From a872e672f8990fc3879413e5d797533d3916e1fd Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Thu, 18 Mar 2021 13:06:04 +0000 Subject: [PATCH] chore: remove usage of deprecated symbols (#13500) Across the CDK repo, remove the usage of deprecated symbols. These are going to be removed in CDKv2, and these changes make the codebases on the two branches more aligned. However, this does not remove *all* usages of deprecated symbols, but only the changes that are backwards compatible. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- allowed-breaking-changes.txt | 5 +++ packages/@aws-cdk/assets/test/test.staging.ts | 12 +++---- .../@aws-cdk/aws-apigateway/lib/restapi.ts | 32 +++++++++++++++---- .../test/integ.restapi.multiuse.ts | 2 +- .../aws-apigatewayv2/lib/http/vpc-link.ts | 8 ++--- .../lib/scalable-target.ts | 2 +- .../@aws-cdk/aws-appmesh/lib/virtual-node.ts | 4 +-- .../aws-autoscaling/lib/auto-scaling-group.ts | 7 ++-- .../test/lifecyclehooks.test.ts | 2 +- .../test/compute-environment.test.ts | 5 +-- .../test/integ.nested-stack.ts | 2 +- .../test/integ.nested-stacks-assets.ts | 2 +- .../test/test.nested-stack.ts | 2 +- .../aws-cloudfront/lib/web-distribution.ts | 1 + .../test/web-distribution.test.ts | 6 ++-- .../@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts | 2 +- .../@aws-cdk/aws-cloudwatch/lib/metric.ts | 10 ++++++ packages/@aws-cdk/aws-cloudwatch/package.json | 1 + .../aws-cloudwatch/test/test.metrics.ts | 2 +- .../@aws-cdk/aws-codebuild/lib/project.ts | 4 +-- .../test/integ.docker-registry.lit.ts | 2 +- .../integ.deployment-group.expected.json | 6 ++-- .../test/lambda/integ.deployment-group.ts | 2 +- .../cloudformation-pipeline-actions.test.ts | 15 ++++----- .../@aws-cdk/aws-codepipeline/lib/pipeline.ts | 4 +-- .../aws-codepipeline/test/cross-env.test.ts | 2 +- .../aws-cognito/test/user-pool.test.ts | 2 +- .../lib/global-table-coordinator.ts | 2 +- packages/@aws-cdk/aws-dynamodb/lib/table.ts | 2 +- packages/@aws-cdk/aws-ec2/lib/cfn-init.ts | 2 +- packages/@aws-cdk/aws-ec2/lib/instance.ts | 4 +-- .../@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts | 4 +-- packages/@aws-cdk/aws-ec2/package.json | 1 + .../aws-ecs/lib/base/task-definition.ts | 4 +-- .../aws-ecs/test/container-definition.test.ts | 2 +- .../aws-eks-legacy/lib/cluster-resource.ts | 7 ++-- .../@aws-cdk/aws-eks-legacy/lib/helm-chart.ts | 5 ++- .../aws-eks-legacy/lib/k8s-resource.ts | 7 ++-- .../@aws-cdk/aws-eks/lib/service-account.ts | 5 ++- .../test/loadbalancer.test.ts | 4 +-- .../test/integ.lambda-target.ts | 2 +- .../test/lambda-target.test.ts | 2 +- .../lib/alb/application-listener-rule.ts | 7 ++-- .../lib/alb/application-listener.ts | 15 +++++++++ .../@aws-cdk/aws-elasticsearch/lib/domain.ts | 2 +- .../test/elasticsearch-access-policy.test.ts | 2 +- .../aws-events-targets/lib/aws-api.ts | 1 - .../@aws-cdk/aws-events-targets/lib/batch.ts | 1 - .../aws-events-targets/lib/codebuild.ts | 1 - .../aws-events-targets/lib/codepipeline.ts | 1 - .../aws-events-targets/lib/ecs-task.ts | 3 +- .../lib/kinesis-firehose-stream.ts | 1 - .../aws-events-targets/lib/kinesis-stream.ts | 1 - .../@aws-cdk/aws-events-targets/lib/lambda.ts | 1 - .../lib/log-group-resource-policy.ts | 2 +- .../aws-events-targets/lib/log-group.ts | 1 - .../@aws-cdk/aws-events-targets/lib/sns.ts | 1 - .../@aws-cdk/aws-events-targets/lib/sqs.ts | 1 - .../aws-events-targets/lib/state-machine.ts | 1 - packages/@aws-cdk/aws-events/lib/target.ts | 5 +-- .../@aws-cdk/aws-lambda/lib/function-base.ts | 2 +- packages/@aws-cdk/aws-lambda/lib/function.ts | 9 ++++-- packages/@aws-cdk/aws-lambda/lib/runtime.ts | 18 ++++------- packages/@aws-cdk/aws-rds/lib/props.ts | 1 + .../lib/website-redirect.ts | 13 ++++---- .../lib/cloudfront-target.ts | 2 +- packages/@aws-cdk/aws-s3/lib/bucket.ts | 2 +- .../lib/ecs/run-ecs-ec2-task.ts | 1 + .../lib/ecs/run-ecs-fargate-task.ts | 3 +- .../lib/ecs/run-ecs-task-base.ts | 2 ++ .../lib/invoke-activity.ts | 3 +- .../lib/lambda/run-lambda-task.ts | 1 + .../lib/sagemaker/base-types.ts | 4 +-- .../test/glue/start-job-run.test.ts | 9 +++--- .../lib/step-functions-task.ts | 2 ++ packages/@aws-cdk/core/lib/assets.ts | 3 +- .../lib/provider-framework/provider.ts | 8 +++-- .../lib/example-resource.ts | 2 +- 78 files changed, 189 insertions(+), 140 deletions(-) diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt index 2ca2ca5b6067f..0f5c6dc507097 100644 --- a/allowed-breaking-changes.txt +++ b/allowed-breaking-changes.txt @@ -56,3 +56,8 @@ incompatible-argument:@aws-cdk/aws-ecs.TaskDefinition.addVolume # We made properties optional and it's really fine but our differ doesn't think so. weakened:@aws-cdk/cloud-assembly-schema.DockerImageSource weakened:@aws-cdk/cloud-assembly-schema.FileSource + +# Changed required deprecated props from required -> optional. +# These are fine, since they shouldn't be widely used. +weakened:@aws-cdk/core.FileAssetLocation +weakened:@aws-cdk/aws-events.RuleTargetConfig diff --git a/packages/@aws-cdk/assets/test/test.staging.ts b/packages/@aws-cdk/assets/test/test.staging.ts index 65190e267bf9d..149bb99258601 100644 --- a/packages/@aws-cdk/assets/test/test.staging.ts +++ b/packages/@aws-cdk/assets/test/test.staging.ts @@ -14,7 +14,7 @@ export = { // WHEN const staging = new Staging(stack, 's1', { sourcePath }); - test.deepEqual(staging.sourceHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); + test.deepEqual(staging.assetHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); test.deepEqual(staging.sourcePath, sourcePath); test.deepEqual(staging.relativeStagedPath(stack), 'asset.2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); test.done(); @@ -29,9 +29,9 @@ export = { // WHEN const staging = new Staging(stack, 's1', { sourcePath }); - test.deepEqual(staging.sourceHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); + test.deepEqual(staging.assetHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); test.deepEqual(staging.sourcePath, sourcePath); - test.deepEqual(staging.stagedPath, sourcePath); + test.deepEqual(staging.absoluteStagedPath, sourcePath); test.done(); }, @@ -70,9 +70,9 @@ export = { const withExtra = new Staging(stack, 'withExtra', { sourcePath: directory, extraHash: 'boom' }); // THEN - test.notEqual(withoutExtra.sourceHash, withExtra.sourceHash); - test.deepEqual(withoutExtra.sourceHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); - test.deepEqual(withExtra.sourceHash, 'c95c915a5722bb9019e2c725d11868e5a619b55f36172f76bcbcaa8bb2d10c5f'); + test.notEqual(withoutExtra.assetHash, withExtra.assetHash); + test.deepEqual(withoutExtra.assetHash, '2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); + test.deepEqual(withExtra.assetHash, 'c95c915a5722bb9019e2c725d11868e5a619b55f36172f76bcbcaa8bb2d10c5f'); test.done(); }, }; diff --git a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts index 51a6ae53a7040..1afd9f7e9d090 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/restapi.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/restapi.ts @@ -490,7 +490,10 @@ export abstract class RestApiBase extends Resource implements IRestApi { ignore(deployment); } - protected configureCloudWatchRole(apiResource: CfnRestApi) { + /** + * @internal + */ + protected _configureCloudWatchRole(apiResource: CfnRestApi) { const role = new iam.Role(this, 'CloudWatchRole', { assumedBy: new iam.ServicePrincipal('apigateway.amazonaws.com'), managedPolicies: [iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonAPIGatewayPushToCloudWatchLogs')], @@ -503,7 +506,24 @@ export abstract class RestApiBase extends Resource implements IRestApi { resource.node.addDependency(apiResource); } - protected configureDeployment(props: RestApiOptions) { + /** + * @deprecated This method will be made internal. No replacement + */ + protected configureCloudWatchRole(apiResource: CfnRestApi) { + this._configureCloudWatchRole(apiResource); + } + + /** + * @deprecated This method will be made internal. No replacement + */ + protected configureDeployment(props: RestApiBaseProps) { + this._configureDeployment(props); + } + + /** + * @internal + */ + protected _configureDeployment(props: RestApiBaseProps) { const deploy = props.deploy ?? true; if (deploy) { @@ -603,14 +623,14 @@ export class SpecRestApi extends RestApiBase { this.restApiRootResourceId = resource.attrRootResourceId; this.root = new RootResource(this, {}, this.restApiRootResourceId); - this.configureDeployment(props); + this._configureDeployment(props); if (props.domainName) { this.addDomainName('CustomDomain', props.domainName); } const cloudWatchRole = props.cloudWatchRole ?? true; if (cloudWatchRole) { - this.configureCloudWatchRole(resource); + this._configureCloudWatchRole(resource); } } } @@ -708,10 +728,10 @@ export class RestApi extends RestApiBase { const cloudWatchRole = props.cloudWatchRole ?? true; if (cloudWatchRole) { - this.configureCloudWatchRole(resource); + this._configureCloudWatchRole(resource); } - this.configureDeployment(props); + this._configureDeployment(props); if (props.domainName) { this.addDomainName('CustomDomain', props.domainName); } diff --git a/packages/@aws-cdk/aws-apigateway/test/integ.restapi.multiuse.ts b/packages/@aws-cdk/aws-apigateway/test/integ.restapi.multiuse.ts index 088c689cbe659..a248bf9041158 100644 --- a/packages/@aws-cdk/aws-apigateway/test/integ.restapi.multiuse.ts +++ b/packages/@aws-cdk/aws-apigateway/test/integ.restapi.multiuse.ts @@ -9,7 +9,7 @@ class MultiStack extends cdk.Stack { const hello = new apigw.LambdaIntegration(new lambda.Function(this, 'Hello', { runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', - code: lambda.Code.inline(`exports.handler = ${helloCode}`), + code: lambda.Code.fromInline(`exports.handler = ${helloCode}`), })); const api = new apigw.RestApi(this, 'hello-api'); diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts index a9c6604b43485..27a98085e334e 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/http/vpc-link.ts @@ -1,5 +1,5 @@ import * as ec2 from '@aws-cdk/aws-ec2'; -import { IResource, Lazy, Resource } from '@aws-cdk/core'; +import { IResource, Lazy, Names, Resource } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnVpcLink } from '../apigatewayv2.generated'; @@ -92,9 +92,9 @@ export class VpcLink extends Resource implements IVpcLink { this.vpc = props.vpc; const cfnResource = new CfnVpcLink(this, 'Resource', { - name: props.vpcLinkName || Lazy.stringValue({ produce: () => this.node.uniqueId }), - subnetIds: Lazy.listValue({ produce: () => this.renderSubnets() }), - securityGroupIds: Lazy.listValue({ produce: () => this.renderSecurityGroups() }), + name: props.vpcLinkName || Lazy.string({ produce: () => Names.uniqueId(this) }), + subnetIds: Lazy.list({ produce: () => this.renderSubnets() }), + securityGroupIds: Lazy.list({ produce: () => this.renderSecurityGroups() }), }); this.vpcLinkId = cfnResource.ref; diff --git a/packages/@aws-cdk/aws-applicationautoscaling/lib/scalable-target.ts b/packages/@aws-cdk/aws-applicationautoscaling/lib/scalable-target.ts index 60ab5b3bbaede..ca5f973a8fa50 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/lib/scalable-target.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/lib/scalable-target.ts @@ -136,7 +136,7 @@ export class ScalableTarget extends Resource implements IScalableTarget { * Add a policy statement to the role's policy */ public addToRolePolicy(statement: iam.PolicyStatement) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } /** diff --git a/packages/@aws-cdk/aws-appmesh/lib/virtual-node.ts b/packages/@aws-cdk/aws-appmesh/lib/virtual-node.ts index 0fede177a113e..cf14fcbdb3547 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/virtual-node.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/virtual-node.ts @@ -181,8 +181,8 @@ export class VirtualNode extends VirtualNodeBase { virtualNodeName: this.physicalName, meshName: this.mesh.meshName, spec: { - backends: cdk.Lazy.anyValue({ produce: () => this.backends }, { omitEmptyArray: true }), - listeners: cdk.Lazy.anyValue({ produce: () => this.listeners.map(listener => listener.listener) }, { omitEmptyArray: true }), + backends: cdk.Lazy.any({ produce: () => this.backends }, { omitEmptyArray: true }), + listeners: cdk.Lazy.any({ produce: () => this.listeners.map(listener => listener.listener) }, { omitEmptyArray: true }), backendDefaults: props.backendDefaults !== undefined ? { clientPolicy: props.backendDefaults?.clientPolicy?.bind(this).clientPolicy, diff --git a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts index 4b14a4ea710cb..42ea38ab80d11 100644 --- a/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts +++ b/packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts @@ -1097,7 +1097,7 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements * Adds a statement to the IAM role assumed by instances of this fleet. */ public addToRolePolicy(statement: iam.PolicyStatement) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } /** @@ -1225,7 +1225,7 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements ...this.autoScalingGroup.cfnOptions.creationPolicy, resourceSignal: { count: props.resourceSignalCount, - timeout: props.resourceSignalTimeout && props.resourceSignalTimeout.toISOString(), + timeout: props.resourceSignalTimeout && props.resourceSignalTimeout.toIsoString(), }, }; } @@ -1327,6 +1327,7 @@ export enum ScalingEvent { /** * Additional settings when a rolling update is selected + * @deprecated use `UpdatePolicy.rollingUpdate()` */ export interface RollingUpdateConfiguration { /** @@ -1516,7 +1517,7 @@ function renderRollingUpdateConfig(config: RollingUpdateConfiguration = {}): Cfn minInstancesInService: config.minInstancesInService, minSuccessfulInstancesPercent: validatePercentage(config.minSuccessfulInstancesPercent), waitOnResourceSignals, - pauseTime: pauseTime && pauseTime.toISOString(), + pauseTime: pauseTime && pauseTime.toIsoString(), suspendProcesses: config.suspendProcesses ?? DEFAULT_SUSPEND_PROCESSES, }; } diff --git a/packages/@aws-cdk/aws-autoscaling/test/lifecyclehooks.test.ts b/packages/@aws-cdk/aws-autoscaling/test/lifecyclehooks.test.ts index ffa727d6e86a9..5db2600011100 100644 --- a/packages/@aws-cdk/aws-autoscaling/test/lifecyclehooks.test.ts +++ b/packages/@aws-cdk/aws-autoscaling/test/lifecyclehooks.test.ts @@ -73,7 +73,7 @@ nodeunitShim({ class FakeNotificationTarget implements autoscaling.ILifecycleHookTarget { public bind(_scope: constructs.Construct, lifecycleHook: autoscaling.ILifecycleHook): autoscaling.LifecycleHookTargetConfig { - lifecycleHook.role.addToPolicy(new iam.PolicyStatement({ + lifecycleHook.role.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['action:Work'], resources: ['*'], })); diff --git a/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts b/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts index 153eb932eec37..607479a4ae8fb 100644 --- a/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts +++ b/packages/@aws-cdk/aws-batch/test/compute-environment.test.ts @@ -167,10 +167,7 @@ describe('Batch Compute Evironment', () => { }, desiredvCpus: 1, ec2KeyPair: 'my-key-pair', - image: new ecs.EcsOptimizedAmi({ - generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, - hardwareType: ecs.AmiHardwareType.STANDARD, - }), + image: ecs.EcsOptimizedImage.amazonLinux2(ecs.AmiHardwareType.STANDARD), instanceRole: new iam.CfnInstanceProfile(stack, 'Instance-Profile', { roles: [new iam.Role(stack, 'Ecs-Instance-Role', { assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'), diff --git a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts index b6357115f7667..77e008ac6872c 100644 --- a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts +++ b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stack.ts @@ -43,7 +43,7 @@ class MyNestedStack extends cfn.NestedStack { if (props.subscriber) { new lambda.Function(this, 'fn', { runtime: lambda.Runtime.NODEJS_10_X, - code: lambda.Code.inline('console.error("hi")'), + code: lambda.Code.fromInline('console.error("hi")'), handler: 'index.handler', environment: { TOPIC_ARN: props.siblingTopic?.topicArn ?? '', diff --git a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stacks-assets.ts b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stacks-assets.ts index ad7ed4e85d294..dd3a74360e934 100644 --- a/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stacks-assets.ts +++ b/packages/@aws-cdk/aws-cloudformation/test/integ.nested-stacks-assets.ts @@ -15,7 +15,7 @@ class NestedStack extends cfn.NestedStack { super(scope, id); new lambda.Function(this, 'Handler', { - code: lambda.Code.asset(path.join(__dirname, 'asset-directory-fixture')), + code: lambda.Code.fromAsset(path.join(__dirname, 'asset-directory-fixture')), runtime: lambda.Runtime.NODEJS_10_X, handler: 'index.handler', }); diff --git a/packages/@aws-cdk/aws-cloudformation/test/test.nested-stack.ts b/packages/@aws-cdk/aws-cloudformation/test/test.nested-stack.ts index 2149c48be5fd3..7a443a6db19cd 100644 --- a/packages/@aws-cdk/aws-cloudformation/test/test.nested-stack.ts +++ b/packages/@aws-cdk/aws-cloudformation/test/test.nested-stack.ts @@ -811,7 +811,7 @@ export = { const nested = new NestedStack(parent, 'nested-stack'); // WHEN - const location = nested.addDockerImageAsset({ + const location = nested.synthesizer.addDockerImageAsset({ directoryName: 'my-image', dockerBuildArgs: { key: 'value', boom: 'bam' }, dockerBuildTarget: 'buildTarget', diff --git a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts index a678c82ba6087..87836434fa141 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts @@ -52,6 +52,7 @@ export enum FailoverStatusCode { * "cloudfront.net" domain. To use this feature you must provide the list of * additional domains, and the ACM Certificate that CloudFront should use for * these additional domains. + * @deprecated see {@link CloudFrontWebDistributionProps#viewerCertificate} with {@link ViewerCertificate#acmCertificate} */ export interface AliasConfiguration { /** diff --git a/packages/@aws-cdk/aws-cloudfront/test/web-distribution.test.ts b/packages/@aws-cdk/aws-cloudfront/test/web-distribution.test.ts index d24c7aa1220dc..d8e12059172fa 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/web-distribution.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/web-distribution.test.ts @@ -530,7 +530,7 @@ nodeunitShim({ const sourceBucket = new s3.Bucket(stack, 'Bucket'); const lambdaFunction = new lambda.Function(stack, 'Lambda', { - code: lambda.Code.inline('foo'), + code: lambda.Code.fromInline('foo'), handler: 'index.handler', runtime: lambda.Runtime.NODEJS_10_X, }); @@ -580,7 +580,7 @@ nodeunitShim({ const sourceBucket = new s3.Bucket(stack, 'Bucket'); const lambdaFunction = new lambda.Function(stack, 'Lambda', { - code: lambda.Code.inline('foo'), + code: lambda.Code.fromInline('foo'), handler: 'index.handler', runtime: lambda.Runtime.NODEJS_10_X, }); @@ -618,7 +618,7 @@ nodeunitShim({ const sourceBucket = new s3.Bucket(stack, 'Bucket'); const lambdaFunction = new lambda.Function(stack, 'Lambda', { - code: lambda.Code.inline('foo'), + code: lambda.Code.fromInline('foo'), handler: 'index.handler', runtime: lambda.Runtime.NODEJS_10_X, environment: { diff --git a/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts b/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts index d98c34b8011de..d3a4f4fa79104 100644 --- a/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts +++ b/packages/@aws-cdk/aws-cloudtrail/lib/cloudtrail.ts @@ -246,7 +246,7 @@ export class Trail extends Resource { logsRole = new iam.Role(this, 'LogsRole', { assumedBy: cloudTrailPrincipal }); - logsRole.addToPolicy(new iam.PolicyStatement({ + logsRole.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['logs:PutLogEvents', 'logs:CreateLogStream'], resources: [this.logGroup.logGroupArn], })); diff --git a/packages/@aws-cdk/aws-cloudwatch/lib/metric.ts b/packages/@aws-cdk/aws-cloudwatch/lib/metric.ts index fa900333ef0fa..0590a592da502 100644 --- a/packages/@aws-cdk/aws-cloudwatch/lib/metric.ts +++ b/packages/@aws-cdk/aws-cloudwatch/lib/metric.ts @@ -306,6 +306,7 @@ export class Metric implements IMetric { }; } + /** @deprecated use toMetricConfig() */ public toAlarmConfig(): MetricAlarmConfig { const metricConfig = this.toMetricConfig(); if (metricConfig.metricStat === undefined) { @@ -324,6 +325,9 @@ export class Metric implements IMetric { }; } + /** + * @deprecated use toMetricConfig() + */ public toGraphConfig(): MetricGraphConfig { const metricConfig = this.toMetricConfig(); if (metricConfig.metricStat === undefined) { @@ -479,10 +483,16 @@ export class MathExpression implements IMetric { }); } + /** + * @deprecated use toMetricConfig() + */ public toAlarmConfig(): MetricAlarmConfig { throw new Error('Using a math expression is not supported here. Pass a \'Metric\' object instead'); } + /** + * @deprecated use toMetricConfig() + */ public toGraphConfig(): MetricGraphConfig { throw new Error('Using a math expression is not supported here. Pass a \'Metric\' object instead'); } diff --git a/packages/@aws-cdk/aws-cloudwatch/package.json b/packages/@aws-cdk/aws-cloudwatch/package.json index c974f8fe0199a..98a3281163384 100644 --- a/packages/@aws-cdk/aws-cloudwatch/package.json +++ b/packages/@aws-cdk/aws-cloudwatch/package.json @@ -94,6 +94,7 @@ "duration-prop-type:@aws-cdk/aws-cloudwatch.MetricAlarmConfig.period", "duration-prop-type:@aws-cdk/aws-cloudwatch.MetricGraphConfig.period", "duration-prop-type:@aws-cdk/aws-cloudwatch.MetricRenderingProperties.period", + "no-unused-type:@aws-cdk/aws-cloudwatch.Statistic", "props-default-doc:@aws-cdk/aws-cloudwatch.MetricAlarmConfig.dimensions", "props-default-doc:@aws-cdk/aws-cloudwatch.MetricAlarmConfig.extendedStatistic", "props-default-doc:@aws-cdk/aws-cloudwatch.MetricAlarmConfig.statistic", diff --git a/packages/@aws-cdk/aws-cloudwatch/test/test.metrics.ts b/packages/@aws-cdk/aws-cloudwatch/test/test.metrics.ts index b3afc36230c86..7db77355f5d73 100644 --- a/packages/@aws-cdk/aws-cloudwatch/test/test.metrics.ts +++ b/packages/@aws-cdk/aws-cloudwatch/test/test.metrics.ts @@ -9,7 +9,7 @@ export = { // GIVEN const stack = new cdk.Stack(); const role = new iam.Role(stack, 'SomeRole', { - assumedBy: new iam.Anyone(), + assumedBy: new iam.AnyPrincipal(), }); // WHEN diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 9477f5be3a246..718f7263ada13 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -222,7 +222,7 @@ abstract class ProjectBase extends Resource implements IProject { */ public addToRolePolicy(statement: iam.PolicyStatement) { if (this.role) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } } @@ -1229,7 +1229,7 @@ export class Project extends ProjectBase { return; } - this.role.addToPolicy(new iam.PolicyStatement({ + this.role.addToPrincipalPolicy(new iam.PolicyStatement({ resources: [`arn:${Aws.PARTITION}:ec2:${Aws.REGION}:${Aws.ACCOUNT_ID}:network-interface/*`], actions: ['ec2:CreateNetworkInterfacePermission'], conditions: { diff --git a/packages/@aws-cdk/aws-codebuild/test/integ.docker-registry.lit.ts b/packages/@aws-cdk/aws-codebuild/test/integ.docker-registry.lit.ts index c50dc2ec9092a..916f51b07b1f5 100644 --- a/packages/@aws-cdk/aws-codebuild/test/integ.docker-registry.lit.ts +++ b/packages/@aws-cdk/aws-codebuild/test/integ.docker-registry.lit.ts @@ -6,7 +6,7 @@ class TestStack extends cdk.Stack { constructor(scope: cdk.App, id: string) { super(scope, id); - const secrets = secretsmanager.Secret.fromSecretArn(this, 'MySecrets', + const secrets = secretsmanager.Secret.fromSecretCompleteArn(this, 'MySecrets', `arn:aws:secretsmanager:${this.region}:${this.account}:secret:my-secrets-123456`); new codebuild.Project(this, 'MyProject', { diff --git a/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.expected.json b/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.expected.json index 734b7109ad8a1..2d8f66303edee 100644 --- a/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.expected.json +++ b/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.expected.json @@ -85,7 +85,7 @@ "HandlerServiceRoleFCDC14AE" ] }, - "HandlerVersion1F237F6D0": { + "HandlerCurrentVersion93FB80BFa1c6e812d19e0a94f85605af18cacb0c": { "Type": "AWS::Lambda::Version", "Properties": { "FunctionName": { @@ -101,7 +101,7 @@ }, "FunctionVersion": { "Fn::GetAtt": [ - "HandlerVersion1F237F6D0", + "HandlerCurrentVersion93FB80BFa1c6e812d19e0a94f85605af18cacb0c", "Version" ] }, @@ -586,4 +586,4 @@ "Description": "Artifact hash for asset \"93dbd8c02dbfca9077c9d83cb6d3a94659988c7d143988da4a554033a58f963c\"" } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.ts index 98b2ed7fe3328..ced2c76f4d447 100644 --- a/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/test/lambda/integ.deployment-group.ts @@ -13,7 +13,7 @@ const handler = new lambda.Function(stack, 'Handler', { handler: 'index.handler', runtime: lambda.Runtime.NODEJS_10_X, }); -const version = handler.addVersion('1'); +const version = handler.currentVersion; const blueGreenAlias = new lambda.Alias(stack, 'Alias', { aliasName: 'alias', version, diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts index 28a22d970a1c0..7501f74bb1ff7 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/cloudformation/cloudformation-pipeline-actions.test.ts @@ -1,5 +1,4 @@ import { expect, haveResourceLike } from '@aws-cdk/assert'; -import { CloudFormationCapabilities } from '@aws-cdk/aws-cloudformation'; import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codecommit from '@aws-cdk/aws-codecommit'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; @@ -439,8 +438,8 @@ nodeunitShim({ stackName: 'MyStack', templatePath: stack.sourceOutput.atPath('template.yaml'), adminPermissions: false, - capabilities: [ - CloudFormationCapabilities.NAMED_IAM, + cfnCapabilities: [ + cdk.CfnCapabilities.NAMED_IAM, ], })); @@ -482,9 +481,9 @@ nodeunitShim({ stackName: 'MyStack', templatePath: stack.sourceOutput.atPath('template.yaml'), adminPermissions: false, - capabilities: [ - CloudFormationCapabilities.NAMED_IAM, - CloudFormationCapabilities.AUTO_EXPAND, + cfnCapabilities: [ + cdk.CfnCapabilities.NAMED_IAM, + cdk.CfnCapabilities.AUTO_EXPAND, ], })); @@ -526,8 +525,8 @@ nodeunitShim({ stackName: 'MyStack', templatePath: stack.sourceOutput.atPath('template.yaml'), adminPermissions: false, - capabilities: [ - CloudFormationCapabilities.NONE, + cfnCapabilities: [ + cdk.CfnCapabilities.NONE, ], })); diff --git a/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts b/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts index 760e049c6ed73..8ef8cc3dede8e 100644 --- a/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts +++ b/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts @@ -348,7 +348,7 @@ export class Pipeline extends PipelineBase { * Adds a statement to the pipeline role. */ public addToRolePolicy(statement: iam.PolicyStatement) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } /** @@ -584,7 +584,7 @@ export class Pipeline extends PipelineBase { // the pipeline role needs assumeRole permissions to the action role if (actionRole) { - this.role.addToPolicy(new iam.PolicyStatement({ + this.role.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['sts:AssumeRole'], resources: [actionRole.roleArn], })); diff --git a/packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts b/packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts index 08fd0160b90f4..caaab6f8378a1 100644 --- a/packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts +++ b/packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts @@ -115,7 +115,7 @@ describe.each(['legacy', 'modern'])('with %s synthesis', (synthesisStyle: string // THEN const asm = app.synth(); - const supportStack = asm.getStack(`${stack.stackName}-support-eu-west-1`); + const supportStack = asm.getStackByName(`${stack.stackName}-support-eu-west-1`); // THEN expect(supportStack).not.toHaveResource('AWS::KMS::Key'); diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts index 6801e8ada2568..4aa6a1bf4b85a 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts @@ -1332,7 +1332,7 @@ describe('User Pool', () => { function fooFunction(scope: Construct, name: string): lambda.IFunction { return new lambda.Function(scope, name, { functionName: name, - code: lambda.Code.inline('foo'), + code: lambda.Code.fromInline('foo'), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', }); diff --git a/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts b/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts index 942d48116f06f..924c84b9237f1 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts +++ b/packages/@aws-cdk/aws-dynamodb-global/lib/global-table-coordinator.ts @@ -45,7 +45,7 @@ export class GlobalTableCoordinator extends cdk.Stack { */ function grantCreateGlobalTableLambda(principal?: iam.IPrincipal): void { if (principal) { - principal.addToPolicy(new iam.PolicyStatement({ + principal.addToPrincipalPolicy(new iam.PolicyStatement({ resources: ['*'], actions: [ 'iam:CreateServiceLinkedRole', diff --git a/packages/@aws-cdk/aws-dynamodb/lib/table.ts b/packages/@aws-cdk/aws-dynamodb/lib/table.ts index 84156abcec214..a958bf135546e 100644 --- a/packages/@aws-cdk/aws-dynamodb/lib/table.ts +++ b/packages/@aws-cdk/aws-dynamodb/lib/table.ts @@ -1525,7 +1525,7 @@ export class Table extends TableBase { // Permissions in the destination regions (outside of the loop to // minimize statements in the policy) - onEventHandlerPolicy.grantPrincipal.addToPolicy(new iam.PolicyStatement({ + onEventHandlerPolicy.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['dynamodb:*'], resources: this.regionalArns, })); diff --git a/packages/@aws-cdk/aws-ec2/lib/cfn-init.ts b/packages/@aws-cdk/aws-ec2/lib/cfn-init.ts index 2388c80736df4..910e7ab85cf7f 100644 --- a/packages/@aws-cdk/aws-ec2/lib/cfn-init.ts +++ b/packages/@aws-cdk/aws-ec2/lib/cfn-init.ts @@ -113,7 +113,7 @@ export class CloudFormationInit { const fingerprintInput = { config: resolvedConfig, assetHash: bindResult.assetHash }; const fingerprint = contentHash(JSON.stringify(fingerprintInput)).substr(0, 16); - attachOptions.instanceRole.addToPolicy(new iam.PolicyStatement({ + attachOptions.instanceRole.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['cloudformation:DescribeStackResource', 'cloudformation:SignalResource'], resources: [Aws.STACK_ID], })); diff --git a/packages/@aws-cdk/aws-ec2/lib/instance.ts b/packages/@aws-cdk/aws-ec2/lib/instance.ts index 82fbb22bea4e3..aad8cda0f5deb 100644 --- a/packages/@aws-cdk/aws-ec2/lib/instance.ts +++ b/packages/@aws-cdk/aws-ec2/lib/instance.ts @@ -431,7 +431,7 @@ export class Instance extends Resource implements IInstance { * Adds a statement to the IAM role assumed by the instance. */ public addToRolePolicy(statement: iam.PolicyStatement) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } /** @@ -485,7 +485,7 @@ export class Instance extends Resource implements IInstance { this.instance.cfnOptions.creationPolicy = { ...this.instance.cfnOptions.creationPolicy, resourceSignal: { - timeout: props.resourceSignalTimeout && props.resourceSignalTimeout.toISOString(), + timeout: props.resourceSignalTimeout && props.resourceSignalTimeout.toIsoString(), }, }; } diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts index 0edf1867236a7..498940fab878a 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts @@ -237,7 +237,7 @@ class CloudWatchLogsDestination extends FlowLogDestination { logGroup = this.props.logGroup; } - iamRole.addToPolicy( + iamRole.addToPrincipalPolicy( new iam.PolicyStatement({ actions: [ 'logs:CreateLogStream', @@ -249,7 +249,7 @@ class CloudWatchLogsDestination extends FlowLogDestination { }), ); - iamRole.addToPolicy( + iamRole.addToPrincipalPolicy( new iam.PolicyStatement({ actions: ['iam:PassRole'], effect: iam.Effect.ALLOW, diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index c32f701574ffc..e454bface8c4a 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -126,6 +126,7 @@ "props-physical-name:@aws-cdk/aws-ec2.SubnetProps", "props-physical-name:@aws-cdk/aws-ec2.VpcProps", "props-physical-name:@aws-cdk/aws-ec2.InterfaceVpcEndpointProps", + "props-physical-name:@aws-cdk/aws-ec2.VpcEndpointServiceProps", "from-method:@aws-cdk/aws-ec2.Instance", "from-method:@aws-cdk/aws-ec2.VpcEndpointService", "attribute-tag:@aws-cdk/aws-ec2.BastionHostLinux.instance", diff --git a/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts b/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts index 338fd59b39ea7..7c3bb618142a5 100644 --- a/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts +++ b/packages/@aws-cdk/aws-ecs/lib/base/task-definition.ts @@ -461,14 +461,14 @@ export class TaskDefinition extends TaskDefinitionBase { * Adds a policy statement to the task IAM role. */ public addToTaskRolePolicy(statement: iam.PolicyStatement) { - this.taskRole.addToPolicy(statement); + this.taskRole.addToPrincipalPolicy(statement); } /** * Adds a policy statement to the task execution IAM role. */ public addToExecutionRolePolicy(statement: iam.PolicyStatement) { - this.obtainExecutionRole().addToPolicy(statement); + this.obtainExecutionRole().addToPrincipalPolicy(statement); } /** diff --git a/packages/@aws-cdk/aws-ecs/test/container-definition.test.ts b/packages/@aws-cdk/aws-ecs/test/container-definition.test.ts index 81e9f274160b7..88fa5545c830e 100644 --- a/packages/@aws-cdk/aws-ecs/test/container-definition.test.ts +++ b/packages/@aws-cdk/aws-ecs/test/container-definition.test.ts @@ -1416,7 +1416,7 @@ describe('container definition', () => { const taskDefinition = new ecs.Ec2TaskDefinition(stack, 'TaskDef'); const mySecretArn = 'arn:aws:secretsmanager:region:1234567890:secret:MyRepoSecret-6f8hj3'; - const repoCreds = secretsmanager.Secret.fromSecretArn(stack, 'MyRepoSecret', mySecretArn); + const repoCreds = secretsmanager.Secret.fromSecretCompleteArn(stack, 'MyRepoSecret', mySecretArn); // WHEN taskDefinition.addContainer('Container', { diff --git a/packages/@aws-cdk/aws-eks-legacy/lib/cluster-resource.ts b/packages/@aws-cdk/aws-eks-legacy/lib/cluster-resource.ts index 81c04ef56653a..2de302f8c6331 100644 --- a/packages/@aws-cdk/aws-eks-legacy/lib/cluster-resource.ts +++ b/packages/@aws-cdk/aws-eks-legacy/lib/cluster-resource.ts @@ -1,8 +1,7 @@ import * as path from 'path'; -import * as cfn from '@aws-cdk/aws-cloudformation'; import * as iam from '@aws-cdk/aws-iam'; import * as lambda from '@aws-cdk/aws-lambda'; -import { Duration, Token } from '@aws-cdk/core'; +import { CustomResource, Duration, Token } from '@aws-cdk/core'; import { CfnClusterProps } from './eks.generated'; import { KubectlLayer } from './kubectl-layer'; @@ -69,9 +68,9 @@ export class ClusterResource extends Construct { resources: [props.roleArn], })); - const resource = new cfn.CustomResource(this, 'Resource', { + const resource = new CustomResource(this, 'Resource', { resourceType: ClusterResource.RESOURCE_TYPE, - provider: cfn.CustomResourceProvider.lambda(handler), + serviceToken: handler.functionArn, properties: { Config: props, }, diff --git a/packages/@aws-cdk/aws-eks-legacy/lib/helm-chart.ts b/packages/@aws-cdk/aws-eks-legacy/lib/helm-chart.ts index a427353e9f6c7..6accff6c05bd2 100644 --- a/packages/@aws-cdk/aws-eks-legacy/lib/helm-chart.ts +++ b/packages/@aws-cdk/aws-eks-legacy/lib/helm-chart.ts @@ -1,7 +1,6 @@ import * as path from 'path'; -import { CustomResource, CustomResourceProvider } from '@aws-cdk/aws-cloudformation'; import * as lambda from '@aws-cdk/aws-lambda'; -import { Duration, Names, Stack } from '@aws-cdk/core'; +import { CustomResource, Duration, Names, Stack } from '@aws-cdk/core'; import { Cluster } from './cluster'; import { KubectlLayer } from './kubectl-layer'; @@ -85,7 +84,7 @@ export class HelmChart extends Construct { } new CustomResource(this, 'Resource', { - provider: CustomResourceProvider.lambda(handler), + serviceToken: handler.functionArn, resourceType: HelmChart.RESOURCE_TYPE, properties: { Release: props.release || Names.uniqueId(this).slice(-63).toLowerCase(), // Helm has a 63 character limit for the name diff --git a/packages/@aws-cdk/aws-eks-legacy/lib/k8s-resource.ts b/packages/@aws-cdk/aws-eks-legacy/lib/k8s-resource.ts index 14aa566d50406..f28901d125cc9 100644 --- a/packages/@aws-cdk/aws-eks-legacy/lib/k8s-resource.ts +++ b/packages/@aws-cdk/aws-eks-legacy/lib/k8s-resource.ts @@ -1,5 +1,4 @@ -import * as cfn from '@aws-cdk/aws-cloudformation'; -import { Stack } from '@aws-cdk/core'; +import { CustomResource, Stack } from '@aws-cdk/core'; import { Cluster } from './cluster'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main @@ -63,8 +62,8 @@ export class KubernetesResource extends Construct { throw new Error('Cannot define a KubernetesManifest resource on a cluster with kubectl disabled'); } - new cfn.CustomResource(this, 'Resource', { - provider: cfn.CustomResourceProvider.lambda(handler), + new CustomResource(this, 'Resource', { + serviceToken: handler.functionArn, resourceType: KubernetesResource.RESOURCE_TYPE, properties: { // `toJsonString` enables embedding CDK tokens in the manifest and will diff --git a/packages/@aws-cdk/aws-eks/lib/service-account.ts b/packages/@aws-cdk/aws-eks/lib/service-account.ts index 0ad6b238fdf89..c49e2a944a765 100644 --- a/packages/@aws-cdk/aws-eks/lib/service-account.ts +++ b/packages/@aws-cdk/aws-eks/lib/service-account.ts @@ -107,8 +107,11 @@ export class ServiceAccount extends CoreConstruct implements IPrincipal { } + /** + * @deprecated use `addToPrincipalPolicy()` + */ public addToPolicy(statement: PolicyStatement): boolean { - return this.role.addToPolicy(statement); + return this.addToPrincipalPolicy(statement).statementAdded; } public addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult { diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts index 873ee201c16b7..bdddbbc512df9 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancing/test/loadbalancer.test.ts @@ -165,14 +165,14 @@ describe('tests', () => { new LoadBalancer(stack, 'LB', { vpc, subnetSelection: { - subnetName: 'private1', + subnetGroupName: 'private1', }, }); // THEN expect(stack).to(haveResource('AWS::ElasticLoadBalancing::LoadBalancer', { Subnets: vpc.selectSubnets({ - subnetName: 'private1', + subnetGroupName: 'private1', }).subnetIds.map((subnetId: string) => stack.resolve(subnetId)), })); }); diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.lambda-target.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.lambda-target.ts index 405fa22d03f82..357b629985e10 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.lambda-target.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/integ.lambda-target.ts @@ -15,7 +15,7 @@ class TestStack extends Stack { const listener = lb.addListener('Listener', { port: 80 }); const fn = new lambda.Function(this, 'Fun', { - code: lambda.Code.inline(` + code: lambda.Code.fromInline(` def handler(event, context): return { "isBase64Encoded": False, diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/lambda-target.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/lambda-target.test.ts index 93204aea01c10..6011c39dda242 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/lambda-target.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/test/lambda-target.test.ts @@ -16,7 +16,7 @@ beforeEach(() => { listener = lb.addListener('Listener', { port: 80 }); fn = new lambda.Function(stack, 'Fun', { - code: lambda.Code.inline('foo'), + code: lambda.Code.fromInline('foo'), runtime: lambda.Runtime.PYTHON_3_6, handler: 'index.handler', }); diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.ts index e109bc7624f9c..7a3bb91cb3457 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.ts @@ -118,6 +118,7 @@ export interface ApplicationListenerRuleProps extends BaseApplicationListenerRul /** * The content type for a fixed response + * @deprecated superceded by `FixedResponseOptions`. */ export enum ContentType { TEXT_PLAIN = 'text/plain', @@ -129,6 +130,7 @@ export enum ContentType { /** * A fixed response + * @deprecated superceded by `ListenerAction.fixedResponse()`. */ export interface FixedResponse { /** @@ -153,6 +155,7 @@ export interface FixedResponse { /** * A redirect response + * @deprecated superceded by `ListenerAction.redirect()`. */ export interface RedirectResponse { /** @@ -385,8 +388,8 @@ export class ApplicationListenerRule extends CoreConstruct { /** * Validate the status code and message body of a fixed response - * * @internal + * @deprecated */ export function validateFixedResponse(fixedResponse: FixedResponse) { if (fixedResponse.statusCode && !/^(2|4|5)\d\d$/.test(fixedResponse.statusCode)) { @@ -400,8 +403,8 @@ export function validateFixedResponse(fixedResponse: FixedResponse) { /** * Validate the status code and message body of a redirect response - * * @internal + * @deprecated */ export function validateRedirectResponse(redirectResponse: RedirectResponse) { if (redirectResponse.protocol && !/^(HTTPS?|#\{protocol\})$/i.test(redirectResponse.protocol)) { diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener.ts index 3a13b8a3490a1..f0876cd2cc082 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-listener.ts @@ -492,9 +492,15 @@ export interface IApplicationListener extends IResource, ec2.IConnectable { /** * Add one or more certificates to this listener. + * @deprecated use `addCertificates()` */ addCertificateArns(id: string, arns: string[]): void; + /** + * Add one or more certificates to this listener. + */ + addCertificates(id: string, certificates: IListenerCertificate[]): void; + /** * Load balance incoming requests to the given target groups. * @@ -589,8 +595,17 @@ abstract class ExternalApplicationListener extends Resource implements IApplicat /** * Add one or more certificates to this listener. + * @deprecated use `addCertificates()` */ public addCertificateArns(id: string, arns: string[]): void { + this.addCertificates(id, arns.map(ListenerCertificate.fromArn)); + } + + /** + * Add one or more certificates to this listener. + */ + public addCertificates(id: string, certificates: IListenerCertificate[]): void { + const arns = certificates.map(c => c.certificateArn); new ApplicationListenerCertificate(this, id, { listener: this, certificateArns: arns, diff --git a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts index 905ea5360f139..74a4dff64f757 100644 --- a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts +++ b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts @@ -1345,7 +1345,7 @@ export class Domain extends DomainBase implements IDomain { const unsignedAccessPolicy = new iam.PolicyStatement({ effect: iam.Effect.ALLOW, actions: ['es:ESHttp*'], - principals: [new iam.Anyone()], + principals: [new iam.AnyPrincipal()], resources: [cdk.Lazy.string({ produce: () => `${this.domainArn}/*` })], }); diff --git a/packages/@aws-cdk/aws-elasticsearch/test/elasticsearch-access-policy.test.ts b/packages/@aws-cdk/aws-elasticsearch/test/elasticsearch-access-policy.test.ts index 8f19cef53553c..c848e9d58bc82 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/elasticsearch-access-policy.test.ts +++ b/packages/@aws-cdk/aws-elasticsearch/test/elasticsearch-access-policy.test.ts @@ -20,7 +20,7 @@ test('minimal example renders correctly', () => { accessPolicies: [new iam.PolicyStatement({ effect: iam.Effect.ALLOW, actions: ['es:ESHttp*'], - principals: [new iam.Anyone()], + principals: [new iam.AnyPrincipal()], resources: ['test:arn'], })], diff --git a/packages/@aws-cdk/aws-events-targets/lib/aws-api.ts b/packages/@aws-cdk/aws-events-targets/lib/aws-api.ts index 7b00d310e7068..90f8059afebfb 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/aws-api.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/aws-api.ts @@ -110,7 +110,6 @@ export class AwsApi implements events.IRuleTarget { }; return { - id: '', arn: handler.functionArn, input: events.RuleTargetInput.fromObject(input), targetResource: handler, diff --git a/packages/@aws-cdk/aws-events-targets/lib/batch.ts b/packages/@aws-cdk/aws-events-targets/lib/batch.ts index 19ade67f17d48..0d3e3c5b8409f 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/batch.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/batch.ts @@ -66,7 +66,6 @@ export class BatchJob implements events.IRuleTarget { }; return { - id: '', arn: this.jobQueue.jobQueueArn, // When scoping resource-level access for job submission, you must provide both job queue and job definition resource types. // https://docs.aws.amazon.com/batch/latest/userguide/ExamplePolicies_BATCH.html#iam-example-restrict-job-def diff --git a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts index d5b5e753b3867..a5264b2abe378 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts @@ -58,7 +58,6 @@ export class CodeBuildProject implements events.IRuleTarget { } return { - id: '', arn: this.project.projectArn, deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, role: this.props.eventRole || singletonEventRole(this.project, [ diff --git a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts index 4ed12809fcc23..fc0eb095cfecd 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts @@ -27,7 +27,6 @@ export class CodePipeline implements events.IRuleTarget { public bind(_rule: events.IRule, _id?: string): events.RuleTargetConfig { return { - id: '', arn: this.pipeline.pipelineArn, role: this.options.eventRole || singletonEventRole(this.pipeline, [new iam.PolicyStatement({ resources: [this.pipeline.pipelineArn], diff --git a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts index a31fc0b68ca5c..c3bed0dc2c048 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts @@ -120,7 +120,7 @@ export class EcsTask implements events.IRuleTarget { if (props.role) { const role = props.role; - this.createEventRolePolicyStatements().forEach(role.addToPolicy.bind(role)); + this.createEventRolePolicyStatements().forEach(role.addToPrincipalPolicy.bind(role)); this.role = role; } else { this.role = singletonEventRole(this.taskDefinition, this.createEventRolePolicyStatements()); @@ -183,7 +183,6 @@ export class EcsTask implements events.IRuleTarget { : baseEcsParameters; return { - id: '', arn, role, ecsParameters, diff --git a/packages/@aws-cdk/aws-events-targets/lib/kinesis-firehose-stream.ts b/packages/@aws-cdk/aws-events-targets/lib/kinesis-firehose-stream.ts index d861be96aa7f4..b52f7bf423df2 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/kinesis-firehose-stream.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/kinesis-firehose-stream.ts @@ -37,7 +37,6 @@ export class KinesisFirehoseStream implements events.IRuleTarget { })]; return { - id: '', arn: this.stream.attrArn, role: singletonEventRole(this.stream, policyStatements), input: this.props.message, diff --git a/packages/@aws-cdk/aws-events-targets/lib/kinesis-stream.ts b/packages/@aws-cdk/aws-events-targets/lib/kinesis-stream.ts index 535a8b3923b51..60bb544223729 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/kinesis-stream.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/kinesis-stream.ts @@ -51,7 +51,6 @@ export class KinesisStream implements events.IRuleTarget { })]; return { - id: '', arn: this.stream.streamArn, role: singletonEventRole(this.stream, policyStatements), input: this.props.message, diff --git a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts index 44315579a1300..903b3a2f33683 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts @@ -50,7 +50,6 @@ export class LambdaFunction implements events.IRuleTarget { } return { - id: '', arn: this.handler.functionArn, deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, input: this.props.event, diff --git a/packages/@aws-cdk/aws-events-targets/lib/log-group-resource-policy.ts b/packages/@aws-cdk/aws-events-targets/lib/log-group-resource-policy.ts index a4fdccd042e8f..8938fc1362fbb 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/log-group-resource-policy.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/log-group-resource-policy.ts @@ -29,7 +29,7 @@ export class LogGroupResourcePolicy extends cr.AwsCustomResource { statements: props.policyStatements, }); - let policyName = props.policyName || cdk.Lazy.stringValue({ produce: () => cdk.Names.uniqueId(this) }); + let policyName = props.policyName || cdk.Lazy.string({ produce: () => cdk.Names.uniqueId(this) }); super(scope, id, { resourceType: 'Custom::CloudwatchLogResourcePolicy', diff --git a/packages/@aws-cdk/aws-events-targets/lib/log-group.ts b/packages/@aws-cdk/aws-events-targets/lib/log-group.ts index ac6e3f7917da4..d437adaf2375c 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/log-group.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/log-group.ts @@ -45,7 +45,6 @@ export class CloudWatchLogGroup implements events.IRuleTarget { } return { - id: '', arn: logGroupStack.formatArn({ service: 'logs', resource: 'log-group', diff --git a/packages/@aws-cdk/aws-events-targets/lib/sns.ts b/packages/@aws-cdk/aws-events-targets/lib/sns.ts index 0584f8b924871..13f10f7d80552 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/sns.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/sns.ts @@ -39,7 +39,6 @@ export class SnsTopic implements events.IRuleTarget { this.topic.grantPublish(new iam.ServicePrincipal('events.amazonaws.com')); return { - id: '', arn: this.topic.topicArn, input: this.props.message, targetResource: this.topic, diff --git a/packages/@aws-cdk/aws-events-targets/lib/sqs.ts b/packages/@aws-cdk/aws-events-targets/lib/sqs.ts index f19df1b01f136..8d711b4b9f5be 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/sqs.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/sqs.ts @@ -62,7 +62,6 @@ export class SqsQueue implements events.IRuleTarget { ); return { - id: '', arn: this.queue.queueArn, input: this.props.message, targetResource: this.queue, diff --git a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts index a2a791715e94c..2407a2023c96b 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts @@ -61,7 +61,6 @@ export class SfnStateMachine implements events.IRuleTarget { } return { - id: '', arn: this.machine.stateMachineArn, deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, role: this.role, diff --git a/packages/@aws-cdk/aws-events/lib/target.ts b/packages/@aws-cdk/aws-events/lib/target.ts index da2ac9a1c7fb1..1f7de7e82b36a 100644 --- a/packages/@aws-cdk/aws-events/lib/target.ts +++ b/packages/@aws-cdk/aws-events/lib/target.ts @@ -27,9 +27,10 @@ export interface RuleTargetConfig { * include alphanumeric characters, periods (.), hyphens (-), and * underscores (_). * - * @deprecated prefer auto-generated id by specifying an empty string + * @default - an auto-generated id + * @deprecated no replacement. we will always use an autogenerated id. */ - readonly id: string; + readonly id?: string; /** * The Amazon Resource Name (ARN) of the target. diff --git a/packages/@aws-cdk/aws-lambda/lib/function-base.ts b/packages/@aws-cdk/aws-lambda/lib/function-base.ts index 92ca396cafbb2..3ea52d5c3433b 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function-base.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function-base.ts @@ -260,7 +260,7 @@ export abstract class FunctionBase extends Resource implements IFunction { return; } - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } /** diff --git a/packages/@aws-cdk/aws-lambda/lib/function.ts b/packages/@aws-cdk/aws-lambda/lib/function.ts index 1f9857ac35b1a..4a0fc2d916ec0 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function.ts @@ -18,9 +18,12 @@ import { Handler } from './handler'; import { Version, VersionOptions } from './lambda-version'; import { CfnFunction } from './lambda.generated'; import { ILayerVersion } from './layers'; -import { LogRetentionRetryOptions } from './log-retention'; import { Runtime } from './runtime'; +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main +// eslint-disable-next-line +import { LogRetentionRetryOptions } from './log-retention'; + /** * X-Ray Tracing Modes (https://docs.aws.amazon.com/lambda/latest/dg/API_TracingConfig.html) */ @@ -568,13 +571,13 @@ export class Function extends FunctionBase { const config = props.filesystem.config; if (config.policies) { config.policies.forEach(p => { - this.role?.addToPolicy(p); + this.role?.addToPrincipalPolicy(p); }); } } for (const statement of (props.initialPolicy || [])) { - this.role.addToPolicy(statement); + this.role.addToPrincipalPolicy(statement); } const code = props.code.bind(this); diff --git a/packages/@aws-cdk/aws-lambda/lib/runtime.ts b/packages/@aws-cdk/aws-lambda/lib/runtime.ts index 3bbd8bcc43f6e..0f26813b8c4a9 100644 --- a/packages/@aws-cdk/aws-lambda/lib/runtime.ts +++ b/packages/@aws-cdk/aws-lambda/lib/runtime.ts @@ -42,29 +42,25 @@ export class Runtime { /** * The NodeJS runtime (nodejs) - * - * @deprecated Use {@link NODEJS_12_X} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly NODEJS = new Runtime('nodejs', RuntimeFamily.NODEJS, { supportsInlineCode: true }); /** * The NodeJS 4.3 runtime (nodejs4.3) - * - * @deprecated Use {@link NODEJS_12_X} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly NODEJS_4_3 = new Runtime('nodejs4.3', RuntimeFamily.NODEJS, { supportsInlineCode: true }); /** * The NodeJS 6.10 runtime (nodejs6.10) - * - * @deprecated Use {@link NODEJS_12_X} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly NODEJS_6_10 = new Runtime('nodejs6.10', RuntimeFamily.NODEJS, { supportsInlineCode: true }); /** * The NodeJS 8.10 runtime (nodejs8.10) - * - * @deprecated Use {@link NODEJS_12_X} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly NODEJS_8_10 = new Runtime('nodejs8.10', RuntimeFamily.NODEJS, { supportsInlineCode: true }); @@ -135,15 +131,13 @@ export class Runtime { /** * The .NET Core 1.0 runtime (dotnetcore1.0) - * - * @deprecated Use {@link DOTNET_CORE_2_1} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly DOTNET_CORE_1 = new Runtime('dotnetcore1.0', RuntimeFamily.DOTNET_CORE); /** * The .NET Core 2.0 runtime (dotnetcore2.0) - * - * @deprecated Use {@link DOTNET_CORE_2_1} + * Legacy runtime no longer supported by AWS Lambda. */ public static readonly DOTNET_CORE_2 = new Runtime('dotnetcore2.0', RuntimeFamily.DOTNET_CORE); diff --git a/packages/@aws-cdk/aws-rds/lib/props.ts b/packages/@aws-cdk/aws-rds/lib/props.ts index 62460587d1aa2..9d7cbd40b8042 100644 --- a/packages/@aws-cdk/aws-rds/lib/props.ts +++ b/packages/@aws-cdk/aws-rds/lib/props.ts @@ -144,6 +144,7 @@ export interface CredentialsBaseOptions { /** * Options for creating Credentials from a username. + * @deprecated supporting API `fromUsername()` has been deprecated. See deprecation notice of the API. */ export interface CredentialsFromUsernameOptions extends CredentialsBaseOptions { /** diff --git a/packages/@aws-cdk/aws-route53-patterns/lib/website-redirect.ts b/packages/@aws-cdk/aws-route53-patterns/lib/website-redirect.ts index 274ed769c25c8..db63b7327a75d 100644 --- a/packages/@aws-cdk/aws-route53-patterns/lib/website-redirect.ts +++ b/packages/@aws-cdk/aws-route53-patterns/lib/website-redirect.ts @@ -1,6 +1,6 @@ import * as crypto from 'crypto'; import { DnsValidatedCertificate, ICertificate } from '@aws-cdk/aws-certificatemanager'; -import { CloudFrontWebDistribution, OriginProtocolPolicy, PriceClass, ViewerProtocolPolicy } from '@aws-cdk/aws-cloudfront'; +import { CloudFrontWebDistribution, OriginProtocolPolicy, PriceClass, ViewerCertificate, ViewerProtocolPolicy } from '@aws-cdk/aws-cloudfront'; import { ARecord, AaaaRecord, IHostedZone, RecordTarget } from '@aws-cdk/aws-route53'; import { CloudFrontTarget } from '@aws-cdk/aws-route53-targets'; import { BlockPublicAccess, Bucket, RedirectProtocol } from '@aws-cdk/aws-s3'; @@ -68,12 +68,12 @@ export class HttpsRedirect extends CoreConstruct { } } - const redirectCertArn = props.certificate ? props.certificate.certificateArn : new DnsValidatedCertificate(this, 'RedirectCertificate', { + const redirectCert = props.certificate ?? new DnsValidatedCertificate(this, 'RedirectCertificate', { domainName: domainNames[0], subjectAlternativeNames: domainNames, hostedZone: props.zone, region: 'us-east-1', - }).certificateArn; + }); const redirectBucket = new Bucket(this, 'RedirectBucket', { websiteRedirect: { @@ -92,10 +92,9 @@ export class HttpsRedirect extends CoreConstruct { originProtocolPolicy: OriginProtocolPolicy.HTTP_ONLY, }, }], - aliasConfiguration: { - acmCertRef: redirectCertArn, - names: domainNames, - }, + viewerCertificate: ViewerCertificate.fromAcmCertificate(redirectCert, { + aliases: domainNames, + }), comment: `Redirect to ${props.targetDomain} from ${domainNames.join(', ')}`, priceClass: PriceClass.PRICE_CLASS_ALL, viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS, diff --git a/packages/@aws-cdk/aws-route53-targets/lib/cloudfront-target.ts b/packages/@aws-cdk/aws-route53-targets/lib/cloudfront-target.ts index 217ba72cfc079..d11e0c9de2324 100644 --- a/packages/@aws-cdk/aws-route53-targets/lib/cloudfront-target.ts +++ b/packages/@aws-cdk/aws-route53-targets/lib/cloudfront-target.ts @@ -43,7 +43,7 @@ export class CloudFrontTarget implements route53.IAliasRecordTarget { public bind(_record: route53.IRecordSet): route53.AliasRecordTargetConfig { return { hostedZoneId: CloudFrontTarget.getHostedZoneId(this.distribution), - dnsName: this.distribution.domainName, + dnsName: this.distribution.distributionDomainName, }; } } diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index c4c472a01ca94..ef1cda8a32f1b 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -683,7 +683,7 @@ abstract class BucketBase extends Resource implements IBucket { return iam.Grant.addToPrincipalOrResource({ actions: allowedActions, resourceArns: [this.arnForObjects(keyPrefix)], - grantee: new iam.Anyone(), + grantee: new iam.AnyPrincipal(), resource: this, }); } diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-ec2-task.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-ec2-task.ts index c46c6a098f816..7294707723210 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-ec2-task.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-ec2-task.ts @@ -4,6 +4,7 @@ import { CommonEcsRunTaskProps, EcsRunTaskBase } from './run-ecs-task-base'; /** * Properties to run an ECS task on EC2 in StepFunctionsan ECS + * @deprecated use `EcsRunTask` and `EcsRunTaskProps` */ export interface RunEcsEc2TaskProps extends CommonEcsRunTaskProps { /** diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-fargate-task.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-fargate-task.ts index a9cf73b616351..d89664d0e2713 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-fargate-task.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-fargate-task.ts @@ -4,6 +4,7 @@ import { CommonEcsRunTaskProps, EcsRunTaskBase } from './run-ecs-task-base'; /** * Properties to define an ECS service + * @deprecated replaced by `EcsRunTask` and `EcsRunTaskProps` */ export interface RunEcsFargateTaskProps extends CommonEcsRunTaskProps { /** @@ -41,7 +42,7 @@ export interface RunEcsFargateTaskProps extends CommonEcsRunTaskProps { /** * Start a service on an ECS cluster * - * @deprecated - replaced by `EcsRunTask` + * @deprecated replaced by `EcsRunTask` */ export class RunEcsFargateTask extends EcsRunTaskBase { constructor(props: RunEcsFargateTaskProps) { diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-task-base.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-task-base.ts index d2f280d8d0c1e..bc56f1a57d16f 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-task-base.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/ecs/run-ecs-task-base.ts @@ -45,6 +45,7 @@ export interface CommonEcsRunTaskProps { /** * Construction properties for the BaseRunTaskProps + * @deprecated No replacement */ export interface EcsRunTaskBaseProps extends CommonEcsRunTaskProps { /** @@ -57,6 +58,7 @@ export interface EcsRunTaskBaseProps extends CommonEcsRunTaskProps { /** * A StepFunctions Task to run a Task on ECS or Fargate + * @deprecated No replacement */ export class EcsRunTaskBase implements ec2.IConnectable, sfn.IStepFunctionsTask { /** diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/invoke-activity.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/invoke-activity.ts index a0c78b5cf073c..ab88f4681910e 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/invoke-activity.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/invoke-activity.ts @@ -3,6 +3,7 @@ import { Duration } from '@aws-cdk/core'; /** * Properties for FunctionTask + * @deprecated use `StepFunctionsInvokeActivity` and `StepFunctionsInvokeActivityProps`. */ export interface InvokeActivityProps { /** @@ -20,7 +21,7 @@ export interface InvokeActivityProps { * * An Activity can be used directly as a Resource. * - * @deprecated - use `StepFunctionsInvokeActivity` + * @deprecated use `StepFunctionsInvokeActivity` */ export class InvokeActivity implements sfn.IStepFunctionsTask { constructor(private readonly activity: sfn.IActivity, private readonly props: InvokeActivityProps = {}) { diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/lambda/run-lambda-task.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/lambda/run-lambda-task.ts index cf240ccbfa86f..1b6618ffd0bf2 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/lambda/run-lambda-task.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/lambda/run-lambda-task.ts @@ -106,6 +106,7 @@ export class RunLambdaTask implements sfn.IStepFunctionsTask { /** * Invocation type of a Lambda + * @deprecated use `LambdaInvocationType` */ export enum InvocationType { /** diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/base-types.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/base-types.ts index 6f35a7e45a858..96d1a4ef38234 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/base-types.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/sagemaker/base-types.ts @@ -943,7 +943,7 @@ class StandardDockerImage extends DockerImage { this.repository.grantPull(task); } if (this.allowAnyEcrImagePull) { - task.grantPrincipal.addToPolicy(new iam.PolicyStatement({ + task.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ actions: [ 'ecr:BatchCheckLayerAvailability', 'ecr:GetDownloadUrlForLayer', @@ -986,7 +986,7 @@ class StandardS3Location extends S3Location { if (opts.forWriting) { actions.push('s3:PutObject'); } - task.grantPrincipal.addToPolicy(new iam.PolicyStatement({ actions, resources: ['*'] })); + task.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ actions, resources: ['*'] })); } return { uri: this.uri }; } diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/glue/start-job-run.test.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/test/glue/start-job-run.test.ts index e3773bd701966..66fb849d6195f 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/glue/start-job-run.test.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/glue/start-job-run.test.ts @@ -164,10 +164,9 @@ test('permitted role actions include start, get, and stop job run if service int test('Task throws if WAIT_FOR_TASK_TOKEN is supplied as service integration pattern', () => { expect(() => { - new sfn.Task(stack, 'Task', { - task: new tasks.RunGlueJobTask(glueJobName, { - integrationPattern: sfn.ServiceIntegrationPattern.WAIT_FOR_TASK_TOKEN, - }), + new tasks.GlueStartJobRun(stack, 'GlueJob', { + glueJobName, + integrationPattern: sfn.IntegrationPattern.WAIT_FOR_TASK_TOKEN, }); - }).toThrow(/Invalid Service Integration Pattern: WAIT_FOR_TASK_TOKEN is not supported to call Glue./i); + }).toThrow(/unsupported service integration pattern/i); }); diff --git a/packages/@aws-cdk/aws-stepfunctions/lib/step-functions-task.ts b/packages/@aws-cdk/aws-stepfunctions/lib/step-functions-task.ts index e722594345930..21098e107ef86 100644 --- a/packages/@aws-cdk/aws-stepfunctions/lib/step-functions-task.ts +++ b/packages/@aws-cdk/aws-stepfunctions/lib/step-functions-task.ts @@ -5,6 +5,7 @@ import { Task } from './states/task'; /** * Interface for resources that can be used as tasks + * @deprecated replaced by `TaskStateBase`. */ export interface IStepFunctionsTask { /** @@ -15,6 +16,7 @@ export interface IStepFunctionsTask { /** * Properties that define what kind of task should be created + * @deprecated used by `IStepFunctionsTask`. `IStepFunctionsTask` is deprecated and replaced by `TaskStateBase`. */ export interface StepFunctionsTaskConfig { /** diff --git a/packages/@aws-cdk/core/lib/assets.ts b/packages/@aws-cdk/core/lib/assets.ts index d992546dbfdb3..72cba9719e784 100644 --- a/packages/@aws-cdk/core/lib/assets.ts +++ b/packages/@aws-cdk/core/lib/assets.ts @@ -238,9 +238,10 @@ export interface FileAssetLocation { /** * The HTTP URL of this asset on Amazon S3. + * @default - value specified in `httpUrl` is used. * @deprecated use `httpUrl` */ - readonly s3Url: string; + readonly s3Url?: string; /** * The HTTP URL of this asset on Amazon S3. diff --git a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts index 8f8d751649c35..fe46a7dd7f0b5 100644 --- a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts +++ b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts @@ -1,5 +1,4 @@ import * as path from 'path'; -import * as cfn from '@aws-cdk/aws-cloudformation'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as lambda from '@aws-cdk/aws-lambda'; import * as logs from '@aws-cdk/aws-logs'; @@ -11,6 +10,9 @@ import { WaiterStateMachine } from './waiter-state-machine'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line no-duplicate-imports, import/order +import { CustomResourceProviderConfig, ICustomResourceProvider } from '@aws-cdk/aws-cloudformation'; +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main", +// eslint-disable-next-line import { Construct as CoreConstruct } from '@aws-cdk/core'; const RUNTIME_HANDLER_PATH = path.join(__dirname, 'runtime'); @@ -108,7 +110,7 @@ export interface ProviderProps { /** * Defines an AWS CloudFormation custom resource provider. */ -export class Provider extends CoreConstruct implements cfn.ICustomResourceProvider { +export class Provider extends CoreConstruct implements ICustomResourceProvider { /** * The user-defined AWS Lambda function which is invoked for all resource @@ -178,7 +180,7 @@ export class Provider extends CoreConstruct implements cfn.ICustomResourceProvid * Called by `CustomResource` which uses this provider. * @deprecated use `provider.serviceToken` instead */ - public bind(_: CoreConstruct): cfn.CustomResourceProviderConfig { + public bind(_scope: CoreConstruct): CustomResourceProviderConfig { return { serviceToken: this.entrypoint.functionArn, }; diff --git a/packages/@aws-cdk/example-construct-library/lib/example-resource.ts b/packages/@aws-cdk/example-construct-library/lib/example-resource.ts index 9e347a869ac91..6c4630dab6ae4 100644 --- a/packages/@aws-cdk/example-construct-library/lib/example-resource.ts +++ b/packages/@aws-cdk/example-construct-library/lib/example-resource.ts @@ -173,7 +173,7 @@ abstract class ExampleResourceBase extends core.Resource implements IExampleReso /** Implement the convenience {@link IExampleResource.addToRolePolicy} method. */ public addToRolePolicy(policyStatement: iam.PolicyStatement): boolean { if (this.role) { - this.role.addToPolicy(policyStatement); + this.role.addToPrincipalPolicy(policyStatement); return true; } else { return false;