws-cdk-lib/aws-bedrock/lib/index.ts b/packages/aws-cdk-lib/aws-bedrock/lib/index.ts new file mode 100644 index 0000000000000..4249e058d34c5 --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/lib/index.ts @@ -0,0 +1,3 @@ +export * from './foundation-model'; +export * from './model-base'; +export * from './provisioned-model'; diff --git a/packages/aws-cdk-lib/aws-bedrock/lib/model-base.ts b/packages/aws-cdk-lib/aws-bedrock/lib/model-base.ts new file mode 100644 index 0000000000000..97ef32bb7f08e --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/lib/model-base.ts @@ -0,0 +1,13 @@ +/** + * Represents a Bedrock model. + * The model could be a foundation model, a custom model, or a provisioned model. + */ +export interface IModel { + /** + * The ARN of the model + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/api-methods-run.html + * @see https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbedrock.html#amazonbedrock-actions-as-permissions + */ + readonly modelArn: string; +} diff --git a/packages/aws-cdk-lib/aws-bedrock/lib/provisioned-model.ts b/packages/aws-cdk-lib/aws-bedrock/lib/provisioned-model.ts new file mode 100644 index 0000000000000..4c1a72e2a0252 --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/lib/provisioned-model.ts @@ -0,0 +1,30 @@ +import { Construct } from 'constructs'; +import { IModel } from './model-base'; + +/** + * A Bedrock provisioned model + * + * Note: CloudFormation does not currently support creating Bedrock Provisioned Throughput + * resources outside of a custom resource. You can import provisioned models created by + * provisioning throughput in Bedrock outside the CDK or via a custom resource with + * {@link ProvisionedModel#fromProvisionedModelArn}. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/prov-throughput.html + */ +export class ProvisionedModel implements IModel { + /** + * Import an provisioned model given an ARN + */ + public static fromProvisionedModelArn(_scope: Construct, _id: string, provisionedModelArn: string): IModel { + return new ProvisionedModel(provisionedModelArn); + } + + /** + * The ARN of the provisioned model. + */ + public readonly modelArn: string; + + private constructor(provisionedModelArn: string) { + this.modelArn = provisionedModelArn; + } +} diff --git a/packages/aws-cdk-lib/aws-bedrock/test/model.test.ts b/packages/aws-cdk-lib/aws-bedrock/test/model.test.ts new file mode 100644 index 0000000000000..f5887cd4203cb --- /dev/null +++ b/packages/aws-cdk-lib/aws-bedrock/test/model.test.ts @@ -0,0 +1,41 @@ +import * as cdk from '../../core'; +import * as bedrock from '../lib'; + +/* eslint-disable quote-props */ + +describe('ProvisionedModel', () => { + test('fromProvisionedModelArn', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Model', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + // THEN + expect(model.modelArn).toEqual('arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + }); +}); + +describe('FoundationModel', () => { + test('fromFoundationModelId', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const model = bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', bedrock.FoundationModelIdentifier.ANTHROPIC_CLAUDE_V2); + + // THEN + expect(stack.resolve(model.modelArn)).toEqual({ 'Fn::Join': ['', ['arn:', { 'Ref': 'AWS::Partition' }, ':bedrock:', { 'Ref': 'AWS::Region' }, '::foundation-model/anthropic.claude-v2']] }); + }); + + test('fromFoundationModelId with newer model ID', () => { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const model = bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', new bedrock.FoundationModelIdentifier('new-base-model')); + + // THEN + expect(stack.resolve(model.modelArn)).toEqual({ 'Fn::Join': ['', ['arn:', { 'Ref': 'AWS::Partition' }, ':bedrock:', { 'Ref': 'AWS::Region' }, '::foundation-model/new-base-model']] }); + }); +}); diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md index bf726ce12a802..8f32286484f39 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md @@ -31,6 +31,8 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw - [StopQueryExecution](#stopqueryexecution) - [Batch](#batch) - [SubmitJob](#submitjob) + - [Bedrock](#bedrock) + - [InvokeModel](#invokemodel) - [CodeBuild](#codebuild) - [StartBuild](#startbuild) - [DynamoDB](#dynamodb) @@ -311,6 +313,42 @@ const task = new tasks.BatchSubmitJob(this, 'Submit Job', { }); ``` +## Bedrock + +Step Functions supports [Bedrock](https://docs.aws.amazon.com/step-functions/latest/dg/connect-bedrock.html) through the service integration pattern. + +### InvokeModel + +The [InvokeModel](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModel.html) API +invokes the specified Bedrock model to run inference using the input provided. +The format of the input body and the response body depend on the model selected. + +```ts +import * as bedrock from 'aws-cdk-lib/aws-bedrock'; + +const model = bedrock.FoundationModel.fromFoundationModelId( + this, + 'Model', + bedrock.FoundationModelIdentifier.AMAZON_TITAN_TEXT_G1_EXPRESS_V1, +); + +const task = new tasks.BedrockInvokeModel(this, 'Prompt Model', { + model, + body: sfn.TaskInput.fromObject( + { + inputText: 'Generate a list of five first names.', + textGenerationConfig: { + maxTokenCount: 100, + temperature: 1, + }, + }, + ), + resultSelector: { + names: sfn.JsonPath.stringAt('$.Body.results[0].outputText'), + }, +}); +``` + ## CodeBuild Step Functions supports [CodeBuild](https://docs.aws.amazon.com/step-functions/latest/dg/connect-codebuild.html) through the service integration pattern. diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts new file mode 100644 index 0000000000000..f123ca00ac271 --- /dev/null +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts @@ -0,0 +1,217 @@ +import { Construct } from 'constructs'; +import * as bedrock from '../../../aws-bedrock'; +import * as iam from '../../../aws-iam'; +import * as s3 from '../../../aws-s3'; +import * as sfn from '../../../aws-stepfunctions'; +import { Stack } from '../../../core'; +import { integrationResourceArn, validatePatternSupported } from '../private/task-utils'; + +/** + * Location to retrieve the input data, prior to calling Bedrock InvokeModel. + * + * @see https://docs.aws.amazon.com/step-functions/latest/dg/connect-bedrock.html + */ +export interface BedrockInvokeModelInputProps { + + /** + * S3 object to retrieve the input data from. + * + * If the S3 location is not set, then the Body must be set. + * + * @default Input data is retrieved from the `body` field + */ + readonly s3Location?: s3.Location; +} + +/** + * Location where the Bedrock InvokeModel API response is written. + * + * @see https://docs.aws.amazon.com/step-functions/latest/dg/connect-bedrock.html + */ +export interface BedrockInvokeModelOutputProps { + + /** + * S3 object where the Bedrock InvokeModel API response is written. + * + * If you specify this field, the API response body is replaced with + * a reference to the Amazon S3 location of the original output. + * + * @default Response body is returned in the task result + */ + readonly s3Location?: s3.Location; +} + +/** + * Properties for invoking a Bedrock Model + */ +export interface BedrockInvokeModelProps extends sfn.TaskStateBaseProps { + + /** + * The Bedrock model that the task will invoke. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/api-methods-run.html + */ + readonly model: bedrock.IModel; + + /** + * The input data for the Bedrock model invocation. + * + * The inference parameters contained in the body depend on the Bedrock model being used. + * + * The body must be in the format specified in the `contentType` field. + * For example, if the content type is `application/json`, the body must be + * JSON formatted. + * + * The body must be up to 256 KB in size. For input data that exceeds 256 KB, + * use `input` instead to retrieve the input data from S3. + * + * You must specify either the `body` or the `input` field, but not both. + * + * @see https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html + * + * @default Input data is retrieved from the location specified in the `input` field + */ + readonly body?: sfn.TaskInput; + + /** + * The desired MIME type of the inference body in the response. + * + * @see https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModel.html + * @default 'application/json' + */ + readonly accept?: string; + + /** + * The MIME type of the input data in the request. + * + * @see https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModel.html + * @default 'application/json' + */ + readonly contentType?: string; + + /** + * The source location to retrieve the input data from. + * + * @default Input data is retrieved from the `body` field + */ + readonly input?: BedrockInvokeModelInputProps; + + /** + * The destination location where the API response is written. + * + * If you specify this field, the API response body is replaced with a reference to the + * output location. + * + * @default The API response body is returned in the result. + */ + readonly output?: BedrockInvokeModelOutputProps; +} + +/** + * A Step Functions Task to invoke a model in Bedrock. + * + */ +export class BedrockInvokeModel extends sfn.TaskStateBase { + + private static readonly SUPPORTED_INTEGRATION_PATTERNS: sfn.IntegrationPattern[] = [ + sfn.IntegrationPattern.REQUEST_RESPONSE, + ]; + + protected readonly taskMetrics: sfn.TaskMetricsConfig | undefined; + protected readonly taskPolicies: iam.PolicyStatement[] | undefined; + + private readonly integrationPattern: sfn.IntegrationPattern; + + constructor(scope: Construct, id: string, private readonly props: BedrockInvokeModelProps) { + super(scope, id, props); + this.integrationPattern = props.integrationPattern ?? sfn.IntegrationPattern.REQUEST_RESPONSE; + + validatePatternSupported(this.integrationPattern, BedrockInvokeModel.SUPPORTED_INTEGRATION_PATTERNS); + + const isBodySpecified = props.body !== undefined; + const isInputSpecified = props.input !== undefined && props.input.s3Location !== undefined; + + if (isBodySpecified && isInputSpecified) { + throw new Error('Either `body` or `input` must be specified, but not both.'); + } + if (!isBodySpecified && !isInputSpecified) { + throw new Error('Either `body` or `input` must be specified.'); + } + if (props.input?.s3Location?.objectVersion !== undefined) { + throw new Error('Input S3 object version is not supported.'); + } + if (props.output?.s3Location?.objectVersion !== undefined) { + throw new Error('Output S3 object version is not supported.'); + } + + this.taskPolicies = this.renderPolicyStatements(); + } + + private renderPolicyStatements(): iam.PolicyStatement[] { + const policyStatements = [ + new iam.PolicyStatement({ + actions: ['bedrock:InvokeModel'], + resources: [this.props.model.modelArn], + }), + ]; + + if (this.props.input !== undefined && this.props.input.s3Location !== undefined) { + policyStatements.push( + new iam.PolicyStatement({ + actions: ['s3:GetObject'], + resources: [ + Stack.of(this).formatArn({ + region: '', + account: '', + service: 's3', + resource: this.props.input?.s3Location?.bucketName, + resourceName: this.props.input?.s3Location?.objectKey, + }), + ], + }), + ); + } + + if (this.props.output !== undefined && this.props.output.s3Location !== undefined) { + policyStatements.push( + new iam.PolicyStatement({ + actions: ['s3:PutObject'], + resources: [ + Stack.of(this).formatArn({ + region: '', + account: '', + service: 's3', + resource: this.props.output?.s3Location?.bucketName, + resourceName: this.props.output?.s3Location?.objectKey, + }), + ], + }), + ); + } + + return policyStatements; + } + + /** + * Provides the Bedrock InvokeModel service integration task configuration + * + * @internal + */ + protected _renderTask(): any { + return { + Resource: integrationResourceArn('bedrock', 'invokeModel'), + Parameters: sfn.FieldUtils.renderObject({ + ModelId: this.props.model.modelArn, + Accept: this.props.accept, + ContentType: this.props.contentType, + Body: this.props.body?.value, + Input: this.props.input?.s3Location ? { + S3Uri: `s3://${this.props.input.s3Location.bucketName}/${this.props.input.s3Location.objectKey}`, + } : undefined, + Output: this.props.output?.s3Location ? { + S3Uri: `s3://${this.props.output.s3Location.bucketName}/${this.props.output.s3Location.objectKey}`, + } : undefined, + }), + }; + } +} diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/index.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/index.ts index 04fd1846f1d08..575464d22dcf0 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/index.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/index.ts @@ -51,3 +51,4 @@ export * from './eks/call'; export * from './apigateway'; export * from './eventbridge/put-events'; export * from './aws-sdk/call-aws-service'; +export * from './bedrock/invoke-model'; diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts new file mode 100644 index 0000000000000..32c636cf679cf --- /dev/null +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts @@ -0,0 +1,363 @@ +import { Template, Match } from '../../../assertions'; +import * as bedrock from '../../../aws-bedrock'; +import * as sfn from '../../../aws-stepfunctions'; +import * as cdk from '../../../core'; +import { BedrockInvokeModel } from '../../lib/bedrock/invoke-model'; + +describe('Invoke Model', () => { + + test('default settings', () => { + // GIVEN + const stack = new cdk.Stack(undefined, 'Stack1', { env: { account: '12345678', region: 'us-turbo-1' } }); + + // WHEN + const task = new BedrockInvokeModel(stack, 'Invoke', { + model: bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', bedrock.FoundationModelIdentifier.ANTHROPIC_CLAUDE_INSTANT_V1), + body: sfn.TaskInput.fromObject( + { + prompt: 'Hello world', + }, + ), + }); + + // THEN + expect(stack.resolve(task.toStateJson())).toEqual({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::bedrock:invokeModel', + ], + ], + }, + End: true, + Parameters: { + ModelId: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':bedrock:us-turbo-1::foundation-model/anthropic.claude-instant-v1', + ], + ], + }, + Body: { + prompt: 'Hello world', + }, + }, + }); + }); + + test('InvokeModel permissions are created in generated policy', () => { + // GIVEN + const stack = new cdk.Stack(undefined, 'Stack1', { env: { account: '12345678', region: 'us-turbo-1' } }); + + // WHEN + const task = new BedrockInvokeModel(stack, 'Invoke', { + model: bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', bedrock.FoundationModelIdentifier.ANTHROPIC_CLAUDE_INSTANT_V1), + body: sfn.TaskInput.fromObject( + { + prompt: 'Hello world', + }, + ), + }); + + new sfn.StateMachine(stack, 'StateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(task), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: Match.objectLike({ + Statement: Match.arrayWith([ + { + Action: 'bedrock:InvokeModel', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':bedrock:us-turbo-1::foundation-model/anthropic.claude-instant-v1', + ], + ], + }, + }, + ]), + }), + }); + }); + + test('MIME type configurations', () => { + // GIVEN + const stack = new cdk.Stack(undefined, 'Stack1', { env: { account: '12345678', region: 'us-turbo-1' } }); + + // WHEN + const task = new BedrockInvokeModel(stack, 'Invoke', { + model: bedrock.FoundationModel.fromFoundationModelId(stack, 'Model', bedrock.FoundationModelIdentifier.ANTHROPIC_CLAUDE_INSTANT_V1), + body: sfn.TaskInput.fromObject( + { + prompt: 'Hello world', + }, + ), + accept: 'image/png', + contentType: 'text/plain', + }); + + // THEN + expect(stack.resolve(task.toStateJson())).toEqual({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::bedrock:invokeModel', + ], + ], + }, + End: true, + Parameters: { + ModelId: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':bedrock:us-turbo-1::foundation-model/anthropic.claude-instant-v1', + ], + ], + }, + Body: { + prompt: 'Hello world', + }, + Accept: 'image/png', + ContentType: 'text/plain', + }, + }); + }); + + test('input and output configurations', () => { + // GIVEN + const stack = new cdk.Stack(undefined, 'Stack1', { env: { account: '12345678', region: 'us-turbo-1' } }); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + // WHEN + const task = new BedrockInvokeModel(stack, 'Invoke', { + model, + input: { + s3Location: { + bucketName: 'input-bucket', + objectKey: 'input-key', + }, + }, + output: { + s3Location: { + bucketName: 'output-bucket', + objectKey: 'output-key', + }, + }, + }); + + // THEN + expect(stack.resolve(task.toStateJson())).toEqual({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::bedrock:invokeModel', + ], + ], + }, + End: true, + Parameters: { + ModelId: 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123', + Input: { + S3Uri: 's3://input-bucket/input-key', + }, + Output: { + S3Uri: 's3://output-bucket/output-key', + }, + }, + }); + }); + + test('S3 permissions are created in generated policy when input and output locations are specified', () => { + // GIVEN + const stack = new cdk.Stack(); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + // WHEN + const task = new BedrockInvokeModel(stack, 'Invoke', { + model, + input: { + s3Location: { + bucketName: 'input-bucket', + objectKey: 'input-key', + }, + }, + output: { + s3Location: { + bucketName: 'output-bucket', + objectKey: 'output-key', + }, + }, + }); + + new sfn.StateMachine(stack, 'StateMachine', { + definitionBody: sfn.DefinitionBody.fromChainable(task), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: Match.objectLike({ + Statement: Match.arrayWith([ + { + Action: 'bedrock:InvokeModel', + Effect: 'Allow', + Resource: 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123', + }, + { + Action: 's3:GetObject', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':s3:::input-bucket/input-key', + ], + ], + }, + }, + { + Action: 's3:PutObject', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':s3:::output-bucket/output-key', + ], + ], + }, + }, + ]), + }), + }); + }); + + test('fails on neither input nor body set', () => { + // GIVEN + const stack = new cdk.Stack(); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + expect(() => { + // WHEN + new BedrockInvokeModel(stack, 'Invoke', { + model, + }); + // THEN + }).toThrow(/Either `body` or `input` must be specified./); + }); + + test('fails on both input and body set', () => { + // GIVEN + const stack = new cdk.Stack(); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + expect(() => { + // WHEN + new BedrockInvokeModel(stack, 'Invoke', { + model, + body: sfn.TaskInput.fromObject( + { + prompt: 'Hello world', + }, + ), + input: { + s3Location: { + bucketName: 'hello', + objectKey: 'world', + }, + }, + }); + // THEN + }).toThrow(/Either `body` or `input` must be specified, but not both./); + }); + + test('fails on S3 object version in input', () => { + // GIVEN + const stack = new cdk.Stack(); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + expect(() => { + // WHEN + new BedrockInvokeModel(stack, 'Invoke', { + model, + input: { + s3Location: { + bucketName: 'hello', + objectKey: 'world', + objectVersion: '123', + }, + }, + }); + // THEN + }).toThrow(/Input S3 object version is not supported./); + }); + + test('fails on S3 object version in output', () => { + // GIVEN + const stack = new cdk.Stack(); + const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); + + expect(() => { + // WHEN + new BedrockInvokeModel(stack, 'Invoke', { + model, + body: sfn.TaskInput.fromObject( + { + prompt: 'Hello world', + }, + ), + output: { + s3Location: { + bucketName: 'hello', + objectKey: 'world', + objectVersion: '123', + }, + }, + }); + // THEN + }).toThrow(/Output S3 object version is not supported./); + }); +}); diff --git a/packages/aws-cdk-lib/index.ts b/packages/aws-cdk-lib/index.ts index 2a77270f03d99..739ab80ae4644 100644 --- a/packages/aws-cdk-lib/index.ts +++ b/packages/aws-cdk-lib/index.ts @@ -30,6 +30,7 @@ export * as aws_autoscalingplans from './aws-autoscalingplans'; export * as aws_backup from './aws-backup'; export * as aws_backupgateway from './aws-backupgateway'; export * as aws_batch from './aws-batch'; +export * as aws_bedrock from './aws-bedrock'; export * as aws_billingconductor from './aws-billingconductor'; export * as aws_budgets from './aws-budgets'; export * as aws_cassandra from './aws-cassandra'; diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 8163c74978145..d2b2ad6c7acae 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -241,6 +241,7 @@ "./aws-backup": "./aws-backup/index.js", "./aws-backupgateway": "./aws-backupgateway/index.js", "./aws-batch": "./aws-batch/index.js", + "./aws-bedrock": "./aws-bedrock/index.js", "./aws-billingconductor": "./aws-billingconductor/index.js", "./aws-budgets": "./aws-budgets/index.js", "./aws-cassandra": "./aws-cassandra/index.js", From 14e5e50e9e4a23ab7db5bbccf874e6a5fe731e34 Mon Sep 17 00:00:00 2001 From: Michael Sambol Date: Mon, 11 Dec 2023 16:02:02 -0700 Subject: [PATCH 12/24] fix(stepfunctions-tasks): missing tags & perms for emr cluster creation (#28327) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Per the [documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources): * To use managed policies, pass the user tag `for-use-with-amazon-emr-managed-policies = true` when you provision a cluster with the CLI, SDK, or another method. * For resources that are not created by Amazon EMR, you must add tags to those resources. For example, you must tag Amazon EC2 subnets, EC2 security groups (if not created by Amazon EMR), and VPCs (if you want Amazon EMR to create security groups). Also, `AmazonEMRServicePolicy_v2` only has `iam:PassRole` on the default EMR roles and needs this on the cluster role created by the CDK. Running the step function: Screenshot 2023-12-11 at 5 24 09 AM Screenshot 2023-12-11 at 5 24 03 AM ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...efaultTestDeployAssert697DC891.assets.json | 2 +- ...uster-with-spot-instance-fleet.assets.json | 6 +- ...ter-with-spot-instance-fleet.template.json | 34 +- .../cdk.out | 2 +- .../integ.json | 2 +- .../manifest.json | 10 +- .../tree.json | 144 ++- ...create-cluster-with-spot-instance-fleet.ts | 2 +- ...efaultTestDeployAssert697DC891.assets.json | 2 +- ...s-cdk-emr-create-cluster-tags.assets.json} | 8 +- ...cdk-emr-create-cluster-tags.template.json} | 54 +- .../cdk.out | 2 +- .../integ.json | 4 +- .../manifest.json | 44 +- .../tree.json | 124 ++- .../emr/integ.emr-create-cluster-with-tags.ts | 4 +- ...efaultTestDeployAssert697DC891.assets.json | 2 +- ...-emr-create-cluster-v1-policy.assets.json} | 8 +- ...emr-create-cluster-v1-policy.template.json | 646 ++++++++++++ .../aws-cdk-emr-create-cluster.template.json | 138 --- .../cdk.out | 2 +- .../integ.json | 4 +- .../manifest.json | 190 +++- .../tree.json | 942 +++++++++++++++-- ...integ.emr-create-cluster-with-v1-policy.ts | 40 +- ...efaultTestDeployAssert697DC891.assets.json | 2 +- ...-emr-create-cluster-v2-policy.assets.json} | 8 +- ...emr-create-cluster-v2-policy.template.json | 702 ++++++++++++ .../aws-cdk-emr-create-cluster.template.json | 138 --- .../cdk.out | 2 +- .../integ.json | 4 +- .../manifest.json | 190 +++- .../tree.json | 998 ++++++++++++++++-- ...integ.emr-create-cluster-with-v2-policy.ts | 48 +- .../lib/emr/emr-create-cluster.ts | 24 +- .../test/emr/emr-create-cluster.test.ts | 46 +- 36 files changed, 3944 insertions(+), 634 deletions(-) rename packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/{aws-cdk-emr-create-cluster.assets.json => aws-cdk-emr-create-cluster-tags.assets.json} (61%) rename packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/{aws-cdk-emr-create-cluster.template.json => aws-cdk-emr-create-cluster-tags.template.json} (88%) rename packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/{integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json => integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json} (61%) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json rename packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/{integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json => integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json} (61%) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index 4b62986ef80b7..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json index cac858b4093bf..4b9fd30c38d10 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets.json @@ -1,7 +1,7 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { - "d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2": { + "9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a": { "source": { "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2.json", + "objectKey": "9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json index 8579732128b9f..aa08b3d201d0a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/aws-cdk-emr-create-cluster-with-spot-instance-fleet.template.json @@ -7,11 +7,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -36,6 +31,32 @@ ] } }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, "EmrCreateClusterInstanceRoleC80466F5": { "Type": "AWS::IAM::Role", "Properties": { @@ -90,6 +111,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -197,7 +219,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out index 2313ab5436501..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"34.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json index 1ac1922ba879a..ddb9a167fd4ac 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json index ad13d48dbb3eb..b0c6eb5bcbef3 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "artifacts": { "aws-cdk-emr-create-cluster-with-spot-instance-fleet.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d10c575abda540e85021e7d3f4a08b2d9b2bd7799eb636316a0a9877b34cd8e2.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9504385e84a440d671819d4acde50cce63d7d62327551a08627bef661a17458a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -40,6 +40,12 @@ "data": "EmrCreateClusterServiceRole5251910D" } ], + "/aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], "/aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json index 2a4c7bafe00af..d3df8aad57e34 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.js.snapshot/tree.json @@ -20,8 +20,8 @@ "id": "ImportServiceRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -34,11 +34,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,14 +59,58 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "InstanceRole": { @@ -82,8 +121,8 @@ "id": "ImportInstanceRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -107,14 +146,14 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "InstanceProfile": { @@ -134,14 +173,14 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" } }, "SM": { @@ -156,8 +195,8 @@ "id": "ImportRole", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/SM/Role/ImportRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -181,8 +220,8 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" } }, "DefaultPolicy": { @@ -199,6 +238,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -288,20 +328,20 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } }, "Resource": { @@ -326,7 +366,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-5.36.1\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, @@ -339,36 +379,36 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/BootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "aws-cdk-emr-create-cluster-with-spot-instance-fleet/CheckBootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" } }, "EmrCreateClusterTest": { @@ -384,7 +424,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } }, "DeployAssert": { @@ -395,22 +435,22 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" } } }, @@ -430,13 +470,13 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.2.70" + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts index e134c6251bba6..ea24bac23c2d9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-spot-instance-fleet.ts @@ -40,4 +40,4 @@ new sfn.StateMachine(stack, 'SM', { new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], -}); \ No newline at end of file +}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index ab3eb29a51621..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json index c7200bcd6a82f..7e82e9ad0403e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json @@ -1,15 +1,15 @@ { - "version": "31.0.0", + "version": "35.0.0", "files": { - "8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4": { + "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-tags.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4.json", + "objectKey": "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json similarity index 88% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json index 53fb46eab9134..307839cf0f760 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json @@ -7,11 +7,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -36,6 +31,32 @@ ] } }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, "EmrCreateClusterInstanceRoleC80466F5": { "Type": "AWS::IAM::Role", "Properties": { @@ -56,14 +77,14 @@ "EmrCreateClusterInstanceProfileC1729180": { "Type": "AWS::IAM::InstanceProfile", "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "Roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "EmrCreateClusterAutoScalingRoleFDDAF4E2": { @@ -124,6 +145,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -221,12 +243,6 @@ "SM934E715A": { "Type": "AWS::StepFunctions::StateMachine", "Properties": { - "RoleArn": { - "Fn::GetAtt": [ - "SMRole49C19C48", - "Arn" - ] - }, "DefinitionString": { "Fn::Join": [ "", @@ -247,9 +263,15 @@ { "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] } }, "DependsOn": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out index 7925065efbcc4..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json index ec92f12075163..13a917da8d543 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "31.0.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-tags" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json index 8a919ccfdd505..787f552567466 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "31.0.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-tags.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-tags.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-tags": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-tags.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8535838cc39b895502fa6e0a308dd851831b75ca0764b24e626715c1e558c6a4.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-tags.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,65 +31,71 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-tags.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" } ], - "/aws-cdk-emr-create-cluster/SM/Role/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Role/Resource": [ { "type": "aws:cdk:logicalId", "data": "SMRole49C19C48" } ], - "/aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", "data": "SMRoleDefaultPolicy34CA15C7" } ], - "/aws-cdk-emr-create-cluster/SM/Resource": [ + "/aws-cdk-emr-create-cluster-tags/SM/Resource": [ { "type": "aws:cdk:logicalId", "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-tags/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-tags/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-tags" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -103,6 +110,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json index d96404df3b7d3..7ecd3fb4b6522 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json @@ -4,21 +4,21 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-tags": { + "id": "aws-cdk-emr-create-cluster-tags", + "path": "aws-cdk-emr-create-cluster-tags", "children": { "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -26,7 +26,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +34,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -67,6 +62,50 @@ "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } } }, "constructInfo": { @@ -76,11 +115,11 @@ }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -88,7 +127,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -119,18 +158,18 @@ }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { @@ -140,11 +179,11 @@ }, "AutoScalingRole": { "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole", "children": { "ImportAutoScalingRole": { "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -152,7 +191,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -200,21 +239,21 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", "version": "0.0.0" } }, "SM": { "id": "SM", - "path": "aws-cdk-emr-create-cluster/SM", + "path": "aws-cdk-emr-create-cluster-tags/SM", "children": { "Role": { "id": "Role", - "path": "aws-cdk-emr-create-cluster/SM/Role", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role", "children": { "ImportRole": { "id": "ImportRole", - "path": "aws-cdk-emr-create-cluster/SM/Role/ImportRole", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/ImportRole", "constructInfo": { "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" @@ -222,7 +261,7 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Role/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -247,11 +286,11 @@ }, "DefaultPolicy": { "id": "DefaultPolicy", - "path": "aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy", "children": { "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Role/DefaultPolicy/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Role/DefaultPolicy/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Policy", "aws:cdk:cloudformation:props": { @@ -259,6 +298,7 @@ "Statement": [ { "Action": [ + "elasticmapreduce:AddTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:RunJobFlow", "elasticmapreduce:TerminateJobFlows" @@ -372,16 +412,10 @@ }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/SM/Resource", + "path": "aws-cdk-emr-create-cluster-tags/SM/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", "aws:cdk:cloudformation:props": { - "roleArn": { - "Fn::GetAtt": [ - "SMRole49C19C48", - "Arn" - ] - }, "definitionString": { "Fn::Join": [ "", @@ -402,9 +436,15 @@ { "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] } } }, @@ -421,7 +461,7 @@ }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-tags/BootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" @@ -429,7 +469,7 @@ }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-tags/CheckBootstrapVersion", "constructInfo": { "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" @@ -454,7 +494,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -500,7 +540,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts index 53f347d655237..89f227fecafb2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts @@ -5,7 +5,7 @@ import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; const app = new App(); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-tags'); const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { instances: {}, @@ -22,4 +22,4 @@ new sfn.StateMachine(stack, 'SM', { new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], -}); \ No newline at end of file +}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index adc92ef57e0dd..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json index baed125e0960f..6cb7a870b52ad 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.assets.json @@ -1,15 +1,15 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { - "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd": { + "d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-v1-policy.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "objectKey": "d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json new file mode 100644 index 0000000000000..8f2f23029b144 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster-v1-policy.template.json @@ -0,0 +1,646 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EmrCreateClusterServiceRole5251910D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "EmrCreateClusterInstanceRoleC80466F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "EmrCreateClusterInstanceProfileC1729180": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "Roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "SMRole49C19C48": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "SMRoleDefaultPolicy34CA15C7": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SMRoleDefaultPolicy34CA15C7", + "Roles": [ + { + "Ref": "SMRole49C19C48" + } + ] + } + }, + "SM934E715A": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + }, + "DependsOn": [ + "SMRoleDefaultPolicy34CA15C7", + "SMRole49C19C48" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json deleted file mode 100644 index 038c3fdfb35e1..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "Resources": { - "EmrCreateClusterServiceRole5251910D": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, - "Effect": "Allow", - "Principal": { - "Service": "elasticmapreduce.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" - ] - ] - } - ] - } - }, - "EmrCreateClusterInstanceRoleC80466F5": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "EmrCreateClusterInstanceProfileC1729180": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - } - }, - "EmrCreateClusterAutoScalingRoleFDDAF4E2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out index b72fef144f05c..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.1.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json index 62e18fedc0b34..a905c96c7ca11 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "30.1.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-v1-policy" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json index bcc0527e03861..ef5262020f888 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "30.1.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-v1-policy.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-v1-policy.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-v1-policy": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-v1-policy.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d01fcc5c4cc30360ad429acaa929efda1c6feffb0efce4d31d62ff46d3dc52c9.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v1-policy.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,47 +31,203 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v1-policy.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-v1-policy/SM/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRole49C19C48" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRoleDefaultPolicy34CA15C7" + } + ], + "/aws-cdk-emr-create-cluster-v1-policy/SM/Resource": [ { "type": "aws:cdk:logicalId", - "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" + "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v1-policy/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v1-policy/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-v1-policy" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -85,6 +242,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json index 9be5e287284cf..d69cba3d92038 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/tree.json @@ -4,29 +4,672 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-v1-policy": { + "id": "aws-cdk-emr-create-cluster-v1-policy", + "path": "aws-cdk-emr-create-cluster-v1-policy", "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v1-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-create-cluster-v1-policy/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +677,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,31 +702,75 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -107,52 +789,62 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-v1-policy/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } - }, - "AutoScalingRole": { - "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "SM": { + "id": "SM", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM", + "children": { + "Role": { + "id": "Role", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role", "children": { - "ImportAutoScalingRole": { - "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "ImportRole": { + "id": "ImportRole", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/ImportRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -162,67 +854,183 @@ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] + "Service": "states.amazonaws.com" } } ], "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ { - "Ref": "AWS::Partition" + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "SMRoleDefaultPolicy34CA15C7", + "roles": [ + { + "Ref": "SMRole49C19C48" + } ] } - ] + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v1-policy/SM/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-stepfunctions-tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v1-policy/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v1-policy/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -239,7 +1047,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -250,7 +1058,7 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -258,25 +1066,25 @@ "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -285,12 +1093,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts index 16ab642ff55b0..4cf8721c029bf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.ts @@ -2,17 +2,51 @@ import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; import { App, Stack } from 'aws-cdk-lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { Vpc } from 'aws-cdk-lib/aws-ec2'; + +/* + * Creates a state machine that deploys an EMR cluster. + * + * Stack verification steps: + * + * The generated state machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + * + * Be sure to terminate the EMR cluster after validation. + */ const app = new App(); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-v1-policy'); +const vpc = new Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); -new EmrCreateCluster(stack, 'EmrCreateCluster', { - instances: {}, +const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { + instances: { + instanceFleets: [ + { + instanceFleetType: EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, name: 'Cluster', + releaseLabel: 'emr-6.15.0', integrationPattern: sfn.IntegrationPattern.RUN_JOB, }); +new sfn.StateMachine(stack, 'SM', { + definition: step, +}); + new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], }); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json index adc92ef57e0dd..eb3094e013ba1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json similarity index 61% rename from packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json rename to packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json index baed125e0960f..91e149c3650cb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v1-policy.js.snapshot/aws-cdk-emr-create-cluster.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.assets.json @@ -1,15 +1,15 @@ { - "version": "30.1.0", + "version": "35.0.0", "files": { - "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd": { + "c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0": { "source": { - "path": "aws-cdk-emr-create-cluster.template.json", + "path": "aws-cdk-emr-create-cluster-v2-policy.template.json", "packaging": "file" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "objectKey": "c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json new file mode 100644 index 0000000000000..b7e132a1ce08b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster-v2-policy.template.json @@ -0,0 +1,702 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EmrCreateClusterServiceRole5251910D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "EmrCreateClusterInstanceRoleC80466F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "EmrCreateClusterInstanceProfileC1729180": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "Roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "SMRole49C19C48": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "SMRoleDefaultPolicy34CA15C7": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "SMRoleDefaultPolicy34CA15C7", + "Roles": [ + { + "Ref": "SMRole49C19C48" + } + ] + } + }, + "SM934E715A": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + }, + "DependsOn": [ + "SMRoleDefaultPolicy34CA15C7", + "SMRole49C19C48" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json deleted file mode 100644 index 038c3fdfb35e1..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/aws-cdk-emr-create-cluster.template.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "Resources": { - "EmrCreateClusterServiceRole5251910D": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, - "Effect": "Allow", - "Principal": { - "Service": "elasticmapreduce.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" - ] - ] - } - ] - } - }, - "EmrCreateClusterInstanceRoleC80466F5": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "EmrCreateClusterInstanceProfileC1729180": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - ], - "InstanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } - } - }, - "EmrCreateClusterAutoScalingRoleFDDAF4E2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out index b72fef144f05c..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.1.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json index 62e18fedc0b34..ff3a6d4b6a530 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/integ.json @@ -1,9 +1,9 @@ { - "version": "30.1.0", + "version": "35.0.0", "testCases": { "EmrCreateClusterTest/DefaultTest": { "stacks": [ - "aws-cdk-emr-create-cluster" + "aws-cdk-emr-create-cluster-v2-policy" ], "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json index bcc0527e03861..31274783903bf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/manifest.json @@ -1,27 +1,28 @@ { - "version": "30.1.0", + "version": "35.0.0", "artifacts": { - "aws-cdk-emr-create-cluster.assets": { + "aws-cdk-emr-create-cluster-v2-policy.assets": { "type": "cdk:asset-manifest", "properties": { - "file": "aws-cdk-emr-create-cluster.assets.json", + "file": "aws-cdk-emr-create-cluster-v2-policy.assets.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" } }, - "aws-cdk-emr-create-cluster": { + "aws-cdk-emr-create-cluster-v2-policy": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "aws-cdk-emr-create-cluster.template.json", + "templateFile": "aws-cdk-emr-create-cluster-v2-policy.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0469b61284a24ccea8f9d02b4cd584ade969ef4c117cd51be3ce5576365f73cd.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c83be18d1a49c3f5a9dddc23ae25fe3483475507e25dd7fbb660ab24e52b96d0.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v2-policy.assets" ], "lookupRole": { "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", @@ -30,47 +31,203 @@ } }, "dependencies": [ - "aws-cdk-emr-create-cluster.assets" + "aws-cdk-emr-create-cluster-v2-policy.assets" ], "metadata": { - "/aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterServiceRole5251910D" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceRoleC80466F5" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile": [ + "/aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource": [ + "/aws-cdk-emr-create-cluster-v2-policy/SM/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRole49C19C48" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SMRoleDefaultPolicy34CA15C7" + } + ], + "/aws-cdk-emr-create-cluster-v2-policy/SM/Resource": [ { "type": "aws:cdk:logicalId", - "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" + "data": "SM934E715A" } ], - "/aws-cdk-emr-create-cluster/BootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v2-policy/BootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "BootstrapVersion" } ], - "/aws-cdk-emr-create-cluster/CheckBootstrapVersion": [ + "/aws-cdk-emr-create-cluster-v2-policy/CheckBootstrapVersion": [ { "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } ] }, - "displayName": "aws-cdk-emr-create-cluster" + "displayName": "aws-cdk-emr-create-cluster-v2-policy" }, "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { "type": "cdk:asset-manifest", @@ -85,6 +242,7 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json index 9be5e287284cf..d6c5a4cfc825b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.js.snapshot/tree.json @@ -4,29 +4,728 @@ "id": "App", "path": "", "children": { - "aws-cdk-emr-create-cluster": { - "id": "aws-cdk-emr-create-cluster", - "path": "aws-cdk-emr-create-cluster", + "aws-cdk-emr-create-cluster-v2-policy": { + "id": "aws-cdk-emr-create-cluster-v2-policy", + "path": "aws-cdk-emr-create-cluster-v2-policy", "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-v2-policy/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-create-cluster-v2-policy/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, "EmrCreateCluster": { "id": "EmrCreateCluster", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster", "children": { "ServiceRole": { "id": "ServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole", "children": { "ImportServiceRole": { "id": "ImportServiceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/ImportServiceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/ServiceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -34,11 +733,6 @@ "Statement": [ { "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:RequestTag/for-use-with-amazon-emr-managed-policies": "true" - } - }, "Effect": "Allow", "Principal": { "Service": "elasticmapreduce.amazonaws.com" @@ -64,31 +758,75 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceRole": { "id": "InstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole", "children": { "ImportInstanceRole": { "id": "ImportInstanceRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/ImportInstanceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -107,52 +845,62 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, "InstanceProfile": { "id": "InstanceProfile", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/InstanceProfile", + "path": "aws-cdk-emr-create-cluster-v2-policy/EmrCreateCluster/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, "roles": [ { "Ref": "EmrCreateClusterInstanceRoleC80466F5" } - ], - "instanceProfileName": { - "Ref": "EmrCreateClusterInstanceRoleC80466F5" - } + ] } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnInstanceProfile", + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } - }, - "AutoScalingRole": { - "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole", + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "SM": { + "id": "SM", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM", + "children": { + "Role": { + "id": "Role", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role", "children": { - "ImportAutoScalingRole": { - "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", + "ImportRole": { + "id": "ImportRole", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/ImportRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, "Resource": { "id": "Resource", - "path": "aws-cdk-emr-create-cluster/EmrCreateCluster/AutoScalingRole/Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -162,67 +910,183 @@ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] + "Service": "states.amazonaws.com" } } ], "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ { - "Ref": "AWS::Partition" + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "SMRoleDefaultPolicy34CA15C7", + "roles": [ + { + "Ref": "SMRole49C19C48" + } ] } - ] + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-v2-policy/SM/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "SMRole49C19C48", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-stepfunctions-tasks.EmrCreateCluster", + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", "version": "0.0.0" } }, "BootstrapVersion": { "id": "BootstrapVersion", - "path": "aws-cdk-emr-create-cluster/BootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v2-policy/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, "CheckBootstrapVersion": { "id": "CheckBootstrapVersion", - "path": "aws-cdk-emr-create-cluster/CheckBootstrapVersion", + "path": "aws-cdk-emr-create-cluster-v2-policy/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -239,7 +1103,7 @@ "path": "EmrCreateClusterTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } }, "DeployAssert": { @@ -250,7 +1114,7 @@ "id": "BootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -258,25 +1122,25 @@ "id": "CheckBootstrapVersion", "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -285,12 +1149,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts index 71d28820d0066..85b46d2378e90 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-v2-policy.ts @@ -1,26 +1,62 @@ import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; -import { App, Stack } from 'aws-cdk-lib'; +import { App, Stack, Tags } from 'aws-cdk-lib'; // eslint-disable-next-line import/no-extraneous-dependencies import { ENABLE_EMR_SERVICE_POLICY_V2 } from 'aws-cdk-lib/cx-api'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { Vpc } from 'aws-cdk-lib/aws-ec2'; -const enableEmrServicePolicyV2 = { [ENABLE_EMR_SERVICE_POLICY_V2]: true }; +/* + * Creates a state machine that deploys an EMR cluster. + * + * Stack verification steps: + * + * The generated state machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + * + * Be sure to terminate the EMR cluster after validation. + */ +const enableEmrServicePolicyV2 = { [ENABLE_EMR_SERVICE_POLICY_V2]: true }; const app = new App({ context: enableEmrServicePolicyV2, }); -const stack = new Stack(app, 'aws-cdk-emr-create-cluster'); +const stack = new Stack(app, 'aws-cdk-emr-create-cluster-v2-policy'); + +const vpc = new Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); +// https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources +Tags.of(vpc).add('for-use-with-amazon-emr-managed-policies', 'true'); -new EmrCreateCluster(stack, 'EmrCreateCluster', { - instances: {}, +const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { + instances: { + instanceFleets: [ + { + instanceFleetType: EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, name: 'Cluster', + releaseLabel: 'emr-6.15.0', integrationPattern: sfn.IntegrationPattern.RUN_JOB, }); +new sfn.StateMachine(stack, 'SM', { + definition: step, +}); + new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], }); -app.synth(); \ No newline at end of file +app.synth(); diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts index 71e76c82a4078..06de859e1a70c 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-create-cluster.ts @@ -179,6 +179,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { private _serviceRole: iam.IRole; private _clusterRole: iam.IRole; private _autoScalingRole?: iam.IRole; + private _baseTags?: { [key: string]: string } = undefined; constructor(scope: Construct, id: string, private readonly props: EmrCreateClusterProps) { super(scope, id, props); @@ -192,6 +193,14 @@ export class EmrCreateCluster extends sfn.TaskStateBase { this._serviceRole = this.props.serviceRole ?? this.createServiceRole(); this._clusterRole = this.props.clusterRole ?? this.createClusterRole(); + // Service role must be able to iam:PassRole on the cluster role + this._clusterRole.grantPassRole(this._serviceRole); + + // https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources + if (cdk.FeatureFlags.of(this).isEnabled(ENABLE_EMR_SERVICE_POLICY_V2)) { + this._baseTags = { 'for-use-with-amazon-emr-managed-policies': 'true' }; + } + // AutoScaling roles are not valid with InstanceFleet clusters. // Attempt to create only if .instances.instanceFleets is undefined or empty if (this.props.instances.instanceFleets === undefined || this.props.instances.instanceFleets.length === 0) { @@ -280,7 +289,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { ScaleDownBehavior: cdk.stringToCloudFormation(this.props.scaleDownBehavior?.valueOf()), SecurityConfiguration: cdk.stringToCloudFormation(this.props.securityConfiguration), StepConcurrencyLevel: cdk.numberToCloudFormation(this.props.stepConcurrencyLevel), - ...(this.props.tags ? this.renderTags(this.props.tags) : undefined), + ...(this.props.tags ? this.renderTags({ ...this.props.tags, ...this._baseTags }) : this.renderTags(this._baseTags)), VisibleToAllUsers: cdk.booleanToCloudFormation(this.visibleToAllUsers), }), }; @@ -298,7 +307,12 @@ export class EmrCreateCluster extends sfn.TaskStateBase { const policyStatements = [ new iam.PolicyStatement({ - actions: ['elasticmapreduce:RunJobFlow', 'elasticmapreduce:DescribeCluster', 'elasticmapreduce:TerminateJobFlows'], + actions: [ + 'elasticmapreduce:RunJobFlow', + 'elasticmapreduce:DescribeCluster', + 'elasticmapreduce:TerminateJobFlows', + 'elasticmapreduce:AddTags', + ], resources: ['*'], }), ]; @@ -359,11 +373,7 @@ export class EmrCreateCluster extends sfn.TaskStateBase { private createServiceRole(): iam.IRole { if (cdk.FeatureFlags.of(this).isEnabled(ENABLE_EMR_SERVICE_POLICY_V2)) { return new iam.Role(this, 'ServiceRole', { - assumedBy: new iam.ServicePrincipal('elasticmapreduce.amazonaws.com', { - conditions: { - StringEquals: { 'aws:RequestTag/for-use-with-amazon-emr-managed-policies': 'true' }, - }, - }), + assumedBy: new iam.ServicePrincipal('elasticmapreduce.amazonaws.com'), managedPolicies: [iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEMRServicePolicy_v2')], }); } diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts index 55f86de6f0b25..2b448b7f1b73b 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-create-cluster.test.ts @@ -1,4 +1,4 @@ -import { Template } from '../../../assertions'; +import { Template, Match } from '../../../assertions'; import * as iam from '../../../aws-iam'; import * as sfn from '../../../aws-stepfunctions'; import * as cdk from '../../../core'; @@ -730,7 +730,7 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { const app = new cdk.App({ context: { [ENABLE_EMR_SERVICE_POLICY_V2]: true } }); const newStack = new cdk.Stack(app, 'NewStack'); - new EmrCreateCluster(newStack, 'Task', { + const task = new EmrCreateCluster(newStack, 'Task', { instances: {}, name: 'Cluster', integrationPattern: sfn.IntegrationPattern.RUN_JOB, @@ -745,11 +745,6 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { Principal: { Service: 'elasticmapreduce.amazonaws.com' }, Action: 'sts:AssumeRole', Effect: 'Allow', - Condition: { - StringEquals: { - 'aws:RequestTag/for-use-with-amazon-emr-managed-policies': 'true', - }, - }, }, ], }, @@ -768,6 +763,43 @@ test('Create Cluster with AmazonEMRServicePolicy_v2 managed policies', () => { }, ], }); + + expect(stack.resolve(task.toStateJson())).toEqual(expect.objectContaining({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::elasticmapreduce:createCluster.sync', + ], + ], + }, + End: true, + Parameters: { + Name: 'Cluster', + Tags: [{ + Key: 'for-use-with-amazon-emr-managed-policies', + Value: 'true', + }], + VisibleToAllUsers: true, + JobFlowRole: { + Ref: 'TaskInstanceRoleB72072BF', + }, + ServiceRole: { + Ref: 'TaskServiceRoleBF55F61E', + }, + AutoScalingRole: { + Ref: 'TaskAutoScalingRoleD06F8423', + }, + Instances: { + KeepJobFlowAliveWhenNoSteps: true, + }, + }, + })); }); test('Create Cluster with Instances configuration', () => { From 314fbfa34cf1207417ad590d6bb6a8742664a380 Mon Sep 17 00:00:00 2001 From: Michael Sambol Date: Tue, 12 Dec 2023 12:46:24 -0600 Subject: [PATCH 13/24] feat(stepfunctions-tasks): runtime role in EmrAddStep (#27736) Here is the result of running the step function deployed by the integration test. The step completed successfully with the IAM role. emr_runtime_role Closes #27691. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...efaultTestDeployAssert697DC891.assets.json | 19 + ...aultTestDeployAssert697DC891.template.json | 36 + ...-cdk-emr-add-step-runtime-role.assets.json | 19 + ...dk-emr-add-step-runtime-role.template.json | 860 +++++++++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 299 ++++ .../tree.json | 1369 +++++++++++++++++ ...mr-create-cluster-add-step-runtime-role.ts | 133 ++ .../aws-stepfunctions-tasks/README.md | 72 + .../lib/emr/emr-add-step.ts | 10 + .../test/emr/emr-add-step.test.ts | 54 + packages/aws-cdk-lib/awslint.json | 1 + 13 files changed, 2885 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json new file mode 100644 index 0000000000000..eb3094e013ba1 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.assets.json new file mode 100644 index 0000000000000..5ea9154dd1acb --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "b0ad12ea0ccf78882a5f85949321e82fa339a67df23c0197b2e17d024ad472a4": { + "source": { + "path": "aws-cdk-emr-add-step-runtime-role.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "b0ad12ea0ccf78882a5f85949321e82fa339a67df23c0197b2e17d024ad472a4.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.template.json new file mode 100644 index 0000000000000..9033231bdb9a2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/aws-cdk-emr-add-step-runtime-role.template.json @@ -0,0 +1,860 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-add-step-runtime-role/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "EmrSecurityConfiguration": { + "Type": "AWS::EMR::SecurityConfiguration", + "Properties": { + "Name": "AddStepRuntimeRoleSecConfig", + "SecurityConfiguration": { + "AuthorizationConfiguration": { + "IAMConfiguration": { + "EnableApplicationScopedIAMRole": true, + "ApplicationScopedIAMRoleConfiguration": { + "PropagateSourceIdentity": true + } + }, + "LakeFormationConfiguration": { + "AuthorizedSessionTagValue": "Amazon EMR" + } + } + } + } + }, + "EmrCreateClusterServiceRole5251910D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "Roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "EmrCreateClusterInstanceRoleC80466F5": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "EmrCreateClusterInstanceProfileC1729180": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "Roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "EmrExecutionRoleF584820F": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + }, + { + "Action": "sts:SetSourceIdentity", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + }, + { + "Action": "sts:TagSession", + "Condition": { + "StringEquals": { + "aws:RequestTag/LakeFormationAuthorizedCaller": "Amazon EMR" + } + }, + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachineRoleB840431D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "StateMachineRoleDefaultPolicyDF1E6607": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "elasticmapreduce:AddJobFlowSteps", + "elasticmapreduce:AddTags", + "elasticmapreduce:CancelSteps", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:DescribeStep", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":elasticmapreduce:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster/*" + ] + ] + } + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRAddJobFlowStepsRule" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRTerminateJobFlowsRule" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "StateMachineRoleDefaultPolicyDF1E6607", + "Roles": [ + { + "Ref": "StateMachineRoleB840431D" + } + ] + } + }, + "StateMachine2E01A3A5": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"Next\":\"EmrAddStep\",\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"Applications\":[{\"Name\":\"Spark\"}],\"ReleaseLabel\":\"emr-6.13.0\",\"SecurityConfiguration\":\"AddStepRuntimeRoleSecConfig\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}},\"EmrAddStep\":{\"Next\":\"EmrTerminateCluster\",\"Type\":\"Task\",\"ResultPath\":null,\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:addStep.sync\",\"Parameters\":{\"ClusterId.$\":\"$.Cluster.Id\",\"ExecutionRoleArn\":\"", + { + "Fn::GetAtt": [ + "EmrExecutionRoleF584820F", + "Arn" + ] + }, + "\",\"Step\":{\"Name\":\"AddStepRuntimeRoleIntTest\",\"ActionOnFailure\":\"TERMINATE_CLUSTER\",\"HadoopJarStep\":{\"Jar\":\"command-runner.jar\",\"Args\":[\"spark-example\",\"SparkPi\",\"1\"]}}}},\"EmrTerminateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:terminateCluster.sync\",\"Parameters\":{\"ClusterId.$\":\"$.Cluster.Id\"}}}}" + ] + ] + }, + "RoleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + } + }, + "DependsOn": [ + "StateMachineRoleDefaultPolicyDF1E6607", + "StateMachineRoleB840431D" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c5cb2e5de6344 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/integ.json new file mode 100644 index 0000000000000..9de79234d84a2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "35.0.0", + "testCases": { + "EmrCreateClusterTest/DefaultTest": { + "stacks": [ + "aws-cdk-emr-add-step-runtime-role" + ], + "assertionStack": "EmrCreateClusterTest/DefaultTest/DeployAssert", + "assertionStackName": "EmrCreateClusterTestDefaultTestDeployAssert697DC891" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/manifest.json new file mode 100644 index 0000000000000..b55cd0bf9239a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/manifest.json @@ -0,0 +1,299 @@ +{ + "version": "35.0.0", + "artifacts": { + "aws-cdk-emr-add-step-runtime-role.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-emr-add-step-runtime-role.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-emr-add-step-runtime-role": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-emr-add-step-runtime-role.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b0ad12ea0ccf78882a5f85949321e82fa339a67df23c0197b2e17d024ad472a4.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-emr-add-step-runtime-role.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-emr-add-step-runtime-role.assets" + ], + "metadata": { + "/aws-cdk-emr-add-step-runtime-role/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-add-step-runtime-role/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrSecurityConfiguration": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrSecurityConfiguration" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRole5251910D" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterInstanceRoleC80466F5" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceProfile": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrCreateClusterInstanceProfileC1729180" + } + ], + "/aws-cdk-emr-add-step-runtime-role/EmrExecutionRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "EmrExecutionRoleF584820F" + } + ], + "/aws-cdk-emr-add-step-runtime-role/StateMachine/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineRoleB840431D" + } + ], + "/aws-cdk-emr-add-step-runtime-role/StateMachine/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachineRoleDefaultPolicyDF1E6607" + } + ], + "/aws-cdk-emr-add-step-runtime-role/StateMachine/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StateMachine2E01A3A5" + } + ], + "/aws-cdk-emr-add-step-runtime-role/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-emr-add-step-runtime-role/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-emr-add-step-runtime-role" + }, + "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "EmrCreateClusterTestDefaultTestDeployAssert697DC891": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "EmrCreateClusterTestDefaultTestDeployAssert697DC891.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "EmrCreateClusterTestDefaultTestDeployAssert697DC891.assets" + ], + "metadata": { + "/EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "EmrCreateClusterTest/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/tree.json new file mode 100644 index 0000000000000..13071594c3743 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.js.snapshot/tree.json @@ -0,0 +1,1369 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-emr-add-step-runtime-role": { + "id": "aws-cdk-emr-add-step-runtime-role", + "path": "aws-cdk-emr-add-step-runtime-role", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-add-step-runtime-role/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-add-step-runtime-role/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, + "EmrSecurityConfiguration": { + "id": "EmrSecurityConfiguration", + "path": "aws-cdk-emr-add-step-runtime-role/EmrSecurityConfiguration", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EMR::SecurityConfiguration", + "aws:cdk:cloudformation:props": { + "name": "AddStepRuntimeRoleSecConfig", + "securityConfiguration": { + "AuthorizationConfiguration": { + "IAMConfiguration": { + "EnableApplicationScopedIAMRole": true, + "ApplicationScopedIAMRoleConfiguration": { + "PropagateSourceIdentity": true + } + }, + "LakeFormationConfiguration": { + "AuthorizedSessionTagValue": "Amazon EMR" + } + } + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_emr.CfnSecurityConfiguration", + "version": "0.0.0" + } + }, + "EmrCreateCluster": { + "id": "EmrCreateCluster", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AmazonEMRServicePolicy_v2" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "EmrCreateClusterServiceRoleDefaultPolicyA8B4FA32", + "roles": [ + { + "Ref": "EmrCreateClusterServiceRole5251910D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "InstanceProfile": { + "id": "InstanceProfile", + "path": "aws-cdk-emr-add-step-runtime-role/EmrCreateCluster/InstanceProfile", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", + "aws:cdk:cloudformation:props": { + "instanceProfileName": { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "roles": [ + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "EmrExecutionRole": { + "id": "EmrExecutionRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrExecutionRole", + "children": { + "ImportEmrExecutionRole": { + "id": "ImportEmrExecutionRole", + "path": "aws-cdk-emr-add-step-runtime-role/EmrExecutionRole/ImportEmrExecutionRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/EmrExecutionRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + }, + { + "Action": "sts:SetSourceIdentity", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + }, + { + "Action": "sts:TagSession", + "Condition": { + "StringEquals": { + "aws:RequestTag/LakeFormationAuthorizedCaller": "Amazon EMR" + } + }, + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + } + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "EmrAddStep": { + "id": "EmrAddStep", + "path": "aws-cdk-emr-add-step-runtime-role/EmrAddStep", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.TaskStateBase", + "version": "0.0.0" + } + }, + "EmrTerminateCluster": { + "id": "EmrTerminateCluster", + "path": "aws-cdk-emr-add-step-runtime-role/EmrTerminateCluster", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.EmrTerminateCluster", + "version": "0.0.0" + } + }, + "StateMachine": { + "id": "StateMachine", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine", + "children": { + "Role": { + "id": "Role", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "elasticmapreduce:AddTags", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:RunJobFlow", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "EmrCreateClusterInstanceRoleC80466F5", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "EmrCreateClusterServiceRole5251910D", + "Arn" + ] + } + ] + }, + { + "Action": [ + "elasticmapreduce:AddJobFlowSteps", + "elasticmapreduce:AddTags", + "elasticmapreduce:CancelSteps", + "elasticmapreduce:DescribeCluster", + "elasticmapreduce:DescribeStep", + "elasticmapreduce:TerminateJobFlows" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":elasticmapreduce:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":cluster/*" + ] + ] + } + }, + { + "Action": [ + "events:DescribeRule", + "events:PutRule", + "events:PutTargets" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRAddJobFlowStepsRule" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRRunJobFlowRule" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":rule/StepFunctionsGetEventForEMRTerminateJobFlowsRule" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "StateMachineRoleDefaultPolicyDF1E6607", + "roles": [ + { + "Ref": "StateMachineRoleB840431D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-add-step-runtime-role/StateMachine/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"EmrCreateCluster\",\"States\":{\"EmrCreateCluster\":{\"Next\":\"EmrAddStep\",\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + { + "Ref": "EmrCreateClusterInstanceRoleC80466F5" + }, + "\",\"Name\":\"Cluster\",\"ServiceRole\":\"", + { + "Ref": "EmrCreateClusterServiceRole5251910D" + }, + "\",\"Applications\":[{\"Name\":\"Spark\"}],\"ReleaseLabel\":\"emr-6.13.0\",\"SecurityConfiguration\":\"AddStepRuntimeRoleSecConfig\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}},\"EmrAddStep\":{\"Next\":\"EmrTerminateCluster\",\"Type\":\"Task\",\"ResultPath\":null,\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:addStep.sync\",\"Parameters\":{\"ClusterId.$\":\"$.Cluster.Id\",\"ExecutionRoleArn\":\"", + { + "Fn::GetAtt": [ + "EmrExecutionRoleF584820F", + "Arn" + ] + }, + "\",\"Step\":{\"Name\":\"AddStepRuntimeRoleIntTest\",\"ActionOnFailure\":\"TERMINATE_CLUSTER\",\"HadoopJarStep\":{\"Jar\":\"command-runner.jar\",\"Args\":[\"spark-example\",\"SparkPi\",\"1\"]}}}},\"EmrTerminateCluster\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"arn:", + { + "Ref": "AWS::Partition" + }, + ":states:::elasticmapreduce:terminateCluster.sync\",\"Parameters\":{\"ClusterId.$\":\"$.Cluster.Id\"}}}}" + ] + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "StateMachineRoleB840431D", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.StateMachine", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-emr-add-step-runtime-role/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-emr-add-step-runtime-role/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "EmrCreateClusterTest": { + "id": "EmrCreateClusterTest", + "path": "EmrCreateClusterTest", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "EmrCreateClusterTest/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "EmrCreateClusterTest/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "EmrCreateClusterTest/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "EmrCreateClusterTest/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.ts new file mode 100644 index 0000000000000..ef9ce254fc70a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-add-step-runtime-role.ts @@ -0,0 +1,133 @@ +import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as emr from 'aws-cdk-lib/aws-emr'; +import * as iam from 'aws-cdk-lib/aws-iam'; +import * as tasks from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { App, Stack, Tags } from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +/* + * Create a state machine with an EMR cluster and add a step that uses a runtime role. + * + * Stack verification steps: + * The generated State Machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + */ + +const app = new App(); +const stack = new Stack(app, 'aws-cdk-emr-add-step-runtime-role'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); +// https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources +Tags.of(vpc).add('for-use-with-amazon-emr-managed-policies', 'true'); + +const cfnSecurityConfiguration = new emr.CfnSecurityConfiguration(stack, 'EmrSecurityConfiguration', { + name: 'AddStepRuntimeRoleSecConfig', + securityConfiguration: JSON.parse(` + { + "AuthorizationConfiguration": { + "IAMConfiguration": { + "EnableApplicationScopedIAMRole": true, + "ApplicationScopedIAMRoleConfiguration": + { + "PropagateSourceIdentity": true + } + }, + "LakeFormationConfiguration": { + "AuthorizedSessionTagValue": "Amazon EMR" + } + } + }`), +}); + +const createClusterStep = new tasks.EmrCreateCluster(stack, 'EmrCreateCluster', { + instances: { + instanceFleets: [ + { + instanceFleetType: tasks.EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, + name: 'Cluster', + releaseLabel: 'emr-6.13.0', + integrationPattern: sfn.IntegrationPattern.RUN_JOB, + tags: { + 'Key': 'Value', + 'for-use-with-amazon-emr-managed-policies': 'true', + }, + securityConfiguration: cfnSecurityConfiguration.name, + applications: [ + { + name: 'Spark', + }, + ], +}); + +const executionRole = new iam.Role(stack, 'EmrExecutionRole', { + assumedBy: new iam.ArnPrincipal(createClusterStep.clusterRole.roleArn), +}); + +executionRole.assumeRolePolicy?.addStatements( + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + principals: [ + createClusterStep.clusterRole, + ], + actions: [ + 'sts:SetSourceIdentity', + ], + }), + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + principals: [ + createClusterStep.clusterRole, + ], + actions: [ + 'sts:TagSession', + ], + conditions: { + StringEquals: { + 'aws:RequestTag/LakeFormationAuthorizedCaller': 'Amazon EMR', + }, + }, + }), +); + +const addStepStep = new tasks.EmrAddStep(stack, 'EmrAddStep', { + resultPath: sfn.JsonPath.DISCARD, // pass cluster id to terminate step + clusterId: sfn.JsonPath.stringAt('$.Cluster.Id'), + name: 'AddStepRuntimeRoleIntTest', + jar: 'command-runner.jar', + args: [ + 'spark-example', + 'SparkPi', + '1', + ], + executionRoleArn: executionRole.roleArn, + actionOnFailure: tasks.ActionOnFailure.TERMINATE_CLUSTER, +}); + +const terminationStep = new tasks.EmrTerminateCluster(stack, 'EmrTerminateCluster', { + clusterId: sfn.JsonPath.stringAt('$.Cluster.Id'), + integrationPattern: sfn.IntegrationPattern.RUN_JOB, +}); + +const definition = createClusterStep.next(addStepStep).next(terminationStep); + +new sfn.StateMachine(stack, 'StateMachine', { + definition, +}); + +new IntegTest(app, 'EmrCreateClusterTest', { + testCases: [stack], +}); diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md index 8f32286484f39..79dd04ba3315f 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md @@ -660,6 +660,78 @@ new tasks.EmrAddStep(this, 'Task', { }); ``` +To specify a custom runtime role use the `executionRoleArn` property. + +**Note:** The EMR cluster must be created with a security configuration and the runtime role must have a specific trust policy. +See this [blog post](https://aws.amazon.com/blogs/big-data/introducing-runtime-roles-for-amazon-emr-steps-use-iam-roles-and-aws-lake-formation-for-access-control-with-amazon-emr/) for more details. + +```ts +import * as emr from 'aws-cdk-lib/aws-emr'; + +const cfnSecurityConfiguration = new emr.CfnSecurityConfiguration(this, 'EmrSecurityConfiguration', { + name: 'AddStepRuntimeRoleSecConfig', + securityConfiguration: JSON.parse(` + { + "AuthorizationConfiguration": { + "IAMConfiguration": { + "EnableApplicationScopedIAMRole": true, + "ApplicationScopedIAMRoleConfiguration": + { + "PropagateSourceIdentity": true + } + }, + "LakeFormationConfiguration": { + "AuthorizedSessionTagValue": "Amazon EMR" + } + } + }`), +}); + +const task = new tasks.EmrCreateCluster(this, 'Create Cluster', { + instances: {}, + name: sfn.TaskInput.fromJsonPathAt('$.ClusterName').value, + securityConfiguration: cfnSecurityConfiguration.name, +}); + +const executionRole = new iam.Role(this, 'Role', { + assumedBy: new iam.ArnPrincipal(task.clusterRole.roleArn), +}); + +executionRole.assumeRolePolicy?.addStatements( + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + principals: [ + task.clusterRole, + ], + actions: [ + 'sts:SetSourceIdentity', + ], + }), + new iam.PolicyStatement({ + effect: iam.Effect.ALLOW, + principals: [ + task.clusterRole, + ], + actions: [ + 'sts:TagSession', + ], + conditions: { + StringEquals: { + 'aws:RequestTag/LakeFormationAuthorizedCaller': 'Amazon EMR', + }, + }, + }), +); + +new tasks.EmrAddStep(this, 'Task', { + clusterId: 'ClusterId', + executionRoleArn: executionRole.roleArn, + name: 'StepName', + jar: 'Jar', + actionOnFailure: tasks.ActionOnFailure.CONTINUE, +}); +``` + ### Cancel Step Cancels a pending step in a running cluster. diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-add-step.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-add-step.ts index b7373d0b95d9b..4be2b7bbd9c3f 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-add-step.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/emr/emr-add-step.ts @@ -89,6 +89,15 @@ export interface EmrAddStepProps extends sfn.TaskStateBaseProps { * @default - No properties */ readonly properties?: { [key: string]: string }; + + /** + * The Amazon Resource Name (ARN) of the runtime role for a step on the cluster. + * + * @see https://docs.aws.amazon.com/emr/latest/APIReference/API_AddJobFlowSteps.html#API_AddJobFlowSteps_RequestSyntax + * + * @default - Uses EC2 instance profile role + */ + readonly executionRoleArn?: string; } /** @@ -128,6 +137,7 @@ export class EmrAddStep extends sfn.TaskStateBase { Resource: integrationResourceArn('elasticmapreduce', 'addStep', this.integrationPattern), Parameters: sfn.FieldUtils.renderObject({ ClusterId: this.props.clusterId, + ExecutionRoleArn: this.props.executionRoleArn, Step: { Name: this.props.name, ActionOnFailure: this.actionOnFailure.valueOf(), diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-add-step.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-add-step.test.ts index 5e3e2b8674bb7..0b8e81daa4828 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-add-step.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/emr/emr-add-step.test.ts @@ -1,4 +1,5 @@ import { Template } from '../../../assertions'; +import * as iam from '../../../aws-iam'; import * as sfn from '../../../aws-stepfunctions'; import * as cdk from '../../../core'; import * as tasks from '../../lib'; @@ -49,6 +50,59 @@ test('Add Step with static ClusterId and Step configuration', () => { }); }); +test('Add Step with execution role ARN', () => { + const executionRole = new iam.Role(stack, 'Role', { + roleName: 'EmrStepExecutionRole', + // The actual trust policy required is more complicated. + // See https://aws.amazon.com/blogs/big-data/introducing-runtime-roles-for-amazon-emr-steps-use-iam-roles-and-aws-lake-formation-for-access-control-with-amazon-emr/ + assumedBy: new iam.ServicePrincipal('elasticmapreduce.amazonaws.com'), + }); + + // WHEN + const task = new tasks.EmrAddStep(stack, 'Task', { + clusterId: 'ClusterId', + name: 'StepName', + jar: 'Jar', + actionOnFailure: tasks.ActionOnFailure.CONTINUE, + integrationPattern: sfn.IntegrationPattern.RUN_JOB, + executionRoleArn: executionRole.roleArn, + }); + + // THEN + expect(stack.resolve(task.toStateJson())).toEqual({ + Type: 'Task', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':states:::elasticmapreduce:addStep.sync', + ], + ], + }, + End: true, + Parameters: { + ClusterId: 'ClusterId', + ExecutionRoleArn: { + 'Fn::GetAtt': [ + 'Role1ABCC5F0', + 'Arn', + ], + }, + Step: { + Name: 'StepName', + ActionOnFailure: 'CONTINUE', + HadoopJarStep: { + Jar: 'Jar', + }, + }, + }, + }); +}); + test('Terminate cluster with ClusterId from payload and static Step configuration', () => { // WHEN const task = new tasks.EmrAddStep(stack, 'Task', { diff --git a/packages/aws-cdk-lib/awslint.json b/packages/aws-cdk-lib/awslint.json index 93e13f1dc2642..6d19ae862876e 100644 --- a/packages/aws-cdk-lib/awslint.json +++ b/packages/aws-cdk-lib/awslint.json @@ -58,6 +58,7 @@ "construct-ctor-props-optional:aws-cdk-lib.aws_stepfunctions.StateMachine", "props-no-arn-refs:aws-cdk-lib.aws_stepfunctions_tasks.BatchSubmitJobProps.jobDefinitionArn", "props-no-arn-refs:aws-cdk-lib.aws_stepfunctions_tasks.BatchSubmitJobProps.jobQueueArn", + "props-no-arn-refs:aws-cdk-lib.aws_stepfunctions_tasks.EmrAddStepProps.executionRoleArn", "props-no-cfn-types:aws-cdk-lib.cloudformation_include.CfnIncludeProps.loadNestedStacks", "construct-ctor-props-optional:aws-cdk-lib.custom_resources.AwsCustomResource", "props-physical-name:aws-cdk-lib.CustomResourceProps", From f1288519da4279ebc6cf4ec40458c55305790964 Mon Sep 17 00:00:00 2001 From: Michael Sambol Date: Tue, 12 Dec 2023 13:16:15 -0600 Subject: [PATCH 14/24] chore(stepfunctions-tasks): update integ test to deploy emr cluster with tags (#28335) This was an incomplete test. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...ws-cdk-emr-create-cluster-tags.assets.json | 4 +- ...-cdk-emr-create-cluster-tags.template.json | 499 +++++++++-- .../manifest.json | 146 +++- .../tree.json | 777 ++++++++++++++++-- .../emr/integ.emr-create-cluster-with-tags.ts | 37 +- 5 files changed, 1334 insertions(+), 129 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json index 7e82e9ad0403e..5747d9f168a81 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.assets.json @@ -1,7 +1,7 @@ { "version": "35.0.0", "files": { - "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e": { + "a290fd989f2adb8b9fbe1ea15bf100747543798fff70566d5620a06ebdd8a2a5": { "source": { "path": "aws-cdk-emr-create-cluster-tags.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", + "objectKey": "a290fd989f2adb8b9fbe1ea15bf100747543798fff70566d5620a06ebdd8a2a5.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json index 307839cf0f760..3aae02bd08b91 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/aws-cdk-emr-create-cluster-tags.template.json @@ -1,5 +1,452 @@ { "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "for-use-with-amazon-emr-managed-policies", + "Value": "true" + }, + { + "Key": "Name", + "Value": "aws-cdk-emr-create-cluster-tags/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, "EmrCreateClusterServiceRole5251910D": { "Type": "AWS::IAM::Role", "Properties": { @@ -87,40 +534,6 @@ ] } }, - "EmrCreateClusterAutoScalingRoleFDDAF4E2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - }, "SMRole49C19C48": { "Type": "AWS::IAM::Role", "Properties": { @@ -157,12 +570,6 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": [ - { - "Fn::GetAtt": [ - "EmrCreateClusterAutoScalingRoleFDDAF4E2", - "Arn" - ] - }, { "Fn::GetAtt": [ "EmrCreateClusterInstanceRoleC80466F5", @@ -251,7 +658,11 @@ { "Ref": "AWS::Partition" }, - ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", { "Ref": "EmrCreateClusterInstanceRoleC80466F5" }, @@ -259,11 +670,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"AutoScalingRole\":\"", - { - "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" - }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json index 787f552567466..946d02c204536 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/manifest.json @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/af19ab99b573264ca04322f5ddf79ff8a4feb16124915b8a0409fe273723270e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a290fd989f2adb8b9fbe1ea15bf100747543798fff70566d5620a06ebdd8a2a5.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -34,6 +34,144 @@ "aws-cdk-emr-create-cluster-tags.assets" ], "metadata": { + "/aws-cdk-emr-create-cluster-tags/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-emr-create-cluster-tags/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/ServiceRole/Resource": [ { "type": "aws:cdk:logicalId", @@ -58,12 +196,6 @@ "data": "EmrCreateClusterInstanceProfileC1729180" } ], - "/aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "EmrCreateClusterAutoScalingRoleFDDAF4E2" - } - ], "/aws-cdk-emr-create-cluster-tags/SM/Role/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json index 7ecd3fb4b6522..f8e564a9e85c5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.js.snapshot/tree.json @@ -8,6 +8,705 @@ "id": "aws-cdk-emr-create-cluster-tags", "path": "aws-cdk-emr-create-cluster-tags", "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-emr-create-cluster-tags/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "for-use-with-amazon-emr-managed-policies", + "value": "true" + }, + { + "key": "Name", + "value": "aws-cdk-emr-create-cluster-tags/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-emr-create-cluster-tags/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, "EmrCreateCluster": { "id": "EmrCreateCluster", "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster", @@ -176,66 +875,6 @@ "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", "version": "0.0.0" } - }, - "AutoScalingRole": { - "id": "AutoScalingRole", - "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole", - "children": { - "ImportAutoScalingRole": { - "id": "ImportAutoScalingRole", - "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/ImportAutoScalingRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "aws-cdk-emr-create-cluster-tags/EmrCreateCluster/AutoScalingRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": [ - "application-autoscaling.amazonaws.com", - "elasticmapreduce.amazonaws.com" - ] - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole" - ] - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } } }, "constructInfo": { @@ -310,12 +949,6 @@ "Action": "iam:PassRole", "Effect": "Allow", "Resource": [ - { - "Fn::GetAtt": [ - "EmrCreateClusterAutoScalingRoleFDDAF4E2", - "Arn" - ] - }, { "Fn::GetAtt": [ "EmrCreateClusterInstanceRoleC80466F5", @@ -424,7 +1057,11 @@ { "Ref": "AWS::Partition" }, - ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", + ":states:::elasticmapreduce:createCluster.sync\",\"Parameters\":{\"Instances\":{\"Ec2SubnetId\":\"", + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "\",\"InstanceFleets\":[{\"InstanceFleetType\":\"MASTER\",\"InstanceTypeConfigs\":[{\"InstanceType\":\"m5.xlarge\"}],\"TargetOnDemandCapacity\":1}],\"KeepJobFlowAliveWhenNoSteps\":true},\"JobFlowRole\":\"", { "Ref": "EmrCreateClusterInstanceRoleC80466F5" }, @@ -432,11 +1069,7 @@ { "Ref": "EmrCreateClusterServiceRole5251910D" }, - "\",\"AutoScalingRole\":\"", - { - "Ref": "EmrCreateClusterAutoScalingRoleFDDAF4E2" - }, - "\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" + "\",\"ReleaseLabel\":\"emr-6.15.0\",\"Tags\":[{\"Key\":\"Key\",\"Value\":\"Value\"},{\"Key\":\"for-use-with-amazon-emr-managed-policies\",\"Value\":\"true\"}],\"VisibleToAllUsers\":true}}}}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts index 89f227fecafb2..12b80f4f889a3 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/emr/integ.emr-create-cluster-with-tags.ts @@ -1,15 +1,46 @@ import * as sfn from 'aws-cdk-lib/aws-stepfunctions'; -import { App, Stack } from 'aws-cdk-lib'; +import { App, Stack, Tags } from 'aws-cdk-lib'; import { IntegTest } from '@aws-cdk/integ-tests-alpha'; import { EmrCreateCluster } from 'aws-cdk-lib/aws-stepfunctions-tasks'; +import { Vpc } from 'aws-cdk-lib/aws-ec2'; +/* + * Creates a state machine that deploys an EMR cluster. + * + * Stack verification steps: + * + * The generated state machine can be executed from the CLI (or Step Functions console) + * and runs with an execution status of `Succeeded`. + * + * -- aws stepfunctions start-execution --state-machine-arn provides execution arn + * -- aws stepfunctions describe-execution --execution-arn returns a status of `Succeeded` + * + * Be sure to terminate the EMR cluster after validation. + */ const app = new App(); const stack = new Stack(app, 'aws-cdk-emr-create-cluster-tags'); +const vpc = new Vpc(stack, 'Vpc', { restrictDefaultSecurityGroup: false }); +// https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources +Tags.of(vpc).add('for-use-with-amazon-emr-managed-policies', 'true'); const step = new EmrCreateCluster(stack, 'EmrCreateCluster', { - instances: {}, + instances: { + instanceFleets: [ + { + instanceFleetType: EmrCreateCluster.InstanceRoleType.MASTER, + instanceTypeConfigs: [ + { + instanceType: 'm5.xlarge', + }, + ], + targetOnDemandCapacity: 1, + }, + ], + ec2SubnetId: vpc.publicSubnets[0].subnetId, + }, name: 'Cluster', + releaseLabel: 'emr-6.15.0', integrationPattern: sfn.IntegrationPattern.RUN_JOB, tags: { Key: 'Value', @@ -23,3 +54,5 @@ new sfn.StateMachine(stack, 'SM', { new IntegTest(app, 'EmrCreateClusterTest', { testCases: [stack], }); + +app.synth(); From db22b85c9b2a853aa2f830c182a340f0bcf95d1a Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 13 Dec 2023 06:19:35 -0800 Subject: [PATCH 15/24] chore: npm-check-updates && yarn upgrade (#28351) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- package.json | 12 +- .../@aws-cdk-testing/cli-integ/package.json | 2 +- .../framework-integ/package.json | 6 +- packages/@aws-cdk/cli-lib-alpha/package.json | 2 +- .../custom-resource-handlers/package.json | 4 +- packages/@aws-cdk/integ-runner/package.json | 2 +- packages/aws-cdk-lib/package.json | 8 +- packages/aws-cdk/THIRD_PARTY_LICENSES | 6 +- .../app/typescript/package.json | 4 +- .../lib/typescript/package.json | 2 +- .../sample-app/typescript/package.json | 4 +- packages/aws-cdk/package.json | 6 +- packages/awslint/package.json | 8 +- packages/cdk-assets/package.json | 2 +- tools/@aws-cdk/cdk-build-tools/package.json | 12 +- tools/@aws-cdk/eslint-plugin/package.json | 2 +- tools/@aws-cdk/lazify/package.json | 2 +- tools/@aws-cdk/node-bundle/package.json | 6 +- tools/@aws-cdk/pkglint/package.json | 4 +- yarn.lock | 754 +++++++++--------- 20 files changed, 419 insertions(+), 429 deletions(-) diff --git a/package.json b/package.json index f02506fd5e95a..572e0d5f6a8c3 100644 --- a/package.json +++ b/package.json @@ -20,22 +20,22 @@ "@types/prettier": "2.6.0", "@yarnpkg/lockfile": "^1.1.0", "aws-sdk-js-codemod": "^0.28.2", - "cdk-generate-synthetic-examples": "^0.1.298", + "cdk-generate-synthetic-examples": "^0.1.299", "conventional-changelog-cli": "^2.2.2", "fs-extra": "^9.1.0", "graceful-fs": "^4.2.11", "jest-junit": "^13.2.0", - "jsii-diff": "1.92.0", - "jsii-pacmak": "1.92.0", - "jsii-reflect": "1.92.0", - "jsii-rosetta": "~5.2.5", + "jsii-diff": "1.93.0", + "jsii-pacmak": "1.93.0", + "jsii-reflect": "1.93.0", + "jsii-rosetta": "~5.2.6", "lerna": "^7.4.2", "nx": "^16.10.0", "patch-package": "^6.5.1", "semver": "^7.5.4", "standard-version": "^9.5.0", "ts-jest": "^29.1.1", - "ts-node": "^10.9.1", + "ts-node": "^10.9.2", "typescript": "~5.1.6" }, "resolutions": { diff --git a/packages/@aws-cdk-testing/cli-integ/package.json b/packages/@aws-cdk-testing/cli-integ/package.json index 87c7585861d88..8e8b247cda0b9 100644 --- a/packages/@aws-cdk-testing/cli-integ/package.json +++ b/packages/@aws-cdk-testing/cli-integ/package.json @@ -39,7 +39,7 @@ }, "dependencies": { "@octokit/rest": "^18.12.0", - "aws-sdk": "^2.1513.0", + "aws-sdk": "^2.1517.0", "axios": "^1.6.2", "fs-extra": "^9.1.0", "glob": "^7.2.3", diff --git a/packages/@aws-cdk-testing/framework-integ/package.json b/packages/@aws-cdk-testing/framework-integ/package.json index 92ce43dca84cb..6773c98af9d08 100644 --- a/packages/@aws-cdk-testing/framework-integ/package.json +++ b/packages/@aws-cdk-testing/framework-integ/package.json @@ -41,10 +41,10 @@ "@aws-cdk/integ-tests-alpha": "0.0.0", "@aws-cdk/lambda-layer-kubectl-v24": "^2.0.242", "aws-cdk-lib": "0.0.0", - "aws-sdk": "^2.1513.0", + "aws-sdk": "^2.1517.0", "aws-sdk-mock": "5.6.0", - "cdk8s": "2.68.15", - "cdk8s-plus-27": "2.7.69", + "cdk8s": "2.68.18", + "cdk8s-plus-27": "2.7.70", "constructs": "^10.0.0" }, "repository": { diff --git a/packages/@aws-cdk/cli-lib-alpha/package.json b/packages/@aws-cdk/cli-lib-alpha/package.json index 7bc20e5f3aa68..29037d7f7fc63 100644 --- a/packages/@aws-cdk/cli-lib-alpha/package.json +++ b/packages/@aws-cdk/cli-lib-alpha/package.json @@ -90,7 +90,7 @@ "aws-cdk": "0.0.0", "constructs": "^10.0.0", "jest": "^29.7.0", - "ts-node": "^10.9.1" + "ts-node": "^10.9.2" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", diff --git a/packages/@aws-cdk/custom-resource-handlers/package.json b/packages/@aws-cdk/custom-resource-handlers/package.json index 9520ab6bf3d12..49426b43ff2b6 100644 --- a/packages/@aws-cdk/custom-resource-handlers/package.json +++ b/packages/@aws-cdk/custom-resource-handlers/package.json @@ -54,7 +54,7 @@ "sinon": "^9.2.4", "nock": "^13.4.0", "fs-extra": "^11.2.0", - "esbuild": "^0.19.8" + "esbuild": "^0.19.9" }, "dependencies": { "@aws-cdk/asset-node-proxy-agent-v6": "^2.0.1", @@ -62,7 +62,7 @@ "@aws-sdk/client-synthetics": "3.421.0", "@aws-sdk/client-ecr": "3.421.0", "@aws-sdk/client-s3": "3.421.0", - "aws-sdk": "^2.1513.0" + "aws-sdk": "^2.1517.0" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index 5e04182868c24..9e1cbfdab7c87 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -67,7 +67,7 @@ "constructs": "^10.0.0", "mock-fs": "^4.14.0", "jest": "^29.7.0", - "ts-node": "^10.9.1" + "ts-node": "^10.9.2" }, "dependencies": { "chokidar": "^3.5.3", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index d2b2ad6c7acae..f04834f3a54dd 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -163,14 +163,14 @@ "@types/lodash": "^4.14.202", "@types/punycode": "^2.1.3", "@aws-cdk/lazify": "0.0.0", - "aws-sdk": "^2.1513.0", + "aws-sdk": "^2.1517.0", "aws-sdk-client-mock": "^3.0.0", "aws-sdk-client-mock-jest": "^3.0.0", "aws-sdk-mock": "5.8.0", - "cdk8s": "2.68.15", + "cdk8s": "2.68.18", "constructs": "^10.0.0", "delay": "5.0.0", - "esbuild": "^0.19.8", + "esbuild": "^0.19.9", "fast-check": "^3.14.0", "jest": "^29.7.0", "jest-each": "^29.7.0", @@ -179,7 +179,7 @@ "nock": "^13.4.0", "sinon": "^9.2.4", "ts-mock-imports": "^1.3.8", - "ts-node": "^10.9.1", + "ts-node": "^10.9.2", "typescript": "~5.1.6", "typescript-json-schema": "^0.62.0" }, diff --git a/packages/aws-cdk/THIRD_PARTY_LICENSES b/packages/aws-cdk/THIRD_PARTY_LICENSES index 89f0c45a4043b..d7439e4f6864c 100644 --- a/packages/aws-cdk/THIRD_PARTY_LICENSES +++ b/packages/aws-cdk/THIRD_PARTY_LICENSES @@ -1,6 +1,6 @@ The aws-cdk package includes the following third-party software/licensing: -** @jsii/check-node@1.92.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.92.0 | Apache-2.0 +** @jsii/check-node@1.93.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.93.0 | Apache-2.0 jsii Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -264,7 +264,7 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE ---------------- -** aws-sdk@2.1513.0 - https://www.npmjs.com/package/aws-sdk/v/2.1513.0 | Apache-2.0 +** aws-sdk@2.1517.0 - https://www.npmjs.com/package/aws-sdk/v/2.1517.0 | Apache-2.0 AWS SDK for JavaScript Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -461,7 +461,7 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI ---------------- -** cdk-from-cfn@0.85.0 - https://www.npmjs.com/package/cdk-from-cfn/v/0.85.0 | MIT OR Apache-2.0 +** cdk-from-cfn@0.91.0 - https://www.npmjs.com/package/cdk-from-cfn/v/0.91.0 | MIT OR Apache-2.0 ---------------- diff --git a/packages/aws-cdk/lib/init-templates/app/typescript/package.json b/packages/aws-cdk/lib/init-templates/app/typescript/package.json index cbb5ac1bb008b..8ed9adcb3595a 100644 --- a/packages/aws-cdk/lib/init-templates/app/typescript/package.json +++ b/packages/aws-cdk/lib/init-templates/app/typescript/package.json @@ -12,11 +12,11 @@ }, "devDependencies": { "@types/jest": "^29.5.11", - "@types/node": "20.10.3", + "@types/node": "20.10.4", "jest": "^29.7.0", "ts-jest": "^29.1.1", "aws-cdk": "%cdk-version%", - "ts-node": "^10.9.1", + "ts-node": "^10.9.2", "typescript": "~5.3.3" }, "dependencies": { diff --git a/packages/aws-cdk/lib/init-templates/lib/typescript/package.json b/packages/aws-cdk/lib/init-templates/lib/typescript/package.json index ce65b8dd9806c..a53178f671421 100644 --- a/packages/aws-cdk/lib/init-templates/lib/typescript/package.json +++ b/packages/aws-cdk/lib/init-templates/lib/typescript/package.json @@ -10,7 +10,7 @@ }, "devDependencies": { "@types/jest": "^29.5.11", - "@types/node": "20.10.3", + "@types/node": "20.10.4", "aws-cdk-lib": "%cdk-version%", "constructs": "%constructs-version%", "jest": "^29.7.0", diff --git a/packages/aws-cdk/lib/init-templates/sample-app/typescript/package.json b/packages/aws-cdk/lib/init-templates/sample-app/typescript/package.json index e593f453921b4..3ee0c195f15dc 100644 --- a/packages/aws-cdk/lib/init-templates/sample-app/typescript/package.json +++ b/packages/aws-cdk/lib/init-templates/sample-app/typescript/package.json @@ -12,11 +12,11 @@ }, "devDependencies": { "@types/jest": "^29.5.11", - "@types/node": "20.10.3", + "@types/node": "20.10.4", "jest": "^29.7.0", "ts-jest": "^29.1.1", "aws-cdk": "%cdk-version%", - "ts-node": "^10.9.1", + "ts-node": "^10.9.2", "typescript": "~5.3.3" }, "dependencies": { diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 2b4721991fd2b..aacecd7a729e7 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -100,12 +100,12 @@ "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@jsii/check-node": "1.92.0", + "@jsii/check-node": "1.93.0", "archiver": "^5.3.2", - "aws-sdk": "^2.1513.0", + "aws-sdk": "^2.1517.0", "camelcase": "^6.3.0", "cdk-assets": "0.0.0", - "cdk-from-cfn": "^0.85.0", + "cdk-from-cfn": "^0.91.0", "chalk": "^4", "chokidar": "^3.5.3", "decamelize": "^5.0.1", diff --git a/packages/awslint/package.json b/packages/awslint/package.json index 1db1984559442..af3b31f1bad82 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -18,10 +18,10 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "1.92.0", + "@jsii/spec": "1.93.0", "chalk": "^4", "fs-extra": "^9.1.0", - "jsii-reflect": "1.92.0", + "jsii-reflect": "1.93.0", "change-case": "^4.1.2", "yargs": "^16.2.0" }, @@ -31,8 +31,8 @@ "@types/fs-extra": "^9.0.13", "@types/jest": "^29.5.11", "@types/yargs": "^15.0.19", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 6caa9ef7e496d..c2c5949bc4f85 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -46,7 +46,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "archiver": "^5.3.2", - "aws-sdk": "^2.1513.0", + "aws-sdk": "^2.1517.0", "glob": "^7.2.3", "mime": "^2.6.0", "yargs": "^16.2.0" diff --git a/tools/@aws-cdk/cdk-build-tools/package.json b/tools/@aws-cdk/cdk-build-tools/package.json index 19a744ae2a012..0425000850005 100644 --- a/tools/@aws-cdk/cdk-build-tools/package.json +++ b/tools/@aws-cdk/cdk-build-tools/package.json @@ -47,8 +47,8 @@ "@aws-cdk/eslint-plugin": "0.0.0", "@aws-cdk/yarn-cling": "0.0.0", "@aws-cdk/node-bundle": "0.0.0", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "awslint": "0.0.0", "chalk": "^4", "eslint": "^7.32.0", @@ -60,10 +60,10 @@ "glob": "^7.2.3", "jest": "^29.7.0", "jest-junit": "^13.2.0", - "jsii": "~5.2.38", - "jsii-pacmak": "1.92.0", - "jsii-reflect": "1.92.0", - "markdownlint-cli": "^0.37.0", + "jsii": "~5.2.41", + "jsii-pacmak": "1.93.0", + "jsii-reflect": "1.93.0", + "markdownlint-cli": "^0.38.0", "nyc": "^15.1.0", "semver": "^7.5.4", "ts-jest": "^29.1.1", diff --git a/tools/@aws-cdk/eslint-plugin/package.json b/tools/@aws-cdk/eslint-plugin/package.json index 0a890ab38b7c2..537021e7f50ae 100644 --- a/tools/@aws-cdk/eslint-plugin/package.json +++ b/tools/@aws-cdk/eslint-plugin/package.json @@ -22,7 +22,7 @@ "typescript": "~5.1.6" }, "dependencies": { - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/parser": "^6.14.0", "eslint": "^7.32.0", "fs-extra": "^9.1.0" }, diff --git a/tools/@aws-cdk/lazify/package.json b/tools/@aws-cdk/lazify/package.json index da1334d332111..f84cd226867e2 100644 --- a/tools/@aws-cdk/lazify/package.json +++ b/tools/@aws-cdk/lazify/package.json @@ -24,7 +24,7 @@ "cjs-module-lexer": "^1.2.3" }, "dependencies": { - "esbuild": "^0.19.8", + "esbuild": "^0.19.9", "fs-extra": "^10.1.0", "yargs": "^17.7.2" }, diff --git a/tools/@aws-cdk/node-bundle/package.json b/tools/@aws-cdk/node-bundle/package.json index 3aeac8b8b4153..4dacec9b14182 100644 --- a/tools/@aws-cdk/node-bundle/package.json +++ b/tools/@aws-cdk/node-bundle/package.json @@ -17,8 +17,8 @@ "@types/license-checker": "^25.0.6", "@types/madge": "^5.0.3", "@types/node": "^16", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "eslint": "^8", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", @@ -31,7 +31,7 @@ "typescript": "^4.5.5" }, "dependencies": { - "esbuild": "^0.19.8", + "esbuild": "^0.19.9", "fs-extra": "^10.1.0", "license-checker": "^25.0.1", "madge": "^5.0.2", diff --git a/tools/@aws-cdk/pkglint/package.json b/tools/@aws-cdk/pkglint/package.json index 591f6cc6b6ebb..0f65942f7848a 100644 --- a/tools/@aws-cdk/pkglint/package.json +++ b/tools/@aws-cdk/pkglint/package.json @@ -43,8 +43,8 @@ "@types/jest": "^29.5.11", "@types/semver": "^7.5.6", "@types/yargs": "^15.0.19", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "eslint": "^7.32.0", "eslint-import-resolver-node": "^0.3.9", "eslint-import-resolver-typescript": "^2.7.1", diff --git a/yarn.lock b/yarn.lock index 521b94f18df9f..2b8f5b3e61795 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2449,38 +2449,38 @@ "@babel/highlight" "^7.23.4" chalk "^2.4.2" -"@babel/compat-data@^7.22.9": +"@babel/compat-data@^7.23.5": version "7.23.5" resolved "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.23.5.tgz#ffb878728bb6bdcb6f4510aa51b1be9afb8cfd98" integrity sha512-uU27kfDRlhfKl+w1U6vp16IuvSLtjAxdArVXPa9BvLkrr7CYIsxH5adpHObeAGY/41+syctUWOZ140a2Rvkgjw== "@babel/core@^7.11.6", "@babel/core@^7.12.3", "@babel/core@^7.13.16", "@babel/core@^7.7.5": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/core/-/core-7.23.5.tgz#6e23f2acbcb77ad283c5ed141f824fd9f70101c7" - integrity sha512-Cwc2XjUrG4ilcfOw4wBAK+enbdgwAcAJCfGUItPBKR7Mjw4aEfAFYrLxeRp4jWgtNIKn3n2AlBOfwwafl+42/g== + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/core/-/core-7.23.6.tgz#8be77cd77c55baadcc1eae1c33df90ab6d2151d4" + integrity sha512-FxpRyGjrMJXh7X3wGLGhNDCRiwpWEF74sKjTLDJSG5Kyvow3QZaG0Adbqzi9ZrVjTWpsX+2cxWXD71NMg93kdw== dependencies: "@ampproject/remapping" "^2.2.0" "@babel/code-frame" "^7.23.5" - "@babel/generator" "^7.23.5" - "@babel/helper-compilation-targets" "^7.22.15" + "@babel/generator" "^7.23.6" + "@babel/helper-compilation-targets" "^7.23.6" "@babel/helper-module-transforms" "^7.23.3" - "@babel/helpers" "^7.23.5" - "@babel/parser" "^7.23.5" + "@babel/helpers" "^7.23.6" + "@babel/parser" "^7.23.6" "@babel/template" "^7.22.15" - "@babel/traverse" "^7.23.5" - "@babel/types" "^7.23.5" + "@babel/traverse" "^7.23.6" + "@babel/types" "^7.23.6" convert-source-map "^2.0.0" debug "^4.1.0" gensync "^1.0.0-beta.2" json5 "^2.2.3" semver "^6.3.1" -"@babel/generator@^7.23.5", "@babel/generator@^7.7.2": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.23.5.tgz#17d0a1ea6b62f351d281350a5f80b87a810c4755" - integrity sha512-BPssCHrBD+0YrxviOa3QzpqwhNIXKEtOa2jQrm4FlmkC2apYgRnQcmPWiGZDlGxiNtltnUFolMe8497Esry+jA== +"@babel/generator@^7.23.6", "@babel/generator@^7.7.2": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.23.6.tgz#9e1fca4811c77a10580d17d26b57b036133f3c2e" + integrity sha512-qrSfCYxYQB5owCmGLbl8XRpX1ytXlpueOb0N0UmQwA073KZxejgQTzAmJezxvpwQD9uGtK2shHdi55QT+MbjIw== dependencies: - "@babel/types" "^7.23.5" + "@babel/types" "^7.23.6" "@jridgewell/gen-mapping" "^0.3.2" "@jridgewell/trace-mapping" "^0.3.17" jsesc "^2.5.1" @@ -2492,21 +2492,21 @@ dependencies: "@babel/types" "^7.22.5" -"@babel/helper-compilation-targets@^7.22.15": - version "7.22.15" - resolved "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.15.tgz#0698fc44551a26cf29f18d4662d5bf545a6cfc52" - integrity sha512-y6EEzULok0Qvz8yyLkCvVX+02ic+By2UdOhylwUOvOn9dvYc9mKICJuuU1n1XBI02YWsNsnrY1kc6DVbjcXbtw== +"@babel/helper-compilation-targets@^7.23.6": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz#4d79069b16cbcf1461289eccfbbd81501ae39991" + integrity sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ== dependencies: - "@babel/compat-data" "^7.22.9" - "@babel/helper-validator-option" "^7.22.15" - browserslist "^4.21.9" + "@babel/compat-data" "^7.23.5" + "@babel/helper-validator-option" "^7.23.5" + browserslist "^4.22.2" lru-cache "^5.1.1" semver "^6.3.1" -"@babel/helper-create-class-features-plugin@^7.18.6", "@babel/helper-create-class-features-plugin@^7.23.5": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.5.tgz#2a8792357008ae9ce8c0f2b78b9f646ac96b314b" - integrity sha512-QELlRWxSpgdwdJzSJn4WAhKC+hvw/AtHbbrIoncKHkhKKR/luAlKkgBDcri1EzWAo8f8VvYVryEHN4tax/V67A== +"@babel/helper-create-class-features-plugin@^7.18.6", "@babel/helper-create-class-features-plugin@^7.23.6": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.6.tgz#b04d915ce92ce363666f816a884cdcfc9be04953" + integrity sha512-cBXU1vZni/CpGF29iTu4YRbOZt3Wat6zCoMDxRF1MayiEc4URxOj31tT65HUM0CRpMowA3HCJaAOVOUnMf96cw== dependencies: "@babel/helper-annotate-as-pure" "^7.22.5" "@babel/helper-environment-visitor" "^7.22.20" @@ -2615,19 +2615,19 @@ resolved "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz#c4ae002c61d2879e724581d96665583dbc1dc0e0" integrity sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A== -"@babel/helper-validator-option@^7.22.15": +"@babel/helper-validator-option@^7.22.15", "@babel/helper-validator-option@^7.23.5": version "7.23.5" resolved "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz#907a3fbd4523426285365d1206c423c4c5520307" integrity sha512-85ttAOMLsr53VgXkTbkx8oA6YTfT4q7/HzXSLEYmjcSTJPMPQtvq1BD79Byep5xMUYbGRzEpDsjUf3dyp54IKw== -"@babel/helpers@^7.23.5": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.5.tgz#52f522840df8f1a848d06ea6a79b79eefa72401e" - integrity sha512-oO7us8FzTEsG3U6ag9MfdF1iA/7Z6dz+MtFhifZk8C8o453rGJFFWUP1t+ULM9TUIAzC9uxXEiXjOiVMyd7QPg== +"@babel/helpers@^7.23.6": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.6.tgz#d03af2ee5fb34691eec0cda90f5ecbb4d4da145a" + integrity sha512-wCfsbN4nBidDRhpDhvcKlzHWCTlgJYUUdSJfzXb2NuBssDSIjc3xcb+znA7l+zYsFljAcGM0aFkN40cR3lXiGA== dependencies: "@babel/template" "^7.22.15" - "@babel/traverse" "^7.23.5" - "@babel/types" "^7.23.5" + "@babel/traverse" "^7.23.6" + "@babel/types" "^7.23.6" "@babel/highlight@^7.10.4", "@babel/highlight@^7.23.4": version "7.23.4" @@ -2638,10 +2638,10 @@ chalk "^2.4.2" js-tokens "^4.0.0" -"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.13.16", "@babel/parser@^7.14.7", "@babel/parser@^7.20.7", "@babel/parser@^7.22.15", "@babel/parser@^7.23.5": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.23.5.tgz#37dee97c4752af148e1d38c34b856b2507660563" - integrity sha512-hOOqoiNXrmGdFbhgCzu6GiURxUgM27Xwd/aPuu8RfHEZPBzL1Z54okAHAQjXfcQNwvrlkAmAp4SlRTZ45vlthQ== +"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.13.16", "@babel/parser@^7.14.7", "@babel/parser@^7.20.7", "@babel/parser@^7.22.15", "@babel/parser@^7.23.6": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.23.6.tgz#ba1c9e512bda72a47e285ae42aff9d2a635a9e3b" + integrity sha512-Z2uID7YJ7oNvAI20O9X0bblw7Qqs8Q2hFy0R9tAfnfLkp5MW0UH9eUvnDSnFwKZ0AvgS1ucqR4KzvVHgnke1VQ== "@babel/plugin-proposal-class-properties@^7.13.0": version "7.18.6" @@ -2791,12 +2791,12 @@ "@babel/helper-simple-access" "^7.22.5" "@babel/plugin-transform-typescript@^7.23.3": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.23.5.tgz#83da13ef62a1ebddf2872487527094b31c9adb84" - integrity sha512-2fMkXEJkrmwgu2Bsv1Saxgj30IXZdJ+84lQcKKI7sm719oXs0BBw2ZENKdJdR1PjWndgLCEBNXJOri0fk7RYQA== + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.23.6.tgz#aa36a94e5da8d94339ae3a4e22d40ed287feb34c" + integrity sha512-6cBG5mBvUu4VUD04OHKnYzbuHNP8huDsD3EDqqpIpsswTDoqHCjLoHb6+QgsV1WsT2nipRqCPgxD3LXnEO7XfA== dependencies: "@babel/helper-annotate-as-pure" "^7.22.5" - "@babel/helper-create-class-features-plugin" "^7.23.5" + "@babel/helper-create-class-features-plugin" "^7.23.6" "@babel/helper-plugin-utils" "^7.22.5" "@babel/plugin-syntax-typescript" "^7.23.3" @@ -2840,26 +2840,26 @@ "@babel/parser" "^7.22.15" "@babel/types" "^7.22.15" -"@babel/traverse@^7.23.5": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.5.tgz#f546bf9aba9ef2b042c0e00d245990c15508e7ec" - integrity sha512-czx7Xy5a6sapWWRx61m1Ke1Ra4vczu1mCTtJam5zRTBOonfdJ+S/B6HYmGYu3fJtr8GGET3si6IhgWVBhJ/m8w== +"@babel/traverse@^7.23.6": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.6.tgz#b53526a2367a0dd6edc423637f3d2d0f2521abc5" + integrity sha512-czastdK1e8YByZqezMPFiZ8ahwVMh/ESl9vPgvgdB9AmFMGP5jfpFax74AQgl5zj4XHzqeYAg2l8PuUeRS1MgQ== dependencies: "@babel/code-frame" "^7.23.5" - "@babel/generator" "^7.23.5" + "@babel/generator" "^7.23.6" "@babel/helper-environment-visitor" "^7.22.20" "@babel/helper-function-name" "^7.23.0" "@babel/helper-hoist-variables" "^7.22.5" "@babel/helper-split-export-declaration" "^7.22.6" - "@babel/parser" "^7.23.5" - "@babel/types" "^7.23.5" - debug "^4.1.0" + "@babel/parser" "^7.23.6" + "@babel/types" "^7.23.6" + debug "^4.3.1" globals "^11.1.0" -"@babel/types@^7.0.0", "@babel/types@^7.20.7", "@babel/types@^7.22.15", "@babel/types@^7.22.5", "@babel/types@^7.23.0", "@babel/types@^7.23.5", "@babel/types@^7.3.0", "@babel/types@^7.3.3": - version "7.23.5" - resolved "https://registry.npmjs.org/@babel/types/-/types-7.23.5.tgz#48d730a00c95109fa4393352705954d74fb5b602" - integrity sha512-ON5kSOJwVO6xXVRTvOI0eOnWe7VdUcIpsovGo9U/Br4Ie4UVFQTboO2cYnDhAGU6Fp+UxSiT+pMft0SMHfuq6w== +"@babel/types@^7.0.0", "@babel/types@^7.20.7", "@babel/types@^7.22.15", "@babel/types@^7.22.5", "@babel/types@^7.23.0", "@babel/types@^7.23.6", "@babel/types@^7.3.0", "@babel/types@^7.3.3": + version "7.23.6" + resolved "https://registry.npmjs.org/@babel/types/-/types-7.23.6.tgz#be33fdb151e1f5a56877d704492c240fc71c7ccd" + integrity sha512-+uarb83brBzPKN38NX1MkB6vb6+mwvR6amUulqAE7ccQw1pEl+bCia9TbdG1lsnFP7lZySvUn37CHyXQdfTwzg== dependencies: "@babel/helper-string-parser" "^7.23.4" "@babel/helper-validator-identifier" "^7.22.20" @@ -2911,115 +2911,115 @@ enabled "2.0.x" kuler "^2.0.0" -"@esbuild/android-arm64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.8.tgz#fb7130103835b6d43ea499c3f30cfb2b2ed58456" - integrity sha512-B8JbS61bEunhfx8kasogFENgQfr/dIp+ggYXwTqdbMAgGDhRa3AaPpQMuQU0rNxDLECj6FhDzk1cF9WHMVwrtA== - -"@esbuild/android-arm@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.8.tgz#b46e4d9e984e6d6db6c4224d72c86b7757e35bcb" - integrity sha512-31E2lxlGM1KEfivQl8Yf5aYU/mflz9g06H6S15ITUFQueMFtFjESRMoDSkvMo8thYvLBax+VKTPlpnx+sPicOA== - -"@esbuild/android-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.8.tgz#a13db9441b5a4f4e4fec4a6f8ffacfea07888db7" - integrity sha512-rdqqYfRIn4jWOp+lzQttYMa2Xar3OK9Yt2fhOhzFXqg0rVWEfSclJvZq5fZslnz6ypHvVf3CT7qyf0A5pM682A== - -"@esbuild/darwin-arm64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.8.tgz#49f5718d36541f40dd62bfdf84da9c65168a0fc2" - integrity sha512-RQw9DemMbIq35Bprbboyf8SmOr4UXsRVxJ97LgB55VKKeJOOdvsIPy0nFyF2l8U+h4PtBx/1kRf0BelOYCiQcw== - -"@esbuild/darwin-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.8.tgz#75c5c88371eea4bfc1f9ecfd0e75104c74a481ac" - integrity sha512-3sur80OT9YdeZwIVgERAysAbwncom7b4bCI2XKLjMfPymTud7e/oY4y+ci1XVp5TfQp/bppn7xLw1n/oSQY3/Q== - -"@esbuild/freebsd-arm64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.8.tgz#9d7259fea4fd2b5f7437b52b542816e89d7c8575" - integrity sha512-WAnPJSDattvS/XtPCTj1tPoTxERjcTpH6HsMr6ujTT+X6rylVe8ggxk8pVxzf5U1wh5sPODpawNicF5ta/9Tmw== - -"@esbuild/freebsd-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.8.tgz#abac03e1c4c7c75ee8add6d76ec592f46dbb39e3" - integrity sha512-ICvZyOplIjmmhjd6mxi+zxSdpPTKFfyPPQMQTK/w+8eNK6WV01AjIztJALDtwNNfFhfZLux0tZLC+U9nSyA5Zg== - -"@esbuild/linux-arm64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.8.tgz#c577932cf4feeaa43cb9cec27b89cbe0df7d9098" - integrity sha512-z1zMZivxDLHWnyGOctT9JP70h0beY54xDDDJt4VpTX+iwA77IFsE1vCXWmprajJGa+ZYSqkSbRQ4eyLCpCmiCQ== - -"@esbuild/linux-arm@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.8.tgz#d6014d8b98b5cbc96b95dad3d14d75bb364fdc0f" - integrity sha512-H4vmI5PYqSvosPaTJuEppU9oz1dq2A7Mr2vyg5TF9Ga+3+MGgBdGzcyBP7qK9MrwFQZlvNyJrvz6GuCaj3OukQ== - -"@esbuild/linux-ia32@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.8.tgz#2379a0554307d19ac4a6cdc15b08f0ea28e7a40d" - integrity sha512-1a8suQiFJmZz1khm/rDglOc8lavtzEMRo0v6WhPgxkrjcU0LkHj+TwBrALwoz/OtMExvsqbbMI0ChyelKabSvQ== - -"@esbuild/linux-loong64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.8.tgz#e2a5bbffe15748b49356a6cd7b2d5bf60c5a7123" - integrity sha512-fHZWS2JJxnXt1uYJsDv9+b60WCc2RlvVAy1F76qOLtXRO+H4mjt3Tr6MJ5l7Q78X8KgCFudnTuiQRBhULUyBKQ== - -"@esbuild/linux-mips64el@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.8.tgz#1359331e6f6214f26f4b08db9b9df661c57cfa24" - integrity sha512-Wy/z0EL5qZYLX66dVnEg9riiwls5IYnziwuju2oUiuxVc+/edvqXa04qNtbrs0Ukatg5HEzqT94Zs7J207dN5Q== - -"@esbuild/linux-ppc64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.8.tgz#9ba436addc1646dc89dae48c62d3e951ffe70951" - integrity sha512-ETaW6245wK23YIEufhMQ3HSeHO7NgsLx8gygBVldRHKhOlD1oNeNy/P67mIh1zPn2Hr2HLieQrt6tWrVwuqrxg== - -"@esbuild/linux-riscv64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.8.tgz#fbcf0c3a0b20f40b5fc31c3b7695f0769f9de66b" - integrity sha512-T2DRQk55SgoleTP+DtPlMrxi/5r9AeFgkhkZ/B0ap99zmxtxdOixOMI570VjdRCs9pE4Wdkz7JYrsPvsl7eESg== - -"@esbuild/linux-s390x@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.8.tgz#989e8a05f7792d139d5564ffa7ff898ac6f20a4a" - integrity sha512-NPxbdmmo3Bk7mbNeHmcCd7R7fptJaczPYBaELk6NcXxy7HLNyWwCyDJ/Xx+/YcNH7Im5dHdx9gZ5xIwyliQCbg== - -"@esbuild/linux-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.8.tgz#b187295393a59323397fe5ff51e769ec4e72212b" - integrity sha512-lytMAVOM3b1gPypL2TRmZ5rnXl7+6IIk8uB3eLsV1JwcizuolblXRrc5ShPrO9ls/b+RTp+E6gbsuLWHWi2zGg== - -"@esbuild/netbsd-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.8.tgz#c1ec0e24ea82313cb1c7bae176bd5acd5bde7137" - integrity sha512-hvWVo2VsXz/8NVt1UhLzxwAfo5sioj92uo0bCfLibB0xlOmimU/DeAEsQILlBQvkhrGjamP0/el5HU76HAitGw== - -"@esbuild/openbsd-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.8.tgz#0c5b696ac66c6d70cf9ee17073a581a28af9e18d" - integrity sha512-/7Y7u77rdvmGTxR83PgaSvSBJCC2L3Kb1M/+dmSIvRvQPXXCuC97QAwMugBNG0yGcbEGfFBH7ojPzAOxfGNkwQ== - -"@esbuild/sunos-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.8.tgz#2a697e1f77926ff09fcc457d8f29916d6cd48fb1" - integrity sha512-9Lc4s7Oi98GqFA4HzA/W2JHIYfnXbUYgekUP/Sm4BG9sfLjyv6GKKHKKVs83SMicBF2JwAX6A1PuOLMqpD001w== - -"@esbuild/win32-arm64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.8.tgz#ec029e62a2fca8c071842ecb1bc5c2dd20b066f1" - integrity sha512-rq6WzBGjSzihI9deW3fC2Gqiak68+b7qo5/3kmB6Gvbh/NYPA0sJhrnp7wgV4bNwjqM+R2AApXGxMO7ZoGhIJg== - -"@esbuild/win32-ia32@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.8.tgz#cbb9a3146bde64dc15543e48afe418c7a3214851" - integrity sha512-AIAbverbg5jMvJznYiGhrd3sumfwWs8572mIJL5NQjJa06P8KfCPWZQ0NwZbPQnbQi9OWSZhFVSUWjjIrn4hSw== - -"@esbuild/win32-x64@0.19.8": - version "0.19.8" - resolved "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.8.tgz#c8285183dbdb17008578dbacb6e22748709b4822" - integrity sha512-bfZ0cQ1uZs2PqpulNL5j/3w+GDhP36k1K5c38QdQg+Swy51jFZWWeIkteNsufkQxp986wnqRRsb/bHbY1WQ7TA== +"@esbuild/android-arm64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.9.tgz#683794bdc3d27222d3eced7b74cad15979548031" + integrity sha512-q4cR+6ZD0938R19MyEW3jEsMzbb/1rulLXiNAJQADD/XYp7pT+rOS5JGxvpRW8dFDEfjW4wLgC/3FXIw4zYglQ== + +"@esbuild/android-arm@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.9.tgz#21a4de41f07b2af47401c601d64dfdefd056c595" + integrity sha512-jkYjjq7SdsWuNI6b5quymW0oC83NN5FdRPuCbs9HZ02mfVdAP8B8eeqLSYU3gb6OJEaY5CQabtTFbqBf26H3GA== + +"@esbuild/android-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.9.tgz#e2d7674bc025ddc8699f0cc76cb97823bb63c252" + integrity sha512-KOqoPntWAH6ZxDwx1D6mRntIgZh9KodzgNOy5Ebt9ghzffOk9X2c1sPwtM9P+0eXbefnDhqYfkh5PLP5ULtWFA== + +"@esbuild/darwin-arm64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.9.tgz#ae7a582289cc5c0bac15d4b9020a90cb7288f1e9" + integrity sha512-KBJ9S0AFyLVx2E5D8W0vExqRW01WqRtczUZ8NRu+Pi+87opZn5tL4Y0xT0mA4FtHctd0ZgwNoN639fUUGlNIWw== + +"@esbuild/darwin-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.9.tgz#8a216c66dcf51addeeb843d8cfaeff712821d12b" + integrity sha512-vE0VotmNTQaTdX0Q9dOHmMTao6ObjyPm58CHZr1UK7qpNleQyxlFlNCaHsHx6Uqv86VgPmR4o2wdNq3dP1qyDQ== + +"@esbuild/freebsd-arm64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.9.tgz#63d4f603e421252c3cd836b18d01545be7c6c440" + integrity sha512-uFQyd/o1IjiEk3rUHSwUKkqZwqdvuD8GevWF065eqgYfexcVkxh+IJgwTaGZVu59XczZGcN/YMh9uF1fWD8j1g== + +"@esbuild/freebsd-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.9.tgz#a3db52595be65360eae4de1d1fa3c1afd942e1e4" + integrity sha512-WMLgWAtkdTbTu1AWacY7uoj/YtHthgqrqhf1OaEWnZb7PQgpt8eaA/F3LkV0E6K/Lc0cUr/uaVP/49iE4M4asA== + +"@esbuild/linux-arm64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.9.tgz#4ae5811ce9f8d7df5eb9edd9765ea9401a534f13" + integrity sha512-PiPblfe1BjK7WDAKR1Cr9O7VVPqVNpwFcPWgfn4xu0eMemzRp442hXyzF/fSwgrufI66FpHOEJk0yYdPInsmyQ== + +"@esbuild/linux-arm@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.9.tgz#9807e92cfd335f46326394805ad488e646e506f2" + integrity sha512-C/ChPohUYoyUaqn1h17m/6yt6OB14hbXvT8EgM1ZWaiiTYz7nWZR0SYmMnB5BzQA4GXl3BgBO1l8MYqL/He3qw== + +"@esbuild/linux-ia32@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.9.tgz#18892c10f3106652b16f9da88a0362dc95ed46c7" + integrity sha512-f37i/0zE0MjDxijkPSQw1CO/7C27Eojqb+r3BbHVxMLkj8GCa78TrBZzvPyA/FNLUMzP3eyHCVkAopkKVja+6Q== + +"@esbuild/linux-loong64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.9.tgz#dc2ebf9a125db0a1bba18c2bbfd4fbdcbcaf61c2" + integrity sha512-t6mN147pUIf3t6wUt3FeumoOTPfmv9Cc6DQlsVBpB7eCpLOqQDyWBP1ymXn1lDw4fNUSb/gBcKAmvTP49oIkaA== + +"@esbuild/linux-mips64el@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.9.tgz#4c2f7c5d901015e3faf1563c4a89a50776cb07fd" + integrity sha512-jg9fujJTNTQBuDXdmAg1eeJUL4Jds7BklOTkkH80ZgQIoCTdQrDaHYgbFZyeTq8zbY+axgptncko3v9p5hLZtw== + +"@esbuild/linux-ppc64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.9.tgz#8385332713b4e7812869622163784a5633f76fc4" + integrity sha512-tkV0xUX0pUUgY4ha7z5BbDS85uI7ABw3V1d0RNTii7E9lbmV8Z37Pup2tsLV46SQWzjOeyDi1Q7Wx2+QM8WaCQ== + +"@esbuild/linux-riscv64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.9.tgz#23f1db24fa761be311874f32036c06249aa20cba" + integrity sha512-DfLp8dj91cufgPZDXr9p3FoR++m3ZJ6uIXsXrIvJdOjXVREtXuQCjfMfvmc3LScAVmLjcfloyVtpn43D56JFHg== + +"@esbuild/linux-s390x@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.9.tgz#2dffe497726b897c9f0109e774006e25b33b4fd0" + integrity sha512-zHbglfEdC88KMgCWpOl/zc6dDYJvWGLiUtmPRsr1OgCViu3z5GncvNVdf+6/56O2Ca8jUU+t1BW261V6kp8qdw== + +"@esbuild/linux-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.9.tgz#ceb1d62cd830724ff5b218e5d3172a8bad59420e" + integrity sha512-JUjpystGFFmNrEHQnIVG8hKwvA2DN5o7RqiO1CVX8EN/F/gkCjkUMgVn6hzScpwnJtl2mPR6I9XV1oW8k9O+0A== + +"@esbuild/netbsd-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.9.tgz#0cbca65e9ef4d3fc41502d3e055e6f49479a8f18" + integrity sha512-GThgZPAwOBOsheA2RUlW5UeroRfESwMq/guy8uEe3wJlAOjpOXuSevLRd70NZ37ZrpO6RHGHgEHvPg1h3S1Jug== + +"@esbuild/openbsd-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.9.tgz#1f57adfbee09c743292c6758a3642e875bcad1cf" + integrity sha512-Ki6PlzppaFVbLnD8PtlVQfsYw4S9n3eQl87cqgeIw+O3sRr9IghpfSKY62mggdt1yCSZ8QWvTZ9jo9fjDSg9uw== + +"@esbuild/sunos-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.9.tgz#116be6adbd2c7479edeeb5f6ea0441002ab4cb9c" + integrity sha512-MLHj7k9hWh4y1ddkBpvRj2b9NCBhfgBt3VpWbHQnXRedVun/hC7sIyTGDGTfsGuXo4ebik2+3ShjcPbhtFwWDw== + +"@esbuild/win32-arm64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.9.tgz#2be22131ab18af4693fd737b161d1ef34de8ca9d" + integrity sha512-GQoa6OrQ8G08guMFgeXPH7yE/8Dt0IfOGWJSfSH4uafwdC7rWwrfE6P9N8AtPGIjUzdo2+7bN8Xo3qC578olhg== + +"@esbuild/win32-ia32@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.9.tgz#e10ead5a55789b167b4225d2469324538768af7c" + integrity sha512-UOozV7Ntykvr5tSOlGCrqU3NBr3d8JqPes0QWN2WOXfvkWVGRajC+Ym0/Wj88fUgecUCLDdJPDF0Nna2UK3Qtg== + +"@esbuild/win32-x64@0.19.9": + version "0.19.9" + resolved "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.9.tgz#b2da6219b603e3fa371a78f53f5361260d0c5585" + integrity sha512-oxoQgglOP7RH6iasDrhY+R/3cHrfwIDvRlT4CGChflq6twk8iENeVvMJjmvBb94Ik1Z+93iGO27err7w6l54GQ== "@eslint-community/eslint-utils@^4.2.0", "@eslint-community/eslint-utils@^4.4.0": version "4.4.0" @@ -3412,18 +3412,18 @@ "@jridgewell/resolve-uri" "^3.1.0" "@jridgewell/sourcemap-codec" "^1.4.14" -"@jsii/check-node@1.92.0": - version "1.92.0" - resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.92.0.tgz#e05908d2c0875a728db14d73bb30459a73bd008e" - integrity sha512-MQnFvDIn/VOz4FzchobZ4dfrl6qfuZIlYviNbGXhPMSeJ92BVB2F+NEyem9Sg/Csy2ehhtO1FGaUj4mO9/7Ntg== +"@jsii/check-node@1.93.0": + version "1.93.0" + resolved "https://registry.npmjs.org/@jsii/check-node/-/check-node-1.93.0.tgz#3adcc6012654bb69fb8dc508e757b83ea9cd1708" + integrity sha512-NLn1Js6wEG2hYjH7gE5Q8s/hPlp3I+KhK/T8ykGdYVod7iODnk/0QVSZsk2iEyuw8NzvvgXUDBWreadUIWSz+g== dependencies: chalk "^4.1.2" semver "^7.5.4" -"@jsii/spec@1.92.0", "@jsii/spec@^1.92.0": - version "1.92.0" - resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.92.0.tgz#8fcd72a0ced63e83e72a010a499518d603f00198" - integrity sha512-6jbwQ2uCVOUq6eddKQG/cPzuUsdJwaszQstTZtruhhjWNuoC4CjT5eHlzjeBqtxQZpGiKkRRwPHb1bCEGgffxA== +"@jsii/spec@1.93.0", "@jsii/spec@^1.93.0": + version "1.93.0" + resolved "https://registry.npmjs.org/@jsii/spec/-/spec-1.93.0.tgz#e56c5971efbd349592de86081b3cbfd04fc0bb77" + integrity sha512-PIXcTHUsFOoxSE7KMpJ3iJ3iYGSo2x46ZX4bHDDD6C7M3ij+7Z3Ujumg/OsIrESCHKWXGXlgl9EmkNJraeYkRQ== dependencies: ajv "^8.12.0" @@ -4575,9 +4575,9 @@ tslib "^2.5.0" "@smithy/signature-v4@^2.0.0": - version "2.0.17" - resolved "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-2.0.17.tgz#3ce17d8143f18670ca9bd5f99738dfadb3a7f3fc" - integrity sha512-ru5IUbHUAYgJ5ZqZaBi6PEsMjFT/do0Eu21Qt7b07NuRuPlwAMhlqNRDy/KE9QAF20ygehb+xe9ebmyZ26/BSA== + version "2.0.18" + resolved "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-2.0.18.tgz#53b78b238edaa84cc8d61faf67d2b3c926cdd698" + integrity sha512-SJRAj9jT/l9ocm8D0GojMbnA1sp7I4JeStOQ4lEXI8A5eHE73vbjlzlqIFB7cLvIgau0oUl4cGVpF9IGCrvjlw== dependencies: "@smithy/eventstream-codec" "^2.0.15" "@smithy/is-array-buffer" "^2.0.0" @@ -5015,9 +5015,9 @@ form-data "^4.0.0" "@types/node@*": - version "20.10.3" - resolved "https://registry.npmjs.org/@types/node/-/node-20.10.3.tgz#4900adcc7fc189d5af5bb41da8f543cea6962030" - integrity sha512-XJavIpZqiXID5Yxnxv3RUDKTN5b81ddNC3ecsA0SoFXz/QU8OGBwZGMomiq0zw+uuqbL/krztv/DINAQ/EV4gg== + version "20.10.4" + resolved "https://registry.npmjs.org/@types/node/-/node-20.10.4.tgz#b246fd84d55d5b1b71bf51f964bd514409347198" + integrity sha512-D08YG6rr8X90YB56tSIuBaddy/UXAA9RKJoFvrsnogAum/0pmjkgi4+2nx96A330FmioegBWmEYQ+syqCFaveg== dependencies: undici-types "~5.26.4" @@ -5027,14 +5027,14 @@ integrity sha512-YUgMWAQBWLObABqrvx8qKO1enAvBUdjZOAWQ5grBAkp5LQv45jBvYKZ3oFS9iKRCQyFjqw6iuEa1vmFqtxYLZw== "@types/node@^16", "@types/node@^16.9.2": - version "16.18.67" - resolved "https://registry.npmjs.org/@types/node/-/node-16.18.67.tgz#518feb681958dedf2d187b8b4d20bf3530afe1fb" - integrity sha512-gUa0tDO9oxyAYO9V9tqxDJguVMDpqUwH5I5Q9ASYBCso+8CUdJlKPKDYS1YSS9kyZWIduDafZvucGM0zGNKFjg== + version "16.18.68" + resolved "https://registry.npmjs.org/@types/node/-/node-16.18.68.tgz#3155f64a961b3d8d10246c80657f9a7292e3421a" + integrity sha512-sG3hPIQwJLoewrN7cr0dwEy+yF5nD4D/4FxtQpFciRD/xwUzgD+G05uxZHv5mhfXo4F9Jkp13jjn0CC2q325sg== "@types/node@^18": - version "18.19.2" - resolved "https://registry.npmjs.org/@types/node/-/node-18.19.2.tgz#865107157bda220eef9fa8c2173152d6559a41ae" - integrity sha512-6wzfBdbWpe8QykUkXBjtmO3zITA0A3FIjoy+in0Y2K4KrCiRhNYJIdwAPDffZ3G6GnaKaSLSEa9ZuORLfEoiwg== + version "18.19.3" + resolved "https://registry.npmjs.org/@types/node/-/node-18.19.3.tgz#e4723c4cb385641d61b983f6fe0b716abd5f8fc0" + integrity sha512-k5fggr14DwAytoA/t8rPrIz++lXK7/DqckthCmoZOKNsEbJkId4Z//BqgApXBUGrGddrigYa1oqheo/7YmW4rg== dependencies: undici-types "~5.26.4" @@ -5175,16 +5175,16 @@ resolved "https://registry.npmjs.org/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.9.tgz#b3c8e8d66dc8ce79827f422a660a557cda9ded14" integrity sha512-GD4Fk15UoP5NLCNor51YdfL9MSdldKCqOC9EssrRw3HVfar9wUZ5y8Lfnp+qVD6hIinLr8ygklDYnmlnlQo12Q== -"@typescript-eslint/eslint-plugin@^6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.13.2.tgz#2e03506c5362a65e43cb132c37c9ce2d3cb51470" - integrity sha512-3+9OGAWHhk4O1LlcwLBONbdXsAhLjyCFogJY/cWy2lxdVJ2JrcTF2pTGMaLl2AE7U1l31n8Py4a8bx5DLf/0dQ== +"@typescript-eslint/eslint-plugin@^6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.14.0.tgz#fc1ab5f23618ba590c87e8226ff07a760be3dd7b" + integrity sha512-1ZJBykBCXaSHG94vMMKmiHoL0MhNHKSVlcHVYZNw+BKxufhqQVTOawNpwwI1P5nIFZ/4jLVop0mcY6mJJDFNaw== dependencies: "@eslint-community/regexpp" "^4.5.1" - "@typescript-eslint/scope-manager" "6.13.2" - "@typescript-eslint/type-utils" "6.13.2" - "@typescript-eslint/utils" "6.13.2" - "@typescript-eslint/visitor-keys" "6.13.2" + "@typescript-eslint/scope-manager" "6.14.0" + "@typescript-eslint/type-utils" "6.14.0" + "@typescript-eslint/utils" "6.14.0" + "@typescript-eslint/visitor-keys" "6.14.0" debug "^4.3.4" graphemer "^1.4.0" ignore "^5.2.4" @@ -5204,15 +5204,15 @@ eslint-scope "^5.1.1" eslint-utils "^3.0.0" -"@typescript-eslint/parser@^6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.13.2.tgz#390b79cc9a57a5f904d197a201cc4b6bc4f9afb9" - integrity sha512-MUkcC+7Wt/QOGeVlM8aGGJZy1XV5YKjTpq9jK6r6/iLsGXhBVaGP5N0UYvFsu9BFlSpwY9kMretzdBH01rkRXg== +"@typescript-eslint/parser@^6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.14.0.tgz#a2d6a732e0d2b95c73f6a26ae7362877cc1b4212" + integrity sha512-QjToC14CKacd4Pa7JK4GeB/vHmWFJckec49FR4hmIRf97+KXole0T97xxu9IFiPxVQ1DBWrQ5wreLwAGwWAVQA== dependencies: - "@typescript-eslint/scope-manager" "6.13.2" - "@typescript-eslint/types" "6.13.2" - "@typescript-eslint/typescript-estree" "6.13.2" - "@typescript-eslint/visitor-keys" "6.13.2" + "@typescript-eslint/scope-manager" "6.14.0" + "@typescript-eslint/types" "6.14.0" + "@typescript-eslint/typescript-estree" "6.14.0" + "@typescript-eslint/visitor-keys" "6.14.0" debug "^4.3.4" "@typescript-eslint/scope-manager@4.33.0": @@ -5223,21 +5223,21 @@ "@typescript-eslint/types" "4.33.0" "@typescript-eslint/visitor-keys" "4.33.0" -"@typescript-eslint/scope-manager@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.13.2.tgz#5fa4e4adace028dafac212c770640b94e7b61052" - integrity sha512-CXQA0xo7z6x13FeDYCgBkjWzNqzBn8RXaE3QVQVIUm74fWJLkJkaHmHdKStrxQllGh6Q4eUGyNpMe0b1hMkXFA== +"@typescript-eslint/scope-manager@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.14.0.tgz#53d24363fdb5ee0d1d8cda4ed5e5321272ab3d48" + integrity sha512-VT7CFWHbZipPncAZtuALr9y3EuzY1b1t1AEkIq2bTXUPKw+pHoXflGNG5L+Gv6nKul1cz1VH8fz16IThIU0tdg== dependencies: - "@typescript-eslint/types" "6.13.2" - "@typescript-eslint/visitor-keys" "6.13.2" + "@typescript-eslint/types" "6.14.0" + "@typescript-eslint/visitor-keys" "6.14.0" -"@typescript-eslint/type-utils@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.13.2.tgz#ebec2da14a6bb7122e0fd31eea72a382c39c6102" - integrity sha512-Qr6ssS1GFongzH2qfnWKkAQmMUyZSyOr0W54nZNU1MDfo+U4Mv3XveeLZzadc/yq8iYhQZHYT+eoXJqnACM1tw== +"@typescript-eslint/type-utils@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.14.0.tgz#ac9cb5ba0615c837f1a6b172feeb273d36e4f8af" + integrity sha512-x6OC9Q7HfYKqjnuNu5a7kffIYs3No30isapRBJl1iCHLitD8O0lFbRcVGiOcuyN837fqXzPZ1NS10maQzZMKqw== dependencies: - "@typescript-eslint/typescript-estree" "6.13.2" - "@typescript-eslint/utils" "6.13.2" + "@typescript-eslint/typescript-estree" "6.14.0" + "@typescript-eslint/utils" "6.14.0" debug "^4.3.4" ts-api-utils "^1.0.1" @@ -5246,10 +5246,10 @@ resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz#a1e59036a3b53ae8430ceebf2a919dc7f9af6d72" integrity sha512-zKp7CjQzLQImXEpLt2BUw1tvOMPfNoTAfb8l51evhYbOEEzdWyQNmHWWGPR6hwKJDAi+1VXSBmnhL9kyVTTOuQ== -"@typescript-eslint/types@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.13.2.tgz#c044aac24c2f6cefb8e921e397acad5417dd0ae6" - integrity sha512-7sxbQ+EMRubQc3wTfTsycgYpSujyVbI1xw+3UMRUcrhSy+pN09y/lWzeKDbvhoqcRbHdc+APLs/PWYi/cisLPg== +"@typescript-eslint/types@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.14.0.tgz#935307f7a931016b7a5eb25d494ea3e1f613e929" + integrity sha512-uty9H2K4Xs8E47z3SnXEPRNDfsis8JO27amp2GNCnzGETEW3yTqEIVg5+AI7U276oGF/tw6ZA+UesxeQ104ceA== "@typescript-eslint/typescript-estree@4.33.0", "@typescript-eslint/typescript-estree@^4.33.0": version "4.33.0" @@ -5264,30 +5264,30 @@ semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/typescript-estree@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.13.2.tgz#ae556ee154c1acf025b48d37c3ef95a1d55da258" - integrity sha512-SuD8YLQv6WHnOEtKv8D6HZUzOub855cfPnPMKvdM/Bh1plv1f7Q/0iFUDLKKlxHcEstQnaUU4QZskgQq74t+3w== +"@typescript-eslint/typescript-estree@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.14.0.tgz#90c7ddd45cd22139adf3d4577580d04c9189ac13" + integrity sha512-yPkaLwK0yH2mZKFE/bXkPAkkFgOv15GJAUzgUVonAbv0Hr4PK/N2yaA/4XQbTZQdygiDkpt5DkxPELqHguNvyw== dependencies: - "@typescript-eslint/types" "6.13.2" - "@typescript-eslint/visitor-keys" "6.13.2" + "@typescript-eslint/types" "6.14.0" + "@typescript-eslint/visitor-keys" "6.14.0" debug "^4.3.4" globby "^11.1.0" is-glob "^4.0.3" semver "^7.5.4" ts-api-utils "^1.0.1" -"@typescript-eslint/utils@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.13.2.tgz#8eb89e53adc6d703a879b131e528807245486f89" - integrity sha512-b9Ptq4eAZUym4idijCRzl61oPCwwREcfDI8xGk751Vhzig5fFZR9CyzDz4Sp/nxSLBYxUPyh4QdIDqWykFhNmQ== +"@typescript-eslint/utils@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.14.0.tgz#856a9e274367d99ffbd39c48128b93a86c4261e3" + integrity sha512-XwRTnbvRr7Ey9a1NT6jqdKX8y/atWG+8fAIu3z73HSP8h06i3r/ClMhmaF/RGWGW1tHJEwij1uEg2GbEmPYvYg== dependencies: "@eslint-community/eslint-utils" "^4.4.0" "@types/json-schema" "^7.0.12" "@types/semver" "^7.5.0" - "@typescript-eslint/scope-manager" "6.13.2" - "@typescript-eslint/types" "6.13.2" - "@typescript-eslint/typescript-estree" "6.13.2" + "@typescript-eslint/scope-manager" "6.14.0" + "@typescript-eslint/types" "6.14.0" + "@typescript-eslint/typescript-estree" "6.14.0" semver "^7.5.4" "@typescript-eslint/visitor-keys@4.33.0": @@ -5298,12 +5298,12 @@ "@typescript-eslint/types" "4.33.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@6.13.2": - version "6.13.2" - resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.13.2.tgz#e0a4a80cf842bb08e6127b903284166ac4a5594c" - integrity sha512-OGznFs0eAQXJsp+xSd6k/O1UbFi/K/L7WjqeRoFE7vadjAF9y0uppXhYNQNEqygjou782maGClOoZwPqF0Drlw== +"@typescript-eslint/visitor-keys@6.14.0": + version "6.14.0" + resolved "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.14.0.tgz#1d1d486581819287de824a56c22f32543561138e" + integrity sha512-fB5cw6GRhJUz03MrROVuj5Zm/Q+XWlVdIsFj+Zb1Hvqouc8t+XP2H5y53QYU/MGtd2dPg6/vJJlhoX3xc2ehfw== dependencies: - "@typescript-eslint/types" "6.13.2" + "@typescript-eslint/types" "6.14.0" eslint-visitor-keys "^3.4.1" "@ungap/structured-clone@^1.2.0": @@ -5799,10 +5799,10 @@ aws-sdk-mock@5.8.0: sinon "^14.0.1" traverse "^0.6.6" -aws-sdk@^2.1231.0, aws-sdk@^2.1513.0, aws-sdk@^2.928.0: - version "2.1513.0" - resolved "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1513.0.tgz#d85d0fd120a849608053082299fbf921da0656fa" - integrity sha512-prgLj06P0Tiqlohz9mV916JZlZjnGhCftKNPOSZvTmKRyCUfbIIJnnBp/6HpkIe7ig7UGpWCXX72OPqVBrICpA== +aws-sdk@^2.1231.0, aws-sdk@^2.1517.0, aws-sdk@^2.928.0: + version "2.1517.0" + resolved "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1517.0.tgz#ab7127a6f4291fb8be465830b00ee91eb10a6b9d" + integrity sha512-k8TXd7t6BFUheOoGXpBRVOCwU4nmmWn1LFRS5WLRR0MUxbkvvJqeNArn+ktiod/t7p4hDSmd48cVLGi3eoyX9g== dependencies: buffer "4.9.2" events "1.1.1" @@ -6014,7 +6014,7 @@ braces@^3.0.2, braces@~3.0.2: dependencies: fill-range "^7.0.1" -browserslist@^4.21.9: +browserslist@^4.22.2: version "4.22.2" resolved "https://registry.npmjs.org/browserslist/-/browserslist-4.22.2.tgz#704c4943072bd81ea18997f3bd2180e89c77874b" integrity sha512-0UgcrvQmBDvZHFGdYUehrCNIazki7/lUP3kkoi/r3YB2amZbFM9J43ZRkJTXBUZK4gmx56+Sqk9+Vs9mwZx9+A== @@ -6199,9 +6199,9 @@ camelcase@^7.0.1: integrity sha512-xlx1yCK2Oc1APsPXDL2LdlNP6+uu8OCDdhOBSVT279M/S+y75O30C2VuD8T2ogdePBBl7PfPF4504tnLgX3zfw== caniuse-lite@^1.0.30001565: - version "1.0.30001566" - resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001566.tgz#61a8e17caf3752e3e426d4239c549ebbb37fef0d" - integrity sha512-ggIhCsTxmITBAMmK8yZjEhCO5/47jKXPu6Dha/wuCS4JePVL+3uiDEBuhu2aIoT+bqTOR8L76Ip1ARL9xYsEJA== + version "1.0.30001570" + resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001570.tgz#b4e5c1fa786f733ab78fc70f592df6b3f23244ca" + integrity sha512-+3e0ASu4sw1SWaoCtvPeyXp+5PsjigkSt8OXZbF9StH5pQWbxEjLAZE3n8Aup5udop1uRiKA7a4utUk/uoSpUw== canonicalize@^2.0.0: version "2.0.0" @@ -6222,36 +6222,36 @@ case@1.6.3, case@^1.6.3: resolved "https://registry.npmjs.org/case/-/case-1.6.3.tgz#0a4386e3e9825351ca2e6216c60467ff5f1ea1c9" integrity sha512-mzDSXIPaFwVDvZAHqZ9VlbyF4yyXRuX6IvB06WvPYkqJVO24kX1PPhv9bfpKNFZyxYFmmgo03HUiD8iklmJYRQ== -cdk-from-cfn@^0.85.0: - version "0.85.0" - resolved "https://registry.npmjs.org/cdk-from-cfn/-/cdk-from-cfn-0.85.0.tgz#79897ce32e67c69629d5cc80fe4555ad8ef67309" - integrity sha512-wVYaBYrSWK5qKfhyqm6bv6rcsMblnpGofOzjAFIg8fYBAMIfsbglZkAj58WpEQ8vxKDY/vNcDO1L06g3odhNHA== +cdk-from-cfn@^0.91.0: + version "0.91.0" + resolved "https://registry.npmjs.org/cdk-from-cfn/-/cdk-from-cfn-0.91.0.tgz#d1858e323b749d130cc073b098367bd354f21afa" + integrity sha512-ZkeA2Iws4LCg7QqeF+iVjZ5U0MaNni+O0RSEocGxKMvbn4SG/Z1Ib/lWBQZX32ZvuqpgUCUOL3askIuZ7e3+5g== -cdk-generate-synthetic-examples@^0.1.298: - version "0.1.298" - resolved "https://registry.npmjs.org/cdk-generate-synthetic-examples/-/cdk-generate-synthetic-examples-0.1.298.tgz#57b71c7e86799f12531f7a5a0cadbe78b4bba78b" - integrity sha512-7VBrgPATGoEb9rWnSuWtysmVfsl8eORBqEEcqvOtZ7eHVW7xO7q5Lr1D6TzxtyKsNv7T31FD3oNG+6n5H82XgA== +cdk-generate-synthetic-examples@^0.1.299: + version "0.1.299" + resolved "https://registry.npmjs.org/cdk-generate-synthetic-examples/-/cdk-generate-synthetic-examples-0.1.299.tgz#b13d52165bcff1c72acf13d062f04540fe590a05" + integrity sha512-rJgCtswQUk9pdrwsl1S1V7B5/jU4cxoT7F+b9KpcBQsBMeEZj/bPGH80AaMSZ4Xe+m5QTCL4zCN8tpM1ckzbDg== dependencies: - "@jsii/spec" "^1.92.0" + "@jsii/spec" "^1.93.0" fs-extra "^10.1.0" - jsii "^1.92.0" - jsii-reflect "^1.92.0" - jsii-rosetta "^1.92.0" + jsii "^1.93.0" + jsii-reflect "^1.93.0" + jsii-rosetta "^1.93.0" yargs "^17.7.2" -cdk8s-plus-27@2.7.69: - version "2.7.69" - resolved "https://registry.npmjs.org/cdk8s-plus-27/-/cdk8s-plus-27-2.7.69.tgz#a0e3a638f8d7962587911e1cd62cc4c529978841" - integrity sha512-xeyrb4cRe4IYzCvTyuhLFxQWiV2bN14/FFvE+H5eNVaXt8x57G/CRK8ZF0inWhDJPXEYi/35WQw2JQSxkVJ3mA== +cdk8s-plus-27@2.7.70: + version "2.7.70" + resolved "https://registry.npmjs.org/cdk8s-plus-27/-/cdk8s-plus-27-2.7.70.tgz#403481b2344cafa7d4614af59e162ff5b85a4be7" + integrity sha512-SOvx6GqSa2Ti3wPmRXV8ITxlYd4JJqtq3v0VKIcsFXnYm+BpC4JIdO1rZM57BvtsS+nH3y3+5rpp5Rxh5y258g== dependencies: minimatch "^3.1.2" optionalDependencies: backport "8.5.0" -cdk8s@2.68.15: - version "2.68.15" - resolved "https://registry.npmjs.org/cdk8s/-/cdk8s-2.68.15.tgz#dfb250271e7f440757e52c85034b709636396798" - integrity sha512-YLJ5aG9g2N7bwhQ4QfBhAGHdxRPl8dJ9BsuYD/zGFSxeCRtpC6/Z9LNRrUeZDiOEHFfUlqhb4sydCht6HHqNyA== +cdk8s@2.68.18: + version "2.68.18" + resolved "https://registry.npmjs.org/cdk8s/-/cdk8s-2.68.18.tgz#87c601cb5b2d3be960ad0a08098e6f292934b1b1" + integrity sha512-YQk192V1L2CjQcOw3hft3HwC/2GVHBxqWpMtYzYc3mMhK8Qe7Ajh3K8bcciafWjGSDlRPixOxYOOtk4wSeuVnQ== dependencies: fast-json-patch "^3.1.1" follow-redirects "^1.15.2" @@ -6490,10 +6490,10 @@ co@^4.6.0: resolved "https://registry.npmjs.org/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ== -codemaker@^1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.92.0.tgz#21b1d503c28ef238e665f0c8155ac81e1ad4a122" - integrity sha512-h9LW/YFYMAXHvv4aHNxVfawza/8GHL0Nw0zFpqdURXsjRlsCtG+SzqRvYLOJoFqxzZ9+rkXJf8fODImC6WHa8g== +codemaker@^1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/codemaker/-/codemaker-1.93.0.tgz#4cd42eaf789678cc996581baf8ca014b505e72b4" + integrity sha512-n9AdncxhGti20YhA7HI2oAYhELh/qlDnW9JIAYQW9iULXdeaKtsxHgvcwBCltpieOcQrq10bt+sUawBs62vxLg== dependencies: camelcase "^6.3.0" decamelize "^5.0.1" @@ -6582,7 +6582,7 @@ commander@^10.0.1: resolved "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz#881ee46b4f77d1c1dccc5823433aa39b022cbe06" integrity sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug== -commander@^11.1.0: +commander@^11.1.0, commander@~11.1.0: version "11.1.0" resolved "https://registry.npmjs.org/commander/-/commander-11.1.0.tgz#62fdce76006a68e5c1ab3314dc92e800eb83d906" integrity sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ== @@ -6597,11 +6597,6 @@ commander@^7.2.0: resolved "https://registry.npmjs.org/commander/-/commander-7.2.0.tgz#a36cb57d0b501ce108e4d20559a150a391d97ab7" integrity sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw== -commander@~11.0.0: - version "11.0.0" - resolved "https://registry.npmjs.org/commander/-/commander-11.0.0.tgz#43e19c25dbedc8256203538e8d7e9346877a6f67" - integrity sha512-9HMlXtt/BNoYr8ooyjjNRdIilOTkVJXB+GhxMTtOKwk0R4j4lS4NpjuqmRxroBfnfTSHQIHQB7wryHhXarNjmQ== - common-ancestor-path@^1.0.1: version "1.0.1" resolved "https://registry.npmjs.org/common-ancestor-path/-/common-ancestor-path-1.0.1.tgz#4f7d2d1394d91b7abdf51871c62f71eadb0182a7" @@ -7487,9 +7482,9 @@ ejs@^3.1.7: jake "^10.8.5" electron-to-chromium@^1.4.601: - version "1.4.606" - resolved "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.606.tgz#d9f83f7d06a253ccdd99475dccbbd38d4758ba2f" - integrity sha512-Zdv0XuhfyWZUsQ5Uq59d43ZmZOdoGZNWjeN4WCxxlQaP8crAWdnWcTxfHKcaJl6PW2SWpHx6DsxSx7v6KcGCuw== + version "1.4.611" + resolved "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.611.tgz#92d3a8f03110fbf5f99b054da97825f994fa480a" + integrity sha512-ZtRpDxrjHapOwxtv+nuth5ByB8clyn8crVynmRNGO3wG3LOp8RTcyZDqwaI6Ng6y8FCK2hVZmJoqwCskKbNMaw== emittery@^0.13.1: version "0.13.1" @@ -7686,33 +7681,33 @@ es6-weak-map@^2.0.3: es6-iterator "^2.0.3" es6-symbol "^3.1.1" -esbuild@^0.19.8: - version "0.19.8" - resolved "https://registry.npmjs.org/esbuild/-/esbuild-0.19.8.tgz#ad05b72281d84483fa6b5345bd246c27a207b8f1" - integrity sha512-l7iffQpT2OrZfH2rXIp7/FkmaeZM0vxbxN9KfiCwGYuZqzMg/JdvX26R31Zxn/Pxvsrg3Y9N6XTcnknqDyyv4w== +esbuild@^0.19.9: + version "0.19.9" + resolved "https://registry.npmjs.org/esbuild/-/esbuild-0.19.9.tgz#423a8f35153beb22c0b695da1cd1e6c0c8cdd490" + integrity sha512-U9CHtKSy+EpPsEBa+/A2gMs/h3ylBC0H0KSqIg7tpztHerLi6nrrcoUJAkNCEPumx8yJ+Byic4BVwHgRbN0TBg== optionalDependencies: - "@esbuild/android-arm" "0.19.8" - "@esbuild/android-arm64" "0.19.8" - "@esbuild/android-x64" "0.19.8" - "@esbuild/darwin-arm64" "0.19.8" - "@esbuild/darwin-x64" "0.19.8" - "@esbuild/freebsd-arm64" "0.19.8" - "@esbuild/freebsd-x64" "0.19.8" - "@esbuild/linux-arm" "0.19.8" - "@esbuild/linux-arm64" "0.19.8" - "@esbuild/linux-ia32" "0.19.8" - "@esbuild/linux-loong64" "0.19.8" - "@esbuild/linux-mips64el" "0.19.8" - "@esbuild/linux-ppc64" "0.19.8" - "@esbuild/linux-riscv64" "0.19.8" - "@esbuild/linux-s390x" "0.19.8" - "@esbuild/linux-x64" "0.19.8" - "@esbuild/netbsd-x64" "0.19.8" - "@esbuild/openbsd-x64" "0.19.8" - "@esbuild/sunos-x64" "0.19.8" - "@esbuild/win32-arm64" "0.19.8" - "@esbuild/win32-ia32" "0.19.8" - "@esbuild/win32-x64" "0.19.8" + "@esbuild/android-arm" "0.19.9" + "@esbuild/android-arm64" "0.19.9" + "@esbuild/android-x64" "0.19.9" + "@esbuild/darwin-arm64" "0.19.9" + "@esbuild/darwin-x64" "0.19.9" + "@esbuild/freebsd-arm64" "0.19.9" + "@esbuild/freebsd-x64" "0.19.9" + "@esbuild/linux-arm" "0.19.9" + "@esbuild/linux-arm64" "0.19.9" + "@esbuild/linux-ia32" "0.19.9" + "@esbuild/linux-loong64" "0.19.9" + "@esbuild/linux-mips64el" "0.19.9" + "@esbuild/linux-ppc64" "0.19.9" + "@esbuild/linux-riscv64" "0.19.9" + "@esbuild/linux-s390x" "0.19.9" + "@esbuild/linux-x64" "0.19.9" + "@esbuild/netbsd-x64" "0.19.9" + "@esbuild/openbsd-x64" "0.19.9" + "@esbuild/sunos-x64" "0.19.9" + "@esbuild/win32-arm64" "0.19.9" + "@esbuild/win32-ia32" "0.19.9" + "@esbuild/win32-x64" "0.19.9" escalade@^3.1.1: version "3.1.1" @@ -8654,7 +8649,7 @@ glob@7.1.4: once "^1.3.0" path-is-absolute "^1.0.0" -glob@^10.2.2, glob@^10.3.7, glob@~10.3.4: +glob@^10.2.2, glob@^10.3.7, glob@~10.3.10: version "10.3.10" resolved "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz#0351ebb809fd187fe421ab96af83d3a70715df4b" integrity sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g== @@ -8711,9 +8706,9 @@ globals@^11.1.0: integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== globals@^13.19.0, globals@^13.6.0, globals@^13.9.0: - version "13.23.0" - resolved "https://registry.npmjs.org/globals/-/globals-13.23.0.tgz#ef31673c926a0976e1f61dab4dca57e0c0a8af02" - integrity sha512-XAmF0RjlrjY23MA51q3HltdlGxUpXPvg0GioKiD9X6HD28iMjo2dKC8Vqwm7lne4GNr78+RHTfliktR6ZH09wA== + version "13.24.0" + resolved "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz#8432a19d78ce0c1e833949c36adb345400bb1171" + integrity sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ== dependencies: type-fest "^0.20.2" @@ -9034,16 +9029,11 @@ ignore@^4.0.6: resolved "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz#750e3db5862087b4737ebac8207ffd1ef27b25fc" integrity sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg== -ignore@^5.0.4, ignore@^5.2.0, ignore@^5.2.4, ignore@^5.3.0: +ignore@^5.0.4, ignore@^5.2.0, ignore@^5.2.4, ignore@^5.3.0, ignore@~5.3.0: version "5.3.0" resolved "https://registry.npmjs.org/ignore/-/ignore-5.3.0.tgz#67418ae40d34d6999c95ff56016759c718c82f78" integrity sha512-g7dmpshy+gD7mh88OC9NwSGTKoc3kyLAZQRU1mt53Aw/vnvfXnbC+F/7F7QoYVKbV+KNvJx8wArewKy1vXMtlg== -ignore@~5.2.4: - version "5.2.4" - resolved "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz#a291c0c6178ff1b960befe47fcdec301674a6324" - integrity sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ== - immediate@~3.0.5: version "3.0.6" resolved "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b" @@ -10157,60 +10147,60 @@ jsesc@^2.5.1: resolved "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.92.0.tgz#57fe7f147775ef86b7a4df3db0ceab9e649e0632" - integrity sha512-gEfYFtYIiz+SytHFTE/JG3mdTRLFwxTy4sRx9RUmCFF2jSorpEGpfrzwv+bwKEA7G4IqhbHhza05ePfpBQrbdw== +jsii-diff@1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/jsii-diff/-/jsii-diff-1.93.0.tgz#6544309c3c5378ccaca3dcd2c39314f253d3da7e" + integrity sha512-Tm3ZsjBi4TfvPVvcEmmOCToup9T3Bdatvi+iboR/0iIEp8P1puwUjPrMhfaa5AliqYQtCuPHNLlYZnhsOuTy9A== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" fs-extra "^10.1.0" - jsii-reflect "^1.92.0" + jsii-reflect "^1.93.0" log4js "^6.9.1" yargs "^16.2.0" -jsii-pacmak@1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.92.0.tgz#ecab000c95ae65c031b568151eb9b67080aa84db" - integrity sha512-LIwXYTYjX5APnb6qzu5TDMEkSJXq5ntE71fT5Lpj3KMpOGGOrYlCAuP1lxpf1oWfIZeuyC4orRafuE7AECEa/A== +jsii-pacmak@1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/jsii-pacmak/-/jsii-pacmak-1.93.0.tgz#5793c251cb45963d57bc839cf8bbe64d8e5b998f" + integrity sha512-A2rn4seHN+1/VzwQ0H8t6zxAz9HpZWbF+kVi9MpNgqd2iiNYxS1XNyirzyQ8D3e5ZNWoPAyFVuGqkXrtdo4etg== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" clone "^2.1.2" - codemaker "^1.92.0" + codemaker "^1.93.0" commonmark "^0.30.0" escape-string-regexp "^4.0.0" fs-extra "^10.1.0" - jsii-reflect "^1.92.0" - jsii-rosetta "^1.92.0" + jsii-reflect "^1.93.0" + jsii-rosetta "^1.93.0" semver "^7.5.4" spdx-license-list "^6.8.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@1.92.0, jsii-reflect@^1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.92.0.tgz#d6d29b01b40560f7a6b2400646410688543856b5" - integrity sha512-9ZLaygpYXG7UBqcUtgINd4pDL43l2gdUwOqWUrMz5beVOgp1ccvbihVPW6LtWGcTDfC+A2oNzjEP6roUvWvDDw== +jsii-reflect@1.93.0, jsii-reflect@^1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/jsii-reflect/-/jsii-reflect-1.93.0.tgz#5b2dcb964a25e5886b3d5d23020485d02630d301" + integrity sha512-obf74y7RFXFNfPmgJYMQoRVPeR40czub0MM+rKfyEape5+qqvTU1pyUN384kVzpEzUfFIRsFMWqfxrW4zqwuPQ== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" chalk "^4" fs-extra "^10.1.0" - oo-ascii-tree "^1.92.0" + oo-ascii-tree "^1.93.0" yargs "^16.2.0" -jsii-rosetta@^1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.92.0.tgz#7475faa5b2746e38d29366ea6aa1a9554647e365" - integrity sha512-TKrCq3FToJ3rgCUzDEOWHIoYEs4CvtyXNNE2dPkX5YYv3+18vP8qiftGpyHGcgyslx2E7gm1g/8uPkAxeAEP+A== +jsii-rosetta@^1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-1.93.0.tgz#951e8ae27ceaf0504abd74c15866f6050c97ef82" + integrity sha512-5HFoC6Cp3Y3usCGuTRDTL/ovgz9MxI6/kY4Re8agVShXR6MPSX6F6Sc1qGMUjf3ynFfPz+DMsBY0Z164cxVKBA== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "1.93.0" "@xmldom/xmldom" "^0.8.10" commonmark "^0.30.0" fast-glob "^3.3.2" - jsii "1.92.0" + jsii "1.93.0" semver "^7.5.4" semver-intersect "^1.4.0" stream-json "^1.8.0" @@ -10218,13 +10208,13 @@ jsii-rosetta@^1.92.0: workerpool "^6.5.1" yargs "^16.2.0" -jsii-rosetta@~5.2.5: - version "5.2.5" - resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-5.2.5.tgz#2268dfb0be85105c9e3a68d7ddf8d7ee08843b54" - integrity sha512-lJPJAlrVt+jxJ1RwtM3DocLik8B/74daOB8dbuZzcGHGhVBLQ2No2GYwjn9EsyLnvzO2ULeSWduEhdgc61XhwQ== +jsii-rosetta@~5.2.6: + version "5.2.6" + resolved "https://registry.npmjs.org/jsii-rosetta/-/jsii-rosetta-5.2.6.tgz#a5c6d37cff1992f7089f0766c22aea3e33c1c46c" + integrity sha512-HCXeAIUzU2Z1nJ9GFDQ1PMpGKbktJmZ+9upOw10zbV7WPT/4QUF6NPNfRIikk3bwPWTdFmsEtfjAO96UbubnbA== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" "@xmldom/xmldom" "^0.8.10" chalk "^4" commonmark "^0.30.0" @@ -10237,13 +10227,13 @@ jsii-rosetta@~5.2.5: workerpool "^6.5.1" yargs "^17.7.2" -jsii@1.92.0, jsii@^1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/jsii/-/jsii-1.92.0.tgz#dc89cf48b2cf681fe9c6a77ee2d94911178348ae" - integrity sha512-UHuPVMkUXBcbnSAsylQSea7BFNkr6hkx6NhGGoZ5Xnb3fZV7wwr9DHnE14yQJUIsrCL8WcqhCU79QTbWmnKpag== +jsii@1.93.0, jsii@^1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/jsii/-/jsii-1.93.0.tgz#a30e077883235c7fdd09772e0637eeefeef975d9" + integrity sha512-J6In5MDWcmVosOwZxdwcW+NisQZ2p9g2zWFwCO3RpMoHmpzYasChZSvRvpgR5iFB7m10QRebU+45R2WCGsadfg== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" case "^1.6.3" chalk "^4" fast-deep-equal "^3.1.3" @@ -10256,13 +10246,13 @@ jsii@1.92.0, jsii@^1.92.0: typescript "~3.9.10" yargs "^16.2.0" -jsii@~5.2.38, jsii@~5.2.5: - version "5.2.38" - resolved "https://registry.npmjs.org/jsii/-/jsii-5.2.38.tgz#4548a7b88b3e2a1ef582f037c81bd20db88b5df0" - integrity sha512-QGt5Kd01wHrE3ASylXu1Rycsa0i4dn6jCqGDU/oxs8/K4zBDGJr0yqiJ2W3lgqIpDxn94PxZppHXSV8zJ8pJog== +jsii@~5.2.41, jsii@~5.2.5: + version "5.2.41" + resolved "https://registry.npmjs.org/jsii/-/jsii-5.2.41.tgz#ba1ec85b2f0a92fed3163b028645d5bb62a97bd8" + integrity sha512-MToK0IBcx1+KZWpwMehLALT60TEav0yDXcu3TilNQbtJLztQrzA1HKZuzV6EIMB1nmHwABCr1qSeoIvqLnYfWA== dependencies: - "@jsii/check-node" "1.92.0" - "@jsii/spec" "^1.92.0" + "@jsii/check-node" "1.93.0" + "@jsii/spec" "^1.93.0" case "^1.6.3" chalk "^4" downlevel-dts "^0.11.0" @@ -11067,7 +11057,7 @@ map-obj@^4.0.0: resolved "https://registry.npmjs.org/map-obj/-/map-obj-4.3.0.tgz#9304f906e93faae70880da102a9f1df0ea8bb05a" integrity sha512-hdN1wVrZbb29eBGiGjJbeP8JbKjq1urkHJ/LIP/NY48MZ1QVXUsQBV1G1zvYFHn1XE06cwjBsOI2K3Ulnj1YXQ== -markdown-it@13.0.1, markdown-it@^12.3.2: +markdown-it@13.0.2, markdown-it@^12.3.2: version "12.3.2" resolved "https://registry.npmjs.org/markdown-it/-/markdown-it-12.3.2.tgz#bf92ac92283fe983fe4de8ff8abfb5ad72cd0c90" integrity sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg== @@ -11078,18 +11068,18 @@ markdown-it@13.0.1, markdown-it@^12.3.2: mdurl "^1.0.1" uc.micro "^1.0.5" -markdownlint-cli@^0.37.0: - version "0.37.0" - resolved "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.37.0.tgz#6b1331d0e9822627268774f6ec72e8138fcbfb1a" - integrity sha512-hNKAc0bWBBuVhJbSWbUhRzavstiB4o1jh3JeSpwC4/dt6eJ54lRfYHRxVdzVp4qGWBKbeE6Pg490PFEfrKjqSg== +markdownlint-cli@^0.38.0: + version "0.38.0" + resolved "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.38.0.tgz#cd7abafec1d4f723c2cc99ad107486c8eef34074" + integrity sha512-qkZRKJ4LVq6CJIkRIuJsEHvhWhm+FP0E7yhHvOMrrgdykgFWNYD4wuhZTjvigbJLTKPooP79yPiUDDZBCBI5JA== dependencies: - commander "~11.0.0" + commander "~11.1.0" get-stdin "~9.0.0" - glob "~10.3.4" - ignore "~5.2.4" + glob "~10.3.10" + ignore "~5.3.0" js-yaml "^4.1.0" jsonc-parser "~3.2.0" - markdownlint "~0.31.1" + markdownlint "~0.32.1" minimatch "~9.0.3" run-con "~1.3.2" @@ -11098,12 +11088,12 @@ markdownlint-micromark@0.1.7: resolved "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.7.tgz#c465091b30d61a56027ccbfb981c80c96448c165" integrity sha512-BbRPTC72fl5vlSKv37v/xIENSRDYL/7X/XoFzZ740FGEbs9vZerLrIkFRY0rv7slQKxDczToYuMmqQFN61fi4Q== -markdownlint@~0.31.1: - version "0.31.1" - resolved "https://registry.npmjs.org/markdownlint/-/markdownlint-0.31.1.tgz#f014ed2d3614c5dbc351b7f65641ccc0a5facdb7" - integrity sha512-CKMR2hgcIBrYlIUccDCOvi966PZ0kJExDrUi1R+oF9PvqQmCrTqjOsgIvf2403OmJ+CWomuzDoylr6KbuMyvHA== +markdownlint@~0.32.1: + version "0.32.1" + resolved "https://registry.npmjs.org/markdownlint/-/markdownlint-0.32.1.tgz#14b3ff548e437487ae393ad5bc9092ca2858adde" + integrity sha512-3sx9xpi4xlHlokGyHO9k0g3gJbNY4DI6oNEeEYq5gQ4W7UkiJ90VDAnuDl2U+yyXOUa6BX+0gf69ZlTUGIBp6A== dependencies: - markdown-it "13.0.1" + markdown-it "13.0.2" markdownlint-micromark "0.1.7" mdurl@^1.0.1, mdurl@~1.0.1: @@ -12136,10 +12126,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.92.0: - version "1.92.0" - resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.92.0.tgz#9d9fcc1b8c6e8b5a79b8e64f8a8143ff59945d77" - integrity sha512-rLSPbnakn5Wb3dOIVtrmn8jfHKqWv7bROpyBiw6DExq+dOG7qC49EIs89hBhyHkvLolX0oC+0a/RMPAyHEZ+1w== +oo-ascii-tree@^1.93.0: + version "1.93.0" + resolved "https://registry.npmjs.org/oo-ascii-tree/-/oo-ascii-tree-1.93.0.tgz#fbe47cd5d188353e6d4cc7cad8520ac790bd3ef4" + integrity sha512-zbmrGCL/UsvxV2WlnsSrqdkdxEggxH7eA1HOk+hmimLQu+eLO4Y3VGqwt0VK04Nfe6iG6GnzRL5/XjH0j1v8bQ== open@^7.4.2: version "7.4.2" @@ -14291,10 +14281,10 @@ ts-mock-imports@^1.3.8: resolved "https://registry.npmjs.org/ts-mock-imports/-/ts-mock-imports-1.3.8.tgz#6b26887c651effe947ea91f928338d1899146fb9" integrity sha512-A5n0iEg4zh2/qToo54XOa/wT31fAI0B8DHYU4RDcA6HIddZQPRkTsYri3Hl69+OSLjOKWjyP3/vYOIp3SAIZXg== -ts-node@^10.9.1: - version "10.9.1" - resolved "https://registry.npmjs.org/ts-node/-/ts-node-10.9.1.tgz#e73de9102958af9e1f0b168a6ff320e25adcff4b" - integrity sha512-NtVysVPkxxrwFGUUxGYhfux8k78pQB3JqYBXlLRZgdGUqTO5wU/UyHop5p70iEbGhB7q5KmiZiU0Y3KlJrScEw== +ts-node@^10.9.1, ts-node@^10.9.2: + version "10.9.2" + resolved "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz#70f021c9e185bccdca820e26dc413805c101c71f" + integrity sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ== dependencies: "@cspotcode/source-map-support" "^0.8.0" "@tsconfig/node10" "^1.0.7" @@ -14503,9 +14493,9 @@ typescript@^4.5.5: integrity sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g== typescript@next: - version "5.4.0-dev.20231206" - resolved "https://registry.npmjs.org/typescript/-/typescript-5.4.0-dev.20231206.tgz#222631e1241de9e833ed2dbd8bc0853c3f43250a" - integrity sha512-bKJ5+3jwj4qTzNg7C97rCVLgyyYuzjYh/Pf0zlpOyyq9vpI3TVLO09d1gQ8jS5M+BSLONojTijei0KHmFoBezw== + version "5.4.0-dev.20231213" + resolved "https://registry.npmjs.org/typescript/-/typescript-5.4.0-dev.20231213.tgz#1f224d92c62cfc1d184d7d3a45003a915fcf0173" + integrity sha512-Djk7lYdNtrxX60s6h4kvV27+K6qjqJIWvhQEIGqI++nN0Abq4imuBPTd27DzhOQnGjUH3lD9lYAfiHvb+jATxQ== typescript@~5.1.0, typescript@~5.1.6: version "5.1.6" From 0b4ab1d0ba11b3536a2f7b02b537966de6ac0493 Mon Sep 17 00:00:00 2001 From: sakurai-ryo <58683719+sakurai-ryo@users.noreply.github.com> Date: Thu, 14 Dec 2023 03:41:38 +0900 Subject: [PATCH 16/24] feat(scheduler): start and end time for schedule construct (#28306) This PR added support for start and end time of the schedule. ## Description Currently, users cannot set a start time and an end time for the schedule. A schedule without a start date will begin as soon as it is created and available, and without an end date, it will continue to invoke its target indefinitely. With this feature, users can set the start and end dates of a schedule, allowing for more flexible schedule configurations. https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-startdate https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-enddate In CloudFormation, users can use this feature as follows: ```yaml TestSchedule: Type: AWS::Scheduler::Schedule Properties: StartDate: "2024-12-01T13:09:00.000Z" EndDate: "2025-12-01T00:00:00.001Z" ScheduleExpression: "at(2023-01-01T00:00:00)" State: "ENABLED" Target: # target ``` ## Major changes ### add property to ScheduleProps interface Added startDate and endDate properties, and typed these values as string based on the following PR comments. https://github.com/aws/aws-cdk/pull/26819#discussion_r1301532299 It is not necessary to specify both startDate and endDate, they can be set independently. Validation is performed on the following points. - Error if not following ISO 8601 format. - Must include milliseconds (yyyy-MM-ddTHH:mm:ss.SSSZ) - Error if startDate is later than endDate If a time before the current time is specified, the following error occurs in CFn, but no validation is performed because the timing of validation in CDK and the timing of actual deployment are different. `The StartDate you specify cannot be earlier than 5 minutes ago.` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-scheduler-alpha/README.md | 14 ++++ .../aws-scheduler-alpha/lib/schedule.ts | 28 +++++++- .../aws-cdk-scheduler-schedule.assets.json | 6 +- .../aws-cdk-scheduler-schedule.template.json | 32 +++++++++ .../test/integ.schedule.js.snapshot/cdk.out | 2 +- .../integ.schedule.js.snapshot/integ.json | 2 +- ...efaultTestDeployAssert24CB3896.assets.json | 2 +- .../integ.schedule.js.snapshot/manifest.json | 10 ++- .../test/integ.schedule.js.snapshot/tree.json | 70 ++++++++++++++++--- .../test/integ.schedule.ts | 8 +++ .../aws-scheduler-alpha/test/schedule.test.ts | 35 +++++++++- 11 files changed, 189 insertions(+), 20 deletions(-) diff --git a/packages/@aws-cdk/aws-scheduler-alpha/README.md b/packages/@aws-cdk/aws-scheduler-alpha/README.md index d4870ce51a5e1..f4840acc8362c 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/README.md +++ b/packages/@aws-cdk/aws-scheduler-alpha/README.md @@ -138,6 +138,20 @@ new Schedule(this, 'Schedule', { }); ``` +### Configuring a start and end time of the Schedule + +If you choose a recurring schedule, you can set the start and end time of the Schedule by specifying the `start` and `end`. + +```ts +declare const target: targets.LambdaInvoke; + +new Schedule(this, 'Schedule', { + schedule: ScheduleExpression.rate(cdk.Duration.hours(12)), + target: target, + start: new Date('2023-01-01T00:00:00.000Z'), + end: new Date('2023-02-01T00:00:00.000Z'), +}); +``` ## Scheduler Targets diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts index 47286a81c9b33..8fefbe068a5b5 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts @@ -114,6 +114,22 @@ export interface ScheduleProps { * @default - All events in Scheduler are encrypted with a key that AWS owns and manages. */ readonly key?: kms.IKey; + + /** + * The date, in UTC, after which the schedule can begin invoking its target. + * EventBridge Scheduler ignores start for one-time schedules. + * + * @default - no value + */ + readonly start?: Date; + + /** + * The date, in UTC, before which the schedule can invoke its target. + * EventBridge Scheduler ignores end for one-time schedules. + * + * @default - no value + */ + readonly end?: Date; } /** @@ -254,6 +270,8 @@ export class Schedule extends Resource implements ISchedule { this.retryPolicy = targetConfig.retryPolicy; + this.validateTimeFrame(props.start, props.end); + const resource = new CfnSchedule(this, 'Resource', { name: this.physicalName, flexibleTimeWindow: { mode: 'OFF' }, @@ -276,6 +294,8 @@ export class Schedule extends Resource implements ISchedule { sageMakerPipelineParameters: targetConfig.sageMakerPipelineParameters, sqsParameters: targetConfig.sqsParameters, }, + startDate: props.start?.toISOString(), + endDate: props.end?.toISOString(), }); this.scheduleName = this.getResourceNameAttribute(resource.ref); @@ -306,4 +326,10 @@ export class Schedule extends Resource implements ISchedule { const isEmptyPolicy = Object.values(policy).every(value => value === undefined); return !isEmptyPolicy ? policy : undefined; } -} \ No newline at end of file + + private validateTimeFrame(start?: Date, end?: Date) { + if (start && end && start >= end) { + throw new Error(`start must precede end, got start: ${start.toISOString()}, end: ${end.toISOString()}`); + } + } +} diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.assets.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.assets.json index e8847c9f5c7ca..03dd7cb96ad07 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.assets.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.assets.json @@ -1,7 +1,7 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { - "a512067604698fe41cacf63c82484e8e597c04456ac3f27ded0a390ca25f0908": { + "77d06d03c78dc7776966b7c7ee414cc19be012ccfba5d7a9b1e425718920ab3e": { "source": { "path": "aws-cdk-scheduler-schedule.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "a512067604698fe41cacf63c82484e8e597c04456ac3f27ded0a390ca25f0908.json", + "objectKey": "77d06d03c78dc7776966b7c7ee414cc19be012ccfba5d7a9b1e425718920ab3e.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.template.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.template.json index 4bbea65f69deb..5cdf90fef2ef6 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.template.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/aws-cdk-scheduler-schedule.template.json @@ -348,6 +348,38 @@ } } } + }, + "ScheduleWithTimeFrameC1C8BDCC": { + "Type": "AWS::Scheduler::Schedule", + "Properties": { + "EndDate": "2025-10-01T00:00:00.000Z", + "FlexibleTimeWindow": { + "Mode": "OFF" + }, + "ScheduleExpression": "rate(12 hours)", + "ScheduleExpressionTimezone": "Etc/UTC", + "StartDate": "2024-04-15T06:30:00.000Z", + "State": "ENABLED", + "Target": { + "Arn": { + "Fn::GetAtt": [ + "Function76856677", + "Arn" + ] + }, + "Input": "\"Input Text\"", + "RetryPolicy": { + "MaximumEventAgeInSeconds": 180, + "MaximumRetryAttempts": 3 + }, + "RoleArn": { + "Fn::GetAtt": [ + "Role1ABCC5F0", + "Arn" + ] + } + } + } } }, "Parameters": { diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/cdk.out b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/cdk.out index 2313ab5436501..c5cb2e5de6344 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"34.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integ.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integ.json index c1aec1a40f53f..6728e425e3c98 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "testCases": { "integtest-schedule/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integtestscheduleDefaultTestDeployAssert24CB3896.assets.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integtestscheduleDefaultTestDeployAssert24CB3896.assets.json index 8f8a003c1b5ba..98271e1ade15f 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integtestscheduleDefaultTestDeployAssert24CB3896.assets.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/integtestscheduleDefaultTestDeployAssert24CB3896.assets.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/manifest.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/manifest.json index 9f07a82776a8b..4fbc5e0eb40aa 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "35.0.0", "artifacts": { "aws-cdk-scheduler-schedule.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a512067604698fe41cacf63c82484e8e597c04456ac3f27ded0a390ca25f0908.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/77d06d03c78dc7776966b7c7ee414cc19be012ccfba5d7a9b1e425718920ab3e.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -118,6 +118,12 @@ "data": "CustomerKmsSchedule12B1FEFE" } ], + "/aws-cdk-scheduler-schedule/ScheduleWithTimeFrame/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ScheduleWithTimeFrameC1C8BDCC" + } + ], "/aws-cdk-scheduler-schedule/BootstrapVersion": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/tree.json b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/tree.json index d503798aa5ec7..d99f1d9237516 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.js.snapshot/tree.json @@ -211,7 +211,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Group", "version": "0.0.0" } }, @@ -235,7 +235,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Group", "version": "0.0.0" } }, @@ -283,7 +283,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -332,7 +332,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -381,7 +381,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -429,7 +429,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -477,7 +477,7 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -612,7 +612,57 @@ } }, "constructInfo": { - "fqn": "aws-cdk-lib.Resource", + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", + "version": "0.0.0" + } + }, + "ScheduleWithTimeFrame": { + "id": "ScheduleWithTimeFrame", + "path": "aws-cdk-scheduler-schedule/ScheduleWithTimeFrame", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-scheduler-schedule/ScheduleWithTimeFrame/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Scheduler::Schedule", + "aws:cdk:cloudformation:props": { + "endDate": "2025-10-01T00:00:00.000Z", + "flexibleTimeWindow": { + "mode": "OFF" + }, + "scheduleExpression": "rate(12 hours)", + "scheduleExpressionTimezone": "Etc/UTC", + "startDate": "2024-04-15T06:30:00.000Z", + "state": "ENABLED", + "target": { + "arn": { + "Fn::GetAtt": [ + "Function76856677", + "Arn" + ] + }, + "roleArn": { + "Fn::GetAtt": [ + "Role1ABCC5F0", + "Arn" + ] + }, + "input": "\"Input Text\"", + "retryPolicy": { + "maximumEventAgeInSeconds": 180, + "maximumRetryAttempts": 3 + } + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_scheduler.CfnSchedule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-scheduler-alpha.Schedule", "version": "0.0.0" } }, @@ -651,7 +701,7 @@ "path": "integtest-schedule/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } }, "DeployAssert": { @@ -697,7 +747,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.ts b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.ts index 51ff3089c8a5d..59a16c5d89fa2 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/integ.schedule.ts @@ -90,6 +90,14 @@ new scheduler.Schedule(stack, 'CustomerKmsSchedule', { key, }); +const currentYear = new Date().getFullYear(); +new scheduler.Schedule(stack, 'ScheduleWithTimeFrame', { + schedule: expression, + target: target, + start: new Date(`${currentYear + 1}-04-15T06:30:00.000Z`), + end: new Date(`${currentYear + 2}-10-01T00:00:00.000Z`), +}); + new IntegTest(app, 'integtest-schedule', { testCases: [stack], }); diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/schedule.test.ts b/packages/@aws-cdk/aws-scheduler-alpha/test/schedule.test.ts index 004e9934e281e..b931769fc660b 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/test/schedule.test.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/schedule.test.ts @@ -128,4 +128,37 @@ describe('Schedule', () => { }, }); }); -}); \ No newline at end of file + + describe('schedule timeFrame', () => { + test.each([ + { StartDate: '2023-04-15T06:20:00.000Z', EndDate: '2023-10-01T00:00:00.000Z' }, + { StartDate: '2023-04-15T06:25:00.000Z' }, + { EndDate: '2023-10-01T00:00:00.000Z' }, + ])('schedule can set start and end', (timeFrame) => { + new Schedule(stack, 'TestSchedule', { + schedule: expr, + target: new SomeLambdaTarget(func, role), + start: timeFrame.StartDate ? new Date(timeFrame.StartDate) : undefined, + end: timeFrame.EndDate ? new Date(timeFrame.EndDate) : undefined, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::Scheduler::Schedule', { + ...timeFrame, + }); + }); + + test.each([ + { start: '2023-10-01T00:00:00.000Z', end: '2023-10-01T00:00:00.000Z' }, + { start: '2023-10-01T00:00:00.000Z', end: '2023-09-01T00:00:00.000Z' }, + ])('throw error when start does not come before end', ({ start, end }) => { + expect(() => { + new Schedule(stack, 'TestSchedule', { + schedule: expr, + target: new SomeLambdaTarget(func, role), + start: new Date(start), + end: new Date(end), + }); + }).toThrow(`start must precede end, got start: ${start}, end: ${end}`); + }); + }); +}); From 0347a19e49533971e4e57b7e04271dffc541ff92 Mon Sep 17 00:00:00 2001 From: "k.goto" <24818752+go-to-k@users.noreply.github.com> Date: Thu, 14 Dec 2023 04:08:40 +0900 Subject: [PATCH 17/24] feat(rds): support RDS for MariaDB 10.11.6, 10.6.16, 10.5.23 and 10.4.32 (#28345) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR supports RDS for MariaDB 10.11.6, 10.6.16, 10.5.23 and 10.4.32. https://aws.amazon.com/jp/about-aws/whats-new/2023/12/amazon-rds-mariadb-minors-10-11-6-10-6-16-10-5-23-10-4-32/ ```sh ❯ aws rds describe-db-engine-versions --engine mariadb --query "DBEngineVersions[?EngineVersion=='10.11.6'||EngineVersion=='10.6.16'||EngineVersion=='10.5.23'||EngineVersion=='10.4.32'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]" [ [ "MariaDB 10.4.32", "10.4.32", "mariadb10.4", "10.4", "available" ], [ "MariaDB 10.5.23", "10.5.23", "mariadb10.5", "10.5", "available" ], [ "MariaDB 10.6.16", "10.6.16", "mariadb10.6", "10.6", "available" ], [ "MariaDB 10.11.6", "10.11.6", "mariadb10.11", "10.11", "available" ] ] ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts index 5ff8b40b84c86..52773f1f0bbea 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts @@ -346,6 +346,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_4_30 = MariaDbEngineVersion.of('10.4.30', '10.4') /** Version "10.4.31". */ public static readonly VER_10_4_31 = MariaDbEngineVersion.of('10.4.31', '10.4') + /** Version "10.4.32". */ + public static readonly VER_10_4_32 = MariaDbEngineVersion.of('10.4.32', '10.4') /** Version "10.5" (only a major version, without a specific minor version). */ public static readonly VER_10_5 = MariaDbEngineVersion.of('10.5', '10.5'); @@ -373,6 +375,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_5_21 = MariaDbEngineVersion.of('10.5.21', '10.5'); /** Version "10.5.22". */ public static readonly VER_10_5_22 = MariaDbEngineVersion.of('10.5.22', '10.5'); + /** Version "10.5.23". */ + public static readonly VER_10_5_23 = MariaDbEngineVersion.of('10.5.23', '10.5'); /** Version "10.6" (only a major version, without a specific minor version). */ public static readonly VER_10_6 = MariaDbEngineVersion.of('10.6', '10.6'); @@ -394,6 +398,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_6_14 = MariaDbEngineVersion.of('10.6.14', '10.6'); /** Version "10.6.15". */ public static readonly VER_10_6_15 = MariaDbEngineVersion.of('10.6.15', '10.6'); + /** Version "10.6.16". */ + public static readonly VER_10_6_16 = MariaDbEngineVersion.of('10.6.16', '10.6'); /** Version "10.11" (only a major version, without a specific minor version). */ public static readonly VER_10_11 = MariaDbEngineVersion.of('10.11', '10.11'); @@ -401,6 +407,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_11_4 = MariaDbEngineVersion.of('10.11.4', '10.11'); /** Version "10.11.5". */ public static readonly VER_10_11_5 = MariaDbEngineVersion.of('10.11.5', '10.11'); + /** Version "10.11.6". */ + public static readonly VER_10_11_6 = MariaDbEngineVersion.of('10.11.6', '10.11'); /** * Create a new MariaDbEngineVersion with an arbitrary version. From 93681e07ad19c08f60eb2ee5748a2d55c6d2bc45 Mon Sep 17 00:00:00 2001 From: "k.goto" <24818752+go-to-k@users.noreply.github.com> Date: Thu, 14 Dec 2023 04:35:47 +0900 Subject: [PATCH 18/24] feat(cloud9-alpha): support image ids for Amazon Linux 2023 and Ubuntu 22.04 (#28346) This PR supports new image ids for Amazon Linux 2023 and Ubuntu 22.04. As for Amazon Linux 2023, it is not yet in the documentation or release notes, but I tried it in CloudFormation with success, so I added it. We can also check it from the Cloud9 console. If we should still wait, I will remove it. ![cloud9-al-2023](https://github.com/aws/aws-cdk/assets/24818752/ac253baa-fa2e-4275-b77e-f6fb9d7647e7) And I added `@deprecated` to the Ubuntu 18.04, see: > Since Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04. https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cloud9-environmentec2.html#cfn-cloud9-environmentec2-imageid ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-cloud9-alpha/lib/environment.ts | 14 ++++++++++++-- .../test/cloud9.environment.test.ts | 2 ++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-cloud9-alpha/lib/environment.ts b/packages/@aws-cdk/aws-cloud9-alpha/lib/environment.ts index 3158a612061ef..06d9b57b8d2a7 100644 --- a/packages/@aws-cdk/aws-cloud9-alpha/lib/environment.ts +++ b/packages/@aws-cdk/aws-cloud9-alpha/lib/environment.ts @@ -50,9 +50,19 @@ export enum ImageId { */ AMAZON_LINUX_2 = 'amazonlinux-2-x86_64', /** - * Create using Ubunut 18.04 + * Create using Amazon Linux 2023 */ - UBUNTU_18_04 = 'ubuntu-18.04-x86_64' + AMAZON_LINUX_2023 = 'amazonlinux-2023-x86_64', + /** + * Create using Ubuntu 18.04 + * + * @deprecated Since Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04. + */ + UBUNTU_18_04 = 'ubuntu-18.04-x86_64', + /** + * Create using Ubuntu 22.04 + */ + UBUNTU_22_04 = 'ubuntu-22.04-x86_64', } /** * Properties for Ec2Environment diff --git a/packages/@aws-cdk/aws-cloud9-alpha/test/cloud9.environment.test.ts b/packages/@aws-cdk/aws-cloud9-alpha/test/cloud9.environment.test.ts index ea3705edb5162..8110b8f7b0d59 100644 --- a/packages/@aws-cdk/aws-cloud9-alpha/test/cloud9.environment.test.ts +++ b/packages/@aws-cdk/aws-cloud9-alpha/test/cloud9.environment.test.ts @@ -208,7 +208,9 @@ test.each([ test.each([ [ImageId.AMAZON_LINUX_2, 'amazonlinux-2-x86_64'], + [ImageId.AMAZON_LINUX_2023, 'amazonlinux-2023-x86_64'], [ImageId.UBUNTU_18_04, 'ubuntu-18.04-x86_64'], + [ImageId.UBUNTU_22_04, 'ubuntu-22.04-x86_64'], ])('has image ID property (%s)', (imageId, expected) => { new cloud9.Ec2Environment(stack, 'C9Env', { vpc, From 734ef9fac331fed98d08c9c46b7df4675269f26b Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Thu, 14 Dec 2023 10:50:00 +0000 Subject: [PATCH 19/24] chore(release): 2.115.0 --- CHANGELOG.v2.alpha.md | 21 +++++++++++++++++++++ CHANGELOG.v2.md | 21 +++++++++++++++++++++ version.v2.json | 4 ++-- 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 38d9fa0bd254e..33f5c92ed4e5b 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,27 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.115.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.114.1-alpha.0...v2.115.0-alpha.0) (2023-12-14) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **scheduler:** The typos in the Schedule and Group construct method names have been fixed, changing `metricSentToDLQTrunacted` to `metricSentToDLQTruncated` and `metricAllSentToDLQTrunacted` to `metricAllSentToDLQTruncated`. +* **redshift:** Further updates of the Redshift table will fail for existing tables, if the table name is changed. Therefore, changing the table name for existing Redshift tables have been disabled. + +### Features + +* **appconfig-alpha:** add deploy method to configuration constructs ([#28269](https://github.com/aws/aws-cdk/issues/28269)) ([c723ef9](https://github.com/aws/aws-cdk/commit/c723ef913a73fa6a452042db926023d174e86dbf)) +* **cloud9-alpha:** support image ids for Amazon Linux 2023 and Ubuntu 22.04 ([#28346](https://github.com/aws/aws-cdk/issues/28346)) ([93681e0](https://github.com/aws/aws-cdk/commit/93681e07ad19c08f60eb2ee5748a2d55c6d2bc45)), closes [/docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cloud9-environmentec2.html#cfn-cloud9-environmentec2](https://github.com/aws//docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cloud9-environmentec2.html/issues/cfn-cloud9-environmentec2) +* **scheduler:** start and end time for schedule construct ([#28306](https://github.com/aws/aws-cdk/issues/28306)) ([0b4ab1d](https://github.com/aws/aws-cdk/commit/0b4ab1d0ba11b3536a2f7b02b537966de6ac0493)), closes [/github.com/aws/aws-cdk/pull/26819#discussion_r1301532299](https://github.com/aws//github.com/aws/aws-cdk/pull/26819/issues/discussion_r1301532299) + + +### Bug Fixes + +* **appconfig-alpha:** extensions always create cdk diff ([#28264](https://github.com/aws/aws-cdk/issues/28264)) ([2075559](https://github.com/aws/aws-cdk/commit/207555919e0462686f6c434d1598e371687679c8)), closes [#27676](https://github.com/aws/aws-cdk/issues/27676) +* **redshift:** tables were dropped on table name change ([#24308](https://github.com/aws/aws-cdk/issues/24308)) ([7ac237b](https://github.com/aws/aws-cdk/commit/7ac237b08c489883962d6b8023799d6c2c40cfba)), closes [#24246](https://github.com/aws/aws-cdk/issues/24246) +* **scheduler:** typo in metricSentToDLQ... methods ([#28307](https://github.com/aws/aws-cdk/issues/28307)) ([8b91e10](https://github.com/aws/aws-cdk/commit/8b91e106e649e6a75b396f350dae9266770ad6cb)) + ## [2.114.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.114.0-alpha.0...v2.114.1-alpha.0) (2023-12-06) ## [2.114.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.113.0-alpha.0...v2.114.0-alpha.0) (2023-12-05) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 7ebb9ba6f5f72..a2f554ce4e897 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,27 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.115.0](https://github.com/aws/aws-cdk/compare/v2.114.1...v2.115.0) (2023-12-14) + + +### Features + +* **eks:** support Bottlerocket Nvidia AMIs ([#28287](https://github.com/aws/aws-cdk/issues/28287)) ([6aa1b1b](https://github.com/aws/aws-cdk/commit/6aa1b1b02ab3782b0e6419f8d5a340663cb47c81)), closes [#28241](https://github.com/aws/aws-cdk/issues/28241) +* **rds:** support RDS for MariaDB 10.11.6, 10.6.16, 10.5.23 and 10.4.32 ([#28345](https://github.com/aws/aws-cdk/issues/28345)) ([0347a19](https://github.com/aws/aws-cdk/commit/0347a19e49533971e4e57b7e04271dffc541ff92)) +* **rds:** support RDS for SQL Server 16.00.4095.4.v1 ([#28274](https://github.com/aws/aws-cdk/issues/28274)) ([7a22501](https://github.com/aws/aws-cdk/commit/7a22501d58912f777ae0a2ad1b48af2faeb6946b)) +* **stepfunctions-tasks:** runtime role in EmrAddStep ([#27736](https://github.com/aws/aws-cdk/issues/27736)) ([314fbfa](https://github.com/aws/aws-cdk/commit/314fbfa34cf1207417ad590d6bb6a8742664a380)), closes [#27691](https://github.com/aws/aws-cdk/issues/27691) +* **stepfunctions-tasks:** support for the Step Functions optimized integration for Bedrock InvokeModel API ([#28276](https://github.com/aws/aws-cdk/issues/28276)) ([f3dafa4](https://github.com/aws/aws-cdk/commit/f3dafa49ec900fc044384441a9163d7ed6a63dda)) +* update AWS Service Spec ([#28328](https://github.com/aws/aws-cdk/issues/28328)) ([15c7bb2](https://github.com/aws/aws-cdk/commit/15c7bb2908cff1ab8bebacacc09f26bbab6ec391)) +* **ROADMAP:** updates to public roadmap 🚀 ([#28302](https://github.com/aws/aws-cdk/issues/28302)) ([fe30921](https://github.com/aws/aws-cdk/commit/fe30921c358e535bf734c768fdfb64aca1c4c4ab)) + + +### Bug Fixes + +* **rds:** publiclyAccessible=false set on an instance is ignored when cluster is placed in a public subnet ([#28038](https://github.com/aws/aws-cdk/issues/28038)) ([569593c](https://github.com/aws/aws-cdk/commit/569593c78467404825beb277d75436bd32cdf0f9)), closes [#28037](https://github.com/aws/aws-cdk/issues/28037) [#28037](https://github.com/aws/aws-cdk/issues/28037) +* **route53:** delete old NS records on cross-account delegation renaming ([#21249](https://github.com/aws/aws-cdk/issues/21249)) ([#27523](https://github.com/aws/aws-cdk/issues/27523)) ([448e2bd](https://github.com/aws/aws-cdk/commit/448e2bda5632621c057c2e448cd34cfec107b22e)), closes [#25285](https://github.com/aws/aws-cdk/issues/25285) +* **stepfunctions-tasks:** missing tags & perms for emr cluster creation ([#28327](https://github.com/aws/aws-cdk/issues/28327)) ([14e5e50](https://github.com/aws/aws-cdk/commit/14e5e50e9e4a23ab7db5bbccf874e6a5fe731e34)) +* **stepfunctions-tasks:** state machine role is missing sagemaker:AddTags permission for SageMakerCreateTransformJob task ([#27264](https://github.com/aws/aws-cdk/issues/27264)) ([8ce0283](https://github.com/aws/aws-cdk/commit/8ce02838ba5033a6b35123a34e444c4f35350975)), closes [#26012](https://github.com/aws/aws-cdk/issues/26012) + ## [2.114.1](https://github.com/aws/aws-cdk/compare/v2.114.0...v2.114.1) (2023-12-06) diff --git a/version.v2.json b/version.v2.json index c489eb307c297..5af5c565af2c6 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.114.1", - "alphaVersion": "2.114.1-alpha.0" + "version": "2.115.0", + "alphaVersion": "2.115.0-alpha.0" } \ No newline at end of file From b8b6bafc07b0804f6e802ba563ff3b7deaea6eee Mon Sep 17 00:00:00 2001 From: Momo Kornher Date: Thu, 14 Dec 2023 15:51:45 +0000 Subject: [PATCH 20/24] chore(cdk-testing): fix init-go canary (#28365) The init-go canary was broken because the test replaced the aws-cdk go module with a locally build version. However in canaries we want to use the publish versioned instead. This change simply makes the replacement conditional. Manually tested in CodeBuild. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../cli-integ/tests/init-go/init-go.integtest.ts | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk-testing/cli-integ/tests/init-go/init-go.integtest.ts b/packages/@aws-cdk-testing/cli-integ/tests/init-go/init-go.integtest.ts index 779078ac68739..56d8b9486c6b2 100644 --- a/packages/@aws-cdk-testing/cli-integ/tests/init-go/init-go.integtest.ts +++ b/packages/@aws-cdk-testing/cli-integ/tests/init-go/init-go.integtest.ts @@ -2,13 +2,20 @@ import { integTest, withTemporaryDirectory, ShellHelper, withPackages } from '.. ['app', 'sample-app'].forEach(template => { integTest(`init go ${template}`, withTemporaryDirectory(withPackages(async (context) => { + const isCanary = !!process.env.IS_CANARY; context.packages.assertJsiiPackagesAvailable(); const shell = ShellHelper.fromContext(context); await context.packages.makeCliAvailable(); await shell.shell(['cdk', 'init', '-l', 'go', template]); - await shell.shell(['go', 'mod', 'edit', '-replace', 'github.com/aws/aws-cdk-go/awscdk/v2=$CODEBUILD_SRC_DIR/go/awscdk']); + + // Canaries will use the generated go.mod as is + // For pipeline tests we replace the source with the locally build one + if (!isCanary) { + await shell.shell(['go', 'mod', 'edit', '-replace', 'github.com/aws/aws-cdk-go/awscdk/v2=$CODEBUILD_SRC_DIR/go/awscdk']); + } + await shell.shell(['go', 'mod', 'tidy']); await shell.shell(['go', 'test']); await shell.shell(['cdk', 'synth']); From de0d77b2075506f3c28e657fa072a0bffc8c734a Mon Sep 17 00:00:00 2001 From: Jonathan Romano Date: Thu, 14 Dec 2023 13:59:10 -0500 Subject: [PATCH 21/24] feat(ecs): Support specifying revision of task definition (#27036) If using CodePipeline EcsDeployAction without using the CODE_DEPLOY deployment controller, future deployments of an ECS service will revert the task definition to the task definition deployed by CloudFormation, even though the latest active revision created by the deploy action is the one that is intended to be used. This provides a way to specify the specific revision of a task definition that should be used, including the special value `latest` which uses the latest ACTIVE revision. Closes #26983. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...efaultTestDeployAssert0E9C7509.assets.json | 19 + ...aultTestDeployAssert0E9C7509.template.json | 36 + ...ecs-integ-custom-task-revision.assets.json | 19 + ...s-integ-custom-task-revision.template.json | 617 ++++++++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 291 +++++ .../tree.json | 1067 +++++++++++++++++ .../fargate/integ.custom-task-revision.ts | 39 + packages/aws-cdk-lib/aws-ecs/README.md | 25 + .../aws-ecs/lib/base/base-service.ts | 28 +- .../aws-ecs/lib/base/task-definition.ts | 30 + .../aws-ecs/test/base-service.test.ts | 62 + .../aws-ecs/test/task-definition.test.ts | 22 +- 14 files changed, 2266 insertions(+), 2 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets.json new file mode 100644 index 0000000000000..1977146f79777 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.assets.json new file mode 100644 index 0000000000000..f4543c2a94809 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "6e753ae2cc8ff1f34743eda0081c947fb52b3793a923122c92538ea1f570bb6f": { + "source": { + "path": "aws-ecs-integ-custom-task-revision.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "6e753ae2cc8ff1f34743eda0081c947fb52b3793a923122c92538ea1f570bb6f.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.template.json new file mode 100644 index 0000000000000..6237ee8584892 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/aws-ecs-integ-custom-task-revision.template.json @@ -0,0 +1,617 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-custom-task-revision/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "FargateCPCluster668E71F2": { + "Type": "AWS::ECS::Cluster" + }, + "FargateCPClusterBFD66A36": { + "Type": "AWS::ECS::ClusterCapacityProviderAssociations", + "Properties": { + "CapacityProviders": [ + "FARGATE", + "FARGATE_SPOT" + ], + "Cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "DefaultCapacityProviderStrategy": [] + } + }, + "TaskDefTaskRole1EDB4A67": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "TaskDef54694570": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "Name": "web" + } + ], + "Cpu": "256", + "Family": "awsecsintegcustomtaskrevisionTaskDef9F1555EB", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "TaskDefTaskRole1EDB4A67", + "Arn" + ] + } + } + }, + "FargateServiceFirstService0D82F989": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "DeploymentConfiguration": { + "Alarms": { + "AlarmNames": [], + "Enable": false, + "Rollback": false + }, + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "LaunchType": "FARGATE", + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "FargateServiceFirstSecurityGroup79D2D2FE", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": "awsecsintegcustomtaskrevisionTaskDef9F1555EB:1" + }, + "DependsOn": [ + "TaskDef54694570", + "TaskDefTaskRole1EDB4A67" + ] + }, + "FargateServiceFirstSecurityGroup79D2D2FE": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ-custom-task-revision/FargateServiceFirst/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "TaskDef54694570", + "TaskDefTaskRole1EDB4A67" + ] + }, + "FargateServiceLatestService58B1BC30": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "DeploymentConfiguration": { + "Alarms": { + "AlarmNames": [], + "Enable": false, + "Rollback": false + }, + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "EnableECSManagedTags": false, + "LaunchType": "FARGATE", + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "FargateServiceLatestSecurityGroupAAE45690", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": "awsecsintegcustomtaskrevisionTaskDef9F1555EB" + }, + "DependsOn": [ + "TaskDef54694570", + "TaskDefTaskRole1EDB4A67" + ] + }, + "FargateServiceLatestSecurityGroupAAE45690": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ-custom-task-revision/FargateServiceLatest/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "TaskDef54694570", + "TaskDefTaskRole1EDB4A67" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/cdk.out new file mode 100644 index 0000000000000..2313ab5436501 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/integ.json new file mode 100644 index 0000000000000..a6c0698d187f0 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "34.0.0", + "testCases": { + "EcsCustomTaskRevision/DefaultTest": { + "stacks": [ + "aws-ecs-integ-custom-task-revision" + ], + "assertionStack": "EcsCustomTaskRevision/DefaultTest/DeployAssert", + "assertionStackName": "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/manifest.json new file mode 100644 index 0000000000000..212f34182302d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/manifest.json @@ -0,0 +1,291 @@ +{ + "version": "34.0.0", + "artifacts": { + "aws-ecs-integ-custom-task-revision.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-ecs-integ-custom-task-revision.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-ecs-integ-custom-task-revision": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-ecs-integ-custom-task-revision.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6e753ae2cc8ff1f34743eda0081c947fb52b3793a923122c92538ea1f570bb6f.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-ecs-integ-custom-task-revision.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-ecs-integ-custom-task-revision.assets" + ], + "metadata": { + "/aws-ecs-integ-custom-task-revision/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-ecs-integ-custom-task-revision/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateCPCluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateCPCluster668E71F2" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateCPCluster/FargateCPCluster": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateCPClusterBFD66A36" + } + ], + "/aws-ecs-integ-custom-task-revision/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TaskDefTaskRole1EDB4A67" + } + ], + "/aws-ecs-integ-custom-task-revision/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TaskDef54694570" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateServiceFirst/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateServiceFirstService0D82F989" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateServiceFirst/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateServiceFirstSecurityGroup79D2D2FE" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateServiceLatest/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateServiceLatestService58B1BC30" + } + ], + "/aws-ecs-integ-custom-task-revision/FargateServiceLatest/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "FargateServiceLatestSecurityGroupAAE45690" + } + ], + "/aws-ecs-integ-custom-task-revision/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-ecs-integ-custom-task-revision/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-ecs-integ-custom-task-revision" + }, + "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "EcsCustomTaskRevisionDefaultTestDeployAssert0E9C7509.assets" + ], + "metadata": { + "/EcsCustomTaskRevision/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/EcsCustomTaskRevision/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "EcsCustomTaskRevision/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/tree.json new file mode 100644 index 0000000000000..15fed27206179 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.js.snapshot/tree.json @@ -0,0 +1,1067 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-ecs-integ-custom-task-revision": { + "id": "aws-ecs-integ-custom-task-revision", + "path": "aws-ecs-integ-custom-task-revision", + "children": { + "Vpc": { + "id": "Vpc", + "path": "aws-ecs-integ-custom-task-revision/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-ecs-integ-custom-task-revision/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-ecs-integ-custom-task-revision/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-ecs-integ-custom-task-revision/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-ecs-integ-custom-task-revision/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, + "FargateCPCluster": { + "id": "FargateCPCluster", + "path": "aws-ecs-integ-custom-task-revision/FargateCPCluster", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/FargateCPCluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.CfnCluster", + "version": "0.0.0" + } + }, + "FargateCPCluster": { + "id": "FargateCPCluster", + "path": "aws-ecs-integ-custom-task-revision/FargateCPCluster/FargateCPCluster", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::ClusterCapacityProviderAssociations", + "aws:cdk:cloudformation:props": { + "capacityProviders": [ + "FARGATE", + "FARGATE_SPOT" + ], + "cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "defaultCapacityProviderStrategy": [] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.CfnClusterCapacityProviderAssociations", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.Cluster", + "version": "0.0.0" + } + }, + "TaskDef": { + "id": "TaskDef", + "path": "aws-ecs-integ-custom-task-revision/TaskDef", + "children": { + "TaskRole": { + "id": "TaskRole", + "path": "aws-ecs-integ-custom-task-revision/TaskDef/TaskRole", + "children": { + "ImportTaskRole": { + "id": "ImportTaskRole", + "path": "aws-ecs-integ-custom-task-revision/TaskDef/TaskRole/ImportTaskRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/TaskDef/TaskRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/TaskDef/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::TaskDefinition", + "aws:cdk:cloudformation:props": { + "containerDefinitions": [ + { + "essential": true, + "image": "amazon/amazon-ecs-sample", + "name": "web" + } + ], + "cpu": "256", + "family": "awsecsintegcustomtaskrevisionTaskDef9F1555EB", + "memory": "512", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "taskRoleArn": { + "Fn::GetAtt": [ + "TaskDefTaskRole1EDB4A67", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.CfnTaskDefinition", + "version": "0.0.0" + } + }, + "web": { + "id": "web", + "path": "aws-ecs-integ-custom-task-revision/TaskDef/web", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.ContainerDefinition", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.FargateTaskDefinition", + "version": "0.0.0" + } + }, + "FargateServiceFirst": { + "id": "FargateServiceFirst", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceFirst", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceFirst/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50, + "alarms": { + "alarmNames": [], + "enable": false, + "rollback": false + } + }, + "enableEcsManagedTags": false, + "launchType": "FARGATE", + "networkConfiguration": { + "awsvpcConfiguration": { + "assignPublicIp": "DISABLED", + "subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "securityGroups": [ + { + "Fn::GetAtt": [ + "FargateServiceFirstSecurityGroup79D2D2FE", + "GroupId" + ] + } + ] + } + }, + "taskDefinition": "awsecsintegcustomtaskrevisionTaskDef9F1555EB:1" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.CfnService", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceFirst/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceFirst/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ-custom-task-revision/FargateServiceFirst/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.FargateService", + "version": "0.0.0" + } + }, + "FargateServiceLatest": { + "id": "FargateServiceLatest", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceLatest", + "children": { + "Service": { + "id": "Service", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceLatest/Service", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::ECS::Service", + "aws:cdk:cloudformation:props": { + "cluster": { + "Ref": "FargateCPCluster668E71F2" + }, + "deploymentConfiguration": { + "maximumPercent": 200, + "minimumHealthyPercent": 50, + "alarms": { + "alarmNames": [], + "enable": false, + "rollback": false + } + }, + "enableEcsManagedTags": false, + "launchType": "FARGATE", + "networkConfiguration": { + "awsvpcConfiguration": { + "assignPublicIp": "DISABLED", + "subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "securityGroups": [ + { + "Fn::GetAtt": [ + "FargateServiceLatestSecurityGroupAAE45690", + "GroupId" + ] + } + ] + } + }, + "taskDefinition": "awsecsintegcustomtaskrevisionTaskDef9F1555EB" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.CfnService", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceLatest/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-ecs-integ-custom-task-revision/FargateServiceLatest/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "aws-ecs-integ-custom-task-revision/FargateServiceLatest/SecurityGroup", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ecs.FargateService", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-ecs-integ-custom-task-revision/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-ecs-integ-custom-task-revision/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "EcsCustomTaskRevision": { + "id": "EcsCustomTaskRevision", + "path": "EcsCustomTaskRevision", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "EcsCustomTaskRevision/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "EcsCustomTaskRevision/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "EcsCustomTaskRevision/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "EcsCustomTaskRevision/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "EcsCustomTaskRevision/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.ts new file mode 100644 index 0000000000000..20050d553efca --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/fargate/integ.custom-task-revision.ts @@ -0,0 +1,39 @@ +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as cdk from 'aws-cdk-lib'; +import * as ecs from 'aws-cdk-lib/aws-ecs'; +import * as integ from '@aws-cdk/integ-tests-alpha'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'aws-ecs-integ-custom-task-revision'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false }); + +const cluster = new ecs.Cluster(stack, 'FargateCPCluster', { + vpc, + capacityProviders: ['FARGATE', 'FARGATE_SPOT'], +}); + +const taskDefinition = new ecs.FargateTaskDefinition(stack, 'TaskDef'); + +taskDefinition.addContainer('web', { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), +}); + +new ecs.FargateService(stack, 'FargateServiceFirst', { + cluster, + taskDefinition, + taskDefinitionRevision: ecs.TaskDefinitionRevision.of(1), +}); + +new ecs.FargateService(stack, 'FargateServiceLatest', { + cluster, + taskDefinition, + taskDefinitionRevision: ecs.TaskDefinitionRevision.LATEST, +}); + +new integ.IntegTest(app, 'EcsCustomTaskRevision', { + testCases: [stack], +}); + +app.synth(); + diff --git a/packages/aws-cdk-lib/aws-ecs/README.md b/packages/aws-cdk-lib/aws-ecs/README.md index f7c77a2c68826..9d79e4797c1ab 100644 --- a/packages/aws-cdk-lib/aws-ecs/README.md +++ b/packages/aws-cdk-lib/aws-ecs/README.md @@ -609,6 +609,31 @@ const service = new ecs.ExternalService(this, 'Service', { `Services` by default will create a security group if not provided. If you'd like to specify which security groups to use you can override the `securityGroups` property. +By default, the service will use the revision of the passed task definition generated when the `TaskDefinition` +is deployed by CloudFormation. However, this may not be desired if the revision is externally managed, +for example through CodeDeploy. + +To set a specific revision number or the special `latest` revision, use the `taskDefinitionRevision` parameter: + +```ts +declare const cluster: ecs.Cluster; +declare const taskDefinition: ecs.TaskDefinition; + +new ecs.ExternalService(this, 'Service', { + cluster, + taskDefinition, + desiredCount: 5, + taskDefinitionRevision: ecs.TaskDefinitionRevision.of(1) +}); + +new ecs.ExternalService(this, 'Service', { + cluster, + taskDefinition, + desiredCount: 5, + taskDefinitionRevision: ecs.TaskDefinitionRevision.LATEST +}); +``` + ### Deployment circuit breaker and rollback Amazon ECS [deployment circuit breaker](https://aws.amazon.com/tw/blogs/containers/announcing-amazon-ecs-deployment-circuit-breaker/) diff --git a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts index 51dea56f85d39..9726ef21526ce 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts @@ -22,7 +22,12 @@ import { import * as cxapi from '../../../cx-api'; import { RegionInfo } from '../../../region-info'; -import { LoadBalancerTargetOptions, NetworkMode, TaskDefinition } from '../base/task-definition'; +import { + LoadBalancerTargetOptions, + NetworkMode, + TaskDefinition, + TaskDefinitionRevision, +} from '../base/task-definition'; import { ICluster, CapacityProviderStrategy, ExecuteCommandLogging, Cluster } from '../cluster'; import { ContainerDefinition, Protocol } from '../container-definition'; import { CfnService } from '../ecs.generated'; @@ -345,6 +350,13 @@ export interface BaseServiceOptions { * cannot make requests to other services via Service Connect. */ readonly serviceConnectConfiguration?: ServiceConnectProps; + + /** + * Revision number for the task definition or `latest` to use the latest active task revision. + * + * @default - Uses the revision of the passed task definition deployed by CloudFormation + */ + readonly taskDefinitionRevision?: TaskDefinitionRevision; } /** @@ -635,12 +647,26 @@ export abstract class BaseService extends Resource throw new Error('Deployment alarms requires the ECS deployment controller.'); } + if ( + props.deploymentController?.type === DeploymentControllerType.CODE_DEPLOY + && props.taskDefinitionRevision + && props.taskDefinitionRevision !== TaskDefinitionRevision.LATEST + ) { + throw new Error('CODE_DEPLOY deploymentController can only be used with the `latest` task definition revision'); + } + if (props.deploymentController?.type === DeploymentControllerType.CODE_DEPLOY) { // Strip the revision ID from the service's task definition property to // prevent new task def revisions in the stack from triggering updates // to the stack's ECS service resource this.resource.taskDefinition = taskDefinition.family; this.node.addDependency(taskDefinition); + } else if (props.taskDefinitionRevision) { + this.resource.taskDefinition = taskDefinition.family; + if (props.taskDefinitionRevision !== TaskDefinitionRevision.LATEST) { + this.resource.taskDefinition += `:${props.taskDefinitionRevision.revision}`; + } + this.node.addDependency(taskDefinition); } this.serviceArn = this.getResourceArnAttribute(this.resource.ref, { diff --git a/packages/aws-cdk-lib/aws-ecs/lib/base/task-definition.ts b/packages/aws-cdk-lib/aws-ecs/lib/base/task-definition.ts index 7d2b925408285..34793208d28d5 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/base/task-definition.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/base/task-definition.ts @@ -1234,3 +1234,33 @@ export function isFargateCompatible(compatibility: Compatibility): boolean { export function isExternalCompatible(compatibility: Compatibility): boolean { return [Compatibility.EXTERNAL].includes(compatibility); } + +/** + * Represents revision of a task definition, either a specific numbered revision or + * the `latest` revision + */ +export class TaskDefinitionRevision { + /** + * The most recent revision of a task + */ + public static readonly LATEST = new TaskDefinitionRevision('latest'); + + /** + * Specific revision of a task + */ + public static of(revision: number) { + if (revision < 1) { + throw new Error(`A task definition revision must be 'latest' or a positive number, got ${revision}`); + } + return new TaskDefinitionRevision(revision.toString()); + } + + /** + * The string representation of this revision + */ + public readonly revision: string; + + private constructor(revision: string) { + this.revision = revision; + } +} diff --git a/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts b/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts index b1cda7643a844..31e0d62ec5f73 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts @@ -200,6 +200,68 @@ describe('For alarm-based rollbacks', () => { }); }); +describe('When specifying a task definition revision', () => { + let stack: cdk.Stack; + + beforeEach(() => { + stack = new cdk.Stack(); + }); + + test('specifies the revision if set to something other than latest', () => { + // GIVEN + const vpc = new ec2.Vpc(stack, 'Vpc'); + const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); + const taskDefinition = new ecs.FargateTaskDefinition(stack, 'FargateTaskDef'); + taskDefinition.addContainer('web', { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }); + + // WHEN + new ecs.FargateService(stack, 'FargateService', { + cluster, + taskDefinition, + deploymentController: { + type: ecs.DeploymentControllerType.ECS, + }, + minHealthyPercent: 100, + maxHealthyPercent: 200, + taskDefinitionRevision: ecs.TaskDefinitionRevision.of(1), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ECS::Service', { + TaskDefinition: 'FargateTaskDef:1', + }); + }); + + test('omits the revision if set to latest', () => { + // GIVEN + const vpc = new ec2.Vpc(stack, 'Vpc'); + const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); + const taskDefinition = new ecs.FargateTaskDefinition(stack, 'FargateTaskDef'); + taskDefinition.addContainer('web', { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + }); + + // WHEN + new ecs.FargateService(stack, 'FargateService', { + cluster, + taskDefinition, + deploymentController: { + type: ecs.DeploymentControllerType.ECS, + }, + minHealthyPercent: 100, + maxHealthyPercent: 200, + taskDefinitionRevision: ecs.TaskDefinitionRevision.LATEST, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ECS::Service', { + TaskDefinition: 'FargateTaskDef', + }); + }); +}); + test.each([ /* breaker, flag => controller in template */ /* Flag off => value present if circuitbreaker */ diff --git a/packages/aws-cdk-lib/aws-ecs/test/task-definition.test.ts b/packages/aws-cdk-lib/aws-ecs/test/task-definition.test.ts index 571bf6ba61f6d..2b4bad0b5d5a1 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/task-definition.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/task-definition.test.ts @@ -516,4 +516,24 @@ describe('task definition', () => { }); }); }); -}); \ No newline at end of file +}); + +describe('task definition revision', () => { + describe('validate revision number', () => { + test('should throw if zero', () => { + expect(() => { + ecs.TaskDefinitionRevision.of(0); + }).toThrow(/must be 'latest' or a positive number, got 0/); + }); + test('should throw if negative', () => { + expect(() => { + ecs.TaskDefinitionRevision.of(-5); + }).toThrow(/must be 'latest' or a positive number, got -5/); + }); + test('should succeed if positive', () => { + expect(() => { + ecs.TaskDefinitionRevision.of(21); + }).not.toThrow(); + }); + }); +}); From 986db38842c901bfe50098b36d78d6e3a6befdf1 Mon Sep 17 00:00:00 2001 From: "k.goto" <24818752+go-to-k@users.noreply.github.com> Date: Fri, 15 Dec 2023 05:28:03 +0900 Subject: [PATCH 22/24] feat(rds): support aurora mysql 3.05.1 (#28370) This PR supports Aurora MySQL 3.05.1. https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.3051.html ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts b/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts index 0d746e7587753..375d8ea3af348 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts @@ -546,6 +546,8 @@ export class AuroraMysqlEngineVersion { public static readonly VER_3_04_1 = AuroraMysqlEngineVersion.builtIn_8_0('3.04.1'); /** Version "8.0.mysql_aurora.3.05.0". */ public static readonly VER_3_05_0 = AuroraMysqlEngineVersion.builtIn_8_0('3.05.0'); + /** Version "8.0.mysql_aurora.3.05.1". */ + public static readonly VER_3_05_1 = AuroraMysqlEngineVersion.builtIn_8_0('3.05.1'); /** * Create a new AuroraMysqlEngineVersion with an arbitrary version. From be38982d3983d2a38c6ab791517282ade0da07d3 Mon Sep 17 00:00:00 2001 From: paulhcsun <47882901+paulhcsun@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:12:12 -0800 Subject: [PATCH 23/24] chore(amplify-alpha): add dependency from @aws-cdk/custom-resource-handlers (#28373) Add dependency from from **@aws-cdk/custom-resource-handlers** to **@aws-cdk/aws-amplify-alpha** as part of effort to standardize custom resource creation and bundling of source code. Verified addition with `yarn install` and `yarn test`. Closes https://github.com/aws/aws-cdk/issues/28289. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-amplify-alpha/package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/@aws-cdk/aws-amplify-alpha/package.json b/packages/@aws-cdk/aws-amplify-alpha/package.json index 0265fcea3494b..fc3a036eb1302 100644 --- a/packages/@aws-cdk/aws-amplify-alpha/package.json +++ b/packages/@aws-cdk/aws-amplify-alpha/package.json @@ -86,6 +86,7 @@ "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", "@aws-cdk/pkglint": "0.0.0", + "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-sdk/client-amplify": "3.451.0", "@aws-sdk/client-s3": "3.451.0", "@aws-sdk/s3-request-presigner": "3.451.0", From 09cb003fb917714c0dc88b47cd05893c2a816d45 Mon Sep 17 00:00:00 2001 From: Luca Pizzini Date: Fri, 15 Dec 2023 00:57:20 +0100 Subject: [PATCH 24/24] fix(secretsmanager): cannot set hourly rotation (#28303) Allows to set hourly rotation up to 4 hours on secrets as per [official docs](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html). Closes #28261. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...s-cdk-docdb-cluster-rotation.template.json | 2 +- .../tree.json | 2 +- ...aws-cdk-rds-cluster-rotation.template.json | 4 +- .../tree.json | 4 +- .../cdk-integ-cluster-snapshot.template.json | 2 +- .../tree.json | 2 +- .../aws-cdk-rds-instance.template.json | 2 +- .../integ.instance.lit.js.snapshot/tree.json | 2 +- ...dk-rds-integ-secret-rotation.template.json | 2 +- .../tree.json | 2 +- ...dk-rds-integ-secret-rotation.template.json | 2 +- .../tree.json | 2 +- ...integ-secret-hosted-rotation.template.json | 4 +- .../tree.json | 4 +- ...integ-secret-lambda-rotation.template.json | 2 +- .../tree.json | 2 +- .../test/integ.lambda-rotation.ts | 1 + .../aws-docdb/test/cluster.test.ts | 4 +- .../aws-cdk-lib/aws-rds/test/cluster.test.ts | 16 ++-- .../aws-cdk-lib/aws-rds/test/instance.test.ts | 8 +- .../lib/rotation-schedule.ts | 28 ++++-- .../test/rotation-schedule.test.ts | 92 +++++++++++++++++-- .../test/secret-rotation.test.ts | 2 +- 23 files changed, 141 insertions(+), 50 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json index 9206ab9a17ce8..1271bf7c1dca2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json @@ -501,7 +501,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" }, "SecretId": { "Ref": "DatabaseSecretAttachmentE5D1B020" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json index 3bb92efa6d3ca..951bdfa30bb22 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json @@ -825,7 +825,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" }, "secretId": { "Ref": "DatabaseSecretAttachmentE5D1B020" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json index 794425c15d58a..ce8f516772028 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-rds-cluster-rotation.template.json @@ -599,7 +599,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" }, "SecretId": { "Ref": "DatabaseSecretAttachmentE5D1B020" @@ -920,7 +920,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 7 + "ScheduleExpression": "rate(7 days)" }, "SecretId": { "Ref": "CustomRotationOptionsSecretAttachment697A23BF" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json index 5c1665d932a55..301426d3607e9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-rotation.lit.js.snapshot/tree.json @@ -995,7 +995,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" }, "secretId": { "Ref": "DatabaseSecretAttachmentE5D1B020" @@ -1520,7 +1520,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 7 + "scheduleExpression": "rate(7 days)" }, "secretId": { "Ref": "CustomRotationOptionsSecretAttachment697A23BF" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json index ebe5672ba9069..9a5f1622df555 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/cdk-integ-cluster-snapshot.template.json @@ -1403,7 +1403,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" }, "SecretId": { "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/tree.json index 09ea615fb01f4..3b559b1a4d8bd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-snapshot.js.snapshot/tree.json @@ -2285,7 +2285,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" }, "secretId": { "Ref": "FromSnapshotSnapshotSecretAttachmentA3F619B8" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json index 0d3ab4158f690..a2f3e86d3ac10 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/aws-cdk-rds-instance.template.json @@ -616,7 +616,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" }, "SecretId": { "Ref": "InstanceSecretAttachment83BEE581" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json index 5633e4c3d92f9..7f75600ca577a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.instance.lit.js.snapshot/tree.json @@ -1040,7 +1040,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" }, "secretId": { "Ref": "InstanceSecretAttachment83BEE581" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json index 9670594fcd147..0a12dc325c73e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json @@ -84,7 +84,7 @@ "RotationType": "MySQLSingleUser" }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/tree.json index 8b0ca324ebc1d..b9adb54e8c634 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation-custom-names.js.snapshot/tree.json @@ -142,7 +142,7 @@ "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json index 84e9db49cabdc..c9972ef2c6403 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/aws-cdk-rds-integ-secret-rotation.template.json @@ -83,7 +83,7 @@ "RotationType": "MySQLSingleUser" }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/tree.json index 324bde72c38a6..4a400c436d2ea 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.serverless-cluster-secret-rotation.js.snapshot/tree.json @@ -141,7 +141,7 @@ "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/cdk-integ-secret-hosted-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/cdk-integ-secret-hosted-rotation.template.json index 100dd501b3c01..b435c2b732113 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/cdk-integ-secret-hosted-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/cdk-integ-secret-hosted-rotation.template.json @@ -22,7 +22,7 @@ "RotationType": "MySQLSingleUser" }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" } } }, @@ -84,7 +84,7 @@ }, "RotateImmediatelyOnUpdate": false, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/tree.json index 8376f334fd4f0..c18789e6a490b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.hosted-rotation.js.snapshot/tree.json @@ -44,7 +44,7 @@ "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" } } }, @@ -158,7 +158,7 @@ }, "rotateImmediatelyOnUpdate": false, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(30 days)" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/cdk-integ-secret-lambda-rotation.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/cdk-integ-secret-lambda-rotation.template.json index 58263e2820f90..658bd5c501b9f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/cdk-integ-secret-lambda-rotation.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/cdk-integ-secret-lambda-rotation.template.json @@ -139,7 +139,7 @@ ] }, "RotationRules": { - "AutomaticallyAfterDays": 30 + "ScheduleExpression": "rate(4 hours)" }, "SecretId": { "Ref": "SecretA720EF05" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/tree.json index 207294c8edffe..d20587d644344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.js.snapshot/tree.json @@ -180,7 +180,7 @@ ] }, "rotationRules": { - "automaticallyAfterDays": 30 + "scheduleExpression": "rate(4 hours)" }, "secretId": { "Ref": "SecretA720EF05" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.ts index 4382ab413362b..568debb390304 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-secretsmanager/test/integ.lambda-rotation.ts @@ -21,6 +21,7 @@ class TestStack extends cdk.Stack { handler: 'index.handler', code: lambda.Code.fromInline('NOOP'), }), + automaticallyAfter: cdk.Duration.hours(4), }); } } diff --git a/packages/aws-cdk-lib/aws-docdb/test/cluster.test.ts b/packages/aws-cdk-lib/aws-docdb/test/cluster.test.ts index 50b23408db59a..7b1ff72a62984 100644 --- a/packages/aws-cdk-lib/aws-docdb/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-docdb/test/cluster.test.ts @@ -785,7 +785,7 @@ describe('DatabaseCluster', () => { 'Fn::GetAtt': ['DatabaseRotationSingleUser65F55654', 'Outputs.RotationLambdaARN'], }, RotationRules: { - AutomaticallyAfterDays: 5, + ScheduleExpression: 'rate(5 days)', }, }); }); @@ -899,7 +899,7 @@ describe('DatabaseCluster', () => { 'Fn::GetAtt': ['DatabaseRotation6B6E1D86', 'Outputs.RotationLambdaARN'], }, RotationRules: { - AutomaticallyAfterDays: 5, + ScheduleExpression: 'rate(5 days)', }, }); }); diff --git a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts index 0b3644fc7e1a7..c900952d76f79 100644 --- a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts @@ -1975,7 +1975,7 @@ describe('cluster', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); }); @@ -2006,7 +2006,7 @@ describe('cluster', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -2058,7 +2058,7 @@ describe('cluster', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', { RotationRules: { - AutomaticallyAfterDays: 15, + ScheduleExpression: 'rate(15 days)', }, }); @@ -2125,7 +2125,7 @@ describe('cluster', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', { RotationRules: { - AutomaticallyAfterDays: 15, + ScheduleExpression: 'rate(15 days)', }, }); @@ -2231,7 +2231,7 @@ describe('cluster', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, RotateImmediatelyOnUpdate: false, }); @@ -2266,7 +2266,7 @@ describe('cluster', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, RotateImmediatelyOnUpdate: false, }); @@ -3439,7 +3439,7 @@ describe('cluster', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', { RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); }); @@ -3493,7 +3493,7 @@ describe('cluster', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); diff --git a/packages/aws-cdk-lib/aws-rds/test/instance.test.ts b/packages/aws-cdk-lib/aws-rds/test/instance.test.ts index 3e791f2a0ab81..92f9d41cccc1e 100644 --- a/packages/aws-cdk-lib/aws-rds/test/instance.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/instance.test.ts @@ -782,7 +782,7 @@ describe('instance', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); }); @@ -810,7 +810,7 @@ describe('instance', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -858,7 +858,7 @@ describe('instance', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', { RotationRules: { - AutomaticallyAfterDays: 15, + ScheduleExpression: 'rate(15 days)', }, }); @@ -921,7 +921,7 @@ describe('instance', () => { // THEN Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', { RotationRules: { - AutomaticallyAfterDays: 15, + ScheduleExpression: 'rate(15 days)', }, }); diff --git a/packages/aws-cdk-lib/aws-secretsmanager/lib/rotation-schedule.ts b/packages/aws-cdk-lib/aws-secretsmanager/lib/rotation-schedule.ts index a9f1ecdd0545d..32f89b50f8d9e 100644 --- a/packages/aws-cdk-lib/aws-secretsmanager/lib/rotation-schedule.ts +++ b/packages/aws-cdk-lib/aws-secretsmanager/lib/rotation-schedule.ts @@ -2,6 +2,7 @@ import { Construct } from 'constructs'; import { ISecret, Secret } from './secret'; import { CfnRotationSchedule } from './secretsmanager.generated'; import * as ec2 from '../../aws-ec2'; +import { Schedule } from '../../aws-events'; import * as iam from '../../aws-iam'; import * as kms from '../../aws-kms'; import * as lambda from '../../aws-lambda'; @@ -37,6 +38,7 @@ export interface RotationScheduleOptions { * Specifies the number of days after the previous rotation before * Secrets Manager triggers the next automatic rotation. * + * The minimum value is 4 hours. * The maximum value is 1000 days. * * A value of zero (`Duration.days(0)`) will not create RotationRules. @@ -126,18 +128,26 @@ export class RotationSchedule extends Resource { ); } - let automaticallyAfterDays: number | undefined = undefined; - if (props.automaticallyAfter && props.automaticallyAfter.toDays() > 1000) { - throw new Error(`automaticallyAfter must not be greater than 1000 days, got ${props.automaticallyAfter.toDays()} days`); - } - if (props.automaticallyAfter?.toMilliseconds() !== 0) { - automaticallyAfterDays = props.automaticallyAfter?.toDays() || 30; + let scheduleExpression: string | undefined; + if (props.automaticallyAfter) { + const automaticallyAfterMillis = props.automaticallyAfter.toMilliseconds(); + if (automaticallyAfterMillis > 0) { + if (automaticallyAfterMillis < Duration.hours(4).toMilliseconds()) { + throw new Error(`automaticallyAfter must not be smaller than 4 hours, got ${props.automaticallyAfter.toHours()} hours`); + } + if (automaticallyAfterMillis > Duration.days(1000).toMilliseconds()) { + throw new Error(`automaticallyAfter must not be greater than 1000 days, got ${props.automaticallyAfter.toDays()} days`); + } + scheduleExpression = Schedule.rate(props.automaticallyAfter).expressionString; + } + } else { + scheduleExpression = Schedule.rate(Duration.days(30)).expressionString; } - let rotationRules: CfnRotationSchedule.RotationRulesProperty | undefined = undefined; - if (automaticallyAfterDays !== undefined) { + let rotationRules: CfnRotationSchedule.RotationRulesProperty | undefined; + if (scheduleExpression) { rotationRules = { - automaticallyAfterDays, + scheduleExpression, }; } diff --git a/packages/aws-cdk-lib/aws-secretsmanager/test/rotation-schedule.test.ts b/packages/aws-cdk-lib/aws-secretsmanager/test/rotation-schedule.test.ts index 81d14021be962..dacfe106e0f8d 100644 --- a/packages/aws-cdk-lib/aws-secretsmanager/test/rotation-schedule.test.ts +++ b/packages/aws-cdk-lib/aws-secretsmanager/test/rotation-schedule.test.ts @@ -38,7 +38,7 @@ test('create a rotation schedule with a rotation Lambda', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); }); @@ -65,7 +65,7 @@ test('create a rotation schedule without immediate rotation', () => { Ref: 'SecretA720EF05', }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, RotateImmediatelyOnUpdate: false, }); @@ -261,7 +261,7 @@ describe('hosted rotation', () => { ExcludeCharacters: " %+~`#$&*()|[]{}:;<>?!'/@\"\\", }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -328,7 +328,7 @@ describe('hosted rotation', () => { RotationType: 'PostgreSQLMultiUser', }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -411,7 +411,7 @@ describe('hosted rotation', () => { }, }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -497,7 +497,7 @@ describe('hosted rotation', () => { }, }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, }); @@ -652,6 +652,86 @@ test('rotation schedule should have a dependency on lambda permissions', () => { }); }); +test('automaticallyAfter set scheduleExpression with days duration', () => { + // GIVEN + const secret = new secretsmanager.Secret(stack, 'Secret'); + const rotationLambda = new lambda.Function(stack, 'Lambda', { + runtime: lambda.Runtime.NODEJS_LATEST, + code: lambda.Code.fromInline('export.handler = event => event;'), + handler: 'index.handler', + }); + + // WHEN + new secretsmanager.RotationSchedule(stack, 'RotationSchedule', { + secret, + rotationLambda, + automaticallyAfter: Duration.days(90), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', Match.objectEquals({ + SecretId: { Ref: 'SecretA720EF05' }, + RotationLambdaARN: { + 'Fn::GetAtt': [ + 'LambdaD247545B', + 'Arn', + ], + }, + RotationRules: { + ScheduleExpression: 'rate(90 days)', + }, + })); +}); + +test('automaticallyAfter set scheduleExpression with hours duration', () => { + // GIVEN + const secret = new secretsmanager.Secret(stack, 'Secret'); + const rotationLambda = new lambda.Function(stack, 'Lambda', { + runtime: lambda.Runtime.NODEJS_LATEST, + code: lambda.Code.fromInline('export.handler = event => event;'), + handler: 'index.handler', + }); + + // WHEN + new secretsmanager.RotationSchedule(stack, 'RotationSchedule', { + secret, + rotationLambda, + automaticallyAfter: Duration.hours(6), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::SecretsManager::RotationSchedule', Match.objectEquals({ + SecretId: { Ref: 'SecretA720EF05' }, + RotationLambdaARN: { + 'Fn::GetAtt': [ + 'LambdaD247545B', + 'Arn', + ], + }, + RotationRules: { + ScheduleExpression: 'rate(6 hours)', + }, + })); +}); + +test('automaticallyAfter must not be smaller than 4 hours', () => { + // GIVEN + const secret = new secretsmanager.Secret(stack, 'Secret'); + const rotationLambda = new lambda.Function(stack, 'Lambda', { + runtime: lambda.Runtime.NODEJS_LATEST, + code: lambda.Code.fromInline('export.handler = event => event;'), + handler: 'index.handler', + }); + + // WHEN + // THEN + expect(() => new secretsmanager.RotationSchedule(stack, 'RotationSchedule', { + secret, + rotationLambda, + automaticallyAfter: Duration.hours(2), + })).toThrow(/automaticallyAfter must not be smaller than 4 hours, got 2 hours/); +}); + test('automaticallyAfter must not be greater than 1000 days', () => { // GIVEN const secret = new secretsmanager.Secret(stack, 'Secret'); diff --git a/packages/aws-cdk-lib/aws-secretsmanager/test/secret-rotation.test.ts b/packages/aws-cdk-lib/aws-secretsmanager/test/secret-rotation.test.ts index 0d24a57fed8ab..72f559bf7a265 100644 --- a/packages/aws-cdk-lib/aws-secretsmanager/test/secret-rotation.test.ts +++ b/packages/aws-cdk-lib/aws-secretsmanager/test/secret-rotation.test.ts @@ -63,7 +63,7 @@ test('secret rotation single user', () => { ], }, RotationRules: { - AutomaticallyAfterDays: 30, + ScheduleExpression: 'rate(30 days)', }, });