refactor(elbv2): move accounts to region-info module (#8998)

The ELBv2 module needs to know the ELBv2 team's accounts in order to enable access logging. This used to be a non-modifiable table buried in the library. Move that information into the `region-info` module, so users are free to add facts if they deploy to a new, unknown region. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Jul 12, 2020 · 8cb2b43 · 8cb2b43
1 parent 0ec7912
commit 8cb2b43
Show file tree

Hide file tree

Showing 6 changed files with 131 additions and 111 deletions.
diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-load-balancer.ts
@@ -2,6 +2,7 @@ import * as ec2 from '@aws-cdk/aws-ec2';
 import * as iam from '@aws-cdk/aws-iam';
 import * as s3 from '@aws-cdk/aws-s3';
 import { Construct, IResource, Lazy, Resource, Stack, Token } from '@aws-cdk/core';
+import { RegionInfo } from '@aws-cdk/region-info';
 import { CfnLoadBalancer } from '../elasticloadbalancingv2.generated';
 import { Attributes, ifUndefined, renderAttributes } from './util';
 
@@ -170,7 +171,7 @@ export abstract class BaseLoadBalancer extends Resource {
       throw new Error('Region is required to enable ELBv2 access logging');
     }
 
-    const account = ELBV2_ACCOUNTS[region];
+    const account = RegionInfo.get(region).elbv2Account;
     if (!account) {
       throw new Error(`Cannot enable access logging; don't know ELBv2 account for region ${region}`);
     }
@@ -198,32 +199,3 @@ export abstract class BaseLoadBalancer extends Resource {
     this.setAttribute(key, undefined);
   }
 }
-
-// https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-logging-bucket-permissions
-const ELBV2_ACCOUNTS: { [region: string]: string } = {
-  'us-east-1': '127311923021',
-  'us-east-2': '033677994240',
-  'us-west-1': '027434742980',
-  'us-west-2': '797873946194',
-  'af-south-1': '098369216593',
-  'ca-central-1': '985666609251',
-  'eu-central-1': '054676820928',
-  'eu-west-1': '156460612806',
-  'eu-west-2': '652711504416',
-  'eu-west-3': '009996457667',
-  'eu-south-1': '635631232127',
-  'eu-north-1': '897822967062',
-  'ap-east-1': '754344448648',
-  'ap-northeast-1': '582318560864',
-  'ap-northeast-2': '600734575887',
-  'ap-northeast-3': '383597477331',
-  'ap-southeast-1': '114774131450',
-  'ap-southeast-2': '783225319266',
-  'ap-south-1': '718504428378',
-  'me-south-1': '076674570225',
-  'sa-east-1': '507241528517',
-  'us-gov-west-1': '048591011584',
-  'us-gov-east-1': '190560391635',
-  'cn-north-1': '638102146993',
-  'cn-northwest-1': '037604701340',
-};
diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json
@@ -78,6 +78,7 @@
     "@aws-cdk/aws-lambda": "0.0.0",
     "@aws-cdk/aws-s3": "0.0.0",
     "@aws-cdk/core": "0.0.0",
+    "@aws-cdk/region-info": "0.0.0",
     "constructs": "^3.0.2"
   },
   "homepage": "https://github.com/aws/aws-cdk",
@@ -89,7 +90,8 @@
     "@aws-cdk/aws-lambda": "0.0.0",
     "@aws-cdk/aws-s3": "0.0.0",
     "@aws-cdk/core": "0.0.0",
-    "constructs": "^3.0.2"
+    "constructs": "^3.0.2",
+    "@aws-cdk/region-info": "0.0.0"
   },
   "engines": {
     "node": ">= 10.13.0 <13 || >=13.7.0"

diff --git a/packages/@aws-cdk/region-info/build-tools/fact-tables.ts b/packages/@aws-cdk/region-info/build-tools/fact-tables.ts
@@ -0,0 +1,106 @@
+export const AWS_OLDER_REGIONS = new Set([
+  'us-east-1',
+  'us-west-1',
+  'us-west-2',
+  'ap-southeast-1',
+  'ap-southeast-2',
+  'ap-northeast-1',
+  'sa-east-1',
+  'eu-west-1',
+]);
+
+export const AWS_CDK_METADATA = new Set([
+  'us-east-2',
+  'us-east-1',
+  'us-west-1',
+  'us-west-2',
+  // 'us-gov-east-1',
+  // 'us-gov-west-1',
+  // 'us-iso-east-1',
+  // 'us-isob-east-1',
+  'ap-south-1',
+  'ap-east-1',
+  // 'ap-northeast-3',
+  'ap-northeast-2',
+  'ap-southeast-1',
+  'ap-southeast-2',
+  'ap-northeast-1',
+  'ca-central-1',
+  'cn-north-1',
+  'cn-northwest-1',
+  'eu-central-1',
+  'eu-west-1',
+  'eu-west-2',
+  'eu-west-3',
+  'eu-north-1',
+  'me-south-1',
+  'sa-east-1',
+]);
+
+/**
+ * The hosted zone Id if using an alias record in Route53.
+ *
+ * @see https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints
+ */
+export const ROUTE_53_BUCKET_WEBSITE_ZONE_IDS: { [region: string]: string } = {
+  'us-east-2': 'Z2O1EMRO9K5GLX',
+  'us-east-1': 'Z3AQBSTGFYJSTF',
+  'us-west-1': 'Z2F56UZL2M1ACD',
+  'us-west-2': 'Z3BJ6K6RIION7M',
+  'us-gov-east-1': 'Z2NIFVYYW2VKV1',
+  'us-gov-west-1': 'Z31GFT0UA1I2HV',
+  'ap-east-1': 'ZNB98KWMFR0R6',
+  'ap-south-1': 'Z11RGJOFQNVJUP',
+  'ap-northeast-3': 'Z2YQB5RD63NC85',
+  'ap-northeast-2': 'Z3W03O7B5YMIYP',
+  'ap-southeast-1': 'Z3O0J2DXBE1FTB',
+  'ap-southeast-2': 'Z1WCIGYICN2BYD',
+  'ap-northeast-1': 'Z2M4EHUR26P7ZW',
+  'ca-central-1': 'Z1QDHH18159H29',
+  'eu-central-1': 'Z21DNDUVLTQW6Q',
+  'eu-west-1': 'Z1BKCTXD74EZPE',
+  'eu-west-2': 'Z3GKZC51ZF0DB4',
+  'eu-west-3': 'Z3R1K369G5AVDG',
+  'eu-north-1': 'Z3BAZG2TWCNX0D',
+  'sa-east-1': 'Z7KQH4QJS55SO',
+  'me-south-1': 'Z1MPMWCPA7YB62',
+};
+
+interface Region { partition: string, domainSuffix: string }
+
+export const PARTITION_MAP: { [region: string]: Region } = {
+  'default': { partition: 'aws', domainSuffix: 'amazonaws.com' },
+  'cn-': { partition: 'aws-cn', domainSuffix: 'amazonaws.com.cn' },
+  'us-gov-': { partition: 'aws-us-gov', domainSuffix: 'amazonaws.com' },
+  'us-iso-': { partition: 'aws-iso', domainSuffix: 'c2s.ic.gov' },
+  'us-isob-': { partition: 'aws-iso-b', domainSuffix: 'sc2s.sgov.gov' },
+};
+
+// https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-logging-bucket-permissions
+export const ELBV2_ACCOUNTS: { [region: string]: string } = {
+  'us-east-1': '127311923021',
+  'us-east-2': '033677994240',
+  'us-west-1': '027434742980',
+  'us-west-2': '797873946194',
+  'af-south-1': '098369216593',
+  'ca-central-1': '985666609251',
+  'eu-central-1': '054676820928',
+  'eu-west-1': '156460612806',
+  'eu-west-2': '652711504416',
+  'eu-west-3': '009996457667',
+  'eu-south-1': '635631232127',
+  'eu-north-1': '897822967062',
+  'ap-east-1': '754344448648',
+  'ap-northeast-1': '582318560864',
+  'ap-northeast-2': '600734575887',
+  'ap-northeast-3': '383597477331',
+  'ap-southeast-1': '114774131450',
+  'ap-southeast-2': '783225319266',
+  'ap-south-1': '718504428378',
+  'me-south-1': '076674570225',
+  'sa-east-1': '507241528517',
+  'us-gov-west-1': '048591011584',
+  'us-gov-east-1': '190560391635',
+  'cn-north-1': '638102146993',
+  'cn-northwest-1': '037604701340',
+};
diff --git a/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts b/packages/@aws-cdk/region-info/build-tools/generate-static-data.ts
@@ -2,6 +2,7 @@ import * as path from 'path';
 import * as fs from 'fs-extra';
 import { Default } from '../lib/default';
 import { AWS_REGIONS, AWS_SERVICES } from './aws-entities';
+import { AWS_CDK_METADATA, AWS_OLDER_REGIONS, ELBV2_ACCOUNTS, PARTITION_MAP, ROUTE_53_BUCKET_WEBSITE_ZONE_IDS } from './fact-tables';
 
 async function main(): Promise<void> {
   const lines = [
@@ -22,84 +23,6 @@ async function main(): Promise<void> {
     '  public static register(): void {',
   ];
 
-  const AWS_OLDER_REGIONS = new Set([
-    'us-east-1',
-    'us-west-1',
-    'us-west-2',
-    'ap-southeast-1',
-    'ap-southeast-2',
-    'ap-northeast-1',
-    'sa-east-1',
-    'eu-west-1',
-  ]);
-
-  const AWS_CDK_METADATA = new Set([
-    'us-east-2',
-    'us-east-1',
-    'us-west-1',
-    'us-west-2',
-    // 'us-gov-east-1',
-    // 'us-gov-west-1',
-    // 'us-iso-east-1',
-    // 'us-isob-east-1',
-    'ap-south-1',
-    'ap-east-1',
-    // 'ap-northeast-3',
-    'ap-northeast-2',
-    'ap-southeast-1',
-    'ap-southeast-2',
-    'ap-northeast-1',
-    'ca-central-1',
-    'cn-north-1',
-    'cn-northwest-1',
-    'eu-central-1',
-    'eu-west-1',
-    'eu-west-2',
-    'eu-west-3',
-    'eu-north-1',
-    'me-south-1',
-    'sa-east-1',
-  ]);
-
-  /**
-   * The hosted zone Id if using an alias record in Route53.
-   *
-   * @see https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints
-   */
-  const ROUTE_53_BUCKET_WEBSITE_ZONE_IDS: { [region: string]: string } = {
-    'us-east-2': 'Z2O1EMRO9K5GLX',
-    'us-east-1': 'Z3AQBSTGFYJSTF',
-    'us-west-1': 'Z2F56UZL2M1ACD',
-    'us-west-2': 'Z3BJ6K6RIION7M',
-    'us-gov-east-1': 'Z2NIFVYYW2VKV1',
-    'us-gov-west-1': 'Z31GFT0UA1I2HV',
-    'ap-east-1': 'ZNB98KWMFR0R6',
-    'ap-south-1': 'Z11RGJOFQNVJUP',
-    'ap-northeast-3': 'Z2YQB5RD63NC85',
-    'ap-northeast-2': 'Z3W03O7B5YMIYP',
-    'ap-southeast-1': 'Z3O0J2DXBE1FTB',
-    'ap-southeast-2': 'Z1WCIGYICN2BYD',
-    'ap-northeast-1': 'Z2M4EHUR26P7ZW',
-    'ca-central-1': 'Z1QDHH18159H29',
-    'eu-central-1': 'Z21DNDUVLTQW6Q',
-    'eu-west-1': 'Z1BKCTXD74EZPE',
-    'eu-west-2': 'Z3GKZC51ZF0DB4',
-    'eu-west-3': 'Z3R1K369G5AVDG',
-    'eu-north-1': 'Z3BAZG2TWCNX0D',
-    'sa-east-1': 'Z7KQH4QJS55SO',
-    'me-south-1': 'Z1MPMWCPA7YB62',
-  };
-
-  interface IRegion { partition: string, domainSuffix: string }
-
-  const PARTITION_MAP: { [region: string]: IRegion } = {
-    'default': { partition: 'aws', domainSuffix: 'amazonaws.com' },
-    'cn-': { partition: 'aws-cn', domainSuffix: 'amazonaws.com.cn' },
-    'us-gov-': { partition: 'aws-us-gov', domainSuffix: 'amazonaws.com' },
-    'us-iso-': { partition: 'aws-iso', domainSuffix: 'c2s.ic.gov' },
-    'us-isob-': { partition: 'aws-iso-b', domainSuffix: 'sc2s.sgov.gov' },
-  };
-
   const defaultMap = 'default';
 
   for (const region of AWS_REGIONS) {
@@ -124,6 +47,8 @@ async function main(): Promise<void> {
 
     registerFact(region, 'S3_STATIC_WEBSITE_ZONE_53_HOSTED_ZONE_ID', ROUTE_53_BUCKET_WEBSITE_ZONE_IDS[region] || '');
 
+    registerFact(region, 'ELBV2_ACCOUNT', ELBV2_ACCOUNTS[region]);
+
     const vpcEndpointServiceNamePrefix = `${domainSuffix.split('.').reverse().join('.')}.vpce`;
     registerFact(region, 'VPC_ENDPOINT_SERVICE_NAME_PREFIX', vpcEndpointServiceNamePrefix);
 

diff --git a/packages/@aws-cdk/region-info/lib/fact.ts b/packages/@aws-cdk/region-info/lib/fact.ts
@@ -51,7 +51,9 @@ export class Fact {
     if (fact.name in regionFacts && regionFacts[fact.name] !== fact.value && !allowReplacing) {
       throw new Error(`Region ${fact.region} already has a fact ${fact.name}, with value ${regionFacts[fact.name]}`);
     }
-    regionFacts[fact.name] = fact.value;
+    if (fact.value !== undefined) {
+      regionFacts[fact.name] = fact.value;
+    }
   }
 
   /**
@@ -93,7 +95,7 @@ export interface IFact {
   /**
    * The value of this fact.
    */
-  readonly value: string;
+  readonly value: string | undefined;
 }
 
 /**
@@ -133,6 +135,11 @@ export class FactName {
    */
   public static readonly VPC_ENDPOINT_SERVICE_NAME_PREFIX = 'vpcEndpointServiceNamePrefix';
 
+  /**
+   * The account for ELBv2 in this region
+   */
+  public static readonly ELBV2_ACCOUNT = 'elbv2Account';
+
   /**
    * The name of the regional service principal for a given service.
    *

diff --git a/packages/@aws-cdk/region-info/lib/region-info.ts b/packages/@aws-cdk/region-info/lib/region-info.ts
@@ -74,4 +74,12 @@ export class RegionInfo {
   public servicePrincipal(service: string): string | undefined {
     return Fact.find(this.name, FactName.servicePrincipal(service));
   }
+
+  /**
+   * The account ID for ELBv2 in this region
+   *
+   */
+  public get elbv2Account(): string | undefined {
+    return Fact.find(this.name, FactName.ELBV2_ACCOUNT);
+  }
 }