Skip to content

Commit

Permalink
Merge branch 'main' into colifran/migrate-trigger-handler
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Nov 10, 2023
2 parents e193138 + 66054ab commit 88a2746
Show file tree
Hide file tree
Showing 4 changed files with 121 additions and 31 deletions.
60 changes: 30 additions & 30 deletions packages/aws-cdk-lib/aws-eks/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,12 @@ This example defines an Amazon EKS cluster with the following configuration:
* A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image.

```ts
import { KubectlV27Layer } from '@aws-cdk/lambda-layer-kubectl-v27';
import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';

// provisioning a cluster
const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
kubectlLayer: new KubectlV27Layer(this, 'kubectl'),
version: eks.KubernetesVersion.V1_28,
kubectlLayer: new KubectlV28Layer(this, 'kubectl'),
});

// apply a kubernetes manifest to the cluster
Expand Down Expand Up @@ -134,15 +134,15 @@ Creating a new cluster is done using the `Cluster` or `FargateCluster` construct

```ts
new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});
```

You can also use `FargateCluster` to provision a cluster that uses only fargate workers.

```ts
new eks.FargateCluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});
```

Expand All @@ -166,7 +166,7 @@ At cluster instantiation time, you can customize the number of instances and the

```ts
new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
defaultCapacity: 5,
defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL),
});
Expand All @@ -178,7 +178,7 @@ Additional customizations are available post instantiation. To apply them, set t

```ts
const cluster = new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
defaultCapacity: 0,
});

Expand Down Expand Up @@ -258,7 +258,7 @@ const eksClusterNodeGroupRole = new iam.Role(this, 'eksClusterNodeGroupRole', {
});

const cluster = new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
defaultCapacity: 0,
});

Expand Down Expand Up @@ -401,7 +401,7 @@ The following code defines an Amazon EKS cluster with a default Fargate Profile

```ts
const cluster = new eks.FargateCluster(this, 'MyCluster', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});
```

Expand Down Expand Up @@ -478,7 +478,7 @@ You can also configure the cluster to use an auto-scaling group as the default c

```ts
const cluster = new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
defaultCapacityType: eks.DefaultCapacityType.EC2,
});
```
Expand Down Expand Up @@ -571,7 +571,7 @@ You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/

```ts
const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC.
});
```
Expand All @@ -593,7 +593,7 @@ To deploy the controller on your EKS cluster, configure the `albController` prop

```ts
new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
albController: {
version: eks.AlbControllerVersion.V2_6_2,
},
Expand Down Expand Up @@ -633,7 +633,7 @@ You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properti
declare const vpc: ec2.Vpc;

new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
vpc,
vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS }],
});
Expand Down Expand Up @@ -680,7 +680,7 @@ You can configure the environment of the Cluster Handler functions by specifying
```ts
declare const proxyInstanceSecurityGroup: ec2.SecurityGroup;
const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
clusterHandlerEnvironment: {
https_proxy: 'http://proxy.myproxy.com',
},
Expand Down Expand Up @@ -722,7 +722,7 @@ for (let subnet of subnets) {
}

const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
vpc: vpc,
ipFamily: eks.IpFamily.IP_V6,
vpcSubnets: [{ subnets: vpc.publicSubnets }],
Expand Down Expand Up @@ -757,7 +757,7 @@ You can configure the environment of this function by specifying it at cluster i

```ts
const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
kubectlEnvironment: {
'http_proxy': 'http://proxy.myproxy.com',
},
Expand All @@ -777,11 +777,11 @@ Depending on which version of kubernetes you're targeting, you will need to use
the `@aws-cdk/lambda-layer-kubectl-vXY` packages.

```ts
import { KubectlV27Layer } from '@aws-cdk/lambda-layer-kubectl-v27';
import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';

const cluster = new eks.Cluster(this, 'hello-eks', {
version: eks.KubernetesVersion.V1_27,
kubectlLayer: new KubectlV27Layer(this, 'kubectl'),
version: eks.KubernetesVersion.V1_28,
kubectlLayer: new KubectlV28Layer(this, 'kubectl'),
});
```

Expand Down Expand Up @@ -816,7 +816,7 @@ const cluster1 = new eks.Cluster(this, 'MyCluster', {
kubectlLayer: layer,
vpc,
clusterName: 'cluster-name',
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});

// or
Expand All @@ -834,7 +834,7 @@ By default, the kubectl provider is configured with 1024MiB of memory. You can u
```ts
new eks.Cluster(this, 'MyCluster', {
kubectlMemory: Size.gibibytes(4),
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});

// or
Expand Down Expand Up @@ -873,7 +873,7 @@ When you create a cluster, you can specify a `mastersRole`. The `Cluster` constr
```ts
declare const role: iam.Role;
new eks.Cluster(this, 'HelloEKS', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
mastersRole: role,
});
```
Expand Down Expand Up @@ -923,7 +923,7 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u
const secretsKey = new kms.Key(this, 'SecretsKey');
const cluster = new eks.Cluster(this, 'MyCluster', {
secretsEncryptionKey: secretsKey,
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});
```

Expand All @@ -933,7 +933,7 @@ You can also use a similar configuration for running a cluster built using the F
const secretsKey = new kms.Key(this, 'SecretsKey');
const cluster = new eks.FargateCluster(this, 'MyFargateCluster', {
secretsEncryptionKey: secretsKey,
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
});
```

Expand Down Expand Up @@ -977,7 +977,7 @@ To access the Kubernetes resources from the console, make sure your viewing prin
in the `aws-auth` ConfigMap. Some options to consider:

```ts
import { KubectlV27Layer } from '@aws-cdk/lambda-layer-kubectl-v27';
import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
declare const cluster: eks.Cluster;
declare const your_current_role: iam.Role;
declare const vpc: ec2.Vpc;
Expand All @@ -997,7 +997,7 @@ your_current_role.addToPolicy(new iam.PolicyStatement({

```ts
// Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console.
import { KubectlV27Layer } from '@aws-cdk/lambda-layer-kubectl-v27';
import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
declare const vpc: ec2.Vpc;

const mastersRole = new iam.Role(this, 'MastersRole', {
Expand All @@ -1006,8 +1006,8 @@ const mastersRole = new iam.Role(this, 'MastersRole', {

const cluster = new eks.Cluster(this, 'EksCluster', {
vpc,
version: eks.KubernetesVersion.V1_27,
kubectlLayer: new KubectlV27Layer(this, 'KubectlLayer'),
version: eks.KubernetesVersion.V1_28,
kubectlLayer: new KubectlV28Layer(this, 'KubectlLayer'),
mastersRole,
});

Expand Down Expand Up @@ -1291,7 +1291,7 @@ when a cluster is defined:

```ts
new eks.Cluster(this, 'MyCluster', {
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
prune: false,
});
```
Expand Down Expand Up @@ -1678,7 +1678,7 @@ property. For example:
```ts
const cluster = new eks.Cluster(this, 'Cluster', {
// ...
version: eks.KubernetesVersion.V1_27,
version: eks.KubernetesVersion.V1_28,
clusterLogging: [
eks.ClusterLoggingTypes.API,
eks.ClusterLoggingTypes.AUTHENTICATOR,
Expand Down
9 changes: 9 additions & 0 deletions packages/aws-cdk-lib/aws-eks/lib/cluster.ts
Original file line number Diff line number Diff line change
Expand Up @@ -925,6 +925,15 @@ export class KubernetesVersion {
*/
public static readonly V1_27 = KubernetesVersion.of('1.27');

/**
* Kubernetes version 1.28
*
* When creating a `Cluster` with this version, you need to also specify the
* `kubectlLayer` property with a `KubectlV28Layer` from
* `@aws-cdk/lambda-layer-kubectl-v28`.
*/
public static readonly V1_28 = KubernetesVersion.of('1.28');

/**
* Custom cluster version
* @param version custom version number
Expand Down
81 changes: 81 additions & 0 deletions packages/aws-cdk-lib/aws-lakeformation/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,84 @@ For more information on the resources and properties available for this service,
(Read the [CDK Contributing Guide](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and submit an RFC if you are interested in contributing to this construct library.)

<!--END CFNONLY DISCLAIMER-->

### Example

Here is an example of creating a glue table and putting lakeformation tags on it. Note: this example uses deprecated constructs and overly permissive IAM roles. This example is meant to give a general idea of using the L1s; it is not production level.

```ts
import * as cdk from 'aws-cdk-lib';
import { S3Table, Database, DataFormat, Schema } from '@aws-cdk/aws-glue-alpha';
import { CfnDataLakeSettings, CfnTag, CfnTagAssociation } from 'aws-cdk-lib/aws-lakeformation';

declare const stack: cdk.Stack;
declare const accountId: string;

const tagKey = 'aws';
const tagValues = ['dev'];

const database = new Database(this, 'Database');

const table = new S3Table(this, 'Table', {
database,
columns: [
{
name: 'col1',
type: Schema.STRING,
},
{
name: 'col2',
type: Schema.STRING,
}
],
dataFormat: DataFormat.CSV,
});

const synthesizer = stack.synthesizer as cdk.DefaultStackSynthesizer;
new CfnDataLakeSettings(this, 'DataLakeSettings', {
admins: [
{
dataLakePrincipalIdentifier: stack.formatArn({
service: 'iam',
resource: 'role',
region: '',
account: accountId,
resourceName: 'Admin',
}),
},
{
// The CDK cloudformation execution role.
dataLakePrincipalIdentifier: synthesizer.cloudFormationExecutionRoleArn.replace('${AWS::Partition}', 'aws'),
},
],
});

const tag = new CfnTag(this, 'Tag', {
catalogId: accountId,
tagKey,
tagValues,
});

const lfTagPairProperty: CfnTagAssociation.LFTagPairProperty = {
catalogId: accountId,
tagKey,
tagValues,
};

const tagAssociation = new CfnTagAssociation(this, 'TagAssociation', {
lfTags: [lfTagPairProperty],
resource: {
tableWithColumns: {
databaseName: database.databaseName,
columnNames: ['col1', 'col2'],
catalogId: accountId,
name: table.tableName,
}
}
});

tagAssociation.node.addDependency(tag);
tagAssociation.node.addDependency(table);

```
Additionally, you may need to use the lakeformation console to give permissions, particularly to give the cdk-exec-role tagging permissions.
2 changes: 1 addition & 1 deletion packages/aws-cdk-lib/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -489,7 +489,7 @@
},
"jsiiRosetta": {
"exampleDependencies": {
"@aws-cdk/lambda-layer-kubectl-v27": "^2.0.0",
"@aws-cdk/lambda-layer-kubectl-v28": "^2.0.0",
"cdk8s-plus-25": "^2.7.0",
"@aws-cdk/aws-apigatewayv2-alpha": "*",
"@aws-cdk/aws-kinesisfirehose-alpha": "*",
Expand Down

0 comments on commit 88a2746

Please sign in to comment.