From bb16d9729daea2702b32df81fc8259b0afd652fa Mon Sep 17 00:00:00 2001 From: Cory Hall <43035978+corymhall@users.noreply.github.com> Date: Fri, 7 Oct 2022 10:20:26 -0400 Subject: [PATCH 1/2] fix(ec2): cannot deploy SecurityGroup with allowAllIpv6Outbound (#22414) Introduced this functionality in #22279, but I didn't add an integration test so it didn't actually work. This PR fixes the mistake _and_ adds an integration test like I should have done the first time. fixes #22407 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-ec2/lib/security-group.ts | 2 +- .../test/instance.integ.snapshot/cdk.out | 2 +- ...efaultTestDeployAssert5516EAF1.assets.json | 19 ++ ...aultTestDeployAssert5516EAF1.template.json | 36 +++ .../integ-ec2-instance.assets.json | 19 ++ ....json => integ-ec2-instance.template.json} | 93 +++++-- .../test/instance.integ.snapshot/integ.json | 14 +- .../instance.integ.snapshot/manifest.json | 153 ++++++++--- .../test/instance.integ.snapshot/tree.json | 249 ++++++++++-------- .../@aws-cdk/aws-ec2/test/integ.instance.ts | 13 +- .../aws-ec2/test/security-group.test.ts | 2 +- 11 files changed, 419 insertions(+), 183 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json create mode 100644 packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.template.json create mode 100644 packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.assets.json rename packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/{TestStack.template.json => integ-ec2-instance.template.json} (82%) diff --git a/packages/@aws-cdk/aws-ec2/lib/security-group.ts b/packages/@aws-cdk/aws-ec2/lib/security-group.ts index c5c0ad3753df1..e3b63b42f48af 100644 --- a/packages/@aws-cdk/aws-ec2/lib/security-group.ts +++ b/packages/@aws-cdk/aws-ec2/lib/security-group.ts @@ -662,7 +662,7 @@ export class SecurityGroup extends SecurityGroupBase { } else { this.directEgressRules.push({ ipProtocol: '-1', - cidrIp: peer.uniqueId, + cidrIpv6: peer.uniqueId, description, }); } diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/cdk.out index 90bef2e09ad39..8ecc185e9dbee 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/cdk.out @@ -1 +1 @@ -{"version":"17.0.0"} \ No newline at end of file +{"version":"21.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json new file mode 100644 index 0000000000000..1c03bb5dc6a33 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json @@ -0,0 +1,19 @@ +{ + "version": "21.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "instancetestDefaultTestDeployAssert5516EAF1.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.template.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/instancetestDefaultTestDeployAssert5516EAF1.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.assets.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.assets.json new file mode 100644 index 0000000000000..be86270a59992 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.assets.json @@ -0,0 +1,19 @@ +{ + "version": "21.0.0", + "files": { + "07dc2cd10d2741c8de44a54c2c57da82c0dc28b18e74ae53bfdb0eb3d8f26eff": { + "source": { + "path": "integ-ec2-instance.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "07dc2cd10d2741c8de44a54c2c57da82c0dc28b18e74ae53bfdb0eb3d8f26eff.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/TestStack.template.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.template.json similarity index 82% rename from packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/TestStack.template.json rename to packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.template.json index 5e91606d937fb..e130a1918900e 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/TestStack.template.json +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ-ec2-instance.template.json @@ -10,7 +10,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC" + "Value": "integ-ec2-instance/VPC" } ] } @@ -42,7 +42,7 @@ }, { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet1" + "Value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -56,7 +56,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet1" + "Value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -94,7 +94,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet1" + "Value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -114,10 +114,14 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet1" + "Value": "integ-ec2-instance/VPC/PublicSubnet1" } ] - } + }, + "DependsOn": [ + "VPCPublicSubnet1DefaultRoute91CEF279", + "VPCPublicSubnet1RouteTableAssociation0B0896DC" + ] }, "VPCPublicSubnet2Subnet74179F39": { "Type": "AWS::EC2::Subnet", @@ -146,7 +150,7 @@ }, { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet2" + "Value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -160,7 +164,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet2" + "Value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -198,7 +202,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet2" + "Value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -218,10 +222,14 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PublicSubnet2" + "Value": "integ-ec2-instance/VPC/PublicSubnet2" } ] - } + }, + "DependsOn": [ + "VPCPublicSubnet2DefaultRouteB7481BBA", + "VPCPublicSubnet2RouteTableAssociation5A808732" + ] }, "VPCPrivateSubnet1Subnet8BCA10E0": { "Type": "AWS::EC2::Subnet", @@ -250,7 +258,7 @@ }, { "Key": "Name", - "Value": "TestStack/VPC/PrivateSubnet1" + "Value": "integ-ec2-instance/VPC/PrivateSubnet1" } ] } @@ -264,7 +272,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PrivateSubnet1" + "Value": "integ-ec2-instance/VPC/PrivateSubnet1" } ] } @@ -319,7 +327,7 @@ }, { "Key": "Name", - "Value": "TestStack/VPC/PrivateSubnet2" + "Value": "integ-ec2-instance/VPC/PrivateSubnet2" } ] } @@ -333,7 +341,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC/PrivateSubnet2" + "Value": "integ-ec2-instance/VPC/PrivateSubnet2" } ] } @@ -367,7 +375,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/VPC" + "Value": "integ-ec2-instance/VPC" } ] } @@ -383,15 +391,20 @@ } } }, - "InstanceInstanceSecurityGroupF0E2D5BE": { + "IntegSg68DC2C7E": { "Type": "AWS::EC2::SecurityGroup", "Properties": { - "GroupDescription": "TestStack/Instance/InstanceSecurityGroup", + "GroupDescription": "integ-ec2-instance/IntegSg", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1" + }, + { + "CidrIpv6": "::/0", + "Description": "Allow all outbound ipv6 traffic by default", + "IpProtocol": "-1" } ], "SecurityGroupIngress": [ @@ -403,12 +416,6 @@ "ToPort": -1 } ], - "Tags": [ - { - "Key": "Name", - "Value": "TestStack/Instance" - } - ], "VpcId": { "Ref": "VPCB9E5F0B4" } @@ -442,7 +449,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/Instance" + "Value": "integ-ec2-instance/Instance" } ] } @@ -500,7 +507,7 @@ "SecurityGroupIds": [ { "Fn::GetAtt": [ - "InstanceInstanceSecurityGroupF0E2D5BE", + "IntegSg68DC2C7E", "GroupId" ] } @@ -511,7 +518,7 @@ "Tags": [ { "Key": "Name", - "Value": "TestStack/Instance" + "Value": "integ-ec2-instance/Instance" } ], "UserData": { @@ -528,6 +535,38 @@ "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { "Type": "AWS::SSM::Parameter::Value", "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" + }, + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ.json index 7243b1ad2fbba..e74e5a37c593c 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/integ.json @@ -1,14 +1,12 @@ { - "version": "20.0.0", + "version": "21.0.0", "testCases": { - "integ.instance": { + "instance-test/DefaultTest": { "stacks": [ - "*" + "integ-ec2-instance" ], - "diffAssets": false, - "stackUpdateWorkflow": true + "assertionStack": "instance-test/DefaultTest/DeployAssert", + "assertionStackName": "instancetestDefaultTestDeployAssert5516EAF1" } - }, - "synthContext": {}, - "enableLookups": false + } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/manifest.json index c4f4c09ab6224..809d35d6b8f92 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "17.0.0", + "version": "21.0.0", "artifacts": { "Tree": { "type": "cdk:tree", @@ -7,190 +7,273 @@ "file": "tree.json" } }, - "TestStack": { + "integ-ec2-instance.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-ec2-instance.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-ec2-instance": { "type": "aws:cloudformation:stack", "environment": "aws://unknown-account/unknown-region", "properties": { - "templateFile": "TestStack.template.json", - "validateOnSynth": false + "templateFile": "integ-ec2-instance.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/07dc2cd10d2741c8de44a54c2c57da82c0dc28b18e74ae53bfdb0eb3d8f26eff.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-ec2-instance.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } }, + "dependencies": [ + "integ-ec2-instance.assets" + ], "metadata": { - "/TestStack/VPC/Resource": [ + "/integ-ec2-instance/VPC/Resource": [ { "type": "aws:cdk:logicalId", "data": "VPCB9E5F0B4" } ], - "/TestStack/VPC/PublicSubnet1/Subnet": [ + "/integ-ec2-instance/VPC/PublicSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1SubnetB4246D30" } ], - "/TestStack/VPC/PublicSubnet1/RouteTable": [ + "/integ-ec2-instance/VPC/PublicSubnet1/RouteTable": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1RouteTableFEE4B781" } ], - "/TestStack/VPC/PublicSubnet1/RouteTableAssociation": [ + "/integ-ec2-instance/VPC/PublicSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" } ], - "/TestStack/VPC/PublicSubnet1/DefaultRoute": [ + "/integ-ec2-instance/VPC/PublicSubnet1/DefaultRoute": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1DefaultRoute91CEF279" } ], - "/TestStack/VPC/PublicSubnet1/EIP": [ + "/integ-ec2-instance/VPC/PublicSubnet1/EIP": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1EIP6AD938E8" } ], - "/TestStack/VPC/PublicSubnet1/NATGateway": [ + "/integ-ec2-instance/VPC/PublicSubnet1/NATGateway": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet1NATGatewayE0556630" } ], - "/TestStack/VPC/PublicSubnet2/Subnet": [ + "/integ-ec2-instance/VPC/PublicSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2Subnet74179F39" } ], - "/TestStack/VPC/PublicSubnet2/RouteTable": [ + "/integ-ec2-instance/VPC/PublicSubnet2/RouteTable": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2RouteTable6F1A15F1" } ], - "/TestStack/VPC/PublicSubnet2/RouteTableAssociation": [ + "/integ-ec2-instance/VPC/PublicSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2RouteTableAssociation5A808732" } ], - "/TestStack/VPC/PublicSubnet2/DefaultRoute": [ + "/integ-ec2-instance/VPC/PublicSubnet2/DefaultRoute": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2DefaultRouteB7481BBA" } ], - "/TestStack/VPC/PublicSubnet2/EIP": [ + "/integ-ec2-instance/VPC/PublicSubnet2/EIP": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2EIP4947BC00" } ], - "/TestStack/VPC/PublicSubnet2/NATGateway": [ + "/integ-ec2-instance/VPC/PublicSubnet2/NATGateway": [ { "type": "aws:cdk:logicalId", "data": "VPCPublicSubnet2NATGateway3C070193" } ], - "/TestStack/VPC/PrivateSubnet1/Subnet": [ + "/integ-ec2-instance/VPC/PrivateSubnet1/Subnet": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet1Subnet8BCA10E0" } ], - "/TestStack/VPC/PrivateSubnet1/RouteTable": [ + "/integ-ec2-instance/VPC/PrivateSubnet1/RouteTable": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet1RouteTableBE8A6027" } ], - "/TestStack/VPC/PrivateSubnet1/RouteTableAssociation": [ + "/integ-ec2-instance/VPC/PrivateSubnet1/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" } ], - "/TestStack/VPC/PrivateSubnet1/DefaultRoute": [ + "/integ-ec2-instance/VPC/PrivateSubnet1/DefaultRoute": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" } ], - "/TestStack/VPC/PrivateSubnet2/Subnet": [ + "/integ-ec2-instance/VPC/PrivateSubnet2/Subnet": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet2SubnetCFCDAA7A" } ], - "/TestStack/VPC/PrivateSubnet2/RouteTable": [ + "/integ-ec2-instance/VPC/PrivateSubnet2/RouteTable": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet2RouteTable0A19E10E" } ], - "/TestStack/VPC/PrivateSubnet2/RouteTableAssociation": [ + "/integ-ec2-instance/VPC/PrivateSubnet2/RouteTableAssociation": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet2RouteTableAssociation0C73D413" } ], - "/TestStack/VPC/PrivateSubnet2/DefaultRoute": [ + "/integ-ec2-instance/VPC/PrivateSubnet2/DefaultRoute": [ { "type": "aws:cdk:logicalId", "data": "VPCPrivateSubnet2DefaultRouteF4F5CFD2" } ], - "/TestStack/VPC/IGW": [ + "/integ-ec2-instance/VPC/IGW": [ { "type": "aws:cdk:logicalId", "data": "VPCIGWB7E252D3" } ], - "/TestStack/VPC/VPCGW": [ + "/integ-ec2-instance/VPC/VPCGW": [ { "type": "aws:cdk:logicalId", "data": "VPCVPCGW99B986DC" } ], - "/TestStack/Instance/InstanceSecurityGroup/Resource": [ + "/integ-ec2-instance/IntegSg/Resource": [ { "type": "aws:cdk:logicalId", - "data": "InstanceInstanceSecurityGroupF0E2D5BE" + "data": "IntegSg68DC2C7E" } ], - "/TestStack/Instance/InstanceRole/Resource": [ + "/integ-ec2-instance/Instance/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", "data": "InstanceInstanceRoleE9785DE5" } ], - "/TestStack/Instance/InstanceRole/DefaultPolicy/Resource": [ + "/integ-ec2-instance/Instance/InstanceRole/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", "data": "InstanceInstanceRoleDefaultPolicy4ACE9290" } ], - "/TestStack/Instance/InstanceProfile": [ + "/integ-ec2-instance/Instance/InstanceProfile": [ { "type": "aws:cdk:logicalId", "data": "InstanceInstanceProfileAB5AEF02" } ], - "/TestStack/Instance/Resource": [ + "/integ-ec2-instance/Instance/Resource": [ { "type": "aws:cdk:logicalId", "data": "InstanceC1063A87" } ], - "/TestStack/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ + "/integ-ec2-instance/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ { "type": "aws:cdk:logicalId", "data": "SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter" } + ], + "/integ-ec2-instance/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-ec2-instance/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-ec2-instance" + }, + "instancetestDefaultTestDeployAssert5516EAF1.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "instancetestDefaultTestDeployAssert5516EAF1.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "instancetestDefaultTestDeployAssert5516EAF1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "instancetestDefaultTestDeployAssert5516EAF1.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "instancetestDefaultTestDeployAssert5516EAF1.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "instancetestDefaultTestDeployAssert5516EAF1.assets" + ], + "metadata": { + "/instance-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/instance-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } ] }, - "displayName": "TestStack" + "displayName": "instance-test/DefaultTest/DeployAssert" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/tree.json b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/tree.json index 563df0bce0ca7..9392bd3b48595 100644 --- a/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ec2/test/instance.integ.snapshot/tree.json @@ -8,21 +8,21 @@ "id": "Tree", "path": "Tree", "constructInfo": { - "fqn": "@aws-cdk/core.Construct", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.1.123" } }, - "TestStack": { - "id": "TestStack", - "path": "TestStack", + "integ-ec2-instance": { + "id": "integ-ec2-instance", + "path": "integ-ec2-instance", "children": { "VPC": { "id": "VPC", - "path": "TestStack/VPC", + "path": "integ-ec2-instance/VPC", "children": { "Resource": { "id": "Resource", - "path": "TestStack/VPC/Resource", + "path": "integ-ec2-instance/VPC/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPC", "aws:cdk:cloudformation:props": { @@ -33,7 +33,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC" + "value": "integ-ec2-instance/VPC" } ] } @@ -45,11 +45,11 @@ }, "PublicSubnet1": { "id": "PublicSubnet1", - "path": "TestStack/VPC/PublicSubnet1", + "path": "integ-ec2-instance/VPC/PublicSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "TestStack/VPC/PublicSubnet1/Subnet", + "path": "integ-ec2-instance/VPC/PublicSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -77,7 +77,7 @@ }, { "key": "Name", - "value": "TestStack/VPC/PublicSubnet1" + "value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -89,7 +89,7 @@ }, "Acl": { "id": "Acl", - "path": "TestStack/VPC/PublicSubnet1/Acl", + "path": "integ-ec2-instance/VPC/PublicSubnet1/Acl", "constructInfo": { "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" @@ -97,7 +97,7 @@ }, "RouteTable": { "id": "RouteTable", - "path": "TestStack/VPC/PublicSubnet1/RouteTable", + "path": "integ-ec2-instance/VPC/PublicSubnet1/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { @@ -107,7 +107,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet1" + "value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -119,7 +119,7 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "TestStack/VPC/PublicSubnet1/RouteTableAssociation", + "path": "integ-ec2-instance/VPC/PublicSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { @@ -138,7 +138,7 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "TestStack/VPC/PublicSubnet1/DefaultRoute", + "path": "integ-ec2-instance/VPC/PublicSubnet1/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { @@ -158,7 +158,7 @@ }, "EIP": { "id": "EIP", - "path": "TestStack/VPC/PublicSubnet1/EIP", + "path": "integ-ec2-instance/VPC/PublicSubnet1/EIP", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::EIP", "aws:cdk:cloudformation:props": { @@ -166,7 +166,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet1" + "value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -178,7 +178,7 @@ }, "NATGateway": { "id": "NATGateway", - "path": "TestStack/VPC/PublicSubnet1/NATGateway", + "path": "integ-ec2-instance/VPC/PublicSubnet1/NATGateway", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { @@ -194,7 +194,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet1" + "value": "integ-ec2-instance/VPC/PublicSubnet1" } ] } @@ -212,11 +212,11 @@ }, "PublicSubnet2": { "id": "PublicSubnet2", - "path": "TestStack/VPC/PublicSubnet2", + "path": "integ-ec2-instance/VPC/PublicSubnet2", "children": { "Subnet": { "id": "Subnet", - "path": "TestStack/VPC/PublicSubnet2/Subnet", + "path": "integ-ec2-instance/VPC/PublicSubnet2/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -244,7 +244,7 @@ }, { "key": "Name", - "value": "TestStack/VPC/PublicSubnet2" + "value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -256,7 +256,7 @@ }, "Acl": { "id": "Acl", - "path": "TestStack/VPC/PublicSubnet2/Acl", + "path": "integ-ec2-instance/VPC/PublicSubnet2/Acl", "constructInfo": { "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" @@ -264,7 +264,7 @@ }, "RouteTable": { "id": "RouteTable", - "path": "TestStack/VPC/PublicSubnet2/RouteTable", + "path": "integ-ec2-instance/VPC/PublicSubnet2/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { @@ -274,7 +274,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet2" + "value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -286,7 +286,7 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "TestStack/VPC/PublicSubnet2/RouteTableAssociation", + "path": "integ-ec2-instance/VPC/PublicSubnet2/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { @@ -305,7 +305,7 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "TestStack/VPC/PublicSubnet2/DefaultRoute", + "path": "integ-ec2-instance/VPC/PublicSubnet2/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { @@ -325,7 +325,7 @@ }, "EIP": { "id": "EIP", - "path": "TestStack/VPC/PublicSubnet2/EIP", + "path": "integ-ec2-instance/VPC/PublicSubnet2/EIP", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::EIP", "aws:cdk:cloudformation:props": { @@ -333,7 +333,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet2" + "value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -345,7 +345,7 @@ }, "NATGateway": { "id": "NATGateway", - "path": "TestStack/VPC/PublicSubnet2/NATGateway", + "path": "integ-ec2-instance/VPC/PublicSubnet2/NATGateway", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", "aws:cdk:cloudformation:props": { @@ -361,7 +361,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PublicSubnet2" + "value": "integ-ec2-instance/VPC/PublicSubnet2" } ] } @@ -379,11 +379,11 @@ }, "PrivateSubnet1": { "id": "PrivateSubnet1", - "path": "TestStack/VPC/PrivateSubnet1", + "path": "integ-ec2-instance/VPC/PrivateSubnet1", "children": { "Subnet": { "id": "Subnet", - "path": "TestStack/VPC/PrivateSubnet1/Subnet", + "path": "integ-ec2-instance/VPC/PrivateSubnet1/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -411,7 +411,7 @@ }, { "key": "Name", - "value": "TestStack/VPC/PrivateSubnet1" + "value": "integ-ec2-instance/VPC/PrivateSubnet1" } ] } @@ -423,7 +423,7 @@ }, "Acl": { "id": "Acl", - "path": "TestStack/VPC/PrivateSubnet1/Acl", + "path": "integ-ec2-instance/VPC/PrivateSubnet1/Acl", "constructInfo": { "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" @@ -431,7 +431,7 @@ }, "RouteTable": { "id": "RouteTable", - "path": "TestStack/VPC/PrivateSubnet1/RouteTable", + "path": "integ-ec2-instance/VPC/PrivateSubnet1/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { @@ -441,7 +441,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PrivateSubnet1" + "value": "integ-ec2-instance/VPC/PrivateSubnet1" } ] } @@ -453,7 +453,7 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "TestStack/VPC/PrivateSubnet1/RouteTableAssociation", + "path": "integ-ec2-instance/VPC/PrivateSubnet1/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { @@ -472,7 +472,7 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "TestStack/VPC/PrivateSubnet1/DefaultRoute", + "path": "integ-ec2-instance/VPC/PrivateSubnet1/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { @@ -498,11 +498,11 @@ }, "PrivateSubnet2": { "id": "PrivateSubnet2", - "path": "TestStack/VPC/PrivateSubnet2", + "path": "integ-ec2-instance/VPC/PrivateSubnet2", "children": { "Subnet": { "id": "Subnet", - "path": "TestStack/VPC/PrivateSubnet2/Subnet", + "path": "integ-ec2-instance/VPC/PrivateSubnet2/Subnet", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", "aws:cdk:cloudformation:props": { @@ -530,7 +530,7 @@ }, { "key": "Name", - "value": "TestStack/VPC/PrivateSubnet2" + "value": "integ-ec2-instance/VPC/PrivateSubnet2" } ] } @@ -542,7 +542,7 @@ }, "Acl": { "id": "Acl", - "path": "TestStack/VPC/PrivateSubnet2/Acl", + "path": "integ-ec2-instance/VPC/PrivateSubnet2/Acl", "constructInfo": { "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" @@ -550,7 +550,7 @@ }, "RouteTable": { "id": "RouteTable", - "path": "TestStack/VPC/PrivateSubnet2/RouteTable", + "path": "integ-ec2-instance/VPC/PrivateSubnet2/RouteTable", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", "aws:cdk:cloudformation:props": { @@ -560,7 +560,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/VPC/PrivateSubnet2" + "value": "integ-ec2-instance/VPC/PrivateSubnet2" } ] } @@ -572,7 +572,7 @@ }, "RouteTableAssociation": { "id": "RouteTableAssociation", - "path": "TestStack/VPC/PrivateSubnet2/RouteTableAssociation", + "path": "integ-ec2-instance/VPC/PrivateSubnet2/RouteTableAssociation", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", "aws:cdk:cloudformation:props": { @@ -591,7 +591,7 @@ }, "DefaultRoute": { "id": "DefaultRoute", - "path": "TestStack/VPC/PrivateSubnet2/DefaultRoute", + "path": "integ-ec2-instance/VPC/PrivateSubnet2/DefaultRoute", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Route", "aws:cdk:cloudformation:props": { @@ -617,14 +617,14 @@ }, "IGW": { "id": "IGW", - "path": "TestStack/VPC/IGW", + "path": "integ-ec2-instance/VPC/IGW", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", "aws:cdk:cloudformation:props": { "tags": [ { "key": "Name", - "value": "TestStack/VPC" + "value": "integ-ec2-instance/VPC" } ] } @@ -636,7 +636,7 @@ }, "VPCGW": { "id": "VPCGW", - "path": "TestStack/VPC/VPCGW", + "path": "integ-ec2-instance/VPC/VPCGW", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", "aws:cdk:cloudformation:props": { @@ -659,66 +659,65 @@ "version": "0.0.0" } }, - "Instance": { - "id": "Instance", - "path": "TestStack/Instance", + "IntegSg": { + "id": "IntegSg", + "path": "integ-ec2-instance/IntegSg", "children": { - "InstanceSecurityGroup": { - "id": "InstanceSecurityGroup", - "path": "TestStack/Instance/InstanceSecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "TestStack/Instance/InstanceSecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "TestStack/Instance/InstanceSecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "securityGroupIngress": [ - { - "cidrIp": "0.0.0.0/0", - "ipProtocol": "icmp", - "fromPort": 8, - "toPort": -1, - "description": "from 0.0.0.0/0:ICMP Type 8" - } - ], - "tags": [ - { - "key": "Name", - "value": "TestStack/Instance" - } - ], - "vpcId": { - "Ref": "VPCB9E5F0B4" - } + "Resource": { + "id": "Resource", + "path": "integ-ec2-instance/IntegSg/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "integ-ec2-instance/IntegSg", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + }, + { + "ipProtocol": "-1", + "cidrIpv6": "::/0", + "description": "Allow all outbound ipv6 traffic by default" } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", - "version": "0.0.0" + ], + "securityGroupIngress": [ + { + "cidrIp": "0.0.0.0/0", + "ipProtocol": "icmp", + "fromPort": 8, + "toPort": -1, + "description": "from 0.0.0.0/0:ICMP Type 8" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", "version": "0.0.0" } - }, + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Instance": { + "id": "Instance", + "path": "integ-ec2-instance/Instance", + "children": { "InstanceRole": { "id": "InstanceRole", - "path": "TestStack/Instance/InstanceRole", + "path": "integ-ec2-instance/Instance/InstanceRole", "children": { "Resource": { "id": "Resource", - "path": "TestStack/Instance/InstanceRole/Resource", + "path": "integ-ec2-instance/Instance/InstanceRole/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { @@ -747,7 +746,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/Instance" + "value": "integ-ec2-instance/Instance" } ] } @@ -759,11 +758,11 @@ }, "DefaultPolicy": { "id": "DefaultPolicy", - "path": "TestStack/Instance/InstanceRole/DefaultPolicy", + "path": "integ-ec2-instance/Instance/InstanceRole/DefaultPolicy", "children": { "Resource": { "id": "Resource", - "path": "TestStack/Instance/InstanceRole/DefaultPolicy/Resource", + "path": "integ-ec2-instance/Instance/InstanceRole/DefaultPolicy/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::Policy", "aws:cdk:cloudformation:props": { @@ -804,7 +803,7 @@ }, "InstanceProfile": { "id": "InstanceProfile", - "path": "TestStack/Instance/InstanceProfile", + "path": "integ-ec2-instance/Instance/InstanceProfile", "attributes": { "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", "aws:cdk:cloudformation:props": { @@ -822,7 +821,7 @@ }, "Resource": { "id": "Resource", - "path": "TestStack/Instance/Resource", + "path": "integ-ec2-instance/Instance/Resource", "attributes": { "aws:cdk:cloudformation:type": "AWS::EC2::Instance", "aws:cdk:cloudformation:props": { @@ -845,7 +844,7 @@ "securityGroupIds": [ { "Fn::GetAtt": [ - "InstanceInstanceSecurityGroupF0E2D5BE", + "IntegSg68DC2C7E", "GroupId" ] } @@ -856,7 +855,7 @@ "tags": [ { "key": "Name", - "value": "TestStack/Instance" + "value": "integ-ec2-instance/Instance" } ], "userData": { @@ -877,7 +876,7 @@ }, "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", - "path": "TestStack/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", + "path": "integ-ec2-instance/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", "constructInfo": { "fqn": "@aws-cdk/core.CfnParameter", "version": "0.0.0" @@ -885,7 +884,7 @@ }, "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118": { "id": "SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", - "path": "TestStack/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", + "path": "integ-ec2-instance/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118", "constructInfo": { "fqn": "@aws-cdk/core.Resource", "version": "0.0.0" @@ -896,6 +895,42 @@ "fqn": "@aws-cdk/core.Stack", "version": "0.0.0" } + }, + "instance-test": { + "id": "instance-test", + "path": "instance-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "instance-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "instance-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.123" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "instance-test/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ec2/test/integ.instance.ts b/packages/@aws-cdk/aws-ec2/test/integ.instance.ts index 1b120c511eaaa..24333b3e32757 100644 --- a/packages/@aws-cdk/aws-ec2/test/integ.instance.ts +++ b/packages/@aws-cdk/aws-ec2/test/integ.instance.ts @@ -1,6 +1,6 @@ -/// !cdk-integ * import { PolicyStatement } from '@aws-cdk/aws-iam'; import * as cdk from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; import * as ec2 from '../lib'; const app = new cdk.App(); @@ -10,9 +10,14 @@ class TestStack extends cdk.Stack { super(scope, id, props); const vpc = new ec2.Vpc(this, 'VPC'); + const securityGroup = new ec2.SecurityGroup(this, 'IntegSg', { + vpc, + allowAllIpv6Outbound: true, + }); const instance = new ec2.Instance(this, 'Instance', { vpc, + securityGroup, instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.NANO), machineImage: new ec2.AmazonLinuxImage({ generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2 }), detailedMonitoring: true, @@ -29,6 +34,8 @@ class TestStack extends cdk.Stack { } } -new TestStack(app, 'TestStack'); +const testCase = new TestStack(app, 'integ-ec2-instance'); -app.synth(); +new IntegTest(app, 'instance-test', { + testCases: [testCase], +}); diff --git a/packages/@aws-cdk/aws-ec2/test/security-group.test.ts b/packages/@aws-cdk/aws-ec2/test/security-group.test.ts index bee7ec9cceede..a480c53f58dfa 100644 --- a/packages/@aws-cdk/aws-ec2/test/security-group.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/security-group.test.ts @@ -43,7 +43,7 @@ describe('security group', () => { IpProtocol: '-1', }, { - CidrIp: '::/0', + CidrIpv6: '::/0', Description: 'Allow all outbound ipv6 traffic by default', IpProtocol: '-1', }, From 614ba92ba77e29c10ea4642a64e5b50b5dc775b8 Mon Sep 17 00:00:00 2001 From: John Mortlock Date: Sat, 8 Oct 2022 01:28:20 +1030 Subject: [PATCH 2/2] feat(aws-certificatemanager): Add ability to specify the certificate name (#22301) ---- Like other AWS resources (VPC, TargetGroups,etc) they do not have an actual physical name but can be assigned an AWS designated tag which will be displayed in the web console. This is useful when you have many certificates to determine what is what. I largely followed the pattern set about in other CDK constructs, for example in `vpc.ts` I also followed the convention set elsewhere name tag is used by defaulting the value too `this.node.path` I believe this is also an important first step towards any implementation of https://github.com/aws/aws-cdk/issues/10792 I tried added integration tests, however due to the requirement of needing to validate the certificate I don't think this is possible. Currently there are no other integration tests for this module. I have attached a screenshot of the failed integ-test (validation required) which shows the name tag in action ![CustomCertificate](https://user-images.githubusercontent.com/10041761/193207874-871d55e6-9a8e-4e8a-aa77-ae718e4bc1d4.png) ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-certificatemanager/README.md | 1 + .../aws-certificatemanager/lib/certificate.ts | 18 ++- .../certificate-name.integ.snapshot/cdk.out | 1 + .../integ-certificate-name.assets.json | 19 +++ .../integ-certificate-name.template.json | 57 +++++++++ .../integ.json | 13 ++ ...efaultTestDeployAssert24D5C536.assets.json | 19 +++ ...aultTestDeployAssert24D5C536.template.json | 36 ++++++ .../manifest.json | 111 +++++++++++++++++ .../certificate-name.integ.snapshot/tree.json | 112 ++++++++++++++++++ .../test/certificate.test.ts | 37 +++++- .../test/integ.certificate-name.ts | 35 ++++++ ...ecs-integ-alb-fg-idletimeout.template.json | 8 +- .../aws-ecs-integ-alb-fg-https.template.json | 8 +- 14 files changed, 471 insertions(+), 4 deletions(-) create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.assets.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.template.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.template.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-certificatemanager/test/integ.certificate-name.ts diff --git a/packages/@aws-cdk/aws-certificatemanager/README.md b/packages/@aws-cdk/aws-certificatemanager/README.md index 61a24fd65899f..e6ba18b590f3b 100644 --- a/packages/@aws-cdk/aws-certificatemanager/README.md +++ b/packages/@aws-cdk/aws-certificatemanager/README.md @@ -45,6 +45,7 @@ const myHostedZone = new route53.HostedZone(this, 'HostedZone', { }); new acm.Certificate(this, 'Certificate', { domainName: 'hello.example.com', + certificateName: 'Hello World Service', // Optionally provide an certificate name validation: acm.CertificateValidation.fromDns(myHostedZone), }); ``` diff --git a/packages/@aws-cdk/aws-certificatemanager/lib/certificate.ts b/packages/@aws-cdk/aws-certificatemanager/lib/certificate.ts index aed957b6376ee..ac28cee7d2d67 100644 --- a/packages/@aws-cdk/aws-certificatemanager/lib/certificate.ts +++ b/packages/@aws-cdk/aws-certificatemanager/lib/certificate.ts @@ -1,11 +1,16 @@ import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import * as route53 from '@aws-cdk/aws-route53'; -import { IResource, Token } from '@aws-cdk/core'; +import { IResource, Token, Tags } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CertificateBase } from './certificate-base'; import { CfnCertificate } from './certificatemanager.generated'; import { apexDomain } from './util'; +/** + * Name tag constant + */ +const NAME_TAG: string = 'Name'; + /** * Represents a certificate in AWS Certificate Manager */ @@ -87,6 +92,15 @@ export interface CertificateProps { * @default true */ readonly transparencyLoggingEnabled?: boolean; + + /** + * The Certifcate name. + * + * Since the Certifcate resource doesn't support providing a physical name, the value provided here will be recorded in the `Name` tag + * + * @default the full, absolute path of this construct + */ + readonly certificateName?: string } /** @@ -247,6 +261,8 @@ export class Certificate extends CertificateBase implements ICertificate { certificateTransparencyLoggingPreference, }); + Tags.of(cert).add(NAME_TAG, props.certificateName || this.node.path.slice(0, 255)); + this.certificateArn = cert.ref; } } diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/cdk.out b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/cdk.out new file mode 100644 index 0000000000000..8ecc185e9dbee --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"21.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.assets.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.assets.json new file mode 100644 index 0000000000000..986e83f145dd7 --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.assets.json @@ -0,0 +1,19 @@ +{ + "version": "21.0.0", + "files": { + "2a0623ea167c5460a3ab6cf2c46f624fc293fa4185139c368333e1570962f13a": { + "source": { + "path": "integ-certificate-name.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "2a0623ea167c5460a3ab6cf2c46f624fc293fa4185139c368333e1570962f13a.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.template.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.template.json new file mode 100644 index 0000000000000..d30116362e853 --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ-certificate-name.template.json @@ -0,0 +1,57 @@ +{ + "Resources": { + "Certificate4E7ABB08": { + "Type": "AWS::CertificateManager::Certificate", + "Properties": { + "DomainName": "*.example.com", + "DomainValidationOptions": [ + { + "DomainName": "*.example.com", + "HostedZoneId": "Z23ABC4XYZL05B" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "This is a test name" + } + ], + "ValidationMethod": "DNS" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ.json new file mode 100644 index 0000000000000..5896acf8b563d --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "21.0.0", + "testCases": { + "integ-test/DefaultTest": { + "stacks": [ + "integ-certificate-name" + ], + "diffAssets": true, + "assertionStack": "integ-test/DefaultTest/DeployAssert", + "assertionStackName": "integtestDefaultTestDeployAssert24D5C536" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json new file mode 100644 index 0000000000000..c6322e79691df --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json @@ -0,0 +1,19 @@ +{ + "version": "21.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "integtestDefaultTestDeployAssert24D5C536.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.template.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/integtestDefaultTestDeployAssert24D5C536.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/manifest.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/manifest.json new file mode 100644 index 0000000000000..c4e643ea9e225 --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/manifest.json @@ -0,0 +1,111 @@ +{ + "version": "21.0.0", + "artifacts": { + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "integ-certificate-name.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-certificate-name.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-certificate-name": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-certificate-name.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2a0623ea167c5460a3ab6cf2c46f624fc293fa4185139c368333e1570962f13a.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-certificate-name.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-certificate-name.assets" + ], + "metadata": { + "/integ-certificate-name/Certificate/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Certificate4E7ABB08" + } + ], + "/integ-certificate-name/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-certificate-name/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-certificate-name" + }, + "integtestDefaultTestDeployAssert24D5C536.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integtestDefaultTestDeployAssert24D5C536.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integtestDefaultTestDeployAssert24D5C536": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integtestDefaultTestDeployAssert24D5C536.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integtestDefaultTestDeployAssert24D5C536.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integtestDefaultTestDeployAssert24D5C536.assets" + ], + "metadata": { + "/integ-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-test/DefaultTest/DeployAssert" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/tree.json b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/tree.json new file mode 100644 index 0000000000000..616a8e8ea0d86 --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate-name.integ.snapshot/tree.json @@ -0,0 +1,112 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.108" + } + }, + "integ-certificate-name": { + "id": "integ-certificate-name", + "path": "integ-certificate-name", + "children": { + "HostedZone": { + "id": "HostedZone", + "path": "integ-certificate-name/HostedZone", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Certificate": { + "id": "Certificate", + "path": "integ-certificate-name/Certificate", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-certificate-name/Certificate/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::CertificateManager::Certificate", + "aws:cdk:cloudformation:props": { + "domainName": "*.example.com", + "domainValidationOptions": [ + { + "domainName": "*.example.com", + "hostedZoneId": "Z23ABC4XYZL05B" + } + ], + "tags": [ + { + "key": "Name", + "value": "This is a test name" + } + ], + "validationMethod": "DNS" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-certificatemanager.CfnCertificate", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-certificatemanager.Certificate", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "integ-test": { + "id": "integ-test", + "path": "integ-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "integ-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "integ-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.108" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "integ-test/DefaultTest/DeployAssert", + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} diff --git a/packages/@aws-cdk/aws-certificatemanager/test/certificate.test.ts b/packages/@aws-cdk/aws-certificatemanager/test/certificate.test.ts index 846ef3d79c393..ea3e8a28c6847 100644 --- a/packages/@aws-cdk/aws-certificatemanager/test/certificate.test.ts +++ b/packages/@aws-cdk/aws-certificatemanager/test/certificate.test.ts @@ -1,4 +1,4 @@ -import { Template } from '@aws-cdk/assertions'; +import { Template, Match } from '@aws-cdk/assertions'; import * as route53 from '@aws-cdk/aws-route53'; import { Duration, Lazy, Stack } from '@aws-cdk/core'; import { Certificate, CertificateValidation } from '../lib'; @@ -376,3 +376,38 @@ describe('Transparency logging settings', () => { }); }); + +describe('Certifcate Name setting', () => { + test('the Name tag is defaulted to path', () => { + const stack = new Stack(undefined, 'TestStack'); + + new Certificate(stack, 'TheCertificate', { + domainName: 'test.example.com', + }); + + Template.fromStack(stack).hasResource('AWS::CertificateManager::Certificate', + hasTags([{ Key: 'Name', Value: 'TestStack/TheCertificate' }]), + ); + }); + + test('Can provide a custom certificate name', () => { + const stack = new Stack(undefined, 'TestStack'); + + new Certificate(stack, 'TheCertificate', { + domainName: 'test.example.com', + certificateName: 'Custom Certificate Name', + }); + + Template.fromStack(stack).hasResource('AWS::CertificateManager::Certificate', + hasTags([{ Key: 'Name', Value: 'Custom Certificate Name' }]), + ); + }); +}); + +function hasTags(expectedTags: Array<{Key: string, Value: string}>) { + return { + Properties: { + Tags: Match.arrayWith(expectedTags), + }, + }; +} diff --git a/packages/@aws-cdk/aws-certificatemanager/test/integ.certificate-name.ts b/packages/@aws-cdk/aws-certificatemanager/test/integ.certificate-name.ts new file mode 100644 index 0000000000000..bbc2ecf074b91 --- /dev/null +++ b/packages/@aws-cdk/aws-certificatemanager/test/integ.certificate-name.ts @@ -0,0 +1,35 @@ +import { PublicHostedZone } from '@aws-cdk/aws-route53'; +import { App, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { Certificate, CertificateValidation } from '../lib'; + +/** + * In order to test this you need to have a valid public hosted zone that you can use + * to request certificates for. + * +*/ +const hostedZoneId = process.env.CDK_INTEG_HOSTED_ZONE_ID ?? process.env.HOSTED_ZONE_ID; +if (!hostedZoneId) throw new Error('For this test you must provide your own HostedZoneId as an env var "HOSTED_ZONE_ID"'); +const hostedZoneName = process.env.CDK_INTEG_HOSTED_ZONE_NAME ?? process.env.HOSTED_ZONE_NAME; +if (!hostedZoneName) throw new Error('For this test you must provide your own HostedZoneName as an env var "HOSTED_ZONE_NAME"'); +const domainName = process.env.CDK_INTEG_DOMAIN_NAME ?? process.env.DOMAIN_NAME; +if (!domainName) throw new Error('For this test you must provide your own Domain Name as an env var "DOMAIN_NAME"'); + +const app = new App(); +const stack = new Stack(app, 'integ-certificate-name'); +const hostedZone = PublicHostedZone.fromHostedZoneAttributes(stack, 'HostedZone', { + hostedZoneId, + zoneName: hostedZoneName, +}); + +new Certificate(stack, 'Certificate', { + domainName, + certificateName: 'This is a test name', + validation: CertificateValidation.fromDns(hostedZone), +}); + +new IntegTest(app, 'integ-test', { + testCases: [stack], + diffAssets: true, + enableLookups: true, +}); diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https-idle-timeout.integ.snapshot/aws-ecs-integ-alb-fg-idletimeout.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https-idle-timeout.integ.snapshot/aws-ecs-integ-alb-fg-idletimeout.template.json index d90dc741ec3a5..716095ce73aa3 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https-idle-timeout.integ.snapshot/aws-ecs-integ-alb-fg-idletimeout.template.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https-idle-timeout.integ.snapshot/aws-ecs-integ-alb-fg-idletimeout.template.json @@ -551,6 +551,12 @@ "HostedZoneId": "fakeId" } ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fg-idletimeout/myService/Certificate" + } + ], "ValidationMethod": "DNS" } }, @@ -879,4 +885,4 @@ ] } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https.integ.snapshot/aws-ecs-integ-alb-fg-https.template.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https.integ.snapshot/aws-ecs-integ-alb-fg-https.template.json index 44a8715cf4b84..d09617d4adbae 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https.integ.snapshot/aws-ecs-integ-alb-fg-https.template.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/alb-fargate-service-https.integ.snapshot/aws-ecs-integ-alb-fg-https.template.json @@ -547,6 +547,12 @@ "HostedZoneId": "fakeId" } ], + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ-alb-fg-https/myService/Certificate" + } + ], "ValidationMethod": "DNS" } }, @@ -879,4 +885,4 @@ ] } } -} \ No newline at end of file +}