From 6aa763f100e5561f4554627116a458abba930480 Mon Sep 17 00:00:00 2001 From: santanugho Date: Thu, 2 Mar 2023 02:09:16 -0800 Subject: [PATCH 01/15] fix(servicecatalogappregistry): applicationName can not be changed after deployment (#24409) Background: * Customers wish to control or modify the stack id of the Application stack to follow their project conventions within CDK. * In previous [fix](https://github.com/aws/aws-cdk/pull/24171), we had deprecated the stack id to push users towards using stack name as the main mechanism for stack identification. * Default stack name as per this [fix](https://github.com/aws/aws-cdk/pull/24171) has `Application Name` embedded in it. If customers wants to **update the application name**, then a new stack name as well as new stack id will be generated, which will eventually create a new Application in a new stack. Problem: * Application associator associates all stacks in scope to an application. * With `ApplicationName` in stack name, we will create an application within a stack. When customers attempt to update the name of the application, we will create a new stack and eventually create a new application, which is the first problem. * In this new application within the new stack, we will try to associate all stacks within the `app` scope, which is already associated to the original application in the original stack and hence cannot be further associated to the new application which will make the deployment of the stack with updated name fail. Fix: * We will continue to honor customer provided stack Name. * If no stack name is provided, then we will default it to `ApplicationAssociator-${hashValues(scope.node.addr)}-Stack`, which doesnt contain `Application Name`. Related Links: * Previous PR which introduced this bug: https://github.com/aws/aws-cdk/pull/24171 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/target-application.ts | 7 +++---- .../test/integ.application.js.snapshot/cdk.out | 2 +- ...integ-servicecatalogappregistry-application.assets.json | 6 +++--- ...teg-servicecatalogappregistry-application.template.json | 4 ++-- .../test/integ.application.js.snapshot/integ.json | 2 +- .../test/integ.application.js.snapshot/manifest.json | 4 ++-- .../test/integ.application.js.snapshot/tree.json | 4 ++-- .../test/integ.application.ts | 2 +- 8 files changed, 15 insertions(+), 16 deletions(-) diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/target-application.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/target-application.ts index 4cfc387a90e67..7c13bbdf55895 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/target-application.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/target-application.ts @@ -1,6 +1,7 @@ import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; import { IApplication, Application } from './application'; +import { hashValues } from './common'; /** * Properties used to define targetapplication. @@ -92,7 +93,7 @@ class CreateTargetApplication extends TargetApplication { } public bind(scope: Construct): BindTargetApplicationResult { (this.applicationOptions.stackName as string) = - this.applicationOptions.stackName || `Application-${this.applicationOptions.applicationName}-Stack`; + this.applicationOptions.stackName || `ApplicationAssociator-${hashValues(scope.node.addr)}-Stack`; const stackId = this.applicationOptions.stackName; (this.applicationOptions.description as string) = this.applicationOptions.description || 'Stack to create AppRegistry application'; @@ -120,10 +121,8 @@ class ExistingTargetApplication extends TargetApplication { super(); } public bind(scope: Construct): BindTargetApplicationResult { - const arnComponents = cdk.Arn.split(this.applicationOptions.applicationArnValue, cdk.ArnFormat.SLASH_RESOURCE_SLASH_RESOURCE_NAME); - const applicationId = arnComponents.resourceName; (this.applicationOptions.stackName as string) = - this.applicationOptions.stackName || `Application-${applicationId}-Stack`; + this.applicationOptions.stackName || `ApplicationAssociator-${hashValues(scope.node.addr)}-Stack`; const stackId = this.applicationOptions.stackName; const applicationStack = new cdk.Stack(scope, stackId, this.applicationOptions); const appRegApplication = Application.fromApplicationArn(applicationStack, 'ExistingApplication', this.applicationOptions.applicationArnValue); diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/cdk.out b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/cdk.out index d8b441d447f8a..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"29.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json index 17d3b8241176a..3ee606db647f9 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json @@ -1,7 +1,7 @@ { - "version": "29.0.0", + "version": "30.1.0", "files": { - "8bf01e42edcc7e9cd4c65b9db9e52d2d6564f931bc84e7f564a1a4c43e499d6e": { + "6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b": { "source": { "path": "integ-servicecatalogappregistry-application.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8bf01e42edcc7e9cd4c65b9db9e52d2d6564f931bc84e7f564a1a4c43e499d6e.json", + "objectKey": "6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json index 34343c5e60207..7cdff29059dd2 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json @@ -3,7 +3,7 @@ "TestApplication2FBC585F": { "Type": "AWS::ServiceCatalogAppRegistry::Application", "Properties": { - "Name": "TestApplication", + "Name": "MyTestApplication", "Description": "Test application description" } }, @@ -132,7 +132,7 @@ { "Ref": "AWS::Region" }, - ".console.aws.amazon.com/systems-manager/appmanager/application/AWS_AppRegistry_Application-TestApplication" + ".console.aws.amazon.com/systems-manager/appmanager/application/AWS_AppRegistry_Application-MyTestApplication" ] ] } diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ.json index f211b281f65e2..519ddfd3c055c 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "30.1.0", "testCases": { "integ.application": { "stacks": [ diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json index 431629ee09836..ebeb0546e09c7 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "30.1.0", "artifacts": { "integ-servicecatalogappregistry-application.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8bf01e42edcc7e9cd4c65b9db9e52d2d6564f931bc84e7f564a1a4c43e499d6e.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json index e1dc8a2ae0954..692d8cdf23ff4 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json @@ -18,7 +18,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::ServiceCatalogAppRegistry::Application", "aws:cdk:cloudformation:props": { - "name": "TestApplication", + "name": "MyTestApplication", "description": "Test application description" } }, @@ -249,7 +249,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } } }, diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts index 7f952e6c05b8a..bc6d61f9f0ce9 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts @@ -6,7 +6,7 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'integ-servicecatalogappregistry-application'); const application = new appreg.Application(stack, 'TestApplication', { - applicationName: 'TestApplication', + applicationName: 'MyTestApplication', description: 'Test application description', }); From 7324ea4215422925babddd4b0d3df4eb046f39ef Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Thu, 2 Mar 2023 10:41:27 +0000 Subject: [PATCH 02/15] chore(release): 2.67.0 --- CHANGELOG.v2.alpha.md | 12 +++++++++ CHANGELOG.v2.md | 30 +++++++++++++++++++++++ packages/@aws-cdk/cx-api/FEATURE_FLAGS.md | 8 +++--- packages/@aws-cdk/cx-api/lib/features.ts | 4 +-- version.v2.json | 4 +-- 5 files changed, 50 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index b273fa1d1a2aa..904d905436fab 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.67.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.66.1-alpha.0...v2.67.0-alpha.0) (2023-03-02) + + +### Features + +* **msk:** add Kafka versions 3.1.1, 3.2.0, and and 3.3.1 ([#23918](https://github.com/aws/aws-cdk/issues/23918)) ([53a1d5f](https://github.com/aws/aws-cdk/commit/53a1d5fd81eabf5e9d846411754a554549f9f62c)), closes [#23899](https://github.com/aws/aws-cdk/issues/23899) + + +### Bug Fixes + +* **servicecatalogappregistry:** applicationName can not be changed after deployment ([#24409](https://github.com/aws/aws-cdk/issues/24409)) ([6aa763f](https://github.com/aws/aws-cdk/commit/6aa763f100e5561f4554627116a458abba930480)) + ## [2.66.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.66.0-alpha.0...v2.66.1-alpha.0) (2023-02-23) ## [2.66.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.65.0-alpha.0...v2.66.0-alpha.0) (2023-02-21) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index b517ec1dfa68c..31967bb1f4ebf 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,36 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.67.0](https://github.com/aws/aws-cdk/compare/v2.66.1...v2.67.0) (2023-03-02) + + +### Features + +* **apigateway:** minCompressionSize on SpecRestApi ([#24067](https://github.com/aws/aws-cdk/issues/24067)) ([2a81f0f](https://github.com/aws/aws-cdk/commit/2a81f0f7d9eb73cd0e807904357a5daf7d6e5017)), closes [#22926](https://github.com/aws/aws-cdk/issues/22926) +* **bootstrap:** prevent accidental bootstrap overwrites ([#24302](https://github.com/aws/aws-cdk/issues/24302)) ([3b251a5](https://github.com/aws/aws-cdk/commit/3b251a5e8e74332076c9e5dc810a80775fa77d61)) +* **cli:** update csharp & fsharp template to net6.0 ([#23926](https://github.com/aws/aws-cdk/issues/23926)) ([3bd611d](https://github.com/aws/aws-cdk/commit/3bd611dcbdf802dbc918d0ecedaf3ac3d9d73503)), closes [#23921](https://github.com/aws/aws-cdk/issues/23921) +* **codebuild:** adds file asset support to build-spec ([#24289](https://github.com/aws/aws-cdk/issues/24289)) ([7cda567](https://github.com/aws/aws-cdk/commit/7cda5673fd3f6c5cd56ea59d71b14115f2a388f2)), closes [#1138](https://github.com/aws/aws-cdk/issues/1138) +* **ecs:** enable default capacity provider strategy ([#23955](https://github.com/aws/aws-cdk/issues/23955)) ([5a30ea6](https://github.com/aws/aws-cdk/commit/5a30ea6536df0fda0e0e7bb89d45666f57fb8890)) +* **eks:** add helm flag --skip-crds ([#24213](https://github.com/aws/aws-cdk/issues/24213)) ([f68dbc2](https://github.com/aws/aws-cdk/commit/f68dbc2ce76a2df51081e959aa70e373a9bf5ac6)), closes [#24296](https://github.com/aws/aws-cdk/issues/24296) +* **sns:** Add FilterPolicyScope support ([#23108](https://github.com/aws/aws-cdk/issues/23108)) ([d986e14](https://github.com/aws/aws-cdk/commit/d986e143df3cf9b42031eba0f5a2d9a71d6d9208)) +* **stepfunctions-tasks:** add revision number ([#24226](https://github.com/aws/aws-cdk/issues/24226)) ([643042b](https://github.com/aws/aws-cdk/commit/643042b8a15779b8a535567085b31424f4373515)), closes [#23491](https://github.com/aws/aws-cdk/issues/23491) + + +### Bug Fixes + +* **cdk-assets:** Error when building Docker Image Assets with Podman ([#24003](https://github.com/aws/aws-cdk/issues/24003)) ([4b08e20](https://github.com/aws/aws-cdk/commit/4b08e20be3b829c752e425883da09188b2dcff72)), closes [/github.com/aws/aws-cdk/issues/16209#issue-978267269](https://github.com/aws//github.com/aws/aws-cdk/issues/16209/issues/issue-978267269) [#16209](https://github.com/aws/aws-cdk/issues/16209) +* **cloudwatch:** math expressions incorrectly warn about search and metrics ([#24313](https://github.com/aws/aws-cdk/issues/24313)) ([f3596eb](https://github.com/aws/aws-cdk/commit/f3596eb26f1e4ab360875bf5f79a7de991d2a9ec)), closes [#20136](https://github.com/aws/aws-cdk/issues/20136) +* **ec2:** userData in launchTemplate is created automatically when machineImege is provided ([#23593](https://github.com/aws/aws-cdk/issues/23593)) ([bb4311b](https://github.com/aws/aws-cdk/commit/bb4311bf05b64cc95a89a319743e3883fd3c5b15)), closes [#23592](https://github.com/aws/aws-cdk/issues/23592) [/github.com/aws/aws-cdk/pull/12385#discussion_r564614928](https://github.com/aws//github.com/aws/aws-cdk/pull/12385/issues/discussion_r564614928) +* **ecr-assets:** fix repeated deploys of stacks with tar assets ([#23497](https://github.com/aws/aws-cdk/issues/23497)) ([c2296a8](https://github.com/aws/aws-cdk/commit/c2296a87116c7bbaf6103a03364326c760a8f952)), closes [#18823](https://github.com/aws/aws-cdk/issues/18823) [#18822](https://github.com/aws/aws-cdk/issues/18822) +* **efs:** support tagging for access point ([#24336](https://github.com/aws/aws-cdk/issues/24336)) ([f9af47f](https://github.com/aws/aws-cdk/commit/f9af47f1fe48e66412d95f3eeef931c9322ba5b7)), closes [#20743](https://github.com/aws/aws-cdk/issues/20743) +* **eks:** changing the subnets or securityGroupIds order causes an error ([#24163](https://github.com/aws/aws-cdk/issues/24163)) ([09c2c19](https://github.com/aws/aws-cdk/commit/09c2c19f22979482020652d902a73dfcc4e593bd)), closes [#24162](https://github.com/aws/aws-cdk/issues/24162) +* **eks:** fix helm deploy login for public ECR repositories ([#24104](https://github.com/aws/aws-cdk/issues/24104)) ([71ec6b6](https://github.com/aws/aws-cdk/commit/71ec6b660cf5062c12c5205dadfc28f893251e4f)), closes [#23977](https://github.com/aws/aws-cdk/issues/23977) +* **eks:** integ tests errors ([#24276](https://github.com/aws/aws-cdk/issues/24276)) ([07f2d7b](https://github.com/aws/aws-cdk/commit/07f2d7b0b947cec31ed3132b95372b9975efa01e)) +* **secretsmanager:** secret resource policy already exists in stack (under feature flag) ([#24365](https://github.com/aws/aws-cdk/issues/24365)) ([7dd8b7e](https://github.com/aws/aws-cdk/commit/7dd8b7e1ce88a13e597e52ff95353d74ab4807f1)), closes [#24383](https://github.com/aws/aws-cdk/issues/24383) +* **servicecatalog:** wrong asset path is generated in case outdir is absolute ([#24393](https://github.com/aws/aws-cdk/issues/24393)) ([0ebbf58](https://github.com/aws/aws-cdk/commit/0ebbf58bdd3307f536334beb5d1153e3ef660f18)), closes [#24392](https://github.com/aws/aws-cdk/issues/24392) +* **sns:** sns subscription filter policy condition limit should be 150 ([#24269](https://github.com/aws/aws-cdk/issues/24269)) ([1e1131c](https://github.com/aws/aws-cdk/commit/1e1131c207de2df7d5881a57cc28daa59bad975a)) +* Correct SamlConsolePrincipal for non-China ([#24277](https://github.com/aws/aws-cdk/issues/24277)) ([e47646c](https://github.com/aws/aws-cdk/commit/e47646c0ff317a421b2f042158fcc0c7ae1aa2cf)), closes [#24243](https://github.com/aws/aws-cdk/issues/24243) + ## [2.66.1](https://github.com/aws/aws-cdk/compare/v2.66.0...v2.66.1) (2023-02-23) diff --git a/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md b/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md index b1ef62b576767..1f1488fee03ae 100644 --- a/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md +++ b/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md @@ -46,8 +46,8 @@ Flags come in three types: | [@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup](#aws-cdkaws-codedeployremovealarmsfromdeploymentgroup) | Remove CloudWatch alarms from deployment group | 2.65.0 | (fix) | | [@aws-cdk/aws-rds:databaseProxyUniqueResourceName](#aws-cdkaws-rdsdatabaseproxyuniqueresourcename) | Use unique resource name for Database Proxy | 2.65.0 | (fix) | | [@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId](#aws-cdkaws-apigatewayauthorizerchangedeploymentlogicalid) | Include authorizer configuration in the calculation of the API deployment logical ID. | 2.66.0 | (fix) | -| [@aws-cdk/aws-ec2:launchTemplateDefaultUserData](#aws-cdkaws-ec2launchtemplatedefaultuserdata) | Define user data for a launch template by default when a machine image is provided. | V2NEXT | (fix) | -| [@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments](#aws-cdkaws-secretsmanageruseattachedsecretresourcepolicyforsecrettargetattachments) | SecretTargetAttachments uses the ResourcePolicy of the attached Secret. | V2NEXT | (fix) | +| [@aws-cdk/aws-ec2:launchTemplateDefaultUserData](#aws-cdkaws-ec2launchtemplatedefaultuserdata) | Define user data for a launch template by default when a machine image is provided. | 2.67.0 | (fix) | +| [@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments](#aws-cdkaws-secretsmanageruseattachedsecretresourcepolicyforsecrettargetattachments) | SecretTargetAttachments uses the ResourcePolicy of the attached Secret. | 2.67.0 | (fix) | @@ -850,7 +850,7 @@ according to the OS of the machine image. | Since | Default | Recommended | | ----- | ----- | ----- | | (not in v1) | | | -| V2NEXT | `false` | `true` | +| 2.67.0 | `false` | `true` | ### @aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments @@ -872,7 +872,7 @@ Then you can re-add the permissions and deploy again. | Since | Default | Recommended | | ----- | ----- | ----- | | (not in v1) | | | -| V2NEXT | `false` | `true` | +| 2.67.0 | `false` | `true` | diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 1ae7e4dd6f2fc..9b63ca0f9c86c 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -687,7 +687,7 @@ export const FLAGS: Record = { according to the OS of the machine image. `, recommendedValue: true, - introducedIn: { v2: 'V2NEXT' }, + introducedIn: { v2: '2.67.0' }, }, ////////////////////////////////////////////////////////////////////// @@ -707,7 +707,7 @@ export const FLAGS: Record = { Then you can re-add the permissions and deploy again. `, recommendedValue: true, - introducedIn: { v2: 'V2NEXT' }, + introducedIn: { v2: '2.67.0' }, }, }; diff --git a/version.v2.json b/version.v2.json index 069c913a7cd3e..c447441e598b2 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.66.1", - "alphaVersion": "2.66.1-alpha.0" + "version": "2.67.0", + "alphaVersion": "2.67.0-alpha.0" } \ No newline at end of file From 790a709d758333f4622c5fb860d9bbb48dee7106 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastiaan?= <78153680+SebastiaanSafeguard@users.noreply.github.com> Date: Thu, 2 Mar 2023 18:29:49 +0100 Subject: [PATCH 03/15] fix(lambda-nodejs): esbuild preCompilation tsconfig precedence is wrong (#23871) The current implementation of the `extractTsConfig` function overrides previously found compiler options by new ones in extended files. So if you override parameters in your tsconfig.json that extends from a different one higher up in the project, the parameters in the base configuration file take precedence over those in the tsconfig that is specified for this specific build task. This change turns around the importance of those parameters so that it matches the behaviour of tsc, where any parameters in the tsconfig override those of the tsconfigs it may extend from. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Construct Runtime Dependencies: * [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-lambda-nodejs/lib/util.ts | 2 +- .../test/testtsconfig-extended.json | 6 ++++ .../aws-lambda-nodejs/test/util.test.ts | 33 +++++++++++++++++++ 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 packages/@aws-cdk/aws-lambda-nodejs/test/testtsconfig-extended.json diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts index eb2f59db03e09..fafac54e9a60e 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/util.ts @@ -197,8 +197,8 @@ function extractTsConfig(tsconfigPath: string, previousCompilerOptions?: Record< // eslint-disable-next-line @typescript-eslint/no-require-imports const { extends: extendedConfig, compilerOptions } = require(tsconfigPath); const updatedCompilerOptions = { - ...(previousCompilerOptions ?? {}), ...compilerOptions, + ...(previousCompilerOptions ?? {}), }; if (extendedConfig) { return extractTsConfig( diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/testtsconfig-extended.json b/packages/@aws-cdk/aws-lambda-nodejs/test/testtsconfig-extended.json new file mode 100644 index 0000000000000..d84edea2e872b --- /dev/null +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/testtsconfig-extended.json @@ -0,0 +1,6 @@ +{ + "extends": "./testtsconfig.json", + "compilerOptions": { + "target": "ES2022" + } +} diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts index a0b27157b8a98..6ea345f505721 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/util.test.ts @@ -213,4 +213,37 @@ describe('getTsconfigCompilerOptions', () => { '--target ES2020', ].join(' ')); }); + + test('should extract compiler options with extended config overriding', () => { + const tsconfig = path.join(__dirname, 'testtsconfig-extended.json'); + const compilerOptions = getTsconfigCompilerOptions(tsconfig); + expect(compilerOptions).toEqual([ + '--alwaysStrict', + '--charset utf8', + '--declaration', + '--declarationMap false', + '--experimentalDecorators', + '--incremental false', + '--inlineSourceMap', + '--inlineSources', + '--lib es2020', + '--module CommonJS', + '--newLine lf', + '--noEmitOnError', + '--noFallthroughCasesInSwitch', + '--noImplicitAny', + '--noImplicitReturns', + '--noImplicitThis', + '--noUnusedLocals', + '--noUnusedParameters', + '--outDir ./', + '--resolveJsonModule', + '--rootDir ./', + '--strict', + '--strictNullChecks', + '--strictPropertyInitialization', + '--stripInternal false', + '--target ES2022', + ].join(' ')); + }); }); From 154b8e3921494ca0b33298522e2036ded1c485e8 Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Fri, 3 Mar 2023 03:38:34 +0900 Subject: [PATCH 04/15] chore(rds): RDS VersionUP follow-up in 2023.3 (#24426) A day after the last commit, we got a bunch of updates! A bit frustrating:) - [Amazon RDS for PostgreSQL now supports major version PostgreSQL 15](https://aws.amazon.com/about-aws/whats-new/2023/02/amazon-rds-postgresql-major-version-15/) - [Amazon RDS for MariaDB supports new minor versions 10.6.12, 10.5.19, 10.4.28 and 10.3.38](https://aws.amazon.com/about-aws/whats-new/2023/02/amazon-rds-mariadb-new-minor-versions/) - [Amazon Aurora MySQL 3.03 (compatible with MySQL 8.0.26) is generally available](https://aws.amazon.com/about-aws/whats-new/2023/03/amazon-aurora-mysql-3-03-compatible-mysql-8-0-26-available/) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/lib/cluster-engine.ts | 2 ++ packages/@aws-cdk/aws-rds/lib/instance-engine.ts | 13 ++++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts index 6c61051c5938f..760abe90ac27e 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts @@ -426,6 +426,8 @@ export class AuroraMysqlEngineVersion { public static readonly VER_3_02_1 = AuroraMysqlEngineVersion.builtIn_8_0('3.02.1'); /** Version "8.0.mysql_aurora.3.02.2". */ public static readonly VER_3_02_2 = AuroraMysqlEngineVersion.builtIn_8_0('3.02.2'); + /** Version "8.0.mysql_aurora.3.03.0". */ + public static readonly VER_3_03_0 = AuroraMysqlEngineVersion.builtIn_8_0('3.03.0'); /** * Create a new AuroraMysqlEngineVersion with an arbitrary version. diff --git a/packages/@aws-cdk/aws-rds/lib/instance-engine.ts b/packages/@aws-cdk/aws-rds/lib/instance-engine.ts index 11f2e7cf2d1c3..77fb08ffb0ad5 100644 --- a/packages/@aws-cdk/aws-rds/lib/instance-engine.ts +++ b/packages/@aws-cdk/aws-rds/lib/instance-engine.ts @@ -313,6 +313,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_3_36 = MariaDbEngineVersion.of('10.3.36', '10.3'); /** Version "10.3.37". */ public static readonly VER_10_3_37 = MariaDbEngineVersion.of('10.3.37', '10.3'); + /** Version "10.3.38". */ + public static readonly VER_10_3_38 = MariaDbEngineVersion.of('10.3.38', '10.3'); /** Version "10.4" (only a major version, without a specific minor version). */ public static readonly VER_10_4 = MariaDbEngineVersion.of('10.4', '10.4'); @@ -334,6 +336,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_4_26 = MariaDbEngineVersion.of('10.4.26', '10.4'); /** Version "10.4.27". */ public static readonly VER_10_4_27 = MariaDbEngineVersion.of('10.4.27', '10.4') + /** Version "10.4.28". */ + public static readonly VER_10_4_28 = MariaDbEngineVersion.of('10.4.28', '10.4') /** Version "10.5" (only a major version, without a specific minor version). */ public static readonly VER_10_5 = MariaDbEngineVersion.of('10.5', '10.5'); @@ -353,6 +357,8 @@ export class MariaDbEngineVersion { public static readonly VER_10_5_17 = MariaDbEngineVersion.of('10.5.17', '10.5'); /** Version "10.5.18". */ public static readonly VER_10_5_18 = MariaDbEngineVersion.of('10.5.18', '10.5'); + /** Version "10.5.19". */ + public static readonly VER_10_5_19 = MariaDbEngineVersion.of('10.5.19', '10.5'); /** Version "10.6" (only a major version, without a specific minor version). */ public static readonly VER_10_6 = MariaDbEngineVersion.of('10.6', '10.6'); @@ -366,6 +372,9 @@ export class MariaDbEngineVersion { public static readonly VER_10_6_10 = MariaDbEngineVersion.of('10.6.10', '10.6'); /** Version "10.6.11". */ public static readonly VER_10_6_11 = MariaDbEngineVersion.of('10.6.11', '10.6'); + /** Version "10.6.12". */ + public static readonly VER_10_6_12 = MariaDbEngineVersion.of('10.6.12', '10.6'); + /** * Create a new MariaDbEngineVersion with an arbitrary version. @@ -1038,6 +1047,9 @@ export class PostgresEngineVersion { /** Version "14.6". */ public static readonly VER_14_6 = PostgresEngineVersion.of('14.6', '14', { s3Import: true, s3Export: true }); + /** Version "15" (only a major version, without a specific minor version). */ + public static readonly VER_15 = PostgresEngineVersion.of('15', '15', { s3Import: true, s3Export: true }); + /** * Create a new PostgresEngineVersion with an arbitrary version. * @@ -1335,7 +1347,6 @@ export class OracleEngineVersion { /** Version "19.0.0.0.ru-2023-01.rur-2023-01.r1". */ public static readonly VER_19_0_0_0_2023_01_R1 = OracleEngineVersion.of('19.0.0.0.ru-2023-01.rur-2023-01.r1', '19'); - /** Version "21" (only a major version, without a specific minor version). */ public static readonly VER_21 = OracleEngineVersion.of('21', '21'); /** Version "21.0.0.0.ru-2022-01.rur-2022-01.r1". */ From 856defb8a682af69e20d9af31e0c8a9c25ba8f6c Mon Sep 17 00:00:00 2001 From: watany <76135106+watany-dev@users.noreply.github.com> Date: Fri, 3 Mar 2023 04:21:39 +0900 Subject: [PATCH 05/15] chore(config): AWS Config now supports 20 new resource types (#24424) fix. https://aws.amazon.com/about-aws/whats-new/2023/02/aws-config-20-resource-types/ ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-config/lib/rule.ts | 40 ++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/packages/@aws-cdk/aws-config/lib/rule.ts b/packages/@aws-cdk/aws-config/lib/rule.ts index 679e67ae50999..846006d990de1 100644 --- a/packages/@aws-cdk/aws-config/lib/rule.ts +++ b/packages/@aws-cdk/aws-config/lib/rule.ts @@ -2168,6 +2168,10 @@ export class ResourceType { public static readonly EFS_ACCESS_POINT = new ResourceType('AWS::EFS::AccessPoint'); /** Amazon Elastic Kubernetes Service cluster */ public static readonly EKS_CLUSTER = new ResourceType('AWS::EKS::Cluster'); + /** Amazon Elastic Kubernetes Service identity provider config */ + public static readonly EKS_IDENTITY_PROVIDER_CONFIG = new ResourceType('AWS::EKS::IdentityProviderConfig'); + /** Amazon Elastic Kubernetes Service addon */ + public static readonly EKS_ADDON = new ResourceType('AWS::EKS::Addon'); /** Amazon EMR security configuration */ public static readonly EMR_SECURITY_CONFIGURATION = new ResourceType('AWS::EMR::SecurityConfiguration'); /** Amazon EventBridge EventBus */ @@ -2202,6 +2206,12 @@ export class ResourceType { public static readonly GUARDDUTY_FILTER = new ResourceType('AWS::GuardDuty::Filter'); /** Amazon ElasticSearch domain */ public static readonly ELASTICSEARCH_DOMAIN = new ResourceType('AWS::Elasticsearch::Domain'); + /** Amazon Interactive Video Service (IVS) channel */ + public static readonly IVS_CHANNEL = new ResourceType('AWS::IVS::Channel'); + /** Amazon Interactive Video Service (IVS) recording configuration */ + public static readonly IVS_RECORDING_CONFIGURATION = new ResourceType('AWS::IVS::RecordingConfiguration'); + /** Amazon Interactive Video Service (IVS) playback key pair */ + public static readonly IVS_PLAYBACK_KEYPAIR = new ResourceType('AWS::IVS::PlaybackKeyPair'); /** Amazon OpenSearch domain */ public static readonly OPENSEARCH_DOMAIN = new ResourceType('AWS::OpenSearch::Domain'); /** Amazon QLDB ledger */ @@ -2210,6 +2220,8 @@ export class ResourceType { public static readonly KINESIS_STREAM = new ResourceType('AWS::Kinesis::Stream'); /** Amazon Kinesis stream consumer */ public static readonly KINESIS_STREAM_CONSUMER = new ResourceType('AWS::Kinesis::StreamConsumer'); + /** Amazon Kinesis Analytics V2 application */ + public static readonly KINESIS_ANALYTICS_V2_APPLICATION = new ResourceType('AWS::KinesisAnalyticsV2::Application'); /** Amazon Lightsail Certificate */ public static readonly LIGHTSAIL_CERTIFICATE = new ResourceType('AWS::Lightsail::Certificate'); /** Amazon Lightsail Disk */ @@ -2248,6 +2260,8 @@ export class ResourceType { public static readonly RDS_DB_CLUSTER = new ResourceType('AWS::RDS::DBCluster'); /** Amazon RDS database cluster snapshot */ public static readonly RDS_DB_CLUSTER_SNAPSHOT = new ResourceType('AWS::RDS::DBClusterSnapshot'); + /** Amazon RDS global cluster */ + public static readonly RDS_GLOBAL_CLUSTER = new ResourceType('AWS::RDS::GlobalCluster'); /** Amazon Route53 Hosted Zone */ public static readonly ROUTE53_HOSTED_ZONE= new ResourceType('AWS::Route53::HostedZone'); /** Amazon Route53 Health Check */ @@ -2270,6 +2284,8 @@ export class ResourceType { public static readonly SNS_TOPIC = new ResourceType('AWS::SNS::Topic'); /** Amazon S3 bucket */ public static readonly S3_BUCKET = new ResourceType('AWS::S3::Bucket'); + /** Amazon S3 Multi-Region Access Point */ + public static readonly S3_MULTIREGION_ACCESS_POINT = new ResourceType('AWS::S3::MultiRegionAccessPoint'); /** Amazon SageMaker code repository */ public static readonly SAGEMAKER_CODE_REPOSITORY = new ResourceType('AWS::SageMaker::CodeRepository'); /** Amazon SageMaker model */ @@ -2408,6 +2424,8 @@ export class ResourceType { public static readonly GLUE_JOB = new ResourceType('AWS::Glue::Job'); /** AWS Glue Classifier */ public static readonly GLUE_CLASSIFIER = new ResourceType('AWS::Glue::Classifier'); + /** AWS Glue machine learning transform */ + public static readonly GLUE_ML_TRANSFORM = new ResourceType('AWS::Glue::MLTransform'); /** AWS IAM user */ public static readonly IAM_USER = new ResourceType('AWS::IAM::User'); /** AWS IAM group */ @@ -2426,14 +2444,36 @@ export class ResourceType { public static readonly IOT_ROLE_ALIAS = new ResourceType('AWS::IoT::RoleAlias'); /** AWS IoT dimension */ public static readonly IOT_DIMENSION = new ResourceType('AWS::IoT::Dimension'); + /** AWS IoT policy */ + public static readonly IOT_POLICY = new ResourceType('AWS::IoT::Policy'); + /** AWS IoT mitigation action */ + public static readonly IOT_MITIGATION_ACTION = new ResourceType('AWS::IoT::MitigationAction'); + /** AWS IoT TwinMaker workspace */ + public static readonly IOT_TWINMAKER_WORKSPACE = new ResourceType('AWS::IoTwinMaker::Workspace'); + /** AWS IoT TwinMaker entity */ + public static readonly IOT_TWINMAKER_ENTITY = new ResourceType('AWS::IoTTwinMaker::Entity'); /** AWS IoT Analytics datastore */ public static readonly IOT_ANALYTICS_DATASTORE = new ResourceType('AWS::IoTAnalytics::Datastore'); + /** AWS IoT Analytics dataset */ + public static readonly IOT_ANALYTICS_DATASET = new ResourceType('AWS::IoTAnalytics::Dataset'); + /** AWS IoT Analytics pipeline */ + public static readonly IOT_ANALYTICS_PIPELINE = new ResourceType('AWS::IoTAnalytics::Pipeline'); + /** AWS IoT Analytics channel */ + public static readonly IOT_ANALYTICS_CHANNEL = new ResourceType('AWS::IoTAnalytics::Channel'); /** AWS IoT Events Input */ public static readonly IOT_EVENTS_INPUT = new ResourceType('AWS::IoTEvents::Input'); /** AWS IoT Events Detector Model */ public static readonly IOT_EVENTS_DETECTOR_MODEL = new ResourceType('AWS::IoTEvents::DetectorModel'); /** AWS IoT Events Alarm Model */ public static readonly IOT_EVENTS_ALARM_MODEL = new ResourceType('AWS::IoTEvents::AlarmModel'); + /** AWS IoT SiteWise dashboard */ + public static readonly IOT_SITEWISE_DASHBOARD = new ResourceType('AWS::IoTSiteWise::Dashboard'); + /** AWS IoT SiteWise project */ + public static readonly IOT_SITEWISE_PROJECT = new ResourceType('AWS::IoTSiteWise::Project'); + /** AWS IoT SiteWise portal */ + public static readonly IOT_SITEWISE_PORTAL = new ResourceType('AWS::IoTSiteWise::Portal'); + /** AWS IoT SiteWise asset model */ + public static readonly IOT_SITEWISE_ASSETMODEL = new ResourceType('AWS::IoTSiteWise::AssetModel'); /** AWS KMS Key */ public static readonly KMS_KEY = new ResourceType('AWS::KMS::Key'); /** AWS Lambda function */ From 9a07ab008d1b6d23e9a302921f1a5165a21fb128 Mon Sep 17 00:00:00 2001 From: Rizxcviii Date: Thu, 2 Mar 2023 20:02:20 +0000 Subject: [PATCH 06/15] feat(redshift): columns require an id attribute (under feature flag) (#24272) Adds an `id` attribute to retain tables on changing of the column name. This will essentially fire an `ALTER` statement to rename the column, whilst persisting the id, so columns cannot be dropped. Closes #24234. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-redshift/README.md | 15 + .../private/database-query-provider/table.ts | 32 +- .../aws-redshift/lib/private/handler-props.ts | 1 + packages/@aws-cdk/aws-redshift/lib/table.ts | 31 +- .../database-query-provider/table.test.ts | 54 + .../handler-name.js | 0 .../index.js | 0 .../privileges.js | 2 +- .../redshift-data.js | 0 .../table.js | 148 ++ .../types.js | 0 .../user.js | 2 +- .../util.js | 2 +- .../cfn-response.js | 87 + .../consts.js | 10 + .../framework.js | 168 ++ .../outbound.js | 69 + .../util.js | 39 + ...-cdk-redshift-cluster-database.assets.json | 45 + ...dk-redshift-cluster-database.template.json | 877 ++++++++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 321 ++++ ...efaultTestDeployAssert4339FB48.assets.json | 19 + ...aultTestDeployAssert4339FB48.template.json | 36 + .../tree.json | 1410 +++++++++++++++++ .../test/integ.database-columnid.ts | 59 + .../handler-name.js | 10 + .../index.js | 21 + .../privileges.js | 58 + .../redshift-data.js | 37 + .../table.js | 148 ++ .../types.js | 24 + .../user.js | 70 + .../util.js | 34 + .../table.js | 125 -- ...-cdk-redshift-cluster-database.assets.json | 12 +- ...dk-redshift-cluster-database.template.json | 5 +- .../test/integ.database.js.snapshot/cdk.out | 2 +- .../integ.database.js.snapshot/integ.json | 2 +- .../integ.database.js.snapshot/manifest.json | 4 +- ...efaultTestDeployAssert4339FB48.assets.json | 2 +- .../test/integ.database.js.snapshot/tree.json | 14 +- .../aws-redshift/test/integ.database.ts | 7 +- .../@aws-cdk/aws-redshift/test/table.test.ts | 60 +- packages/@aws-cdk/cx-api/FEATURE_FLAGS.md | 27 +- packages/@aws-cdk/cx-api/README.md | 16 + packages/@aws-cdk/cx-api/lib/features.ts | 22 + 48 files changed, 3985 insertions(+), 155 deletions(-) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/handler-name.js (100%) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/index.js (100%) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/privileges.js (96%) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/redshift-data.js (100%) create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/types.js (100%) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/user.js (97%) rename packages/@aws-cdk/aws-redshift/test/{integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08 => integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338}/util.js (97%) create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/cfn-response.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/consts.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/framework.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/outbound.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/util.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.assets.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.template.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database-columnid.ts create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js create mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js delete mode 100644 packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/table.js diff --git a/packages/@aws-cdk/aws-redshift/README.md b/packages/@aws-cdk/aws-redshift/README.md index e73ee4c361732..9eb79a46b8b7a 100644 --- a/packages/@aws-cdk/aws-redshift/README.md +++ b/packages/@aws-cdk/aws-redshift/README.md @@ -214,6 +214,21 @@ new Table(this, 'Table', { }); ``` +Table columns can also contain an `id` attribute, which can allow table columns to be renamed. + +**NOTE** To use the `id` attribute, you must also enable the `@aws-cdk/aws-redshift:columnId` feature flag. + +```ts fixture=cluster +new Table(this, 'Table', { + tableColumns: [ + { id: 'col1', name: 'col1', dataType: 'varchar(4)' }, + { id: 'col2', name: 'col2', dataType: 'float' } + ], + cluster: cluster, + databaseName: 'databaseName', +}); +``` + ### Granting Privileges You can give a user privileges to perform certain actions on a table by using the diff --git a/packages/@aws-cdk/aws-redshift/lib/private/database-query-provider/table.ts b/packages/@aws-cdk/aws-redshift/lib/private/database-query-provider/table.ts index 15b206c12c654..bb6274f107681 100644 --- a/packages/@aws-cdk/aws-redshift/lib/private/database-query-provider/table.ts +++ b/packages/@aws-cdk/aws-redshift/lib/private/database-query-provider/table.ts @@ -10,6 +10,7 @@ export async function handler(props: TableAndClusterProps, event: AWSLambda.Clou const tableNameSuffix = props.tableName.generateSuffix === 'true' ? `${event.RequestId.substring(0, 8)}` : ''; const tableColumns = props.tableColumns; const tableAndClusterProps = props; + const useColumnIds = props.useColumnIds; if (event.RequestType === 'Create') { const tableName = await createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); @@ -23,6 +24,7 @@ export async function handler(props: TableAndClusterProps, event: AWSLambda.Clou tableNamePrefix, tableNameSuffix, tableColumns, + useColumnIds, tableAndClusterProps, event.OldResourceProperties as TableAndClusterProps, ); @@ -77,6 +79,7 @@ async function updateTable( tableNamePrefix: string, tableNameSuffix: string, tableColumns: Column[], + useColumnIds: boolean, tableAndClusterProps: TableAndClusterProps, oldResourceProperties: TableAndClusterProps, ): Promise { @@ -94,19 +97,44 @@ async function updateTable( const oldTableColumns = oldResourceProperties.tableColumns; const columnDeletions = oldTableColumns.filter(oldColumn => ( - tableColumns.every(column => oldColumn.name !== column.name) + tableColumns.every(column => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id !== column.id : oldColumn.name !== column.name; + } + return oldColumn.name !== column.name; + }) )); if (columnDeletions.length > 0) { alterationStatements.push(...columnDeletions.map(column => `ALTER TABLE ${tableName} DROP COLUMN ${column.name}`)); } const columnAdditions = tableColumns.filter(column => { - return !oldTableColumns.some(oldColumn => column.name === oldColumn.name && column.dataType === oldColumn.dataType); + return !oldTableColumns.some(oldColumn => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id === column.id : oldColumn.name === column.name; + } + return oldColumn.name === column.name; + }); }).map(column => `ADD ${column.name} ${column.dataType}`); if (columnAdditions.length > 0) { alterationStatements.push(...columnAdditions.map(addition => `ALTER TABLE ${tableName} ${addition}`)); } + if (useColumnIds) { + const columnNameUpdates = tableColumns.reduce((updates, column) => { + const oldColumn = oldTableColumns.find(oldCol => oldCol.id && oldCol.id === column.id); + if (oldColumn && oldColumn.name !== column.name) { + updates[oldColumn.name] = column.name; + } + return updates; + }, {} as Record); + if (Object.keys(columnNameUpdates).length > 0) { + alterationStatements.push(...Object.entries(columnNameUpdates).map(([oldName, newName]) => ( + `ALTER TABLE ${tableName} RENAME COLUMN ${oldName} TO ${newName}` + ))); + } + } + const oldDistStyle = oldResourceProperties.distStyle; if ((!oldDistStyle && tableAndClusterProps.distStyle) || (oldDistStyle && !tableAndClusterProps.distStyle)) { diff --git a/packages/@aws-cdk/aws-redshift/lib/private/handler-props.ts b/packages/@aws-cdk/aws-redshift/lib/private/handler-props.ts index 5937f9dc3009d..b26fe2a5a7237 100644 --- a/packages/@aws-cdk/aws-redshift/lib/private/handler-props.ts +++ b/packages/@aws-cdk/aws-redshift/lib/private/handler-props.ts @@ -21,6 +21,7 @@ export interface TableHandlerProps { readonly distStyle?: TableDistStyle; readonly sortStyle: TableSortStyle; readonly tableComment?: string; + readonly useColumnIds: boolean; } export interface TablePrivilege { diff --git a/packages/@aws-cdk/aws-redshift/lib/table.ts b/packages/@aws-cdk/aws-redshift/lib/table.ts index 147e50fa1248b..2f3f095a39110 100644 --- a/packages/@aws-cdk/aws-redshift/lib/table.ts +++ b/packages/@aws-cdk/aws-redshift/lib/table.ts @@ -1,4 +1,6 @@ +/* eslint-disable import/no-extraneous-dependencies */ import * as cdk from '@aws-cdk/core'; +import { REDSHIFT_COLUMN_ID } from '@aws-cdk/cx-api'; import { Construct, IConstruct } from 'constructs'; import { ICluster } from './cluster'; import { DatabaseOptions } from './database-options'; @@ -55,9 +57,18 @@ export enum TableAction { */ export interface Column { /** - * The unique name/identifier of the column. + * The unique identifier of the column. * - * **NOTE**. After deploying this column, you cannot change its name. Doing so will cause the column to be dropped and recreated. + * This is not the name of the column, and renaming this identifier will cause a new column to be created and the old column to be dropped. + * + * **NOTE** - This field will be set, however, only by setting the `@aws-cdk/aws-redshift:columnId` feature flag will this field be used. + * + * @default - the column name is used as the identifier + */ + readonly id?: string; + + /** + * The name of the column. This will appear on Amazon Redshift. */ readonly name: string; @@ -217,6 +228,7 @@ export class Table extends TableBase { constructor(scope: Construct, id: string, props: TableProps) { super(scope, id); + this.addColumnIds(props.tableColumns); this.validateDistKeyColumns(props.tableColumns); if (props.distStyle) { this.validateDistStyle(props.distStyle, props.tableColumns); @@ -229,6 +241,8 @@ export class Table extends TableBase { this.cluster = props.cluster; this.databaseName = props.databaseName; + const useColumnIds = !!cdk.FeatureFlags.of(this).isEnabled(REDSHIFT_COLUMN_ID); + this.resource = new DatabaseQuery(this, 'Resource', { removalPolicy: cdk.RemovalPolicy.RETAIN, ...props, @@ -242,6 +256,7 @@ export class Table extends TableBase { distStyle: props.distStyle, sortStyle: props.sortStyle ?? this.getDefaultSortStyle(props.tableColumns), tableComment: props.tableComment, + useColumnIds, }, }); @@ -297,6 +312,18 @@ export class Table extends TableBase { const sortKeyColumns = getSortKeyColumns(columns); return (sortKeyColumns.length === 0) ? TableSortStyle.AUTO : TableSortStyle.COMPOUND; } + + private addColumnIds(columns: Column[]): void { + const columnIds = new Set(); + for (const column of columns) { + if (column.id) { + if (columnIds.has(column.id)) { + throw new Error(`Column id '${column.id}' is not unique.`); + } + columnIds.add(column.id); + } + } + } } /** diff --git a/packages/@aws-cdk/aws-redshift/test/database-query-provider/table.test.ts b/packages/@aws-cdk/aws-redshift/test/database-query-provider/table.test.ts index 96c1adebf8a1d..0999f20826fd7 100644 --- a/packages/@aws-cdk/aws-redshift/test/database-query-provider/table.test.ts +++ b/packages/@aws-cdk/aws-redshift/test/database-query-provider/table.test.ts @@ -19,6 +19,7 @@ const adminUserArn = 'adminUserArn'; const databaseName = 'databaseName'; const physicalResourceId = 'PhysicalResourceId'; const resourceProperties: ResourcePropertiesType = { + useColumnIds: true, tableName: { prefix: tableNamePrefix, generateSuffix: 'true', @@ -270,6 +271,59 @@ describe('update', () => { })); }); + describe('column name', () => { + test('does not replace if column name changed', async () => { + const newEvent = { + ...event, + OldResourceProperties: { + ...event.OldResourceProperties, + tableColumns: [ + { id: 'col1', name: 'col1', dataType: 'varchar(1)' }, + ], + }, + }; + const newTableColumnName = 'col2'; + const newResourceProperties: ResourcePropertiesType = { + ...resourceProperties, + tableColumns: [ + { id: 'col1', name: newTableColumnName, dataType: 'varchar(1)' }, + ], + }; + + await expect(manageTable(newResourceProperties, newEvent)).resolves.toMatchObject({ + PhysicalResourceId: physicalResourceId, + }); + expect(mockExecuteStatement).toHaveBeenCalledWith(expect.objectContaining({ + Sql: `ALTER TABLE ${physicalResourceId} RENAME COLUMN col1 TO ${newTableColumnName}`, + })); + }); + + test('does not replace if column id assigned, from undefined', async () => { + const newEvent = { + ...event, + OldResourceProperties: { + ...event.OldResourceProperties, + tableColumns: [ + { name: 'col1', dataType: 'varchar(1)' }, + ], + }, + }; + const newResourceProperties: ResourcePropertiesType = { + ...resourceProperties, + tableColumns: [ + { id: 'col1', name: 'col1', dataType: 'varchar(1)' }, + ], + }; + + await expect(manageTable(newResourceProperties, newEvent)).resolves.toMatchObject({ + PhysicalResourceId: physicalResourceId, + }); + expect(mockExecuteStatement).not.toHaveBeenCalledWith(expect.objectContaining({ + Sql: `ALTER TABLE ${physicalResourceId} RENAME COLUMN col1 TO col1`, + })); + }); + }); + describe('distStyle and distKey', () => { test('replaces if distStyle is added', async () => { const newResourceProperties: ResourcePropertiesType = { diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/handler-name.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js similarity index 100% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/handler-name.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/index.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js similarity index 100% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/index.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/privileges.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js similarity index 96% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/privileges.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js index 0f91b63fdad4d..8770142deb498 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/privileges.js +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js @@ -55,4 +55,4 @@ async function updatePrivileges(username, tablePrivileges, clusterProps, oldReso } return { replace: false }; } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpdmlsZWdlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInByaXZpbGVnZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBR0EsbURBQW1EO0FBRW5ELGlDQUF3QztBQUVqQyxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQXFELEVBQUUsS0FBa0Q7SUFDckksTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLFFBQVEsQ0FBQztJQUNoQyxNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsZUFBZSxDQUFDO0lBQzlDLE1BQU0sWUFBWSxHQUFHLEtBQUssQ0FBQztJQUUzQixJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ2xDLE1BQU0sZUFBZSxDQUFDLFFBQVEsRUFBRSxlQUFlLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDL0QsT0FBTyxFQUFFLGtCQUFrQixFQUFFLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztLQUN4RjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxnQkFBZ0IsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ2hFLE9BQU87S0FDUjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sZ0JBQWdCLENBQ3hDLFFBQVEsRUFDUixlQUFlLEVBQ2YsWUFBWSxFQUNaLEtBQUssQ0FBQyxxQkFBdUUsQ0FDOUUsQ0FBQztRQUNGLE1BQU0sVUFBVSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMscUJBQWMsQ0FBQyxRQUFRLEVBQUUsWUFBWSxFQUFFLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDO1FBQ2hILE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxVQUFVLEVBQUUsQ0FBQztLQUMzQztTQUFNO1FBQ0wsMkNBQTJDO1FBQzNDLE1BQU0sSUFBSSxLQUFLLENBQUMsNEJBQTRCLEtBQUssQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDckU7QUFDSCxDQUFDO0FBeEJELDBCQXdCQztBQUVELEtBQUssVUFBVSxnQkFBZ0IsQ0FBQyxRQUFnQixFQUFFLGVBQWlDLEVBQUUsWUFBMEI7SUFDN0csTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO1FBQy9ELE9BQU8sZ0NBQWdCLENBQUMsVUFBVSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLFNBQVMsU0FBUyxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztJQUN6RyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQ04sQ0FBQztBQUVELEtBQUssVUFBVSxlQUFlLENBQUMsUUFBZ0IsRUFBRSxlQUFpQyxFQUFFLFlBQTBCO0lBQzVHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsT0FBTyxFQUFFLEVBQUUsRUFBRTtRQUMvRCxPQUFPLGdDQUFnQixDQUFDLFNBQVMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxTQUFTLE9BQU8sUUFBUSxFQUFFLEVBQUUsWUFBWSxDQUFDLENBQUM7SUFDdEcsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNOLENBQUM7QUFFRCxLQUFLLFVBQVUsZ0JBQWdCLENBQzdCLFFBQWdCLEVBQ2hCLGVBQWlDLEVBQ2pDLFlBQTBCLEVBQzFCLHFCQUFxRTtJQUVyRSxNQUFNLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQztJQUM5QyxJQUFJLFlBQVksQ0FBQyxXQUFXLEtBQUssZUFBZSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUgsTUFBTSxlQUFlLENBQUMsUUFBUSxFQUFFLGVBQWUsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUMvRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsTUFBTSxXQUFXLEdBQUcscUJBQXFCLENBQUMsUUFBUSxDQUFDO0lBQ25ELElBQUksV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUM1QixNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7S0FDMUI7SUFFRCxNQUFNLGtCQUFrQixHQUFHLHFCQUFxQixDQUFDLGVBQWUsQ0FBQztJQUNqRSxJQUFJLGtCQUFrQixLQUFLLGVBQWUsRUFBRTtRQUMxQyxNQUFNLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxrQkFBa0IsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNuRSxNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7S0FDM0I7SUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxDQUFDO0FBQzVCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbmltcG9ydCB7IFRhYmxlUHJpdmlsZWdlLCBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzIH0gZnJvbSAnLi4vaGFuZGxlci1wcm9wcyc7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgbWFrZVBoeXNpY2FsSWQgfSBmcm9tICcuL3V0aWwnO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlclRhYmxlUHJpdmlsZWdlc0hhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgdGFibGVQcml2aWxlZ2VzID0gcHJvcHMudGFibGVQcml2aWxlZ2VzO1xuICBjb25zdCBjbHVzdGVyUHJvcHMgPSBwcm9wcztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIH07XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgcmV2b2tlUHJpdmlsZWdlcyh1c2VybmFtZSwgdGFibGVQcml2aWxlZ2VzLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVByaXZpbGVnZXMoXG4gICAgICB1c2VybmFtZSxcbiAgICAgIHRhYmxlUHJpdmlsZWdlcyxcbiAgICAgIGNsdXN0ZXJQcm9wcyxcbiAgICAgIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuICAgICk7XG4gICAgY29uc3QgcGh5c2ljYWxJZCA9IHJlcGxhY2UgPyBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxJZCB9O1xuICB9IGVsc2Uge1xuICAgIC8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBkb3Qtbm90YXRpb24gKi9cbiAgICB0aHJvdyBuZXcgRXJyb3IoYFVucmVjb2duaXplZCBldmVudCB0eXBlOiAke2V2ZW50WydSZXF1ZXN0VHlwZSddfWApO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHJldm9rZVByaXZpbGVnZXModXNlcm5hbWU6IHN0cmluZywgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBhd2FpdCBQcm9taXNlLmFsbCh0YWJsZVByaXZpbGVnZXMubWFwKCh7IHRhYmxlTmFtZSwgYWN0aW9ucyB9KSA9PiB7XG4gICAgcmV0dXJuIGV4ZWN1dGVTdGF0ZW1lbnQoYFJFVk9LRSAke2FjdGlvbnMuam9pbignLCAnKX0gT04gJHt0YWJsZU5hbWV9IEZST00gJHt1c2VybmFtZX1gLCBjbHVzdGVyUHJvcHMpO1xuICB9KSk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGdyYW50UHJpdmlsZWdlcyh1c2VybmFtZTogc3RyaW5nLCB0YWJsZVByaXZpbGVnZXM6IFRhYmxlUHJpdmlsZWdlW10sIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzKSB7XG4gIGF3YWl0IFByb21pc2UuYWxsKHRhYmxlUHJpdmlsZWdlcy5tYXAoKHsgdGFibGVOYW1lLCBhY3Rpb25zIH0pID0+IHtcbiAgICByZXR1cm4gZXhlY3V0ZVN0YXRlbWVudChgR1JBTlQgJHthY3Rpb25zLmpvaW4oJywgJyl9IE9OICR7dGFibGVOYW1lfSBUTyAke3VzZXJuYW1lfWAsIGNsdXN0ZXJQcm9wcyk7XG4gIH0pKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gdXBkYXRlUHJpdmlsZWdlcyhcbiAgdXNlcm5hbWU6IHN0cmluZyxcbiAgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLFxuICBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcyxcbiAgb2xkUmVzb3VyY2VQcm9wZXJ0aWVzOiBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuKTogUHJvbWlzZTx7IHJlcGxhY2U6IGJvb2xlYW4gfT4ge1xuICBjb25zdCBvbGRDbHVzdGVyUHJvcHMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXM7XG4gIGlmIChjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSB8fCBjbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogdHJ1ZSB9O1xuICB9XG5cbiAgY29uc3Qgb2xkVXNlcm5hbWUgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudXNlcm5hbWU7XG4gIGlmIChvbGRVc2VybmFtZSAhPT0gdXNlcm5hbWUpIHtcbiAgICBhd2FpdCBncmFudFByaXZpbGVnZXModXNlcm5hbWUsIHRhYmxlUHJpdmlsZWdlcywgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRUYWJsZVByaXZpbGVnZXMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVQcml2aWxlZ2VzO1xuICBpZiAob2xkVGFibGVQcml2aWxlZ2VzICE9PSB0YWJsZVByaXZpbGVnZXMpIHtcbiAgICBhd2FpdCByZXZva2VQcml2aWxlZ2VzKHVzZXJuYW1lLCBvbGRUYWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbiAgfVxuXG4gIHJldHVybiB7IHJlcGxhY2U6IGZhbHNlIH07XG59XG4iXX0= \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpdmlsZWdlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInByaXZpbGVnZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsbURBQW1EO0FBRW5ELGlDQUF3QztBQUdqQyxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQXFELEVBQUUsS0FBa0Q7SUFDckksTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLFFBQVEsQ0FBQztJQUNoQyxNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsZUFBZSxDQUFDO0lBQzlDLE1BQU0sWUFBWSxHQUFHLEtBQUssQ0FBQztJQUUzQixJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ2xDLE1BQU0sZUFBZSxDQUFDLFFBQVEsRUFBRSxlQUFlLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDL0QsT0FBTyxFQUFFLGtCQUFrQixFQUFFLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztLQUN4RjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxnQkFBZ0IsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ2hFLE9BQU87S0FDUjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sZ0JBQWdCLENBQ3hDLFFBQVEsRUFDUixlQUFlLEVBQ2YsWUFBWSxFQUNaLEtBQUssQ0FBQyxxQkFBdUUsQ0FDOUUsQ0FBQztRQUNGLE1BQU0sVUFBVSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMscUJBQWMsQ0FBQyxRQUFRLEVBQUUsWUFBWSxFQUFFLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDO1FBQ2hILE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxVQUFVLEVBQUUsQ0FBQztLQUMzQztTQUFNO1FBQ0wsMkNBQTJDO1FBQzNDLE1BQU0sSUFBSSxLQUFLLENBQUMsNEJBQTRCLEtBQUssQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDckU7QUFDSCxDQUFDO0FBeEJELDBCQXdCQztBQUVELEtBQUssVUFBVSxnQkFBZ0IsQ0FBQyxRQUFnQixFQUFFLGVBQWlDLEVBQUUsWUFBMEI7SUFDN0csTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO1FBQy9ELE9BQU8sZ0NBQWdCLENBQUMsVUFBVSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLFNBQVMsU0FBUyxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztJQUN6RyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQ04sQ0FBQztBQUVELEtBQUssVUFBVSxlQUFlLENBQUMsUUFBZ0IsRUFBRSxlQUFpQyxFQUFFLFlBQTBCO0lBQzVHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsT0FBTyxFQUFFLEVBQUUsRUFBRTtRQUMvRCxPQUFPLGdDQUFnQixDQUFDLFNBQVMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxTQUFTLE9BQU8sUUFBUSxFQUFFLEVBQUUsWUFBWSxDQUFDLENBQUM7SUFDdEcsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNOLENBQUM7QUFFRCxLQUFLLFVBQVUsZ0JBQWdCLENBQzdCLFFBQWdCLEVBQ2hCLGVBQWlDLEVBQ2pDLFlBQTBCLEVBQzFCLHFCQUFxRTtJQUVyRSxNQUFNLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQztJQUM5QyxJQUFJLFlBQVksQ0FBQyxXQUFXLEtBQUssZUFBZSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUgsTUFBTSxlQUFlLENBQUMsUUFBUSxFQUFFLGVBQWUsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUMvRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsTUFBTSxXQUFXLEdBQUcscUJBQXFCLENBQUMsUUFBUSxDQUFDO0lBQ25ELElBQUksV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUM1QixNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7S0FDMUI7SUFFRCxNQUFNLGtCQUFrQixHQUFHLHFCQUFxQixDQUFDLGVBQWUsQ0FBQztJQUNqRSxJQUFJLGtCQUFrQixLQUFLLGVBQWUsRUFBRTtRQUMxQyxNQUFNLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxrQkFBa0IsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNuRSxNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7S0FDM0I7SUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxDQUFDO0FBQzVCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbmltcG9ydCB7IGV4ZWN1dGVTdGF0ZW1lbnQgfSBmcm9tICcuL3JlZHNoaWZ0LWRhdGEnO1xuaW1wb3J0IHsgQ2x1c3RlclByb3BzIH0gZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBtYWtlUGh5c2ljYWxJZCB9IGZyb20gJy4vdXRpbCc7XG5pbXBvcnQgeyBUYWJsZVByaXZpbGVnZSwgVXNlclRhYmxlUHJpdmlsZWdlc0hhbmRsZXJQcm9wcyB9IGZyb20gJy4uL2hhbmRsZXItcHJvcHMnO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlclRhYmxlUHJpdmlsZWdlc0hhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgdGFibGVQcml2aWxlZ2VzID0gcHJvcHMudGFibGVQcml2aWxlZ2VzO1xuICBjb25zdCBjbHVzdGVyUHJvcHMgPSBwcm9wcztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIH07XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgcmV2b2tlUHJpdmlsZWdlcyh1c2VybmFtZSwgdGFibGVQcml2aWxlZ2VzLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVByaXZpbGVnZXMoXG4gICAgICB1c2VybmFtZSxcbiAgICAgIHRhYmxlUHJpdmlsZWdlcyxcbiAgICAgIGNsdXN0ZXJQcm9wcyxcbiAgICAgIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuICAgICk7XG4gICAgY29uc3QgcGh5c2ljYWxJZCA9IHJlcGxhY2UgPyBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxJZCB9O1xuICB9IGVsc2Uge1xuICAgIC8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBkb3Qtbm90YXRpb24gKi9cbiAgICB0aHJvdyBuZXcgRXJyb3IoYFVucmVjb2duaXplZCBldmVudCB0eXBlOiAke2V2ZW50WydSZXF1ZXN0VHlwZSddfWApO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHJldm9rZVByaXZpbGVnZXModXNlcm5hbWU6IHN0cmluZywgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBhd2FpdCBQcm9taXNlLmFsbCh0YWJsZVByaXZpbGVnZXMubWFwKCh7IHRhYmxlTmFtZSwgYWN0aW9ucyB9KSA9PiB7XG4gICAgcmV0dXJuIGV4ZWN1dGVTdGF0ZW1lbnQoYFJFVk9LRSAke2FjdGlvbnMuam9pbignLCAnKX0gT04gJHt0YWJsZU5hbWV9IEZST00gJHt1c2VybmFtZX1gLCBjbHVzdGVyUHJvcHMpO1xuICB9KSk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGdyYW50UHJpdmlsZWdlcyh1c2VybmFtZTogc3RyaW5nLCB0YWJsZVByaXZpbGVnZXM6IFRhYmxlUHJpdmlsZWdlW10sIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzKSB7XG4gIGF3YWl0IFByb21pc2UuYWxsKHRhYmxlUHJpdmlsZWdlcy5tYXAoKHsgdGFibGVOYW1lLCBhY3Rpb25zIH0pID0+IHtcbiAgICByZXR1cm4gZXhlY3V0ZVN0YXRlbWVudChgR1JBTlQgJHthY3Rpb25zLmpvaW4oJywgJyl9IE9OICR7dGFibGVOYW1lfSBUTyAke3VzZXJuYW1lfWAsIGNsdXN0ZXJQcm9wcyk7XG4gIH0pKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gdXBkYXRlUHJpdmlsZWdlcyhcbiAgdXNlcm5hbWU6IHN0cmluZyxcbiAgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLFxuICBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcyxcbiAgb2xkUmVzb3VyY2VQcm9wZXJ0aWVzOiBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuKTogUHJvbWlzZTx7IHJlcGxhY2U6IGJvb2xlYW4gfT4ge1xuICBjb25zdCBvbGRDbHVzdGVyUHJvcHMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXM7XG4gIGlmIChjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSB8fCBjbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogdHJ1ZSB9O1xuICB9XG5cbiAgY29uc3Qgb2xkVXNlcm5hbWUgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudXNlcm5hbWU7XG4gIGlmIChvbGRVc2VybmFtZSAhPT0gdXNlcm5hbWUpIHtcbiAgICBhd2FpdCBncmFudFByaXZpbGVnZXModXNlcm5hbWUsIHRhYmxlUHJpdmlsZWdlcywgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRUYWJsZVByaXZpbGVnZXMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVQcml2aWxlZ2VzO1xuICBpZiAob2xkVGFibGVQcml2aWxlZ2VzICE9PSB0YWJsZVByaXZpbGVnZXMpIHtcbiAgICBhd2FpdCByZXZva2VQcml2aWxlZ2VzKHVzZXJuYW1lLCBvbGRUYWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbiAgfVxuXG4gIHJldHVybiB7IHJlcGxhY2U6IGZhbHNlIH07XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/redshift-data.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js similarity index 100% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/redshift-data.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js new file mode 100644 index 0000000000000..e31afe4b9ef0b --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js @@ -0,0 +1,148 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const redshift_data_1 = require("./redshift-data"); +const types_1 = require("./types"); +const util_1 = require("./util"); +async function handler(props, event) { + const tableNamePrefix = props.tableName.prefix; + const tableNameSuffix = props.tableName.generateSuffix === 'true' ? `${event.RequestId.substring(0, 8)}` : ''; + const tableColumns = props.tableColumns; + const tableAndClusterProps = props; + const useColumnIds = props.useColumnIds; + if (event.RequestType === 'Create') { + const tableName = await createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + return { PhysicalResourceId: tableName }; + } + else if (event.RequestType === 'Delete') { + await dropTable(event.PhysicalResourceId, tableAndClusterProps); + return; + } + else if (event.RequestType === 'Update') { + const tableName = await updateTable(event.PhysicalResourceId, tableNamePrefix, tableNameSuffix, tableColumns, useColumnIds, tableAndClusterProps, event.OldResourceProperties); + return { PhysicalResourceId: tableName }; + } + else { + /* eslint-disable-next-line dot-notation */ + throw new Error(`Unrecognized event type: ${event['RequestType']}`); + } +} +exports.handler = handler; +async function createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps) { + const tableName = tableNamePrefix + tableNameSuffix; + const tableColumnsString = tableColumns.map(column => `${column.name} ${column.dataType}`).join(); + let statement = `CREATE TABLE ${tableName} (${tableColumnsString})`; + if (tableAndClusterProps.distStyle) { + statement += ` DISTSTYLE ${tableAndClusterProps.distStyle}`; + } + const distKeyColumn = util_1.getDistKeyColumn(tableColumns); + if (distKeyColumn) { + statement += ` DISTKEY(${distKeyColumn.name})`; + } + const sortKeyColumns = util_1.getSortKeyColumns(tableColumns); + if (sortKeyColumns.length > 0) { + const sortKeyColumnsString = getSortKeyColumnsString(sortKeyColumns); + statement += ` ${tableAndClusterProps.sortStyle} SORTKEY(${sortKeyColumnsString})`; + } + await redshift_data_1.executeStatement(statement, tableAndClusterProps); + if (tableAndClusterProps.tableComment) { + await redshift_data_1.executeStatement(`COMMENT ON TABLE ${tableName} IS '${tableAndClusterProps.tableComment}'`, tableAndClusterProps); + } + return tableName; +} +async function dropTable(tableName, clusterProps) { + await redshift_data_1.executeStatement(`DROP TABLE ${tableName}`, clusterProps); +} +async function updateTable(tableName, tableNamePrefix, tableNameSuffix, tableColumns, useColumnIds, tableAndClusterProps, oldResourceProperties) { + const alterationStatements = []; + const oldClusterProps = oldResourceProperties; + if (tableAndClusterProps.clusterName !== oldClusterProps.clusterName || tableAndClusterProps.databaseName !== oldClusterProps.databaseName) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + const oldTableNamePrefix = oldResourceProperties.tableName.prefix; + if (tableNamePrefix !== oldTableNamePrefix) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + const oldTableColumns = oldResourceProperties.tableColumns; + const columnDeletions = oldTableColumns.filter(oldColumn => (tableColumns.every(column => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id !== column.id : oldColumn.name !== column.name; + } + return oldColumn.name !== column.name; + }))); + if (columnDeletions.length > 0) { + alterationStatements.push(...columnDeletions.map(column => `ALTER TABLE ${tableName} DROP COLUMN ${column.name}`)); + } + const columnAdditions = tableColumns.filter(column => { + return !oldTableColumns.some(oldColumn => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id === column.id : oldColumn.name === column.name; + } + return oldColumn.name === column.name; + }); + }).map(column => `ADD ${column.name} ${column.dataType}`); + if (columnAdditions.length > 0) { + alterationStatements.push(...columnAdditions.map(addition => `ALTER TABLE ${tableName} ${addition}`)); + } + if (useColumnIds) { + const columnNameUpdates = tableColumns.reduce((updates, column) => { + const oldColumn = oldTableColumns.find(oldCol => oldCol.id && oldCol.id === column.id); + if (oldColumn && oldColumn.name !== column.name) { + updates[oldColumn.name] = column.name; + } + return updates; + }, {}); + if (Object.keys(columnNameUpdates).length > 0) { + alterationStatements.push(...Object.entries(columnNameUpdates).map(([oldName, newName]) => (`ALTER TABLE ${tableName} RENAME COLUMN ${oldName} TO ${newName}`))); + } + } + const oldDistStyle = oldResourceProperties.distStyle; + if ((!oldDistStyle && tableAndClusterProps.distStyle) || + (oldDistStyle && !tableAndClusterProps.distStyle)) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + else if (oldDistStyle !== tableAndClusterProps.distStyle) { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTSTYLE ${tableAndClusterProps.distStyle}`); + } + const oldDistKey = util_1.getDistKeyColumn(oldTableColumns)?.name; + const newDistKey = util_1.getDistKeyColumn(tableColumns)?.name; + if ((!oldDistKey && newDistKey) || (oldDistKey && !newDistKey)) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + else if (oldDistKey !== newDistKey) { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTKEY ${newDistKey}`); + } + const oldSortKeyColumns = util_1.getSortKeyColumns(oldTableColumns); + const newSortKeyColumns = util_1.getSortKeyColumns(tableColumns); + const oldSortStyle = oldResourceProperties.sortStyle; + const newSortStyle = tableAndClusterProps.sortStyle; + if ((oldSortStyle === newSortStyle && !util_1.areColumnsEqual(oldSortKeyColumns, newSortKeyColumns)) + || (oldSortStyle !== newSortStyle)) { + switch (newSortStyle) { + case types_1.TableSortStyle.INTERLEAVED: + // INTERLEAVED sort key addition requires replacement. + // https://docs.aws.amazon.com/redshift/latest/dg/r_ALTER_TABLE.html + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + case types_1.TableSortStyle.COMPOUND: { + const sortKeyColumnsString = getSortKeyColumnsString(newSortKeyColumns); + alterationStatements.push(`ALTER TABLE ${tableName} ALTER ${newSortStyle} SORTKEY(${sortKeyColumnsString})`); + break; + } + case types_1.TableSortStyle.AUTO: { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER SORTKEY ${newSortStyle}`); + break; + } + } + } + const oldComment = oldResourceProperties.tableComment; + const newComment = tableAndClusterProps.tableComment; + if (oldComment !== newComment) { + alterationStatements.push(`COMMENT ON TABLE ${tableName} IS ${newComment ? `'${newComment}'` : 'NULL'}`); + } + await Promise.all(alterationStatements.map(statement => redshift_data_1.executeStatement(statement, tableAndClusterProps))); + return tableName; +} +function getSortKeyColumnsString(sortKeyColumns) { + return sortKeyColumns.map(column => column.name).join(); +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGFibGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJ0YWJsZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSxtREFBbUQ7QUFDbkQsbUNBQTZFO0FBQzdFLGlDQUE4RTtBQUd2RSxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQTJCLEVBQUUsS0FBa0Q7SUFDM0csTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUM7SUFDL0MsTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxjQUFjLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7SUFDOUcsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQVksQ0FBQztJQUN4QyxNQUFNLG9CQUFvQixHQUFHLEtBQUssQ0FBQztJQUNuQyxNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsWUFBWSxDQUFDO0lBRXhDLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDbEMsTUFBTSxTQUFTLEdBQUcsTUFBTSxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUMxRyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsU0FBUyxFQUFFLENBQUM7S0FDMUM7U0FBTSxJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ3pDLE1BQU0sU0FBUyxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2hFLE9BQU87S0FDUjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxTQUFTLEdBQUcsTUFBTSxXQUFXLENBQ2pDLEtBQUssQ0FBQyxrQkFBa0IsRUFDeEIsZUFBZSxFQUNmLGVBQWUsRUFDZixZQUFZLEVBQ1osWUFBWSxFQUNaLG9CQUFvQixFQUNwQixLQUFLLENBQUMscUJBQTZDLENBQ3BELENBQUM7UUFDRixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsU0FBUyxFQUFFLENBQUM7S0FDMUM7U0FBTTtRQUNMLDJDQUEyQztRQUMzQyxNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixLQUFLLENBQUMsYUFBYSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0tBQ3JFO0FBQ0gsQ0FBQztBQTVCRCwwQkE0QkM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixvQkFBMEM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsZUFBZSxHQUFHLGVBQWUsQ0FBQztJQUNwRCxNQUFNLGtCQUFrQixHQUFHLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7SUFFbEcsSUFBSSxTQUFTLEdBQUcsZ0JBQWdCLFNBQVMsS0FBSyxrQkFBa0IsR0FBRyxDQUFDO0lBRXBFLElBQUksb0JBQW9CLENBQUMsU0FBUyxFQUFFO1FBQ2xDLFNBQVMsSUFBSSxjQUFjLG9CQUFvQixDQUFDLFNBQVMsRUFBRSxDQUFDO0tBQzdEO0lBRUQsTUFBTSxhQUFhLEdBQUcsdUJBQWdCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDckQsSUFBSSxhQUFhLEVBQUU7UUFDakIsU0FBUyxJQUFJLFlBQVksYUFBYSxDQUFDLElBQUksR0FBRyxDQUFDO0tBQ2hEO0lBRUQsTUFBTSxjQUFjLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDdkQsSUFBSSxjQUFjLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtRQUM3QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQ3JFLFNBQVMsSUFBSSxJQUFJLG9CQUFvQixDQUFDLFNBQVMsWUFBWSxvQkFBb0IsR0FBRyxDQUFDO0tBQ3BGO0lBRUQsTUFBTSxnQ0FBZ0IsQ0FBQyxTQUFTLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztJQUV4RCxJQUFJLG9CQUFvQixDQUFDLFlBQVksRUFBRTtRQUNyQyxNQUFNLGdDQUFnQixDQUFDLG9CQUFvQixTQUFTLFFBQVEsb0JBQW9CLENBQUMsWUFBWSxHQUFHLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUN6SDtJQUVELE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxLQUFLLFVBQVUsU0FBUyxDQUFDLFNBQWlCLEVBQUUsWUFBMEI7SUFDcEUsTUFBTSxnQ0FBZ0IsQ0FBQyxjQUFjLFNBQVMsRUFBRSxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ2xFLENBQUM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixTQUFpQixFQUNqQixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixZQUFxQixFQUNyQixvQkFBMEMsRUFDMUMscUJBQTJDO0lBRTNDLE1BQU0sb0JBQW9CLEdBQWEsRUFBRSxDQUFDO0lBRTFDLE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksb0JBQW9CLENBQUMsV0FBVyxLQUFLLGVBQWUsQ0FBQyxXQUFXLElBQUksb0JBQW9CLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUksT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtJQUVELE1BQU0sa0JBQWtCLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQztJQUNsRSxJQUFJLGVBQWUsS0FBSyxrQkFBa0IsRUFBRTtRQUMxQyxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO0lBRUQsTUFBTSxlQUFlLEdBQUcscUJBQXFCLENBQUMsWUFBWSxDQUFDO0lBQzNELE1BQU0sZUFBZSxHQUFHLGVBQWUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUMxRCxZQUFZLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxFQUFFO1FBQzFCLElBQUksWUFBWSxFQUFFO1lBQ2hCLE9BQU8sU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLEVBQUUsS0FBSyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsSUFBSSxLQUFLLE1BQU0sQ0FBQyxJQUFJLENBQUM7U0FDbkY7UUFDRCxPQUFPLFNBQVMsQ0FBQyxJQUFJLEtBQUssTUFBTSxDQUFDLElBQUksQ0FBQztJQUN4QyxDQUFDLENBQUMsQ0FDSCxDQUFDLENBQUM7SUFDSCxJQUFJLGVBQWUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1FBQzlCLG9CQUFvQixDQUFDLElBQUksQ0FBQyxHQUFHLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxlQUFlLFNBQVMsZ0JBQWdCLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUM7S0FDcEg7SUFFRCxNQUFNLGVBQWUsR0FBRyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxFQUFFO1FBQ25ELE9BQU8sQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFO1lBQ3ZDLElBQUksWUFBWSxFQUFFO2dCQUNoQixPQUFPLFNBQVMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEtBQUssTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLElBQUksS0FBSyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQ25GO1lBQ0QsT0FBTyxTQUFTLENBQUMsSUFBSSxLQUFLLE1BQU0sQ0FBQyxJQUFJLENBQUM7UUFDeEMsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxPQUFPLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDMUQsSUFBSSxlQUFlLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtRQUM5QixvQkFBb0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxlQUFlLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsZUFBZSxTQUFTLElBQUksUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDO0tBQ3ZHO0lBRUQsSUFBSSxZQUFZLEVBQUU7UUFDaEIsTUFBTSxpQkFBaUIsR0FBRyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQ2hFLE1BQU0sU0FBUyxHQUFHLGVBQWUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsRUFBRSxJQUFJLE1BQU0sQ0FBQyxFQUFFLEtBQUssTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZGLElBQUksU0FBUyxJQUFJLFNBQVMsQ0FBQyxJQUFJLEtBQUssTUFBTSxDQUFDLElBQUksRUFBRTtnQkFDL0MsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQ3ZDO1lBQ0QsT0FBTyxPQUFPLENBQUM7UUFDakIsQ0FBQyxFQUFFLEVBQTRCLENBQUMsQ0FBQztRQUNqQyxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1lBQzdDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxPQUFPLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FDekYsZUFBZSxTQUFTLGtCQUFrQixPQUFPLE9BQU8sT0FBTyxFQUFFLENBQ2xFLENBQUMsQ0FBQyxDQUFDO1NBQ0w7S0FDRjtJQUVELE1BQU0sWUFBWSxHQUFHLHFCQUFxQixDQUFDLFNBQVMsQ0FBQztJQUNyRCxJQUFJLENBQUMsQ0FBQyxZQUFZLElBQUksb0JBQW9CLENBQUMsU0FBUyxDQUFDO1FBQ25ELENBQUMsWUFBWSxJQUFJLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLEVBQUU7UUFDbkQsT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtTQUFNLElBQUksWUFBWSxLQUFLLG9CQUFvQixDQUFDLFNBQVMsRUFBRTtRQUMxRCxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsZUFBZSxTQUFTLG9CQUFvQixvQkFBb0IsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO0tBQ3pHO0lBRUQsTUFBTSxVQUFVLEdBQUcsdUJBQWdCLENBQUMsZUFBZSxDQUFDLEVBQUUsSUFBSSxDQUFDO0lBQzNELE1BQU0sVUFBVSxHQUFHLHVCQUFnQixDQUFDLFlBQVksQ0FBQyxFQUFFLElBQUksQ0FBQztJQUN4RCxJQUFJLENBQUMsQ0FBQyxVQUFVLElBQUksVUFBVSxDQUFFLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRTtRQUMvRCxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO1NBQU0sSUFBSSxVQUFVLEtBQUssVUFBVSxFQUFFO1FBQ3BDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFVBQVUsRUFBRSxDQUFDLENBQUM7S0FDbkY7SUFFRCxNQUFNLGlCQUFpQixHQUFHLHdCQUFpQixDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQzdELE1BQU0saUJBQWlCLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDMUQsTUFBTSxZQUFZLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDO0lBQ3JELE1BQU0sWUFBWSxHQUFHLG9CQUFvQixDQUFDLFNBQVMsQ0FBQztJQUNwRCxJQUFJLENBQUMsWUFBWSxLQUFLLFlBQVksSUFBSSxDQUFDLHNCQUFlLENBQUMsaUJBQWlCLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztXQUN4RixDQUFDLFlBQVksS0FBSyxZQUFZLENBQUMsRUFBRTtRQUNwQyxRQUFRLFlBQVksRUFBRTtZQUNwQixLQUFLLHNCQUFjLENBQUMsV0FBVztnQkFDN0Isc0RBQXNEO2dCQUN0RCxvRUFBb0U7Z0JBQ3BFLE9BQU8sV0FBVyxDQUFDLGVBQWUsRUFBRSxlQUFlLEVBQUUsWUFBWSxFQUFFLG9CQUFvQixDQUFDLENBQUM7WUFFM0YsS0FBSyxzQkFBYyxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUM1QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGlCQUFpQixDQUFDLENBQUM7Z0JBQ3hFLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsVUFBVSxZQUFZLFlBQVksb0JBQW9CLEdBQUcsQ0FBQyxDQUFDO2dCQUM3RyxNQUFNO2FBQ1A7WUFFRCxLQUFLLHNCQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ3hCLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFlBQVksRUFBRSxDQUFDLENBQUM7Z0JBQ3BGLE1BQU07YUFDUDtTQUNGO0tBQ0Y7SUFFRCxNQUFNLFVBQVUsR0FBRyxxQkFBcUIsQ0FBQyxZQUFZLENBQUM7SUFDdEQsTUFBTSxVQUFVLEdBQUcsb0JBQW9CLENBQUMsWUFBWSxDQUFDO0lBQ3JELElBQUksVUFBVSxLQUFLLFVBQVUsRUFBRTtRQUM3QixvQkFBb0IsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLFNBQVMsT0FBTyxVQUFVLENBQUMsQ0FBQyxDQUFDLElBQUksVUFBVSxHQUFHLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7S0FDMUc7SUFFRCxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsZ0NBQWdCLENBQUMsU0FBUyxFQUFFLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxDQUFDO0lBRTVHLE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxTQUFTLHVCQUF1QixDQUFDLGNBQXdCO0lBQ3ZELE9BQU8sY0FBYyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztBQUMxRCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcywgVGFibGVBbmRDbHVzdGVyUHJvcHMsIFRhYmxlU29ydFN0eWxlIH0gZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBhcmVDb2x1bW5zRXF1YWwsIGdldERpc3RLZXlDb2x1bW4sIGdldFNvcnRLZXlDb2x1bW5zIH0gZnJvbSAnLi91dGlsJztcbmltcG9ydCB7IENvbHVtbiB9IGZyb20gJy4uLy4uL3RhYmxlJztcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIocHJvcHM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLCBldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCkge1xuICBjb25zdCB0YWJsZU5hbWVQcmVmaXggPSBwcm9wcy50YWJsZU5hbWUucHJlZml4O1xuICBjb25zdCB0YWJsZU5hbWVTdWZmaXggPSBwcm9wcy50YWJsZU5hbWUuZ2VuZXJhdGVTdWZmaXggPT09ICd0cnVlJyA/IGAke2V2ZW50LlJlcXVlc3RJZC5zdWJzdHJpbmcoMCwgOCl9YCA6ICcnO1xuICBjb25zdCB0YWJsZUNvbHVtbnMgPSBwcm9wcy50YWJsZUNvbHVtbnM7XG4gIGNvbnN0IHRhYmxlQW5kQ2x1c3RlclByb3BzID0gcHJvcHM7XG4gIGNvbnN0IHVzZUNvbHVtbklkcyA9IHByb3BzLnVzZUNvbHVtbklkcztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgY29uc3QgdGFibGVOYW1lID0gYXdhaXQgY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogdGFibGVOYW1lIH07XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgZHJvcFRhYmxlKGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB0YWJsZU5hbWUgPSBhd2FpdCB1cGRhdGVUYWJsZShcbiAgICAgIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCxcbiAgICAgIHRhYmxlTmFtZVByZWZpeCxcbiAgICAgIHRhYmxlTmFtZVN1ZmZpeCxcbiAgICAgIHRhYmxlQ29sdW1ucyxcbiAgICAgIHVzZUNvbHVtbklkcyxcbiAgICAgIHRhYmxlQW5kQ2x1c3RlclByb3BzLFxuICAgICAgZXZlbnQuT2xkUmVzb3VyY2VQcm9wZXJ0aWVzIGFzIFRhYmxlQW5kQ2x1c3RlclByb3BzLFxuICAgICk7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiB0YWJsZU5hbWUgfTtcbiAgfSBlbHNlIHtcbiAgICAvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgZG90LW5vdGF0aW9uICovXG4gICAgdGhyb3cgbmV3IEVycm9yKGBVbnJlY29nbml6ZWQgZXZlbnQgdHlwZTogJHtldmVudFsnUmVxdWVzdFR5cGUnXX1gKTtcbiAgfVxufVxuXG5hc3luYyBmdW5jdGlvbiBjcmVhdGVUYWJsZShcbiAgdGFibGVOYW1lUHJlZml4OiBzdHJpbmcsXG4gIHRhYmxlTmFtZVN1ZmZpeDogc3RyaW5nLFxuICB0YWJsZUNvbHVtbnM6IENvbHVtbltdLFxuICB0YWJsZUFuZENsdXN0ZXJQcm9wczogVGFibGVBbmRDbHVzdGVyUHJvcHMsXG4pOiBQcm9taXNlPHN0cmluZz4ge1xuICBjb25zdCB0YWJsZU5hbWUgPSB0YWJsZU5hbWVQcmVmaXggKyB0YWJsZU5hbWVTdWZmaXg7XG4gIGNvbnN0IHRhYmxlQ29sdW1uc1N0cmluZyA9IHRhYmxlQ29sdW1ucy5tYXAoY29sdW1uID0+IGAke2NvbHVtbi5uYW1lfSAke2NvbHVtbi5kYXRhVHlwZX1gKS5qb2luKCk7XG5cbiAgbGV0IHN0YXRlbWVudCA9IGBDUkVBVEUgVEFCTEUgJHt0YWJsZU5hbWV9ICgke3RhYmxlQ29sdW1uc1N0cmluZ30pYDtcblxuICBpZiAodGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlKSB7XG4gICAgc3RhdGVtZW50ICs9IGAgRElTVFNUWUxFICR7dGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlfWA7XG4gIH1cblxuICBjb25zdCBkaXN0S2V5Q29sdW1uID0gZ2V0RGlzdEtleUNvbHVtbih0YWJsZUNvbHVtbnMpO1xuICBpZiAoZGlzdEtleUNvbHVtbikge1xuICAgIHN0YXRlbWVudCArPSBgIERJU1RLRVkoJHtkaXN0S2V5Q29sdW1uLm5hbWV9KWA7XG4gIH1cblxuICBjb25zdCBzb3J0S2V5Q29sdW1ucyA9IGdldFNvcnRLZXlDb2x1bW5zKHRhYmxlQ29sdW1ucyk7XG4gIGlmIChzb3J0S2V5Q29sdW1ucy5sZW5ndGggPiAwKSB7XG4gICAgY29uc3Qgc29ydEtleUNvbHVtbnNTdHJpbmcgPSBnZXRTb3J0S2V5Q29sdW1uc1N0cmluZyhzb3J0S2V5Q29sdW1ucyk7XG4gICAgc3RhdGVtZW50ICs9IGAgJHt0YWJsZUFuZENsdXN0ZXJQcm9wcy5zb3J0U3R5bGV9IFNPUlRLRVkoJHtzb3J0S2V5Q29sdW1uc1N0cmluZ30pYDtcbiAgfVxuXG4gIGF3YWl0IGV4ZWN1dGVTdGF0ZW1lbnQoc3RhdGVtZW50LCB0YWJsZUFuZENsdXN0ZXJQcm9wcyk7XG5cbiAgaWYgKHRhYmxlQW5kQ2x1c3RlclByb3BzLnRhYmxlQ29tbWVudCkge1xuICAgIGF3YWl0IGV4ZWN1dGVTdGF0ZW1lbnQoYENPTU1FTlQgT04gVEFCTEUgJHt0YWJsZU5hbWV9IElTICcke3RhYmxlQW5kQ2x1c3RlclByb3BzLnRhYmxlQ29tbWVudH0nYCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9XG5cbiAgcmV0dXJuIHRhYmxlTmFtZTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZHJvcFRhYmxlKHRhYmxlTmFtZTogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBhd2FpdCBleGVjdXRlU3RhdGVtZW50KGBEUk9QIFRBQkxFICR7dGFibGVOYW1lfWAsIGNsdXN0ZXJQcm9wcyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHVwZGF0ZVRhYmxlKFxuICB0YWJsZU5hbWU6IHN0cmluZyxcbiAgdGFibGVOYW1lUHJlZml4OiBzdHJpbmcsXG4gIHRhYmxlTmFtZVN1ZmZpeDogc3RyaW5nLFxuICB0YWJsZUNvbHVtbnM6IENvbHVtbltdLFxuICB1c2VDb2x1bW5JZHM6IGJvb2xlYW4sXG4gIHRhYmxlQW5kQ2x1c3RlclByb3BzOiBUYWJsZUFuZENsdXN0ZXJQcm9wcyxcbiAgb2xkUmVzb3VyY2VQcm9wZXJ0aWVzOiBUYWJsZUFuZENsdXN0ZXJQcm9wcyxcbik6IFByb21pc2U8c3RyaW5nPiB7XG4gIGNvbnN0IGFsdGVyYXRpb25TdGF0ZW1lbnRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gIGNvbnN0IG9sZENsdXN0ZXJQcm9wcyA9IG9sZFJlc291cmNlUHJvcGVydGllcztcbiAgaWYgKHRhYmxlQW5kQ2x1c3RlclByb3BzLmNsdXN0ZXJOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgfHwgdGFibGVBbmRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfVxuXG4gIGNvbnN0IG9sZFRhYmxlTmFtZVByZWZpeCA9IG9sZFJlc291cmNlUHJvcGVydGllcy50YWJsZU5hbWUucHJlZml4O1xuICBpZiAodGFibGVOYW1lUHJlZml4ICE9PSBvbGRUYWJsZU5hbWVQcmVmaXgpIHtcbiAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9XG5cbiAgY29uc3Qgb2xkVGFibGVDb2x1bW5zID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnRhYmxlQ29sdW1ucztcbiAgY29uc3QgY29sdW1uRGVsZXRpb25zID0gb2xkVGFibGVDb2x1bW5zLmZpbHRlcihvbGRDb2x1bW4gPT4gKFxuICAgIHRhYmxlQ29sdW1ucy5ldmVyeShjb2x1bW4gPT4ge1xuICAgICAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgICAgICByZXR1cm4gb2xkQ29sdW1uLmlkID8gb2xkQ29sdW1uLmlkICE9PSBjb2x1bW4uaWQgOiBvbGRDb2x1bW4ubmFtZSAhPT0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gb2xkQ29sdW1uLm5hbWUgIT09IGNvbHVtbi5uYW1lO1xuICAgIH0pXG4gICkpO1xuICBpZiAoY29sdW1uRGVsZXRpb25zLmxlbmd0aCA+IDApIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKC4uLmNvbHVtbkRlbGV0aW9ucy5tYXAoY29sdW1uID0+IGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gRFJPUCBDT0xVTU4gJHtjb2x1bW4ubmFtZX1gKSk7XG4gIH1cblxuICBjb25zdCBjb2x1bW5BZGRpdGlvbnMgPSB0YWJsZUNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiB7XG4gICAgcmV0dXJuICFvbGRUYWJsZUNvbHVtbnMuc29tZShvbGRDb2x1bW4gPT4ge1xuICAgICAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgICAgICByZXR1cm4gb2xkQ29sdW1uLmlkID8gb2xkQ29sdW1uLmlkID09PSBjb2x1bW4uaWQgOiBvbGRDb2x1bW4ubmFtZSA9PT0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gb2xkQ29sdW1uLm5hbWUgPT09IGNvbHVtbi5uYW1lO1xuICAgIH0pO1xuICB9KS5tYXAoY29sdW1uID0+IGBBREQgJHtjb2x1bW4ubmFtZX0gJHtjb2x1bW4uZGF0YVR5cGV9YCk7XG4gIGlmIChjb2x1bW5BZGRpdGlvbnMubGVuZ3RoID4gMCkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goLi4uY29sdW1uQWRkaXRpb25zLm1hcChhZGRpdGlvbiA9PiBgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9ICR7YWRkaXRpb259YCkpO1xuICB9XG5cbiAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgIGNvbnN0IGNvbHVtbk5hbWVVcGRhdGVzID0gdGFibGVDb2x1bW5zLnJlZHVjZSgodXBkYXRlcywgY29sdW1uKSA9PiB7XG4gICAgICBjb25zdCBvbGRDb2x1bW4gPSBvbGRUYWJsZUNvbHVtbnMuZmluZChvbGRDb2wgPT4gb2xkQ29sLmlkICYmIG9sZENvbC5pZCA9PT0gY29sdW1uLmlkKTtcbiAgICAgIGlmIChvbGRDb2x1bW4gJiYgb2xkQ29sdW1uLm5hbWUgIT09IGNvbHVtbi5uYW1lKSB7XG4gICAgICAgIHVwZGF0ZXNbb2xkQ29sdW1uLm5hbWVdID0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gdXBkYXRlcztcbiAgICB9LCB7fSBhcyBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+KTtcbiAgICBpZiAoT2JqZWN0LmtleXMoY29sdW1uTmFtZVVwZGF0ZXMpLmxlbmd0aCA+IDApIHtcbiAgICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goLi4uT2JqZWN0LmVudHJpZXMoY29sdW1uTmFtZVVwZGF0ZXMpLm1hcCgoW29sZE5hbWUsIG5ld05hbWVdKSA9PiAoXG4gICAgICAgIGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gUkVOQU1FIENPTFVNTiAke29sZE5hbWV9IFRPICR7bmV3TmFtZX1gXG4gICAgICApKSk7XG4gICAgfVxuICB9XG5cbiAgY29uc3Qgb2xkRGlzdFN0eWxlID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLmRpc3RTdHlsZTtcbiAgaWYgKCghb2xkRGlzdFN0eWxlICYmIHRhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZSkgfHxcbiAgICAob2xkRGlzdFN0eWxlICYmICF0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGUpKSB7XG4gICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfSBlbHNlIGlmIChvbGREaXN0U3R5bGUgIT09IHRhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZSkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goYEFMVEVSIFRBQkxFICR7dGFibGVOYW1lfSBBTFRFUiBESVNUU1RZTEUgJHt0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGV9YCk7XG4gIH1cblxuICBjb25zdCBvbGREaXN0S2V5ID0gZ2V0RGlzdEtleUNvbHVtbihvbGRUYWJsZUNvbHVtbnMpPy5uYW1lO1xuICBjb25zdCBuZXdEaXN0S2V5ID0gZ2V0RGlzdEtleUNvbHVtbih0YWJsZUNvbHVtbnMpPy5uYW1lO1xuICBpZiAoKCFvbGREaXN0S2V5ICYmIG5ld0Rpc3RLZXkgKSB8fCAob2xkRGlzdEtleSAmJiAhbmV3RGlzdEtleSkpIHtcbiAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9IGVsc2UgaWYgKG9sZERpc3RLZXkgIT09IG5ld0Rpc3RLZXkpIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gQUxURVIgRElTVEtFWSAke25ld0Rpc3RLZXl9YCk7XG4gIH1cblxuICBjb25zdCBvbGRTb3J0S2V5Q29sdW1ucyA9IGdldFNvcnRLZXlDb2x1bW5zKG9sZFRhYmxlQ29sdW1ucyk7XG4gIGNvbnN0IG5ld1NvcnRLZXlDb2x1bW5zID0gZ2V0U29ydEtleUNvbHVtbnModGFibGVDb2x1bW5zKTtcbiAgY29uc3Qgb2xkU29ydFN0eWxlID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnNvcnRTdHlsZTtcbiAgY29uc3QgbmV3U29ydFN0eWxlID0gdGFibGVBbmRDbHVzdGVyUHJvcHMuc29ydFN0eWxlO1xuICBpZiAoKG9sZFNvcnRTdHlsZSA9PT0gbmV3U29ydFN0eWxlICYmICFhcmVDb2x1bW5zRXF1YWwob2xkU29ydEtleUNvbHVtbnMsIG5ld1NvcnRLZXlDb2x1bW5zKSlcbiAgICB8fCAob2xkU29ydFN0eWxlICE9PSBuZXdTb3J0U3R5bGUpKSB7XG4gICAgc3dpdGNoIChuZXdTb3J0U3R5bGUpIHtcbiAgICAgIGNhc2UgVGFibGVTb3J0U3R5bGUuSU5URVJMRUFWRUQ6XG4gICAgICAgIC8vIElOVEVSTEVBVkVEIHNvcnQga2V5IGFkZGl0aW9uIHJlcXVpcmVzIHJlcGxhY2VtZW50LlxuICAgICAgICAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcmVkc2hpZnQvbGF0ZXN0L2RnL3JfQUxURVJfVEFCTEUuaHRtbFxuICAgICAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuXG4gICAgICBjYXNlIFRhYmxlU29ydFN0eWxlLkNPTVBPVU5EOiB7XG4gICAgICAgIGNvbnN0IHNvcnRLZXlDb2x1bW5zU3RyaW5nID0gZ2V0U29ydEtleUNvbHVtbnNTdHJpbmcobmV3U29ydEtleUNvbHVtbnMpO1xuICAgICAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gQUxURVIgJHtuZXdTb3J0U3R5bGV9IFNPUlRLRVkoJHtzb3J0S2V5Q29sdW1uc1N0cmluZ30pYCk7XG4gICAgICAgIGJyZWFrO1xuICAgICAgfVxuXG4gICAgICBjYXNlIFRhYmxlU29ydFN0eWxlLkFVVE86IHtcbiAgICAgICAgYWx0ZXJhdGlvblN0YXRlbWVudHMucHVzaChgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9IEFMVEVSIFNPUlRLRVkgJHtuZXdTb3J0U3R5bGV9YCk7XG4gICAgICAgIGJyZWFrO1xuICAgICAgfVxuICAgIH1cbiAgfVxuXG4gIGNvbnN0IG9sZENvbW1lbnQgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVDb21tZW50O1xuICBjb25zdCBuZXdDb21tZW50ID0gdGFibGVBbmRDbHVzdGVyUHJvcHMudGFibGVDb21tZW50O1xuICBpZiAob2xkQ29tbWVudCAhPT0gbmV3Q29tbWVudCkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goYENPTU1FTlQgT04gVEFCTEUgJHt0YWJsZU5hbWV9IElTICR7bmV3Q29tbWVudCA/IGAnJHtuZXdDb21tZW50fSdgIDogJ05VTEwnfWApO1xuICB9XG5cbiAgYXdhaXQgUHJvbWlzZS5hbGwoYWx0ZXJhdGlvblN0YXRlbWVudHMubWFwKHN0YXRlbWVudCA9PiBleGVjdXRlU3RhdGVtZW50KHN0YXRlbWVudCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpKSk7XG5cbiAgcmV0dXJuIHRhYmxlTmFtZTtcbn1cblxuZnVuY3Rpb24gZ2V0U29ydEtleUNvbHVtbnNTdHJpbmcoc29ydEtleUNvbHVtbnM6IENvbHVtbltdKSB7XG4gIHJldHVybiBzb3J0S2V5Q29sdW1ucy5tYXAoY29sdW1uID0+IGNvbHVtbi5uYW1lKS5qb2luKCk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/types.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js similarity index 100% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/types.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/user.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js similarity index 97% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/user.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js index f9d12f6798565..f097ae1836462 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/user.js +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js @@ -67,4 +67,4 @@ async function getPasswordFromSecret(passwordSecretArn) { const { password } = JSON.parse(secretString); return password; } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInVzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsZ0VBQWdFO0FBQ2hFLGlFQUFpRTtBQUVqRSxtREFBbUQ7QUFFbkQsaUNBQXdDO0FBRXhDLE1BQU0sY0FBYyxHQUFHLElBQUksY0FBYyxFQUFFLENBQUM7QUFFckMsS0FBSyxVQUFVLE9BQU8sQ0FBQyxLQUFzQyxFQUFFLEtBQWtEO0lBQ3RILE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUM7SUFDaEMsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsaUJBQWlCLENBQUM7SUFDbEQsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDO0lBRTNCLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDbEMsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQzVELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxxQkFBYyxDQUFDLFFBQVEsRUFBRSxZQUFZLEVBQUUsS0FBSyxDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3RIO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLFFBQVEsQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMscUJBQXdELENBQUMsQ0FBQztRQUNoSixNQUFNLFVBQVUsR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQztRQUNoSCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsVUFBVSxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3pFO1NBQU07UUFDTCwyQ0FBMkM7UUFDM0MsTUFBTSxJQUFJLEtBQUssQ0FBQyw0QkFBNEIsS0FBSyxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUNyRTtBQUNILENBQUM7QUFuQkQsMEJBbUJDO0FBRUQsS0FBSyxVQUFVLFFBQVEsQ0FBQyxRQUFnQixFQUFFLFlBQTBCO0lBQ2xFLE1BQU0sZ0NBQWdCLENBQUMsYUFBYSxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNoRSxDQUFDO0FBRUQsS0FBSyxVQUFVLFVBQVUsQ0FBQyxRQUFnQixFQUFFLGlCQUF5QixFQUFFLFlBQTBCO0lBQy9GLE1BQU0sUUFBUSxHQUFHLE1BQU0scUJBQXFCLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUVoRSxNQUFNLGdDQUFnQixDQUFDLGVBQWUsUUFBUSxjQUFjLFFBQVEsR0FBRyxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixRQUFnQixFQUNoQixpQkFBeUIsRUFDekIsWUFBMEIsRUFDMUIscUJBQXNEO0lBRXRELE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksWUFBWSxDQUFDLFdBQVcsS0FBSyxlQUFlLENBQUMsV0FBVyxJQUFJLFlBQVksQ0FBQyxZQUFZLEtBQUssZUFBZSxDQUFDLFlBQVksRUFBRTtRQUMxSCxNQUFNLFVBQVUsQ0FBQyxRQUFRLEVBQUUsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDNUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztLQUMxQjtJQUVELE1BQU0sV0FBVyxHQUFHLHFCQUFxQixDQUFDLFFBQVEsQ0FBQztJQUNuRCxNQUFNLG9CQUFvQixHQUFHLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDO0lBQ3JFLE1BQU0sV0FBVyxHQUFHLE1BQU0scUJBQXFCLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN0RSxNQUFNLFFBQVEsR0FBRyxNQUFNLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFFaEUsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sVUFBVSxDQUFDLFFBQVEsRUFBRSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUM1RCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sZ0NBQWdCLENBQUMsY0FBYyxRQUFRLGNBQWMsUUFBUSxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdEYsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQztLQUMzQjtJQUVELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7QUFDNUIsQ0FBQztBQUVELEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxpQkFBeUI7SUFDNUQsTUFBTSxXQUFXLEdBQUcsTUFBTSxjQUFjLENBQUMsY0FBYyxDQUFDO1FBQ3RELFFBQVEsRUFBRSxpQkFBaUI7S0FDNUIsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ2IsTUFBTSxZQUFZLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQztJQUM5QyxJQUFJLENBQUMsWUFBWSxFQUFFO1FBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMscUJBQXFCLGlCQUFpQixZQUFZLENBQUMsQ0FBQztLQUNyRTtJQUNELE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBRTlDLE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbi8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCAqIGFzIFNlY3JldHNNYW5hZ2VyIGZyb20gJ2F3cy1zZGsvY2xpZW50cy9zZWNyZXRzbWFuYWdlcic7XG5pbXBvcnQgeyBVc2VySGFuZGxlclByb3BzIH0gZnJvbSAnLi4vaGFuZGxlci1wcm9wcyc7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgbWFrZVBoeXNpY2FsSWQgfSBmcm9tICcuL3V0aWwnO1xuXG5jb25zdCBzZWNyZXRzTWFuYWdlciA9IG5ldyBTZWNyZXRzTWFuYWdlcigpO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlckhhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgcGFzc3dvcmRTZWNyZXRBcm4gPSBwcm9wcy5wYXNzd29yZFNlY3JldEFybjtcbiAgY29uc3QgY2x1c3RlclByb3BzID0gcHJvcHM7XG5cbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgIGF3YWl0IGNyZWF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogbWFrZVBoeXNpY2FsSWQodXNlcm5hbWUsIGNsdXN0ZXJQcm9wcywgZXZlbnQuUmVxdWVzdElkKSwgRGF0YTogeyB1c2VybmFtZTogdXNlcm5hbWUgfSB9O1xuICB9IGVsc2UgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJykge1xuICAgIGF3YWl0IGRyb3BVc2VyKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMsIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VySGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzKTtcbiAgICBjb25zdCBwaHlzaWNhbElkID0gcmVwbGFjZSA/IG1ha2VQaHlzaWNhbElkKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMsIGV2ZW50LlJlcXVlc3RJZCkgOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQ7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbElkLCBEYXRhOiB7IHVzZXJuYW1lOiB1c2VybmFtZSB9IH07XG4gIH0gZWxzZSB7XG4gICAgLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGRvdC1ub3RhdGlvbiAqL1xuICAgIHRocm93IG5ldyBFcnJvcihgVW5yZWNvZ25pemVkIGV2ZW50IHR5cGU6ICR7ZXZlbnRbJ1JlcXVlc3RUeXBlJ119YCk7XG4gIH1cbn1cblxuYXN5bmMgZnVuY3Rpb24gZHJvcFVzZXIodXNlcm5hbWU6IHN0cmluZywgY2x1c3RlclByb3BzOiBDbHVzdGVyUHJvcHMpIHtcbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgRFJPUCBVU0VSICR7dXNlcm5hbWV9YCwgY2x1c3RlclByb3BzKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gY3JlYXRlVXNlcih1c2VybmFtZTogc3RyaW5nLCBwYXNzd29yZFNlY3JldEFybjogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBjb25zdCBwYXNzd29yZCA9IGF3YWl0IGdldFBhc3N3b3JkRnJvbVNlY3JldChwYXNzd29yZFNlY3JldEFybik7XG5cbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQ1JFQVRFIFVTRVIgJHt1c2VybmFtZX0gUEFTU1dPUkQgJyR7cGFzc3dvcmR9J2AsIGNsdXN0ZXJQcm9wcyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHVwZGF0ZVVzZXIoXG4gIHVzZXJuYW1lOiBzdHJpbmcsXG4gIHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcsXG4gIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLFxuICBvbGRSZXNvdXJjZVByb3BlcnRpZXM6IFVzZXJIYW5kbGVyUHJvcHMgJiBDbHVzdGVyUHJvcHMsXG4pOiBQcm9taXNlPHsgcmVwbGFjZTogYm9vbGVhbiB9PiB7XG4gIGNvbnN0IG9sZENsdXN0ZXJQcm9wcyA9IG9sZFJlc291cmNlUHJvcGVydGllcztcbiAgaWYgKGNsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSAhPT0gb2xkQ2x1c3RlclByb3BzLmNsdXN0ZXJOYW1lIHx8IGNsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRVc2VybmFtZSA9IG9sZFJlc291cmNlUHJvcGVydGllcy51c2VybmFtZTtcbiAgY29uc3Qgb2xkUGFzc3dvcmRTZWNyZXRBcm4gPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMucGFzc3dvcmRTZWNyZXRBcm47XG4gIGNvbnN0IG9sZFBhc3N3b3JkID0gYXdhaXQgZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KG9sZFBhc3N3b3JkU2VjcmV0QXJuKTtcbiAgY29uc3QgcGFzc3dvcmQgPSBhd2FpdCBnZXRQYXNzd29yZEZyb21TZWNyZXQocGFzc3dvcmRTZWNyZXRBcm4pO1xuXG4gIGlmICh1c2VybmFtZSAhPT0gb2xkVXNlcm5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBpZiAocGFzc3dvcmQgIT09IG9sZFBhc3N3b3JkKSB7XG4gICAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQUxURVIgVVNFUiAke3VzZXJuYW1lfSBQQVNTV09SRCAnJHtwYXNzd29yZH0nYCwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiBmYWxzZSB9O1xuICB9XG5cbiAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcpOiBQcm9taXNlPHN0cmluZz4ge1xuICBjb25zdCBzZWNyZXRWYWx1ZSA9IGF3YWl0IHNlY3JldHNNYW5hZ2VyLmdldFNlY3JldFZhbHVlKHtcbiAgICBTZWNyZXRJZDogcGFzc3dvcmRTZWNyZXRBcm4sXG4gIH0pLnByb21pc2UoKTtcbiAgY29uc3Qgc2VjcmV0U3RyaW5nID0gc2VjcmV0VmFsdWUuU2VjcmV0U3RyaW5nO1xuICBpZiAoIXNlY3JldFN0cmluZykge1xuICAgIHRocm93IG5ldyBFcnJvcihgU2VjcmV0IHN0cmluZyBmb3IgJHtwYXNzd29yZFNlY3JldEFybn0gd2FzIGVtcHR5YCk7XG4gIH1cbiAgY29uc3QgeyBwYXNzd29yZCB9ID0gSlNPTi5wYXJzZShzZWNyZXRTdHJpbmcpO1xuXG4gIHJldHVybiBwYXNzd29yZDtcbn1cbiJdfQ== \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInVzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsZ0VBQWdFO0FBQ2hFLGlFQUFpRTtBQUNqRSxtREFBbUQ7QUFFbkQsaUNBQXdDO0FBR3hDLE1BQU0sY0FBYyxHQUFHLElBQUksY0FBYyxFQUFFLENBQUM7QUFFckMsS0FBSyxVQUFVLE9BQU8sQ0FBQyxLQUFzQyxFQUFFLEtBQWtEO0lBQ3RILE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUM7SUFDaEMsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsaUJBQWlCLENBQUM7SUFDbEQsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDO0lBRTNCLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDbEMsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQzVELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxxQkFBYyxDQUFDLFFBQVEsRUFBRSxZQUFZLEVBQUUsS0FBSyxDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3RIO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLFFBQVEsQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMscUJBQXdELENBQUMsQ0FBQztRQUNoSixNQUFNLFVBQVUsR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQztRQUNoSCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsVUFBVSxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3pFO1NBQU07UUFDTCwyQ0FBMkM7UUFDM0MsTUFBTSxJQUFJLEtBQUssQ0FBQyw0QkFBNEIsS0FBSyxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUNyRTtBQUNILENBQUM7QUFuQkQsMEJBbUJDO0FBRUQsS0FBSyxVQUFVLFFBQVEsQ0FBQyxRQUFnQixFQUFFLFlBQTBCO0lBQ2xFLE1BQU0sZ0NBQWdCLENBQUMsYUFBYSxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNoRSxDQUFDO0FBRUQsS0FBSyxVQUFVLFVBQVUsQ0FBQyxRQUFnQixFQUFFLGlCQUF5QixFQUFFLFlBQTBCO0lBQy9GLE1BQU0sUUFBUSxHQUFHLE1BQU0scUJBQXFCLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUVoRSxNQUFNLGdDQUFnQixDQUFDLGVBQWUsUUFBUSxjQUFjLFFBQVEsR0FBRyxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixRQUFnQixFQUNoQixpQkFBeUIsRUFDekIsWUFBMEIsRUFDMUIscUJBQXNEO0lBRXRELE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksWUFBWSxDQUFDLFdBQVcsS0FBSyxlQUFlLENBQUMsV0FBVyxJQUFJLFlBQVksQ0FBQyxZQUFZLEtBQUssZUFBZSxDQUFDLFlBQVksRUFBRTtRQUMxSCxNQUFNLFVBQVUsQ0FBQyxRQUFRLEVBQUUsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDNUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztLQUMxQjtJQUVELE1BQU0sV0FBVyxHQUFHLHFCQUFxQixDQUFDLFFBQVEsQ0FBQztJQUNuRCxNQUFNLG9CQUFvQixHQUFHLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDO0lBQ3JFLE1BQU0sV0FBVyxHQUFHLE1BQU0scUJBQXFCLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN0RSxNQUFNLFFBQVEsR0FBRyxNQUFNLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFFaEUsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sVUFBVSxDQUFDLFFBQVEsRUFBRSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUM1RCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sZ0NBQWdCLENBQUMsY0FBYyxRQUFRLGNBQWMsUUFBUSxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdEYsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQztLQUMzQjtJQUVELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7QUFDNUIsQ0FBQztBQUVELEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxpQkFBeUI7SUFDNUQsTUFBTSxXQUFXLEdBQUcsTUFBTSxjQUFjLENBQUMsY0FBYyxDQUFDO1FBQ3RELFFBQVEsRUFBRSxpQkFBaUI7S0FDNUIsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ2IsTUFBTSxZQUFZLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQztJQUM5QyxJQUFJLENBQUMsWUFBWSxFQUFFO1FBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMscUJBQXFCLGlCQUFpQixZQUFZLENBQUMsQ0FBQztLQUNyRTtJQUNELE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBRTlDLE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbi8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCAqIGFzIFNlY3JldHNNYW5hZ2VyIGZyb20gJ2F3cy1zZGsvY2xpZW50cy9zZWNyZXRzbWFuYWdlcic7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgbWFrZVBoeXNpY2FsSWQgfSBmcm9tICcuL3V0aWwnO1xuaW1wb3J0IHsgVXNlckhhbmRsZXJQcm9wcyB9IGZyb20gJy4uL2hhbmRsZXItcHJvcHMnO1xuXG5jb25zdCBzZWNyZXRzTWFuYWdlciA9IG5ldyBTZWNyZXRzTWFuYWdlcigpO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlckhhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgcGFzc3dvcmRTZWNyZXRBcm4gPSBwcm9wcy5wYXNzd29yZFNlY3JldEFybjtcbiAgY29uc3QgY2x1c3RlclByb3BzID0gcHJvcHM7XG5cbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgIGF3YWl0IGNyZWF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogbWFrZVBoeXNpY2FsSWQodXNlcm5hbWUsIGNsdXN0ZXJQcm9wcywgZXZlbnQuUmVxdWVzdElkKSwgRGF0YTogeyB1c2VybmFtZTogdXNlcm5hbWUgfSB9O1xuICB9IGVsc2UgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJykge1xuICAgIGF3YWl0IGRyb3BVc2VyKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMsIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VySGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzKTtcbiAgICBjb25zdCBwaHlzaWNhbElkID0gcmVwbGFjZSA/IG1ha2VQaHlzaWNhbElkKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMsIGV2ZW50LlJlcXVlc3RJZCkgOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQ7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbElkLCBEYXRhOiB7IHVzZXJuYW1lOiB1c2VybmFtZSB9IH07XG4gIH0gZWxzZSB7XG4gICAgLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGRvdC1ub3RhdGlvbiAqL1xuICAgIHRocm93IG5ldyBFcnJvcihgVW5yZWNvZ25pemVkIGV2ZW50IHR5cGU6ICR7ZXZlbnRbJ1JlcXVlc3RUeXBlJ119YCk7XG4gIH1cbn1cblxuYXN5bmMgZnVuY3Rpb24gZHJvcFVzZXIodXNlcm5hbWU6IHN0cmluZywgY2x1c3RlclByb3BzOiBDbHVzdGVyUHJvcHMpIHtcbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgRFJPUCBVU0VSICR7dXNlcm5hbWV9YCwgY2x1c3RlclByb3BzKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gY3JlYXRlVXNlcih1c2VybmFtZTogc3RyaW5nLCBwYXNzd29yZFNlY3JldEFybjogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBjb25zdCBwYXNzd29yZCA9IGF3YWl0IGdldFBhc3N3b3JkRnJvbVNlY3JldChwYXNzd29yZFNlY3JldEFybik7XG5cbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQ1JFQVRFIFVTRVIgJHt1c2VybmFtZX0gUEFTU1dPUkQgJyR7cGFzc3dvcmR9J2AsIGNsdXN0ZXJQcm9wcyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHVwZGF0ZVVzZXIoXG4gIHVzZXJuYW1lOiBzdHJpbmcsXG4gIHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcsXG4gIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLFxuICBvbGRSZXNvdXJjZVByb3BlcnRpZXM6IFVzZXJIYW5kbGVyUHJvcHMgJiBDbHVzdGVyUHJvcHMsXG4pOiBQcm9taXNlPHsgcmVwbGFjZTogYm9vbGVhbiB9PiB7XG4gIGNvbnN0IG9sZENsdXN0ZXJQcm9wcyA9IG9sZFJlc291cmNlUHJvcGVydGllcztcbiAgaWYgKGNsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSAhPT0gb2xkQ2x1c3RlclByb3BzLmNsdXN0ZXJOYW1lIHx8IGNsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRVc2VybmFtZSA9IG9sZFJlc291cmNlUHJvcGVydGllcy51c2VybmFtZTtcbiAgY29uc3Qgb2xkUGFzc3dvcmRTZWNyZXRBcm4gPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMucGFzc3dvcmRTZWNyZXRBcm47XG4gIGNvbnN0IG9sZFBhc3N3b3JkID0gYXdhaXQgZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KG9sZFBhc3N3b3JkU2VjcmV0QXJuKTtcbiAgY29uc3QgcGFzc3dvcmQgPSBhd2FpdCBnZXRQYXNzd29yZEZyb21TZWNyZXQocGFzc3dvcmRTZWNyZXRBcm4pO1xuXG4gIGlmICh1c2VybmFtZSAhPT0gb2xkVXNlcm5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBpZiAocGFzc3dvcmQgIT09IG9sZFBhc3N3b3JkKSB7XG4gICAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQUxURVIgVVNFUiAke3VzZXJuYW1lfSBQQVNTV09SRCAnJHtwYXNzd29yZH0nYCwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiBmYWxzZSB9O1xuICB9XG5cbiAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcpOiBQcm9taXNlPHN0cmluZz4ge1xuICBjb25zdCBzZWNyZXRWYWx1ZSA9IGF3YWl0IHNlY3JldHNNYW5hZ2VyLmdldFNlY3JldFZhbHVlKHtcbiAgICBTZWNyZXRJZDogcGFzc3dvcmRTZWNyZXRBcm4sXG4gIH0pLnByb21pc2UoKTtcbiAgY29uc3Qgc2VjcmV0U3RyaW5nID0gc2VjcmV0VmFsdWUuU2VjcmV0U3RyaW5nO1xuICBpZiAoIXNlY3JldFN0cmluZykge1xuICAgIHRocm93IG5ldyBFcnJvcihgU2VjcmV0IHN0cmluZyBmb3IgJHtwYXNzd29yZFNlY3JldEFybn0gd2FzIGVtcHR5YCk7XG4gIH1cbiAgY29uc3QgeyBwYXNzd29yZCB9ID0gSlNPTi5wYXJzZShzZWNyZXRTdHJpbmcpO1xuXG4gIHJldHVybiBwYXNzd29yZDtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/util.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js similarity index 97% rename from packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/util.js rename to packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js index cbf618fd1a521..d8dc8cad799c9 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/util.js +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js @@ -31,4 +31,4 @@ function areColumnsEqual(columnsA, columnsB) { }); } exports.areColumnsEqual = areColumnsEqual; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBR0EsU0FBZ0IsY0FBYyxDQUFDLFlBQW9CLEVBQUUsWUFBMEIsRUFBRSxTQUFpQjtJQUNoRyxPQUFPLEdBQUcsWUFBWSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxJQUFJLFlBQVksSUFBSSxTQUFTLEVBQUUsQ0FBQztBQUNqRyxDQUFDO0FBRkQsd0NBRUM7QUFFRCxTQUFnQixnQkFBZ0IsQ0FBQyxPQUFpQjtJQUNoRCx5RkFBeUY7SUFDekYsTUFBTSxjQUFjLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEtBQUssSUFBSSxJQUFLLE1BQU0sQ0FBQyxPQUE2QixLQUFLLE1BQU0sQ0FBQyxDQUFDO0lBRTdILElBQUksY0FBYyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUU7UUFDL0IsT0FBTyxTQUFTLENBQUM7S0FDbEI7U0FBTSxJQUFJLGNBQWMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1FBQ3BDLE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztLQUNwRDtJQUVELE9BQU8sY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQzNCLENBQUM7QUFYRCw0Q0FXQztBQUVELFNBQWdCLGlCQUFpQixDQUFDLE9BQWlCO0lBQ2pELHlGQUF5RjtJQUN6RixPQUFPLE9BQU8sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsT0FBTyxLQUFLLElBQUksSUFBSyxNQUFNLENBQUMsT0FBNkIsS0FBSyxNQUFNLENBQUMsQ0FBQztBQUMvRyxDQUFDO0FBSEQsOENBR0M7QUFFRCxTQUFnQixlQUFlLENBQUMsUUFBa0IsRUFBRSxRQUFrQjtJQUNwRSxJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssUUFBUSxDQUFDLE1BQU0sRUFBRTtRQUN2QyxPQUFPLEtBQUssQ0FBQztLQUNkO0lBQ0QsT0FBTyxRQUFRLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQzlCLE9BQU8sUUFBUSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssT0FBTyxDQUFDLElBQUksSUFBSSxNQUFNLENBQUMsUUFBUSxLQUFLLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUN2RyxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFQRCwwQ0FPQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbHVtbiB9IGZyb20gJy4uLy4uL3RhYmxlJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuXG5leHBvcnQgZnVuY3Rpb24gbWFrZVBoeXNpY2FsSWQocmVzb3VyY2VOYW1lOiBzdHJpbmcsIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLCByZXF1ZXN0SWQ6IHN0cmluZyk6IHN0cmluZyB7XG4gIHJldHVybiBgJHtjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWV9OiR7Y2x1c3RlclByb3BzLmRhdGFiYXNlTmFtZX06JHtyZXNvdXJjZU5hbWV9OiR7cmVxdWVzdElkfWA7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXREaXN0S2V5Q29sdW1uKGNvbHVtbnM6IENvbHVtbltdKTogQ29sdW1uIHwgdW5kZWZpbmVkIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgY29uc3QgZGlzdEtleUNvbHVtbnMgPSBjb2x1bW5zLmZpbHRlcihjb2x1bW4gPT4gY29sdW1uLmRpc3RLZXkgPT09IHRydWUgfHwgKGNvbHVtbi5kaXN0S2V5IGFzIHVua25vd24gYXMgc3RyaW5nKSA9PT0gJ3RydWUnKTtcblxuICBpZiAoZGlzdEtleUNvbHVtbnMubGVuZ3RoID09PSAwKSB7XG4gICAgcmV0dXJuIHVuZGVmaW5lZDtcbiAgfSBlbHNlIGlmIChkaXN0S2V5Q29sdW1ucy5sZW5ndGggPiAxKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdNdWx0aXBsZSBkaXN0IGtleSBjb2x1bW5zIGZvdW5kJyk7XG4gIH1cblxuICByZXR1cm4gZGlzdEtleUNvbHVtbnNbMF07XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXRTb3J0S2V5Q29sdW1ucyhjb2x1bW5zOiBDb2x1bW5bXSk6IENvbHVtbltdIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgcmV0dXJuIGNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiBjb2x1bW4uc29ydEtleSA9PT0gdHJ1ZSB8fCAoY29sdW1uLnNvcnRLZXkgYXMgdW5rbm93biBhcyBzdHJpbmcpID09PSAndHJ1ZScpO1xufVxuXG5leHBvcnQgZnVuY3Rpb24gYXJlQ29sdW1uc0VxdWFsKGNvbHVtbnNBOiBDb2x1bW5bXSwgY29sdW1uc0I6IENvbHVtbltdKTogYm9vbGVhbiB7XG4gIGlmIChjb2x1bW5zQS5sZW5ndGggIT09IGNvbHVtbnNCLmxlbmd0aCkge1xuICAgIHJldHVybiBmYWxzZTtcbiAgfVxuICByZXR1cm4gY29sdW1uc0EuZXZlcnkoY29sdW1uQSA9PiB7XG4gICAgcmV0dXJuIGNvbHVtbnNCLmZpbmQoY29sdW1uID0+IGNvbHVtbi5uYW1lID09PSBjb2x1bW5BLm5hbWUgJiYgY29sdW1uLmRhdGFUeXBlID09PSBjb2x1bW5BLmRhdGFUeXBlKTtcbiAgfSk7XG59XG4iXX0= \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBR0EsU0FBZ0IsY0FBYyxDQUFDLFlBQW9CLEVBQUUsWUFBMEIsRUFBRSxTQUFpQjtJQUNoRyxPQUFPLEdBQUcsWUFBWSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxJQUFJLFlBQVksSUFBSSxTQUFTLEVBQUUsQ0FBQztBQUNqRyxDQUFDO0FBRkQsd0NBRUM7QUFFRCxTQUFnQixnQkFBZ0IsQ0FBQyxPQUFpQjtJQUNoRCx5RkFBeUY7SUFDekYsTUFBTSxjQUFjLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEtBQUssSUFBSSxJQUFLLE1BQU0sQ0FBQyxPQUE2QixLQUFLLE1BQU0sQ0FBQyxDQUFDO0lBRTdILElBQUksY0FBYyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUU7UUFDL0IsT0FBTyxTQUFTLENBQUM7S0FDbEI7U0FBTSxJQUFJLGNBQWMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1FBQ3BDLE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztLQUNwRDtJQUVELE9BQU8sY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQzNCLENBQUM7QUFYRCw0Q0FXQztBQUVELFNBQWdCLGlCQUFpQixDQUFDLE9BQWlCO0lBQ2pELHlGQUF5RjtJQUN6RixPQUFPLE9BQU8sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsT0FBTyxLQUFLLElBQUksSUFBSyxNQUFNLENBQUMsT0FBNkIsS0FBSyxNQUFNLENBQUMsQ0FBQztBQUMvRyxDQUFDO0FBSEQsOENBR0M7QUFFRCxTQUFnQixlQUFlLENBQUMsUUFBa0IsRUFBRSxRQUFrQjtJQUNwRSxJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssUUFBUSxDQUFDLE1BQU0sRUFBRTtRQUN2QyxPQUFPLEtBQUssQ0FBQztLQUNkO0lBQ0QsT0FBTyxRQUFRLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQzlCLE9BQU8sUUFBUSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssT0FBTyxDQUFDLElBQUksSUFBSSxNQUFNLENBQUMsUUFBUSxLQUFLLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUN2RyxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFQRCwwQ0FPQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgQ29sdW1uIH0gZnJvbSAnLi4vLi4vdGFibGUnO1xuXG5leHBvcnQgZnVuY3Rpb24gbWFrZVBoeXNpY2FsSWQocmVzb3VyY2VOYW1lOiBzdHJpbmcsIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLCByZXF1ZXN0SWQ6IHN0cmluZyk6IHN0cmluZyB7XG4gIHJldHVybiBgJHtjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWV9OiR7Y2x1c3RlclByb3BzLmRhdGFiYXNlTmFtZX06JHtyZXNvdXJjZU5hbWV9OiR7cmVxdWVzdElkfWA7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXREaXN0S2V5Q29sdW1uKGNvbHVtbnM6IENvbHVtbltdKTogQ29sdW1uIHwgdW5kZWZpbmVkIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgY29uc3QgZGlzdEtleUNvbHVtbnMgPSBjb2x1bW5zLmZpbHRlcihjb2x1bW4gPT4gY29sdW1uLmRpc3RLZXkgPT09IHRydWUgfHwgKGNvbHVtbi5kaXN0S2V5IGFzIHVua25vd24gYXMgc3RyaW5nKSA9PT0gJ3RydWUnKTtcblxuICBpZiAoZGlzdEtleUNvbHVtbnMubGVuZ3RoID09PSAwKSB7XG4gICAgcmV0dXJuIHVuZGVmaW5lZDtcbiAgfSBlbHNlIGlmIChkaXN0S2V5Q29sdW1ucy5sZW5ndGggPiAxKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdNdWx0aXBsZSBkaXN0IGtleSBjb2x1bW5zIGZvdW5kJyk7XG4gIH1cblxuICByZXR1cm4gZGlzdEtleUNvbHVtbnNbMF07XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXRTb3J0S2V5Q29sdW1ucyhjb2x1bW5zOiBDb2x1bW5bXSk6IENvbHVtbltdIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgcmV0dXJuIGNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiBjb2x1bW4uc29ydEtleSA9PT0gdHJ1ZSB8fCAoY29sdW1uLnNvcnRLZXkgYXMgdW5rbm93biBhcyBzdHJpbmcpID09PSAndHJ1ZScpO1xufVxuXG5leHBvcnQgZnVuY3Rpb24gYXJlQ29sdW1uc0VxdWFsKGNvbHVtbnNBOiBDb2x1bW5bXSwgY29sdW1uc0I6IENvbHVtbltdKTogYm9vbGVhbiB7XG4gIGlmIChjb2x1bW5zQS5sZW5ndGggIT09IGNvbHVtbnNCLmxlbmd0aCkge1xuICAgIHJldHVybiBmYWxzZTtcbiAgfVxuICByZXR1cm4gY29sdW1uc0EuZXZlcnkoY29sdW1uQSA9PiB7XG4gICAgcmV0dXJuIGNvbHVtbnNCLmZpbmQoY29sdW1uID0+IGNvbHVtbi5uYW1lID09PSBjb2x1bW5BLm5hbWUgJiYgY29sdW1uLmRhdGFUeXBlID09PSBjb2x1bW5BLmRhdGFUeXBlKTtcbiAgfSk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/cfn-response.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/cfn-response.js new file mode 100644 index 0000000000000..1966567b21646 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/cfn-response.js @@ -0,0 +1,87 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.Retry = exports.safeHandler = exports.includeStackTraces = exports.submitResponse = exports.MISSING_PHYSICAL_ID_MARKER = exports.CREATE_FAILED_PHYSICAL_ID_MARKER = void 0; +/* eslint-disable max-len */ +/* eslint-disable no-console */ +const url = require("url"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +exports.CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; +exports.MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; +async function submitResponse(status, event, options = {}) { + const json = { + Status: status, + Reason: options.reason || status, + StackId: event.StackId, + RequestId: event.RequestId, + PhysicalResourceId: event.PhysicalResourceId || exports.MISSING_PHYSICAL_ID_MARKER, + LogicalResourceId: event.LogicalResourceId, + NoEcho: options.noEcho, + Data: event.Data, + }; + util_1.log('submit response to cloudformation', json); + const responseBody = JSON.stringify(json); + const parsedUrl = url.parse(event.ResponseURL); + const retryOptions = { + attempts: 5, + sleep: 1000, + }; + await util_1.withRetries(retryOptions, outbound_1.httpRequest)({ + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { + 'content-type': '', + 'content-length': responseBody.length, + }, + }, responseBody); +} +exports.submitResponse = submitResponse; +exports.includeStackTraces = true; // for unit tests +function safeHandler(block) { + return async (event) => { + // ignore DELETE event when the physical resource ID is the marker that + // indicates that this DELETE is a subsequent DELETE to a failed CREATE + // operation. + if (event.RequestType === 'Delete' && event.PhysicalResourceId === exports.CREATE_FAILED_PHYSICAL_ID_MARKER) { + util_1.log('ignoring DELETE event caused by a failed CREATE event'); + await submitResponse('SUCCESS', event); + return; + } + try { + await block(event); + } + catch (e) { + // tell waiter state machine to retry + if (e instanceof Retry) { + util_1.log('retry requested by handler'); + throw e; + } + if (!event.PhysicalResourceId) { + // special case: if CREATE fails, which usually implies, we usually don't + // have a physical resource id. in this case, the subsequent DELETE + // operation does not have any meaning, and will likely fail as well. to + // address this, we use a marker so the provider framework can simply + // ignore the subsequent DELETE. + if (event.RequestType === 'Create') { + util_1.log('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); + event.PhysicalResourceId = exports.CREATE_FAILED_PHYSICAL_ID_MARKER; + } + else { + // otherwise, if PhysicalResourceId is not specified, something is + // terribly wrong because all other events should have an ID. + util_1.log(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify({ ...event, ResponseURL: '...' })}`); + } + } + // this is an actual error, fail the activity altogether and exist. + await submitResponse('FAILED', event, { + reason: exports.includeStackTraces ? e.stack : e.message, + }); + } + }; +} +exports.safeHandler = safeHandler; +class Retry extends Error { +} +exports.Retry = Retry; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2ZuLXJlc3BvbnNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY2ZuLXJlc3BvbnNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDRCQUE0QjtBQUM1QiwrQkFBK0I7QUFDL0IsMkJBQTJCO0FBQzNCLHlDQUF5QztBQUN6QyxpQ0FBMEM7QUFFN0IsUUFBQSxnQ0FBZ0MsR0FBRyx3REFBd0QsQ0FBQztBQUM1RixRQUFBLDBCQUEwQixHQUFHLDhEQUE4RCxDQUFDO0FBZ0JsRyxLQUFLLFVBQVUsY0FBYyxDQUFDLE1BQTRCLEVBQUUsS0FBaUMsRUFBRSxVQUF5QyxFQUFHO0lBQ2hKLE1BQU0sSUFBSSxHQUFtRDtRQUMzRCxNQUFNLEVBQUUsTUFBTTtRQUNkLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxJQUFJLE1BQU07UUFDaEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1FBQ3RCLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztRQUMxQixrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLElBQUksa0NBQTBCO1FBQzFFLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7UUFDMUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxNQUFNO1FBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtLQUNqQixDQUFDO0lBRUYsVUFBRyxDQUFDLG1DQUFtQyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBRS9DLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7SUFFL0MsTUFBTSxZQUFZLEdBQUc7UUFDbkIsUUFBUSxFQUFFLENBQUM7UUFDWCxLQUFLLEVBQUUsSUFBSTtLQUNaLENBQUM7SUFDRixNQUFNLGtCQUFXLENBQUMsWUFBWSxFQUFFLHNCQUFXLENBQUMsQ0FBQztRQUMzQyxRQUFRLEVBQUUsU0FBUyxDQUFDLFFBQVE7UUFDNUIsSUFBSSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1FBQ3BCLE1BQU0sRUFBRSxLQUFLO1FBQ2IsT0FBTyxFQUFFO1lBQ1AsY0FBYyxFQUFFLEVBQUU7WUFDbEIsZ0JBQWdCLEVBQUUsWUFBWSxDQUFDLE1BQU07U0FDdEM7S0FDRixFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ25CLENBQUM7QUEvQkQsd0NBK0JDO0FBRVUsUUFBQSxrQkFBa0IsR0FBRyxJQUFJLENBQUMsQ0FBQyxpQkFBaUI7QUFFdkQsU0FBZ0IsV0FBVyxDQUFDLEtBQW9DO0lBQzlELE9BQU8sS0FBSyxFQUFFLEtBQVUsRUFBRSxFQUFFO1FBRTFCLHVFQUF1RTtRQUN2RSx1RUFBdUU7UUFDdkUsYUFBYTtRQUNiLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLElBQUksS0FBSyxDQUFDLGtCQUFrQixLQUFLLHdDQUFnQyxFQUFFO1lBQ25HLFVBQUcsQ0FBQyx1REFBdUQsQ0FBQyxDQUFDO1lBQzdELE1BQU0sY0FBYyxDQUFDLFNBQVMsRUFBRSxLQUFLLENBQUMsQ0FBQztZQUN2QyxPQUFPO1NBQ1I7UUFFRCxJQUFJO1lBQ0YsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUM7U0FDcEI7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLHFDQUFxQztZQUNyQyxJQUFJLENBQUMsWUFBWSxLQUFLLEVBQUU7Z0JBQ3RCLFVBQUcsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO2dCQUNsQyxNQUFNLENBQUMsQ0FBQzthQUNUO1lBRUQsSUFBSSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsRUFBRTtnQkFDN0IseUVBQXlFO2dCQUN6RSxtRUFBbUU7Z0JBQ25FLHdFQUF3RTtnQkFDeEUscUVBQXFFO2dCQUNyRSxnQ0FBZ0M7Z0JBQ2hDLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7b0JBQ2xDLFVBQUcsQ0FBQyw0R0FBNEcsQ0FBQyxDQUFDO29CQUNsSCxLQUFLLENBQUMsa0JBQWtCLEdBQUcsd0NBQWdDLENBQUM7aUJBQzdEO3FCQUFNO29CQUNMLGtFQUFrRTtvQkFDbEUsNkRBQTZEO29CQUM3RCxVQUFHLENBQUMsNkRBQTZELElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxHQUFHLEtBQUssRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUM7aUJBQ3RIO2FBQ0Y7WUFFRCxtRUFBbUU7WUFDbkUsTUFBTSxjQUFjLENBQUMsUUFBUSxFQUFFLEtBQUssRUFBRTtnQkFDcEMsTUFBTSxFQUFFLDBCQUFrQixDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTzthQUNqRCxDQUFDLENBQUM7U0FDSjtJQUNILENBQUMsQ0FBQztBQUNKLENBQUM7QUEzQ0Qsa0NBMkNDO0FBRUQsTUFBYSxLQUFNLFNBQVEsS0FBSztDQUFJO0FBQXBDLHNCQUFvQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG1heC1sZW4gKi9cbi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuaW1wb3J0IHsgaHR0cFJlcXVlc3QgfSBmcm9tICcuL291dGJvdW5kJztcbmltcG9ydCB7IGxvZywgd2l0aFJldHJpZXMgfSBmcm9tICcuL3V0aWwnO1xuXG5leHBvcnQgY29uc3QgQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpDUkVBVEVfRkFJTEVEJztcbmV4cG9ydCBjb25zdCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6Ok1JU1NJTkdfUEhZU0lDQUxfSUQnO1xuXG5leHBvcnQgaW50ZXJmYWNlIENsb3VkRm9ybWF0aW9uUmVzcG9uc2VPcHRpb25zIHtcbiAgcmVhZG9ubHkgcmVhc29uPzogc3RyaW5nO1xuICByZWFkb25seSBub0VjaG8/OiBib29sZWFuO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENsb3VkRm9ybWF0aW9uRXZlbnRDb250ZXh0IHtcbiAgU3RhY2tJZDogc3RyaW5nO1xuICBSZXF1ZXN0SWQ6IHN0cmluZztcbiAgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nO1xuICBMb2dpY2FsUmVzb3VyY2VJZDogc3RyaW5nO1xuICBSZXNwb25zZVVSTDogc3RyaW5nO1xuICBEYXRhPzogYW55XG59XG5cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBzdWJtaXRSZXNwb25zZShzdGF0dXM6ICdTVUNDRVNTJyB8ICdGQUlMRUQnLCBldmVudDogQ2xvdWRGb3JtYXRpb25FdmVudENvbnRleHQsIG9wdGlvbnM6IENsb3VkRm9ybWF0aW9uUmVzcG9uc2VPcHRpb25zID0geyB9KSB7XG4gIGNvbnN0IGpzb246IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlUmVzcG9uc2UgPSB7XG4gICAgU3RhdHVzOiBzdGF0dXMsXG4gICAgUmVhc29uOiBvcHRpb25zLnJlYXNvbiB8fCBzdGF0dXMsXG4gICAgU3RhY2tJZDogZXZlbnQuU3RhY2tJZCxcbiAgICBSZXF1ZXN0SWQ6IGV2ZW50LlJlcXVlc3RJZCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUixcbiAgICBMb2dpY2FsUmVzb3VyY2VJZDogZXZlbnQuTG9naWNhbFJlc291cmNlSWQsXG4gICAgTm9FY2hvOiBvcHRpb25zLm5vRWNobyxcbiAgICBEYXRhOiBldmVudC5EYXRhLFxuICB9O1xuXG4gIGxvZygnc3VibWl0IHJlc3BvbnNlIHRvIGNsb3VkZm9ybWF0aW9uJywganNvbik7XG5cbiAgY29uc3QgcmVzcG9uc2VCb2R5ID0gSlNPTi5zdHJpbmdpZnkoanNvbik7XG5cbiAgY29uc3QgcGFyc2VkVXJsID0gdXJsLnBhcnNlKGV2ZW50LlJlc3BvbnNlVVJMKTtcblxuICBjb25zdCByZXRyeU9wdGlvbnMgPSB7XG4gICAgYXR0ZW1wdHM6IDUsXG4gICAgc2xlZXA6IDEwMDAsXG4gIH07XG4gIGF3YWl0IHdpdGhSZXRyaWVzKHJldHJ5T3B0aW9ucywgaHR0cFJlcXVlc3QpKHtcbiAgICBob3N0bmFtZTogcGFyc2VkVXJsLmhvc3RuYW1lLFxuICAgIHBhdGg6IHBhcnNlZFVybC5wYXRoLFxuICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgaGVhZGVyczoge1xuICAgICAgJ2NvbnRlbnQtdHlwZSc6ICcnLFxuICAgICAgJ2NvbnRlbnQtbGVuZ3RoJzogcmVzcG9uc2VCb2R5Lmxlbmd0aCxcbiAgICB9LFxuICB9LCByZXNwb25zZUJvZHkpO1xufVxuXG5leHBvcnQgbGV0IGluY2x1ZGVTdGFja1RyYWNlcyA9IHRydWU7IC8vIGZvciB1bml0IHRlc3RzXG5cbmV4cG9ydCBmdW5jdGlvbiBzYWZlSGFuZGxlcihibG9jazogKGV2ZW50OiBhbnkpID0+IFByb21pc2U8dm9pZD4pIHtcbiAgcmV0dXJuIGFzeW5jIChldmVudDogYW55KSA9PiB7XG5cbiAgICAvLyBpZ25vcmUgREVMRVRFIGV2ZW50IHdoZW4gdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGlzIHRoZSBtYXJrZXIgdGhhdFxuICAgIC8vIGluZGljYXRlcyB0aGF0IHRoaXMgREVMRVRFIGlzIGEgc3Vic2VxdWVudCBERUxFVEUgdG8gYSBmYWlsZWQgQ1JFQVRFXG4gICAgLy8gb3BlcmF0aW9uLlxuICAgIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkID09PSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUikge1xuICAgICAgbG9nKCdpZ25vcmluZyBERUxFVEUgZXZlbnQgY2F1c2VkIGJ5IGEgZmFpbGVkIENSRUFURSBldmVudCcpO1xuICAgICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgICByZXR1cm47XG4gICAgfVxuXG4gICAgdHJ5IHtcbiAgICAgIGF3YWl0IGJsb2NrKGV2ZW50KTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICAvLyB0ZWxsIHdhaXRlciBzdGF0ZSBtYWNoaW5lIHRvIHJldHJ5XG4gICAgICBpZiAoZSBpbnN0YW5jZW9mIFJldHJ5KSB7XG4gICAgICAgIGxvZygncmV0cnkgcmVxdWVzdGVkIGJ5IGhhbmRsZXInKTtcbiAgICAgICAgdGhyb3cgZTtcbiAgICAgIH1cblxuICAgICAgaWYgKCFldmVudC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICAgICAgLy8gc3BlY2lhbCBjYXNlOiBpZiBDUkVBVEUgZmFpbHMsIHdoaWNoIHVzdWFsbHkgaW1wbGllcywgd2UgdXN1YWxseSBkb24ndFxuICAgICAgICAvLyBoYXZlIGEgcGh5c2ljYWwgcmVzb3VyY2UgaWQuIGluIHRoaXMgY2FzZSwgdGhlIHN1YnNlcXVlbnQgREVMRVRFXG4gICAgICAgIC8vIG9wZXJhdGlvbiBkb2VzIG5vdCBoYXZlIGFueSBtZWFuaW5nLCBhbmQgd2lsbCBsaWtlbHkgZmFpbCBhcyB3ZWxsLiB0b1xuICAgICAgICAvLyBhZGRyZXNzIHRoaXMsIHdlIHVzZSBhIG1hcmtlciBzbyB0aGUgcHJvdmlkZXIgZnJhbWV3b3JrIGNhbiBzaW1wbHlcbiAgICAgICAgLy8gaWdub3JlIHRoZSBzdWJzZXF1ZW50IERFTEVURS5cbiAgICAgICAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgICAgICAgIGxvZygnQ1JFQVRFIGZhaWxlZCwgcmVzcG9uZGluZyB3aXRoIGEgbWFya2VyIHBoeXNpY2FsIHJlc291cmNlIGlkIHNvIHRoYXQgdGhlIHN1YnNlcXVlbnQgREVMRVRFIHdpbGwgYmUgaWdub3JlZCcpO1xuICAgICAgICAgIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCA9IENSRUFURV9GQUlMRURfUEhZU0lDQUxfSURfTUFSS0VSO1xuICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgIC8vIG90aGVyd2lzZSwgaWYgUGh5c2ljYWxSZXNvdXJjZUlkIGlzIG5vdCBzcGVjaWZpZWQsIHNvbWV0aGluZyBpc1xuICAgICAgICAgIC8vIHRlcnJpYmx5IHdyb25nIGJlY2F1c2UgYWxsIG90aGVyIGV2ZW50cyBzaG91bGQgaGF2ZSBhbiBJRC5cbiAgICAgICAgICBsb2coYEVSUk9SOiBNYWxmb3JtZWQgZXZlbnQuIFwiUGh5c2ljYWxSZXNvdXJjZUlkXCIgaXMgcmVxdWlyZWQ6ICR7SlNPTi5zdHJpbmdpZnkoeyAuLi5ldmVudCwgUmVzcG9uc2VVUkw6ICcuLi4nIH0pfWApO1xuICAgICAgICB9XG4gICAgICB9XG5cbiAgICAgIC8vIHRoaXMgaXMgYW4gYWN0dWFsIGVycm9yLCBmYWlsIHRoZSBhY3Rpdml0eSBhbHRvZ2V0aGVyIGFuZCBleGlzdC5cbiAgICAgIGF3YWl0IHN1Ym1pdFJlc3BvbnNlKCdGQUlMRUQnLCBldmVudCwge1xuICAgICAgICByZWFzb246IGluY2x1ZGVTdGFja1RyYWNlcyA/IGUuc3RhY2sgOiBlLm1lc3NhZ2UsXG4gICAgICB9KTtcbiAgICB9XG4gIH07XG59XG5cbmV4cG9ydCBjbGFzcyBSZXRyeSBleHRlbmRzIEVycm9yIHsgfVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/consts.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/consts.js new file mode 100644 index 0000000000000..31faa077ae313 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/consts.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = exports.WAITER_STATE_MACHINE_ARN_ENV = exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = exports.USER_ON_EVENT_FUNCTION_ARN_ENV = void 0; +exports.USER_ON_EVENT_FUNCTION_ARN_ENV = 'USER_ON_EVENT_FUNCTION_ARN'; +exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = 'USER_IS_COMPLETE_FUNCTION_ARN'; +exports.WAITER_STATE_MACHINE_ARN_ENV = 'WAITER_STATE_MACHINE_ARN'; +exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = 'onEvent'; +exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = 'isComplete'; +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = 'onTimeout'; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY29uc3RzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFhLFFBQUEsOEJBQThCLEdBQUcsNEJBQTRCLENBQUM7QUFDOUQsUUFBQSxpQ0FBaUMsR0FBRywrQkFBK0IsQ0FBQztBQUNwRSxRQUFBLDRCQUE0QixHQUFHLDBCQUEwQixDQUFDO0FBRTFELFFBQUEsK0JBQStCLEdBQUcsU0FBUyxDQUFDO0FBQzVDLFFBQUEsa0NBQWtDLEdBQUcsWUFBWSxDQUFDO0FBQ2xELFFBQUEsaUNBQWlDLEdBQUcsV0FBVyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGNvbnN0IFVTRVJfT05fRVZFTlRfRlVOQ1RJT05fQVJOX0VOViA9ICdVU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTic7XG5leHBvcnQgY29uc3QgVVNFUl9JU19DT01QTEVURV9GVU5DVElPTl9BUk5fRU5WID0gJ1VTRVJfSVNfQ09NUExFVEVfRlVOQ1RJT05fQVJOJztcbmV4cG9ydCBjb25zdCBXQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WID0gJ1dBSVRFUl9TVEFURV9NQUNISU5FX0FSTic7XG5cbmV4cG9ydCBjb25zdCBGUkFNRVdPUktfT05fRVZFTlRfSEFORExFUl9OQU1FID0gJ29uRXZlbnQnO1xuZXhwb3J0IGNvbnN0IEZSQU1FV09SS19JU19DT01QTEVURV9IQU5ETEVSX05BTUUgPSAnaXNDb21wbGV0ZSc7XG5leHBvcnQgY29uc3QgRlJBTUVXT1JLX09OX1RJTUVPVVRfSEFORExFUl9OQU1FID0gJ29uVGltZW91dCc7XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/framework.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/framework.js new file mode 100644 index 0000000000000..3f8a03e88aae0 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/framework.js @@ -0,0 +1,168 @@ +"use strict"; +const cfnResponse = require("./cfn-response"); +const consts = require("./consts"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +/** + * The main runtime entrypoint of the async custom resource lambda function. + * + * Any lifecycle event changes to the custom resources will invoke this handler, which will, in turn, + * interact with the user-defined `onEvent` and `isComplete` handlers. + * + * This function will always succeed. If an error occurs + * + * @param cfnRequest The cloudformation custom resource event. + */ +async function onEvent(cfnRequest) { + const sanitizedRequest = { ...cfnRequest, ResponseURL: '...' }; + util_1.log('onEventHandler', sanitizedRequest); + cfnRequest.ResourceProperties = cfnRequest.ResourceProperties || {}; + const onEventResult = await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV, sanitizedRequest, cfnRequest.ResponseURL); + util_1.log('onEvent returned:', onEventResult); + // merge the request and the result from onEvent to form the complete resource event + // this also performs validation. + const resourceEvent = createResponseEvent(cfnRequest, onEventResult); + util_1.log('event:', onEventResult); + // determine if this is an async provider based on whether we have an isComplete handler defined. + // if it is not defined, then we are basically ready to return a positive response. + if (!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV]) { + return cfnResponse.submitResponse('SUCCESS', resourceEvent, { noEcho: resourceEvent.NoEcho }); + } + // ok, we are not complete, so kick off the waiter workflow + const waiter = { + stateMachineArn: util_1.getEnv(consts.WAITER_STATE_MACHINE_ARN_ENV), + name: resourceEvent.RequestId, + input: JSON.stringify(resourceEvent), + }; + util_1.log('starting waiter', waiter); + // kick off waiter state machine + await outbound_1.startExecution(waiter); +} +// invoked a few times until `complete` is true or until it times out. +async function isComplete(event) { + const sanitizedRequest = { ...event, ResponseURL: '...' }; + util_1.log('isComplete', sanitizedRequest); + const isCompleteResult = await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV, sanitizedRequest, event.ResponseURL); + util_1.log('user isComplete returned:', isCompleteResult); + // if we are not complete, return false, and don't send a response back. + if (!isCompleteResult.IsComplete) { + if (isCompleteResult.Data && Object.keys(isCompleteResult.Data).length > 0) { + throw new Error('"Data" is not allowed if "IsComplete" is "False"'); + } + // This must be the full event, it will be deserialized in `onTimeout` to send the response to CloudFormation + throw new cfnResponse.Retry(JSON.stringify(event)); + } + const response = { + ...event, + ...isCompleteResult, + Data: { + ...event.Data, + ...isCompleteResult.Data, + }, + }; + await cfnResponse.submitResponse('SUCCESS', response, { noEcho: event.NoEcho }); +} +// invoked when completion retries are exhaused. +async function onTimeout(timeoutEvent) { + util_1.log('timeoutHandler', timeoutEvent); + const isCompleteRequest = JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage); + await cfnResponse.submitResponse('FAILED', isCompleteRequest, { + reason: 'Operation timed out', + }); +} +async function invokeUserFunction(functionArnEnv, sanitizedPayload, responseUrl) { + const functionArn = util_1.getEnv(functionArnEnv); + util_1.log(`executing user function ${functionArn} with payload`, sanitizedPayload); + // transient errors such as timeouts, throttling errors (429), and other + // errors that aren't caused by a bad request (500 series) are retried + // automatically by the JavaScript SDK. + const resp = await outbound_1.invokeFunction({ + FunctionName: functionArn, + // Cannot strip 'ResponseURL' here as this would be a breaking change even though the downstream CR doesn't need it + Payload: JSON.stringify({ ...sanitizedPayload, ResponseURL: responseUrl }), + }); + util_1.log('user function response:', resp, typeof (resp)); + const jsonPayload = parseJsonPayload(resp.Payload); + if (resp.FunctionError) { + util_1.log('user function threw an error:', resp.FunctionError); + const errorMessage = jsonPayload.errorMessage || 'error'; + // parse function name from arn + // arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName} + const arn = functionArn.split(':'); + const functionName = arn[arn.length - 1]; + // append a reference to the log group. + const message = [ + errorMessage, + '', + `Logs: /aws/lambda/${functionName}`, + '', + ].join('\n'); + const e = new Error(message); + // the output that goes to CFN is what's in `stack`, not the error message. + // if we have a remote trace, construct a nice message with log group information + if (jsonPayload.trace) { + // skip first trace line because it's the message + e.stack = [message, ...jsonPayload.trace.slice(1)].join('\n'); + } + throw e; + } + return jsonPayload; +} +function parseJsonPayload(payload) { + if (!payload) { + return {}; + } + const text = payload.toString(); + try { + return JSON.parse(text); + } + catch (e) { + throw new Error(`return values from user-handlers must be JSON objects. got: "${text}"`); + } +} +function createResponseEvent(cfnRequest, onEventResult) { + // + // validate that onEventResult always includes a PhysicalResourceId + onEventResult = onEventResult || {}; + // if physical ID is not returned, we have some defaults for you based + // on the request type. + const physicalResourceId = onEventResult.PhysicalResourceId || defaultPhysicalResourceId(cfnRequest); + // if we are in DELETE and physical ID was changed, it's an error. + if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`); + } + // if we are in UPDATE and physical ID was changed, it's a replacement (just log) + if (cfnRequest.RequestType === 'Update' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + util_1.log(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`); + } + // merge request event and result event (result prevails). + return { + ...cfnRequest, + ...onEventResult, + PhysicalResourceId: physicalResourceId, + }; +} +/** + * Calculates the default physical resource ID based in case user handler did + * not return a PhysicalResourceId. + * + * For "CREATE", it uses the RequestId. + * For "UPDATE" and "DELETE" and returns the current PhysicalResourceId (the one provided in `event`). + */ +function defaultPhysicalResourceId(req) { + switch (req.RequestType) { + case 'Create': + return req.RequestId; + case 'Update': + case 'Delete': + return req.PhysicalResourceId; + default: + throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`); + } +} +module.exports = { + [consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]: cfnResponse.safeHandler(onEvent), + [consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]: cfnResponse.safeHandler(isComplete), + [consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]: onTimeout, +}; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnJhbWV3b3JrLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZnJhbWV3b3JrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFHQSw4Q0FBOEM7QUFDOUMsbUNBQW1DO0FBQ25DLHlDQUE0RDtBQUM1RCxpQ0FBcUM7QUFTckM7Ozs7Ozs7OztHQVNHO0FBQ0gsS0FBSyxVQUFVLE9BQU8sQ0FBQyxVQUF1RDtJQUM1RSxNQUFNLGdCQUFnQixHQUFHLEVBQUUsR0FBRyxVQUFVLEVBQUUsV0FBVyxFQUFFLEtBQUssRUFBVyxDQUFDO0lBQ3hFLFVBQUcsQ0FBQyxnQkFBZ0IsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0lBRXhDLFVBQVUsQ0FBQyxrQkFBa0IsR0FBRyxVQUFVLENBQUMsa0JBQWtCLElBQUksRUFBRyxDQUFDO0lBRXJFLE1BQU0sYUFBYSxHQUFHLE1BQU0sa0JBQWtCLENBQUMsTUFBTSxDQUFDLDhCQUE4QixFQUFFLGdCQUFnQixFQUFFLFVBQVUsQ0FBQyxXQUFXLENBQW9CLENBQUM7SUFDbkosVUFBRyxDQUFDLG1CQUFtQixFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBRXhDLG9GQUFvRjtJQUNwRixpQ0FBaUM7SUFDakMsTUFBTSxhQUFhLEdBQUcsbUJBQW1CLENBQUMsVUFBVSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQ3JFLFVBQUcsQ0FBQyxRQUFRLEVBQUUsYUFBYSxDQUFDLENBQUM7SUFFN0IsaUdBQWlHO0lBQ2pHLG1GQUFtRjtJQUNuRixJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsaUNBQWlDLENBQUMsRUFBRTtRQUMxRCxPQUFPLFdBQVcsQ0FBQyxjQUFjLENBQUMsU0FBUyxFQUFFLGFBQWEsRUFBRSxFQUFFLE1BQU0sRUFBRSxhQUFhLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztLQUMvRjtJQUVELDJEQUEyRDtJQUMzRCxNQUFNLE1BQU0sR0FBRztRQUNiLGVBQWUsRUFBRSxhQUFNLENBQUMsTUFBTSxDQUFDLDRCQUE0QixDQUFDO1FBQzVELElBQUksRUFBRSxhQUFhLENBQUMsU0FBUztRQUM3QixLQUFLLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUM7S0FDckMsQ0FBQztJQUVGLFVBQUcsQ0FBQyxpQkFBaUIsRUFBRSxNQUFNLENBQUMsQ0FBQztJQUUvQixnQ0FBZ0M7SUFDaEMsTUFBTSx5QkFBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0FBQy9CLENBQUM7QUFFRCxzRUFBc0U7QUFDdEUsS0FBSyxVQUFVLFVBQVUsQ0FBQyxLQUFrRDtJQUMxRSxNQUFNLGdCQUFnQixHQUFHLEVBQUUsR0FBRyxLQUFLLEVBQUUsV0FBVyxFQUFFLEtBQUssRUFBVyxDQUFDO0lBQ25FLFVBQUcsQ0FBQyxZQUFZLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUVwQyxNQUFNLGdCQUFnQixHQUFHLE1BQU0sa0JBQWtCLENBQUMsTUFBTSxDQUFDLGlDQUFpQyxFQUFFLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxXQUFXLENBQXVCLENBQUM7SUFDdkosVUFBRyxDQUFDLDJCQUEyQixFQUFFLGdCQUFnQixDQUFDLENBQUM7SUFFbkQsd0VBQXdFO0lBQ3hFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFVLEVBQUU7UUFDaEMsSUFBSSxnQkFBZ0IsQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1lBQzFFLE1BQU0sSUFBSSxLQUFLLENBQUMsa0RBQWtELENBQUMsQ0FBQztTQUNyRTtRQUVELDZHQUE2RztRQUM3RyxNQUFNLElBQUksV0FBVyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7S0FDcEQ7SUFFRCxNQUFNLFFBQVEsR0FBRztRQUNmLEdBQUcsS0FBSztRQUNSLEdBQUcsZ0JBQWdCO1FBQ25CLElBQUksRUFBRTtZQUNKLEdBQUcsS0FBSyxDQUFDLElBQUk7WUFDYixHQUFHLGdCQUFnQixDQUFDLElBQUk7U0FDekI7S0FDRixDQUFDO0lBRUYsTUFBTSxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsRUFBRSxRQUFRLEVBQUUsRUFBRSxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7QUFDbEYsQ0FBQztBQUVELGdEQUFnRDtBQUNoRCxLQUFLLFVBQVUsU0FBUyxDQUFDLFlBQWlCO0lBQ3hDLFVBQUcsQ0FBQyxnQkFBZ0IsRUFBRSxZQUFZLENBQUMsQ0FBQztJQUVwQyxNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFnRCxDQUFDO0lBQ2pJLE1BQU0sV0FBVyxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsaUJBQWlCLEVBQUU7UUFDNUQsTUFBTSxFQUFFLHFCQUFxQjtLQUM5QixDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsS0FBSyxVQUFVLGtCQUFrQixDQUFtQyxjQUFzQixFQUFFLGdCQUFtQixFQUFFLFdBQW1CO0lBQ2xJLE1BQU0sV0FBVyxHQUFHLGFBQU0sQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUMzQyxVQUFHLENBQUMsMkJBQTJCLFdBQVcsZUFBZSxFQUFFLGdCQUFnQixDQUFDLENBQUM7SUFFN0Usd0VBQXdFO0lBQ3hFLHNFQUFzRTtJQUN0RSx1Q0FBdUM7SUFDdkMsTUFBTSxJQUFJLEdBQUcsTUFBTSx5QkFBYyxDQUFDO1FBQ2hDLFlBQVksRUFBRSxXQUFXO1FBRXpCLG1IQUFtSDtRQUNuSCxPQUFPLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLEdBQUcsZ0JBQWdCLEVBQUUsV0FBVyxFQUFFLFdBQVcsRUFBRSxDQUFDO0tBQzNFLENBQUMsQ0FBQztJQUVILFVBQUcsQ0FBQyx5QkFBeUIsRUFBRSxJQUFJLEVBQUUsT0FBTSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7SUFFbkQsTUFBTSxXQUFXLEdBQUcsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ25ELElBQUksSUFBSSxDQUFDLGFBQWEsRUFBRTtRQUN0QixVQUFHLENBQUMsK0JBQStCLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBRXpELE1BQU0sWUFBWSxHQUFHLFdBQVcsQ0FBQyxZQUFZLElBQUksT0FBTyxDQUFDO1FBRXpELCtCQUErQjtRQUMvQix3RUFBd0U7UUFDeEUsTUFBTSxHQUFHLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNuQyxNQUFNLFlBQVksR0FBRyxHQUFHLENBQUMsR0FBRyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQztRQUV6Qyx1Q0FBdUM7UUFDdkMsTUFBTSxPQUFPLEdBQUc7WUFDZCxZQUFZO1lBQ1osRUFBRTtZQUNGLHFCQUFxQixZQUFZLEVBQUU7WUFDbkMsRUFBRTtTQUNILENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRWIsTUFBTSxDQUFDLEdBQUcsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFN0IsMkVBQTJFO1FBQzNFLGlGQUFpRjtRQUNqRixJQUFJLFdBQVcsQ0FBQyxLQUFLLEVBQUU7WUFDckIsaURBQWlEO1lBQ2pELENBQUMsQ0FBQyxLQUFLLEdBQUcsQ0FBQyxPQUFPLEVBQUUsR0FBRyxXQUFXLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztTQUMvRDtRQUVELE1BQU0sQ0FBQyxDQUFDO0tBQ1Q7SUFFRCxPQUFPLFdBQVcsQ0FBQztBQUNyQixDQUFDO0FBRUQsU0FBUyxnQkFBZ0IsQ0FBQyxPQUFZO0lBQ3BDLElBQUksQ0FBQyxPQUFPLEVBQUU7UUFBRSxPQUFPLEVBQUcsQ0FBQztLQUFFO0lBQzdCLE1BQU0sSUFBSSxHQUFHLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztJQUNoQyxJQUFJO1FBQ0YsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO0tBQ3pCO0lBQUMsT0FBTyxDQUFDLEVBQUU7UUFDVixNQUFNLElBQUksS0FBSyxDQUFDLGdFQUFnRSxJQUFJLEdBQUcsQ0FBQyxDQUFDO0tBQzFGO0FBQ0gsQ0FBQztBQUVELFNBQVMsbUJBQW1CLENBQUMsVUFBdUQsRUFBRSxhQUE4QjtJQUNsSCxFQUFFO0lBQ0YsbUVBQW1FO0lBRW5FLGFBQWEsR0FBRyxhQUFhLElBQUksRUFBRyxDQUFDO0lBRXJDLHNFQUFzRTtJQUN0RSx1QkFBdUI7SUFDdkIsTUFBTSxrQkFBa0IsR0FBRyxhQUFhLENBQUMsa0JBQWtCLElBQUkseUJBQXlCLENBQUMsVUFBVSxDQUFDLENBQUM7SUFFckcsa0VBQWtFO0lBQ2xFLElBQUksVUFBVSxDQUFDLFdBQVcsS0FBSyxRQUFRLElBQUksa0JBQWtCLEtBQUssVUFBVSxDQUFDLGtCQUFrQixFQUFFO1FBQy9GLE1BQU0sSUFBSSxLQUFLLENBQUMsd0RBQXdELFVBQVUsQ0FBQyxrQkFBa0IsU0FBUyxhQUFhLENBQUMsa0JBQWtCLG1CQUFtQixDQUFDLENBQUM7S0FDcEs7SUFFRCxpRkFBaUY7SUFDakYsSUFBSSxVQUFVLENBQUMsV0FBVyxLQUFLLFFBQVEsSUFBSSxrQkFBa0IsS0FBSyxVQUFVLENBQUMsa0JBQWtCLEVBQUU7UUFDL0YsVUFBRyxDQUFDLCtDQUErQyxVQUFVLENBQUMsa0JBQWtCLFNBQVMsYUFBYSxDQUFDLGtCQUFrQixHQUFHLENBQUMsQ0FBQztLQUMvSDtJQUVELDBEQUEwRDtJQUMxRCxPQUFPO1FBQ0wsR0FBRyxVQUFVO1FBQ2IsR0FBRyxhQUFhO1FBQ2hCLGtCQUFrQixFQUFFLGtCQUFrQjtLQUN2QyxDQUFDO0FBQ0osQ0FBQztBQUVEOzs7Ozs7R0FNRztBQUNILFNBQVMseUJBQXlCLENBQUMsR0FBZ0Q7SUFDakYsUUFBUSxHQUFHLENBQUMsV0FBVyxFQUFFO1FBQ3ZCLEtBQUssUUFBUTtZQUNYLE9BQU8sR0FBRyxDQUFDLFNBQVMsQ0FBQztRQUV2QixLQUFLLFFBQVEsQ0FBQztRQUNkLEtBQUssUUFBUTtZQUNYLE9BQU8sR0FBRyxDQUFDLGtCQUFrQixDQUFDO1FBRWhDO1lBQ0UsTUFBTSxJQUFJLEtBQUssQ0FBQyxxQ0FBcUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUM7S0FDaEY7QUFDSCxDQUFDO0FBcE1ELGlCQUFTO0lBQ1AsQ0FBQyxNQUFNLENBQUMsK0JBQStCLENBQUMsRUFBRSxXQUFXLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQztJQUMxRSxDQUFDLE1BQU0sQ0FBQyxrQ0FBa0MsQ0FBQyxFQUFFLFdBQVcsQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDO0lBQ2hGLENBQUMsTUFBTSxDQUFDLGlDQUFpQyxDQUFDLEVBQUUsU0FBUztDQUN0RCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgbWF4LWxlbiAqL1xuLyogZXNsaW50LWRpc2FibGUgbm8tY29uc29sZSAqL1xuaW1wb3J0IHsgSXNDb21wbGV0ZVJlc3BvbnNlLCBPbkV2ZW50UmVzcG9uc2UgfSBmcm9tICcuLi90eXBlcyc7XG5pbXBvcnQgKiBhcyBjZm5SZXNwb25zZSBmcm9tICcuL2Nmbi1yZXNwb25zZSc7XG5pbXBvcnQgKiBhcyBjb25zdHMgZnJvbSAnLi9jb25zdHMnO1xuaW1wb3J0IHsgaW52b2tlRnVuY3Rpb24sIHN0YXJ0RXhlY3V0aW9uIH0gZnJvbSAnLi9vdXRib3VuZCc7XG5pbXBvcnQgeyBnZXRFbnYsIGxvZyB9IGZyb20gJy4vdXRpbCc7XG5cbi8vIHVzZSBjb25zdHMgZm9yIGhhbmRsZXIgbmFtZXMgdG8gY29tcGlsZXItZW5mb3JjZSB0aGUgY291cGxpbmcgd2l0aCBjb25zdHJ1Y3Rpb24gY29kZS5cbmV4cG9ydCA9IHtcbiAgW2NvbnN0cy5GUkFNRVdPUktfT05fRVZFTlRfSEFORExFUl9OQU1FXTogY2ZuUmVzcG9uc2Uuc2FmZUhhbmRsZXIob25FdmVudCksXG4gIFtjb25zdHMuRlJBTUVXT1JLX0lTX0NPTVBMRVRFX0hBTkRMRVJfTkFNRV06IGNmblJlc3BvbnNlLnNhZmVIYW5kbGVyKGlzQ29tcGxldGUpLFxuICBbY29uc3RzLkZSQU1FV09SS19PTl9USU1FT1VUX0hBTkRMRVJfTkFNRV06IG9uVGltZW91dCxcbn07XG5cbi8qKlxuICogVGhlIG1haW4gcnVudGltZSBlbnRyeXBvaW50IG9mIHRoZSBhc3luYyBjdXN0b20gcmVzb3VyY2UgbGFtYmRhIGZ1bmN0aW9uLlxuICpcbiAqIEFueSBsaWZlY3ljbGUgZXZlbnQgY2hhbmdlcyB0byB0aGUgY3VzdG9tIHJlc291cmNlcyB3aWxsIGludm9rZSB0aGlzIGhhbmRsZXIsIHdoaWNoIHdpbGwsIGluIHR1cm4sXG4gKiBpbnRlcmFjdCB3aXRoIHRoZSB1c2VyLWRlZmluZWQgYG9uRXZlbnRgIGFuZCBgaXNDb21wbGV0ZWAgaGFuZGxlcnMuXG4gKlxuICogVGhpcyBmdW5jdGlvbiB3aWxsIGFsd2F5cyBzdWNjZWVkLiBJZiBhbiBlcnJvciBvY2N1cnNcbiAqXG4gKiBAcGFyYW0gY2ZuUmVxdWVzdCBUaGUgY2xvdWRmb3JtYXRpb24gY3VzdG9tIHJlc291cmNlIGV2ZW50LlxuICovXG5hc3luYyBmdW5jdGlvbiBvbkV2ZW50KGNmblJlcXVlc3Q6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3Qgc2FuaXRpemVkUmVxdWVzdCA9IHsgLi4uY2ZuUmVxdWVzdCwgUmVzcG9uc2VVUkw6ICcuLi4nIH0gYXMgY29uc3Q7XG4gIGxvZygnb25FdmVudEhhbmRsZXInLCBzYW5pdGl6ZWRSZXF1ZXN0KTtcblxuICBjZm5SZXF1ZXN0LlJlc291cmNlUHJvcGVydGllcyA9IGNmblJlcXVlc3QuUmVzb3VyY2VQcm9wZXJ0aWVzIHx8IHsgfTtcblxuICBjb25zdCBvbkV2ZW50UmVzdWx0ID0gYXdhaXQgaW52b2tlVXNlckZ1bmN0aW9uKGNvbnN0cy5VU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTl9FTlYsIHNhbml0aXplZFJlcXVlc3QsIGNmblJlcXVlc3QuUmVzcG9uc2VVUkwpIGFzIE9uRXZlbnRSZXNwb25zZTtcbiAgbG9nKCdvbkV2ZW50IHJldHVybmVkOicsIG9uRXZlbnRSZXN1bHQpO1xuXG4gIC8vIG1lcmdlIHRoZSByZXF1ZXN0IGFuZCB0aGUgcmVzdWx0IGZyb20gb25FdmVudCB0byBmb3JtIHRoZSBjb21wbGV0ZSByZXNvdXJjZSBldmVudFxuICAvLyB0aGlzIGFsc28gcGVyZm9ybXMgdmFsaWRhdGlvbi5cbiAgY29uc3QgcmVzb3VyY2VFdmVudCA9IGNyZWF0ZVJlc3BvbnNlRXZlbnQoY2ZuUmVxdWVzdCwgb25FdmVudFJlc3VsdCk7XG4gIGxvZygnZXZlbnQ6Jywgb25FdmVudFJlc3VsdCk7XG5cbiAgLy8gZGV0ZXJtaW5lIGlmIHRoaXMgaXMgYW4gYXN5bmMgcHJvdmlkZXIgYmFzZWQgb24gd2hldGhlciB3ZSBoYXZlIGFuIGlzQ29tcGxldGUgaGFuZGxlciBkZWZpbmVkLlxuICAvLyBpZiBpdCBpcyBub3QgZGVmaW5lZCwgdGhlbiB3ZSBhcmUgYmFzaWNhbGx5IHJlYWR5IHRvIHJldHVybiBhIHBvc2l0aXZlIHJlc3BvbnNlLlxuICBpZiAoIXByb2Nlc3MuZW52W2NvbnN0cy5VU0VSX0lTX0NPTVBMRVRFX0ZVTkNUSU9OX0FSTl9FTlZdKSB7XG4gICAgcmV0dXJuIGNmblJlc3BvbnNlLnN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgcmVzb3VyY2VFdmVudCwgeyBub0VjaG86IHJlc291cmNlRXZlbnQuTm9FY2hvIH0pO1xuICB9XG5cbiAgLy8gb2ssIHdlIGFyZSBub3QgY29tcGxldGUsIHNvIGtpY2sgb2ZmIHRoZSB3YWl0ZXIgd29ya2Zsb3dcbiAgY29uc3Qgd2FpdGVyID0ge1xuICAgIHN0YXRlTWFjaGluZUFybjogZ2V0RW52KGNvbnN0cy5XQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WKSxcbiAgICBuYW1lOiByZXNvdXJjZUV2ZW50LlJlcXVlc3RJZCxcbiAgICBpbnB1dDogSlNPTi5zdHJpbmdpZnkocmVzb3VyY2VFdmVudCksXG4gIH07XG5cbiAgbG9nKCdzdGFydGluZyB3YWl0ZXInLCB3YWl0ZXIpO1xuXG4gIC8vIGtpY2sgb2ZmIHdhaXRlciBzdGF0ZSBtYWNoaW5lXG4gIGF3YWl0IHN0YXJ0RXhlY3V0aW9uKHdhaXRlcik7XG59XG5cbi8vIGludm9rZWQgYSBmZXcgdGltZXMgdW50aWwgYGNvbXBsZXRlYCBpcyB0cnVlIG9yIHVudGlsIGl0IHRpbWVzIG91dC5cbmFzeW5jIGZ1bmN0aW9uIGlzQ29tcGxldGUoZXZlbnQ6IEFXU0NES0FzeW5jQ3VzdG9tUmVzb3VyY2UuSXNDb21wbGV0ZVJlcXVlc3QpIHtcbiAgY29uc3Qgc2FuaXRpemVkUmVxdWVzdCA9IHsgLi4uZXZlbnQsIFJlc3BvbnNlVVJMOiAnLi4uJyB9IGFzIGNvbnN0O1xuICBsb2coJ2lzQ29tcGxldGUnLCBzYW5pdGl6ZWRSZXF1ZXN0KTtcblxuICBjb25zdCBpc0NvbXBsZXRlUmVzdWx0ID0gYXdhaXQgaW52b2tlVXNlckZ1bmN0aW9uKGNvbnN0cy5VU0VSX0lTX0NPTVBMRVRFX0ZVTkNUSU9OX0FSTl9FTlYsIHNhbml0aXplZFJlcXVlc3QsIGV2ZW50LlJlc3BvbnNlVVJMKSBhcyBJc0NvbXBsZXRlUmVzcG9uc2U7XG4gIGxvZygndXNlciBpc0NvbXBsZXRlIHJldHVybmVkOicsIGlzQ29tcGxldGVSZXN1bHQpO1xuXG4gIC8vIGlmIHdlIGFyZSBub3QgY29tcGxldGUsIHJldHVybiBmYWxzZSwgYW5kIGRvbid0IHNlbmQgYSByZXNwb25zZSBiYWNrLlxuICBpZiAoIWlzQ29tcGxldGVSZXN1bHQuSXNDb21wbGV0ZSkge1xuICAgIGlmIChpc0NvbXBsZXRlUmVzdWx0LkRhdGEgJiYgT2JqZWN0LmtleXMoaXNDb21wbGV0ZVJlc3VsdC5EYXRhKS5sZW5ndGggPiAwKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1wiRGF0YVwiIGlzIG5vdCBhbGxvd2VkIGlmIFwiSXNDb21wbGV0ZVwiIGlzIFwiRmFsc2VcIicpO1xuICAgIH1cblxuICAgIC8vIFRoaXMgbXVzdCBiZSB0aGUgZnVsbCBldmVudCwgaXQgd2lsbCBiZSBkZXNlcmlhbGl6ZWQgaW4gYG9uVGltZW91dGAgdG8gc2VuZCB0aGUgcmVzcG9uc2UgdG8gQ2xvdWRGb3JtYXRpb25cbiAgICB0aHJvdyBuZXcgY2ZuUmVzcG9uc2UuUmV0cnkoSlNPTi5zdHJpbmdpZnkoZXZlbnQpKTtcbiAgfVxuXG4gIGNvbnN0IHJlc3BvbnNlID0ge1xuICAgIC4uLmV2ZW50LFxuICAgIC4uLmlzQ29tcGxldGVSZXN1bHQsXG4gICAgRGF0YToge1xuICAgICAgLi4uZXZlbnQuRGF0YSxcbiAgICAgIC4uLmlzQ29tcGxldGVSZXN1bHQuRGF0YSxcbiAgICB9LFxuICB9O1xuXG4gIGF3YWl0IGNmblJlc3BvbnNlLnN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgcmVzcG9uc2UsIHsgbm9FY2hvOiBldmVudC5Ob0VjaG8gfSk7XG59XG5cbi8vIGludm9rZWQgd2hlbiBjb21wbGV0aW9uIHJldHJpZXMgYXJlIGV4aGF1c2VkLlxuYXN5bmMgZnVuY3Rpb24gb25UaW1lb3V0KHRpbWVvdXRFdmVudDogYW55KSB7XG4gIGxvZygndGltZW91dEhhbmRsZXInLCB0aW1lb3V0RXZlbnQpO1xuXG4gIGNvbnN0IGlzQ29tcGxldGVSZXF1ZXN0ID0gSlNPTi5wYXJzZShKU09OLnBhcnNlKHRpbWVvdXRFdmVudC5DYXVzZSkuZXJyb3JNZXNzYWdlKSBhcyBBV1NDREtBc3luY0N1c3RvbVJlc291cmNlLklzQ29tcGxldGVSZXF1ZXN0O1xuICBhd2FpdCBjZm5SZXNwb25zZS5zdWJtaXRSZXNwb25zZSgnRkFJTEVEJywgaXNDb21wbGV0ZVJlcXVlc3QsIHtcbiAgICByZWFzb246ICdPcGVyYXRpb24gdGltZWQgb3V0JyxcbiAgfSk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGludm9rZVVzZXJGdW5jdGlvbjxBIGV4dGVuZHMgeyBSZXNwb25zZVVSTDogJy4uLicgfT4oZnVuY3Rpb25Bcm5FbnY6IHN0cmluZywgc2FuaXRpemVkUGF5bG9hZDogQSwgcmVzcG9uc2VVcmw6IHN0cmluZykge1xuICBjb25zdCBmdW5jdGlvbkFybiA9IGdldEVudihmdW5jdGlvbkFybkVudik7XG4gIGxvZyhgZXhlY3V0aW5nIHVzZXIgZnVuY3Rpb24gJHtmdW5jdGlvbkFybn0gd2l0aCBwYXlsb2FkYCwgc2FuaXRpemVkUGF5bG9hZCk7XG5cbiAgLy8gdHJhbnNpZW50IGVycm9ycyBzdWNoIGFzIHRpbWVvdXRzLCB0aHJvdHRsaW5nIGVycm9ycyAoNDI5KSwgYW5kIG90aGVyXG4gIC8vIGVycm9ycyB0aGF0IGFyZW4ndCBjYXVzZWQgYnkgYSBiYWQgcmVxdWVzdCAoNTAwIHNlcmllcykgYXJlIHJldHJpZWRcbiAgLy8gYXV0b21hdGljYWxseSBieSB0aGUgSmF2YVNjcmlwdCBTREsuXG4gIGNvbnN0IHJlc3AgPSBhd2FpdCBpbnZva2VGdW5jdGlvbih7XG4gICAgRnVuY3Rpb25OYW1lOiBmdW5jdGlvbkFybixcblxuICAgIC8vIENhbm5vdCBzdHJpcCAnUmVzcG9uc2VVUkwnIGhlcmUgYXMgdGhpcyB3b3VsZCBiZSBhIGJyZWFraW5nIGNoYW5nZSBldmVuIHRob3VnaCB0aGUgZG93bnN0cmVhbSBDUiBkb2Vzbid0IG5lZWQgaXRcbiAgICBQYXlsb2FkOiBKU09OLnN0cmluZ2lmeSh7IC4uLnNhbml0aXplZFBheWxvYWQsIFJlc3BvbnNlVVJMOiByZXNwb25zZVVybCB9KSxcbiAgfSk7XG5cbiAgbG9nKCd1c2VyIGZ1bmN0aW9uIHJlc3BvbnNlOicsIHJlc3AsIHR5cGVvZihyZXNwKSk7XG5cbiAgY29uc3QganNvblBheWxvYWQgPSBwYXJzZUpzb25QYXlsb2FkKHJlc3AuUGF5bG9hZCk7XG4gIGlmIChyZXNwLkZ1bmN0aW9uRXJyb3IpIHtcbiAgICBsb2coJ3VzZXIgZnVuY3Rpb24gdGhyZXcgYW4gZXJyb3I6JywgcmVzcC5GdW5jdGlvbkVycm9yKTtcblxuICAgIGNvbnN0IGVycm9yTWVzc2FnZSA9IGpzb25QYXlsb2FkLmVycm9yTWVzc2FnZSB8fCAnZXJyb3InO1xuXG4gICAgLy8gcGFyc2UgZnVuY3Rpb24gbmFtZSBmcm9tIGFyblxuICAgIC8vIGFybjoke1BhcnRpdGlvbn06bGFtYmRhOiR7UmVnaW9ufToke0FjY291bnR9OmZ1bmN0aW9uOiR7RnVuY3Rpb25OYW1lfVxuICAgIGNvbnN0IGFybiA9IGZ1bmN0aW9uQXJuLnNwbGl0KCc6Jyk7XG4gICAgY29uc3QgZnVuY3Rpb25OYW1lID0gYXJuW2Fybi5sZW5ndGggLSAxXTtcblxuICAgIC8vIGFwcGVuZCBhIHJlZmVyZW5jZSB0byB0aGUgbG9nIGdyb3VwLlxuICAgIGNvbnN0IG1lc3NhZ2UgPSBbXG4gICAgICBlcnJvck1lc3NhZ2UsXG4gICAgICAnJyxcbiAgICAgIGBMb2dzOiAvYXdzL2xhbWJkYS8ke2Z1bmN0aW9uTmFtZX1gLCAvLyBjbG91ZHdhdGNoIGxvZyBncm91cFxuICAgICAgJycsXG4gICAgXS5qb2luKCdcXG4nKTtcblxuICAgIGNvbnN0IGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7XG5cbiAgICAvLyB0aGUgb3V0cHV0IHRoYXQgZ29lcyB0byBDRk4gaXMgd2hhdCdzIGluIGBzdGFja2AsIG5vdCB0aGUgZXJyb3IgbWVzc2FnZS5cbiAgICAvLyBpZiB3ZSBoYXZlIGEgcmVtb3RlIHRyYWNlLCBjb25zdHJ1Y3QgYSBuaWNlIG1lc3NhZ2Ugd2l0aCBsb2cgZ3JvdXAgaW5mb3JtYXRpb25cbiAgICBpZiAoanNvblBheWxvYWQudHJhY2UpIHtcbiAgICAgIC8vIHNraXAgZmlyc3QgdHJhY2UgbGluZSBiZWNhdXNlIGl0J3MgdGhlIG1lc3NhZ2VcbiAgICAgIGUuc3RhY2sgPSBbbWVzc2FnZSwgLi4uanNvblBheWxvYWQudHJhY2Uuc2xpY2UoMSldLmpvaW4oJ1xcbicpO1xuICAgIH1cblxuICAgIHRocm93IGU7XG4gIH1cblxuICByZXR1cm4ganNvblBheWxvYWQ7XG59XG5cbmZ1bmN0aW9uIHBhcnNlSnNvblBheWxvYWQocGF5bG9hZDogYW55KTogYW55IHtcbiAgaWYgKCFwYXlsb2FkKSB7IHJldHVybiB7IH07IH1cbiAgY29uc3QgdGV4dCA9IHBheWxvYWQudG9TdHJpbmcoKTtcbiAgdHJ5IHtcbiAgICByZXR1cm4gSlNPTi5wYXJzZSh0ZXh0KTtcbiAgfSBjYXRjaCAoZSkge1xuICAgIHRocm93IG5ldyBFcnJvcihgcmV0dXJuIHZhbHVlcyBmcm9tIHVzZXItaGFuZGxlcnMgbXVzdCBiZSBKU09OIG9iamVjdHMuIGdvdDogXCIke3RleHR9XCJgKTtcbiAgfVxufVxuXG5mdW5jdGlvbiBjcmVhdGVSZXNwb25zZUV2ZW50KGNmblJlcXVlc3Q6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQsIG9uRXZlbnRSZXN1bHQ6IE9uRXZlbnRSZXNwb25zZSk6IEFXU0NES0FzeW5jQ3VzdG9tUmVzb3VyY2UuSXNDb21wbGV0ZVJlcXVlc3Qge1xuICAvL1xuICAvLyB2YWxpZGF0ZSB0aGF0IG9uRXZlbnRSZXN1bHQgYWx3YXlzIGluY2x1ZGVzIGEgUGh5c2ljYWxSZXNvdXJjZUlkXG5cbiAgb25FdmVudFJlc3VsdCA9IG9uRXZlbnRSZXN1bHQgfHwgeyB9O1xuXG4gIC8vIGlmIHBoeXNpY2FsIElEIGlzIG5vdCByZXR1cm5lZCwgd2UgaGF2ZSBzb21lIGRlZmF1bHRzIGZvciB5b3UgYmFzZWRcbiAgLy8gb24gdGhlIHJlcXVlc3QgdHlwZS5cbiAgY29uc3QgcGh5c2ljYWxSZXNvdXJjZUlkID0gb25FdmVudFJlc3VsdC5QaHlzaWNhbFJlc291cmNlSWQgfHwgZGVmYXVsdFBoeXNpY2FsUmVzb3VyY2VJZChjZm5SZXF1ZXN0KTtcblxuICAvLyBpZiB3ZSBhcmUgaW4gREVMRVRFIGFuZCBwaHlzaWNhbCBJRCB3YXMgY2hhbmdlZCwgaXQncyBhbiBlcnJvci5cbiAgaWYgKGNmblJlcXVlc3QuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnICYmIHBoeXNpY2FsUmVzb3VyY2VJZCAhPT0gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYERFTEVURTogY2Fubm90IGNoYW5nZSB0aGUgcGh5c2ljYWwgcmVzb3VyY2UgSUQgZnJvbSBcIiR7Y2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgdG8gXCIke29uRXZlbnRSZXN1bHQuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIGR1cmluZyBkZWxldGlvbmApO1xuICB9XG5cbiAgLy8gaWYgd2UgYXJlIGluIFVQREFURSBhbmQgcGh5c2ljYWwgSUQgd2FzIGNoYW5nZWQsIGl0J3MgYSByZXBsYWNlbWVudCAoanVzdCBsb2cpXG4gIGlmIChjZm5SZXF1ZXN0LlJlcXVlc3RUeXBlID09PSAnVXBkYXRlJyAmJiBwaHlzaWNhbFJlc291cmNlSWQgIT09IGNmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkKSB7XG4gICAgbG9nKGBVUERBVEU6IGNoYW5naW5nIHBoeXNpY2FsIHJlc291cmNlIElEIGZyb20gXCIke2NmblJlcXVlc3QuUGh5c2ljYWxSZXNvdXJjZUlkfVwiIHRvIFwiJHtvbkV2ZW50UmVzdWx0LlBoeXNpY2FsUmVzb3VyY2VJZH1cImApO1xuICB9XG5cbiAgLy8gbWVyZ2UgcmVxdWVzdCBldmVudCBhbmQgcmVzdWx0IGV2ZW50IChyZXN1bHQgcHJldmFpbHMpLlxuICByZXR1cm4ge1xuICAgIC4uLmNmblJlcXVlc3QsXG4gICAgLi4ub25FdmVudFJlc3VsdCxcbiAgICBQaHlzaWNhbFJlc291cmNlSWQ6IHBoeXNpY2FsUmVzb3VyY2VJZCxcbiAgfTtcbn1cblxuLyoqXG4gKiBDYWxjdWxhdGVzIHRoZSBkZWZhdWx0IHBoeXNpY2FsIHJlc291cmNlIElEIGJhc2VkIGluIGNhc2UgdXNlciBoYW5kbGVyIGRpZFxuICogbm90IHJldHVybiBhIFBoeXNpY2FsUmVzb3VyY2VJZC5cbiAqXG4gKiBGb3IgXCJDUkVBVEVcIiwgaXQgdXNlcyB0aGUgUmVxdWVzdElkLlxuICogRm9yIFwiVVBEQVRFXCIgYW5kIFwiREVMRVRFXCIgYW5kIHJldHVybnMgdGhlIGN1cnJlbnQgUGh5c2ljYWxSZXNvdXJjZUlkICh0aGUgb25lIHByb3ZpZGVkIGluIGBldmVudGApLlxuICovXG5mdW5jdGlvbiBkZWZhdWx0UGh5c2ljYWxSZXNvdXJjZUlkKHJlcTogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCk6IHN0cmluZyB7XG4gIHN3aXRjaCAocmVxLlJlcXVlc3RUeXBlKSB7XG4gICAgY2FzZSAnQ3JlYXRlJzpcbiAgICAgIHJldHVybiByZXEuUmVxdWVzdElkO1xuXG4gICAgY2FzZSAnVXBkYXRlJzpcbiAgICBjYXNlICdEZWxldGUnOlxuICAgICAgcmV0dXJuIHJlcS5QaHlzaWNhbFJlc291cmNlSWQ7XG5cbiAgICBkZWZhdWx0OlxuICAgICAgdGhyb3cgbmV3IEVycm9yKGBJbnZhbGlkIFwiUmVxdWVzdFR5cGVcIiBpbiByZXF1ZXN0IFwiJHtKU09OLnN0cmluZ2lmeShyZXEpfVwiYCk7XG4gIH1cbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/outbound.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/outbound.js new file mode 100644 index 0000000000000..cc0667d42f0e8 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/outbound.js @@ -0,0 +1,69 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.httpRequest = exports.invokeFunction = exports.startExecution = void 0; +/* istanbul ignore file */ +const https = require("https"); +// eslint-disable-next-line import/no-extraneous-dependencies +const AWS = require("aws-sdk"); +const FRAMEWORK_HANDLER_TIMEOUT = 900000; // 15 minutes +// In order to honor the overall maximum timeout set for the target process, +// the default 2 minutes from AWS SDK has to be overriden: +// https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Config.html#httpOptions-property +const awsSdkConfig = { + httpOptions: { timeout: FRAMEWORK_HANDLER_TIMEOUT }, +}; +async function defaultHttpRequest(options, responseBody) { + return new Promise((resolve, reject) => { + try { + const request = https.request(options, resolve); + request.on('error', reject); + request.write(responseBody); + request.end(); + } + catch (e) { + reject(e); + } + }); +} +let sfn; +let lambda; +async function defaultStartExecution(req) { + if (!sfn) { + sfn = new AWS.StepFunctions(awsSdkConfig); + } + return sfn.startExecution(req).promise(); +} +async function defaultInvokeFunction(req) { + if (!lambda) { + lambda = new AWS.Lambda(awsSdkConfig); + } + try { + /** + * Try an initial invoke. + * + * When you try to invoke a function that is inactive, the invocation fails and Lambda sets + * the function to pending state until the function resources are recreated. + * If Lambda fails to recreate the resources, the function is set to the inactive state. + * + * We're using invoke first because `waitFor` doesn't trigger an inactive function to do anything, + * it just runs `getFunction` and checks the state. + */ + return await lambda.invoke(req).promise(); + } + catch (error) { + /** + * The status of the Lambda function is checked every second for up to 300 seconds. + * Exits the loop on 'Active' state and throws an error on 'Inactive' or 'Failed'. + * + * And now we wait. + */ + await lambda.waitFor('functionActiveV2', { + FunctionName: req.FunctionName, + }).promise(); + return await lambda.invoke(req).promise(); + } +} +exports.startExecution = defaultStartExecution; +exports.invokeFunction = defaultInvokeFunction; +exports.httpRequest = defaultHttpRequest; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3V0Ym91bmQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJvdXRib3VuZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwwQkFBMEI7QUFDMUIsK0JBQStCO0FBQy9CLDZEQUE2RDtBQUM3RCwrQkFBK0I7QUFJL0IsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLENBQUMsQ0FBQyxhQUFhO0FBRXZELDRFQUE0RTtBQUM1RSwwREFBMEQ7QUFDMUQsMkZBQTJGO0FBQzNGLE1BQU0sWUFBWSxHQUF5QjtJQUN6QyxXQUFXLEVBQUUsRUFBRSxPQUFPLEVBQUUseUJBQXlCLEVBQUU7Q0FDcEQsQ0FBQztBQUVGLEtBQUssVUFBVSxrQkFBa0IsQ0FBQyxPQUE2QixFQUFFLFlBQW9CO0lBQ25GLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsSUFBSTtZQUNGLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQ2hELE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDNUIsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1NBQ2Y7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUNYO0lBQ0gsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsSUFBSSxHQUFzQixDQUFDO0FBQzNCLElBQUksTUFBa0IsQ0FBQztBQUV2QixLQUFLLFVBQVUscUJBQXFCLENBQUMsR0FBMEM7SUFDN0UsSUFBSSxDQUFDLEdBQUcsRUFBRTtRQUNSLEdBQUcsR0FBRyxJQUFJLEdBQUcsQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7S0FDM0M7SUFFRCxPQUFPLEdBQUcsQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7QUFDM0MsQ0FBQztBQUVELEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxHQUFpQztJQUNwRSxJQUFJLENBQUMsTUFBTSxFQUFFO1FBQ1gsTUFBTSxHQUFHLElBQUksR0FBRyxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztLQUN2QztJQUVELElBQUk7UUFDRjs7Ozs7Ozs7O1dBU0c7UUFDSCxPQUFPLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztLQUMzQztJQUFDLE9BQU8sS0FBSyxFQUFFO1FBRWQ7Ozs7O1dBS0c7UUFDSCxNQUFNLE1BQU0sQ0FBQyxPQUFPLENBQUMsa0JBQWtCLEVBQUU7WUFDdkMsWUFBWSxFQUFFLEdBQUcsQ0FBQyxZQUFZO1NBQy9CLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNiLE9BQU8sTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0tBQzNDO0FBQ0gsQ0FBQztBQUVVLFFBQUEsY0FBYyxHQUFHLHFCQUFxQixDQUFDO0FBQ3ZDLFFBQUEsY0FBYyxHQUFHLHFCQUFxQixDQUFDO0FBQ3ZDLFFBQUEsV0FBVyxHQUFHLGtCQUFrQixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogaXN0YW5idWwgaWdub3JlIGZpbGUgKi9cbmltcG9ydCAqIGFzIGh0dHBzIGZyb20gJ2h0dHBzJztcbi8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXNcbmltcG9ydCAqIGFzIEFXUyBmcm9tICdhd3Mtc2RrJztcbi8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXNcbmltcG9ydCB0eXBlIHsgQ29uZmlndXJhdGlvbk9wdGlvbnMgfSBmcm9tICdhd3Mtc2RrL2xpYi9jb25maWctYmFzZSc7XG5cbmNvbnN0IEZSQU1FV09SS19IQU5ETEVSX1RJTUVPVVQgPSA5MDAwMDA7IC8vIDE1IG1pbnV0ZXNcblxuLy8gSW4gb3JkZXIgdG8gaG9ub3IgdGhlIG92ZXJhbGwgbWF4aW11bSB0aW1lb3V0IHNldCBmb3IgdGhlIHRhcmdldCBwcm9jZXNzLFxuLy8gdGhlIGRlZmF1bHQgMiBtaW51dGVzIGZyb20gQVdTIFNESyBoYXMgdG8gYmUgb3ZlcnJpZGVuOlxuLy8gaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0FXU0phdmFTY3JpcHRTREsvbGF0ZXN0L0FXUy9Db25maWcuaHRtbCNodHRwT3B0aW9ucy1wcm9wZXJ0eVxuY29uc3QgYXdzU2RrQ29uZmlnOiBDb25maWd1cmF0aW9uT3B0aW9ucyA9IHtcbiAgaHR0cE9wdGlvbnM6IHsgdGltZW91dDogRlJBTUVXT1JLX0hBTkRMRVJfVElNRU9VVCB9LFxufTtcblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdEh0dHBSZXF1ZXN0KG9wdGlvbnM6IGh0dHBzLlJlcXVlc3RPcHRpb25zLCByZXNwb25zZUJvZHk6IHN0cmluZykge1xuICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgIHRyeSB7XG4gICAgICBjb25zdCByZXF1ZXN0ID0gaHR0cHMucmVxdWVzdChvcHRpb25zLCByZXNvbHZlKTtcbiAgICAgIHJlcXVlc3Qub24oJ2Vycm9yJywgcmVqZWN0KTtcbiAgICAgIHJlcXVlc3Qud3JpdGUocmVzcG9uc2VCb2R5KTtcbiAgICAgIHJlcXVlc3QuZW5kKCk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgcmVqZWN0KGUpO1xuICAgIH1cbiAgfSk7XG59XG5cbmxldCBzZm46IEFXUy5TdGVwRnVuY3Rpb25zO1xubGV0IGxhbWJkYTogQVdTLkxhbWJkYTtcblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdFN0YXJ0RXhlY3V0aW9uKHJlcTogQVdTLlN0ZXBGdW5jdGlvbnMuU3RhcnRFeGVjdXRpb25JbnB1dCk6IFByb21pc2U8QVdTLlN0ZXBGdW5jdGlvbnMuU3RhcnRFeGVjdXRpb25PdXRwdXQ+IHtcbiAgaWYgKCFzZm4pIHtcbiAgICBzZm4gPSBuZXcgQVdTLlN0ZXBGdW5jdGlvbnMoYXdzU2RrQ29uZmlnKTtcbiAgfVxuXG4gIHJldHVybiBzZm4uc3RhcnRFeGVjdXRpb24ocmVxKS5wcm9taXNlKCk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGRlZmF1bHRJbnZva2VGdW5jdGlvbihyZXE6IEFXUy5MYW1iZGEuSW52b2NhdGlvblJlcXVlc3QpOiBQcm9taXNlPEFXUy5MYW1iZGEuSW52b2NhdGlvblJlc3BvbnNlPiB7XG4gIGlmICghbGFtYmRhKSB7XG4gICAgbGFtYmRhID0gbmV3IEFXUy5MYW1iZGEoYXdzU2RrQ29uZmlnKTtcbiAgfVxuXG4gIHRyeSB7XG4gICAgLyoqXG4gICAgICogVHJ5IGFuIGluaXRpYWwgaW52b2tlLlxuICAgICAqXG4gICAgICogV2hlbiB5b3UgdHJ5IHRvIGludm9rZSBhIGZ1bmN0aW9uIHRoYXQgaXMgaW5hY3RpdmUsIHRoZSBpbnZvY2F0aW9uIGZhaWxzIGFuZCBMYW1iZGEgc2V0c1xuICAgICAqIHRoZSBmdW5jdGlvbiB0byBwZW5kaW5nIHN0YXRlIHVudGlsIHRoZSBmdW5jdGlvbiByZXNvdXJjZXMgYXJlIHJlY3JlYXRlZC5cbiAgICAgKiBJZiBMYW1iZGEgZmFpbHMgdG8gcmVjcmVhdGUgdGhlIHJlc291cmNlcywgdGhlIGZ1bmN0aW9uIGlzIHNldCB0byB0aGUgaW5hY3RpdmUgc3RhdGUuXG4gICAgICpcbiAgICAgKiBXZSdyZSB1c2luZyBpbnZva2UgZmlyc3QgYmVjYXVzZSBgd2FpdEZvcmAgZG9lc24ndCB0cmlnZ2VyIGFuIGluYWN0aXZlIGZ1bmN0aW9uIHRvIGRvIGFueXRoaW5nLFxuICAgICAqIGl0IGp1c3QgcnVucyBgZ2V0RnVuY3Rpb25gIGFuZCBjaGVja3MgdGhlIHN0YXRlLlxuICAgICAqL1xuICAgIHJldHVybiBhd2FpdCBsYW1iZGEuaW52b2tlKHJlcSkucHJvbWlzZSgpO1xuICB9IGNhdGNoIChlcnJvcikge1xuXG4gICAgLyoqXG4gICAgICogVGhlIHN0YXR1cyBvZiB0aGUgTGFtYmRhIGZ1bmN0aW9uIGlzIGNoZWNrZWQgZXZlcnkgc2Vjb25kIGZvciB1cCB0byAzMDAgc2Vjb25kcy5cbiAgICAgKiBFeGl0cyB0aGUgbG9vcCBvbiAnQWN0aXZlJyBzdGF0ZSBhbmQgdGhyb3dzIGFuIGVycm9yIG9uICdJbmFjdGl2ZScgb3IgJ0ZhaWxlZCcuXG4gICAgICpcbiAgICAgKiBBbmQgbm93IHdlIHdhaXQuXG4gICAgICovXG4gICAgYXdhaXQgbGFtYmRhLndhaXRGb3IoJ2Z1bmN0aW9uQWN0aXZlVjInLCB7XG4gICAgICBGdW5jdGlvbk5hbWU6IHJlcS5GdW5jdGlvbk5hbWUsXG4gICAgfSkucHJvbWlzZSgpO1xuICAgIHJldHVybiBhd2FpdCBsYW1iZGEuaW52b2tlKHJlcSkucHJvbWlzZSgpO1xuICB9XG59XG5cbmV4cG9ydCBsZXQgc3RhcnRFeGVjdXRpb24gPSBkZWZhdWx0U3RhcnRFeGVjdXRpb247XG5leHBvcnQgbGV0IGludm9rZUZ1bmN0aW9uID0gZGVmYXVsdEludm9rZUZ1bmN0aW9uO1xuZXhwb3J0IGxldCBodHRwUmVxdWVzdCA9IGRlZmF1bHRIdHRwUmVxdWVzdDtcbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/util.js b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/util.js new file mode 100644 index 0000000000000..f09276d40ac91 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585/util.js @@ -0,0 +1,39 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.withRetries = exports.log = exports.getEnv = void 0; +function getEnv(name) { + const value = process.env[name]; + if (!value) { + throw new Error(`The environment variable "${name}" is not defined`); + } + return value; +} +exports.getEnv = getEnv; +function log(title, ...args) { + console.log('[provider-framework]', title, ...args.map(x => typeof (x) === 'object' ? JSON.stringify(x, undefined, 2) : x)); +} +exports.log = log; +function withRetries(options, fn) { + return async (...xs) => { + let attempts = options.attempts; + let ms = options.sleep; + while (true) { + try { + return await fn(...xs); + } + catch (e) { + if (attempts-- <= 0) { + throw e; + } + await sleep(Math.floor(Math.random() * ms)); + ms *= 2; + } + } + }; +} +exports.withRetries = withRetries; +async function sleep(ms) { + return new Promise((ok) => setTimeout(ok, ms)); +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLCtCQUErQjs7O0FBRS9CLFNBQWdCLE1BQU0sQ0FBQyxJQUFZO0lBQ2pDLE1BQU0sS0FBSyxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDaEMsSUFBSSxDQUFDLEtBQUssRUFBRTtRQUNWLE1BQU0sSUFBSSxLQUFLLENBQUMsNkJBQTZCLElBQUksa0JBQWtCLENBQUMsQ0FBQztLQUN0RTtJQUNELE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQztBQU5ELHdCQU1DO0FBRUQsU0FBZ0IsR0FBRyxDQUFDLEtBQVUsRUFBRSxHQUFHLElBQVc7SUFDNUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxzQkFBc0IsRUFBRSxLQUFLLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQzdILENBQUM7QUFGRCxrQkFFQztBQVNELFNBQWdCLFdBQVcsQ0FBMEIsT0FBcUIsRUFBRSxFQUE0QjtJQUN0RyxPQUFPLEtBQUssRUFBRSxHQUFHLEVBQUssRUFBRSxFQUFFO1FBQ3hCLElBQUksUUFBUSxHQUFHLE9BQU8sQ0FBQyxRQUFRLENBQUM7UUFDaEMsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUN2QixPQUFPLElBQUksRUFBRTtZQUNYLElBQUk7Z0JBQ0YsT0FBTyxNQUFNLEVBQUUsQ0FBQyxHQUFHLEVBQUUsQ0FBQyxDQUFDO2FBQ3hCO1lBQUMsT0FBTyxDQUFDLEVBQUU7Z0JBQ1YsSUFBSSxRQUFRLEVBQUUsSUFBSSxDQUFDLEVBQUU7b0JBQ25CLE1BQU0sQ0FBQyxDQUFDO2lCQUNUO2dCQUNELE1BQU0sS0FBSyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQzVDLEVBQUUsSUFBSSxDQUFDLENBQUM7YUFDVDtTQUNGO0lBQ0gsQ0FBQyxDQUFDO0FBQ0osQ0FBQztBQWhCRCxrQ0FnQkM7QUFFRCxLQUFLLFVBQVUsS0FBSyxDQUFDLEVBQVU7SUFDN0IsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsVUFBVSxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBQ2pELENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBuby1jb25zb2xlICovXG5cbmV4cG9ydCBmdW5jdGlvbiBnZXRFbnYobmFtZTogc3RyaW5nKTogc3RyaW5nIHtcbiAgY29uc3QgdmFsdWUgPSBwcm9jZXNzLmVudltuYW1lXTtcbiAgaWYgKCF2YWx1ZSkge1xuICAgIHRocm93IG5ldyBFcnJvcihgVGhlIGVudmlyb25tZW50IHZhcmlhYmxlIFwiJHtuYW1lfVwiIGlzIG5vdCBkZWZpbmVkYCk7XG4gIH1cbiAgcmV0dXJuIHZhbHVlO1xufVxuXG5leHBvcnQgZnVuY3Rpb24gbG9nKHRpdGxlOiBhbnksIC4uLmFyZ3M6IGFueVtdKSB7XG4gIGNvbnNvbGUubG9nKCdbcHJvdmlkZXItZnJhbWV3b3JrXScsIHRpdGxlLCAuLi5hcmdzLm1hcCh4ID0+IHR5cGVvZih4KSA9PT0gJ29iamVjdCcgPyBKU09OLnN0cmluZ2lmeSh4LCB1bmRlZmluZWQsIDIpIDogeCkpO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFJldHJ5T3B0aW9ucyB7XG4gIC8qKiBIb3cgbWFueSByZXRyaWVzICh3aWxsIGF0IGxlYXN0IHRyeSBvbmNlKSAqL1xuICByZWFkb25seSBhdHRlbXB0czogbnVtYmVyO1xuICAvKiogU2xlZXAgYmFzZSwgaW4gbXMgKi9cbiAgcmVhZG9ubHkgc2xlZXA6IG51bWJlcjtcbn1cblxuZXhwb3J0IGZ1bmN0aW9uIHdpdGhSZXRyaWVzPEEgZXh0ZW5kcyBBcnJheTxhbnk+LCBCPihvcHRpb25zOiBSZXRyeU9wdGlvbnMsIGZuOiAoLi4ueHM6IEEpID0+IFByb21pc2U8Qj4pOiAoLi4ueHM6IEEpID0+IFByb21pc2U8Qj4ge1xuICByZXR1cm4gYXN5bmMgKC4uLnhzOiBBKSA9PiB7XG4gICAgbGV0IGF0dGVtcHRzID0gb3B0aW9ucy5hdHRlbXB0cztcbiAgICBsZXQgbXMgPSBvcHRpb25zLnNsZWVwO1xuICAgIHdoaWxlICh0cnVlKSB7XG4gICAgICB0cnkge1xuICAgICAgICByZXR1cm4gYXdhaXQgZm4oLi4ueHMpO1xuICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICBpZiAoYXR0ZW1wdHMtLSA8PSAwKSB7XG4gICAgICAgICAgdGhyb3cgZTtcbiAgICAgICAgfVxuICAgICAgICBhd2FpdCBzbGVlcChNYXRoLmZsb29yKE1hdGgucmFuZG9tKCkgKiBtcykpO1xuICAgICAgICBtcyAqPSAyO1xuICAgICAgfVxuICAgIH1cbiAgfTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gc2xlZXAobXM6IG51bWJlcik6IFByb21pc2U8dm9pZD4ge1xuICByZXR1cm4gbmV3IFByb21pc2UoKG9rKSA9PiBzZXRUaW1lb3V0KG9rLCBtcykpO1xufSJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.assets.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.assets.json new file mode 100644 index 0000000000000..b131927baa994 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.assets.json @@ -0,0 +1,45 @@ +{ + "version": "30.1.0", + "files": { + "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338": { + "source": { + "path": "asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585": { + "source": { + "path": "asset.a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "7094687c9f7ce700c5a887282262a42bec06499b08c74fde3ab8a5f7ab09a496": { + "source": { + "path": "aws-cdk-redshift-cluster-database.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "7094687c9f7ce700c5a887282262a42bec06499b08c74fde3ab8a5f7ab09a496.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.template.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.template.json new file mode 100644 index 0000000000000..9fec2ae78c07c --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/aws-cdk-redshift-cluster-database.template.json @@ -0,0 +1,877 @@ +{ + "Resources": { + "customkmskey377C6F9A": { + "Type": "AWS::KMS::Key", + "Properties": { + "KeyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-redshift-cluster-database/Vpc" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterSubnetsDCFA5CB7": { + "Type": "AWS::Redshift::ClusterSubnetGroup", + "Properties": { + "Description": "Subnets for Cluster Redshift cluster", + "SubnetIds": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterSecurityGroup0921994B": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Redshift security group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterSecret6368BD0F": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": { + "ExcludeCharacters": "\"@/\\ '", + "GenerateStringKey": "password", + "PasswordLength": 30, + "SecretStringTemplate": "{\"username\":\"admin\"}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterSecretAttachment769E6258": { + "Type": "AWS::SecretsManager::SecretTargetAttachment", + "Properties": { + "SecretId": { + "Ref": "ClusterSecret6368BD0F" + }, + "TargetId": { + "Ref": "ClusterEB0386A7" + }, + "TargetType": "AWS::Redshift::Cluster" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ClusterEB0386A7": { + "Type": "AWS::Redshift::Cluster", + "Properties": { + "ClusterType": "multi-node", + "DBName": "my_db", + "MasterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:username::}}" + ] + ] + }, + "MasterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:password::}}" + ] + ] + }, + "NodeType": "dc2.large", + "AllowVersionUpgrade": true, + "AutomatedSnapshotRetentionPeriod": 1, + "ClusterSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "Encrypted": true, + "KmsKeyId": { + "Ref": "customkmskey377C6F9A" + }, + "NumberOfNodes": 2, + "PubliclyAccessible": true, + "VpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "ClusterSecurityGroup0921994B", + "GroupId" + ] + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "TableProviderframeworkonEventServiceRoleC3128F67": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "TableProviderframeworkonEventServiceRoleDefaultPolicyAD08715D": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "TableProviderframeworkonEventServiceRoleDefaultPolicyAD08715D", + "Roles": [ + { + "Ref": "TableProviderframeworkonEventServiceRoleC3128F67" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "TableProviderframeworkonEvent97F3951A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585.zip" + }, + "Role": { + "Fn::GetAtt": [ + "TableProviderframeworkonEventServiceRoleC3128F67", + "Arn" + ] + }, + "Description": "AWS CDK resource provider framework - onEvent (aws-cdk-redshift-cluster-database/Table/Resource/Provider)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + } + } + }, + "Handler": "framework.onEvent", + "Runtime": "nodejs14.x", + "Timeout": 900 + }, + "DependsOn": [ + "TableProviderframeworkonEventServiceRoleDefaultPolicyAD08715D", + "TableProviderframeworkonEventServiceRoleC3128F67" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "Table7ABB320E": { + "Type": "Custom::RedshiftDatabaseQuery", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "TableProviderframeworkonEvent97F3951A", + "Arn" + ] + }, + "handler": "table", + "clusterName": { + "Ref": "ClusterEB0386A7" + }, + "adminUserArn": { + "Ref": "ClusterSecretAttachment769E6258" + }, + "databaseName": "my_db", + "tableName": { + "prefix": "awscdkredshiftclusterdatabaseTable24923533", + "generateSuffix": "true" + }, + "tableColumns": [ + { + "id": "col1", + "name": "col1", + "dataType": "varchar(4)" + }, + { + "id": "col2", + "name": "col2", + "dataType": "float" + }, + { + "id": "col3", + "name": "col3", + "dataType": "float" + } + ], + "sortStyle": "AUTO", + "useColumnIds": true + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRoleDefaultPolicyDDD1388D": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "redshift-data:DescribeStatement", + "redshift-data:ExecuteStatement" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "ClusterSecretAttachment769E6258" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRoleDefaultPolicyDDD1388D", + "Roles": [ + { + "Ref": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717" + } + ] + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip" + }, + "Role": { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "nodejs14.x", + "Timeout": 60 + }, + "DependsOn": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRoleDefaultPolicyDDD1388D", + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/cdk.out b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/cdk.out new file mode 100644 index 0000000000000..b72fef144f05c --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/integ.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/integ.json new file mode 100644 index 0000000000000..43c7d308e429c --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "30.1.0", + "testCases": { + "redshift-cluster-database-integ/DefaultTest": { + "stacks": [ + "aws-cdk-redshift-cluster-database" + ], + "assertionStack": "redshift-cluster-database-integ/DefaultTest/DeployAssert", + "assertionStackName": "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/manifest.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/manifest.json new file mode 100644 index 0000000000000..9a7b11828d454 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/manifest.json @@ -0,0 +1,321 @@ +{ + "version": "30.1.0", + "artifacts": { + "aws-cdk-redshift-cluster-database.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-redshift-cluster-database.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-redshift-cluster-database": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-redshift-cluster-database.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7094687c9f7ce700c5a887282262a42bec06499b08c74fde3ab8a5f7ab09a496.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-redshift-cluster-database.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-redshift-cluster-database.assets" + ], + "metadata": { + "/aws-cdk-redshift-cluster-database/custom-kms-key/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "customkmskey377C6F9A" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/aws-cdk-redshift-cluster-database/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/aws-cdk-redshift-cluster-database/Cluster/Subnets/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSubnetsDCFA5CB7" + } + ], + "/aws-cdk-redshift-cluster-database/Cluster/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecurityGroup0921994B" + } + ], + "/aws-cdk-redshift-cluster-database/Cluster/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecret6368BD0F" + } + ], + "/aws-cdk-redshift-cluster-database/Cluster/Secret/Attachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterSecretAttachment769E6258" + } + ], + "/aws-cdk-redshift-cluster-database/Cluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ClusterEB0386A7" + } + ], + "/aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TableProviderframeworkonEventServiceRoleC3128F67" + } + ], + "/aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TableProviderframeworkonEventServiceRoleDefaultPolicyAD08715D" + } + ], + "/aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TableProviderframeworkonEvent97F3951A" + } + ], + "/aws-cdk-redshift-cluster-database/Table/Resource/Resource/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "Table7ABB320E" + } + ], + "/aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717" + } + ], + "/aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRoleDefaultPolicyDDD1388D" + } + ], + "/aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997" + } + ], + "/aws-cdk-redshift-cluster-database/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-redshift-cluster-database/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-redshift-cluster-database" + }, + "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets" + ], + "metadata": { + "/redshift-cluster-database-integ/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/redshift-cluster-database-integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "redshift-cluster-database-integ/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json new file mode 100644 index 0000000000000..a21d912bf150e --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/tree.json b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/tree.json new file mode 100644 index 0000000000000..cb08956bae6f0 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.js.snapshot/tree.json @@ -0,0 +1,1410 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-redshift-cluster-database": { + "id": "aws-cdk-redshift-cluster-database", + "path": "aws-cdk-redshift-cluster-database", + "children": { + "custom-kms-key": { + "id": "custom-kms-key", + "path": "aws-cdk-redshift-cluster-database/custom-kms-key", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/custom-kms-key/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KMS::Key", + "aws:cdk:cloudformation:props": { + "keyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.CfnKey", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-kms.Key", + "version": "0.0.0" + } + }, + "Vpc": { + "id": "Vpc", + "path": "aws-cdk-redshift-cluster-database/Vpc", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Vpc/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "subnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "allocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "subnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-redshift-cluster-database/Vpc/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-redshift-cluster-database/Vpc/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-redshift-cluster-database/Vpc" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-redshift-cluster-database/Vpc/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "vpcId": { + "Ref": "Vpc8378EB38" + }, + "internetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.Vpc", + "version": "0.0.0" + } + }, + "Cluster": { + "id": "Cluster", + "path": "aws-cdk-redshift-cluster-database/Cluster", + "children": { + "Subnets": { + "id": "Subnets", + "path": "aws-cdk-redshift-cluster-database/Cluster/Subnets", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-redshift-cluster-database/Cluster/Subnets/Default", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Redshift::ClusterSubnetGroup", + "aws:cdk:cloudformation:props": { + "description": "Subnets for Cluster Redshift cluster", + "subnetIds": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.CfnClusterSubnetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.ClusterSubnetGroup", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-redshift-cluster-database/Cluster/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Cluster/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "Redshift security group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "Secret": { + "id": "Secret", + "path": "aws-cdk-redshift-cluster-database/Cluster/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Cluster/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "generateSecretString": { + "passwordLength": 30, + "secretStringTemplate": "{\"username\":\"admin\"}", + "generateStringKey": "password", + "excludeCharacters": "\"@/\\ '" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + }, + "Attachment": { + "id": "Attachment", + "path": "aws-cdk-redshift-cluster-database/Cluster/Secret/Attachment", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Cluster/Secret/Attachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "ClusterSecret6368BD0F" + }, + "targetId": { + "Ref": "ClusterEB0386A7" + }, + "targetType": "AWS::Redshift::Cluster" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.DatabaseSecret", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Cluster/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Redshift::Cluster", + "aws:cdk:cloudformation:props": { + "clusterType": "multi-node", + "dbName": "my_db", + "masterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:username::}}" + ] + ] + }, + "masterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "ClusterSecret6368BD0F" + }, + ":SecretString:password::}}" + ] + ] + }, + "nodeType": "dc2.large", + "allowVersionUpgrade": true, + "automatedSnapshotRetentionPeriod": 1, + "clusterSubnetGroupName": { + "Ref": "ClusterSubnetsDCFA5CB7" + }, + "encrypted": true, + "kmsKeyId": { + "Ref": "customkmskey377C6F9A" + }, + "numberOfNodes": 2, + "publiclyAccessible": true, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "ClusterSecurityGroup0921994B", + "GroupId" + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.CfnCluster", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.Cluster", + "version": "0.0.0" + } + }, + "Table": { + "id": "Table", + "path": "aws-cdk-redshift-cluster-database/Table", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Table/Resource", + "children": { + "Handler": { + "id": "Handler", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Handler", + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.SingletonFunction", + "version": "0.0.0" + } + }, + "Provider": { + "id": "Provider", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider", + "children": { + "framework-onEvent": { + "id": "framework-onEvent", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "TableProviderframeworkonEventServiceRoleDefaultPolicyAD08715D", + "roles": [ + { + "Ref": "TableProviderframeworkonEventServiceRoleC3128F67" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Provider/framework-onEvent/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "a8a62b989c7866e3ad5b24f3eb6228f8ca91ebff5f5c76f1da466f6c805c0585.zip" + }, + "role": { + "Fn::GetAtt": [ + "TableProviderframeworkonEventServiceRoleC3128F67", + "Arn" + ] + }, + "description": "AWS CDK resource provider framework - onEvent (aws-cdk-redshift-cluster-database/Table/Resource/Provider)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5f3DF81997", + "Arn" + ] + } + } + }, + "handler": "framework.onEvent", + "runtime": "nodejs14.x", + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/custom-resources.Provider", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Resource", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-redshift-cluster-database/Table/Resource/Resource/Default", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.CustomResource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.252" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-redshift.Table", + "version": "0.0.0" + } + }, + "Query Redshift Database3de5bea727da479686625efb56431b5f": { + "id": "Query Redshift Database3de5bea727da479686625efb56431b5f", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/ServiceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "redshift-data:DescribeStatement", + "redshift-data:ExecuteStatement" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "ClusterSecretAttachment769E6258" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRoleDefaultPolicyDDD1388D", + "roles": [ + { + "Ref": "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-redshift-cluster-database/Query Redshift Database3de5bea727da479686625efb56431b5f/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip" + }, + "role": { + "Fn::GetAtt": [ + "QueryRedshiftDatabase3de5bea727da479686625efb56431b5fServiceRole0A90D717", + "Arn" + ] + }, + "handler": "index.handler", + "runtime": "nodejs14.x", + "timeout": 60 + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-redshift-cluster-database/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-redshift-cluster-database/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "redshift-cluster-database-integ": { + "id": "redshift-cluster-database-integ", + "path": "redshift-cluster-database-integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "redshift-cluster-database-integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "redshift-cluster-database-integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.252" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "redshift-cluster-database-integ/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "redshift-cluster-database-integ/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "redshift-cluster-database-integ/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.252" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.ts b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.ts new file mode 100644 index 0000000000000..71061883dc908 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database-columnid.ts @@ -0,0 +1,59 @@ +#!/usr/bin/env node +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as kms from '@aws-cdk/aws-kms'; +import * as cdk from '@aws-cdk/core'; +// eslint-disable-next-line import/no-extraneous-dependencies +import { REDSHIFT_COLUMN_ID } from '@aws-cdk/cx-api'; +import * as integ from '@aws-cdk/integ-tests'; +import * as constructs from 'constructs'; +import * as redshift from '../lib'; + +const useColumnIds = { [REDSHIFT_COLUMN_ID]: true }; + +const app = new cdk.App({ + context: useColumnIds, +}); + +const stack = new cdk.Stack(app, 'aws-cdk-redshift-cluster-database'); +cdk.Aspects.of(stack).add({ + visit(node: constructs.IConstruct) { + if (cdk.CfnResource.isCfnResource(node)) { + node.applyRemovalPolicy(cdk.RemovalPolicy.DESTROY); + } + }, +}); + +const key = new kms.Key(stack, 'custom-kms-key'); +const vpc = new ec2.Vpc(stack, 'Vpc'); +const databaseName = 'my_db'; +const cluster = new redshift.Cluster(stack, 'Cluster', { + vpc: vpc, + vpcSubnets: { + subnetType: ec2.SubnetType.PUBLIC, + }, + masterUser: { + masterUsername: 'admin', + }, + defaultDatabaseName: databaseName, + publiclyAccessible: true, + encryptionKey: key, +}); + +const databaseOptions = { + cluster: cluster, + databaseName: databaseName, +}; +new redshift.Table(stack, 'Table', { + ...databaseOptions, + tableColumns: [ + { id: 'col1', name: 'col1', dataType: 'varchar(4)' }, + { id: 'col2', name: 'col2', dataType: 'float' }, + { id: 'col3', name: 'col3', dataType: 'float' }, + ], +}); + +new integ.IntegTest(app, 'redshift-cluster-database-integ', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js new file mode 100644 index 0000000000000..4983115a93834 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/handler-name.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.HandlerName = void 0; +var HandlerName; +(function (HandlerName) { + HandlerName["User"] = "user"; + HandlerName["Table"] = "table"; + HandlerName["UserTablePrivileges"] = "user-table-privileges"; +})(HandlerName = exports.HandlerName || (exports.HandlerName = {})); +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGFuZGxlci1uYW1lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaGFuZGxlci1uYW1lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLElBQVksV0FJWDtBQUpELFdBQVksV0FBVztJQUNyQiw0QkFBYSxDQUFBO0lBQ2IsOEJBQWUsQ0FBQTtJQUNmLDREQUE2QyxDQUFBO0FBQy9DLENBQUMsRUFKVyxXQUFXLEdBQVgsbUJBQVcsS0FBWCxtQkFBVyxRQUl0QiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCBlbnVtIEhhbmRsZXJOYW1lIHtcbiAgVXNlciA9ICd1c2VyJyxcbiAgVGFibGUgPSAndGFibGUnLFxuICBVc2VyVGFibGVQcml2aWxlZ2VzID0gJ3VzZXItdGFibGUtcHJpdmlsZWdlcycsXG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js new file mode 100644 index 0000000000000..d7a8b52f2944c --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/index.js @@ -0,0 +1,21 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const handler_name_1 = require("./handler-name"); +const privileges_1 = require("./privileges"); +const table_1 = require("./table"); +const user_1 = require("./user"); +const HANDLERS = { + [handler_name_1.HandlerName.Table]: table_1.handler, + [handler_name_1.HandlerName.User]: user_1.handler, + [handler_name_1.HandlerName.UserTablePrivileges]: privileges_1.handler, +}; +async function handler(event) { + const subHandler = HANDLERS[event.ResourceProperties.handler]; + if (!subHandler) { + throw new Error(`Requested handler ${event.ResourceProperties.handler} is not in supported set: ${JSON.stringify(Object.keys(HANDLERS))}`); + } + return subHandler(event.ResourceProperties, event); +} +exports.handler = handler; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSxpREFBNkM7QUFDN0MsNkNBQTJEO0FBQzNELG1DQUFpRDtBQUNqRCxpQ0FBK0M7QUFFL0MsTUFBTSxRQUFRLEdBQWlIO0lBQzdILENBQUMsMEJBQVcsQ0FBQyxLQUFLLENBQUMsRUFBRSxlQUFXO0lBQ2hDLENBQUMsMEJBQVcsQ0FBQyxJQUFJLENBQUMsRUFBRSxjQUFVO0lBQzlCLENBQUMsMEJBQVcsQ0FBQyxtQkFBbUIsQ0FBQyxFQUFFLG9CQUFnQjtDQUNwRCxDQUFDO0FBRUssS0FBSyxVQUFVLE9BQU8sQ0FBQyxLQUFrRDtJQUM5RSxNQUFNLFVBQVUsR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE9BQXNCLENBQUMsQ0FBQztJQUM3RSxJQUFJLENBQUMsVUFBVSxFQUFFO1FBQ2YsTUFBTSxJQUFJLEtBQUssQ0FBQyxxQkFBcUIsS0FBSyxDQUFDLGtCQUFrQixDQUFDLE9BQU8sNkJBQTZCLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUM1STtJQUNELE9BQU8sVUFBVSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUNyRCxDQUFDO0FBTkQsMEJBTUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbmltcG9ydCB7IEhhbmRsZXJOYW1lIH0gZnJvbSAnLi9oYW5kbGVyLW5hbWUnO1xuaW1wb3J0IHsgaGFuZGxlciBhcyBtYW5hZ2VQcml2aWxlZ2VzIH0gZnJvbSAnLi9wcml2aWxlZ2VzJztcbmltcG9ydCB7IGhhbmRsZXIgYXMgbWFuYWdlVGFibGUgfSBmcm9tICcuL3RhYmxlJztcbmltcG9ydCB7IGhhbmRsZXIgYXMgbWFuYWdlVXNlciB9IGZyb20gJy4vdXNlcic7XG5cbmNvbnN0IEhBTkRMRVJTOiB7IFtrZXkgaW4gSGFuZGxlck5hbWVdOiAoKHByb3BzOiBhbnksIGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KSA9PiBQcm9taXNlPGFueT4pIH0gPSB7XG4gIFtIYW5kbGVyTmFtZS5UYWJsZV06IG1hbmFnZVRhYmxlLFxuICBbSGFuZGxlck5hbWUuVXNlcl06IG1hbmFnZVVzZXIsXG4gIFtIYW5kbGVyTmFtZS5Vc2VyVGFibGVQcml2aWxlZ2VzXTogbWFuYWdlUHJpdmlsZWdlcyxcbn07XG5cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBoYW5kbGVyKGV2ZW50OiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KSB7XG4gIGNvbnN0IHN1YkhhbmRsZXIgPSBIQU5ETEVSU1tldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuaGFuZGxlciBhcyBIYW5kbGVyTmFtZV07XG4gIGlmICghc3ViSGFuZGxlcikge1xuICAgIHRocm93IG5ldyBFcnJvcihgUmVxdWVzdGVkIGhhbmRsZXIgJHtldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuaGFuZGxlcn0gaXMgbm90IGluIHN1cHBvcnRlZCBzZXQ6ICR7SlNPTi5zdHJpbmdpZnkoT2JqZWN0LmtleXMoSEFORExFUlMpKX1gKTtcbiAgfVxuICByZXR1cm4gc3ViSGFuZGxlcihldmVudC5SZXNvdXJjZVByb3BlcnRpZXMsIGV2ZW50KTtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js new file mode 100644 index 0000000000000..8770142deb498 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/privileges.js @@ -0,0 +1,58 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const redshift_data_1 = require("./redshift-data"); +const util_1 = require("./util"); +async function handler(props, event) { + const username = props.username; + const tablePrivileges = props.tablePrivileges; + const clusterProps = props; + if (event.RequestType === 'Create') { + await grantPrivileges(username, tablePrivileges, clusterProps); + return { PhysicalResourceId: util_1.makePhysicalId(username, clusterProps, event.RequestId) }; + } + else if (event.RequestType === 'Delete') { + await revokePrivileges(username, tablePrivileges, clusterProps); + return; + } + else if (event.RequestType === 'Update') { + const { replace } = await updatePrivileges(username, tablePrivileges, clusterProps, event.OldResourceProperties); + const physicalId = replace ? util_1.makePhysicalId(username, clusterProps, event.RequestId) : event.PhysicalResourceId; + return { PhysicalResourceId: physicalId }; + } + else { + /* eslint-disable-next-line dot-notation */ + throw new Error(`Unrecognized event type: ${event['RequestType']}`); + } +} +exports.handler = handler; +async function revokePrivileges(username, tablePrivileges, clusterProps) { + await Promise.all(tablePrivileges.map(({ tableName, actions }) => { + return redshift_data_1.executeStatement(`REVOKE ${actions.join(', ')} ON ${tableName} FROM ${username}`, clusterProps); + })); +} +async function grantPrivileges(username, tablePrivileges, clusterProps) { + await Promise.all(tablePrivileges.map(({ tableName, actions }) => { + return redshift_data_1.executeStatement(`GRANT ${actions.join(', ')} ON ${tableName} TO ${username}`, clusterProps); + })); +} +async function updatePrivileges(username, tablePrivileges, clusterProps, oldResourceProperties) { + const oldClusterProps = oldResourceProperties; + if (clusterProps.clusterName !== oldClusterProps.clusterName || clusterProps.databaseName !== oldClusterProps.databaseName) { + await grantPrivileges(username, tablePrivileges, clusterProps); + return { replace: true }; + } + const oldUsername = oldResourceProperties.username; + if (oldUsername !== username) { + await grantPrivileges(username, tablePrivileges, clusterProps); + return { replace: true }; + } + const oldTablePrivileges = oldResourceProperties.tablePrivileges; + if (oldTablePrivileges !== tablePrivileges) { + await revokePrivileges(username, oldTablePrivileges, clusterProps); + await grantPrivileges(username, tablePrivileges, clusterProps); + return { replace: false }; + } + return { replace: false }; +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpdmlsZWdlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInByaXZpbGVnZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsbURBQW1EO0FBRW5ELGlDQUF3QztBQUdqQyxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQXFELEVBQUUsS0FBa0Q7SUFDckksTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLFFBQVEsQ0FBQztJQUNoQyxNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsZUFBZSxDQUFDO0lBQzlDLE1BQU0sWUFBWSxHQUFHLEtBQUssQ0FBQztJQUUzQixJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ2xDLE1BQU0sZUFBZSxDQUFDLFFBQVEsRUFBRSxlQUFlLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDL0QsT0FBTyxFQUFFLGtCQUFrQixFQUFFLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztLQUN4RjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxnQkFBZ0IsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ2hFLE9BQU87S0FDUjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sZ0JBQWdCLENBQ3hDLFFBQVEsRUFDUixlQUFlLEVBQ2YsWUFBWSxFQUNaLEtBQUssQ0FBQyxxQkFBdUUsQ0FDOUUsQ0FBQztRQUNGLE1BQU0sVUFBVSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMscUJBQWMsQ0FBQyxRQUFRLEVBQUUsWUFBWSxFQUFFLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLGtCQUFrQixDQUFDO1FBQ2hILE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxVQUFVLEVBQUUsQ0FBQztLQUMzQztTQUFNO1FBQ0wsMkNBQTJDO1FBQzNDLE1BQU0sSUFBSSxLQUFLLENBQUMsNEJBQTRCLEtBQUssQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDckU7QUFDSCxDQUFDO0FBeEJELDBCQXdCQztBQUVELEtBQUssVUFBVSxnQkFBZ0IsQ0FBQyxRQUFnQixFQUFFLGVBQWlDLEVBQUUsWUFBMEI7SUFDN0csTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO1FBQy9ELE9BQU8sZ0NBQWdCLENBQUMsVUFBVSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLFNBQVMsU0FBUyxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztJQUN6RyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQ04sQ0FBQztBQUVELEtBQUssVUFBVSxlQUFlLENBQUMsUUFBZ0IsRUFBRSxlQUFpQyxFQUFFLFlBQTBCO0lBQzVHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsT0FBTyxFQUFFLEVBQUUsRUFBRTtRQUMvRCxPQUFPLGdDQUFnQixDQUFDLFNBQVMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxTQUFTLE9BQU8sUUFBUSxFQUFFLEVBQUUsWUFBWSxDQUFDLENBQUM7SUFDdEcsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNOLENBQUM7QUFFRCxLQUFLLFVBQVUsZ0JBQWdCLENBQzdCLFFBQWdCLEVBQ2hCLGVBQWlDLEVBQ2pDLFlBQTBCLEVBQzFCLHFCQUFxRTtJQUVyRSxNQUFNLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQztJQUM5QyxJQUFJLFlBQVksQ0FBQyxXQUFXLEtBQUssZUFBZSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUgsTUFBTSxlQUFlLENBQUMsUUFBUSxFQUFFLGVBQWUsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUMvRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsTUFBTSxXQUFXLEdBQUcscUJBQXFCLENBQUMsUUFBUSxDQUFDO0lBQ25ELElBQUksV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUM1QixNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7S0FDMUI7SUFFRCxNQUFNLGtCQUFrQixHQUFHLHFCQUFxQixDQUFDLGVBQWUsQ0FBQztJQUNqRSxJQUFJLGtCQUFrQixLQUFLLGVBQWUsRUFBRTtRQUMxQyxNQUFNLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxrQkFBa0IsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNuRSxNQUFNLGVBQWUsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7S0FDM0I7SUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxDQUFDO0FBQzVCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbmltcG9ydCB7IGV4ZWN1dGVTdGF0ZW1lbnQgfSBmcm9tICcuL3JlZHNoaWZ0LWRhdGEnO1xuaW1wb3J0IHsgQ2x1c3RlclByb3BzIH0gZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBtYWtlUGh5c2ljYWxJZCB9IGZyb20gJy4vdXRpbCc7XG5pbXBvcnQgeyBUYWJsZVByaXZpbGVnZSwgVXNlclRhYmxlUHJpdmlsZWdlc0hhbmRsZXJQcm9wcyB9IGZyb20gJy4uL2hhbmRsZXItcHJvcHMnO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlclRhYmxlUHJpdmlsZWdlc0hhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgdGFibGVQcml2aWxlZ2VzID0gcHJvcHMudGFibGVQcml2aWxlZ2VzO1xuICBjb25zdCBjbHVzdGVyUHJvcHMgPSBwcm9wcztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIH07XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgcmV2b2tlUHJpdmlsZWdlcyh1c2VybmFtZSwgdGFibGVQcml2aWxlZ2VzLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVByaXZpbGVnZXMoXG4gICAgICB1c2VybmFtZSxcbiAgICAgIHRhYmxlUHJpdmlsZWdlcyxcbiAgICAgIGNsdXN0ZXJQcm9wcyxcbiAgICAgIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuICAgICk7XG4gICAgY29uc3QgcGh5c2ljYWxJZCA9IHJlcGxhY2UgPyBtYWtlUGh5c2ljYWxJZCh1c2VybmFtZSwgY2x1c3RlclByb3BzLCBldmVudC5SZXF1ZXN0SWQpIDogZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxJZCB9O1xuICB9IGVsc2Uge1xuICAgIC8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBkb3Qtbm90YXRpb24gKi9cbiAgICB0aHJvdyBuZXcgRXJyb3IoYFVucmVjb2duaXplZCBldmVudCB0eXBlOiAke2V2ZW50WydSZXF1ZXN0VHlwZSddfWApO1xuICB9XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHJldm9rZVByaXZpbGVnZXModXNlcm5hbWU6IHN0cmluZywgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBhd2FpdCBQcm9taXNlLmFsbCh0YWJsZVByaXZpbGVnZXMubWFwKCh7IHRhYmxlTmFtZSwgYWN0aW9ucyB9KSA9PiB7XG4gICAgcmV0dXJuIGV4ZWN1dGVTdGF0ZW1lbnQoYFJFVk9LRSAke2FjdGlvbnMuam9pbignLCAnKX0gT04gJHt0YWJsZU5hbWV9IEZST00gJHt1c2VybmFtZX1gLCBjbHVzdGVyUHJvcHMpO1xuICB9KSk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGdyYW50UHJpdmlsZWdlcyh1c2VybmFtZTogc3RyaW5nLCB0YWJsZVByaXZpbGVnZXM6IFRhYmxlUHJpdmlsZWdlW10sIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzKSB7XG4gIGF3YWl0IFByb21pc2UuYWxsKHRhYmxlUHJpdmlsZWdlcy5tYXAoKHsgdGFibGVOYW1lLCBhY3Rpb25zIH0pID0+IHtcbiAgICByZXR1cm4gZXhlY3V0ZVN0YXRlbWVudChgR1JBTlQgJHthY3Rpb25zLmpvaW4oJywgJyl9IE9OICR7dGFibGVOYW1lfSBUTyAke3VzZXJuYW1lfWAsIGNsdXN0ZXJQcm9wcyk7XG4gIH0pKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gdXBkYXRlUHJpdmlsZWdlcyhcbiAgdXNlcm5hbWU6IHN0cmluZyxcbiAgdGFibGVQcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdLFxuICBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcyxcbiAgb2xkUmVzb3VyY2VQcm9wZXJ0aWVzOiBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzLFxuKTogUHJvbWlzZTx7IHJlcGxhY2U6IGJvb2xlYW4gfT4ge1xuICBjb25zdCBvbGRDbHVzdGVyUHJvcHMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXM7XG4gIGlmIChjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSB8fCBjbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogdHJ1ZSB9O1xuICB9XG5cbiAgY29uc3Qgb2xkVXNlcm5hbWUgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudXNlcm5hbWU7XG4gIGlmIChvbGRVc2VybmFtZSAhPT0gdXNlcm5hbWUpIHtcbiAgICBhd2FpdCBncmFudFByaXZpbGVnZXModXNlcm5hbWUsIHRhYmxlUHJpdmlsZWdlcywgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRUYWJsZVByaXZpbGVnZXMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVQcml2aWxlZ2VzO1xuICBpZiAob2xkVGFibGVQcml2aWxlZ2VzICE9PSB0YWJsZVByaXZpbGVnZXMpIHtcbiAgICBhd2FpdCByZXZva2VQcml2aWxlZ2VzKHVzZXJuYW1lLCBvbGRUYWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgYXdhaXQgZ3JhbnRQcml2aWxlZ2VzKHVzZXJuYW1lLCB0YWJsZVByaXZpbGVnZXMsIGNsdXN0ZXJQcm9wcyk7XG4gICAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbiAgfVxuXG4gIHJldHVybiB7IHJlcGxhY2U6IGZhbHNlIH07XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js new file mode 100644 index 0000000000000..e65374f4ab7e0 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/redshift-data.js @@ -0,0 +1,37 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.executeStatement = void 0; +/* eslint-disable-next-line import/no-extraneous-dependencies */ +const RedshiftData = require("aws-sdk/clients/redshiftdata"); +const redshiftData = new RedshiftData(); +async function executeStatement(statement, clusterProps) { + const executeStatementProps = { + ClusterIdentifier: clusterProps.clusterName, + Database: clusterProps.databaseName, + SecretArn: clusterProps.adminUserArn, + Sql: statement, + }; + const executedStatement = await redshiftData.executeStatement(executeStatementProps).promise(); + if (!executedStatement.Id) { + throw new Error('Service error: Statement execution did not return a statement ID'); + } + await waitForStatementComplete(executedStatement.Id); +} +exports.executeStatement = executeStatement; +const waitTimeout = 100; +async function waitForStatementComplete(statementId) { + await new Promise((resolve) => { + setTimeout(() => resolve(), waitTimeout); + }); + const statement = await redshiftData.describeStatement({ Id: statementId }).promise(); + if (statement.Status !== 'FINISHED' && statement.Status !== 'FAILED' && statement.Status !== 'ABORTED') { + return waitForStatementComplete(statementId); + } + else if (statement.Status === 'FINISHED') { + return; + } + else { + throw new Error(`Statement status was ${statement.Status}: ${statement.Error}`); + } +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVkc2hpZnQtZGF0YS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInJlZHNoaWZ0LWRhdGEudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsZ0VBQWdFO0FBQ2hFLDZEQUE2RDtBQUc3RCxNQUFNLFlBQVksR0FBRyxJQUFJLFlBQVksRUFBRSxDQUFDO0FBRWpDLEtBQUssVUFBVSxnQkFBZ0IsQ0FBQyxTQUFpQixFQUFFLFlBQTBCO0lBQ2xGLE1BQU0scUJBQXFCLEdBQUc7UUFDNUIsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLFdBQVc7UUFDM0MsUUFBUSxFQUFFLFlBQVksQ0FBQyxZQUFZO1FBQ25DLFNBQVMsRUFBRSxZQUFZLENBQUMsWUFBWTtRQUNwQyxHQUFHLEVBQUUsU0FBUztLQUNmLENBQUM7SUFDRixNQUFNLGlCQUFpQixHQUFHLE1BQU0sWUFBWSxDQUFDLGdCQUFnQixDQUFDLHFCQUFxQixDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDL0YsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEVBQUUsRUFBRTtRQUN6QixNQUFNLElBQUksS0FBSyxDQUFDLGtFQUFrRSxDQUFDLENBQUM7S0FDckY7SUFDRCxNQUFNLHdCQUF3QixDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQyxDQUFDO0FBQ3ZELENBQUM7QUFaRCw0Q0FZQztBQUVELE1BQU0sV0FBVyxHQUFHLEdBQUcsQ0FBQztBQUN4QixLQUFLLFVBQVUsd0JBQXdCLENBQUMsV0FBbUI7SUFDekQsTUFBTSxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQThCLEVBQUUsRUFBRTtRQUNuRCxVQUFVLENBQUMsR0FBRyxFQUFFLENBQUMsT0FBTyxFQUFFLEVBQUUsV0FBVyxDQUFDLENBQUM7SUFDM0MsQ0FBQyxDQUFDLENBQUM7SUFDSCxNQUFNLFNBQVMsR0FBRyxNQUFNLFlBQVksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLEVBQUUsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ3RGLElBQUksU0FBUyxDQUFDLE1BQU0sS0FBSyxVQUFVLElBQUksU0FBUyxDQUFDLE1BQU0sS0FBSyxRQUFRLElBQUksU0FBUyxDQUFDLE1BQU0sS0FBSyxTQUFTLEVBQUU7UUFDdEcsT0FBTyx3QkFBd0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztLQUM5QztTQUFNLElBQUksU0FBUyxDQUFDLE1BQU0sS0FBSyxVQUFVLEVBQUU7UUFDMUMsT0FBTztLQUNSO1NBQU07UUFDTCxNQUFNLElBQUksS0FBSyxDQUFDLHdCQUF3QixTQUFTLENBQUMsTUFBTSxLQUFLLFNBQVMsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDO0tBQ2pGO0FBQ0gsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCAqIGFzIFJlZHNoaWZ0RGF0YSBmcm9tICdhd3Mtc2RrL2NsaWVudHMvcmVkc2hpZnRkYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuXG5jb25zdCByZWRzaGlmdERhdGEgPSBuZXcgUmVkc2hpZnREYXRhKCk7XG5cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBleGVjdXRlU3RhdGVtZW50KHN0YXRlbWVudDogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcyk6IFByb21pc2U8dm9pZD4ge1xuICBjb25zdCBleGVjdXRlU3RhdGVtZW50UHJvcHMgPSB7XG4gICAgQ2x1c3RlcklkZW50aWZpZXI6IGNsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSxcbiAgICBEYXRhYmFzZTogY2x1c3RlclByb3BzLmRhdGFiYXNlTmFtZSxcbiAgICBTZWNyZXRBcm46IGNsdXN0ZXJQcm9wcy5hZG1pblVzZXJBcm4sXG4gICAgU3FsOiBzdGF0ZW1lbnQsXG4gIH07XG4gIGNvbnN0IGV4ZWN1dGVkU3RhdGVtZW50ID0gYXdhaXQgcmVkc2hpZnREYXRhLmV4ZWN1dGVTdGF0ZW1lbnQoZXhlY3V0ZVN0YXRlbWVudFByb3BzKS5wcm9taXNlKCk7XG4gIGlmICghZXhlY3V0ZWRTdGF0ZW1lbnQuSWQpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoJ1NlcnZpY2UgZXJyb3I6IFN0YXRlbWVudCBleGVjdXRpb24gZGlkIG5vdCByZXR1cm4gYSBzdGF0ZW1lbnQgSUQnKTtcbiAgfVxuICBhd2FpdCB3YWl0Rm9yU3RhdGVtZW50Q29tcGxldGUoZXhlY3V0ZWRTdGF0ZW1lbnQuSWQpO1xufVxuXG5jb25zdCB3YWl0VGltZW91dCA9IDEwMDtcbmFzeW5jIGZ1bmN0aW9uIHdhaXRGb3JTdGF0ZW1lbnRDb21wbGV0ZShzdGF0ZW1lbnRJZDogc3RyaW5nKTogUHJvbWlzZTx2b2lkPiB7XG4gIGF3YWl0IG5ldyBQcm9taXNlKChyZXNvbHZlOiAodmFsdWU6IHZvaWQpID0+IHZvaWQpID0+IHtcbiAgICBzZXRUaW1lb3V0KCgpID0+IHJlc29sdmUoKSwgd2FpdFRpbWVvdXQpO1xuICB9KTtcbiAgY29uc3Qgc3RhdGVtZW50ID0gYXdhaXQgcmVkc2hpZnREYXRhLmRlc2NyaWJlU3RhdGVtZW50KHsgSWQ6IHN0YXRlbWVudElkIH0pLnByb21pc2UoKTtcbiAgaWYgKHN0YXRlbWVudC5TdGF0dXMgIT09ICdGSU5JU0hFRCcgJiYgc3RhdGVtZW50LlN0YXR1cyAhPT0gJ0ZBSUxFRCcgJiYgc3RhdGVtZW50LlN0YXR1cyAhPT0gJ0FCT1JURUQnKSB7XG4gICAgcmV0dXJuIHdhaXRGb3JTdGF0ZW1lbnRDb21wbGV0ZShzdGF0ZW1lbnRJZCk7XG4gIH0gZWxzZSBpZiAoc3RhdGVtZW50LlN0YXR1cyA9PT0gJ0ZJTklTSEVEJykge1xuICAgIHJldHVybjtcbiAgfSBlbHNlIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYFN0YXRlbWVudCBzdGF0dXMgd2FzICR7c3RhdGVtZW50LlN0YXR1c306ICR7c3RhdGVtZW50LkVycm9yfWApO1xuICB9XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js new file mode 100644 index 0000000000000..e31afe4b9ef0b --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/table.js @@ -0,0 +1,148 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const redshift_data_1 = require("./redshift-data"); +const types_1 = require("./types"); +const util_1 = require("./util"); +async function handler(props, event) { + const tableNamePrefix = props.tableName.prefix; + const tableNameSuffix = props.tableName.generateSuffix === 'true' ? `${event.RequestId.substring(0, 8)}` : ''; + const tableColumns = props.tableColumns; + const tableAndClusterProps = props; + const useColumnIds = props.useColumnIds; + if (event.RequestType === 'Create') { + const tableName = await createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + return { PhysicalResourceId: tableName }; + } + else if (event.RequestType === 'Delete') { + await dropTable(event.PhysicalResourceId, tableAndClusterProps); + return; + } + else if (event.RequestType === 'Update') { + const tableName = await updateTable(event.PhysicalResourceId, tableNamePrefix, tableNameSuffix, tableColumns, useColumnIds, tableAndClusterProps, event.OldResourceProperties); + return { PhysicalResourceId: tableName }; + } + else { + /* eslint-disable-next-line dot-notation */ + throw new Error(`Unrecognized event type: ${event['RequestType']}`); + } +} +exports.handler = handler; +async function createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps) { + const tableName = tableNamePrefix + tableNameSuffix; + const tableColumnsString = tableColumns.map(column => `${column.name} ${column.dataType}`).join(); + let statement = `CREATE TABLE ${tableName} (${tableColumnsString})`; + if (tableAndClusterProps.distStyle) { + statement += ` DISTSTYLE ${tableAndClusterProps.distStyle}`; + } + const distKeyColumn = util_1.getDistKeyColumn(tableColumns); + if (distKeyColumn) { + statement += ` DISTKEY(${distKeyColumn.name})`; + } + const sortKeyColumns = util_1.getSortKeyColumns(tableColumns); + if (sortKeyColumns.length > 0) { + const sortKeyColumnsString = getSortKeyColumnsString(sortKeyColumns); + statement += ` ${tableAndClusterProps.sortStyle} SORTKEY(${sortKeyColumnsString})`; + } + await redshift_data_1.executeStatement(statement, tableAndClusterProps); + if (tableAndClusterProps.tableComment) { + await redshift_data_1.executeStatement(`COMMENT ON TABLE ${tableName} IS '${tableAndClusterProps.tableComment}'`, tableAndClusterProps); + } + return tableName; +} +async function dropTable(tableName, clusterProps) { + await redshift_data_1.executeStatement(`DROP TABLE ${tableName}`, clusterProps); +} +async function updateTable(tableName, tableNamePrefix, tableNameSuffix, tableColumns, useColumnIds, tableAndClusterProps, oldResourceProperties) { + const alterationStatements = []; + const oldClusterProps = oldResourceProperties; + if (tableAndClusterProps.clusterName !== oldClusterProps.clusterName || tableAndClusterProps.databaseName !== oldClusterProps.databaseName) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + const oldTableNamePrefix = oldResourceProperties.tableName.prefix; + if (tableNamePrefix !== oldTableNamePrefix) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + const oldTableColumns = oldResourceProperties.tableColumns; + const columnDeletions = oldTableColumns.filter(oldColumn => (tableColumns.every(column => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id !== column.id : oldColumn.name !== column.name; + } + return oldColumn.name !== column.name; + }))); + if (columnDeletions.length > 0) { + alterationStatements.push(...columnDeletions.map(column => `ALTER TABLE ${tableName} DROP COLUMN ${column.name}`)); + } + const columnAdditions = tableColumns.filter(column => { + return !oldTableColumns.some(oldColumn => { + if (useColumnIds) { + return oldColumn.id ? oldColumn.id === column.id : oldColumn.name === column.name; + } + return oldColumn.name === column.name; + }); + }).map(column => `ADD ${column.name} ${column.dataType}`); + if (columnAdditions.length > 0) { + alterationStatements.push(...columnAdditions.map(addition => `ALTER TABLE ${tableName} ${addition}`)); + } + if (useColumnIds) { + const columnNameUpdates = tableColumns.reduce((updates, column) => { + const oldColumn = oldTableColumns.find(oldCol => oldCol.id && oldCol.id === column.id); + if (oldColumn && oldColumn.name !== column.name) { + updates[oldColumn.name] = column.name; + } + return updates; + }, {}); + if (Object.keys(columnNameUpdates).length > 0) { + alterationStatements.push(...Object.entries(columnNameUpdates).map(([oldName, newName]) => (`ALTER TABLE ${tableName} RENAME COLUMN ${oldName} TO ${newName}`))); + } + } + const oldDistStyle = oldResourceProperties.distStyle; + if ((!oldDistStyle && tableAndClusterProps.distStyle) || + (oldDistStyle && !tableAndClusterProps.distStyle)) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + else if (oldDistStyle !== tableAndClusterProps.distStyle) { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTSTYLE ${tableAndClusterProps.distStyle}`); + } + const oldDistKey = util_1.getDistKeyColumn(oldTableColumns)?.name; + const newDistKey = util_1.getDistKeyColumn(tableColumns)?.name; + if ((!oldDistKey && newDistKey) || (oldDistKey && !newDistKey)) { + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + } + else if (oldDistKey !== newDistKey) { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTKEY ${newDistKey}`); + } + const oldSortKeyColumns = util_1.getSortKeyColumns(oldTableColumns); + const newSortKeyColumns = util_1.getSortKeyColumns(tableColumns); + const oldSortStyle = oldResourceProperties.sortStyle; + const newSortStyle = tableAndClusterProps.sortStyle; + if ((oldSortStyle === newSortStyle && !util_1.areColumnsEqual(oldSortKeyColumns, newSortKeyColumns)) + || (oldSortStyle !== newSortStyle)) { + switch (newSortStyle) { + case types_1.TableSortStyle.INTERLEAVED: + // INTERLEAVED sort key addition requires replacement. + // https://docs.aws.amazon.com/redshift/latest/dg/r_ALTER_TABLE.html + return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); + case types_1.TableSortStyle.COMPOUND: { + const sortKeyColumnsString = getSortKeyColumnsString(newSortKeyColumns); + alterationStatements.push(`ALTER TABLE ${tableName} ALTER ${newSortStyle} SORTKEY(${sortKeyColumnsString})`); + break; + } + case types_1.TableSortStyle.AUTO: { + alterationStatements.push(`ALTER TABLE ${tableName} ALTER SORTKEY ${newSortStyle}`); + break; + } + } + } + const oldComment = oldResourceProperties.tableComment; + const newComment = tableAndClusterProps.tableComment; + if (oldComment !== newComment) { + alterationStatements.push(`COMMENT ON TABLE ${tableName} IS ${newComment ? `'${newComment}'` : 'NULL'}`); + } + await Promise.all(alterationStatements.map(statement => redshift_data_1.executeStatement(statement, tableAndClusterProps))); + return tableName; +} +function getSortKeyColumnsString(sortKeyColumns) { + return sortKeyColumns.map(column => column.name).join(); +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGFibGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJ0YWJsZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSxtREFBbUQ7QUFDbkQsbUNBQTZFO0FBQzdFLGlDQUE4RTtBQUd2RSxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQTJCLEVBQUUsS0FBa0Q7SUFDM0csTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUM7SUFDL0MsTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxjQUFjLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7SUFDOUcsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQVksQ0FBQztJQUN4QyxNQUFNLG9CQUFvQixHQUFHLEtBQUssQ0FBQztJQUNuQyxNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsWUFBWSxDQUFDO0lBRXhDLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDbEMsTUFBTSxTQUFTLEdBQUcsTUFBTSxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUMxRyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsU0FBUyxFQUFFLENBQUM7S0FDMUM7U0FBTSxJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ3pDLE1BQU0sU0FBUyxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2hFLE9BQU87S0FDUjtTQUFNLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDekMsTUFBTSxTQUFTLEdBQUcsTUFBTSxXQUFXLENBQ2pDLEtBQUssQ0FBQyxrQkFBa0IsRUFDeEIsZUFBZSxFQUNmLGVBQWUsRUFDZixZQUFZLEVBQ1osWUFBWSxFQUNaLG9CQUFvQixFQUNwQixLQUFLLENBQUMscUJBQTZDLENBQ3BELENBQUM7UUFDRixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsU0FBUyxFQUFFLENBQUM7S0FDMUM7U0FBTTtRQUNMLDJDQUEyQztRQUMzQyxNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixLQUFLLENBQUMsYUFBYSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0tBQ3JFO0FBQ0gsQ0FBQztBQTVCRCwwQkE0QkM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixvQkFBMEM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsZUFBZSxHQUFHLGVBQWUsQ0FBQztJQUNwRCxNQUFNLGtCQUFrQixHQUFHLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7SUFFbEcsSUFBSSxTQUFTLEdBQUcsZ0JBQWdCLFNBQVMsS0FBSyxrQkFBa0IsR0FBRyxDQUFDO0lBRXBFLElBQUksb0JBQW9CLENBQUMsU0FBUyxFQUFFO1FBQ2xDLFNBQVMsSUFBSSxjQUFjLG9CQUFvQixDQUFDLFNBQVMsRUFBRSxDQUFDO0tBQzdEO0lBRUQsTUFBTSxhQUFhLEdBQUcsdUJBQWdCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDckQsSUFBSSxhQUFhLEVBQUU7UUFDakIsU0FBUyxJQUFJLFlBQVksYUFBYSxDQUFDLElBQUksR0FBRyxDQUFDO0tBQ2hEO0lBRUQsTUFBTSxjQUFjLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDdkQsSUFBSSxjQUFjLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtRQUM3QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQ3JFLFNBQVMsSUFBSSxJQUFJLG9CQUFvQixDQUFDLFNBQVMsWUFBWSxvQkFBb0IsR0FBRyxDQUFDO0tBQ3BGO0lBRUQsTUFBTSxnQ0FBZ0IsQ0FBQyxTQUFTLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztJQUV4RCxJQUFJLG9CQUFvQixDQUFDLFlBQVksRUFBRTtRQUNyQyxNQUFNLGdDQUFnQixDQUFDLG9CQUFvQixTQUFTLFFBQVEsb0JBQW9CLENBQUMsWUFBWSxHQUFHLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUN6SDtJQUVELE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxLQUFLLFVBQVUsU0FBUyxDQUFDLFNBQWlCLEVBQUUsWUFBMEI7SUFDcEUsTUFBTSxnQ0FBZ0IsQ0FBQyxjQUFjLFNBQVMsRUFBRSxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ2xFLENBQUM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixTQUFpQixFQUNqQixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixZQUFxQixFQUNyQixvQkFBMEMsRUFDMUMscUJBQTJDO0lBRTNDLE1BQU0sb0JBQW9CLEdBQWEsRUFBRSxDQUFDO0lBRTFDLE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksb0JBQW9CLENBQUMsV0FBVyxLQUFLLGVBQWUsQ0FBQyxXQUFXLElBQUksb0JBQW9CLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUksT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtJQUVELE1BQU0sa0JBQWtCLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQztJQUNsRSxJQUFJLGVBQWUsS0FBSyxrQkFBa0IsRUFBRTtRQUMxQyxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO0lBRUQsTUFBTSxlQUFlLEdBQUcscUJBQXFCLENBQUMsWUFBWSxDQUFDO0lBQzNELE1BQU0sZUFBZSxHQUFHLGVBQWUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUMxRCxZQUFZLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxFQUFFO1FBQzFCLElBQUksWUFBWSxFQUFFO1lBQ2hCLE9BQU8sU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLEVBQUUsS0FBSyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsSUFBSSxLQUFLLE1BQU0sQ0FBQyxJQUFJLENBQUM7U0FDbkY7UUFDRCxPQUFPLFNBQVMsQ0FBQyxJQUFJLEtBQUssTUFBTSxDQUFDLElBQUksQ0FBQztJQUN4QyxDQUFDLENBQUMsQ0FDSCxDQUFDLENBQUM7SUFDSCxJQUFJLGVBQWUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1FBQzlCLG9CQUFvQixDQUFDLElBQUksQ0FBQyxHQUFHLGVBQWUsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxlQUFlLFNBQVMsZ0JBQWdCLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUM7S0FDcEg7SUFFRCxNQUFNLGVBQWUsR0FBRyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxFQUFFO1FBQ25ELE9BQU8sQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFO1lBQ3ZDLElBQUksWUFBWSxFQUFFO2dCQUNoQixPQUFPLFNBQVMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEtBQUssTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLElBQUksS0FBSyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQ25GO1lBQ0QsT0FBTyxTQUFTLENBQUMsSUFBSSxLQUFLLE1BQU0sQ0FBQyxJQUFJLENBQUM7UUFDeEMsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxPQUFPLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDMUQsSUFBSSxlQUFlLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtRQUM5QixvQkFBb0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxlQUFlLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsZUFBZSxTQUFTLElBQUksUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDO0tBQ3ZHO0lBRUQsSUFBSSxZQUFZLEVBQUU7UUFDaEIsTUFBTSxpQkFBaUIsR0FBRyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQ2hFLE1BQU0sU0FBUyxHQUFHLGVBQWUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsRUFBRSxJQUFJLE1BQU0sQ0FBQyxFQUFFLEtBQUssTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ3ZGLElBQUksU0FBUyxJQUFJLFNBQVMsQ0FBQyxJQUFJLEtBQUssTUFBTSxDQUFDLElBQUksRUFBRTtnQkFDL0MsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQ3ZDO1lBQ0QsT0FBTyxPQUFPLENBQUM7UUFDakIsQ0FBQyxFQUFFLEVBQTRCLENBQUMsQ0FBQztRQUNqQyxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1lBQzdDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxPQUFPLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FDekYsZUFBZSxTQUFTLGtCQUFrQixPQUFPLE9BQU8sT0FBTyxFQUFFLENBQ2xFLENBQUMsQ0FBQyxDQUFDO1NBQ0w7S0FDRjtJQUVELE1BQU0sWUFBWSxHQUFHLHFCQUFxQixDQUFDLFNBQVMsQ0FBQztJQUNyRCxJQUFJLENBQUMsQ0FBQyxZQUFZLElBQUksb0JBQW9CLENBQUMsU0FBUyxDQUFDO1FBQ25ELENBQUMsWUFBWSxJQUFJLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLEVBQUU7UUFDbkQsT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtTQUFNLElBQUksWUFBWSxLQUFLLG9CQUFvQixDQUFDLFNBQVMsRUFBRTtRQUMxRCxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsZUFBZSxTQUFTLG9CQUFvQixvQkFBb0IsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO0tBQ3pHO0lBRUQsTUFBTSxVQUFVLEdBQUcsdUJBQWdCLENBQUMsZUFBZSxDQUFDLEVBQUUsSUFBSSxDQUFDO0lBQzNELE1BQU0sVUFBVSxHQUFHLHVCQUFnQixDQUFDLFlBQVksQ0FBQyxFQUFFLElBQUksQ0FBQztJQUN4RCxJQUFJLENBQUMsQ0FBQyxVQUFVLElBQUksVUFBVSxDQUFFLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRTtRQUMvRCxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO1NBQU0sSUFBSSxVQUFVLEtBQUssVUFBVSxFQUFFO1FBQ3BDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFVBQVUsRUFBRSxDQUFDLENBQUM7S0FDbkY7SUFFRCxNQUFNLGlCQUFpQixHQUFHLHdCQUFpQixDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQzdELE1BQU0saUJBQWlCLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDMUQsTUFBTSxZQUFZLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDO0lBQ3JELE1BQU0sWUFBWSxHQUFHLG9CQUFvQixDQUFDLFNBQVMsQ0FBQztJQUNwRCxJQUFJLENBQUMsWUFBWSxLQUFLLFlBQVksSUFBSSxDQUFDLHNCQUFlLENBQUMsaUJBQWlCLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztXQUN4RixDQUFDLFlBQVksS0FBSyxZQUFZLENBQUMsRUFBRTtRQUNwQyxRQUFRLFlBQVksRUFBRTtZQUNwQixLQUFLLHNCQUFjLENBQUMsV0FBVztnQkFDN0Isc0RBQXNEO2dCQUN0RCxvRUFBb0U7Z0JBQ3BFLE9BQU8sV0FBVyxDQUFDLGVBQWUsRUFBRSxlQUFlLEVBQUUsWUFBWSxFQUFFLG9CQUFvQixDQUFDLENBQUM7WUFFM0YsS0FBSyxzQkFBYyxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUM1QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGlCQUFpQixDQUFDLENBQUM7Z0JBQ3hFLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsVUFBVSxZQUFZLFlBQVksb0JBQW9CLEdBQUcsQ0FBQyxDQUFDO2dCQUM3RyxNQUFNO2FBQ1A7WUFFRCxLQUFLLHNCQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ3hCLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFlBQVksRUFBRSxDQUFDLENBQUM7Z0JBQ3BGLE1BQU07YUFDUDtTQUNGO0tBQ0Y7SUFFRCxNQUFNLFVBQVUsR0FBRyxxQkFBcUIsQ0FBQyxZQUFZLENBQUM7SUFDdEQsTUFBTSxVQUFVLEdBQUcsb0JBQW9CLENBQUMsWUFBWSxDQUFDO0lBQ3JELElBQUksVUFBVSxLQUFLLFVBQVUsRUFBRTtRQUM3QixvQkFBb0IsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLFNBQVMsT0FBTyxVQUFVLENBQUMsQ0FBQyxDQUFDLElBQUksVUFBVSxHQUFHLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7S0FDMUc7SUFFRCxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsZ0NBQWdCLENBQUMsU0FBUyxFQUFFLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxDQUFDO0lBRTVHLE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxTQUFTLHVCQUF1QixDQUFDLGNBQXdCO0lBQ3ZELE9BQU8sY0FBYyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztBQUMxRCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcywgVGFibGVBbmRDbHVzdGVyUHJvcHMsIFRhYmxlU29ydFN0eWxlIH0gZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBhcmVDb2x1bW5zRXF1YWwsIGdldERpc3RLZXlDb2x1bW4sIGdldFNvcnRLZXlDb2x1bW5zIH0gZnJvbSAnLi91dGlsJztcbmltcG9ydCB7IENvbHVtbiB9IGZyb20gJy4uLy4uL3RhYmxlJztcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIocHJvcHM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLCBldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCkge1xuICBjb25zdCB0YWJsZU5hbWVQcmVmaXggPSBwcm9wcy50YWJsZU5hbWUucHJlZml4O1xuICBjb25zdCB0YWJsZU5hbWVTdWZmaXggPSBwcm9wcy50YWJsZU5hbWUuZ2VuZXJhdGVTdWZmaXggPT09ICd0cnVlJyA/IGAke2V2ZW50LlJlcXVlc3RJZC5zdWJzdHJpbmcoMCwgOCl9YCA6ICcnO1xuICBjb25zdCB0YWJsZUNvbHVtbnMgPSBwcm9wcy50YWJsZUNvbHVtbnM7XG4gIGNvbnN0IHRhYmxlQW5kQ2x1c3RlclByb3BzID0gcHJvcHM7XG4gIGNvbnN0IHVzZUNvbHVtbklkcyA9IHByb3BzLnVzZUNvbHVtbklkcztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgY29uc3QgdGFibGVOYW1lID0gYXdhaXQgY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogdGFibGVOYW1lIH07XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgYXdhaXQgZHJvcFRhYmxlKGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB0YWJsZU5hbWUgPSBhd2FpdCB1cGRhdGVUYWJsZShcbiAgICAgIGV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCxcbiAgICAgIHRhYmxlTmFtZVByZWZpeCxcbiAgICAgIHRhYmxlTmFtZVN1ZmZpeCxcbiAgICAgIHRhYmxlQ29sdW1ucyxcbiAgICAgIHVzZUNvbHVtbklkcyxcbiAgICAgIHRhYmxlQW5kQ2x1c3RlclByb3BzLFxuICAgICAgZXZlbnQuT2xkUmVzb3VyY2VQcm9wZXJ0aWVzIGFzIFRhYmxlQW5kQ2x1c3RlclByb3BzLFxuICAgICk7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiB0YWJsZU5hbWUgfTtcbiAgfSBlbHNlIHtcbiAgICAvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgZG90LW5vdGF0aW9uICovXG4gICAgdGhyb3cgbmV3IEVycm9yKGBVbnJlY29nbml6ZWQgZXZlbnQgdHlwZTogJHtldmVudFsnUmVxdWVzdFR5cGUnXX1gKTtcbiAgfVxufVxuXG5hc3luYyBmdW5jdGlvbiBjcmVhdGVUYWJsZShcbiAgdGFibGVOYW1lUHJlZml4OiBzdHJpbmcsXG4gIHRhYmxlTmFtZVN1ZmZpeDogc3RyaW5nLFxuICB0YWJsZUNvbHVtbnM6IENvbHVtbltdLFxuICB0YWJsZUFuZENsdXN0ZXJQcm9wczogVGFibGVBbmRDbHVzdGVyUHJvcHMsXG4pOiBQcm9taXNlPHN0cmluZz4ge1xuICBjb25zdCB0YWJsZU5hbWUgPSB0YWJsZU5hbWVQcmVmaXggKyB0YWJsZU5hbWVTdWZmaXg7XG4gIGNvbnN0IHRhYmxlQ29sdW1uc1N0cmluZyA9IHRhYmxlQ29sdW1ucy5tYXAoY29sdW1uID0+IGAke2NvbHVtbi5uYW1lfSAke2NvbHVtbi5kYXRhVHlwZX1gKS5qb2luKCk7XG5cbiAgbGV0IHN0YXRlbWVudCA9IGBDUkVBVEUgVEFCTEUgJHt0YWJsZU5hbWV9ICgke3RhYmxlQ29sdW1uc1N0cmluZ30pYDtcblxuICBpZiAodGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlKSB7XG4gICAgc3RhdGVtZW50ICs9IGAgRElTVFNUWUxFICR7dGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlfWA7XG4gIH1cblxuICBjb25zdCBkaXN0S2V5Q29sdW1uID0gZ2V0RGlzdEtleUNvbHVtbih0YWJsZUNvbHVtbnMpO1xuICBpZiAoZGlzdEtleUNvbHVtbikge1xuICAgIHN0YXRlbWVudCArPSBgIERJU1RLRVkoJHtkaXN0S2V5Q29sdW1uLm5hbWV9KWA7XG4gIH1cblxuICBjb25zdCBzb3J0S2V5Q29sdW1ucyA9IGdldFNvcnRLZXlDb2x1bW5zKHRhYmxlQ29sdW1ucyk7XG4gIGlmIChzb3J0S2V5Q29sdW1ucy5sZW5ndGggPiAwKSB7XG4gICAgY29uc3Qgc29ydEtleUNvbHVtbnNTdHJpbmcgPSBnZXRTb3J0S2V5Q29sdW1uc1N0cmluZyhzb3J0S2V5Q29sdW1ucyk7XG4gICAgc3RhdGVtZW50ICs9IGAgJHt0YWJsZUFuZENsdXN0ZXJQcm9wcy5zb3J0U3R5bGV9IFNPUlRLRVkoJHtzb3J0S2V5Q29sdW1uc1N0cmluZ30pYDtcbiAgfVxuXG4gIGF3YWl0IGV4ZWN1dGVTdGF0ZW1lbnQoc3RhdGVtZW50LCB0YWJsZUFuZENsdXN0ZXJQcm9wcyk7XG5cbiAgaWYgKHRhYmxlQW5kQ2x1c3RlclByb3BzLnRhYmxlQ29tbWVudCkge1xuICAgIGF3YWl0IGV4ZWN1dGVTdGF0ZW1lbnQoYENPTU1FTlQgT04gVEFCTEUgJHt0YWJsZU5hbWV9IElTICcke3RhYmxlQW5kQ2x1c3RlclByb3BzLnRhYmxlQ29tbWVudH0nYCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9XG5cbiAgcmV0dXJuIHRhYmxlTmFtZTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZHJvcFRhYmxlKHRhYmxlTmFtZTogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBhd2FpdCBleGVjdXRlU3RhdGVtZW50KGBEUk9QIFRBQkxFICR7dGFibGVOYW1lfWAsIGNsdXN0ZXJQcm9wcyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHVwZGF0ZVRhYmxlKFxuICB0YWJsZU5hbWU6IHN0cmluZyxcbiAgdGFibGVOYW1lUHJlZml4OiBzdHJpbmcsXG4gIHRhYmxlTmFtZVN1ZmZpeDogc3RyaW5nLFxuICB0YWJsZUNvbHVtbnM6IENvbHVtbltdLFxuICB1c2VDb2x1bW5JZHM6IGJvb2xlYW4sXG4gIHRhYmxlQW5kQ2x1c3RlclByb3BzOiBUYWJsZUFuZENsdXN0ZXJQcm9wcyxcbiAgb2xkUmVzb3VyY2VQcm9wZXJ0aWVzOiBUYWJsZUFuZENsdXN0ZXJQcm9wcyxcbik6IFByb21pc2U8c3RyaW5nPiB7XG4gIGNvbnN0IGFsdGVyYXRpb25TdGF0ZW1lbnRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gIGNvbnN0IG9sZENsdXN0ZXJQcm9wcyA9IG9sZFJlc291cmNlUHJvcGVydGllcztcbiAgaWYgKHRhYmxlQW5kQ2x1c3RlclByb3BzLmNsdXN0ZXJOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgfHwgdGFibGVBbmRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lICE9PSBvbGRDbHVzdGVyUHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfVxuXG4gIGNvbnN0IG9sZFRhYmxlTmFtZVByZWZpeCA9IG9sZFJlc291cmNlUHJvcGVydGllcy50YWJsZU5hbWUucHJlZml4O1xuICBpZiAodGFibGVOYW1lUHJlZml4ICE9PSBvbGRUYWJsZU5hbWVQcmVmaXgpIHtcbiAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9XG5cbiAgY29uc3Qgb2xkVGFibGVDb2x1bW5zID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnRhYmxlQ29sdW1ucztcbiAgY29uc3QgY29sdW1uRGVsZXRpb25zID0gb2xkVGFibGVDb2x1bW5zLmZpbHRlcihvbGRDb2x1bW4gPT4gKFxuICAgIHRhYmxlQ29sdW1ucy5ldmVyeShjb2x1bW4gPT4ge1xuICAgICAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgICAgICByZXR1cm4gb2xkQ29sdW1uLmlkID8gb2xkQ29sdW1uLmlkICE9PSBjb2x1bW4uaWQgOiBvbGRDb2x1bW4ubmFtZSAhPT0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gb2xkQ29sdW1uLm5hbWUgIT09IGNvbHVtbi5uYW1lO1xuICAgIH0pXG4gICkpO1xuICBpZiAoY29sdW1uRGVsZXRpb25zLmxlbmd0aCA+IDApIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKC4uLmNvbHVtbkRlbGV0aW9ucy5tYXAoY29sdW1uID0+IGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gRFJPUCBDT0xVTU4gJHtjb2x1bW4ubmFtZX1gKSk7XG4gIH1cblxuICBjb25zdCBjb2x1bW5BZGRpdGlvbnMgPSB0YWJsZUNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiB7XG4gICAgcmV0dXJuICFvbGRUYWJsZUNvbHVtbnMuc29tZShvbGRDb2x1bW4gPT4ge1xuICAgICAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgICAgICByZXR1cm4gb2xkQ29sdW1uLmlkID8gb2xkQ29sdW1uLmlkID09PSBjb2x1bW4uaWQgOiBvbGRDb2x1bW4ubmFtZSA9PT0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gb2xkQ29sdW1uLm5hbWUgPT09IGNvbHVtbi5uYW1lO1xuICAgIH0pO1xuICB9KS5tYXAoY29sdW1uID0+IGBBREQgJHtjb2x1bW4ubmFtZX0gJHtjb2x1bW4uZGF0YVR5cGV9YCk7XG4gIGlmIChjb2x1bW5BZGRpdGlvbnMubGVuZ3RoID4gMCkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goLi4uY29sdW1uQWRkaXRpb25zLm1hcChhZGRpdGlvbiA9PiBgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9ICR7YWRkaXRpb259YCkpO1xuICB9XG5cbiAgaWYgKHVzZUNvbHVtbklkcykge1xuICAgIGNvbnN0IGNvbHVtbk5hbWVVcGRhdGVzID0gdGFibGVDb2x1bW5zLnJlZHVjZSgodXBkYXRlcywgY29sdW1uKSA9PiB7XG4gICAgICBjb25zdCBvbGRDb2x1bW4gPSBvbGRUYWJsZUNvbHVtbnMuZmluZChvbGRDb2wgPT4gb2xkQ29sLmlkICYmIG9sZENvbC5pZCA9PT0gY29sdW1uLmlkKTtcbiAgICAgIGlmIChvbGRDb2x1bW4gJiYgb2xkQ29sdW1uLm5hbWUgIT09IGNvbHVtbi5uYW1lKSB7XG4gICAgICAgIHVwZGF0ZXNbb2xkQ29sdW1uLm5hbWVdID0gY29sdW1uLm5hbWU7XG4gICAgICB9XG4gICAgICByZXR1cm4gdXBkYXRlcztcbiAgICB9LCB7fSBhcyBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+KTtcbiAgICBpZiAoT2JqZWN0LmtleXMoY29sdW1uTmFtZVVwZGF0ZXMpLmxlbmd0aCA+IDApIHtcbiAgICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goLi4uT2JqZWN0LmVudHJpZXMoY29sdW1uTmFtZVVwZGF0ZXMpLm1hcCgoW29sZE5hbWUsIG5ld05hbWVdKSA9PiAoXG4gICAgICAgIGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gUkVOQU1FIENPTFVNTiAke29sZE5hbWV9IFRPICR7bmV3TmFtZX1gXG4gICAgICApKSk7XG4gICAgfVxuICB9XG5cbiAgY29uc3Qgb2xkRGlzdFN0eWxlID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLmRpc3RTdHlsZTtcbiAgaWYgKCghb2xkRGlzdFN0eWxlICYmIHRhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZSkgfHxcbiAgICAob2xkRGlzdFN0eWxlICYmICF0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGUpKSB7XG4gICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfSBlbHNlIGlmIChvbGREaXN0U3R5bGUgIT09IHRhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZSkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goYEFMVEVSIFRBQkxFICR7dGFibGVOYW1lfSBBTFRFUiBESVNUU1RZTEUgJHt0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGV9YCk7XG4gIH1cblxuICBjb25zdCBvbGREaXN0S2V5ID0gZ2V0RGlzdEtleUNvbHVtbihvbGRUYWJsZUNvbHVtbnMpPy5uYW1lO1xuICBjb25zdCBuZXdEaXN0S2V5ID0gZ2V0RGlzdEtleUNvbHVtbih0YWJsZUNvbHVtbnMpPy5uYW1lO1xuICBpZiAoKCFvbGREaXN0S2V5ICYmIG5ld0Rpc3RLZXkgKSB8fCAob2xkRGlzdEtleSAmJiAhbmV3RGlzdEtleSkpIHtcbiAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9IGVsc2UgaWYgKG9sZERpc3RLZXkgIT09IG5ld0Rpc3RLZXkpIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gQUxURVIgRElTVEtFWSAke25ld0Rpc3RLZXl9YCk7XG4gIH1cblxuICBjb25zdCBvbGRTb3J0S2V5Q29sdW1ucyA9IGdldFNvcnRLZXlDb2x1bW5zKG9sZFRhYmxlQ29sdW1ucyk7XG4gIGNvbnN0IG5ld1NvcnRLZXlDb2x1bW5zID0gZ2V0U29ydEtleUNvbHVtbnModGFibGVDb2x1bW5zKTtcbiAgY29uc3Qgb2xkU29ydFN0eWxlID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnNvcnRTdHlsZTtcbiAgY29uc3QgbmV3U29ydFN0eWxlID0gdGFibGVBbmRDbHVzdGVyUHJvcHMuc29ydFN0eWxlO1xuICBpZiAoKG9sZFNvcnRTdHlsZSA9PT0gbmV3U29ydFN0eWxlICYmICFhcmVDb2x1bW5zRXF1YWwob2xkU29ydEtleUNvbHVtbnMsIG5ld1NvcnRLZXlDb2x1bW5zKSlcbiAgICB8fCAob2xkU29ydFN0eWxlICE9PSBuZXdTb3J0U3R5bGUpKSB7XG4gICAgc3dpdGNoIChuZXdTb3J0U3R5bGUpIHtcbiAgICAgIGNhc2UgVGFibGVTb3J0U3R5bGUuSU5URVJMRUFWRUQ6XG4gICAgICAgIC8vIElOVEVSTEVBVkVEIHNvcnQga2V5IGFkZGl0aW9uIHJlcXVpcmVzIHJlcGxhY2VtZW50LlxuICAgICAgICAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vcmVkc2hpZnQvbGF0ZXN0L2RnL3JfQUxURVJfVEFCTEUuaHRtbFxuICAgICAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuXG4gICAgICBjYXNlIFRhYmxlU29ydFN0eWxlLkNPTVBPVU5EOiB7XG4gICAgICAgIGNvbnN0IHNvcnRLZXlDb2x1bW5zU3RyaW5nID0gZ2V0U29ydEtleUNvbHVtbnNTdHJpbmcobmV3U29ydEtleUNvbHVtbnMpO1xuICAgICAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gQUxURVIgJHtuZXdTb3J0U3R5bGV9IFNPUlRLRVkoJHtzb3J0S2V5Q29sdW1uc1N0cmluZ30pYCk7XG4gICAgICAgIGJyZWFrO1xuICAgICAgfVxuXG4gICAgICBjYXNlIFRhYmxlU29ydFN0eWxlLkFVVE86IHtcbiAgICAgICAgYWx0ZXJhdGlvblN0YXRlbWVudHMucHVzaChgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9IEFMVEVSIFNPUlRLRVkgJHtuZXdTb3J0U3R5bGV9YCk7XG4gICAgICAgIGJyZWFrO1xuICAgICAgfVxuICAgIH1cbiAgfVxuXG4gIGNvbnN0IG9sZENvbW1lbnQgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVDb21tZW50O1xuICBjb25zdCBuZXdDb21tZW50ID0gdGFibGVBbmRDbHVzdGVyUHJvcHMudGFibGVDb21tZW50O1xuICBpZiAob2xkQ29tbWVudCAhPT0gbmV3Q29tbWVudCkge1xuICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goYENPTU1FTlQgT04gVEFCTEUgJHt0YWJsZU5hbWV9IElTICR7bmV3Q29tbWVudCA/IGAnJHtuZXdDb21tZW50fSdgIDogJ05VTEwnfWApO1xuICB9XG5cbiAgYXdhaXQgUHJvbWlzZS5hbGwoYWx0ZXJhdGlvblN0YXRlbWVudHMubWFwKHN0YXRlbWVudCA9PiBleGVjdXRlU3RhdGVtZW50KHN0YXRlbWVudCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpKSk7XG5cbiAgcmV0dXJuIHRhYmxlTmFtZTtcbn1cblxuZnVuY3Rpb24gZ2V0U29ydEtleUNvbHVtbnNTdHJpbmcoc29ydEtleUNvbHVtbnM6IENvbHVtbltdKSB7XG4gIHJldHVybiBzb3J0S2V5Q29sdW1ucy5tYXAoY29sdW1uID0+IGNvbHVtbi5uYW1lKS5qb2luKCk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js new file mode 100644 index 0000000000000..070bb11c1600e --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/types.js @@ -0,0 +1,24 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.TableSortStyle = void 0; +/** + * The sort style of a table. + * This has been duplicated here to exporting private types. + */ +var TableSortStyle; +(function (TableSortStyle) { + /** + * Amazon Redshift assigns an optimal sort key based on the table data. + */ + TableSortStyle["AUTO"] = "AUTO"; + /** + * Specifies that the data is sorted using a compound key made up of all of the listed columns, + * in the order they are listed. + */ + TableSortStyle["COMPOUND"] = "COMPOUND"; + /** + * Specifies that the data is sorted using an interleaved sort key. + */ + TableSortStyle["INTERLEAVED"] = "INTERLEAVED"; +})(TableSortStyle = exports.TableSortStyle || (exports.TableSortStyle = {})); +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJ0eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFLQTs7O0dBR0c7QUFDSCxJQUFZLGNBZ0JYO0FBaEJELFdBQVksY0FBYztJQUN4Qjs7T0FFRztJQUNILCtCQUFhLENBQUE7SUFFYjs7O09BR0c7SUFDSCx1Q0FBcUIsQ0FBQTtJQUVyQjs7T0FFRztJQUNILDZDQUEyQixDQUFBO0FBQzdCLENBQUMsRUFoQlcsY0FBYyxHQUFkLHNCQUFjLEtBQWQsc0JBQWMsUUFnQnpCIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgRGF0YWJhc2VRdWVyeUhhbmRsZXJQcm9wcywgVGFibGVIYW5kbGVyUHJvcHMgfSBmcm9tICcuLi9oYW5kbGVyLXByb3BzJztcblxuZXhwb3J0IHR5cGUgQ2x1c3RlclByb3BzID0gT21pdDxEYXRhYmFzZVF1ZXJ5SGFuZGxlclByb3BzLCAnaGFuZGxlcic+O1xuZXhwb3J0IHR5cGUgVGFibGVBbmRDbHVzdGVyUHJvcHMgPSBUYWJsZUhhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcztcblxuLyoqXG4gKiBUaGUgc29ydCBzdHlsZSBvZiBhIHRhYmxlLlxuICogVGhpcyBoYXMgYmVlbiBkdXBsaWNhdGVkIGhlcmUgdG8gZXhwb3J0aW5nIHByaXZhdGUgdHlwZXMuXG4gKi9cbmV4cG9ydCBlbnVtIFRhYmxlU29ydFN0eWxlIHtcbiAgLyoqXG4gICAqIEFtYXpvbiBSZWRzaGlmdCBhc3NpZ25zIGFuIG9wdGltYWwgc29ydCBrZXkgYmFzZWQgb24gdGhlIHRhYmxlIGRhdGEuXG4gICAqL1xuICBBVVRPID0gJ0FVVE8nLFxuXG4gIC8qKlxuICAgKiBTcGVjaWZpZXMgdGhhdCB0aGUgZGF0YSBpcyBzb3J0ZWQgdXNpbmcgYSBjb21wb3VuZCBrZXkgbWFkZSB1cCBvZiBhbGwgb2YgdGhlIGxpc3RlZCBjb2x1bW5zLFxuICAgKiBpbiB0aGUgb3JkZXIgdGhleSBhcmUgbGlzdGVkLlxuICAgKi9cbiAgQ09NUE9VTkQgPSAnQ09NUE9VTkQnLFxuXG4gIC8qKlxuICAgKiBTcGVjaWZpZXMgdGhhdCB0aGUgZGF0YSBpcyBzb3J0ZWQgdXNpbmcgYW4gaW50ZXJsZWF2ZWQgc29ydCBrZXkuXG4gICAqL1xuICBJTlRFUkxFQVZFRCA9ICdJTlRFUkxFQVZFRCcsXG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js new file mode 100644 index 0000000000000..f097ae1836462 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/user.js @@ -0,0 +1,70 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +/* eslint-disable-next-line import/no-extraneous-dependencies */ +const SecretsManager = require("aws-sdk/clients/secretsmanager"); +const redshift_data_1 = require("./redshift-data"); +const util_1 = require("./util"); +const secretsManager = new SecretsManager(); +async function handler(props, event) { + const username = props.username; + const passwordSecretArn = props.passwordSecretArn; + const clusterProps = props; + if (event.RequestType === 'Create') { + await createUser(username, passwordSecretArn, clusterProps); + return { PhysicalResourceId: util_1.makePhysicalId(username, clusterProps, event.RequestId), Data: { username: username } }; + } + else if (event.RequestType === 'Delete') { + await dropUser(username, clusterProps); + return; + } + else if (event.RequestType === 'Update') { + const { replace } = await updateUser(username, passwordSecretArn, clusterProps, event.OldResourceProperties); + const physicalId = replace ? util_1.makePhysicalId(username, clusterProps, event.RequestId) : event.PhysicalResourceId; + return { PhysicalResourceId: physicalId, Data: { username: username } }; + } + else { + /* eslint-disable-next-line dot-notation */ + throw new Error(`Unrecognized event type: ${event['RequestType']}`); + } +} +exports.handler = handler; +async function dropUser(username, clusterProps) { + await redshift_data_1.executeStatement(`DROP USER ${username}`, clusterProps); +} +async function createUser(username, passwordSecretArn, clusterProps) { + const password = await getPasswordFromSecret(passwordSecretArn); + await redshift_data_1.executeStatement(`CREATE USER ${username} PASSWORD '${password}'`, clusterProps); +} +async function updateUser(username, passwordSecretArn, clusterProps, oldResourceProperties) { + const oldClusterProps = oldResourceProperties; + if (clusterProps.clusterName !== oldClusterProps.clusterName || clusterProps.databaseName !== oldClusterProps.databaseName) { + await createUser(username, passwordSecretArn, clusterProps); + return { replace: true }; + } + const oldUsername = oldResourceProperties.username; + const oldPasswordSecretArn = oldResourceProperties.passwordSecretArn; + const oldPassword = await getPasswordFromSecret(oldPasswordSecretArn); + const password = await getPasswordFromSecret(passwordSecretArn); + if (username !== oldUsername) { + await createUser(username, passwordSecretArn, clusterProps); + return { replace: true }; + } + if (password !== oldPassword) { + await redshift_data_1.executeStatement(`ALTER USER ${username} PASSWORD '${password}'`, clusterProps); + return { replace: false }; + } + return { replace: false }; +} +async function getPasswordFromSecret(passwordSecretArn) { + const secretValue = await secretsManager.getSecretValue({ + SecretId: passwordSecretArn, + }).promise(); + const secretString = secretValue.SecretString; + if (!secretString) { + throw new Error(`Secret string for ${passwordSecretArn} was empty`); + } + const { password } = JSON.parse(secretString); + return password; +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInVzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBRUEsZ0VBQWdFO0FBQ2hFLGlFQUFpRTtBQUNqRSxtREFBbUQ7QUFFbkQsaUNBQXdDO0FBR3hDLE1BQU0sY0FBYyxHQUFHLElBQUksY0FBYyxFQUFFLENBQUM7QUFFckMsS0FBSyxVQUFVLE9BQU8sQ0FBQyxLQUFzQyxFQUFFLEtBQWtEO0lBQ3RILE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUM7SUFDaEMsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsaUJBQWlCLENBQUM7SUFDbEQsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDO0lBRTNCLElBQUksS0FBSyxDQUFDLFdBQVcsS0FBSyxRQUFRLEVBQUU7UUFDbEMsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQzVELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxxQkFBYyxDQUFDLFFBQVEsRUFBRSxZQUFZLEVBQUUsS0FBSyxDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3RIO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLFFBQVEsQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdkMsT0FBTztLQUNSO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsTUFBTSxVQUFVLENBQUMsUUFBUSxFQUFFLGlCQUFpQixFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMscUJBQXdELENBQUMsQ0FBQztRQUNoSixNQUFNLFVBQVUsR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLHFCQUFjLENBQUMsUUFBUSxFQUFFLFlBQVksRUFBRSxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQztRQUNoSCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsVUFBVSxFQUFFLElBQUksRUFBRSxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsRUFBRSxDQUFDO0tBQ3pFO1NBQU07UUFDTCwyQ0FBMkM7UUFDM0MsTUFBTSxJQUFJLEtBQUssQ0FBQyw0QkFBNEIsS0FBSyxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUNyRTtBQUNILENBQUM7QUFuQkQsMEJBbUJDO0FBRUQsS0FBSyxVQUFVLFFBQVEsQ0FBQyxRQUFnQixFQUFFLFlBQTBCO0lBQ2xFLE1BQU0sZ0NBQWdCLENBQUMsYUFBYSxRQUFRLEVBQUUsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNoRSxDQUFDO0FBRUQsS0FBSyxVQUFVLFVBQVUsQ0FBQyxRQUFnQixFQUFFLGlCQUF5QixFQUFFLFlBQTBCO0lBQy9GLE1BQU0sUUFBUSxHQUFHLE1BQU0scUJBQXFCLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUVoRSxNQUFNLGdDQUFnQixDQUFDLGVBQWUsUUFBUSxjQUFjLFFBQVEsR0FBRyxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixRQUFnQixFQUNoQixpQkFBeUIsRUFDekIsWUFBMEIsRUFDMUIscUJBQXNEO0lBRXRELE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksWUFBWSxDQUFDLFdBQVcsS0FBSyxlQUFlLENBQUMsV0FBVyxJQUFJLFlBQVksQ0FBQyxZQUFZLEtBQUssZUFBZSxDQUFDLFlBQVksRUFBRTtRQUMxSCxNQUFNLFVBQVUsQ0FBQyxRQUFRLEVBQUUsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDNUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztLQUMxQjtJQUVELE1BQU0sV0FBVyxHQUFHLHFCQUFxQixDQUFDLFFBQVEsQ0FBQztJQUNuRCxNQUFNLG9CQUFvQixHQUFHLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDO0lBQ3JFLE1BQU0sV0FBVyxHQUFHLE1BQU0scUJBQXFCLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN0RSxNQUFNLFFBQVEsR0FBRyxNQUFNLHFCQUFxQixDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFFaEUsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sVUFBVSxDQUFDLFFBQVEsRUFBRSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUM1RCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0tBQzFCO0lBRUQsSUFBSSxRQUFRLEtBQUssV0FBVyxFQUFFO1FBQzVCLE1BQU0sZ0NBQWdCLENBQUMsY0FBYyxRQUFRLGNBQWMsUUFBUSxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDdEYsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQztLQUMzQjtJQUVELE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLENBQUM7QUFDNUIsQ0FBQztBQUVELEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxpQkFBeUI7SUFDNUQsTUFBTSxXQUFXLEdBQUcsTUFBTSxjQUFjLENBQUMsY0FBYyxDQUFDO1FBQ3RELFFBQVEsRUFBRSxpQkFBaUI7S0FDNUIsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ2IsTUFBTSxZQUFZLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQztJQUM5QyxJQUFJLENBQUMsWUFBWSxFQUFFO1FBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMscUJBQXFCLGlCQUFpQixZQUFZLENBQUMsQ0FBQztLQUNyRTtJQUNELE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBRTlDLE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLXVucmVzb2x2ZWQgKi9cbmltcG9ydCAqIGFzIEFXU0xhbWJkYSBmcm9tICdhd3MtbGFtYmRhJztcbi8qIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCAqIGFzIFNlY3JldHNNYW5hZ2VyIGZyb20gJ2F3cy1zZGsvY2xpZW50cy9zZWNyZXRzbWFuYWdlcic7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgbWFrZVBoeXNpY2FsSWQgfSBmcm9tICcuL3V0aWwnO1xuaW1wb3J0IHsgVXNlckhhbmRsZXJQcm9wcyB9IGZyb20gJy4uL2hhbmRsZXItcHJvcHMnO1xuXG5jb25zdCBzZWNyZXRzTWFuYWdlciA9IG5ldyBTZWNyZXRzTWFuYWdlcigpO1xuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gaGFuZGxlcihwcm9wczogVXNlckhhbmRsZXJQcm9wcyAmIENsdXN0ZXJQcm9wcywgZXZlbnQ6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3QgdXNlcm5hbWUgPSBwcm9wcy51c2VybmFtZTtcbiAgY29uc3QgcGFzc3dvcmRTZWNyZXRBcm4gPSBwcm9wcy5wYXNzd29yZFNlY3JldEFybjtcbiAgY29uc3QgY2x1c3RlclByb3BzID0gcHJvcHM7XG5cbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgIGF3YWl0IGNyZWF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogbWFrZVBoeXNpY2FsSWQodXNlcm5hbWUsIGNsdXN0ZXJQcm9wcywgZXZlbnQuUmVxdWVzdElkKSwgRGF0YTogeyB1c2VybmFtZTogdXNlcm5hbWUgfSB9O1xuICB9IGVsc2UgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJykge1xuICAgIGF3YWl0IGRyb3BVc2VyKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMpO1xuICAgIHJldHVybjtcbiAgfSBlbHNlIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ1VwZGF0ZScpIHtcbiAgICBjb25zdCB7IHJlcGxhY2UgfSA9IGF3YWl0IHVwZGF0ZVVzZXIodXNlcm5hbWUsIHBhc3N3b3JkU2VjcmV0QXJuLCBjbHVzdGVyUHJvcHMsIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBVc2VySGFuZGxlclByb3BzICYgQ2x1c3RlclByb3BzKTtcbiAgICBjb25zdCBwaHlzaWNhbElkID0gcmVwbGFjZSA/IG1ha2VQaHlzaWNhbElkKHVzZXJuYW1lLCBjbHVzdGVyUHJvcHMsIGV2ZW50LlJlcXVlc3RJZCkgOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQ7XG4gICAgcmV0dXJuIHsgUGh5c2ljYWxSZXNvdXJjZUlkOiBwaHlzaWNhbElkLCBEYXRhOiB7IHVzZXJuYW1lOiB1c2VybmFtZSB9IH07XG4gIH0gZWxzZSB7XG4gICAgLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGRvdC1ub3RhdGlvbiAqL1xuICAgIHRocm93IG5ldyBFcnJvcihgVW5yZWNvZ25pemVkIGV2ZW50IHR5cGU6ICR7ZXZlbnRbJ1JlcXVlc3RUeXBlJ119YCk7XG4gIH1cbn1cblxuYXN5bmMgZnVuY3Rpb24gZHJvcFVzZXIodXNlcm5hbWU6IHN0cmluZywgY2x1c3RlclByb3BzOiBDbHVzdGVyUHJvcHMpIHtcbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgRFJPUCBVU0VSICR7dXNlcm5hbWV9YCwgY2x1c3RlclByb3BzKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gY3JlYXRlVXNlcih1c2VybmFtZTogc3RyaW5nLCBwYXNzd29yZFNlY3JldEFybjogc3RyaW5nLCBjbHVzdGVyUHJvcHM6IENsdXN0ZXJQcm9wcykge1xuICBjb25zdCBwYXNzd29yZCA9IGF3YWl0IGdldFBhc3N3b3JkRnJvbVNlY3JldChwYXNzd29yZFNlY3JldEFybik7XG5cbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQ1JFQVRFIFVTRVIgJHt1c2VybmFtZX0gUEFTU1dPUkQgJyR7cGFzc3dvcmR9J2AsIGNsdXN0ZXJQcm9wcyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIHVwZGF0ZVVzZXIoXG4gIHVzZXJuYW1lOiBzdHJpbmcsXG4gIHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcsXG4gIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLFxuICBvbGRSZXNvdXJjZVByb3BlcnRpZXM6IFVzZXJIYW5kbGVyUHJvcHMgJiBDbHVzdGVyUHJvcHMsXG4pOiBQcm9taXNlPHsgcmVwbGFjZTogYm9vbGVhbiB9PiB7XG4gIGNvbnN0IG9sZENsdXN0ZXJQcm9wcyA9IG9sZFJlc291cmNlUHJvcGVydGllcztcbiAgaWYgKGNsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSAhPT0gb2xkQ2x1c3RlclByb3BzLmNsdXN0ZXJOYW1lIHx8IGNsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBjb25zdCBvbGRVc2VybmFtZSA9IG9sZFJlc291cmNlUHJvcGVydGllcy51c2VybmFtZTtcbiAgY29uc3Qgb2xkUGFzc3dvcmRTZWNyZXRBcm4gPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMucGFzc3dvcmRTZWNyZXRBcm47XG4gIGNvbnN0IG9sZFBhc3N3b3JkID0gYXdhaXQgZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KG9sZFBhc3N3b3JkU2VjcmV0QXJuKTtcbiAgY29uc3QgcGFzc3dvcmQgPSBhd2FpdCBnZXRQYXNzd29yZEZyb21TZWNyZXQocGFzc3dvcmRTZWNyZXRBcm4pO1xuXG4gIGlmICh1c2VybmFtZSAhPT0gb2xkVXNlcm5hbWUpIHtcbiAgICBhd2FpdCBjcmVhdGVVc2VyKHVzZXJuYW1lLCBwYXNzd29yZFNlY3JldEFybiwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiB0cnVlIH07XG4gIH1cblxuICBpZiAocGFzc3dvcmQgIT09IG9sZFBhc3N3b3JkKSB7XG4gICAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgQUxURVIgVVNFUiAke3VzZXJuYW1lfSBQQVNTV09SRCAnJHtwYXNzd29yZH0nYCwgY2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyByZXBsYWNlOiBmYWxzZSB9O1xuICB9XG5cbiAgcmV0dXJuIHsgcmVwbGFjZTogZmFsc2UgfTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZ2V0UGFzc3dvcmRGcm9tU2VjcmV0KHBhc3N3b3JkU2VjcmV0QXJuOiBzdHJpbmcpOiBQcm9taXNlPHN0cmluZz4ge1xuICBjb25zdCBzZWNyZXRWYWx1ZSA9IGF3YWl0IHNlY3JldHNNYW5hZ2VyLmdldFNlY3JldFZhbHVlKHtcbiAgICBTZWNyZXRJZDogcGFzc3dvcmRTZWNyZXRBcm4sXG4gIH0pLnByb21pc2UoKTtcbiAgY29uc3Qgc2VjcmV0U3RyaW5nID0gc2VjcmV0VmFsdWUuU2VjcmV0U3RyaW5nO1xuICBpZiAoIXNlY3JldFN0cmluZykge1xuICAgIHRocm93IG5ldyBFcnJvcihgU2VjcmV0IHN0cmluZyBmb3IgJHtwYXNzd29yZFNlY3JldEFybn0gd2FzIGVtcHR5YCk7XG4gIH1cbiAgY29uc3QgeyBwYXNzd29yZCB9ID0gSlNPTi5wYXJzZShzZWNyZXRTdHJpbmcpO1xuXG4gIHJldHVybiBwYXNzd29yZDtcbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js new file mode 100644 index 0000000000000..d8dc8cad799c9 --- /dev/null +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338/util.js @@ -0,0 +1,34 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.areColumnsEqual = exports.getSortKeyColumns = exports.getDistKeyColumn = exports.makePhysicalId = void 0; +function makePhysicalId(resourceName, clusterProps, requestId) { + return `${clusterProps.clusterName}:${clusterProps.databaseName}:${resourceName}:${requestId}`; +} +exports.makePhysicalId = makePhysicalId; +function getDistKeyColumn(columns) { + // string comparison is required for custom resource since everything is passed as string + const distKeyColumns = columns.filter(column => column.distKey === true || column.distKey === 'true'); + if (distKeyColumns.length === 0) { + return undefined; + } + else if (distKeyColumns.length > 1) { + throw new Error('Multiple dist key columns found'); + } + return distKeyColumns[0]; +} +exports.getDistKeyColumn = getDistKeyColumn; +function getSortKeyColumns(columns) { + // string comparison is required for custom resource since everything is passed as string + return columns.filter(column => column.sortKey === true || column.sortKey === 'true'); +} +exports.getSortKeyColumns = getSortKeyColumns; +function areColumnsEqual(columnsA, columnsB) { + if (columnsA.length !== columnsB.length) { + return false; + } + return columnsA.every(columnA => { + return columnsB.find(column => column.name === columnA.name && column.dataType === columnA.dataType); + }); +} +exports.areColumnsEqual = areColumnsEqual; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBR0EsU0FBZ0IsY0FBYyxDQUFDLFlBQW9CLEVBQUUsWUFBMEIsRUFBRSxTQUFpQjtJQUNoRyxPQUFPLEdBQUcsWUFBWSxDQUFDLFdBQVcsSUFBSSxZQUFZLENBQUMsWUFBWSxJQUFJLFlBQVksSUFBSSxTQUFTLEVBQUUsQ0FBQztBQUNqRyxDQUFDO0FBRkQsd0NBRUM7QUFFRCxTQUFnQixnQkFBZ0IsQ0FBQyxPQUFpQjtJQUNoRCx5RkFBeUY7SUFDekYsTUFBTSxjQUFjLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEtBQUssSUFBSSxJQUFLLE1BQU0sQ0FBQyxPQUE2QixLQUFLLE1BQU0sQ0FBQyxDQUFDO0lBRTdILElBQUksY0FBYyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUU7UUFDL0IsT0FBTyxTQUFTLENBQUM7S0FDbEI7U0FBTSxJQUFJLGNBQWMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1FBQ3BDLE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztLQUNwRDtJQUVELE9BQU8sY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQzNCLENBQUM7QUFYRCw0Q0FXQztBQUVELFNBQWdCLGlCQUFpQixDQUFDLE9BQWlCO0lBQ2pELHlGQUF5RjtJQUN6RixPQUFPLE9BQU8sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsT0FBTyxLQUFLLElBQUksSUFBSyxNQUFNLENBQUMsT0FBNkIsS0FBSyxNQUFNLENBQUMsQ0FBQztBQUMvRyxDQUFDO0FBSEQsOENBR0M7QUFFRCxTQUFnQixlQUFlLENBQUMsUUFBa0IsRUFBRSxRQUFrQjtJQUNwRSxJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssUUFBUSxDQUFDLE1BQU0sRUFBRTtRQUN2QyxPQUFPLEtBQUssQ0FBQztLQUNkO0lBQ0QsT0FBTyxRQUFRLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQzlCLE9BQU8sUUFBUSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssT0FBTyxDQUFDLElBQUksSUFBSSxNQUFNLENBQUMsUUFBUSxLQUFLLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUN2RyxDQUFDLENBQUMsQ0FBQztBQUNMLENBQUM7QUFQRCwwQ0FPQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENsdXN0ZXJQcm9wcyB9IGZyb20gJy4vdHlwZXMnO1xuaW1wb3J0IHsgQ29sdW1uIH0gZnJvbSAnLi4vLi4vdGFibGUnO1xuXG5leHBvcnQgZnVuY3Rpb24gbWFrZVBoeXNpY2FsSWQocmVzb3VyY2VOYW1lOiBzdHJpbmcsIGNsdXN0ZXJQcm9wczogQ2x1c3RlclByb3BzLCByZXF1ZXN0SWQ6IHN0cmluZyk6IHN0cmluZyB7XG4gIHJldHVybiBgJHtjbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWV9OiR7Y2x1c3RlclByb3BzLmRhdGFiYXNlTmFtZX06JHtyZXNvdXJjZU5hbWV9OiR7cmVxdWVzdElkfWA7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXREaXN0S2V5Q29sdW1uKGNvbHVtbnM6IENvbHVtbltdKTogQ29sdW1uIHwgdW5kZWZpbmVkIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgY29uc3QgZGlzdEtleUNvbHVtbnMgPSBjb2x1bW5zLmZpbHRlcihjb2x1bW4gPT4gY29sdW1uLmRpc3RLZXkgPT09IHRydWUgfHwgKGNvbHVtbi5kaXN0S2V5IGFzIHVua25vd24gYXMgc3RyaW5nKSA9PT0gJ3RydWUnKTtcblxuICBpZiAoZGlzdEtleUNvbHVtbnMubGVuZ3RoID09PSAwKSB7XG4gICAgcmV0dXJuIHVuZGVmaW5lZDtcbiAgfSBlbHNlIGlmIChkaXN0S2V5Q29sdW1ucy5sZW5ndGggPiAxKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdNdWx0aXBsZSBkaXN0IGtleSBjb2x1bW5zIGZvdW5kJyk7XG4gIH1cblxuICByZXR1cm4gZGlzdEtleUNvbHVtbnNbMF07XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBnZXRTb3J0S2V5Q29sdW1ucyhjb2x1bW5zOiBDb2x1bW5bXSk6IENvbHVtbltdIHtcbiAgLy8gc3RyaW5nIGNvbXBhcmlzb24gaXMgcmVxdWlyZWQgZm9yIGN1c3RvbSByZXNvdXJjZSBzaW5jZSBldmVyeXRoaW5nIGlzIHBhc3NlZCBhcyBzdHJpbmdcbiAgcmV0dXJuIGNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiBjb2x1bW4uc29ydEtleSA9PT0gdHJ1ZSB8fCAoY29sdW1uLnNvcnRLZXkgYXMgdW5rbm93biBhcyBzdHJpbmcpID09PSAndHJ1ZScpO1xufVxuXG5leHBvcnQgZnVuY3Rpb24gYXJlQ29sdW1uc0VxdWFsKGNvbHVtbnNBOiBDb2x1bW5bXSwgY29sdW1uc0I6IENvbHVtbltdKTogYm9vbGVhbiB7XG4gIGlmIChjb2x1bW5zQS5sZW5ndGggIT09IGNvbHVtbnNCLmxlbmd0aCkge1xuICAgIHJldHVybiBmYWxzZTtcbiAgfVxuICByZXR1cm4gY29sdW1uc0EuZXZlcnkoY29sdW1uQSA9PiB7XG4gICAgcmV0dXJuIGNvbHVtbnNCLmZpbmQoY29sdW1uID0+IGNvbHVtbi5uYW1lID09PSBjb2x1bW5BLm5hbWUgJiYgY29sdW1uLmRhdGFUeXBlID09PSBjb2x1bW5BLmRhdGFUeXBlKTtcbiAgfSk7XG59XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/table.js b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/table.js deleted file mode 100644 index 2566b1d2890c7..0000000000000 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08/table.js +++ /dev/null @@ -1,125 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const redshift_data_1 = require("./redshift-data"); -const types_1 = require("./types"); -const util_1 = require("./util"); -async function handler(props, event) { - const tableNamePrefix = props.tableName.prefix; - const tableNameSuffix = props.tableName.generateSuffix === 'true' ? `${event.RequestId.substring(0, 8)}` : ''; - const tableColumns = props.tableColumns; - const tableAndClusterProps = props; - if (event.RequestType === 'Create') { - const tableName = await createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - return { PhysicalResourceId: tableName }; - } - else if (event.RequestType === 'Delete') { - await dropTable(event.PhysicalResourceId, tableAndClusterProps); - return; - } - else if (event.RequestType === 'Update') { - const tableName = await updateTable(event.PhysicalResourceId, tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps, event.OldResourceProperties); - return { PhysicalResourceId: tableName }; - } - else { - /* eslint-disable-next-line dot-notation */ - throw new Error(`Unrecognized event type: ${event['RequestType']}`); - } -} -exports.handler = handler; -async function createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps) { - const tableName = tableNamePrefix + tableNameSuffix; - const tableColumnsString = tableColumns.map(column => `${column.name} ${column.dataType}`).join(); - let statement = `CREATE TABLE ${tableName} (${tableColumnsString})`; - if (tableAndClusterProps.distStyle) { - statement += ` DISTSTYLE ${tableAndClusterProps.distStyle}`; - } - const distKeyColumn = util_1.getDistKeyColumn(tableColumns); - if (distKeyColumn) { - statement += ` DISTKEY(${distKeyColumn.name})`; - } - const sortKeyColumns = util_1.getSortKeyColumns(tableColumns); - if (sortKeyColumns.length > 0) { - const sortKeyColumnsString = getSortKeyColumnsString(sortKeyColumns); - statement += ` ${tableAndClusterProps.sortStyle} SORTKEY(${sortKeyColumnsString})`; - } - await redshift_data_1.executeStatement(statement, tableAndClusterProps); - if (tableAndClusterProps.tableComment) { - await redshift_data_1.executeStatement(`COMMENT ON TABLE ${tableName} IS '${tableAndClusterProps.tableComment}'`, tableAndClusterProps); - } - return tableName; -} -async function dropTable(tableName, clusterProps) { - await redshift_data_1.executeStatement(`DROP TABLE ${tableName}`, clusterProps); -} -async function updateTable(tableName, tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps, oldResourceProperties) { - const alterationStatements = []; - const oldClusterProps = oldResourceProperties; - if (tableAndClusterProps.clusterName !== oldClusterProps.clusterName || tableAndClusterProps.databaseName !== oldClusterProps.databaseName) { - return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - } - const oldTableNamePrefix = oldResourceProperties.tableName.prefix; - if (tableNamePrefix !== oldTableNamePrefix) { - return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - } - const oldTableColumns = oldResourceProperties.tableColumns; - const columnDeletions = oldTableColumns.filter(oldColumn => (tableColumns.every(column => oldColumn.name !== column.name))); - if (columnDeletions.length > 0) { - alterationStatements.push(...columnDeletions.map(column => `ALTER TABLE ${tableName} DROP COLUMN ${column.name}`)); - } - const columnAdditions = tableColumns.filter(column => { - return !oldTableColumns.some(oldColumn => column.name === oldColumn.name && column.dataType === oldColumn.dataType); - }).map(column => `ADD ${column.name} ${column.dataType}`); - if (columnAdditions.length > 0) { - alterationStatements.push(...columnAdditions.map(addition => `ALTER TABLE ${tableName} ${addition}`)); - } - const oldDistStyle = oldResourceProperties.distStyle; - if ((!oldDistStyle && tableAndClusterProps.distStyle) || - (oldDistStyle && !tableAndClusterProps.distStyle)) { - return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - } - else if (oldDistStyle !== tableAndClusterProps.distStyle) { - alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTSTYLE ${tableAndClusterProps.distStyle}`); - } - const oldDistKey = util_1.getDistKeyColumn(oldTableColumns)?.name; - const newDistKey = util_1.getDistKeyColumn(tableColumns)?.name; - if ((!oldDistKey && newDistKey) || (oldDistKey && !newDistKey)) { - return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - } - else if (oldDistKey !== newDistKey) { - alterationStatements.push(`ALTER TABLE ${tableName} ALTER DISTKEY ${newDistKey}`); - } - const oldSortKeyColumns = util_1.getSortKeyColumns(oldTableColumns); - const newSortKeyColumns = util_1.getSortKeyColumns(tableColumns); - const oldSortStyle = oldResourceProperties.sortStyle; - const newSortStyle = tableAndClusterProps.sortStyle; - if ((oldSortStyle === newSortStyle && !util_1.areColumnsEqual(oldSortKeyColumns, newSortKeyColumns)) - || (oldSortStyle !== newSortStyle)) { - switch (newSortStyle) { - case types_1.TableSortStyle.INTERLEAVED: - // INTERLEAVED sort key addition requires replacement. - // https://docs.aws.amazon.com/redshift/latest/dg/r_ALTER_TABLE.html - return createTable(tableNamePrefix, tableNameSuffix, tableColumns, tableAndClusterProps); - case types_1.TableSortStyle.COMPOUND: { - const sortKeyColumnsString = getSortKeyColumnsString(newSortKeyColumns); - alterationStatements.push(`ALTER TABLE ${tableName} ALTER ${newSortStyle} SORTKEY(${sortKeyColumnsString})`); - break; - } - case types_1.TableSortStyle.AUTO: { - alterationStatements.push(`ALTER TABLE ${tableName} ALTER SORTKEY ${newSortStyle}`); - break; - } - } - } - const oldComment = oldResourceProperties.tableComment; - const newComment = tableAndClusterProps.tableComment; - if (oldComment !== newComment) { - alterationStatements.push(`COMMENT ON TABLE ${tableName} IS ${newComment ? `'${newComment}'` : 'NULL'}`); - } - await Promise.all(alterationStatements.map(statement => redshift_data_1.executeStatement(statement, tableAndClusterProps))); - return tableName; -} -function getSortKeyColumnsString(sortKeyColumns) { - return sortKeyColumns.map(column => column.name).join(); -} -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGFibGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJ0YWJsZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFHQSxtREFBbUQ7QUFDbkQsbUNBQTZFO0FBQzdFLGlDQUE4RTtBQUV2RSxLQUFLLFVBQVUsT0FBTyxDQUFDLEtBQTJCLEVBQUUsS0FBa0Q7SUFDM0csTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUM7SUFDL0MsTUFBTSxlQUFlLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxjQUFjLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7SUFDOUcsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQVksQ0FBQztJQUN4QyxNQUFNLG9CQUFvQixHQUFHLEtBQUssQ0FBQztJQUVuQyxJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ2xDLE1BQU0sU0FBUyxHQUFHLE1BQU0sV0FBVyxDQUFDLGVBQWUsRUFBRSxlQUFlLEVBQUUsWUFBWSxFQUFFLG9CQUFvQixDQUFDLENBQUM7UUFDMUcsT0FBTyxFQUFFLGtCQUFrQixFQUFFLFNBQVMsRUFBRSxDQUFDO0tBQzFDO1NBQU0sSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRTtRQUN6QyxNQUFNLFNBQVMsQ0FBQyxLQUFLLENBQUMsa0JBQWtCLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUNoRSxPQUFPO0tBQ1I7U0FBTSxJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ3pDLE1BQU0sU0FBUyxHQUFHLE1BQU0sV0FBVyxDQUNqQyxLQUFLLENBQUMsa0JBQWtCLEVBQ3hCLGVBQWUsRUFDZixlQUFlLEVBQ2YsWUFBWSxFQUNaLG9CQUFvQixFQUNwQixLQUFLLENBQUMscUJBQTZDLENBQ3BELENBQUM7UUFDRixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsU0FBUyxFQUFFLENBQUM7S0FDMUM7U0FBTTtRQUNMLDJDQUEyQztRQUMzQyxNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixLQUFLLENBQUMsYUFBYSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0tBQ3JFO0FBQ0gsQ0FBQztBQTFCRCwwQkEwQkM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixvQkFBMEM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsZUFBZSxHQUFHLGVBQWUsQ0FBQztJQUNwRCxNQUFNLGtCQUFrQixHQUFHLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7SUFFbEcsSUFBSSxTQUFTLEdBQUcsZ0JBQWdCLFNBQVMsS0FBSyxrQkFBa0IsR0FBRyxDQUFDO0lBRXBFLElBQUksb0JBQW9CLENBQUMsU0FBUyxFQUFFO1FBQ2xDLFNBQVMsSUFBSSxjQUFjLG9CQUFvQixDQUFDLFNBQVMsRUFBRSxDQUFDO0tBQzdEO0lBRUQsTUFBTSxhQUFhLEdBQUcsdUJBQWdCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDckQsSUFBSSxhQUFhLEVBQUU7UUFDakIsU0FBUyxJQUFJLFlBQVksYUFBYSxDQUFDLElBQUksR0FBRyxDQUFDO0tBQ2hEO0lBRUQsTUFBTSxjQUFjLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDdkQsSUFBSSxjQUFjLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRTtRQUM3QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQ3JFLFNBQVMsSUFBSSxJQUFJLG9CQUFvQixDQUFDLFNBQVMsWUFBWSxvQkFBb0IsR0FBRyxDQUFDO0tBQ3BGO0lBRUQsTUFBTSxnQ0FBZ0IsQ0FBQyxTQUFTLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztJQUV4RCxJQUFJLG9CQUFvQixDQUFDLFlBQVksRUFBRTtRQUNyQyxNQUFNLGdDQUFnQixDQUFDLG9CQUFvQixTQUFTLFFBQVEsb0JBQW9CLENBQUMsWUFBWSxHQUFHLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUN6SDtJQUVELE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxLQUFLLFVBQVUsU0FBUyxDQUFDLFNBQWlCLEVBQUUsWUFBMEI7SUFDcEUsTUFBTSxnQ0FBZ0IsQ0FBQyxjQUFjLFNBQVMsRUFBRSxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ2xFLENBQUM7QUFFRCxLQUFLLFVBQVUsV0FBVyxDQUN4QixTQUFpQixFQUNqQixlQUF1QixFQUN2QixlQUF1QixFQUN2QixZQUFzQixFQUN0QixvQkFBMEMsRUFDMUMscUJBQTJDO0lBRTNDLE1BQU0sb0JBQW9CLEdBQWEsRUFBRSxDQUFDO0lBRTFDLE1BQU0sZUFBZSxHQUFHLHFCQUFxQixDQUFDO0lBQzlDLElBQUksb0JBQW9CLENBQUMsV0FBVyxLQUFLLGVBQWUsQ0FBQyxXQUFXLElBQUksb0JBQW9CLENBQUMsWUFBWSxLQUFLLGVBQWUsQ0FBQyxZQUFZLEVBQUU7UUFDMUksT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtJQUVELE1BQU0sa0JBQWtCLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQztJQUNsRSxJQUFJLGVBQWUsS0FBSyxrQkFBa0IsRUFBRTtRQUMxQyxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO0lBRUQsTUFBTSxlQUFlLEdBQUcscUJBQXFCLENBQUMsWUFBWSxDQUFDO0lBQzNELE1BQU0sZUFBZSxHQUFHLGVBQWUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUMxRCxZQUFZLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLElBQUksS0FBSyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQzdELENBQUMsQ0FBQztJQUNILElBQUksZUFBZSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUU7UUFDOUIsb0JBQW9CLENBQUMsSUFBSSxDQUFDLEdBQUcsZUFBZSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLGVBQWUsU0FBUyxnQkFBZ0IsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUMsQ0FBQztLQUNwSDtJQUVELE1BQU0sZUFBZSxHQUFHLFlBQVksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEVBQUU7UUFDbkQsT0FBTyxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxLQUFLLFNBQVMsQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLFFBQVEsS0FBSyxTQUFTLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDdEgsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsT0FBTyxNQUFNLENBQUMsSUFBSSxJQUFJLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDO0lBQzFELElBQUksZUFBZSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUU7UUFDOUIsb0JBQW9CLENBQUMsSUFBSSxDQUFDLEdBQUcsZUFBZSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLGVBQWUsU0FBUyxJQUFJLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQztLQUN2RztJQUVELE1BQU0sWUFBWSxHQUFHLHFCQUFxQixDQUFDLFNBQVMsQ0FBQztJQUNyRCxJQUFJLENBQUMsQ0FBQyxZQUFZLElBQUksb0JBQW9CLENBQUMsU0FBUyxDQUFDO1FBQ25ELENBQUMsWUFBWSxJQUFJLENBQUMsb0JBQW9CLENBQUMsU0FBUyxDQUFDLEVBQUU7UUFDbkQsT0FBTyxXQUFXLENBQUMsZUFBZSxFQUFFLGVBQWUsRUFBRSxZQUFZLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUMxRjtTQUFNLElBQUksWUFBWSxLQUFLLG9CQUFvQixDQUFDLFNBQVMsRUFBRTtRQUMxRCxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsZUFBZSxTQUFTLG9CQUFvQixvQkFBb0IsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO0tBQ3pHO0lBRUQsTUFBTSxVQUFVLEdBQUcsdUJBQWdCLENBQUMsZUFBZSxDQUFDLEVBQUUsSUFBSSxDQUFDO0lBQzNELE1BQU0sVUFBVSxHQUFHLHVCQUFnQixDQUFDLFlBQVksQ0FBQyxFQUFFLElBQUksQ0FBQztJQUN4RCxJQUFJLENBQUMsQ0FBQyxVQUFVLElBQUksVUFBVSxDQUFFLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRTtRQUMvRCxPQUFPLFdBQVcsQ0FBQyxlQUFlLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO0tBQzFGO1NBQU0sSUFBSSxVQUFVLEtBQUssVUFBVSxFQUFFO1FBQ3BDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFVBQVUsRUFBRSxDQUFDLENBQUM7S0FDbkY7SUFFRCxNQUFNLGlCQUFpQixHQUFHLHdCQUFpQixDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQzdELE1BQU0saUJBQWlCLEdBQUcsd0JBQWlCLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDMUQsTUFBTSxZQUFZLEdBQUcscUJBQXFCLENBQUMsU0FBUyxDQUFDO0lBQ3JELE1BQU0sWUFBWSxHQUFHLG9CQUFvQixDQUFDLFNBQVMsQ0FBQztJQUNwRCxJQUFJLENBQUMsWUFBWSxLQUFLLFlBQVksSUFBSSxDQUFDLHNCQUFlLENBQUMsaUJBQWlCLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztXQUN4RixDQUFDLFlBQVksS0FBSyxZQUFZLENBQUMsRUFBRTtRQUNwQyxRQUFRLFlBQVksRUFBRTtZQUNwQixLQUFLLHNCQUFjLENBQUMsV0FBVztnQkFDN0Isc0RBQXNEO2dCQUN0RCxvRUFBb0U7Z0JBQ3BFLE9BQU8sV0FBVyxDQUFDLGVBQWUsRUFBRSxlQUFlLEVBQUUsWUFBWSxFQUFFLG9CQUFvQixDQUFDLENBQUM7WUFFM0YsS0FBSyxzQkFBYyxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUM1QixNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDLGlCQUFpQixDQUFDLENBQUM7Z0JBQ3hFLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsVUFBVSxZQUFZLFlBQVksb0JBQW9CLEdBQUcsQ0FBQyxDQUFDO2dCQUM3RyxNQUFNO2FBQ1A7WUFFRCxLQUFLLHNCQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ3hCLG9CQUFvQixDQUFDLElBQUksQ0FBQyxlQUFlLFNBQVMsa0JBQWtCLFlBQVksRUFBRSxDQUFDLENBQUM7Z0JBQ3BGLE1BQU07YUFDUDtTQUNGO0tBQ0Y7SUFFRCxNQUFNLFVBQVUsR0FBRyxxQkFBcUIsQ0FBQyxZQUFZLENBQUM7SUFDdEQsTUFBTSxVQUFVLEdBQUcsb0JBQW9CLENBQUMsWUFBWSxDQUFDO0lBQ3JELElBQUksVUFBVSxLQUFLLFVBQVUsRUFBRTtRQUM3QixvQkFBb0IsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLFNBQVMsT0FBTyxVQUFVLENBQUMsQ0FBQyxDQUFDLElBQUksVUFBVSxHQUFHLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7S0FDMUc7SUFFRCxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsZ0NBQWdCLENBQUMsU0FBUyxFQUFFLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxDQUFDO0lBRTVHLE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCxTQUFTLHVCQUF1QixDQUFDLGNBQXdCO0lBQ3ZELE9BQU8sY0FBYyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztBQUMxRCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBDb2x1bW4gfSBmcm9tICcuLi8uLi90YWJsZSc7XG5pbXBvcnQgeyBleGVjdXRlU3RhdGVtZW50IH0gZnJvbSAnLi9yZWRzaGlmdC1kYXRhJztcbmltcG9ydCB7IENsdXN0ZXJQcm9wcywgVGFibGVBbmRDbHVzdGVyUHJvcHMsIFRhYmxlU29ydFN0eWxlIH0gZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBhcmVDb2x1bW5zRXF1YWwsIGdldERpc3RLZXlDb2x1bW4sIGdldFNvcnRLZXlDb2x1bW5zIH0gZnJvbSAnLi91dGlsJztcblxuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhbmRsZXIocHJvcHM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLCBldmVudDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCkge1xuICBjb25zdCB0YWJsZU5hbWVQcmVmaXggPSBwcm9wcy50YWJsZU5hbWUucHJlZml4O1xuICBjb25zdCB0YWJsZU5hbWVTdWZmaXggPSBwcm9wcy50YWJsZU5hbWUuZ2VuZXJhdGVTdWZmaXggPT09ICd0cnVlJyA/IGAke2V2ZW50LlJlcXVlc3RJZC5zdWJzdHJpbmcoMCwgOCl9YCA6ICcnO1xuICBjb25zdCB0YWJsZUNvbHVtbnMgPSBwcm9wcy50YWJsZUNvbHVtbnM7XG4gIGNvbnN0IHRhYmxlQW5kQ2x1c3RlclByb3BzID0gcHJvcHM7XG5cbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnQ3JlYXRlJykge1xuICAgIGNvbnN0IHRhYmxlTmFtZSA9IGF3YWl0IGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgICByZXR1cm4geyBQaHlzaWNhbFJlc291cmNlSWQ6IHRhYmxlTmFtZSB9O1xuICB9IGVsc2UgaWYgKGV2ZW50LlJlcXVlc3RUeXBlID09PSAnRGVsZXRlJykge1xuICAgIGF3YWl0IGRyb3BUYWJsZShldmVudC5QaHlzaWNhbFJlc291cmNlSWQsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgICByZXR1cm47XG4gIH0gZWxzZSBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdVcGRhdGUnKSB7XG4gICAgY29uc3QgdGFibGVOYW1lID0gYXdhaXQgdXBkYXRlVGFibGUoXG4gICAgICBldmVudC5QaHlzaWNhbFJlc291cmNlSWQsXG4gICAgICB0YWJsZU5hbWVQcmVmaXgsXG4gICAgICB0YWJsZU5hbWVTdWZmaXgsXG4gICAgICB0YWJsZUNvbHVtbnMsXG4gICAgICB0YWJsZUFuZENsdXN0ZXJQcm9wcyxcbiAgICAgIGV2ZW50Lk9sZFJlc291cmNlUHJvcGVydGllcyBhcyBUYWJsZUFuZENsdXN0ZXJQcm9wcyxcbiAgICApO1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogdGFibGVOYW1lIH07XG4gIH0gZWxzZSB7XG4gICAgLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGRvdC1ub3RhdGlvbiAqL1xuICAgIHRocm93IG5ldyBFcnJvcihgVW5yZWNvZ25pemVkIGV2ZW50IHR5cGU6ICR7ZXZlbnRbJ1JlcXVlc3RUeXBlJ119YCk7XG4gIH1cbn1cblxuYXN5bmMgZnVuY3Rpb24gY3JlYXRlVGFibGUoXG4gIHRhYmxlTmFtZVByZWZpeDogc3RyaW5nLFxuICB0YWJsZU5hbWVTdWZmaXg6IHN0cmluZyxcbiAgdGFibGVDb2x1bW5zOiBDb2x1bW5bXSxcbiAgdGFibGVBbmRDbHVzdGVyUHJvcHM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLFxuKTogUHJvbWlzZTxzdHJpbmc+IHtcbiAgY29uc3QgdGFibGVOYW1lID0gdGFibGVOYW1lUHJlZml4ICsgdGFibGVOYW1lU3VmZml4O1xuICBjb25zdCB0YWJsZUNvbHVtbnNTdHJpbmcgPSB0YWJsZUNvbHVtbnMubWFwKGNvbHVtbiA9PiBgJHtjb2x1bW4ubmFtZX0gJHtjb2x1bW4uZGF0YVR5cGV9YCkuam9pbigpO1xuXG4gIGxldCBzdGF0ZW1lbnQgPSBgQ1JFQVRFIFRBQkxFICR7dGFibGVOYW1lfSAoJHt0YWJsZUNvbHVtbnNTdHJpbmd9KWA7XG5cbiAgaWYgKHRhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZSkge1xuICAgIHN0YXRlbWVudCArPSBgIERJU1RTVFlMRSAke3RhYmxlQW5kQ2x1c3RlclByb3BzLmRpc3RTdHlsZX1gO1xuICB9XG5cbiAgY29uc3QgZGlzdEtleUNvbHVtbiA9IGdldERpc3RLZXlDb2x1bW4odGFibGVDb2x1bW5zKTtcbiAgaWYgKGRpc3RLZXlDb2x1bW4pIHtcbiAgICBzdGF0ZW1lbnQgKz0gYCBESVNUS0VZKCR7ZGlzdEtleUNvbHVtbi5uYW1lfSlgO1xuICB9XG5cbiAgY29uc3Qgc29ydEtleUNvbHVtbnMgPSBnZXRTb3J0S2V5Q29sdW1ucyh0YWJsZUNvbHVtbnMpO1xuICBpZiAoc29ydEtleUNvbHVtbnMubGVuZ3RoID4gMCkge1xuICAgIGNvbnN0IHNvcnRLZXlDb2x1bW5zU3RyaW5nID0gZ2V0U29ydEtleUNvbHVtbnNTdHJpbmcoc29ydEtleUNvbHVtbnMpO1xuICAgIHN0YXRlbWVudCArPSBgICR7dGFibGVBbmRDbHVzdGVyUHJvcHMuc29ydFN0eWxlfSBTT1JUS0VZKCR7c29ydEtleUNvbHVtbnNTdHJpbmd9KWA7XG4gIH1cblxuICBhd2FpdCBleGVjdXRlU3RhdGVtZW50KHN0YXRlbWVudCwgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuXG4gIGlmICh0YWJsZUFuZENsdXN0ZXJQcm9wcy50YWJsZUNvbW1lbnQpIHtcbiAgICBhd2FpdCBleGVjdXRlU3RhdGVtZW50KGBDT01NRU5UIE9OIFRBQkxFICR7dGFibGVOYW1lfSBJUyAnJHt0YWJsZUFuZENsdXN0ZXJQcm9wcy50YWJsZUNvbW1lbnR9J2AsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfVxuXG4gIHJldHVybiB0YWJsZU5hbWU7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGRyb3BUYWJsZSh0YWJsZU5hbWU6IHN0cmluZywgY2x1c3RlclByb3BzOiBDbHVzdGVyUHJvcHMpIHtcbiAgYXdhaXQgZXhlY3V0ZVN0YXRlbWVudChgRFJPUCBUQUJMRSAke3RhYmxlTmFtZX1gLCBjbHVzdGVyUHJvcHMpO1xufVxuXG5hc3luYyBmdW5jdGlvbiB1cGRhdGVUYWJsZShcbiAgdGFibGVOYW1lOiBzdHJpbmcsXG4gIHRhYmxlTmFtZVByZWZpeDogc3RyaW5nLFxuICB0YWJsZU5hbWVTdWZmaXg6IHN0cmluZyxcbiAgdGFibGVDb2x1bW5zOiBDb2x1bW5bXSxcbiAgdGFibGVBbmRDbHVzdGVyUHJvcHM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLFxuICBvbGRSZXNvdXJjZVByb3BlcnRpZXM6IFRhYmxlQW5kQ2x1c3RlclByb3BzLFxuKTogUHJvbWlzZTxzdHJpbmc+IHtcbiAgY29uc3QgYWx0ZXJhdGlvblN0YXRlbWVudHM6IHN0cmluZ1tdID0gW107XG5cbiAgY29uc3Qgb2xkQ2x1c3RlclByb3BzID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzO1xuICBpZiAodGFibGVBbmRDbHVzdGVyUHJvcHMuY2x1c3Rlck5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5jbHVzdGVyTmFtZSB8fCB0YWJsZUFuZENsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUgIT09IG9sZENsdXN0ZXJQcm9wcy5kYXRhYmFzZU5hbWUpIHtcbiAgICByZXR1cm4gY3JlYXRlVGFibGUodGFibGVOYW1lUHJlZml4LCB0YWJsZU5hbWVTdWZmaXgsIHRhYmxlQ29sdW1ucywgdGFibGVBbmRDbHVzdGVyUHJvcHMpO1xuICB9XG5cbiAgY29uc3Qgb2xkVGFibGVOYW1lUHJlZml4ID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnRhYmxlTmFtZS5wcmVmaXg7XG4gIGlmICh0YWJsZU5hbWVQcmVmaXggIT09IG9sZFRhYmxlTmFtZVByZWZpeCkge1xuICAgIHJldHVybiBjcmVhdGVUYWJsZSh0YWJsZU5hbWVQcmVmaXgsIHRhYmxlTmFtZVN1ZmZpeCwgdGFibGVDb2x1bW5zLCB0YWJsZUFuZENsdXN0ZXJQcm9wcyk7XG4gIH1cblxuICBjb25zdCBvbGRUYWJsZUNvbHVtbnMgPSBvbGRSZXNvdXJjZVByb3BlcnRpZXMudGFibGVDb2x1bW5zO1xuICBjb25zdCBjb2x1bW5EZWxldGlvbnMgPSBvbGRUYWJsZUNvbHVtbnMuZmlsdGVyKG9sZENvbHVtbiA9PiAoXG4gICAgdGFibGVDb2x1bW5zLmV2ZXJ5KGNvbHVtbiA9PiBvbGRDb2x1bW4ubmFtZSAhPT0gY29sdW1uLm5hbWUpXG4gICkpO1xuICBpZiAoY29sdW1uRGVsZXRpb25zLmxlbmd0aCA+IDApIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKC4uLmNvbHVtbkRlbGV0aW9ucy5tYXAoY29sdW1uID0+IGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gRFJPUCBDT0xVTU4gJHtjb2x1bW4ubmFtZX1gKSk7XG4gIH1cblxuICBjb25zdCBjb2x1bW5BZGRpdGlvbnMgPSB0YWJsZUNvbHVtbnMuZmlsdGVyKGNvbHVtbiA9PiB7XG4gICAgcmV0dXJuICFvbGRUYWJsZUNvbHVtbnMuc29tZShvbGRDb2x1bW4gPT4gY29sdW1uLm5hbWUgPT09IG9sZENvbHVtbi5uYW1lICYmIGNvbHVtbi5kYXRhVHlwZSA9PT0gb2xkQ29sdW1uLmRhdGFUeXBlKTtcbiAgfSkubWFwKGNvbHVtbiA9PiBgQUREICR7Y29sdW1uLm5hbWV9ICR7Y29sdW1uLmRhdGFUeXBlfWApO1xuICBpZiAoY29sdW1uQWRkaXRpb25zLmxlbmd0aCA+IDApIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKC4uLmNvbHVtbkFkZGl0aW9ucy5tYXAoYWRkaXRpb24gPT4gYEFMVEVSIFRBQkxFICR7dGFibGVOYW1lfSAke2FkZGl0aW9ufWApKTtcbiAgfVxuXG4gIGNvbnN0IG9sZERpc3RTdHlsZSA9IG9sZFJlc291cmNlUHJvcGVydGllcy5kaXN0U3R5bGU7XG4gIGlmICgoIW9sZERpc3RTdHlsZSAmJiB0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGUpIHx8XG4gICAgKG9sZERpc3RTdHlsZSAmJiAhdGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlKSkge1xuICAgIHJldHVybiBjcmVhdGVUYWJsZSh0YWJsZU5hbWVQcmVmaXgsIHRhYmxlTmFtZVN1ZmZpeCwgdGFibGVDb2x1bW5zLCB0YWJsZUFuZENsdXN0ZXJQcm9wcyk7XG4gIH0gZWxzZSBpZiAob2xkRGlzdFN0eWxlICE9PSB0YWJsZUFuZENsdXN0ZXJQcm9wcy5kaXN0U3R5bGUpIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBBTFRFUiBUQUJMRSAke3RhYmxlTmFtZX0gQUxURVIgRElTVFNUWUxFICR7dGFibGVBbmRDbHVzdGVyUHJvcHMuZGlzdFN0eWxlfWApO1xuICB9XG5cbiAgY29uc3Qgb2xkRGlzdEtleSA9IGdldERpc3RLZXlDb2x1bW4ob2xkVGFibGVDb2x1bW5zKT8ubmFtZTtcbiAgY29uc3QgbmV3RGlzdEtleSA9IGdldERpc3RLZXlDb2x1bW4odGFibGVDb2x1bW5zKT8ubmFtZTtcbiAgaWYgKCghb2xkRGlzdEtleSAmJiBuZXdEaXN0S2V5ICkgfHwgKG9sZERpc3RLZXkgJiYgIW5ld0Rpc3RLZXkpKSB7XG4gICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcbiAgfSBlbHNlIGlmIChvbGREaXN0S2V5ICE9PSBuZXdEaXN0S2V5KSB7XG4gICAgYWx0ZXJhdGlvblN0YXRlbWVudHMucHVzaChgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9IEFMVEVSIERJU1RLRVkgJHtuZXdEaXN0S2V5fWApO1xuICB9XG5cbiAgY29uc3Qgb2xkU29ydEtleUNvbHVtbnMgPSBnZXRTb3J0S2V5Q29sdW1ucyhvbGRUYWJsZUNvbHVtbnMpO1xuICBjb25zdCBuZXdTb3J0S2V5Q29sdW1ucyA9IGdldFNvcnRLZXlDb2x1bW5zKHRhYmxlQ29sdW1ucyk7XG4gIGNvbnN0IG9sZFNvcnRTdHlsZSA9IG9sZFJlc291cmNlUHJvcGVydGllcy5zb3J0U3R5bGU7XG4gIGNvbnN0IG5ld1NvcnRTdHlsZSA9IHRhYmxlQW5kQ2x1c3RlclByb3BzLnNvcnRTdHlsZTtcbiAgaWYgKChvbGRTb3J0U3R5bGUgPT09IG5ld1NvcnRTdHlsZSAmJiAhYXJlQ29sdW1uc0VxdWFsKG9sZFNvcnRLZXlDb2x1bW5zLCBuZXdTb3J0S2V5Q29sdW1ucykpXG4gICAgfHwgKG9sZFNvcnRTdHlsZSAhPT0gbmV3U29ydFN0eWxlKSkge1xuICAgIHN3aXRjaCAobmV3U29ydFN0eWxlKSB7XG4gICAgICBjYXNlIFRhYmxlU29ydFN0eWxlLklOVEVSTEVBVkVEOlxuICAgICAgICAvLyBJTlRFUkxFQVZFRCBzb3J0IGtleSBhZGRpdGlvbiByZXF1aXJlcyByZXBsYWNlbWVudC5cbiAgICAgICAgLy8gaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL3JlZHNoaWZ0L2xhdGVzdC9kZy9yX0FMVEVSX1RBQkxFLmh0bWxcbiAgICAgICAgcmV0dXJuIGNyZWF0ZVRhYmxlKHRhYmxlTmFtZVByZWZpeCwgdGFibGVOYW1lU3VmZml4LCB0YWJsZUNvbHVtbnMsIHRhYmxlQW5kQ2x1c3RlclByb3BzKTtcblxuICAgICAgY2FzZSBUYWJsZVNvcnRTdHlsZS5DT01QT1VORDoge1xuICAgICAgICBjb25zdCBzb3J0S2V5Q29sdW1uc1N0cmluZyA9IGdldFNvcnRLZXlDb2x1bW5zU3RyaW5nKG5ld1NvcnRLZXlDb2x1bW5zKTtcbiAgICAgICAgYWx0ZXJhdGlvblN0YXRlbWVudHMucHVzaChgQUxURVIgVEFCTEUgJHt0YWJsZU5hbWV9IEFMVEVSICR7bmV3U29ydFN0eWxlfSBTT1JUS0VZKCR7c29ydEtleUNvbHVtbnNTdHJpbmd9KWApO1xuICAgICAgICBicmVhaztcbiAgICAgIH1cblxuICAgICAgY2FzZSBUYWJsZVNvcnRTdHlsZS5BVVRPOiB7XG4gICAgICAgIGFsdGVyYXRpb25TdGF0ZW1lbnRzLnB1c2goYEFMVEVSIFRBQkxFICR7dGFibGVOYW1lfSBBTFRFUiBTT1JUS0VZICR7bmV3U29ydFN0eWxlfWApO1xuICAgICAgICBicmVhaztcbiAgICAgIH1cbiAgICB9XG4gIH1cblxuICBjb25zdCBvbGRDb21tZW50ID0gb2xkUmVzb3VyY2VQcm9wZXJ0aWVzLnRhYmxlQ29tbWVudDtcbiAgY29uc3QgbmV3Q29tbWVudCA9IHRhYmxlQW5kQ2x1c3RlclByb3BzLnRhYmxlQ29tbWVudDtcbiAgaWYgKG9sZENvbW1lbnQgIT09IG5ld0NvbW1lbnQpIHtcbiAgICBhbHRlcmF0aW9uU3RhdGVtZW50cy5wdXNoKGBDT01NRU5UIE9OIFRBQkxFICR7dGFibGVOYW1lfSBJUyAke25ld0NvbW1lbnQgPyBgJyR7bmV3Q29tbWVudH0nYCA6ICdOVUxMJ31gKTtcbiAgfVxuXG4gIGF3YWl0IFByb21pc2UuYWxsKGFsdGVyYXRpb25TdGF0ZW1lbnRzLm1hcChzdGF0ZW1lbnQgPT4gZXhlY3V0ZVN0YXRlbWVudChzdGF0ZW1lbnQsIHRhYmxlQW5kQ2x1c3RlclByb3BzKSkpO1xuXG4gIHJldHVybiB0YWJsZU5hbWU7XG59XG5cbmZ1bmN0aW9uIGdldFNvcnRLZXlDb2x1bW5zU3RyaW5nKHNvcnRLZXlDb2x1bW5zOiBDb2x1bW5bXSkge1xuICByZXR1cm4gc29ydEtleUNvbHVtbnMubWFwKGNvbHVtbiA9PiBjb2x1bW4ubmFtZSkuam9pbigpO1xufVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.assets.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.assets.json index c8185e2fb4f7e..863fe6c1960ce 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.assets.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.assets.json @@ -1,15 +1,15 @@ { - "version": "29.0.0", + "version": "30.1.0", "files": { - "ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08": { + "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338": { "source": { - "path": "asset.ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08", + "path": "asset.169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08.zip", + "objectKey": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } @@ -27,7 +27,7 @@ } } }, - "fd9bc22f4d8ca7fabbbe054d374117616ffa6a2393152ecb529d2b385432d259": { + "297bfa1758edc6b71a084153702165132d111eb7914b4bf8ed951da4b98faede": { "source": { "path": "aws-cdk-redshift-cluster-database.template.json", "packaging": "file" @@ -35,7 +35,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "fd9bc22f4d8ca7fabbbe054d374117616ffa6a2393152ecb529d2b385432d259.json", + "objectKey": "297bfa1758edc6b71a084153702165132d111eb7914b4bf8ed951da4b98faede.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.template.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.template.json index d5f58647d06cc..c3a7bfa330492 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.template.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/aws-cdk-redshift-cluster-database.template.json @@ -1004,7 +1004,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08.zip" + "S3Key": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip" }, "Role": { "Fn::GetAtt": [ @@ -1177,7 +1177,8 @@ ], "distStyle": "KEY", "sortStyle": "INTERLEAVED", - "tableComment": "A test table" + "tableComment": "A test table", + "useColumnIds": true }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/cdk.out b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/cdk.out index d8b441d447f8a..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"29.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/integ.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/integ.json index 7d18d58e00a13..43c7d308e429c 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "30.1.0", "testCases": { "redshift-cluster-database-integ/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/manifest.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/manifest.json index 80db4b0c589f9..839bb7d0a2ea1 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "30.1.0", "artifacts": { "aws-cdk-redshift-cluster-database.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fd9bc22f4d8ca7fabbbe054d374117616ffa6a2393152ecb529d2b385432d259.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/297bfa1758edc6b71a084153702165132d111eb7914b4bf8ed951da4b98faede.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json index adb32130fe4eb..a21d912bf150e 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/redshiftclusterdatabaseintegDefaultTestDeployAssert4339FB48.assets.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "30.1.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/tree.json b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/tree.json index 3cad05f851971..0b2213b1b8f64 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.js.snapshot/tree.json @@ -1228,7 +1228,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } }, "TablePrivileges": { @@ -1470,13 +1470,13 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } } }, @@ -1639,7 +1639,7 @@ "s3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "s3Key": "ab58b1384030fef0fc8663c06f6fd62196fb3ae8807ab82e4559967d3b885b08.zip" + "s3Key": "169a8c0beb97c903ee155ea9653e39b0884c9e3b860ac72ffbe906b3c1f4e338.zip" }, "role": { "Fn::GetAtt": [ @@ -1902,7 +1902,7 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } } }, @@ -1946,7 +1946,7 @@ "path": "redshift-cluster-database-integ/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } }, "DeployAssert": { @@ -1992,7 +1992,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.1.252" } } }, diff --git a/packages/@aws-cdk/aws-redshift/test/integ.database.ts b/packages/@aws-cdk/aws-redshift/test/integ.database.ts index b3997e9e161de..be9ce4b65a60f 100644 --- a/packages/@aws-cdk/aws-redshift/test/integ.database.ts +++ b/packages/@aws-cdk/aws-redshift/test/integ.database.ts @@ -2,11 +2,16 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as kms from '@aws-cdk/aws-kms'; import * as cdk from '@aws-cdk/core'; +// eslint-disable-next-line import/no-extraneous-dependencies +import { REDSHIFT_COLUMN_ID } from '@aws-cdk/cx-api'; import * as integ from '@aws-cdk/integ-tests'; import * as constructs from 'constructs'; import * as redshift from '../lib'; -const app = new cdk.App(); +const useColumnIds = { [REDSHIFT_COLUMN_ID]: false }; +const app = new cdk.App({ + context: useColumnIds, +}); const stack = new cdk.Stack(app, 'aws-cdk-redshift-cluster-database'); cdk.Aspects.of(stack).add({ diff --git a/packages/@aws-cdk/aws-redshift/test/table.test.ts b/packages/@aws-cdk/aws-redshift/test/table.test.ts index cee9af6565234..f9c25397c2956 100644 --- a/packages/@aws-cdk/aws-redshift/test/table.test.ts +++ b/packages/@aws-cdk/aws-redshift/test/table.test.ts @@ -1,6 +1,8 @@ import { Template } from '@aws-cdk/assertions'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as cdk from '@aws-cdk/core'; +// eslint-disable-next-line import/no-extraneous-dependencies +import { REDSHIFT_COLUMN_ID } from '@aws-cdk/cx-api'; import * as redshift from '../lib'; describe('cluster table', () => { @@ -84,7 +86,7 @@ describe('cluster table', () => { }); expect(table.tableName).toBe(tableName); - expect(table.tableColumns).toBe(tableColumns); + expect(table.tableColumns).toStrictEqual(tableColumns); expect(table.cluster).toBe(cluster); expect(table.databaseName).toBe('databaseName'); }); @@ -139,6 +141,62 @@ describe('cluster table', () => { }); }); + it('throws if column ids are similar', async () => { + const updatedTableColumns: redshift.Column[] = [ + { id: 'col1', name: 'col1', dataType: 'varchar(4)' }, + { id: 'col1', name: 'col2', dataType: 'float' }, + ]; + + expect( + () => new redshift.Table(stack, 'Table', { + ...databaseOptions, + tableColumns: updatedTableColumns, + }), + ).toThrow("Column id 'col1' is not unique."); + }); + + describe('@aws-cdk/aws-redshift:columnId', () => { + it('uses column ids if feature flag provided', () => { + const app = new cdk.App({ context: { [REDSHIFT_COLUMN_ID]: true } }); + const newStack = new cdk.Stack(app, 'NewStack'); + vpc = new ec2.Vpc(newStack, 'VPC'); + cluster = new redshift.Cluster(newStack, 'Cluster', { + vpc: vpc, + vpcSubnets: { + subnetType: ec2.SubnetType.PUBLIC, + }, + masterUser: { + masterUsername: 'admin', + }, + publiclyAccessible: true, + }); + databaseOptions = { + cluster: cluster, + databaseName: 'databaseName', + }; + + new redshift.Table(newStack, 'Table', { + ...databaseOptions, + tableColumns, + }); + + Template.fromStack(newStack).hasResourceProperties('Custom::RedshiftDatabaseQuery', { + useColumnIds: true, + }); + }); + + it('does not use column ids if feature flag not provided', () => { + new redshift.Table(stack, 'Table', { + ...databaseOptions, + tableColumns, + }); + + Template.fromStack(stack).hasResourceProperties('Custom::RedshiftDatabaseQuery', { + useColumnIds: false, + }); + }); + }); + describe('distKey and distStyle', () => { it('throws if more than one distKeys are configured', () => { const updatedTableColumns: redshift.Column[] = [ diff --git a/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md b/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md index 1f1488fee03ae..7e95b2872ed35 100644 --- a/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md +++ b/packages/@aws-cdk/cx-api/FEATURE_FLAGS.md @@ -48,6 +48,7 @@ Flags come in three types: | [@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId](#aws-cdkaws-apigatewayauthorizerchangedeploymentlogicalid) | Include authorizer configuration in the calculation of the API deployment logical ID. | 2.66.0 | (fix) | | [@aws-cdk/aws-ec2:launchTemplateDefaultUserData](#aws-cdkaws-ec2launchtemplatedefaultuserdata) | Define user data for a launch template by default when a machine image is provided. | 2.67.0 | (fix) | | [@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments](#aws-cdkaws-secretsmanageruseattachedsecretresourcepolicyforsecrettargetattachments) | SecretTargetAttachments uses the ResourcePolicy of the attached Secret. | 2.67.0 | (fix) | +| [@aws-cdk/aws-redshift:columnId](#aws-cdkaws-redshiftcolumnid) | Whether to use an ID to track Redshift column changes | V2NEXT | (fix) | @@ -86,7 +87,8 @@ The following json shows the current recommended set of flags, as `cdk init` wou "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true, "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true, "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true, - "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true, + "@aws-cdk/aws-redshift:columnId": true } } ``` @@ -875,4 +877,27 @@ Then you can re-add the permissions and deploy again. | 2.67.0 | `false` | `true` | +### @aws-cdk/aws-redshift:columnId + +*Whether to use an ID to track Redshift column changes* (fix) + +Redshift columns are identified by their `name`. If a column is renamed, the old column +will be dropped and a new column will be created. This can cause data loss. + +This flag enables the use of an `id` attribute for Redshift columns. If this flag is enabled, the +internal CDK architecture will track changes of Redshift columns through their `id`, rather +than their `name`. This will prevent data loss when columns are renamed. + +**NOTE** - Enabling this flag comes at a **risk**. When enabled, update the `id`s of all columns, +**however** do not change the `names`s of the columns. If the `name`s of the columns are changed during +initial deployment, the columns will be dropped and recreated, causing data loss. After the initial deployment +of the `id`s, the `name`s of the columns can be changed without data loss. + + +| Since | Default | Recommended | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2NEXT | `false` | `true` | + + diff --git a/packages/@aws-cdk/cx-api/README.md b/packages/@aws-cdk/cx-api/README.md index 9ba5417c939fe..20a2332a5a4b6 100644 --- a/packages/@aws-cdk/cx-api/README.md +++ b/packages/@aws-cdk/cx-api/README.md @@ -156,3 +156,19 @@ This is a feature flag as the old behavior was technically incorrect, but users } } ``` + +* `@aws-cdk/aws-redshift:columnId` + +Enable this feature flag to allow the CDK to track changes in Redshift columns through their `id` attribute. This is a breaking change, as the `name` attribute was currently being used to track changes to Redshift columns. + +Enabling this feature flag comes at a risk for existing Redshift columns, as the `name` attribute of a redshift column was currently being used. Therefore, to change a Redshift columns' `name` will essentially create a new column and delete the old one. This will cause data loss. If you choose to enable this flag, ensure that upon intial deployment (the first deployment after setting this feature flag), the `name` attribute of every column is not changed. After the intial deployment, you can freely change the `name` attribute of a column. + +_cdk.json_ + +```json +{ + "context": { + "@aws-cdk/aws-redshift:columnId": true + } +} +``` diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 9b63ca0f9c86c..5eec1c99b1ad3 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -83,6 +83,7 @@ export const CODEDEPLOY_REMOVE_ALARMS_FROM_DEPLOYMENT_GROUP = '@aws-cdk/aws-code export const APIGATEWAY_AUTHORIZER_CHANGE_DEPLOYMENT_LOGICAL_ID = '@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId'; export const EC2_LAUNCH_TEMPLATE_DEFAULT_USER_DATA = '@aws-cdk/aws-ec2:launchTemplateDefaultUserData'; export const SECRETS_MANAGER_TARGET_ATTACHMENT_RESOURCE_POLICY = '@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments'; +export const REDSHIFT_COLUMN_ID = '@aws-cdk/aws-redshift:columnId'; export const FLAGS: Record = { ////////////////////////////////////////////////////////////////////// @@ -709,6 +710,27 @@ export const FLAGS: Record = { recommendedValue: true, introducedIn: { v2: '2.67.0' }, }, + + ////////////////////////////////////////////////////////////////////// + [REDSHIFT_COLUMN_ID]: { + type: FlagType.BugFix, + summary: 'Whether to use an ID to track Redshift column changes', + detailsMd: ` + Redshift columns are identified by their \`name\`. If a column is renamed, the old column + will be dropped and a new column will be created. This can cause data loss. + + This flag enables the use of an \`id\` attribute for Redshift columns. If this flag is enabled, the + internal CDK architecture will track changes of Redshift columns through their \`id\`, rather + than their \`name\`. This will prevent data loss when columns are renamed. + + **NOTE** - Enabling this flag comes at a **risk**. When enabled, update the \`id\`s of all columns, + **however** do not change the \`names\`s of the columns. If the \`name\`s of the columns are changed during + initial deployment, the columns will be dropped and recreated, causing data loss. After the initial deployment + of the \`id\`s, the \`name\`s of the columns can be changed without data loss. + `, + introducedIn: { v2: 'V2NEXT' }, + recommendedValue: true, + }, }; const CURRENT_MV = 'v2'; From 3d7505b5a9c3daf5edfecdb4576b555bfe8d7553 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Fri, 3 Mar 2023 01:44:32 -0800 Subject: [PATCH 07/15] docs(cfnspec): update CloudFormation documentation (#24433) --- .../spec-source/cfn-docs/cfn-docs.json | 300 +++++++++++++++--- 1 file changed, 251 insertions(+), 49 deletions(-) diff --git a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json index 51cb135d5d5ad..68943a9a3498b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json @@ -1277,7 +1277,7 @@ "ApiKeyRequired": "A boolean flag specifying whether a valid ApiKey is required to invoke this method.", "AuthorizationScopes": "A list of authorization scopes configured on the method. The scopes are used with a `COGNITO_USER_POOLS` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide an access token instead of an identity token for authorization purposes.", "AuthorizationType": "The method's authorization type. This parameter is required. For valid values, see [Method](https://docs.aws.amazon.com/apigateway/latest/api/API_Method.html) in the *API Gateway API Reference* .\n\n> If you specify the `AuthorizerId` property, specify `CUSTOM` or `COGNITO_USER_POOLS` for this property.", - "AuthorizerId": "The identifier of an Authorizer to use on this method. The `authorizationType` must be `CUSTOM` .", + "AuthorizerId": "The identifier of an authorizer to use on this method. The method's authorization type must be `CUSTOM` or `COGNITO_USER_POOLS` .", "HttpMethod": "The method's HTTP verb.", "Integration": "Represents an `HTTP` , `HTTP_PROXY` , `AWS` , `AWS_PROXY` , or Mock integration.", "MethodResponses": "Gets a method response associated with a given HTTP status code.", @@ -7655,16 +7655,16 @@ "attributes": {}, "description": "The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.", "properties": { - "AccountFilterType": "", + "AccountFilterType": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSets deploys to the accounts specified in `Accounts` parameter.\n- `DIFFERENCE` : StackSets excludes the accounts specified in `Accounts` parameter. This enables user to avoid certain accounts within an OU such as suspended accounts.\n- `UNION` : StackSets includes additional accounts deployment targets.\n\nThis is the default value if `AccountFilterType` is not provided. This enables user to update an entire OU and individual accounts from a different OU in one request, which used to be two separate requests.\n- `NONE` : Deploys to all the accounts in specified organizational units (OU).", "Accounts": "The names of one or more AWS accounts for which you want to deploy stack set updates.\n\n*Pattern* : `^[0-9]{12}$`", "OrganizationalUnitIds": "The organization root ID or organizational unit (OU) IDs to which StackSets deploys.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`" } }, "AWS::CloudFormation::StackSet.ManagedExecution": { "attributes": {}, - "description": "", + "description": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.", "properties": { - "Active": "" + "Active": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." } }, "AWS::CloudFormation::StackSet.OperationPreferences": { @@ -9065,7 +9065,7 @@ "properties": { "Name": "The name or key of the environment variable.", "Type": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. To learn how to specify a parameter store environment variable, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . To learn how to specify a secrets manager environment variable, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", - "Value": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs and secret access keys. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` ." + "Value": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` ." } }, "AWS::CodeBuild::Project.FilterGroup": { @@ -10190,7 +10190,7 @@ "EnableTokenRevocation": "Activates or deactivates token revocation. For more information about revoking tokens, see [RevokeToken](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html) .\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", "ExplicitAuthFlows": "The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your user client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nValid values include:\n\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", "GenerateSecret": "Boolean to specify whether you want to generate a secret for the user pool client being created.", - "IdTokenValidity": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours.", + "IdTokenValidity": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours.", "LogoutURLs": "A list of allowed logout URLs for the IdPs.", "PreventUserExistenceErrors": "Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.", "ReadAttributes": "The read attributes.", @@ -10214,11 +10214,11 @@ }, "AWS::Cognito::UserPoolClient.TokenValidityUnits": { "attributes": {}, - "description": "The units in which the validity times are represented. The default unit for RefreshToken is days, and the default for ID and access tokens is hours.", + "description": "The time units you use when you set the duration of ID, access, and refresh tokens. The default unit for RefreshToken is days, and the default for ID and access tokens is hours.", "properties": { - "AccessToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is hours.", - "IdToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is hours.", - "RefreshToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is days." + "AccessToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is hours. `AccessTokenValidity` duration can range from five minutes to one day.", + "IdToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is hours. `IdTokenValidity` duration can range from five minutes to one day.", + "RefreshToken": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is days. `RefreshTokenValidity` duration can range from 60 minutes to 10 years." } }, "AWS::Cognito::UserPoolDomain": { @@ -20104,7 +20104,7 @@ "RoleArn": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", "ScheduleExpression": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", "State": "The state of the rule.", - "Targets": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the *Amazon EventBridge User Guide* .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the *Amazon EventBridge User Guide* .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code." + "Targets": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the *Amazon EventBridge User Guide* .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the *Amazon EventBridge User Guide* .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code." } }, "AWS::Events::Rule.AwsVpcConfiguration": { @@ -24282,6 +24282,74 @@ "Tags": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." } }, + "AWS::IVSChat::LoggingConfiguration": { + "attributes": { + "Arn": "The logging-configuration ARN. For example: `arn:aws:ivschat:us-west-2:123456789012:logging-configuration/abcdABCDefgh`", + "Id": "The logging-configuration ID. For example: `abcdABCDefgh`", + "Ref": "`Ref` returns the logging-configuration ARN. For example:\n\n`{ \"Ref\": \"myLoggingConfiguration\" }`\n\nFor the logging configuration `myLoggingConfiguration` , `Ref` returns the logging-configuration ARN.", + "State": "Indicates the current state of the logging configuration. When the state is `ACTIVE` , the configuration is ready to log a chat session. Valid values: `CREATING` | `CREATE_FAILED` | `DELETING` | `DELETE_FAILED` | `UPDATING` | `UPDATE_FAILED` | `ACTIVE` ." + }, + "description": "The `AWS::IVSChat::LoggingConfiguration` resource specifies an logging configuration that allows clients to store and record sent messages. For more information, see [CreateLoggingConfiguration](https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateLoggingConfiguration.html) in the *Amazon Interactive Video Service Chat API Reference* .", + "properties": { + "DestinationConfiguration": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", + "Name": "Logging-configuration name. The value does not need to be unique.", + "Tags": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { + "attributes": {}, + "description": "The CloudWatchLogsDestinationConfiguration property type specifies a CloudWatch Logs location where chat logs will be stored.", + "properties": { + "LogGroupName": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged." + } + }, + "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "attributes": {}, + "description": "The DestinationConfiguration property type describes a location where chat logs will be stored. Each member represents the configuration of one log destination. For logging, you define only one type of destination.", + "properties": { + "CloudWatchLogs": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", + "Firehose": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", + "S3": "An Amazon S3 destination configuration where chat activity will be logged." + } + }, + "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "attributes": {}, + "description": "The FirehoseDestinationConfiguration property type specifies a Kinesis Firehose location where chat logs will be stored.", + "properties": { + "DeliveryStreamName": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged." + } + }, + "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { + "attributes": {}, + "description": "The S3DestinationConfiguration property type specifies an S3 location where chat logs will be stored.", + "properties": { + "BucketName": "Name of the Amazon S3 bucket where chat activity will be logged." + } + }, + "AWS::IVSChat::Room": { + "attributes": { + "Arn": "The room ARN. For example: `arn:aws:ivschat:us-west-2:123456789012:room/abcdABCDefgh`", + "Id": "The room ID. For example: `abcdABCDefgh`", + "Ref": "`Ref` returns the room ARN. For example:\n\n`{ \"Ref\": \"myRoom\" }`\n\nFor the room `myRoom` , `Ref` returns the room ARN." + }, + "description": "The `AWS::IVSChat::Room` resource specifies an room that allows clients to connect and pass messages. For more information, see [CreateRoom](https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateRoom.html) in the *Amazon Interactive Video Service Chat API Reference* .", + "properties": { + "LoggingConfigurationIdentifiers": "List of logging-configuration identifiers attached to the room.", + "MaximumMessageLength": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", + "MaximumMessageRatePerSecond": "Maximum number of messages per second that can be sent to the room (by all clients).", + "MessageReviewHandler": "Configuration information for optional review of messages.", + "Name": "Room name. The value does not need to be unique.", + "Tags": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "AWS::IVSChat::Room.MessageReviewHandler": { + "attributes": {}, + "description": "The MessageReviewHandler property type specifies configuration information for optional message review.", + "properties": { + "FallbackResult": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", + "Uri": "Identifier of the message review handler. Currently this must be an ARN of a lambda function." + } + }, "AWS::IdentityStore::Group": { "attributes": { "GroupId": "The identifier of the newly created group in the identity store.", @@ -24873,6 +24941,26 @@ "Value": "The value to filter on." } }, + "AWS::InternetMonitor::Monitor": { + "attributes": { + "CreatedAt": "The time when the monitor was created.", + "ModifiedAt": "The last time that the monitor was modified.", + "MonitorArn": "The Amazon Resource Name (ARN) of the monitor.", + "ProcessingStatus": "The health of data processing for the monitor. For more information, see `ProcessingStatus` under [MonitorListMember](https://docs.aws.amazon.com/internet-monitor/latest/api/API_MonitorListMember.html) in the *Amazon CloudWatch Internet Monitor API Reference* .", + "ProcessingStatusInfo": "Additional information about the health of the data processing for the monitor.", + "Ref": "`Ref` returns the ARN of the monitor, such as `arn:aws:internetmonitor:us-east-1:111122223333:monitor/TestMonitor` ." + }, + "description": "The `AWS::InternetMonitor::Monitor` resource is an Internet Monitor resource type that contains information about how you create a monitor in Amazon CloudWatch Internet Monitor. A monitor in Internet Monitor provides visibility into performance and availability between your applications hosted on AWS and your end users, using a traffic profile that it creates based on the application resources that you add: Virtual Private Clouds (VPCs), Amazon CloudFront distributions, or WorkSpaces directories.\n\nInternet Monitor also alerts you to internet issues that impact your application in the city-networks (geographies and networks) where your end users use it. With Internet Monitor, you can quickly pinpoint the locations and providers that are affected, so that you can address the issue.\n\nFor more information, see [Using Amazon CloudWatch Internet Monitor](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-InternetMonitor.html) in the *Amazon CloudWatch User Guide* .", + "properties": { + "MaxCityNetworksToMonitor": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", + "MonitorName": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "Resources": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs).", + "ResourcesToAdd": "The resources to add to a monitor, which you provide as a set of Amazon Resource Names (ARNs).\n\nYou can add a combination of Virtual Private Clouds (VPCs) and Amazon CloudFront distributions, or you can add WorkSpaces directories. You can't add all three types of resources.\n\n> If you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.", + "ResourcesToRemove": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs).", + "Status": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", + "Tags": "The tags for a monitor, listed as a set of *key:value* pairs." + } + }, "AWS::IoT1Click::Device": { "attributes": { "Arn": "The ARN of the device, such as `arn:aws:iot1click:us-west-2:123456789012:devices/G030PX0312744DWM` .", @@ -30700,6 +30788,7 @@ "BatchSize": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", "BisectBatchOnFunctionError": "(Streams only) If the function returns an error, split the batch in two and retry. The default value is false.", "DestinationConfig": "(Streams only) An Amazon SQS queue or Amazon SNS topic destination for discarded records.", + "DocumentDBEventSourceConfig": "Specific configuration settings for a DocumentDB event source.", "Enabled": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", "EventSourceArn": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster.\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", "FilterCriteria": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", @@ -30734,6 +30823,15 @@ "OnFailure": "The destination configuration for failed invocations." } }, + "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "attributes": {}, + "description": "Specific configuration settings for a DocumentDB event source.", + "properties": { + "CollectionName": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", + "DatabaseName": "The name of the database to consume within the DocumentDB cluster.", + "FullDocument": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes." + } + }, "AWS::Lambda::EventSourceMapping.Endpoints": { "attributes": {}, "description": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", @@ -33521,6 +33619,21 @@ "Status": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume all Macie activities for the account; and, `PAUSED` , suspend all Macie activities for the account." } }, + "AWS::ManagedBlockchain::Accessor": { + "attributes": { + "Arn": "The Amazon Resource Name (ARN) of the accessor. For more information about ARNs and their format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "BillingToken": "The billing token is a property of the accessor. Use this token to make Ethereum API calls to your Ethereum node. The billing token is used to track your accessor object for billing Ethereum API requests made to your Ethereum nodes.", + "CreationDate": "The creation date and time of the accessor.", + "Id": "The unique identifier of the accessor.", + "Ref": "`Ref` returns the Accessor ID.", + "Status": "The current status of the accessor." + }, + "description": "Creates a new accessor for use with Managed Blockchain Ethereum nodes. An accessor contains information required for token based access to your Ethereum nodes.", + "properties": { + "AccessorType": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", + "Tags": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* ." + } + }, "AWS::ManagedBlockchain::Member": { "attributes": { "MemberId": "The unique identifier of the member.", @@ -36954,7 +37067,7 @@ "PeeringId": "The ID of the transit gateway peering.", "ProposedSegmentChange": "This property is read-only. Values can't be assigned to it.", "Tags": "The list of key-value pairs associated with the transit gateway route table attachment.", - "TransitGatewayRouteTableArn": "The ARN of the transit gateway attachment route table." + "TransitGatewayRouteTableArn": "The ARN of the transit gateway attachment route table, using the format: `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2: *AccountId* :transit-gateway-route-table/ *tgw-rtb-xxxxxxxxxxx* \"` . For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` ." } }, "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { @@ -39806,7 +39919,7 @@ "DataSetArns": "The ARNs of the datasets of the analysis.", "LastUpdatedTime": "The time that the analysis was last updated." }, - "description": "Creates an analysis in Amazon QuickSight. Analyses can be created either from a template or from an `AnalysisDefinition` .", + "description": "Creates an analysis in Amazon QuickSight.", "properties": { "AnalysisId": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", "AwsAccountId": "The ID of the AWS account where you are creating an analysis.", @@ -40299,7 +40412,7 @@ "attributes": {}, "description": "Permission for the resource.", "properties": { - "Actions": "The IAM action to grand or revoke permisions on", + "Actions": "The IAM action to grant or revoke permisions on", "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" } }, @@ -40430,7 +40543,7 @@ "properties": { "CopySourceArn": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", "CredentialPair": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", - "SecretArn": "The Amazon Resource Name (ARN) of the secret associated with the data source in Amazon Secrets Manager." + "SecretArn": "" } }, "AWS::QuickSight::DataSource.DataSourceErrorInfo": { @@ -40450,7 +40563,7 @@ "AthenaParameters": "The parameters for Amazon Athena.", "AuroraParameters": "The parameters for Amazon Aurora MySQL.", "AuroraPostgreSqlParameters": "The parameters for Amazon Aurora.", - "DatabricksParameters": "The required parameters that are needed to connect to a Databricks data source.", + "DatabricksParameters": "", "MariaDbParameters": "The parameters for MariaDB.", "MySqlParameters": "The parameters for MySQL.", "OracleParameters": "Oracle parameters.", @@ -40467,11 +40580,11 @@ }, "AWS::QuickSight::DataSource.DatabricksParameters": { "attributes": {}, - "description": "The required parameters that are needed to connect to a Databricks data source.", + "description": "", "properties": { - "Host": "The host name of the Databricks data source.", - "Port": "The port for the Databricks data source.", - "SqlEndpointPath": "The HTTP path of the Databricks data source." + "Host": "", + "Port": "", + "SqlEndpointPath": "" } }, "AWS::QuickSight::DataSource.ManifestFileLocation": { @@ -40625,7 +40738,7 @@ "Version.ThemeArn": "", "Version.VersionNumber": "" }, - "description": "Creates a template either from a `TemplateDefinition` or from an existing Amazon QuickSight analysis or template. You can use the resulting template to create additional dashboards, templates, or analyses.\n\nA *template* is an entity in Amazon QuickSight that encapsulates the metadata required to create an analysis and that you can use to create s dashboard. A template adds a layer of abstraction by using placeholders to replace the dataset associated with the analysis. You can use templates to create dashboards by replacing dataset placeholders with datasets that follow the same schema that was used to create the source analysis and template.", + "description": "Creates a template from an existing Amazon QuickSight analysis or template. You can use the resulting template to create a dashboard.\n\nA *template* is an entity in Amazon QuickSight that encapsulates the metadata required to create an analysis and that you can use to create s dashboard. A template adds a layer of abstraction by using placeholders to replace the dataset associated with the analysis. You can use templates to create dashboards by replacing dataset placeholders with datasets that follow the same schema that was used to create the source analysis and template.", "properties": { "AwsAccountId": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", "Name": "A display name for the template.", @@ -41502,7 +41615,7 @@ "ResourceAction": "", "RevisionTarget": "", "RotateEncryptionKey": "", - "SnapshotClusterIdentifier": "The name of the cluster the source snapshot was created from. This parameter is required if your IAM user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "SnapshotClusterIdentifier": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", "SnapshotCopyGrantName": "The name of the snapshot copy grant.", "SnapshotCopyManual": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", "SnapshotCopyRetentionPeriod": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", @@ -41570,7 +41683,7 @@ }, "AWS::Redshift::ClusterSubnetGroup": { "attributes": { - "ClusterSubnetGroupName": "", + "ClusterSubnetGroupName": "The name of the cluster subnet group.", "Ref": "`Ref` returns the resource name. For example:\n\n`{ \"Ref\": \"myClusterSubnetGroup\" }`\n\nFor the Amazon Redshift subnet group `myClusterSubnetGroup` , Ref returns the name of the cluster subnet group." }, "description": "Specifies an Amazon Redshift subnet group. You must provide a list of one or more subnets in your existing Amazon Virtual Private Cloud ( Amazon VPC ) when creating Amazon Redshift subnet group.\n\nFor information about subnet groups, go to [Amazon Redshift Cluster Subnet Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-cluster-subnet-groups.html) in the *Amazon Redshift Cluster Management Guide* .", @@ -41587,10 +41700,11 @@ "EndpointStatus": "The status of the endpoint.", "Port": "The port number on which the cluster accepts incoming connections.", "Ref": "`Ref` returns the resource name.", - "VpcEndpoint": "", + "VpcEndpoint": "The connection endpoint for connecting to an Amazon Redshift cluster through the proxy.", "VpcEndpoint.NetworkInterfaces": "", - "VpcEndpoint.VpcEndpointId": "", - "VpcEndpoint.VpcId": "" + "VpcEndpoint.VpcEndpointId": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", + "VpcEndpoint.VpcId": "The VPC identifier that the endpoint is associated.", + "VpcSecurityGroups": "The security groups associated with the endpoint." }, "description": "Creates a Redshift-managed VPC endpoint.", "properties": { @@ -42381,42 +42495,42 @@ "AWS::RolesAnywhere::CRL": { "attributes": { "CrlId": "The unique primary identifier of the Crl", - "Ref": "The name of the CRL." + "Ref": "`Ref` returns `CrlId` ." }, - "description": "Creates a Crl.", + "description": "The state of the certificate revocation list (CRL) after a read or write operation.", "properties": { - "CrlData": "x509 v3 Certificate Revocation List to revoke auth for corresponding certificates presented in CreateSession operations", - "Enabled": "The enabled status of the resource.", - "Name": "The customer specified name of the resource.", - "Tags": "A list of Tags.", + "CrlData": "The revocation record for a certificate, following the x509 v3 standard.", + "Enabled": "Indicates whether the certificate revocation list (CRL) is enabled.", + "Name": "The name of the certificate revocation list (CRL).", + "Tags": "A list of tags to attach to the CRL.", "TrustAnchorArn": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for." } }, "AWS::RolesAnywhere::Profile": { "attributes": { - "ProfileArn": "", + "ProfileArn": "The ARN of the profile.", "ProfileId": "The unique primary identifier of the Profile", - "Ref": "The name of the Profile" + "Ref": "`Ref` returns `ProfileId` ." }, - "description": "Creates a Profile.", + "description": "Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.\n\n*Required permissions:* `rolesanywhere:CreateProfile` .", "properties": { - "DurationSeconds": "The number of seconds vended session credentials will be valid for", - "Enabled": "The enabled status of the resource.", - "ManagedPolicyArns": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "Name": "The customer specified name of the resource.", - "RequireInstanceProperties": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "RoleArns": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "SessionPolicy": "A session policy that will applied to the trust boundary of the vended session credentials.", - "Tags": "A list of Tags." + "DurationSeconds": "Sets the maximum number of seconds that vended temporary credentials through [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-create-session.html) will be valid for, between 900 and 3600.", + "Enabled": "Indicates whether the profile is enabled.", + "ManagedPolicyArns": "A list of managed policy ARNs that apply to the vended session credentials.", + "Name": "The name of the profile.", + "RequireInstanceProperties": "Specifies whether instance properties are required in temporary credential requests with this profile.", + "RoleArns": "A list of IAM role ARNs. During `CreateSession` , if a matching role ARN is provided, the properties in this profile will be applied to the intersection session policy.", + "SessionPolicy": "A session policy that applies to the trust boundary of the vended session credentials.", + "Tags": "A list of tags to attach to the profile." } }, "AWS::RolesAnywhere::TrustAnchor": { "attributes": { "Ref": "`Ref` returns `TrustAnchorId` .", "TrustAnchorArn": "The ARN of the trust anchor.", - "TrustAnchorId": "" + "TrustAnchorId": "The unique primary identifier of the TrustAnchor" }, - "description": "Creates a TrustAnchor.", + "description": "The state of the trust anchor after a read or write operation.", "properties": { "Enabled": "Indicates whether the trust anchor is enabled.", "Name": "The name of the trust anchor.", @@ -42426,15 +42540,15 @@ }, "AWS::RolesAnywhere::TrustAnchor.Source": { "attributes": {}, - "description": "Object representing the TrustAnchor type and its related certificate data.", + "description": "The trust anchor type and its related certificate data.", "properties": { - "SourceData": "A union object representing the data field of the TrustAnchor depending on its type", - "SourceType": "The type of the TrustAnchor." + "SourceData": "The data field of the trust anchor depending on its type.", + "SourceType": "The type of the trust anchor." } }, "AWS::RolesAnywhere::TrustAnchor.SourceData": { "attributes": {}, - "description": "A union object representing the data field of the TrustAnchor depending on its type", + "description": "The data field of the trust anchor depending on its type.", "properties": { "AcmPcaArn": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .", "X509CertificateData": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` ." @@ -48616,6 +48730,31 @@ "Tags": "The list of key-value pairs that are associated with the group." } }, + "AWS::SystemsManagerSAP::Application": { + "attributes": { + "Arn": "The Amazon Resource Name of the SAP application.", + "Ref": "" + }, + "description": "An SAP application registered with AWS Systems Manager for SAP.", + "properties": { + "ApplicationId": "The ID of the application.", + "ApplicationType": "The type of the application.", + "Credentials": "The credentials of the SAP application.", + "Instances": "The Amazon EC2 instances on which your SAP application is running.", + "SapInstanceNumber": "The SAP instance number of the application.", + "Sid": "The System ID of the application.", + "Tags": "The tags on the application." + } + }, + "AWS::SystemsManagerSAP::Application.Credential": { + "attributes": {}, + "description": "The credentials of your SAP application.", + "properties": { + "CredentialType": "The type of the application credentials.", + "DatabaseName": "The name of the SAP HANA database.", + "SecretId": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application." + } + }, "AWS::Timestream::Database": { "attributes": { "Arn": "The `arn` of the database.", @@ -50088,6 +50227,15 @@ "VisibilityConfig": "Defines and enables Amazon CloudWatch metrics and web request sample collection." } }, + "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { + "attributes": {}, + "description": "Details for your use of the account takeover prevention managed rule group, `AWSManagedRulesATPRuleSet` . This configuration is used in `ManagedRuleGroupConfig` .", + "properties": { + "LoginPath": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", + "RequestInspection": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", + "ResponseInspection": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions." + } + }, "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { "attributes": {}, "description": "Details for your use of the Bot Control managed rule group, used in `ManagedRuleGroupConfig` .", @@ -50352,6 +50500,7 @@ "attributes": {}, "description": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nUse the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", "properties": { + "AWSManagedRulesATPRuleSet": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", "AWSManagedRulesBotControlRuleSet": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", "LoginPath": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", "PasswordField": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` `RequestInspection` .", @@ -50422,6 +50571,59 @@ "TextTransformations": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." } }, + "AWS::WAFv2::WebACL.RequestInspection": { + "attributes": {}, + "description": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.\n\nThis is part of the `AWSManagedRulesATPRuleSet` configuration in `ManagedRuleGroupConfig` .\n\nIn these settings, you specify how your application accepts login attempts by providing the request payload type and the names of the fields within the request body where the username and password are provided.", + "properties": { + "PasswordField": "Details about your login page password field.\n\nHow you specify this depends on the payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }` , the username field specification is `/login/username` and the password field specification is `/login/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `username1` and `password1` , the username field specification is `username1` and the password field specification is `password1` .", + "PayloadType": "The payload type for your login endpoint, either JSON or form encoded.", + "UsernameField": "Details about your login page username field.\n\nHow you specify this depends on the payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }` , the username field specification is `/login/username` and the password field specification is `/login/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `username1` and `password1` , the username field specification is `username1` and the password field specification is `password1` ." + } + }, + "AWS::WAFv2::WebACL.ResponseInspection": { + "attributes": {}, + "description": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThis is part of the `AWSManagedRulesATPRuleSet` configuration in `ManagedRuleGroupConfig` .\n\nEnable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.", + "properties": { + "BodyContains": "Configures inspection of the response body. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", + "Header": "Configures inspection of the response header.", + "Json": "Configures inspection of the response JSON. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", + "StatusCode": "Configures inspection of the response status code." + } + }, + "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "attributes": {}, + "description": "Configures inspection of the response body. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body. This is part of the `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet` .\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.", + "properties": { + "FailureStrings": "Strings in the body of the response that indicate a failed login attempt. To be counted as a failed login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Login failed\" ]`", + "SuccessStrings": "Strings in the body of the response that indicate a successful login attempt. To be counted as a successful login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"SuccessStrings\": [ \"Login successful\", \"Welcome to our site!\" ]`" + } + }, + "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "attributes": {}, + "description": "Configures inspection of the response header. This is part of the `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet` .\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.", + "properties": { + "FailureValues": "Values in the response header with the specified name that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]`", + "Name": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"LoginResult\" ]`", + "SuccessValues": "Values in the response header with the specified name that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]`" + } + }, + "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "attributes": {}, + "description": "Configures inspection of the response JSON. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. This is part of the `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet` .\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.", + "properties": { + "FailureValues": "Values for the specified identifier in the response JSON that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", + "Identifier": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON example: `\"Identifier\": [ \"/login/success\" ]`", + "SuccessValues": "Values for the specified identifier in the response JSON that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`" + } + }, + "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "attributes": {}, + "description": "Configures inspection of the response status code. This is part of the `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet` .\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.", + "properties": { + "FailureCodes": "Status codes in the response that indicate a failed login attempt. To be counted as a failed login, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", + "SuccessCodes": "Status codes in the response that indicate a successful login attempt. To be counted as a successful login, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`" + } + }, "AWS::WAFv2::WebACL.Rule": { "attributes": {}, "description": "A single rule, which you can use in a `WebACL` or `RuleGroup` to identify web requests that you want to allow, block, or count. Each rule includes one top-level `Statement` that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", From c6f014983449a92c396156c8d1ef10570f413c57 Mon Sep 17 00:00:00 2001 From: Kendra Neil <53584728+TheRealAmazonKendra@users.noreply.github.com> Date: Fri, 3 Mar 2023 10:33:57 -0800 Subject: [PATCH 08/15] chore(ssm): update integ tests to use IntegTest construct (#24405) clean up clean up clean up ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ssm/README.md | 21 +- .../index.js | 530 +++++++- .../index.js | 669 --------- .../base.assets.json | 2 +- .../integ.list-parameter.js.snapshot/cdk.out | 2 +- .../integ.json | 2 +- .../list-param.assets.json | 2 +- .../manifest.json | 4 +- ...efaultTestDeployAssert9C612E37.assets.json | 12 +- ...aultTestDeployAssert9C612E37.template.json | 4 +- .../integ.parameter-arns.js.snapshot/cdk.out | 2 +- ...efaultTestDeployAssertE4B86A49.assets.json | 19 + ...aultTestDeployAssertE4B86A49.template.json | 36 + .../integ-parameter-arns.assets.json | 2 +- .../integ.json | 12 +- .../manifest.json | 61 +- .../tree.json | 128 +- .../aws-ssm/test/integ.parameter-arns.ts | 6 +- .../index.js | 1204 +++++++++++++++++ .../cdk.out | 2 +- .../integ.json | 2 +- .../manifest.json | 18 +- .../sspms-cleanup.assets.json | 12 +- .../sspms-cleanup.template.json | 4 +- .../sspms-creating.assets.json | 12 +- .../sspms-creating.template.json | 4 +- .../sspms-using.assets.json | 2 +- .../tree.json | 74 +- .../test/integ.parameter-store-string.ts | 2 - .../SSM-Parameter.assets.json | 2 +- .../SSM-Parameter.template.json | 0 .../test/integ.parameter.js.snapshot/cdk.out | 1 + ...efaultTestDeployAssert8D247A87.assets.json | 19 + ...aultTestDeployAssert8D247A87.template.json | 36 + .../integ.parameter.js.snapshot/integ.json | 12 + .../manifest.json | 61 +- .../tree.json | 108 +- .../integ.parameter.lit.js.snapshot/cdk.out | 1 - .../integ.json | 14 - ...eg.parameter.lit.ts => integ.parameter.ts} | 16 +- .../@aws-cdk/cli-lib/THIRD_PARTY_LICENSES | 10 +- 41 files changed, 2254 insertions(+), 876 deletions(-) rename packages/@aws-cdk/aws-ssm/test/{integ.parameter-store-string.js.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle => integ.list-parameter.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle}/index.js (59%) delete mode 100644 packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.bundle/index.js create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets.json create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js rename packages/@aws-cdk/aws-ssm/test/{integ.parameter.lit.js.snapshot => integ.parameter.js.snapshot}/SSM-Parameter.assets.json (96%) rename packages/@aws-cdk/aws-ssm/test/{integ.parameter.lit.js.snapshot => integ.parameter.js.snapshot}/SSM-Parameter.template.json (100%) create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets.json create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json create mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/integ.json rename packages/@aws-cdk/aws-ssm/test/{integ.parameter.lit.js.snapshot => integ.parameter.js.snapshot}/manifest.json (57%) rename packages/@aws-cdk/aws-ssm/test/{integ.parameter.lit.js.snapshot => integ.parameter.js.snapshot}/tree.json (69%) delete mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/cdk.out delete mode 100644 packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/integ.json rename packages/@aws-cdk/aws-ssm/test/{integ.parameter.lit.ts => integ.parameter.ts} (67%) diff --git a/packages/@aws-cdk/aws-ssm/README.md b/packages/@aws-cdk/aws-ssm/README.md index 7c8fdbb9bd003..477403d78224a 100644 --- a/packages/@aws-cdk/aws-ssm/README.md +++ b/packages/@aws-cdk/aws-ssm/README.md @@ -125,7 +125,26 @@ new ssm.StringParameter(this, 'Parameter', { }); ``` -[creating SSM parameters](test/integ.parameter.lit.ts) +```ts +// Create a new SSM Parameter holding a String +const param = new ssm.StringParameter(stack, 'StringParameter', { + // description: 'Some user-friendly description', + // name: 'ParameterName', + stringValue: 'Initial parameter value', + // allowedPattern: '.*', +}); + +// Grant read access to some Role +param.grantRead(role); + +// Create a new SSM Parameter holding a StringList +const listParameter = new ssm.StringListParameter(stack, 'StringListParameter', { + // description: 'Some user-friendly description', + // name: 'ParameterName', + stringListValue: ['Initial parameter value A', 'Initial parameter value B'], + // allowedPattern: '.*', +}); +``` When specifying an `allowedPattern`, the values provided as string literals are validated against the pattern and an exception is raised if a value diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js similarity index 59% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js rename to packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js index 2d6c2f0e85497..4264087b9aab2 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle/index.js +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js @@ -1,4 +1,3 @@ -"use strict"; var __create = Object.create; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; @@ -18,6 +17,10 @@ var __copyProps = (to, from, except, desc) => { return to; }; var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( + // If the importer is in node compatibility mode or this is not an ESM + // file that has been converted to a CommonJS file using a Babel- + // compatible transform (i.e. "__esModule" has not been set), then set + // "default" to the CommonJS "module.exports" for node compatibility. isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, mod )); @@ -34,40 +37,83 @@ module.exports = __toCommonJS(lambda_handler_exports); // ../assertions/lib/matcher.ts var Matcher = class { + /** + * Check whether the provided object is a subtype of the `IMatcher`. + */ static isMatcher(x) { return x && x instanceof Matcher; } }; var MatchResult = class { constructor(target) { - this.failures = []; + this.failuresHere = /* @__PURE__ */ new Map(); this.captures = /* @__PURE__ */ new Map(); this.finalized = false; + this.innerMatchFailures = /* @__PURE__ */ new Map(); + this._hasFailed = false; + this._failCount = 0; + this._cost = 0; this.target = target; } + /** + * DEPRECATED + * @deprecated use recordFailure() + */ push(matcher, path, message) { return this.recordFailure({ matcher, path, message }); } + /** + * Record a new failure into this result at a specific path. + */ recordFailure(failure) { - this.failures.push(failure); + const failKey = failure.path.join("."); + let list = this.failuresHere.get(failKey); + if (!list) { + list = []; + this.failuresHere.set(failKey, list); + } + this._failCount += 1; + this._cost += failure.cost ?? 1; + list.push(failure); + this._hasFailed = true; return this; } + /** Whether the match is a success */ + get isSuccess() { + return !this._hasFailed; + } + /** Does the result contain any failures. If not, the result is a success */ hasFailed() { - return this.failures.length !== 0; + return this._hasFailed; } + /** The number of failures */ get failCount() { - return this.failures.length; + return this._failCount; } + /** The cost of the failures so far */ + get failCost() { + return this._cost; + } + /** + * Compose the results of a previous match as a subtree. + * @param id the id of the parent tree. + */ compose(id, inner) { - const innerF = inner.failures; - this.failures.push(...innerF.map((f) => { - return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; - })); + if (inner.hasFailed()) { + this._hasFailed = true; + this._failCount += inner.failCount; + this._cost += inner._cost; + this.innerMatchFailures.set(id, inner); + } inner.captures.forEach((vals, capture) => { vals.forEach((value) => this.recordCapture({ capture, value })); }); return this; } + /** + * Prepare the result to be analyzed. + * This API *must* be called prior to analyzing these results. + */ finished() { if (this.finalized) { return this; @@ -78,12 +124,169 @@ var MatchResult = class { this.finalized = true; return this; } + /** + * Render the failed match in a presentable way + * + * Prefer using `renderMismatch` over this method. It is left for backwards + * compatibility for test suites that expect it, but `renderMismatch()` will + * produce better output. + */ toHumanStrings() { - return this.failures.map((r) => { - const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; + const failures = new Array(); + debugger; + recurse(this, []); + return failures.map((r) => { + const loc = r.path.length === 0 ? "" : ` at /${r.path.join("/")}`; return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; }); + function recurse(x, prefix) { + for (const fail of Array.from(x.failuresHere.values()).flat()) { + failures.push({ + matcher: fail.matcher, + message: fail.message, + path: [...prefix, ...fail.path] + }); + } + for (const [key, inner] of x.innerMatchFailures.entries()) { + recurse(inner, [...prefix, key]); + } + } } + /** + * Do a deep render of the match result, showing the structure mismatches in context + */ + renderMismatch() { + if (!this.hasFailed()) { + return ""; + } + const parts = new Array(); + const indents = new Array(); + emitFailures(this, ""); + recurse(this); + return moveMarkersToFront(parts.join("").trimEnd()); + function emit(x) { + if (x === void 0) { + debugger; + } + parts.push(x.replace(/\n/g, ` +${indents.join("")}`)); + } + function emitFailures(r, path, scrapSet) { + for (const fail of r.failuresHere.get(path) ?? []) { + emit(`!! ${fail.message} +`); + } + scrapSet == null ? void 0 : scrapSet.delete(path); + } + function recurse(r) { + const remainingFailures = new Set(Array.from(r.failuresHere.keys()).filter((x) => x !== "")); + if (Array.isArray(r.target)) { + indents.push(" "); + emit("[\n"); + for (const [first, i] of enumFirst(range(r.target.length))) { + if (!first) { + emit(",\n"); + } + emitFailures(r, `${i}`, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(`${i}`); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + recurseComparingValues(innerMatcher, r.target[i]); + } else { + emit(renderAbridged(r.target[i])); + } + } + emitRemaining(); + indents.pop(); + emit("\n]"); + return; + } + if (r.target && typeof r.target === "object") { + indents.push(" "); + emit("{\n"); + const keys = Array.from(/* @__PURE__ */ new Set([ + ...Object.keys(r.target), + ...Array.from(remainingFailures) + ])).sort(); + for (const [first, key] of enumFirst(keys)) { + if (!first) { + emit(",\n"); + } + emitFailures(r, key, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(key); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + emit(`${jsonify(key)}: `); + recurseComparingValues(innerMatcher, r.target[key]); + } else { + emit(`${jsonify(key)}: `); + emit(renderAbridged(r.target[key])); + } + } + emitRemaining(); + indents.pop(); + emit("\n}"); + return; + } + emitRemaining(); + emit(jsonify(r.target)); + function emitRemaining() { + if (remainingFailures.size > 0) { + emit("\n"); + } + for (const key of remainingFailures) { + emitFailures(r, key); + } + } + } + function recurseComparingValues(inner, actualValue) { + if (inner.target === actualValue) { + return recurse(inner); + } + emit(renderAbridged(actualValue)); + emit(" <*> "); + recurse(inner); + } + function renderAbridged(x) { + if (Array.isArray(x)) { + switch (x.length) { + case 0: + return "[]"; + case 1: + return `[ ${renderAbridged(x[0])} ]`; + case 2: + if (x.every((e) => ["number", "boolean", "string"].includes(typeof e))) { + return `[ ${x.map(renderAbridged).join(", ")} ]`; + } + return "[ ... ]"; + default: + return "[ ... ]"; + } + } + if (x && typeof x === "object") { + const keys = Object.keys(x); + switch (keys.length) { + case 0: + return "{}"; + case 1: + return `{ ${JSON.stringify(keys[0])}: ${renderAbridged(x[keys[0]])} }`; + default: + return "{ ... }"; + } + } + return jsonify(x); + } + function jsonify(x) { + return JSON.stringify(x) ?? "undefined"; + } + function moveMarkersToFront(x) { + const re = /^(\s+)!!/gm; + return x.replace(re, (_, spaces) => `!!${spaces.substring(0, spaces.length - 2)}`); + } + } + /** + * Record a capture against in this match result. + */ recordCapture(options) { let values = this.captures.get(options.capture); if (values === void 0) { @@ -93,6 +296,18 @@ var MatchResult = class { this.captures.set(options.capture, values); } }; +function* range(n) { + for (let i = 0; i < n; i++) { + yield i; + } +} +function* enumFirst(xs) { + let first = true; + for (const x of xs) { + yield [first, x]; + first = false; + } +} // ../assertions/lib/private/matchers/absent.ts var AbsentMatch = class extends Matcher { @@ -113,6 +328,51 @@ var AbsentMatch = class extends Matcher { } }; +// ../assertions/lib/private/sorting.ts +function sortKeyComparator(keyFn) { + return (a, b) => { + const ak = keyFn(a); + const bk = keyFn(b); + for (let i = 0; i < ak.length && i < bk.length; i++) { + const av = ak[i]; + const bv = bk[i]; + let diff = 0; + if (typeof av === "number" && typeof bv === "number") { + diff = av - bv; + } else if (typeof av === "string" && typeof bv === "string") { + diff = av.localeCompare(bv); + } + if (diff !== 0) { + return diff; + } + } + return bk.length - ak.length; + }; +} + +// ../assertions/lib/private/sparse-matrix.ts +var SparseMatrix = class { + constructor() { + this.matrix = /* @__PURE__ */ new Map(); + } + get(row, col) { + var _a; + return (_a = this.matrix.get(row)) == null ? void 0 : _a.get(col); + } + row(row) { + var _a; + return Array.from(((_a = this.matrix.get(row)) == null ? void 0 : _a.entries()) ?? []); + } + set(row, col, value) { + let r = this.matrix.get(row); + if (!r) { + r = /* @__PURE__ */ new Map(); + this.matrix.set(row, r); + } + r.set(col, value); + } +}; + // ../assertions/lib/private/type.ts function getType(obj) { return Array.isArray(obj) ? "array" : typeof obj; @@ -120,33 +380,74 @@ function getType(obj) { // ../assertions/lib/match.ts var Match = class { + /** + * Use this matcher in the place of a field's value, if the field must not be present. + */ static absent() { return new AbsentMatch("absent"); } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must be in the same order as would be found. + * @param pattern the pattern to match + */ static arrayWith(pattern) { return new ArrayMatch("arrayWith", pattern); } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must match exactly and in order. + * @param pattern the pattern to match + */ static arrayEquals(pattern) { return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); } + /** + * Deep exact matching of the specified pattern to the target. + * @param pattern the pattern to match + */ static exact(pattern) { return new LiteralMatch("exact", pattern, { partialObjects: false }); } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must be present in the target but the target can be a superset. + * @param pattern the pattern to match + */ static objectLike(pattern) { return new ObjectMatch("objectLike", pattern); } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must match exactly with the target. + * @param pattern the pattern to match + */ static objectEquals(pattern) { return new ObjectMatch("objectEquals", pattern, { partial: false }); } + /** + * Matches any target which does NOT follow the specified pattern. + * @param pattern the pattern to NOT match + */ static not(pattern) { return new NotMatch("not", pattern); } + /** + * Matches any string-encoded JSON and applies the specified pattern after parsing it. + * @param pattern the pattern to match after parsing the encoded JSON. + */ static serializedJson(pattern) { return new SerializedJson("serializedJson", pattern); } + /** + * Matches any non-null value at the target. + */ static anyValue() { return new AnyMatch("anyValue"); } + /** + * Matches targets according to a regular expression + */ static stringLikeRegexp(pattern) { return new StringLikeRegexpMatch("stringLikeRegexp", pattern); } @@ -203,40 +504,87 @@ var ArrayMatch = class extends Matcher { message: `Expected type array but received ${getType(actual)}` }); } - if (!this.subsequence && this.pattern.length !== actual.length) { - return new MatchResult(actual).recordFailure({ + return this.subsequence ? this.testSubsequence(actual) : this.testFullArray(actual); + } + testFullArray(actual) { + const result = new MatchResult(actual); + let i = 0; + for (; i < this.pattern.length && i < actual.length; i++) { + const patternElement = this.pattern[i]; + const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); + const innerResult = matcher.test(actual[i]); + result.compose(`${i}`, innerResult); + } + if (i < this.pattern.length) { + result.recordFailure({ matcher: this, - path: [], - message: `Expected array of length ${this.pattern.length} but received ${actual.length}` + message: `Not enough elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] + }); + } + if (i < actual.length) { + result.recordFailure({ + matcher: this, + message: `Too many elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] }); } + return result; + } + testSubsequence(actual) { + const result = new MatchResult(actual); let patternIdx = 0; let actualIdx = 0; - const result = new MatchResult(actual); + const matches = new SparseMatrix(); while (patternIdx < this.pattern.length && actualIdx < actual.length) { const patternElement = this.pattern[patternIdx]; const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); const matcherName = matcher.name; - if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { + if (matcherName == "absent" || matcherName == "anyValue") { throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); } const innerResult = matcher.test(actual[actualIdx]); - if (!this.subsequence || !innerResult.hasFailed()) { - result.compose(`[${actualIdx}]`, innerResult); + matches.set(patternIdx, actualIdx, innerResult); + actualIdx++; + if (innerResult.isSuccess) { + result.compose(`${actualIdx}`, innerResult); patternIdx++; - actualIdx++; - } else { - actualIdx++; } } - for (; patternIdx < this.pattern.length; patternIdx++) { - const pattern = this.pattern[patternIdx]; - const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; - result.recordFailure({ - matcher: this, - path: [], - message: `Missing element${element}at pattern index ${patternIdx}` - }); + if (patternIdx < this.pattern.length) { + for (let spi = 0; spi < patternIdx; spi++) { + const foundMatch = matches.row(spi).find(([, r]) => r.isSuccess); + if (!foundMatch) { + continue; + } + const [index] = foundMatch; + result.compose(`${index}`, new MatchResult(actual[index]).recordFailure({ + matcher: this, + message: `arrayWith pattern ${spi} matched here`, + path: [], + cost: 0 + // This is an informational message so it would be unfair to assign it cost + })); + } + const failedMatches = matches.row(patternIdx); + failedMatches.sort(sortKeyComparator(([i, r]) => [r.failCost, i])); + if (failedMatches.length > 0) { + const [index, innerResult] = failedMatches[0]; + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. This is the closest match`, + path: [`${index}`], + cost: 0 + // Informational message + }); + result.compose(`${index}`, innerResult); + } else { + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. No more elements to try`, + path: [`${actual.length}`] + }); + } } return result; } @@ -262,8 +610,8 @@ var ObjectMatch = class extends Matcher { if (!(a in this.pattern)) { result.recordFailure({ matcher: this, - path: [`/${a}`], - message: "Unexpected key" + path: [a], + message: `Unexpected key ${a}` }); } } @@ -272,14 +620,14 @@ var ObjectMatch = class extends Matcher { if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { result.recordFailure({ matcher: this, - path: [`/${patternKey}`], - message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` + path: [patternKey], + message: `Missing key '${patternKey}'` }); continue; } const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); const inner = matcher.test(actual[patternKey]); - result.compose(`/${patternKey}`, inner); + result.compose(patternKey, inner); } return result; } @@ -291,34 +639,37 @@ var SerializedJson = class extends Matcher { this.pattern = pattern; } test(actual) { - const result = new MatchResult(actual); if (getType(actual) !== "string") { - result.recordFailure({ + return new MatchResult(actual).recordFailure({ matcher: this, path: [], message: `Expected JSON as a string but found ${getType(actual)}` }); - return result; } let parsed; try { parsed = JSON.parse(actual); } catch (err) { if (err instanceof SyntaxError) { - result.recordFailure({ + return new MatchResult(actual).recordFailure({ matcher: this, path: [], message: `Invalid JSON string: ${actual}` }); - return result; } else { throw err; } } const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); const innerResult = matcher.test(parsed); - result.compose(`(${this.name})`, innerResult); - return result; + if (innerResult.hasFailed()) { + innerResult.recordFailure({ + matcher: this, + path: [], + message: "Encoded JSON value does not match" + }); + } + return innerResult; } }; var NotMatch = class extends Matcher { @@ -405,6 +756,10 @@ var CustomResourceHandler = class { this.event = event; this.physicalResourceId = extractPhysicalResourceId(event); } + /** + * Handles executing the custom resource event. If `stateMachineArn` is present + * in the props then trigger the waiter statemachine + */ async handle() { try { if ("stateMachineArn" in this.event.ResourceProperties) { @@ -426,6 +781,9 @@ var CustomResourceHandler = class { clearTimeout(this.timeout); } } + /** + * Handle async requests from the waiter state machine + */ async handleIsComplete() { try { const result = await this.processEvent(this.event.ResourceProperties); @@ -437,6 +795,10 @@ var CustomResourceHandler = class { clearTimeout(this.timeout); } } + /** + * Start a step function state machine which will wait for the request + * to be successful. + */ async startExecution(req) { try { const sfn = new AWS.StepFunctions(); @@ -507,10 +869,7 @@ var AssertionHandler = class extends CustomResourceHandler { failed: true, assertion: JSON.stringify({ status: "fail", - message: [ - ...matchResult.toHumanStrings(), - JSON.stringify(matchResult.target, void 0, 2) - ].join("\n") + message: matchResult.renderMismatch() }) }; if (request2.failDeployment) { @@ -532,6 +891,65 @@ var MatchCreator = class { matcher: obj }; } + /** + * Return a Matcher that can be tested against the actual results. + * This will convert the encoded matchers into their corresponding + * assertions matcher. + * + * For example: + * + * ExpectedResult.objectLike({ + * Messages: [{ + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * }], + * }); + * + * Will be encoded as: + * { + * $ObjectLike: { + * Messages: [{ + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * }], + * }, + * } + * + * Which can then be parsed by this function. For each key (recursively) + * the parser will check if the value has one of the encoded matchers as a key + * and if so, it will set the value as the Matcher. So, + * + * { + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * } + * + * Will be converted to + * { + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * } + */ getMatcher() { try { const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { @@ -543,6 +961,8 @@ var MatchCreator = class { return Match.objectLike(v[nested]); case "$StringLike": return Match.stringLikeRegexp(v[nested]); + case "$SerializedJson": + return Match.serializedJson(v[nested]); default: return v; } @@ -614,11 +1034,26 @@ var AwsApiCallHandler = class extends CustomResourceHandler { const flatData = { ...flatten(respond) }; - const resp = request2.flattenResponse === "true" ? flatData : respond; + let resp = respond; + if (request2.outputPaths) { + resp = filterKeys(flatData, request2.outputPaths); + } else if (request2.flattenResponse === "true") { + resp = flatData; + } console.log(`Returning result ${JSON.stringify(resp)}`); return resp; } }; +function filterKeys(object, searchStrings) { + return Object.entries(object).reduce((filteredObject, [key, value]) => { + for (const searchString of searchStrings) { + if (key.startsWith(`apiCallResponse.${searchString}`)) { + filteredObject[key] = value; + } + } + return filteredObject; + }, {}); +} function isJsonString(value) { try { return JSON.parse(value); @@ -664,6 +1099,7 @@ async function handler(event, context) { await provider.respond({ status: "SUCCESS", reason: "OK", + // return both the result of the API call _and_ the assertion results data: { ...assertionResult, ...result diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.bundle/index.js b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.bundle/index.js deleted file mode 100644 index a9e7e7241efc7..0000000000000 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/asset.d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.bundle/index.js +++ /dev/null @@ -1,669 +0,0 @@ -"use strict"; -var __create = Object.create; -var __defProp = Object.defineProperty; -var __getOwnPropDesc = Object.getOwnPropertyDescriptor; -var __getOwnPropNames = Object.getOwnPropertyNames; -var __getProtoOf = Object.getPrototypeOf; -var __hasOwnProp = Object.prototype.hasOwnProperty; -var __export = (target, all) => { - for (var name in all) - __defProp(target, name, { get: all[name], enumerable: true }); -}; -var __copyProps = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames(from)) - if (!__hasOwnProp.call(to, key) && key !== except) - __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); - } - return to; -}; -var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( - isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, - mod -)); -var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); - -// lib/assertions/providers/lambda-handler/index.ts -var lambda_handler_exports = {}; -__export(lambda_handler_exports, { - handler: () => handler -}); -module.exports = __toCommonJS(lambda_handler_exports); - -// ../assertions/lib/matcher.ts -var Matcher = class { - static isMatcher(x) { - return x && x instanceof Matcher; - } -}; -var MatchResult = class { - constructor(target) { - this.failures = []; - this.captures = /* @__PURE__ */ new Map(); - this.finalized = false; - this.target = target; - } - push(matcher, path, message) { - return this.recordFailure({ matcher, path, message }); - } - recordFailure(failure) { - this.failures.push(failure); - return this; - } - hasFailed() { - return this.failures.length !== 0; - } - get failCount() { - return this.failures.length; - } - compose(id, inner) { - const innerF = inner.failures; - this.failures.push(...innerF.map((f) => { - return { path: [id, ...f.path], message: f.message, matcher: f.matcher }; - })); - inner.captures.forEach((vals, capture) => { - vals.forEach((value) => this.recordCapture({ capture, value })); - }); - return this; - } - finished() { - if (this.finalized) { - return this; - } - if (this.failCount === 0) { - this.captures.forEach((vals, cap) => cap._captured.push(...vals)); - } - this.finalized = true; - return this; - } - toHumanStrings() { - return this.failures.map((r) => { - const loc = r.path.length === 0 ? "" : ` at ${r.path.join("")}`; - return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; - }); - } - recordCapture(options) { - let values = this.captures.get(options.capture); - if (values === void 0) { - values = []; - } - values.push(options.value); - this.captures.set(options.capture, values); - } -}; - -// ../assertions/lib/private/matchers/absent.ts -var AbsentMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual !== void 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Received ${actual}, but key should be absent` - }); - } - return result; - } -}; - -// ../assertions/lib/private/type.ts -function getType(obj) { - return Array.isArray(obj) ? "array" : typeof obj; -} - -// ../assertions/lib/match.ts -var Match = class { - static absent() { - return new AbsentMatch("absent"); - } - static arrayWith(pattern) { - return new ArrayMatch("arrayWith", pattern); - } - static arrayEquals(pattern) { - return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); - } - static exact(pattern) { - return new LiteralMatch("exact", pattern, { partialObjects: false }); - } - static objectLike(pattern) { - return new ObjectMatch("objectLike", pattern); - } - static objectEquals(pattern) { - return new ObjectMatch("objectEquals", pattern, { partial: false }); - } - static not(pattern) { - return new NotMatch("not", pattern); - } - static serializedJson(pattern) { - return new SerializedJson("serializedJson", pattern); - } - static anyValue() { - return new AnyMatch("anyValue"); - } - static stringLikeRegexp(pattern) { - return new StringLikeRegexpMatch("stringLikeRegexp", pattern); - } -}; -var LiteralMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partialObjects = options.partialObjects ?? false; - if (Matcher.isMatcher(this.pattern)) { - throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); - } - } - test(actual) { - if (Array.isArray(this.pattern)) { - return new ArrayMatch(this.name, this.pattern, { subsequence: false, partialObjects: this.partialObjects }).test(actual); - } - if (typeof this.pattern === "object") { - return new ObjectMatch(this.name, this.pattern, { partial: this.partialObjects }).test(actual); - } - const result = new MatchResult(actual); - if (typeof this.pattern !== typeof actual) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected type ${typeof this.pattern} but received ${getType(actual)}` - }); - return result; - } - if (actual !== this.pattern) { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected ${this.pattern} but received ${actual}` - }); - } - return result; - } -}; -var ArrayMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.subsequence = options.subsequence ?? true; - this.partialObjects = options.partialObjects ?? false; - } - test(actual) { - if (!Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type array but received ${getType(actual)}` - }); - } - if (!this.subsequence && this.pattern.length !== actual.length) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected array of length ${this.pattern.length} but received ${actual.length}` - }); - } - let patternIdx = 0; - let actualIdx = 0; - const result = new MatchResult(actual); - while (patternIdx < this.pattern.length && actualIdx < actual.length) { - const patternElement = this.pattern[patternIdx]; - const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); - const matcherName = matcher.name; - if (this.subsequence && (matcherName == "absent" || matcherName == "anyValue")) { - throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); - } - const innerResult = matcher.test(actual[actualIdx]); - if (!this.subsequence || !innerResult.hasFailed()) { - result.compose(`[${actualIdx}]`, innerResult); - patternIdx++; - actualIdx++; - } else { - actualIdx++; - } - } - for (; patternIdx < this.pattern.length; patternIdx++) { - const pattern = this.pattern[patternIdx]; - const element = Matcher.isMatcher(pattern) || typeof pattern === "object" ? " " : ` [${pattern}] `; - result.recordFailure({ - matcher: this, - path: [], - message: `Missing element${element}at pattern index ${patternIdx}` - }); - } - return result; - } -}; -var ObjectMatch = class extends Matcher { - constructor(name, pattern, options = {}) { - super(); - this.name = name; - this.pattern = pattern; - this.partial = options.partial ?? true; - } - test(actual) { - if (typeof actual !== "object" || Array.isArray(actual)) { - return new MatchResult(actual).recordFailure({ - matcher: this, - path: [], - message: `Expected type object but received ${getType(actual)}` - }); - } - const result = new MatchResult(actual); - if (!this.partial) { - for (const a of Object.keys(actual)) { - if (!(a in this.pattern)) { - result.recordFailure({ - matcher: this, - path: [`/${a}`], - message: "Unexpected key" - }); - } - } - } - for (const [patternKey, patternVal] of Object.entries(this.pattern)) { - if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { - result.recordFailure({ - matcher: this, - path: [`/${patternKey}`], - message: `Missing key '${patternKey}' among {${Object.keys(actual).join(",")}}` - }); - continue; - } - const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); - const inner = matcher.test(actual[patternKey]); - result.compose(`/${patternKey}`, inner); - } - return result; - } -}; -var SerializedJson = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - if (getType(actual) !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected JSON as a string but found ${getType(actual)}` - }); - return result; - } - let parsed; - try { - parsed = JSON.parse(actual); - } catch (err) { - if (err instanceof SyntaxError) { - result.recordFailure({ - matcher: this, - path: [], - message: `Invalid JSON string: ${actual}` - }); - return result; - } else { - throw err; - } - } - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(parsed); - result.compose(`(${this.name})`, innerResult); - return result; - } -}; -var NotMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); - const innerResult = matcher.test(actual); - const result = new MatchResult(actual); - if (innerResult.failCount === 0) { - result.recordFailure({ - matcher: this, - path: [], - message: `Found unexpected match: ${JSON.stringify(actual, void 0, 2)}` - }); - } - return result; - } -}; -var AnyMatch = class extends Matcher { - constructor(name) { - super(); - this.name = name; - } - test(actual) { - const result = new MatchResult(actual); - if (actual == null) { - result.recordFailure({ - matcher: this, - path: [], - message: "Expected a value but found none" - }); - } - return result; - } -}; -var StringLikeRegexpMatch = class extends Matcher { - constructor(name, pattern) { - super(); - this.name = name; - this.pattern = pattern; - } - test(actual) { - const result = new MatchResult(actual); - const regex = new RegExp(this.pattern, "gm"); - if (typeof actual !== "string") { - result.recordFailure({ - matcher: this, - path: [], - message: `Expected a string, but got '${typeof actual}'` - }); - } - if (!regex.test(actual)) { - result.recordFailure({ - matcher: this, - path: [], - message: `String '${actual}' did not match pattern '${this.pattern}'` - }); - } - return result; - } -}; - -// lib/assertions/providers/lambda-handler/base.ts -var https = __toESM(require("https")); -var url = __toESM(require("url")); -var CustomResourceHandler = class { - constructor(event, context) { - this.event = event; - this.context = context; - this.timedOut = false; - this.timeout = setTimeout(async () => { - await this.respond({ - status: "FAILED", - reason: "Lambda Function Timeout", - data: this.context.logStreamName - }); - this.timedOut = true; - }, context.getRemainingTimeInMillis() - 1200); - this.event = event; - this.physicalResourceId = extractPhysicalResourceId(event); - } - async handle() { - try { - const response = await this.processEvent(this.event.ResourceProperties); - return response; - } catch (e) { - console.log(e); - throw e; - } finally { - clearTimeout(this.timeout); - } - } - respond(response) { - if (this.timedOut) { - return; - } - const cfResponse = { - Status: response.status, - Reason: response.reason, - PhysicalResourceId: this.physicalResourceId, - StackId: this.event.StackId, - RequestId: this.event.RequestId, - LogicalResourceId: this.event.LogicalResourceId, - NoEcho: false, - Data: response.data - }; - const responseBody = JSON.stringify(cfResponse); - console.log("Responding to CloudFormation", responseBody); - const parsedUrl = url.parse(this.event.ResponseURL); - const requestOptions = { - hostname: parsedUrl.hostname, - path: parsedUrl.path, - method: "PUT", - headers: { "content-type": "", "content-length": responseBody.length } - }; - return new Promise((resolve, reject) => { - try { - const request2 = https.request(requestOptions, resolve); - request2.on("error", reject); - request2.write(responseBody); - request2.end(); - } catch (e) { - reject(e); - } - }); - } -}; -function extractPhysicalResourceId(event) { - switch (event.RequestType) { - case "Create": - return event.LogicalResourceId; - case "Update": - case "Delete": - return event.PhysicalResourceId; - } -} - -// lib/assertions/providers/lambda-handler/assertion.ts -var AssertionHandler = class extends CustomResourceHandler { - async processEvent(request2) { - let actual = decodeCall(request2.actual); - const expected = decodeCall(request2.expected); - let result; - const matcher = new MatchCreator(expected).getMatcher(); - console.log(`Testing equality between ${JSON.stringify(request2.actual)} and ${JSON.stringify(request2.expected)}`); - const matchResult = matcher.test(actual); - matchResult.finished(); - if (matchResult.hasFailed()) { - result = { - failed: true, - assertion: JSON.stringify({ - status: "fail", - message: [ - ...matchResult.toHumanStrings(), - JSON.stringify(matchResult.target, void 0, 2) - ].join("\n") - }) - }; - if (request2.failDeployment) { - throw new Error(result.assertion); - } - } else { - result = { - assertion: JSON.stringify({ - status: "success" - }) - }; - } - return result; - } -}; -var MatchCreator = class { - constructor(obj) { - this.parsedObj = { - matcher: obj - }; - } - getMatcher() { - try { - const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { - const nested = Object.keys(v)[0]; - switch (nested) { - case "$ArrayWith": - return Match.arrayWith(v[nested]); - case "$ObjectLike": - return Match.objectLike(v[nested]); - case "$StringLike": - return Match.stringLikeRegexp(v[nested]); - default: - return v; - } - }); - if (Matcher.isMatcher(final.matcher)) { - return final.matcher; - } - return Match.exact(final.matcher); - } catch { - return Match.exact(this.parsedObj.matcher); - } - } -}; -function decodeCall(call) { - if (!call) { - return void 0; - } - try { - const parsed = JSON.parse(call); - return parsed; - } catch (e) { - return call; - } -} - -// lib/assertions/providers/lambda-handler/utils.ts -function decode(object) { - return JSON.parse(JSON.stringify(object), (_k, v) => { - switch (v) { - case "TRUE:BOOLEAN": - return true; - case "FALSE:BOOLEAN": - return false; - default: - return v; - } - }); -} - -// lib/assertions/providers/lambda-handler/sdk.ts -function flatten(object) { - return Object.assign( - {}, - ...function _flatten(child, path = []) { - return [].concat(...Object.keys(child).map((key) => { - let childKey = Buffer.isBuffer(child[key]) ? child[key].toString("utf8") : child[key]; - if (typeof childKey === "string") { - childKey = isJsonString(childKey); - } - return typeof childKey === "object" && childKey !== null ? _flatten(childKey, path.concat([key])) : { [path.concat([key]).join(".")]: childKey }; - })); - }(object) - ); -} -var AwsApiCallHandler = class extends CustomResourceHandler { - async processEvent(request2) { - const AWS = require("aws-sdk"); - console.log(`AWS SDK VERSION: ${AWS.VERSION}`); - if (!Object.prototype.hasOwnProperty.call(AWS, request2.service)) { - throw Error(`Service ${request2.service} does not exist in AWS SDK version ${AWS.VERSION}.`); - } - const service = new AWS[request2.service](); - const response = await service[request2.api](request2.parameters && decode(request2.parameters)).promise(); - console.log(`SDK response received ${JSON.stringify(response)}`); - delete response.ResponseMetadata; - const respond = { - apiCallResponse: response - }; - const flatData = { - ...flatten(respond) - }; - const resp = request2.flattenResponse === "true" ? flatData : respond; - console.log(`Returning result ${JSON.stringify(resp)}`); - return resp; - } -}; -function isJsonString(value) { - try { - return JSON.parse(value); - } catch { - return value; - } -} - -// lib/assertions/providers/lambda-handler/types.ts -var ASSERT_RESOURCE_TYPE = "Custom::DeployAssert@AssertEquals"; -var SDK_RESOURCE_TYPE_PREFIX = "Custom::DeployAssert@SdkCall"; - -// lib/assertions/providers/lambda-handler/index.ts -async function handler(event, context) { - console.log(`Event: ${JSON.stringify({ ...event, ResponseURL: "..." })}`); - const provider = createResourceHandler(event, context); - try { - if (event.RequestType === "Delete") { - await provider.respond({ - status: "SUCCESS", - reason: "OK" - }); - return; - } - const result = await provider.handle(); - const actualPath = event.ResourceProperties.actualPath; - const actual = actualPath ? result[`apiCallResponse.${actualPath}`] : result.apiCallResponse; - if ("expected" in event.ResourceProperties) { - const assertion = new AssertionHandler({ - ...event, - ResourceProperties: { - ServiceToken: event.ServiceToken, - actual, - expected: event.ResourceProperties.expected - } - }, context); - try { - const assertionResult = await assertion.handle(); - await provider.respond({ - status: "SUCCESS", - reason: "OK", - data: { - ...assertionResult, - ...result - } - }); - return; - } catch (e) { - await provider.respond({ - status: "FAILED", - reason: e.message ?? "Internal Error" - }); - return; - } - } - await provider.respond({ - status: "SUCCESS", - reason: "OK", - data: result - }); - } catch (e) { - await provider.respond({ - status: "FAILED", - reason: e.message ?? "Internal Error" - }); - return; - } - return; -} -function createResourceHandler(event, context) { - if (event.ResourceType.startsWith(SDK_RESOURCE_TYPE_PREFIX)) { - return new AwsApiCallHandler(event, context); - } else if (event.ResourceType.startsWith(ASSERT_RESOURCE_TYPE)) { - return new AssertionHandler(event, context); - } else { - throw new Error(`Unsupported resource type "${event.ResourceType}`); - } -} -// Annotate the CommonJS export names for ESM import in node: -0 && (module.exports = { - handler -}); diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/base.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/base.assets.json index 9f0c6525d7f91..2b0406276e727 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/base.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/base.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { "1caf5ea1b3cc1aedc4ec46feb2680836eae5804fa1ae1d8a572944636e88531b": { "source": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/cdk.out index 8ecc185e9dbee..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"21.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/integ.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/integ.json index 1e9ee364aca3e..aebe2612de860 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "testCases": { "ssm-string-param/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/list-param.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/list-param.assets.json index 47303559bc7be..511467ae0901c 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/list-param.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/list-param.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { "f21f04e61fc048db023578e8c9bdab9b7f45992bd3d533bcf7fb9eb87991bc95": { "source": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/manifest.json index d8e0de9e54959..719162cd30161 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "artifacts": { "base.assets": { "type": "cdk:asset-manifest", @@ -178,7 +178,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3fdd4225944766d24a4a35fa88db2febd8e7f28bd8ea992c8972583ca24d0b9a.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b707a28540181bd09e120c895fa139b9bf644835095f79f29045b5281a61ff9b.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.assets.json index edc04ad32c05b..03bae5afdafd5 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { - "d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb": { + "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28": { "source": { - "path": "asset.d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.bundle", + "path": "asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.zip", + "objectKey": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "3fdd4225944766d24a4a35fa88db2febd8e7f28bd8ea992c8972583ca24d0b9a": { + "b707a28540181bd09e120c895fa139b9bf644835095f79f29045b5281a61ff9b": { "source": { "path": "ssmstringparamDefaultTestDeployAssert9C612E37.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "3fdd4225944766d24a4a35fa88db2febd8e7f28bd8ea992c8972583ca24d0b9a.json", + "objectKey": "b707a28540181bd09e120c895fa139b9bf644835095f79f29045b5281a61ff9b.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.template.json b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.template.json index f0328cc7a02d6..c724787b3ce7a 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.template.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.list-parameter.js.snapshot/ssmstringparamDefaultTestDeployAssert9C612E37.template.json @@ -26,7 +26,7 @@ ] }, "flattenResponse": "false", - "salt": "1663960575818" + "salt": "1677705112870" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -80,7 +80,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "d47f7e6772bfdf47ecbc070ffe204baf53bacbfbf7814eb407bd8ea108c1c1bb.zip" + "S3Key": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip" }, "Timeout": 120, "Handler": "index.handler", diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdk.out index 588d7b269d34f..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"20.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets.json new file mode 100644 index 0000000000000..764a6d46160e1 --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ-parameter-arns.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ-parameter-arns.assets.json index d74374938ea2e..48bdfe13582a6 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ-parameter-arns.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ-parameter-arns.assets.json @@ -1,5 +1,5 @@ { - "version": "20.0.0", + "version": "30.1.0", "files": { "ab8a821f2d4347b885e1e7bdf551140408b2750fbafbac4513181d12253510be": { "source": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ.json index 19eada241a4ca..7ce3e8ca1c0c5 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/integ.json @@ -1,14 +1,12 @@ { - "version": "20.0.0", + "version": "30.1.0", "testCases": { - "integ.parameter-arns": { + "cdk-integ-ssm-parameter-arns/DefaultTest": { "stacks": [ "integ-parameter-arns" ], - "diffAssets": false, - "stackUpdateWorkflow": true + "assertionStack": "cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49" } - }, - "synthContext": {}, - "enableLookups": false + } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/manifest.json index 5c02e6d204a32..8256affd97ded 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "20.0.0", + "version": "30.1.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "integ-parameter-arns.assets": { "type": "cdk:asset-manifest", "properties": { @@ -155,6 +149,59 @@ ] }, "displayName": "integ-parameter-arns" + }, + "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegssmparameterarnsDefaultTestDeployAssertE4B86A49.assets" + ], + "metadata": { + "/cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/tree.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/tree.json index 2b744d57fcbe2..4d63b893e3801 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" - } - }, "integ-parameter-arns": { "id": "integ-parameter-arns", "path": "integ-parameter-arns", @@ -20,8 +12,8 @@ "id": "ParameterNameParameter", "path": "integ-parameter-arns/ParameterNameParameter", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" } }, "StringAutogen": { @@ -247,76 +239,154 @@ "id": "StringAutogenArn", "path": "integ-parameter-arns/StringAutogenArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "StringSimpleArn": { "id": "StringSimpleArn", "path": "integ-parameter-arns/StringSimpleArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "StringPathArn": { "id": "StringPathArn", "path": "integ-parameter-arns/StringPathArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ListAutogenArn": { "id": "ListAutogenArn", "path": "integ-parameter-arns/ListAutogenArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ListSimpleArn": { "id": "ListSimpleArn", "path": "integ-parameter-arns/ListSimpleArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ListPathArn": { "id": "ListPathArn", "path": "integ-parameter-arns/ListPathArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ParameterizedSimpleArn": { "id": "ParameterizedSimpleArn", "path": "integ-parameter-arns/ParameterizedSimpleArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ParameterizedNonSimpleArn": { "id": "ParameterizedNonSimpleArn", "path": "integ-parameter-arns/ParameterizedNonSimpleArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-parameter-arns/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-parameter-arns/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" } } }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-ssm-parameter-arns": { + "id": "cdk-integ-ssm-parameter-arns", + "path": "cdk-integ-ssm-parameter-arns", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-ssm-parameter-arns/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-ssm-parameter-arns/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.264" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-ssm-parameter-arns/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.1.264" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.ts b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.ts index 277e06557ba6d..6d14c352f1350 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.ts +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-arns.ts @@ -1,5 +1,5 @@ -/* eslint-disable max-len */ import { App, CfnOutput, CfnParameter, Stack } from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; import * as ssm from '../lib'; const app = new App(); @@ -22,4 +22,6 @@ for (const p of params) { new CfnOutput(stack, `${p.node.id}Arn`, { value: p.parameterArn }); } -app.synth(); +new IntegTest(app, 'cdk-integ-ssm-parameter-arns', { + testCases: [stack], +}); diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js new file mode 100644 index 0000000000000..4264087b9aab2 --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle/index.js @@ -0,0 +1,1204 @@ +var __create = Object.create; +var __defProp = Object.defineProperty; +var __getOwnPropDesc = Object.getOwnPropertyDescriptor; +var __getOwnPropNames = Object.getOwnPropertyNames; +var __getProtoOf = Object.getPrototypeOf; +var __hasOwnProp = Object.prototype.hasOwnProperty; +var __export = (target, all) => { + for (var name in all) + __defProp(target, name, { get: all[name], enumerable: true }); +}; +var __copyProps = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames(from)) + if (!__hasOwnProp.call(to, key) && key !== except) + __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); + } + return to; +}; +var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( + // If the importer is in node compatibility mode or this is not an ESM + // file that has been converted to a CommonJS file using a Babel- + // compatible transform (i.e. "__esModule" has not been set), then set + // "default" to the CommonJS "module.exports" for node compatibility. + isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, + mod +)); +var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); + +// lib/assertions/providers/lambda-handler/index.ts +var lambda_handler_exports = {}; +__export(lambda_handler_exports, { + handler: () => handler, + isComplete: () => isComplete, + onTimeout: () => onTimeout +}); +module.exports = __toCommonJS(lambda_handler_exports); + +// ../assertions/lib/matcher.ts +var Matcher = class { + /** + * Check whether the provided object is a subtype of the `IMatcher`. + */ + static isMatcher(x) { + return x && x instanceof Matcher; + } +}; +var MatchResult = class { + constructor(target) { + this.failuresHere = /* @__PURE__ */ new Map(); + this.captures = /* @__PURE__ */ new Map(); + this.finalized = false; + this.innerMatchFailures = /* @__PURE__ */ new Map(); + this._hasFailed = false; + this._failCount = 0; + this._cost = 0; + this.target = target; + } + /** + * DEPRECATED + * @deprecated use recordFailure() + */ + push(matcher, path, message) { + return this.recordFailure({ matcher, path, message }); + } + /** + * Record a new failure into this result at a specific path. + */ + recordFailure(failure) { + const failKey = failure.path.join("."); + let list = this.failuresHere.get(failKey); + if (!list) { + list = []; + this.failuresHere.set(failKey, list); + } + this._failCount += 1; + this._cost += failure.cost ?? 1; + list.push(failure); + this._hasFailed = true; + return this; + } + /** Whether the match is a success */ + get isSuccess() { + return !this._hasFailed; + } + /** Does the result contain any failures. If not, the result is a success */ + hasFailed() { + return this._hasFailed; + } + /** The number of failures */ + get failCount() { + return this._failCount; + } + /** The cost of the failures so far */ + get failCost() { + return this._cost; + } + /** + * Compose the results of a previous match as a subtree. + * @param id the id of the parent tree. + */ + compose(id, inner) { + if (inner.hasFailed()) { + this._hasFailed = true; + this._failCount += inner.failCount; + this._cost += inner._cost; + this.innerMatchFailures.set(id, inner); + } + inner.captures.forEach((vals, capture) => { + vals.forEach((value) => this.recordCapture({ capture, value })); + }); + return this; + } + /** + * Prepare the result to be analyzed. + * This API *must* be called prior to analyzing these results. + */ + finished() { + if (this.finalized) { + return this; + } + if (this.failCount === 0) { + this.captures.forEach((vals, cap) => cap._captured.push(...vals)); + } + this.finalized = true; + return this; + } + /** + * Render the failed match in a presentable way + * + * Prefer using `renderMismatch` over this method. It is left for backwards + * compatibility for test suites that expect it, but `renderMismatch()` will + * produce better output. + */ + toHumanStrings() { + const failures = new Array(); + debugger; + recurse(this, []); + return failures.map((r) => { + const loc = r.path.length === 0 ? "" : ` at /${r.path.join("/")}`; + return "" + r.message + loc + ` (using ${r.matcher.name} matcher)`; + }); + function recurse(x, prefix) { + for (const fail of Array.from(x.failuresHere.values()).flat()) { + failures.push({ + matcher: fail.matcher, + message: fail.message, + path: [...prefix, ...fail.path] + }); + } + for (const [key, inner] of x.innerMatchFailures.entries()) { + recurse(inner, [...prefix, key]); + } + } + } + /** + * Do a deep render of the match result, showing the structure mismatches in context + */ + renderMismatch() { + if (!this.hasFailed()) { + return ""; + } + const parts = new Array(); + const indents = new Array(); + emitFailures(this, ""); + recurse(this); + return moveMarkersToFront(parts.join("").trimEnd()); + function emit(x) { + if (x === void 0) { + debugger; + } + parts.push(x.replace(/\n/g, ` +${indents.join("")}`)); + } + function emitFailures(r, path, scrapSet) { + for (const fail of r.failuresHere.get(path) ?? []) { + emit(`!! ${fail.message} +`); + } + scrapSet == null ? void 0 : scrapSet.delete(path); + } + function recurse(r) { + const remainingFailures = new Set(Array.from(r.failuresHere.keys()).filter((x) => x !== "")); + if (Array.isArray(r.target)) { + indents.push(" "); + emit("[\n"); + for (const [first, i] of enumFirst(range(r.target.length))) { + if (!first) { + emit(",\n"); + } + emitFailures(r, `${i}`, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(`${i}`); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + recurseComparingValues(innerMatcher, r.target[i]); + } else { + emit(renderAbridged(r.target[i])); + } + } + emitRemaining(); + indents.pop(); + emit("\n]"); + return; + } + if (r.target && typeof r.target === "object") { + indents.push(" "); + emit("{\n"); + const keys = Array.from(/* @__PURE__ */ new Set([ + ...Object.keys(r.target), + ...Array.from(remainingFailures) + ])).sort(); + for (const [first, key] of enumFirst(keys)) { + if (!first) { + emit(",\n"); + } + emitFailures(r, key, remainingFailures); + const innerMatcher = r.innerMatchFailures.get(key); + if (innerMatcher) { + emitFailures(innerMatcher, ""); + emit(`${jsonify(key)}: `); + recurseComparingValues(innerMatcher, r.target[key]); + } else { + emit(`${jsonify(key)}: `); + emit(renderAbridged(r.target[key])); + } + } + emitRemaining(); + indents.pop(); + emit("\n}"); + return; + } + emitRemaining(); + emit(jsonify(r.target)); + function emitRemaining() { + if (remainingFailures.size > 0) { + emit("\n"); + } + for (const key of remainingFailures) { + emitFailures(r, key); + } + } + } + function recurseComparingValues(inner, actualValue) { + if (inner.target === actualValue) { + return recurse(inner); + } + emit(renderAbridged(actualValue)); + emit(" <*> "); + recurse(inner); + } + function renderAbridged(x) { + if (Array.isArray(x)) { + switch (x.length) { + case 0: + return "[]"; + case 1: + return `[ ${renderAbridged(x[0])} ]`; + case 2: + if (x.every((e) => ["number", "boolean", "string"].includes(typeof e))) { + return `[ ${x.map(renderAbridged).join(", ")} ]`; + } + return "[ ... ]"; + default: + return "[ ... ]"; + } + } + if (x && typeof x === "object") { + const keys = Object.keys(x); + switch (keys.length) { + case 0: + return "{}"; + case 1: + return `{ ${JSON.stringify(keys[0])}: ${renderAbridged(x[keys[0]])} }`; + default: + return "{ ... }"; + } + } + return jsonify(x); + } + function jsonify(x) { + return JSON.stringify(x) ?? "undefined"; + } + function moveMarkersToFront(x) { + const re = /^(\s+)!!/gm; + return x.replace(re, (_, spaces) => `!!${spaces.substring(0, spaces.length - 2)}`); + } + } + /** + * Record a capture against in this match result. + */ + recordCapture(options) { + let values = this.captures.get(options.capture); + if (values === void 0) { + values = []; + } + values.push(options.value); + this.captures.set(options.capture, values); + } +}; +function* range(n) { + for (let i = 0; i < n; i++) { + yield i; + } +} +function* enumFirst(xs) { + let first = true; + for (const x of xs) { + yield [first, x]; + first = false; + } +} + +// ../assertions/lib/private/matchers/absent.ts +var AbsentMatch = class extends Matcher { + constructor(name) { + super(); + this.name = name; + } + test(actual) { + const result = new MatchResult(actual); + if (actual !== void 0) { + result.recordFailure({ + matcher: this, + path: [], + message: `Received ${actual}, but key should be absent` + }); + } + return result; + } +}; + +// ../assertions/lib/private/sorting.ts +function sortKeyComparator(keyFn) { + return (a, b) => { + const ak = keyFn(a); + const bk = keyFn(b); + for (let i = 0; i < ak.length && i < bk.length; i++) { + const av = ak[i]; + const bv = bk[i]; + let diff = 0; + if (typeof av === "number" && typeof bv === "number") { + diff = av - bv; + } else if (typeof av === "string" && typeof bv === "string") { + diff = av.localeCompare(bv); + } + if (diff !== 0) { + return diff; + } + } + return bk.length - ak.length; + }; +} + +// ../assertions/lib/private/sparse-matrix.ts +var SparseMatrix = class { + constructor() { + this.matrix = /* @__PURE__ */ new Map(); + } + get(row, col) { + var _a; + return (_a = this.matrix.get(row)) == null ? void 0 : _a.get(col); + } + row(row) { + var _a; + return Array.from(((_a = this.matrix.get(row)) == null ? void 0 : _a.entries()) ?? []); + } + set(row, col, value) { + let r = this.matrix.get(row); + if (!r) { + r = /* @__PURE__ */ new Map(); + this.matrix.set(row, r); + } + r.set(col, value); + } +}; + +// ../assertions/lib/private/type.ts +function getType(obj) { + return Array.isArray(obj) ? "array" : typeof obj; +} + +// ../assertions/lib/match.ts +var Match = class { + /** + * Use this matcher in the place of a field's value, if the field must not be present. + */ + static absent() { + return new AbsentMatch("absent"); + } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must be in the same order as would be found. + * @param pattern the pattern to match + */ + static arrayWith(pattern) { + return new ArrayMatch("arrayWith", pattern); + } + /** + * Matches the specified pattern with the array found in the same relative path of the target. + * The set of elements (or matchers) must match exactly and in order. + * @param pattern the pattern to match + */ + static arrayEquals(pattern) { + return new ArrayMatch("arrayEquals", pattern, { subsequence: false }); + } + /** + * Deep exact matching of the specified pattern to the target. + * @param pattern the pattern to match + */ + static exact(pattern) { + return new LiteralMatch("exact", pattern, { partialObjects: false }); + } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must be present in the target but the target can be a superset. + * @param pattern the pattern to match + */ + static objectLike(pattern) { + return new ObjectMatch("objectLike", pattern); + } + /** + * Matches the specified pattern to an object found in the same relative path of the target. + * The keys and their values (or matchers) must match exactly with the target. + * @param pattern the pattern to match + */ + static objectEquals(pattern) { + return new ObjectMatch("objectEquals", pattern, { partial: false }); + } + /** + * Matches any target which does NOT follow the specified pattern. + * @param pattern the pattern to NOT match + */ + static not(pattern) { + return new NotMatch("not", pattern); + } + /** + * Matches any string-encoded JSON and applies the specified pattern after parsing it. + * @param pattern the pattern to match after parsing the encoded JSON. + */ + static serializedJson(pattern) { + return new SerializedJson("serializedJson", pattern); + } + /** + * Matches any non-null value at the target. + */ + static anyValue() { + return new AnyMatch("anyValue"); + } + /** + * Matches targets according to a regular expression + */ + static stringLikeRegexp(pattern) { + return new StringLikeRegexpMatch("stringLikeRegexp", pattern); + } +}; +var LiteralMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.partialObjects = options.partialObjects ?? false; + if (Matcher.isMatcher(this.pattern)) { + throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); + } + } + test(actual) { + if (Array.isArray(this.pattern)) { + return new ArrayMatch(this.name, this.pattern, { subsequence: false, partialObjects: this.partialObjects }).test(actual); + } + if (typeof this.pattern === "object") { + return new ObjectMatch(this.name, this.pattern, { partial: this.partialObjects }).test(actual); + } + const result = new MatchResult(actual); + if (typeof this.pattern !== typeof actual) { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected type ${typeof this.pattern} but received ${getType(actual)}` + }); + return result; + } + if (actual !== this.pattern) { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected ${this.pattern} but received ${actual}` + }); + } + return result; + } +}; +var ArrayMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.subsequence = options.subsequence ?? true; + this.partialObjects = options.partialObjects ?? false; + } + test(actual) { + if (!Array.isArray(actual)) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected type array but received ${getType(actual)}` + }); + } + return this.subsequence ? this.testSubsequence(actual) : this.testFullArray(actual); + } + testFullArray(actual) { + const result = new MatchResult(actual); + let i = 0; + for (; i < this.pattern.length && i < actual.length; i++) { + const patternElement = this.pattern[i]; + const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); + const innerResult = matcher.test(actual[i]); + result.compose(`${i}`, innerResult); + } + if (i < this.pattern.length) { + result.recordFailure({ + matcher: this, + message: `Not enough elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] + }); + } + if (i < actual.length) { + result.recordFailure({ + matcher: this, + message: `Too many elements in array (expecting ${this.pattern.length}, got ${actual.length})`, + path: [`${i}`] + }); + } + return result; + } + testSubsequence(actual) { + const result = new MatchResult(actual); + let patternIdx = 0; + let actualIdx = 0; + const matches = new SparseMatrix(); + while (patternIdx < this.pattern.length && actualIdx < actual.length) { + const patternElement = this.pattern[patternIdx]; + const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); + const matcherName = matcher.name; + if (matcherName == "absent" || matcherName == "anyValue") { + throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); + } + const innerResult = matcher.test(actual[actualIdx]); + matches.set(patternIdx, actualIdx, innerResult); + actualIdx++; + if (innerResult.isSuccess) { + result.compose(`${actualIdx}`, innerResult); + patternIdx++; + } + } + if (patternIdx < this.pattern.length) { + for (let spi = 0; spi < patternIdx; spi++) { + const foundMatch = matches.row(spi).find(([, r]) => r.isSuccess); + if (!foundMatch) { + continue; + } + const [index] = foundMatch; + result.compose(`${index}`, new MatchResult(actual[index]).recordFailure({ + matcher: this, + message: `arrayWith pattern ${spi} matched here`, + path: [], + cost: 0 + // This is an informational message so it would be unfair to assign it cost + })); + } + const failedMatches = matches.row(patternIdx); + failedMatches.sort(sortKeyComparator(([i, r]) => [r.failCost, i])); + if (failedMatches.length > 0) { + const [index, innerResult] = failedMatches[0]; + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. This is the closest match`, + path: [`${index}`], + cost: 0 + // Informational message + }); + result.compose(`${index}`, innerResult); + } else { + result.recordFailure({ + matcher: this, + message: `Could not match arrayWith pattern ${patternIdx}. No more elements to try`, + path: [`${actual.length}`] + }); + } + } + return result; + } +}; +var ObjectMatch = class extends Matcher { + constructor(name, pattern, options = {}) { + super(); + this.name = name; + this.pattern = pattern; + this.partial = options.partial ?? true; + } + test(actual) { + if (typeof actual !== "object" || Array.isArray(actual)) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected type object but received ${getType(actual)}` + }); + } + const result = new MatchResult(actual); + if (!this.partial) { + for (const a of Object.keys(actual)) { + if (!(a in this.pattern)) { + result.recordFailure({ + matcher: this, + path: [a], + message: `Unexpected key ${a}` + }); + } + } + } + for (const [patternKey, patternVal] of Object.entries(this.pattern)) { + if (!(patternKey in actual) && !(patternVal instanceof AbsentMatch)) { + result.recordFailure({ + matcher: this, + path: [patternKey], + message: `Missing key '${patternKey}'` + }); + continue; + } + const matcher = Matcher.isMatcher(patternVal) ? patternVal : new LiteralMatch(this.name, patternVal, { partialObjects: this.partial }); + const inner = matcher.test(actual[patternKey]); + result.compose(patternKey, inner); + } + return result; + } +}; +var SerializedJson = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + if (getType(actual) !== "string") { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Expected JSON as a string but found ${getType(actual)}` + }); + } + let parsed; + try { + parsed = JSON.parse(actual); + } catch (err) { + if (err instanceof SyntaxError) { + return new MatchResult(actual).recordFailure({ + matcher: this, + path: [], + message: `Invalid JSON string: ${actual}` + }); + } else { + throw err; + } + } + const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); + const innerResult = matcher.test(parsed); + if (innerResult.hasFailed()) { + innerResult.recordFailure({ + matcher: this, + path: [], + message: "Encoded JSON value does not match" + }); + } + return innerResult; + } +}; +var NotMatch = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + const matcher = Matcher.isMatcher(this.pattern) ? this.pattern : new LiteralMatch(this.name, this.pattern); + const innerResult = matcher.test(actual); + const result = new MatchResult(actual); + if (innerResult.failCount === 0) { + result.recordFailure({ + matcher: this, + path: [], + message: `Found unexpected match: ${JSON.stringify(actual, void 0, 2)}` + }); + } + return result; + } +}; +var AnyMatch = class extends Matcher { + constructor(name) { + super(); + this.name = name; + } + test(actual) { + const result = new MatchResult(actual); + if (actual == null) { + result.recordFailure({ + matcher: this, + path: [], + message: "Expected a value but found none" + }); + } + return result; + } +}; +var StringLikeRegexpMatch = class extends Matcher { + constructor(name, pattern) { + super(); + this.name = name; + this.pattern = pattern; + } + test(actual) { + const result = new MatchResult(actual); + const regex = new RegExp(this.pattern, "gm"); + if (typeof actual !== "string") { + result.recordFailure({ + matcher: this, + path: [], + message: `Expected a string, but got '${typeof actual}'` + }); + } + if (!regex.test(actual)) { + result.recordFailure({ + matcher: this, + path: [], + message: `String '${actual}' did not match pattern '${this.pattern}'` + }); + } + return result; + } +}; + +// lib/assertions/providers/lambda-handler/base.ts +var https = __toESM(require("https")); +var url = __toESM(require("url")); +var AWS = __toESM(require("aws-sdk")); +var CustomResourceHandler = class { + constructor(event, context) { + this.event = event; + this.context = context; + this.timedOut = false; + this.timeout = setTimeout(async () => { + await this.respond({ + status: "FAILED", + reason: "Lambda Function Timeout", + data: this.context.logStreamName + }); + this.timedOut = true; + }, context.getRemainingTimeInMillis() - 1200); + this.event = event; + this.physicalResourceId = extractPhysicalResourceId(event); + } + /** + * Handles executing the custom resource event. If `stateMachineArn` is present + * in the props then trigger the waiter statemachine + */ + async handle() { + try { + if ("stateMachineArn" in this.event.ResourceProperties) { + const req = { + stateMachineArn: this.event.ResourceProperties.stateMachineArn, + name: this.event.RequestId, + input: JSON.stringify(this.event) + }; + await this.startExecution(req); + return; + } else { + const response = await this.processEvent(this.event.ResourceProperties); + return response; + } + } catch (e) { + console.log(e); + throw e; + } finally { + clearTimeout(this.timeout); + } + } + /** + * Handle async requests from the waiter state machine + */ + async handleIsComplete() { + try { + const result = await this.processEvent(this.event.ResourceProperties); + return result; + } catch (e) { + console.log(e); + return; + } finally { + clearTimeout(this.timeout); + } + } + /** + * Start a step function state machine which will wait for the request + * to be successful. + */ + async startExecution(req) { + try { + const sfn = new AWS.StepFunctions(); + await sfn.startExecution(req).promise(); + } finally { + clearTimeout(this.timeout); + } + } + respond(response) { + if (this.timedOut) { + return; + } + const cfResponse = { + Status: response.status, + Reason: response.reason, + PhysicalResourceId: this.physicalResourceId, + StackId: this.event.StackId, + RequestId: this.event.RequestId, + LogicalResourceId: this.event.LogicalResourceId, + NoEcho: false, + Data: response.data + }; + const responseBody = JSON.stringify(cfResponse); + console.log("Responding to CloudFormation", responseBody); + const parsedUrl = url.parse(this.event.ResponseURL); + const requestOptions = { + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: "PUT", + headers: { "content-type": "", "content-length": responseBody.length } + }; + return new Promise((resolve, reject) => { + try { + const request2 = https.request(requestOptions, resolve); + request2.on("error", reject); + request2.write(responseBody); + request2.end(); + } catch (e) { + reject(e); + } finally { + clearTimeout(this.timeout); + } + }); + } +}; +function extractPhysicalResourceId(event) { + switch (event.RequestType) { + case "Create": + return event.LogicalResourceId; + case "Update": + case "Delete": + return event.PhysicalResourceId; + } +} + +// lib/assertions/providers/lambda-handler/assertion.ts +var AssertionHandler = class extends CustomResourceHandler { + async processEvent(request2) { + let actual = decodeCall(request2.actual); + const expected = decodeCall(request2.expected); + let result; + const matcher = new MatchCreator(expected).getMatcher(); + console.log(`Testing equality between ${JSON.stringify(request2.actual)} and ${JSON.stringify(request2.expected)}`); + const matchResult = matcher.test(actual); + matchResult.finished(); + if (matchResult.hasFailed()) { + result = { + failed: true, + assertion: JSON.stringify({ + status: "fail", + message: matchResult.renderMismatch() + }) + }; + if (request2.failDeployment) { + throw new Error(result.assertion); + } + } else { + result = { + assertion: JSON.stringify({ + status: "success" + }) + }; + } + return result; + } +}; +var MatchCreator = class { + constructor(obj) { + this.parsedObj = { + matcher: obj + }; + } + /** + * Return a Matcher that can be tested against the actual results. + * This will convert the encoded matchers into their corresponding + * assertions matcher. + * + * For example: + * + * ExpectedResult.objectLike({ + * Messages: [{ + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * }], + * }); + * + * Will be encoded as: + * { + * $ObjectLike: { + * Messages: [{ + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * }], + * }, + * } + * + * Which can then be parsed by this function. For each key (recursively) + * the parser will check if the value has one of the encoded matchers as a key + * and if so, it will set the value as the Matcher. So, + * + * { + * Body: { + * $ObjectLike: { + * Elements: { + * $ArrayWith: [{ Asdf: 3 }], + * }, + * Payload: { + * $SerializedJson: { key: 'value' } + * } + * }, + * }, + * } + * + * Will be converted to + * { + * Body: Match.objectLike({ + * Elements: Match.arrayWith([{ Asdf: 3 }]), + * Payload: Match.serializedJson({ key: 'value' }), + * }), + * } + */ + getMatcher() { + try { + const final = JSON.parse(JSON.stringify(this.parsedObj), function(_k, v) { + const nested = Object.keys(v)[0]; + switch (nested) { + case "$ArrayWith": + return Match.arrayWith(v[nested]); + case "$ObjectLike": + return Match.objectLike(v[nested]); + case "$StringLike": + return Match.stringLikeRegexp(v[nested]); + case "$SerializedJson": + return Match.serializedJson(v[nested]); + default: + return v; + } + }); + if (Matcher.isMatcher(final.matcher)) { + return final.matcher; + } + return Match.exact(final.matcher); + } catch { + return Match.exact(this.parsedObj.matcher); + } + } +}; +function decodeCall(call) { + if (!call) { + return void 0; + } + try { + const parsed = JSON.parse(call); + return parsed; + } catch (e) { + return call; + } +} + +// lib/assertions/providers/lambda-handler/utils.ts +function decode(object) { + return JSON.parse(JSON.stringify(object), (_k, v) => { + switch (v) { + case "TRUE:BOOLEAN": + return true; + case "FALSE:BOOLEAN": + return false; + default: + return v; + } + }); +} + +// lib/assertions/providers/lambda-handler/sdk.ts +function flatten(object) { + return Object.assign( + {}, + ...function _flatten(child, path = []) { + return [].concat(...Object.keys(child).map((key) => { + let childKey = Buffer.isBuffer(child[key]) ? child[key].toString("utf8") : child[key]; + if (typeof childKey === "string") { + childKey = isJsonString(childKey); + } + return typeof childKey === "object" && childKey !== null ? _flatten(childKey, path.concat([key])) : { [path.concat([key]).join(".")]: childKey }; + })); + }(object) + ); +} +var AwsApiCallHandler = class extends CustomResourceHandler { + async processEvent(request2) { + const AWS2 = require("aws-sdk"); + console.log(`AWS SDK VERSION: ${AWS2.VERSION}`); + if (!Object.prototype.hasOwnProperty.call(AWS2, request2.service)) { + throw Error(`Service ${request2.service} does not exist in AWS SDK version ${AWS2.VERSION}.`); + } + const service = new AWS2[request2.service](); + const response = await service[request2.api](request2.parameters && decode(request2.parameters)).promise(); + console.log(`SDK response received ${JSON.stringify(response)}`); + delete response.ResponseMetadata; + const respond = { + apiCallResponse: response + }; + const flatData = { + ...flatten(respond) + }; + let resp = respond; + if (request2.outputPaths) { + resp = filterKeys(flatData, request2.outputPaths); + } else if (request2.flattenResponse === "true") { + resp = flatData; + } + console.log(`Returning result ${JSON.stringify(resp)}`); + return resp; + } +}; +function filterKeys(object, searchStrings) { + return Object.entries(object).reduce((filteredObject, [key, value]) => { + for (const searchString of searchStrings) { + if (key.startsWith(`apiCallResponse.${searchString}`)) { + filteredObject[key] = value; + } + } + return filteredObject; + }, {}); +} +function isJsonString(value) { + try { + return JSON.parse(value); + } catch { + return value; + } +} + +// lib/assertions/providers/lambda-handler/types.ts +var ASSERT_RESOURCE_TYPE = "Custom::DeployAssert@AssertEquals"; +var SDK_RESOURCE_TYPE_PREFIX = "Custom::DeployAssert@SdkCall"; + +// lib/assertions/providers/lambda-handler/index.ts +async function handler(event, context) { + console.log(`Event: ${JSON.stringify({ ...event, ResponseURL: "..." })}`); + const provider = createResourceHandler(event, context); + try { + if (event.RequestType === "Delete") { + await provider.respond({ + status: "SUCCESS", + reason: "OK" + }); + return; + } + const result = await provider.handle(); + if ("stateMachineArn" in event.ResourceProperties) { + console.info('Found "stateMachineArn", waiter statemachine started'); + return; + } else if ("expected" in event.ResourceProperties) { + console.info('Found "expected", testing assertions'); + const actualPath = event.ResourceProperties.actualPath; + const actual = actualPath ? result[`apiCallResponse.${actualPath}`] : result.apiCallResponse; + const assertion = new AssertionHandler({ + ...event, + ResourceProperties: { + ServiceToken: event.ServiceToken, + actual, + expected: event.ResourceProperties.expected + } + }, context); + try { + const assertionResult = await assertion.handle(); + await provider.respond({ + status: "SUCCESS", + reason: "OK", + // return both the result of the API call _and_ the assertion results + data: { + ...assertionResult, + ...result + } + }); + return; + } catch (e) { + await provider.respond({ + status: "FAILED", + reason: e.message ?? "Internal Error" + }); + return; + } + } + await provider.respond({ + status: "SUCCESS", + reason: "OK", + data: result + }); + } catch (e) { + await provider.respond({ + status: "FAILED", + reason: e.message ?? "Internal Error" + }); + return; + } + return; +} +async function onTimeout(timeoutEvent) { + const isCompleteRequest = JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage); + const provider = createResourceHandler(isCompleteRequest, standardContext); + await provider.respond({ + status: "FAILED", + reason: "Operation timed out: " + JSON.stringify(isCompleteRequest) + }); +} +async function isComplete(event, context) { + console.log(`Event: ${JSON.stringify({ ...event, ResponseURL: "..." })}`); + const provider = createResourceHandler(event, context); + try { + const result = await provider.handleIsComplete(); + const actualPath = event.ResourceProperties.actualPath; + if (result) { + const actual = actualPath ? result[`apiCallResponse.${actualPath}`] : result.apiCallResponse; + if ("expected" in event.ResourceProperties) { + const assertion = new AssertionHandler({ + ...event, + ResourceProperties: { + ServiceToken: event.ServiceToken, + actual, + expected: event.ResourceProperties.expected + } + }, context); + const assertionResult = await assertion.handleIsComplete(); + if (!(assertionResult == null ? void 0 : assertionResult.failed)) { + await provider.respond({ + status: "SUCCESS", + reason: "OK", + data: { + ...assertionResult, + ...result + } + }); + return; + } else { + console.log(`Assertion Failed: ${JSON.stringify(assertionResult)}`); + throw new Error(JSON.stringify(event)); + } + } + await provider.respond({ + status: "SUCCESS", + reason: "OK", + data: result + }); + } else { + console.log("No result"); + throw new Error(JSON.stringify(event)); + } + return; + } catch (e) { + console.log(e); + throw new Error(JSON.stringify(event)); + } +} +function createResourceHandler(event, context) { + if (event.ResourceType.startsWith(SDK_RESOURCE_TYPE_PREFIX)) { + return new AwsApiCallHandler(event, context); + } else if (event.ResourceType.startsWith(ASSERT_RESOURCE_TYPE)) { + return new AssertionHandler(event, context); + } else { + throw new Error(`Unsupported resource type "${event.ResourceType}`); + } +} +var standardContext = { + getRemainingTimeInMillis: () => 9e4 +}; +// Annotate the CommonJS export names for ESM import in node: +0 && (module.exports = { + handler, + isComplete, + onTimeout +}); diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/cdk.out index 8ecc185e9dbee..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"21.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/integ.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/integ.json index 37dd1517a09fc..4516309b36851 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "testCases": { "SSMParameterStoreTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/manifest.json index b3dea0254e5ea..25ba4d8cba2d5 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "21.0.0", + "version": "30.1.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "sspms-creating.assets": { "type": "cdk:asset-manifest", "properties": { @@ -23,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/774681e523ca39cdb798d74ea486ac7874030c04a36debc6a623f24afe196859.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e66d9c468deb11a6edb4850fee05e856d6fef6c50e5ba763bdfbc3bb6d21cd72.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -160,7 +154,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ed82f3ce48345002448971161c8bd7594b2f548f56641b70afb2f4688e4c0aef.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c1201c40c53533a2b464021ee0d0d5d7a5bbfa71e6a9498a3e90fe8e46745a10.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -209,6 +203,12 @@ ] }, "displayName": "sspms-cleanup" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.assets.json index dd2d2b82e2cc2..948760a544bd0 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { - "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b": { + "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28": { "source": { - "path": "asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle", + "path": "asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip", + "objectKey": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "ed82f3ce48345002448971161c8bd7594b2f548f56641b70afb2f4688e4c0aef": { + "c1201c40c53533a2b464021ee0d0d5d7a5bbfa71e6a9498a3e90fe8e46745a10": { "source": { "path": "sspms-cleanup.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ed82f3ce48345002448971161c8bd7594b2f548f56641b70afb2f4688e4c0aef.json", + "objectKey": "c1201c40c53533a2b464021ee0d0d5d7a5bbfa71e6a9498a3e90fe8e46745a10.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.template.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.template.json index a2af3eeea9e3d..73cdbb183a469 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.template.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-cleanup.template.json @@ -15,7 +15,7 @@ "Name": "/My/Secret/Parameter" }, "flattenResponse": "false", - "salt": "1666616854742" + "salt": "1677705111898" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -69,7 +69,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip" + "S3Key": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip" }, "Timeout": 120, "Handler": "index.handler", diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.assets.json index 58c023eab8e3b..31639a1b4f194 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.assets.json @@ -1,20 +1,20 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { - "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b": { + "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28": { "source": { - "path": "asset.b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.bundle", + "path": "asset.1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.bundle", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip", + "objectKey": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "774681e523ca39cdb798d74ea486ac7874030c04a36debc6a623f24afe196859": { + "e66d9c468deb11a6edb4850fee05e856d6fef6c50e5ba763bdfbc3bb6d21cd72": { "source": { "path": "sspms-creating.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "774681e523ca39cdb798d74ea486ac7874030c04a36debc6a623f24afe196859.json", + "objectKey": "e66d9c468deb11a6edb4850fee05e856d6fef6c50e5ba763bdfbc3bb6d21cd72.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.template.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.template.json index 5300480f9984b..0529d02721822 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.template.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-creating.template.json @@ -25,7 +25,7 @@ "Value": "Abc123" }, "flattenResponse": "false", - "salt": "1666616854737" + "salt": "1677705111893" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -79,7 +79,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "b54b99043c35bd080b9d9d1afce31e3541cf15b679799ba980ed40c837dcb03b.zip" + "S3Key": "1f3c2cfb18e102edc713fe4c4b4d87572f4297ee4a5e80a5960adf526ee9ea28.zip" }, "Timeout": 120, "Handler": "index.handler", diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-using.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-using.assets.json index 5b3b30e94ddf0..b4b1027289319 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-using.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/sspms-using.assets.json @@ -1,5 +1,5 @@ { - "version": "21.0.0", + "version": "30.1.0", "files": { "f6e392d82be8514b35d4085f6ff4e3df808815b1cf4cc7a119cb67ace46e03b9": { "source": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/tree.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/tree.json index 89b9dbbcb8d05..f6ad39fb45a21 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.133" - } - }, "sspms-creating": { "id": "sspms-creating", "path": "sspms-creating", @@ -55,7 +47,7 @@ "path": "sspms-creating/SecureParam/SdkProvider/AssertionsProvider", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.133" + "version": "10.1.264" } } }, @@ -119,7 +111,23 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.133" + "version": "10.1.264" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "sspms-creating/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "sspms-creating/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" } } }, @@ -195,6 +203,22 @@ "fqn": "@aws-cdk/core.CfnResource", "version": "0.0.0" } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "sspms-using/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "sspms-using/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } } }, "constructInfo": { @@ -219,7 +243,7 @@ "path": "sspms-cleanup/AwsApiCallSSMdeleteParameter/SdkProvider/AssertionsProvider", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.133" + "version": "10.1.264" } } }, @@ -283,7 +307,23 @@ }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.133" + "version": "10.1.264" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "sspms-cleanup/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "sspms-cleanup/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" } } }, @@ -305,7 +345,7 @@ "path": "SSMParameterStoreTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.133" + "version": "10.1.264" } } }, @@ -319,6 +359,14 @@ "fqn": "@aws-cdk/integ-tests.IntegTest", "version": "0.0.0" } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.264" + } } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.ts b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.ts index 7386e9ff03fef..a345c3c761b01 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.ts +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter-store-string.ts @@ -98,5 +98,3 @@ const integTest = new integ.IntegTest(app, 'SSMParameterStoreTest', { integTest.assertions.awsApiCall('SSM', 'deleteParameter', { Name: SECURE_PARAM_NAME, }); - -app.synth(); diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/SSM-Parameter.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/SSM-Parameter.assets.json similarity index 96% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/SSM-Parameter.assets.json rename to packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/SSM-Parameter.assets.json index 5e8efc26c5d8e..5084653c99fbd 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/SSM-Parameter.assets.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/SSM-Parameter.assets.json @@ -1,5 +1,5 @@ { - "version": "20.0.0", + "version": "30.1.0", "files": { "22116adb80d8a58634b45b5916a99c2ef23e56479f377bb32f8b4f18dbae3aad": { "source": { diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/SSM-Parameter.template.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/SSM-Parameter.template.json similarity index 100% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/SSM-Parameter.template.json rename to packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/SSM-Parameter.template.json diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdk.out new file mode 100644 index 0000000000000..b72fef144f05c --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets.json new file mode 100644 index 0000000000000..f35a9d3747dc7 --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/integ.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/integ.json new file mode 100644 index 0000000000000..f9dbe6b59729b --- /dev/null +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "30.1.0", + "testCases": { + "cdk-integ-ssm-parameter/DefaultTest": { + "stacks": [ + "SSM-Parameter" + ], + "assertionStack": "cdk-integ-ssm-parameter/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegssmparameterDefaultTestDeployAssert8D247A87" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/manifest.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/manifest.json similarity index 57% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/manifest.json rename to packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/manifest.json index 0f8354281923f..31a6b259ead0c 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "20.0.0", + "version": "30.1.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "SSM-Parameter.assets": { "type": "cdk:asset-manifest", "properties": { @@ -89,6 +83,59 @@ ] }, "displayName": "SSM-Parameter" + }, + "cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegssmparameterDefaultTestDeployAssert8D247A87": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegssmparameterDefaultTestDeployAssert8D247A87.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegssmparameterDefaultTestDeployAssert8D247A87.assets" + ], + "metadata": { + "/cdk-integ-ssm-parameter/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-ssm-parameter/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-ssm-parameter/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/tree.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/tree.json similarity index 69% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/tree.json rename to packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/tree.json index 4ccbfdde520d6..2b95bc53da505 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" - } - }, "SSM-Parameter": { "id": "SSM-Parameter", "path": "SSM-Parameter", @@ -20,6 +12,14 @@ "id": "UserRole", "path": "SSM-Parameter/UserRole", "children": { + "ImportUserRole": { + "id": "ImportUserRole", + "path": "SSM-Parameter/UserRole/ImportUserRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", "path": "SSM-Parameter/UserRole/Resource", @@ -186,28 +186,106 @@ "id": "StringListOutput", "path": "SSM-Parameter/StringListOutput", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" } }, "ParamArn": { "id": "ParamArn", "path": "SSM-Parameter/ParamArn", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "SSM-Parameter/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "SSM-Parameter/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-ssm-parameter": { + "id": "cdk-integ-ssm-parameter", + "path": "cdk-integ-ssm-parameter", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-ssm-parameter/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-ssm-parameter/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.264" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-ssm-parameter/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-ssm-parameter/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-ssm-parameter/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" } } }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.1.264" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/cdk.out b/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/cdk.out deleted file mode 100644 index 588d7b269d34f..0000000000000 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"20.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/integ.json b/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/integ.json deleted file mode 100644 index 8a8bfa258d831..0000000000000 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.js.snapshot/integ.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "version": "20.0.0", - "testCases": { - "integ.parameter.lit": { - "stacks": [ - "SSM-Parameter" - ], - "diffAssets": false, - "stackUpdateWorkflow": true - } - }, - "synthContext": {}, - "enableLookups": false -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.ts b/packages/@aws-cdk/aws-ssm/test/integ.parameter.ts similarity index 67% rename from packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.ts rename to packages/@aws-cdk/aws-ssm/test/integ.parameter.ts index 211d7b8e77daf..db8315792696b 100644 --- a/packages/@aws-cdk/aws-ssm/test/integ.parameter.lit.ts +++ b/packages/@aws-cdk/aws-ssm/test/integ.parameter.ts @@ -1,5 +1,6 @@ import * as iam from '@aws-cdk/aws-iam'; import * as cdk from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; import * as ssm from '../lib'; const app = new cdk.App(); @@ -9,26 +10,15 @@ const role = new iam.Role(stack, 'UserRole', { assumedBy: new iam.AccountRootPrincipal(), }); -/// !show -// Create a new SSM Parameter holding a String const param = new ssm.StringParameter(stack, 'StringParameter', { - // description: 'Some user-friendly description', - // name: 'ParameterName', stringValue: 'Initial parameter value', - // allowedPattern: '.*', }); -// Grant read access to some Role param.grantRead(role); -// Create a new SSM Parameter holding a StringList const listParameter = new ssm.StringListParameter(stack, 'StringListParameter', { - // description: 'Some user-friendly description', - // name: 'ParameterName', stringListValue: ['Initial parameter value A', 'Initial parameter value B'], - // allowedPattern: '.*', }); -/// !hide new cdk.CfnOutput(stack, 'StringListOutput', { value: cdk.Fn.join('+', listParameter.stringListValue), @@ -38,4 +28,6 @@ new cdk.CfnOutput(stack, 'ParamArn', { value: param.parameterArn, }); -app.synth(); +new IntegTest(app, 'cdk-integ-ssm-parameter', { + testCases: [stack], +}); diff --git a/packages/@aws-cdk/cli-lib/THIRD_PARTY_LICENSES b/packages/@aws-cdk/cli-lib/THIRD_PARTY_LICENSES index 1f2953d2f4c71..985d70ffb6f69 100644 --- a/packages/@aws-cdk/cli-lib/THIRD_PARTY_LICENSES +++ b/packages/@aws-cdk/cli-lib/THIRD_PARTY_LICENSES @@ -1,6 +1,6 @@ The @aws-cdk/cli-lib package includes the following third-party software/licensing: -** @jsii/check-node@1.75.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.75.0 | Apache-2.0 +** @jsii/check-node@1.76.0 - https://www.npmjs.com/package/@jsii/check-node/v/1.76.0 | Apache-2.0 jsii Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -268,7 +268,7 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE ---------------- -** aws-sdk@2.1317.0 - https://www.npmjs.com/package/aws-sdk/v/2.1317.0 | Apache-2.0 +** aws-sdk@2.1325.0 - https://www.npmjs.com/package/aws-sdk/v/2.1325.0 | Apache-2.0 AWS SDK for JavaScript Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -2475,7 +2475,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ---------------- -** raw-body@2.5.1 - https://www.npmjs.com/package/raw-body/v/2.5.1 | MIT +** raw-body@2.5.2 - https://www.npmjs.com/package/raw-body/v/2.5.2 | MIT The MIT License (MIT) Copyright (c) 2013-2014 Jonathan Ong @@ -2545,7 +2545,7 @@ IN THE SOFTWARE. ---------------- -** readable-stream@2.3.7 - https://www.npmjs.com/package/readable-stream/v/2.3.7 | MIT +** readable-stream@2.3.8 - https://www.npmjs.com/package/readable-stream/v/2.3.8 | MIT Node.js is licensed for use as follows: """ @@ -2597,7 +2597,7 @@ IN THE SOFTWARE. ---------------- -** readable-stream@3.6.0 - https://www.npmjs.com/package/readable-stream/v/3.6.0 | MIT +** readable-stream@3.6.1 - https://www.npmjs.com/package/readable-stream/v/3.6.1 | MIT Node.js is licensed for use as follows: """ From 45195b6f2e5162eaa795d3a412d89dd09680aa8b Mon Sep 17 00:00:00 2001 From: Roger Chi Date: Fri, 3 Mar 2023 14:14:53 -0500 Subject: [PATCH 09/15] fix(apprunner-alpha): env vars and secrets can't solely be added via .add*() methods (#24346) This fixes the logic for rendering environment variables and environment secrets for the `apprunner-alpha` module. Previously, `.addEnvironmentVariable()` and `.addSecret()` were being ignored if there were not already "seed" values in the input props. Closes #24345. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-apprunner/lib/service.ts | 62 ++-- ...efaultTestDeployAssert07867A67.assets.json | 19 ++ ...aultTestDeployAssert07867A67.template.json | 36 +++ .../cdk.out | 1 + ...prunner-later-secrets-env-vars.assets.json | 19 ++ ...unner-later-secrets-env-vars.template.json | 157 ++++++++++ .../integ.json | 12 + .../manifest.json | 135 ++++++++ .../tree.json | 288 ++++++++++++++++++ .../integ.service-later-secrets-env-vars.ts | 36 +++ .../aws-apprunner/test/service.test.ts | 137 +++++++++ 11 files changed, 865 insertions(+), 37 deletions(-) create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.ts diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index 4ab5553ad0442..7cabd377c2574 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -4,6 +4,7 @@ import * as iam from '@aws-cdk/aws-iam'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; import * as ssm from '@aws-cdk/aws-ssm'; import * as cdk from '@aws-cdk/core'; +import { Lazy } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnService } from './apprunner.generated'; import { IVpcConnector } from './vpc-connector'; @@ -924,16 +925,6 @@ export class Service extends cdk.Resource { */ readonly environment: { [key: string]: string } = {}; - /** - * Environment variables for this service. - */ - private environmentVariables: { [key: string]: string } = {}; - - /** - * Environment secrets for this service. - */ - private environmentSecrets: { [key: string]: Secret; } = {}; - /** * Environment secrets for this service. */ @@ -981,17 +972,22 @@ export class Service extends cdk.Resource { this.source = source; this.props = props; - this.environmentVariables = this.getEnvironmentVariables(); - this.environmentSecrets = this.getEnvironmentSecrets(); + this.instanceRole = this.props.instanceRole; + + const environmentVariables = this.getEnvironmentVariables(); + const environmentSecrets = this.getEnvironmentSecrets(); + + for (const [key, value] of Object.entries(environmentVariables)) { + this.addEnvironmentVariable(key, value); + } + for (const [key, value] of Object.entries(environmentSecrets)) { + this.addSecret(key, value); + } // generate an IAM role only when ImageRepositoryType is ECR and props.accessRole is undefined this.accessRole = (this.source.imageRepository?.imageRepositoryType == ImageRepositoryType.ECR) ? this.props.accessRole ?? this.generateDefaultRole() : undefined; - // generalte an IAM role only when environmentSecrets has values and props.instanceRole is undefined - this.instanceRole = (Object.keys(this.environmentSecrets).length > 0 && !this.props.instanceRole) ? - this.createInstanceRole() : this.props.instanceRole; - if (this.source.codeRepository?.codeConfiguration.configurationSource == ConfigurationSourceType.REPOSITORY && this.source.codeRepository?.codeConfiguration.configurationValues) { throw new Error('configurationValues cannot be provided if the ConfigurationSource is Repository'); @@ -1001,7 +997,7 @@ export class Service extends cdk.Resource { instanceConfiguration: { cpu: this.props.cpu?.unit, memory: this.props.memory?.unit, - instanceRoleArn: this.instanceRole?.roleArn, + instanceRoleArn: Lazy.string({ produce: () => this.instanceRole?.roleArn }), }, sourceConfiguration: { authenticationConfiguration: this.renderAuthenticationConfiguration(), @@ -1036,6 +1032,9 @@ export class Service extends cdk.Resource { * This method adds an environment variable to the App Runner service. */ public addEnvironmentVariable(name: string, value: string) { + if (name.startsWith('AWSAPPRUNNER')) { + throw new Error(`Environment variable key ${name} with a prefix of AWSAPPRUNNER is not allowed`); + } this.variables.push({ name: name, value: value }); } @@ -1043,6 +1042,9 @@ export class Service extends cdk.Resource { * This method adds a secret as environment variable to the App Runner service. */ public addSecret(name: string, secret: Secret) { + if (name.startsWith('AWSAPPRUNNER')) { + throw new Error(`Environment secret key ${name} with a prefix of AWSAPPRUNNER is not allowed`); + } if (!this.instanceRole) { this.instanceRole = this.createInstanceRole(); } @@ -1130,20 +1132,14 @@ export class Service extends cdk.Resource { port: props.port, buildCommand: props.buildCommand, runtime: props.runtime.name, - runtimeEnvironmentVariables: this.renderEnvironmentVariables(), - runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), + runtimeEnvironmentVariables: Lazy.any({ produce: () => this.renderEnvironmentVariables() }), + runtimeEnvironmentSecrets: Lazy.any({ produce: () => this.renderEnvironmentSecrets() }), startCommand: props.startCommand, }; } private renderEnvironmentVariables(): EnvironmentVariable[] | undefined { - if (Object.keys(this.environmentVariables).length > 0) { - for (const [key, value] of Object.entries(this.environmentVariables)) { - if (key.startsWith('AWSAPPRUNNER')) { - throw new Error(`Environment variable key ${key} with a prefix of AWSAPPRUNNER is not allowed`); - } - this.variables.push({ name: key, value: value }); - } + if (this.variables.length > 0) { return this.variables; } else { return undefined; @@ -1151,15 +1147,7 @@ export class Service extends cdk.Resource { } private renderEnvironmentSecrets(): EnvironmentSecret[] | undefined { - if (Object.keys(this.environmentSecrets).length > 0 && this.instanceRole) { - for (const [key, value] of Object.entries(this.environmentSecrets)) { - if (key.startsWith('AWSAPPRUNNER')) { - throw new Error(`Environment secret key ${key} with a prefix of AWSAPPRUNNER is not allowed`); - } - - value.grantRead(this.instanceRole); - this.secrets.push({ name: key, value: value.arn }); - } + if (this.secrets.length > 0 && this.instanceRole) { return this.secrets; } else { return undefined; @@ -1171,8 +1159,8 @@ export class Service extends cdk.Resource { imageConfiguration: { port: repo.imageConfiguration?.port?.toString(), startCommand: repo.imageConfiguration?.startCommand, - runtimeEnvironmentVariables: this.renderEnvironmentVariables(), - runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), + runtimeEnvironmentVariables: Lazy.any({ produce: () => this.renderEnvironmentVariables() }), + runtimeEnvironmentSecrets: Lazy.any({ produce: () => this.renderEnvironmentSecrets() }), }, }); } diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets.json new file mode 100644 index 0000000000000..12219ed3e9ba6 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/cdk.out new file mode 100644 index 0000000000000..b72fef144f05c --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.assets.json new file mode 100644 index 0000000000000..94ab415cc5959 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.assets.json @@ -0,0 +1,19 @@ +{ + "version": "30.1.0", + "files": { + "7cbdc4561bb7693ec11f95d96ee8a14d99732d386c66f27cb36e08a108d4ef30": { + "source": { + "path": "integ-apprunner-later-secrets-env-vars.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "7cbdc4561bb7693ec11f95d96ee8a14d99732d386c66f27cb36e08a108d4ef30.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.template.json new file mode 100644 index 0000000000000..b9d9c032d5622 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ-apprunner-later-secrets-env-vars.template.json @@ -0,0 +1,157 @@ +{ + "Resources": { + "LaterSecretF6C54C5B": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": "{\"password\":\"mySecretPassword\",\"apikey\":\"mySecretApiKey\"}" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "Service9DECC815E": { + "Type": "AWS::AppRunner::Service", + "Properties": { + "SourceConfiguration": { + "AuthenticationConfiguration": {}, + "ImageRepository": { + "ImageConfiguration": { + "Port": "8000", + "RuntimeEnvironmentSecrets": [ + { + "Name": "LATER_SECRET", + "Value": { + "Fn::Join": [ + "", + [ + { + "Ref": "LaterSecretF6C54C5B" + }, + ":apikey::" + ] + ] + } + } + ], + "RuntimeEnvironmentVariables": [ + { + "Name": "LATER_ENVVAR", + "Value": "testNewEnvVar" + } + ] + }, + "ImageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "ImageRepositoryType": "ECR_PUBLIC" + } + }, + "InstanceConfiguration": { + "InstanceRoleArn": { + "Fn::GetAtt": [ + "Service9InstanceRole8BD2CEE0", + "Arn" + ] + } + }, + "NetworkConfiguration": { + "EgressConfiguration": { + "EgressType": "DEFAULT" + } + } + } + }, + "Service9InstanceRole8BD2CEE0": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "Service9InstanceRoleDefaultPolicy85BF9E64": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "LaterSecretF6C54C5B" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "Service9InstanceRoleDefaultPolicy85BF9E64", + "Roles": [ + { + "Ref": "Service9InstanceRole8BD2CEE0" + } + ] + } + } + }, + "Outputs": { + "URL9": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Fn::GetAtt": [ + "Service9DECC815E", + "ServiceUrl" + ] + } + ] + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ.json new file mode 100644 index 0000000000000..6bb968cb25c63 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "30.1.0", + "testCases": { + "AppRunnerLaterSecretsEnvVars/DefaultTest": { + "stacks": [ + "integ-apprunner-later-secrets-env-vars" + ], + "assertionStack": "AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert", + "assertionStackName": "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/manifest.json new file mode 100644 index 0000000000000..26532fdc82343 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/manifest.json @@ -0,0 +1,135 @@ +{ + "version": "30.1.0", + "artifacts": { + "integ-apprunner-later-secrets-env-vars.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-apprunner-later-secrets-env-vars.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-apprunner-later-secrets-env-vars": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-apprunner-later-secrets-env-vars.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7cbdc4561bb7693ec11f95d96ee8a14d99732d386c66f27cb36e08a108d4ef30.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-apprunner-later-secrets-env-vars.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-apprunner-later-secrets-env-vars.assets" + ], + "metadata": { + "/integ-apprunner-later-secrets-env-vars/LaterSecret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LaterSecretF6C54C5B" + } + ], + "/integ-apprunner-later-secrets-env-vars/Service9/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service9DECC815E" + } + ], + "/integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service9InstanceRole8BD2CEE0" + } + ], + "/integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service9InstanceRoleDefaultPolicy85BF9E64" + } + ], + "/integ-apprunner-later-secrets-env-vars/URL9": [ + { + "type": "aws:cdk:logicalId", + "data": "URL9" + } + ], + "/integ-apprunner-later-secrets-env-vars/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-apprunner-later-secrets-env-vars/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-apprunner-later-secrets-env-vars" + }, + "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "AppRunnerLaterSecretsEnvVarsDefaultTestDeployAssert07867A67.assets" + ], + "metadata": { + "/AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/tree.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/tree.json new file mode 100644 index 0000000000000..56bafbed7e5e2 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.js.snapshot/tree.json @@ -0,0 +1,288 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "integ-apprunner-later-secrets-env-vars": { + "id": "integ-apprunner-later-secrets-env-vars", + "path": "integ-apprunner-later-secrets-env-vars", + "children": { + "LaterSecret": { + "id": "LaterSecret", + "path": "integ-apprunner-later-secrets-env-vars/LaterSecret", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-later-secrets-env-vars/LaterSecret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": "{\"password\":\"mySecretPassword\",\"apikey\":\"mySecretApiKey\"}" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + }, + "Service9": { + "id": "Service9", + "path": "integ-apprunner-later-secrets-env-vars/Service9", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-later-secrets-env-vars/Service9/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppRunner::Service", + "aws:cdk:cloudformation:props": { + "sourceConfiguration": { + "authenticationConfiguration": {}, + "imageRepository": { + "imageConfiguration": { + "port": "8000", + "runtimeEnvironmentVariables": [ + { + "name": "LATER_ENVVAR", + "value": "testNewEnvVar" + } + ], + "runtimeEnvironmentSecrets": [ + { + "name": "LATER_SECRET", + "value": { + "Fn::Join": [ + "", + [ + { + "Ref": "LaterSecretF6C54C5B" + }, + ":apikey::" + ] + ] + } + } + ] + }, + "imageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "imageRepositoryType": "ECR_PUBLIC" + } + }, + "instanceConfiguration": { + "instanceRoleArn": { + "Fn::GetAtt": [ + "Service9InstanceRole8BD2CEE0", + "Arn" + ] + } + }, + "networkConfiguration": { + "egressConfiguration": { + "egressType": "DEFAULT" + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.CfnService", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "integ-apprunner-later-secrets-env-vars/Service9/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-later-secrets-env-vars/Service9/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "LaterSecretF6C54C5B" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "Service9InstanceRoleDefaultPolicy85BF9E64", + "roles": [ + { + "Ref": "Service9InstanceRole8BD2CEE0" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.Service", + "version": "0.0.0" + } + }, + "URL9": { + "id": "URL9", + "path": "integ-apprunner-later-secrets-env-vars/URL9", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-apprunner-later-secrets-env-vars/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-apprunner-later-secrets-env-vars/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "AppRunnerLaterSecretsEnvVars": { + "id": "AppRunnerLaterSecretsEnvVars", + "path": "AppRunnerLaterSecretsEnvVars", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "AppRunnerLaterSecretsEnvVars/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "AppRunnerLaterSecretsEnvVars/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.252" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "AppRunnerLaterSecretsEnvVars/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.252" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.ts b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.ts new file mode 100644 index 0000000000000..163ea13282811 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-later-secrets-env-vars.ts @@ -0,0 +1,36 @@ +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as cdk from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import * as apprunner from '../lib'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'integ-apprunner-later-secrets-env-vars'); + +// Scenario 9: Create the service from ECR public with secrets and environment vars added later +const laterSecret = new secretsmanager.Secret(stack, 'LaterSecret', { + secretObjectValue: { + password: cdk.SecretValue.unsafePlainText('mySecretPassword'), + apikey: cdk.SecretValue.unsafePlainText('mySecretApiKey'), + }, +}); + +const service9 = new apprunner.Service(stack, 'Service9', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + port: 8000, + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), +}); + +service9.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(laterSecret, 'apikey')); +service9.addEnvironmentVariable('LATER_ENVVAR', 'testNewEnvVar'); + +new cdk.CfnOutput(stack, 'URL9', { value: `https://${service9.serviceUrl}` }); + +new integ.IntegTest(app, 'AppRunnerLaterSecretsEnvVars', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/service.test.ts b/packages/@aws-cdk/aws-apprunner/test/service.test.ts index a5e4604278194..914fdd81f1745 100644 --- a/packages/@aws-cdk/aws-apprunner/test/service.test.ts +++ b/packages/@aws-cdk/aws-apprunner/test/service.test.ts @@ -391,6 +391,109 @@ test('custom environment secrets and start commands are allowed for imageConfigu }); }); +test('custom environment variables can be added with .addEnvironmentVariable() without first defining them in props', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + startCommand: '/root/start-command.sh', + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + + // WHEN + service.addEnvironmentVariable('TEST_ENVIRONMENT_VARIABLE', 'test environment variable value'); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { + SourceConfiguration: { + AuthenticationConfiguration: {}, + ImageRepository: { + ImageConfiguration: { + RuntimeEnvironmentVariables: [ + { + Name: 'TEST_ENVIRONMENT_VARIABLE', + Value: 'test environment variable value', + }, + ], + StartCommand: '/root/start-command.sh', + }, + ImageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + ImageRepositoryType: 'ECR_PUBLIC', + }, + }, + NetworkConfiguration: { + EgressConfiguration: { + EgressType: 'DEFAULT', + }, + }, + }); +}); + +test('custom environment secrets can be added with .addSecret() without first defining them in props', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + const secret = new secretsmanager.Secret(stack, 'Secret'); + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + startCommand: '/root/start-command.sh', + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + + // WHEN + service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field')); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { + SourceConfiguration: { + AuthenticationConfiguration: {}, + ImageRepository: { + ImageConfiguration: { + RuntimeEnvironmentSecrets: [ + { + Name: 'LATER_SECRET', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + ':field::', + ], + ], + }, + }, + ], + StartCommand: '/root/start-command.sh', + }, + ImageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + ImageRepositoryType: 'ECR_PUBLIC', + }, + }, + NetworkConfiguration: { + EgressConfiguration: { + EgressType: 'DEFAULT', + }, + }, + InstanceConfiguration: { + InstanceRoleArn: { + 'Fn::GetAtt': [ + 'DemoServiceInstanceRoleFCED1725', + 'Arn', + ], + }, + }, + }); +}); + test('create a service from existing ECR repository(image repository type: ECR)', () => { // GIVEN const app = new cdk.App(); @@ -871,6 +974,22 @@ test('environment variable with a prefix of AWSAPPRUNNER should throw an error', }).toThrow('Environment variable key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); }); +test('environment variable with a prefix of AWSAPPRUNNER added later should throw an error', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + // WHEN + // we should have the service + expect(() => { + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + service.addEnvironmentVariable('AWSAPPRUNNER_FOO', 'BAR'); + }).toThrow('Environment variable key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); +}); + test('environment secrets with a prefix of AWSAPPRUNNER should throw an error', () => { // GIVEN const app = new cdk.App(); @@ -893,6 +1012,24 @@ test('environment secrets with a prefix of AWSAPPRUNNER should throw an error', }).toThrow('Environment secret key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); }); +test('environment secrets with a prefix of AWSAPPRUNNER added later should throw an error', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + const secret = new secretsmanager.Secret(stack, 'Secret'); + + // WHEN + // we should have the service + expect(() => { + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + service.addSecret('AWSAPPRUNNER_FOO', apprunner.Secret.fromSecretsManager(secret)); + }).toThrow('Environment secret key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); +}); + test('specifying a vpcConnector should assign the service to it and set the egressType to VPC', () => { // GIVEN const app = new cdk.App(); From dd1c7e6ff86ca6315e2d827de00594a807300567 Mon Sep 17 00:00:00 2001 From: bun <73948280+bun913@users.noreply.github.com> Date: Sat, 4 Mar 2023 04:55:46 +0900 Subject: [PATCH 10/15] refactor(apigateway): divide setupPermissions methods to small functions (#24340) Closes #24339 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-apigateway/lib/authorizers/lambda.ts | 41 +++++++++++++------ packages/@aws-cdk/aws-iam/lib/role.ts | 15 +++++++ packages/@aws-cdk/aws-iam/test/role.test.ts | 30 ++++++++++++++ 3 files changed, 73 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts b/packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts index 545e5440ef34b..8315f5c54db13 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/authorizers/lambda.ts @@ -7,6 +7,7 @@ import { CfnAuthorizer, CfnAuthorizerProps } from '../apigateway.generated'; import { Authorizer, IAuthorizer } from '../authorizer'; import { IRestApi } from '../restapi'; + /** * Base properties for all lambda authorizers */ @@ -122,22 +123,36 @@ abstract class LambdaAuthorizer extends Authorizer implements IAuthorizer { */ protected setupPermissions() { if (!this.role) { - this.handler.addPermission(`${Names.uniqueId(this)}:Permissions`, { - principal: new iam.ServicePrincipal('apigateway.amazonaws.com'), - sourceArn: this.authorizerArn, - }); - } else if (this.role instanceof iam.Role) { // i.e. not imported - this.role.attachInlinePolicy(new iam.Policy(this, 'authorizerInvokePolicy', { - statements: [ - new iam.PolicyStatement({ - resources: this.handler.resourceArnsForGrantInvoke, - actions: ['lambda:InvokeFunction'], - }), - ], - })); + this.addDefaultPermisionRole(); + } else if (iam.Role.isRole(this.role)) { + this.addLambdaInvokePermission(this.role); } } + /** + * Add Default Permission Role for handler + */ + private addDefaultPermisionRole() :void { + this.handler.addPermission(`${Names.uniqueId(this)}:Permissions`, { + principal: new iam.ServicePrincipal('apigateway.amazonaws.com'), + sourceArn: this.authorizerArn, + }); + } + + /** + * Add Lambda Invoke Permission for LambdaAurhorizer's role + */ + private addLambdaInvokePermission(role: iam.Role) :void { + role.attachInlinePolicy(new iam.Policy(this, 'authorizerInvokePolicy', { + statements: [ + new iam.PolicyStatement({ + resources: this.handler.resourceArnsForGrantInvoke, + actions: ['lambda:InvokeFunction'], + }), + ], + })); + } + /** * Returns a token that resolves to the Rest Api Id at the time of synthesis. * Throws an error, during token resolution, if no RestApi is attached to this authorizer. diff --git a/packages/@aws-cdk/aws-iam/lib/role.ts b/packages/@aws-cdk/aws-iam/lib/role.ts index 1b10eb330002e..26810da203014 100644 --- a/packages/@aws-cdk/aws-iam/lib/role.ts +++ b/packages/@aws-cdk/aws-iam/lib/role.ts @@ -18,6 +18,7 @@ import { AttachedPolicies, UniqueStringSet } from './private/util'; const MAX_INLINE_SIZE = 10000; const MAX_MANAGEDPOL_SIZE = 6000; +const IAM_ROLE_SYMBOL = Symbol.for('@aws-cdk/packages/aws-iam/lib/role.Role'); /** * Properties for defining an IAM Role @@ -297,6 +298,14 @@ export class Role extends Resource implements IRole { : new ImmutableRole(scope, id, importedRole, options.addGrantsToResources ?? false); } + /** + * Return whether the given object is a Role + */ + public static isRole(x: any) : x is Role { + return x !== null && typeof(x) === 'object' && IAM_ROLE_SYMBOL in x; + } + + /** * Import an external role by name. * @@ -776,3 +785,9 @@ export interface WithoutPolicyUpdatesOptions { */ readonly addGrantsToResources?: boolean; } + +Object.defineProperty(Role.prototype, IAM_ROLE_SYMBOL, { + value: true, + enumerable: false, + writable: false, +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iam/test/role.test.ts b/packages/@aws-cdk/aws-iam/test/role.test.ts index 85e1ee38e6fdb..e2e8ce720aad8 100644 --- a/packages/@aws-cdk/aws-iam/test/role.test.ts +++ b/packages/@aws-cdk/aws-iam/test/role.test.ts @@ -4,6 +4,36 @@ import { Duration, Stack, App, CfnResource, RemovalPolicy, Lazy, Stage, DefaultS import { Construct } from 'constructs'; import { AnyPrincipal, ArnPrincipal, CompositePrincipal, FederatedPrincipal, ManagedPolicy, PolicyStatement, Role, ServicePrincipal, User, Policy, PolicyDocument, Effect } from '../lib'; +describe('isRole() returns', () => { + test('true if given Role instance', () => { + // GIVEN + const app = new App(); + const stack = new Stack(app, 'MyStack'); + // WHEN + const pureRole = new Role(stack, 'Role', { + assumedBy: new ServicePrincipal('sns.amazonaws.com'), + }); + + // THEN + expect(Role.isRole(pureRole)).toBe(true); + }); + + test('false if given imported role instance', () => { + // GIVEN + const app = new App(); + const stack = new Stack(app, 'MyStack'); + // WHEN + const importedRole = Role.fromRoleName(stack, 'ImportedRole', 'ImportedRole'); + // THEN + expect(Role.isRole(importedRole)).toBe(false); + }); + + test('false if given undefined', () => { + // THEN + expect(Role.isRole(undefined)).toBe(false); + }); +}); + describe('customizeRoles', () => { test('throws if precreatedRoles is not used', () => { // GIVEN From e8e5cdc8c15711d7d7fef4d87c0fa9d1b1e6e2b9 Mon Sep 17 00:00:00 2001 From: Cory Hall <43035978+corymhall@users.noreply.github.com> Date: Fri, 3 Mar 2023 15:38:24 -0500 Subject: [PATCH 11/15] chore: refactoring files to work with repo restructure (#24446) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../integ.request-authorizer.lit.ts | 4 +--- .../@aws-cdk/aws-docdb/test/integ.cluster.ts | 3 +-- .../aws-iam/test/integ.managed-policy.ts | 3 +-- .../@aws-cdk/aws-iam/test/integ.policy.ts | 3 +-- .../aws-rds/test/snapshot-handler/index.ts | 6 ++--- .../test/emrcontainers/integ.start-job-run.ts | 3 +-- .../sagemaker/integ.create-training-job.ts | 3 +-- .../test/integ.pipeline-without-prepare.ts | 23 ++++++++++++++++++- 8 files changed, 31 insertions(+), 17 deletions(-) diff --git a/packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.lit.ts b/packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.lit.ts index 169355dad134f..8d629a76aa98f 100644 --- a/packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.lit.ts +++ b/packages/@aws-cdk/aws-apigateway/test/authorizers/integ.request-authorizer.lit.ts @@ -1,9 +1,7 @@ import * as path from 'path'; import * as lambda from '@aws-cdk/aws-lambda'; import { App, Stack } from '@aws-cdk/core'; -import { MockIntegration, PassthroughBehavior, RestApi } from '../../lib'; -import { RequestAuthorizer } from '../../lib/authorizers'; -import { IdentitySource } from '../../lib/authorizers/identity-source'; +import { MockIntegration, PassthroughBehavior, RestApi, RequestAuthorizer, IdentitySource } from '../../lib'; // Against the RestApi endpoint from the stack output, run // `curl -s -o /dev/null -w "%{http_code}" ` should return 401 diff --git a/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts b/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts index cf485ab440c6d..1922febe59a98 100644 --- a/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts +++ b/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts @@ -2,8 +2,7 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as kms from '@aws-cdk/aws-kms'; import * as cdk from '@aws-cdk/core'; import * as constructs from 'constructs'; -import { DatabaseCluster } from '../lib'; -import { ClusterParameterGroup } from '../lib/parameter-group'; +import { DatabaseCluster, ClusterParameterGroup } from '../lib'; /* * Stack verification steps: diff --git a/packages/@aws-cdk/aws-iam/test/integ.managed-policy.ts b/packages/@aws-cdk/aws-iam/test/integ.managed-policy.ts index 26496c79e4b38..4bbc7372e1285 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.managed-policy.ts +++ b/packages/@aws-cdk/aws-iam/test/integ.managed-policy.ts @@ -1,7 +1,6 @@ import { App, Stack } from '@aws-cdk/core'; import { IntegTest } from '@aws-cdk/integ-tests'; -import { AccountRootPrincipal, Grant, ManagedPolicy, PolicyStatement, Role } from '../lib'; -import { User } from '../lib/user'; +import { AccountRootPrincipal, Grant, ManagedPolicy, PolicyStatement, Role, User } from '../lib'; const app = new App(); diff --git a/packages/@aws-cdk/aws-iam/test/integ.policy.ts b/packages/@aws-cdk/aws-iam/test/integ.policy.ts index 058390178413d..2ad98cb2ed931 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.policy.ts +++ b/packages/@aws-cdk/aws-iam/test/integ.policy.ts @@ -1,7 +1,6 @@ import { App, Stack } from '@aws-cdk/core'; import { IntegTest } from '@aws-cdk/integ-tests'; -import { AccountRootPrincipal, Grant, Policy, PolicyStatement, Role } from '../lib'; -import { User } from '../lib/user'; +import { AccountRootPrincipal, Grant, Policy, PolicyStatement, Role, User } from '../lib'; const app = new App(); diff --git a/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts b/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts index 6d5a3c23336cd..4f3d9e7a26b65 100644 --- a/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts +++ b/packages/@aws-cdk/aws-rds/test/snapshot-handler/index.ts @@ -1,8 +1,8 @@ /* eslint-disable no-console */ -import type { IsCompleteRequest, IsCompleteResponse, OnEventRequest, OnEventResponse } from '@aws-cdk/custom-resources/lib/provider-framework/types'; +import * as AWSCDKAsyncCustomResource from '@aws-cdk/custom-resources/lib/provider-framework/types'; import { RDS } from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies -export async function onEventHandler(event: OnEventRequest): Promise { +export async function onEventHandler(event: AWSCDKAsyncCustomResource.OnEventRequest): Promise { console.log('Event: %j', event); const rds = new RDS(); @@ -33,7 +33,7 @@ export async function onEventHandler(event: OnEventRequest): Promise { +export async function isCompleteHandler(event: AWSCDKAsyncCustomResource.IsCompleteRequest): Promise { console.log('Event: %j', event); const snapshotStatus = await tryGetClusterSnapshotStatus(event.ResourceProperties.DBClusterSnapshotIdentifier); diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/emrcontainers/integ.start-job-run.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/test/emrcontainers/integ.start-job-run.ts index c2d1d50ff52a1..5e8d36fea46dd 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/emrcontainers/integ.start-job-run.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/emrcontainers/integ.start-job-run.ts @@ -6,8 +6,7 @@ import * as sfn from '@aws-cdk/aws-stepfunctions'; import * as cdk from '@aws-cdk/core'; import { Aws } from '@aws-cdk/core'; import * as integ from '@aws-cdk/integ-tests'; -import { EmrContainersStartJobRun } from '../../lib'; -import { ReleaseLabel, VirtualClusterInput } from '../../lib/emrcontainers/start-job-run'; +import { EmrContainersStartJobRun, ReleaseLabel, VirtualClusterInput } from '../../lib'; /** * Stack verification steps: diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.ts index c0452c792b799..2d1bceabc6507 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.ts +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/sagemaker/integ.create-training-job.ts @@ -2,8 +2,7 @@ import { Key } from '@aws-cdk/aws-kms'; import { Bucket, BucketEncryption } from '@aws-cdk/aws-s3'; import { StateMachine } from '@aws-cdk/aws-stepfunctions'; import { App, CfnOutput, RemovalPolicy, Stack } from '@aws-cdk/core'; -import { S3Location } from '../../lib'; -import { SageMakerCreateTrainingJob } from '../../lib/sagemaker/create-training-job'; +import { S3Location, SageMakerCreateTrainingJob } from '../../lib'; /* * Creates a state machine with a task state to create a training job in AWS SageMaker diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-without-prepare.ts b/packages/@aws-cdk/pipelines/test/integ.pipeline-without-prepare.ts index 948c03b0acf3a..91b52552c6302 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-without-prepare.ts +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-without-prepare.ts @@ -4,9 +4,30 @@ import * as s3 from '@aws-cdk/aws-s3'; import { App, Stack, StackProps, RemovalPolicy, Stage, StageProps, DefaultStackSynthesizer } from '@aws-cdk/core'; import * as integ from '@aws-cdk/integ-tests'; import { Construct } from 'constructs'; -import { PlainStackApp } from './testhelpers'; import * as pipelines from '../lib'; +/** + * A test stack + * + * It contains a single Bucket. Such robust. Much uptime. + */ +export class BucketStack extends Stack { + public readonly bucket: s3.IBucket; + + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + this.bucket = new s3.Bucket(this, 'Bucket'); + } +} + + +export class PlainStackApp extends Stage { + constructor(scope: Construct, id: string, props?: StageProps) { + super(scope, id, props); + new BucketStack(this, 'Stack'); + } +} + class MyStage extends Stage { constructor(scope: Construct, id: string, props?: StageProps) { super(scope, id, props); From 29bdd6c3a0d387b394fe9d8f8b97e14d5db802f6 Mon Sep 17 00:00:00 2001 From: bun <73948280+bun913@users.noreply.github.com> Date: Sat, 4 Mar 2023 07:26:53 +0900 Subject: [PATCH 12/15] refactor(cloudfront): replace instanceOf into Role.isRole() methodd (#24448) Closes #24447 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts | 2 +- packages/@aws-cdk/aws-cloudfront/lib/private/cache-behavior.ts | 2 +- packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts | 2 +- packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts index d5ea07364adcc..103e992dda640 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts @@ -250,7 +250,7 @@ interface FunctionConfig { } function addEdgeLambdaToRoleTrustStatement(role: iam.IRole) { - if (role instanceof iam.Role && role.assumeRolePolicy) { + if (iam.Role.isRole(role) && role.assumeRolePolicy) { const statement = new iam.PolicyStatement(); const edgeLambdaServicePrincipal = new iam.ServicePrincipal('edgelambda.amazonaws.com'); statement.addPrincipals(edgeLambdaServicePrincipal); diff --git a/packages/@aws-cdk/aws-cloudfront/lib/private/cache-behavior.ts b/packages/@aws-cdk/aws-cloudfront/lib/private/cache-behavior.ts index 43d31bd976f40..a4708b7e2fb58 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/private/cache-behavior.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/private/cache-behavior.ts @@ -75,7 +75,7 @@ export class CacheBehavior { if (!edgeLambdas || edgeLambdas.length === 0) { return; } edgeLambdas.forEach((edgeLambda) => { const role = edgeLambda.functionVersion.role; - if (role && role instanceof iam.Role && role.assumeRolePolicy) { + if (role && iam.Role.isRole(role) && role.assumeRolePolicy) { role.assumeRolePolicy.addStatements(new iam.PolicyStatement({ actions: ['sts:AssumeRole'], principals: [new iam.ServicePrincipal('edgelambda.amazonaws.com')], diff --git a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts index 6910f68a4d25f..ca08aa477f018 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts @@ -1053,7 +1053,7 @@ export class CloudFrontWebDistribution extends cdk.Resource implements IDistribu // allow edgelambda.amazonaws.com to assume the functions' execution role. for (const a of input.lambdaFunctionAssociations) { - if (a.lambdaFunction.role && a.lambdaFunction.role instanceof iam.Role && a.lambdaFunction.role.assumeRolePolicy) { + if (a.lambdaFunction.role && iam.Role.isRole(a.lambdaFunction.role) && a.lambdaFunction.role.assumeRolePolicy) { a.lambdaFunction.role.assumeRolePolicy.addStatements(new iam.PolicyStatement({ actions: ['sts:AssumeRole'], principals: [new iam.ServicePrincipal('edgelambda.amazonaws.com')], diff --git a/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts b/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts index 37d4034e9b448..11d3173baea7d 100644 --- a/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts +++ b/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts @@ -764,7 +764,7 @@ export class Pipeline extends PipelineBase { // because the role might be from a different environment), // but _only_ if it's a new Role - // an imported Role should not add the dependency - if (action.actionProperties.role instanceof iam.Role) { + if (iam.Role.isRole(action.actionProperties.role)) { const roleStack = Stack.of(action.actionProperties.role); pipelineStack.addDependency(roleStack); } From d1264c1c414257fb8dd5288fdc24cfe9605cdf90 Mon Sep 17 00:00:00 2001 From: santanugho Date: Mon, 6 Mar 2023 02:00:28 -0800 Subject: [PATCH 13/15] fix(servicecatalogappregistry): Associate an application with attribute group (#24378) `Application-AttributeGroup` association happens in `ApplicationStack`. Therefore before the deployment of `ApplicationStack`, `AttributeGroup` stack should have been deployed. But with `ApplicationAssociator `where we associate all the stacks with the application (created as a part of `ApplicationAssociator`), attributeGroup stack now depends upon `ApplicationAssociator` stack to be created (since ResourceAssociation happens inside ResourceStack). This creates a circular dependency and hence cdk synth fails. We found this bug during internal testing This PR address this circular dependency issue, by allowing the customers of `ApplicationAssociator` to associate an attribute group in attribute group stack. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-servicecatalogappregistry/README.md | 49 +++++++++++++++++++ .../lib/application.ts | 2 + .../lib/attribute-group.ts | 35 ++++++++++++- .../test/application-associator.test.ts | 47 ++++++++++++++++++ .../test/attribute-group.test.ts | 24 +++++++++ ...catalogappregistry-application.assets.json | 4 +- ...talogappregistry-application.template.json | 6 +-- .../manifest.json | 2 +- .../integ.application.js.snapshot/tree.json | 4 +- .../test/integ.application.ts | 4 +- .../integ.attribute-group.js.snapshot/cdk.out | 2 +- ...logappregistry-attribute-group.assets.json | 6 +-- ...gappregistry-attribute-group.template.json | 4 +- .../integ.json | 2 +- .../manifest.json | 4 +- .../tree.json | 6 +-- .../test/integ.attribute-group.ts | 4 +- 17 files changed, 180 insertions(+), 25 deletions(-) diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/README.md b/packages/@aws-cdk/aws-servicecatalogappregistry/README.md index be09aef037fae..6c2ce7bf8d1d2 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/README.md +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/README.md @@ -99,6 +99,45 @@ const associatedApp = new appreg.ApplicationAssociator(app, 'AssociatedApplicati }); ``` +If you want to associate an Attribute Group with application created by `ApplicationAssociator`, then use as shown in the example below: + +```ts +import * as cdk from "@aws-cdk/core"; + +const app = new App(); + +class CustomAppRegistryAttributeGroup extends cdk.Stack { + public readonly attributeGroup: appreg.AttributeGroup + constructor(scope: Construct, id: string, props?: cdk.StackProps) { + super(scope, id, props); + const myAttributeGroup = new appreg.AttributeGroup(app, 'MyFirstAttributeGroup', { + attributeGroupName: 'MyAttributeGroupName', + description: 'Test attribute group', + attributes: {}, + }); + + this.attributeGroup = myAttributeGroup; + } +} + +const customAttributeGroup = new CustomAppRegistryAttributeGroup(app, 'AppRegistryAttributeGroup'); + +const associatedApp = new appreg.ApplicationAssociator(app, 'AssociatedApplication', { + applications: [appreg.TargetApplication.createApplicationStack({ + applicationName: 'MyAssociatedApplication', + // 'Application containing stacks deployed via CDK.' is the default + applicationDescription: 'Associated Application description', + stackName: 'MyAssociatedApplicationStack', + // AWS Account and Region that are implied by the current CLI configuration is the default + env: { account: '123456789012', region: 'us-east-1' }, + })], +}); + +// Associate application to the attribute group. +customAttributeGroup.attributeGroup.associateWith(associatedApp.appRegistryApplication()); + +``` + If you are using CDK Pipelines to deploy your application, the application stacks will be inside Stages, and ApplicationAssociator will not be able to find them. Call `associateStage` on each Stage object before adding it to the Pipeline, as shown in the example below: @@ -191,6 +230,16 @@ declare const attributeGroup: appreg.AttributeGroup; application.associateAttributeGroup(attributeGroup); ``` +### Associating an attribute group with application + +You can associate an application with an attribute group with `associateWith`: + +```ts +declare const application: appreg.Application; +declare const attributeGroup: appreg.AttributeGroup; +attributeGroup.associateWith(application); +``` + ### Associating application with a Stack You can associate a stack with an application with the `associateStack()` API: diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/application.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/application.ts index e596fb573bcc5..81f5584e6719f 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/application.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/application.ts @@ -100,6 +100,8 @@ abstract class ApplicationBase extends cdk.Resource implements IApplication { /** * Associate an attribute group with application * If the attribute group is already associated, it will ignore duplicate request. + * + * @deprecated Use `AttributeGroup.associateWith` instead. */ public associateAttributeGroup(attributeGroup: IAttributeGroup): void { if (!this.associatedAttributeGroups.has(attributeGroup.node.addr)) { diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/attribute-group.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/attribute-group.ts index d6dda21fe797d..b7dbfc49d5efa 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/lib/attribute-group.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/lib/attribute-group.ts @@ -2,9 +2,10 @@ import { CfnResourceShare } from '@aws-cdk/aws-ram'; import * as cdk from '@aws-cdk/core'; import { Names } from '@aws-cdk/core'; import { Construct } from 'constructs'; +import { IApplication } from './application'; import { getPrincipalsforSharing, hashValues, ShareOptions, SharePermission } from './common'; import { InputValidator } from './private/validation'; -import { CfnAttributeGroup } from './servicecatalogappregistry.generated'; +import { CfnAttributeGroup, CfnAttributeGroupAssociation } from './servicecatalogappregistry.generated'; const ATTRIBUTE_GROUP_READ_ONLY_RAM_PERMISSION_ARN = 'arn:aws:ram::aws:permission/AWSRAMPermissionServiceCatalogAppRegistryAttributeGroupReadOnly'; const ATTRIBUTE_GROUP_ALLOW_ACCESS_RAM_PERMISSION_ARN = 'arn:aws:ram::aws:permission/AWSRAMPermissionServiceCatalogAppRegistryAttributeGroupAllowAssociation'; @@ -58,6 +59,23 @@ export interface AttributeGroupProps { abstract class AttributeGroupBase extends cdk.Resource implements IAttributeGroup { public abstract readonly attributeGroupArn: string; public abstract readonly attributeGroupId: string; + private readonly associatedApplications: Set = new Set(); + + /** + * Associate an application with attribute group + * If the attribute group is already associated, it will ignore duplicate request. + */ + public associateWith(application: IApplication): void { + if (!this.associatedApplications.has(application.node.addr)) { + const hashId = this.generateUniqueHash(application.node.addr); + new CfnAttributeGroupAssociation(this, `ApplicationAttributeGroupAssociation${hashId}`, { + application: application.stack === cdk.Stack.of(this) ? application.applicationId : application.applicationName ?? application.applicationId, + attributeGroup: this.attributeGroupId, + }); + + this.associatedApplications.add(application.node.addr); + } + } public shareAttributeGroup(shareOptions: ShareOptions): void { const principals = getPrincipalsforSharing(shareOptions); @@ -85,6 +103,11 @@ abstract class AttributeGroupBase extends cdk.Resource implements IAttributeGrou return shareOptions.sharePermission ?? ATTRIBUTE_GROUP_READ_ONLY_RAM_PERMISSION_ARN; } } + + /** + * Create a unique hash + */ + protected abstract generateUniqueHash(resourceAddress: string): string; } /** @@ -109,6 +132,10 @@ export class AttributeGroup extends AttributeGroupBase implements IAttributeGrou class Import extends AttributeGroupBase { public readonly attributeGroupArn = attributeGroupArn; public readonly attributeGroupId = attributeGroupId!; + + protected generateUniqueHash(resourceAddress: string): string { + return hashValues(this.attributeGroupArn, resourceAddress); + } } return new Import(scope, id, { @@ -118,6 +145,7 @@ export class AttributeGroup extends AttributeGroupBase implements IAttributeGrou public readonly attributeGroupArn: string; public readonly attributeGroupId: string; + private readonly nodeAddress: string; constructor(scope: Construct, id: string, props: AttributeGroupProps) { super(scope, id); @@ -132,6 +160,11 @@ export class AttributeGroup extends AttributeGroupBase implements IAttributeGrou this.attributeGroupArn = attributeGroup.attrArn; this.attributeGroupId = attributeGroup.attrId; + this.nodeAddress = cdk.Names.nodeUniqueId(attributeGroup.node); + } + + protected generateUniqueHash(resourceAddress: string): string { + return hashValues(this.nodeAddress, resourceAddress); } private validateAttributeGroupProps(props: AttributeGroupProps) { diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/application-associator.test.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/test/application-associator.test.ts index be0221ab49340..da882d28d06ce 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/application-associator.test.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/application-associator.test.ts @@ -35,6 +35,38 @@ describe('Scope based Associations with Application within Same Account', () => }); }); }); + +describe('Associate attribute group with Application', () => { + let app: cdk.App; + beforeEach(() => { + app = new cdk.App({ + context: { + '@aws-cdk/core:newStyleStackSynthesis': false, + }, + }); + }); + + test('Associate Attribute Group with application created by ApplicationAssociator', () => { + + const customAttributeGroup = new CustomAppRegistryAttributeGroup(app, 'AppRegistryAttributeGroup'); + + const appAssociator = new appreg.ApplicationAssociator(app, 'TestApplication', { + applications: [appreg.TargetApplication.createApplicationStack({ + applicationName: 'TestAssociatedApplication', + stackName: 'TestAssociatedApplicationStack', + })], + }); + + customAttributeGroup.attributeGroup.associateWith(appAssociator.appRegistryApplication()); + Template.fromStack(customAttributeGroup.attributeGroup.stack).resourceCountIs('AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation', 1); + Template.fromStack(customAttributeGroup.attributeGroup.stack).hasResourceProperties('AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation', { + Application: 'TestAssociatedApplication', + AttributeGroup: { 'Fn::GetAtt': ['MyFirstAttributeGroupDBC21379', 'Id'] }, + }); + + }); +}); + describe('Scope based Associations with Application with Cross Region/Account', () => { let app: cdk.App; beforeEach(() => { @@ -211,3 +243,18 @@ class AppRegistrySampleStack extends cdk.Stack { super(scope, id, props); } } + +class CustomAppRegistryAttributeGroup extends cdk.Stack { + public readonly attributeGroup: appreg.AttributeGroup; + + constructor(scope: Construct, id: string, props?: cdk.StackProps) { + super(scope, id, props); + const myAttributeGroup = new appreg.AttributeGroup(this, 'MyFirstAttributeGroup', { + attributeGroupName: 'MyFirstAttributeGroupName', + description: 'Test attribute group', + attributes: {}, + }); + + this.attributeGroup = myAttributeGroup; + } +} diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/attribute-group.test.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/test/attribute-group.test.ts index 5230071cd50f1..8d7a984cf48a9 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/attribute-group.test.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/attribute-group.test.ts @@ -176,6 +176,30 @@ describe('Attribute Group', () => { }); }); + describe('Associate application to an attribute group', () => { + let attributeGroup: appreg.AttributeGroup; + + beforeEach(() => { + attributeGroup = new appreg.AttributeGroup(stack, 'MyAttributeGroupForAssociation', { + attributeGroupName: 'MyAttributeGroupForAssociation', + attributes: {}, + }); + }); + + test('Associate an application to an attribute group', () => { + const application = new appreg.Application(stack, 'MyApplication', { + applicationName: 'MyTestApplication', + }); + attributeGroup.associateWith(application); + Template.fromStack(stack).hasResourceProperties('AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation', { + Application: { 'Fn::GetAtt': ['MyApplication5C63EC1D', 'Id'] }, + AttributeGroup: { 'Fn::GetAtt': ['MyAttributeGroupForAssociation6B3E1329', 'Id'] }, + }); + + }); + + }); + describe('Resource sharing of an attribute group', () => { let attributeGroup: appreg.AttributeGroup; diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json index 3ee606db647f9..d8c62f0055d75 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.assets.json @@ -1,7 +1,7 @@ { "version": "30.1.0", "files": { - "6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b": { + "0d4e060fe5da6b164b9df46b0dc0cd20e7962c6cb531ffe08e6e5b99418f13de": { "source": { "path": "integ-servicecatalogappregistry-application.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b.json", + "objectKey": "0d4e060fe5da6b164b9df46b0dc0cd20e7962c6cb531ffe08e6e5b99418f13de.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json index 7cdff29059dd2..f6ac10354ea89 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/integ-servicecatalogappregistry-application.template.json @@ -3,8 +3,8 @@ "TestApplication2FBC585F": { "Type": "AWS::ServiceCatalogAppRegistry::Application", "Properties": { - "Name": "MyTestApplication", - "Description": "Test application description" + "Name": "TestApplication", + "Description": "My application description" } }, "TestApplicationResourceAssociationd232b63e52a8414E905D": { @@ -132,7 +132,7 @@ { "Ref": "AWS::Region" }, - ".console.aws.amazon.com/systems-manager/appmanager/application/AWS_AppRegistry_Application-MyTestApplication" + ".console.aws.amazon.com/systems-manager/appmanager/application/AWS_AppRegistry_Application-TestApplication" ] ] } diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json index ebeb0546e09c7..982ee193a4f57 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6a426aab2239a5fb580c074adbf5b8e3acefa04209423d2b53989c73aed3f95b.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0d4e060fe5da6b164b9df46b0dc0cd20e7962c6cb531ffe08e6e5b99418f13de.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json index 692d8cdf23ff4..8ed129f0c0e65 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.js.snapshot/tree.json @@ -18,8 +18,8 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::ServiceCatalogAppRegistry::Application", "aws:cdk:cloudformation:props": { - "name": "MyTestApplication", - "description": "Test application description" + "name": "TestApplication", + "description": "My application description" } }, "constructInfo": { diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts index bc6d61f9f0ce9..9635a126e2b05 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.application.ts @@ -6,8 +6,8 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'integ-servicecatalogappregistry-application'); const application = new appreg.Application(stack, 'TestApplication', { - applicationName: 'MyTestApplication', - description: 'Test application description', + applicationName: 'TestApplication', + description: 'My application description', }); const attributeGroup = new appreg.AttributeGroup(stack, 'TestAttributeGroup', { diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/cdk.out b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/cdk.out index 145739f539580..b72fef144f05c 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"22.0.0"} \ No newline at end of file +{"version":"30.1.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.assets.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.assets.json index 1aebd71d38d63..7f5d7d67860d6 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.assets.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.assets.json @@ -1,7 +1,7 @@ { - "version": "22.0.0", + "version": "30.1.0", "files": { - "3dece22dad73361a79cb380f2880362a20ffc5c0cc75ddc6707e26b5a88cf93f": { + "9d37fdefa4311937f8f73f9556f1d9a03a2874545a0a262fd42bfde3823ab551": { "source": { "path": "integ-servicecatalogappregistry-attribute-group.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "3dece22dad73361a79cb380f2880362a20ffc5c0cc75ddc6707e26b5a88cf93f.json", + "objectKey": "9d37fdefa4311937f8f73f9556f1d9a03a2874545a0a262fd42bfde3823ab551.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.template.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.template.json index 08a8494f334c7..58e8215d70828 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.template.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ-servicecatalogappregistry-attribute-group.template.json @@ -15,8 +15,8 @@ "beta": "time2" } }, - "Name": "myAttributeGroupTest", - "Description": "my attribute group description" + "Name": "myFirstAttributeGroup", + "Description": "test attribute group description" } }, "TestAttributeGroupRAMSharec67f7d80e5baA10EFB4E": { diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ.json index a50a65615f05b..1c5f8dae6c42d 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "22.0.0", + "version": "30.1.0", "testCases": { "integ.attribute-group": { "stacks": [ diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/manifest.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/manifest.json index edce9703115a8..a894caeb670cf 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "22.0.0", + "version": "30.1.0", "artifacts": { "integ-servicecatalogappregistry-attribute-group.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3dece22dad73361a79cb380f2880362a20ffc5c0cc75ddc6707e26b5a88cf93f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9d37fdefa4311937f8f73f9556f1d9a03a2874545a0a262fd42bfde3823ab551.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/tree.json b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/tree.json index 83ac3d2034037..3f1adfd676bd6 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.js.snapshot/tree.json @@ -30,8 +30,8 @@ "beta": "time2" } }, - "name": "myAttributeGroupTest", - "description": "my attribute group description" + "name": "myFirstAttributeGroup", + "description": "test attribute group description" } }, "constructInfo": { @@ -228,7 +228,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.189" + "version": "10.1.252" } } }, diff --git a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.ts b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.ts index 6d5ccb59b8ef2..10835b204bdfe 100644 --- a/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.ts +++ b/packages/@aws-cdk/aws-servicecatalogappregistry/test/integ.attribute-group.ts @@ -6,8 +6,8 @@ const app = new cdk.App(); const stack = new cdk.Stack(app, 'integ-servicecatalogappregistry-attribute-group'); const attributeGroup = new appreg.AttributeGroup(stack, 'TestAttributeGroup', { - attributeGroupName: 'myAttributeGroupTest', - description: 'my attribute group description', + attributeGroupName: 'myFirstAttributeGroup', + description: 'test attribute group description', attributes: { stage: 'alpha', teamMembers: [ From d36857e8040df37130ea198e107c0923783f6412 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Mon, 6 Mar 2023 02:44:49 -0800 Subject: [PATCH 14/15] docs(cfnspec): update CloudFormation documentation (#24468) --- .../spec-source/cfn-docs/cfn-docs.json | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json index 68943a9a3498b..d0d8c99da85eb 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json @@ -30782,7 +30782,7 @@ "Id": "The event source mapping's ID.", "Ref": "`Ref` returns the mapping's ID." }, - "description": "The `AWS::Lambda::EventSourceMapping` resource creates a mapping between an event source and an AWS Lambda function. Lambda reads items from the event source and triggers the function.\n\nFor details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source.\n\n- [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping)\n- [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping)\n- [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource)\n- [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping)\n- [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html)\n- [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html)", + "description": "The `AWS::Lambda::EventSourceMapping` resource creates a mapping between an event source and an AWS Lambda function. Lambda reads items from the event source and triggers the function.\n\nFor details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source.\n\n- [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping)\n- [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping)\n- [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource)\n- [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping)\n- [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html)\n- [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html)\n- [Configuring Amazon DocumentDB as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html)", "properties": { "AmazonManagedKafkaEventSourceConfig": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", "BatchSize": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", @@ -30794,7 +30794,7 @@ "FilterCriteria": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", "FunctionName": "The name of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", "FunctionResponseTypes": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", - "MaximumBatchingWindowInSeconds": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ event sources)* : 500 ms\n\n*Related setting:* When you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", + "MaximumBatchingWindowInSeconds": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* When you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", "MaximumRecordAgeInSeconds": "(Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.", "MaximumRetryAttempts": "(Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", "ParallelizationFactor": "(Streams only) The number of batches to process concurrently from each shard. The default value is 1.", @@ -37067,7 +37067,7 @@ "PeeringId": "The ID of the transit gateway peering.", "ProposedSegmentChange": "This property is read-only. Values can't be assigned to it.", "Tags": "The list of key-value pairs associated with the transit gateway route table attachment.", - "TransitGatewayRouteTableArn": "The ARN of the transit gateway attachment route table, using the format: `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2: *AccountId* :transit-gateway-route-table/ *tgw-rtb-xxxxxxxxxxx* \"` . For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` ." + "TransitGatewayRouteTableArn": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` ." } }, "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { @@ -42495,42 +42495,42 @@ "AWS::RolesAnywhere::CRL": { "attributes": { "CrlId": "The unique primary identifier of the Crl", - "Ref": "`Ref` returns `CrlId` ." + "Ref": "The name of the CRL." }, - "description": "The state of the certificate revocation list (CRL) after a read or write operation.", + "description": "Creates a Crl.", "properties": { - "CrlData": "The revocation record for a certificate, following the x509 v3 standard.", - "Enabled": "Indicates whether the certificate revocation list (CRL) is enabled.", - "Name": "The name of the certificate revocation list (CRL).", - "Tags": "A list of tags to attach to the CRL.", + "CrlData": "x509 v3 Certificate Revocation List to revoke auth for corresponding certificates presented in CreateSession operations", + "Enabled": "The enabled status of the resource.", + "Name": "The customer specified name of the resource.", + "Tags": "A list of Tags.", "TrustAnchorArn": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for." } }, "AWS::RolesAnywhere::Profile": { "attributes": { - "ProfileArn": "The ARN of the profile.", + "ProfileArn": "", "ProfileId": "The unique primary identifier of the Profile", - "Ref": "`Ref` returns `ProfileId` ." + "Ref": "The name of the Profile" }, - "description": "Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.\n\n*Required permissions:* `rolesanywhere:CreateProfile` .", + "description": "Creates a Profile.", "properties": { - "DurationSeconds": "Sets the maximum number of seconds that vended temporary credentials through [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-create-session.html) will be valid for, between 900 and 3600.", - "Enabled": "Indicates whether the profile is enabled.", - "ManagedPolicyArns": "A list of managed policy ARNs that apply to the vended session credentials.", - "Name": "The name of the profile.", - "RequireInstanceProperties": "Specifies whether instance properties are required in temporary credential requests with this profile.", - "RoleArns": "A list of IAM role ARNs. During `CreateSession` , if a matching role ARN is provided, the properties in this profile will be applied to the intersection session policy.", - "SessionPolicy": "A session policy that applies to the trust boundary of the vended session credentials.", - "Tags": "A list of tags to attach to the profile." + "DurationSeconds": "The number of seconds vended session credentials will be valid for", + "Enabled": "The enabled status of the resource.", + "ManagedPolicyArns": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", + "Name": "The customer specified name of the resource.", + "RequireInstanceProperties": "Specifies whether instance properties are required in CreateSession requests with this profile.", + "RoleArns": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", + "SessionPolicy": "A session policy that will applied to the trust boundary of the vended session credentials.", + "Tags": "A list of Tags." } }, "AWS::RolesAnywhere::TrustAnchor": { "attributes": { "Ref": "`Ref` returns `TrustAnchorId` .", "TrustAnchorArn": "The ARN of the trust anchor.", - "TrustAnchorId": "The unique primary identifier of the TrustAnchor" + "TrustAnchorId": "" }, - "description": "The state of the trust anchor after a read or write operation.", + "description": "Creates a TrustAnchor.", "properties": { "Enabled": "Indicates whether the trust anchor is enabled.", "Name": "The name of the trust anchor.", @@ -42540,15 +42540,15 @@ }, "AWS::RolesAnywhere::TrustAnchor.Source": { "attributes": {}, - "description": "The trust anchor type and its related certificate data.", + "description": "Object representing the TrustAnchor type and its related certificate data.", "properties": { - "SourceData": "The data field of the trust anchor depending on its type.", - "SourceType": "The type of the trust anchor." + "SourceData": "A union object representing the data field of the TrustAnchor depending on its type", + "SourceType": "The type of the TrustAnchor." } }, "AWS::RolesAnywhere::TrustAnchor.SourceData": { "attributes": {}, - "description": "The data field of the trust anchor depending on its type.", + "description": "A union object representing the data field of the TrustAnchor depending on its type", "properties": { "AcmPcaArn": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .", "X509CertificateData": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` ." From a70ff1ad332af780c052e3117b73df060deee7ae Mon Sep 17 00:00:00 2001 From: Rico Hermans Date: Mon, 6 Mar 2023 13:00:11 +0100 Subject: [PATCH 15/15] fix(cli): cannot `cdk import` resources with multiple identifiers (#24439) When CloudFormation tells us about identifiers for resources it can import, it returns a `string[]`. Our CLI used to interpret this as a set of identifiers that all must be present. Instead, the contract is actually: each `string` is a comma-separated list of identifiers that must be present together, but from all `strings` exactly one key combination should be supplied (and not multiple). So: * `['BucketName']` -> Supply BucketName (easy) * `['TableName', 'TableArn']` -> supply exactly one of TableName or TableArn (but not both) * `['HostedZoneId,Name']` -> supply BOTH HostedZoneId and Name. Because of our misinterpretations, both the cases of resources with multiple POSSIBLE identifiers as well as multiple REQUIRED identifiers would fail to import. Make the code correctly model the expect types: identifiers are a `string[][]`, where the outer array indicates `OR` and the inner array indicates `AND`. * For any of the combinations of properties we can lift from the template, prompt the user to confirm (typically 0 or 1, might be more). If the user rejected any of them, we don't do the resource at all. * If we couldn't lift any full key from the template, ask the user for the properties of each compound key, lifting parts of it from the template if possible. Fixes #20895. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/lib/import.ts | 117 +++++++++++------ packages/aws-cdk/test/import.test.ts | 182 ++++++++++++++++++++++++--- 2 files changed, 246 insertions(+), 53 deletions(-) diff --git a/packages/aws-cdk/lib/import.ts b/packages/aws-cdk/lib/import.ts index 0a5795313fbc0..f3caf736373be 100644 --- a/packages/aws-cdk/lib/import.ts +++ b/packages/aws-cdk/lib/import.ts @@ -9,18 +9,18 @@ import { ResourceIdentifierProperties, ResourcesToImport } from './api/util/clou import { error, print, success, warning } from './logging'; /** - * Parameters that uniquely identify a physical resource of a given type + * Set of parameters that uniquely identify a physical resource of a given type * for the import operation, example: * * ``` * { - * "AWS::S3::Bucket": ["BucketName"], - * "AWS::IAM::Role": ["RoleName"], - * "AWS::EC2::VPC": ["VpcId"] + * "AWS::S3::Bucket": [["BucketName"]], + * "AWS::DynamoDB::GlobalTable": [["TableName"], ["TableArn"], ["TableStreamArn"]], + * "AWS::Route53::KeySigningKey": [["HostedZoneId", "Name"]], * } * ``` */ -export type ResourceIdentifiers = { [resourceType: string]: string[] }; +export type ResourceIdentifiers = { [resourceType: string]: string[][] }; /** * Mapping of CDK resources (L1 constructs) to physical resources to be imported @@ -225,12 +225,21 @@ export class ResourceImporter { const resourceIdentifierSummaries = await this.cfn.resourceIdentifierSummaries(this.stack, this.options.toolkitStackName); for (const summary of resourceIdentifierSummaries) { if ('ResourceType' in summary && summary.ResourceType && 'ResourceIdentifiers' in summary && summary.ResourceIdentifiers) { - ret[summary.ResourceType] = summary.ResourceIdentifiers; + ret[summary.ResourceType] = (summary.ResourceIdentifiers ?? [])?.map(x => x.split(',')); } } return ret; } + /** + * Ask for the importable identifier for the given resource + * + * There may be more than one identifier under which a resource can be imported. The `import` + * operation needs exactly one of them. + * + * - If we can get one from the template, we will use one. + * - Otherwise, we will ask the user for one of them. + */ private async askForResourceIdentifier( resourceIdentifiers: ResourceIdentifiers, chg: ImportableResource, @@ -244,45 +253,83 @@ export class ResourceImporter { return undefined; } - const idProps = resourceIdentifiers[resourceType]; - const resourceProps = chg.resourceDefinition.Properties ?? {}; + const idPropSets = resourceIdentifiers[resourceType]; - const fixedIdProps = idProps.filter(p => resourceProps[p]); - const fixedIdInput: ResourceIdentifierProperties = Object.fromEntries(fixedIdProps.map(p => [p, resourceProps[p]])); + // Retain only literal strings: strip potential CFN intrinsics + const resourceProps = Object.fromEntries(Object.entries(chg.resourceDefinition.Properties ?? {}) + .filter(([_, v]) => typeof v === 'string')) as Record; - const missingIdProps = idProps.filter(p => !resourceProps[p]); + // Find property sets that are fully satisfied in the template, ask the user to confirm them + const satisfiedPropSets = idPropSets.filter(ps => ps.every(p => resourceProps[p])); + for (const satisfiedPropSet of satisfiedPropSets) { + const candidateProps = Object.fromEntries(satisfiedPropSet.map(p => [p, resourceProps[p]])); + const displayCandidateProps = fmtdict(candidateProps); - if (missingIdProps.length === 0) { - // We can auto-import this, but ask the user to confirm - const props = fmtdict(fixedIdInput); - - if (!await promptly.confirm( - `${chalk.blue(resourceName)} (${resourceType}): import with ${chalk.yellow(props)} (yes/no) [default: yes]? `, + if (await promptly.confirm( + `${chalk.blue(resourceName)} (${resourceType}): import with ${chalk.yellow(displayCandidateProps)} (yes/no) [default: yes]? `, { default: 'yes' }, )) { - print(chalk.grey(`Skipping import of ${resourceName}`)); - return undefined; + return candidateProps; } } - // Ask the user to provide missing props - const userInput: ResourceIdentifierProperties = {}; - for (const missingIdProp of missingIdProps) { - const response = (await promptly.prompt( - `${chalk.blue(resourceName)} (${resourceType}): enter ${chalk.blue(missingIdProp)} to import (empty to skip):`, - { default: '', trim: true }, - )); - if (!response) { - print(chalk.grey(`Skipping import of ${resourceName}`)); - return undefined; + // If we got here and the user rejected any available identifiers, then apparently they don't want the resource at all + if (satisfiedPropSets.length > 0) { + print(chalk.grey(`Skipping import of ${resourceName}`)); + return undefined; + } + + // We cannot auto-import this, ask the user for one of the props + // The only difference between these cases is what we print: for multiple properties, we print a preamble + const prefix = `${chalk.blue(resourceName)} (${resourceType})`; + let preamble; + let promptPattern; + if (idPropSets.length > 1) { + preamble = `${prefix}: enter one of ${idPropSets.map(x => chalk.blue(x.join('+'))).join(', ')} to import (all empty to skip)`; + promptPattern = `${prefix}: enter %`; + } else { + promptPattern = `${prefix}: enter %`; + } + + // Do the input loop here + if (preamble) { + print(preamble); + } + for (const idProps of idPropSets) { + const input: Record = {}; + for (const idProp of idProps) { + // If we have a value from the template, use it as default. This will only be a partial + // identifier if present, otherwise we would have done the import already above. + const defaultValue = typeof resourceProps[idProp] ?? ''; + + const prompt = [ + promptPattern.replace(/%/, chalk.blue(idProp)), + defaultValue + ? `[${defaultValue}]` + : '(empty to skip)', + ].join(' ') + ':'; + const response = await promptly.prompt(prompt, + { default: defaultValue, trim: true }, + ); + + if (!response) { + break; + } + + input[idProp] = response; + // Also stick this property into 'resourceProps', so that it may be reused by a subsequent question + // (for a different compound identifier that involves the same property). Just a small UX enhancement. + resourceProps[idProp] = response; + } + + // If the user gave inputs for all values, we are complete + if (Object.keys(input).length === idProps.length) { + return input; } - userInput[missingIdProp] = response; } - return { - ...fixedIdInput, - ...userInput, - }; + print(chalk.grey(`Skipping import of ${resourceName}`)); + return undefined; } /** @@ -364,4 +411,4 @@ function addDefaultDeletionPolicy(resource: any): any { export interface DiscoverImportableResourcesResult { readonly additions: ImportableResource[]; readonly hasNonAdditions: boolean; -} \ No newline at end of file +} diff --git a/packages/aws-cdk/test/import.test.ts b/packages/aws-cdk/test/import.test.ts index ec970df533daf..9bbbc7b98a24f 100644 --- a/packages/aws-cdk/test/import.test.ts +++ b/packages/aws-cdk/test/import.test.ts @@ -17,31 +17,53 @@ const promptlyPrompt = promptly.prompt as jest.Mock; let createChangeSetInput: AWS.CloudFormation.CreateChangeSetInput | undefined; -const STACK_WITH_QUEUE = testStack({ - stackName: 'StackWithQueue', - template: { - Resources: { - MyQueue: { - Type: 'AWS::SQS::Queue', - Properties: {}, +function stackWithQueue(props: Record) { + return testStack({ + stackName: 'StackWithQueue', + template: { + Resources: { + MyQueue: { + Type: 'AWS::SQS::Queue', + Properties: props, + }, }, }, - }, + }); +} + +const STACK_WITH_QUEUE = stackWithQueue({}); + +const STACK_WITH_NAMED_QUEUE = stackWithQueue({ + QueueName: 'TheQueueName', }); -const STACK_WITH_NAMED_QUEUE = testStack({ - stackName: 'StackWithQueue', - template: { - Resources: { - MyQueue: { - Type: 'AWS::SQS::Queue', - Properties: { - QueueName: 'TheQueueName', +function stackWithGlobalTable(props: Record) { + return testStack({ + stackName: 'StackWithTable', + template: { + Resources: { + MyTable: { + Type: 'AWS::DynamoDB::GlobalTable', + Properties: props, }, }, }, - }, -}); + }); +} + +function stackWithKeySigningKey(props: Record) { + return testStack({ + stackName: 'StackWithKSK', + template: { + Resources: { + MyKSK: { + Type: 'AWS::Route53::KeySigningKey', + Properties: props, + }, + }, + }, + }); +} let sdkProvider: MockSdkProvider; let deployments: CloudFormationDeployments; @@ -154,6 +176,122 @@ test('asks human to confirm automic import if identifier is in template', async ]); }); +test('only use one identifier if multiple are in template', async () => { + // GIVEN + const stack = stackWithGlobalTable({ + TableName: 'TheTableName', + TableArn: 'ThisFieldDoesntExistInReality', + TableStreamArn: 'NorDoesThisOne', + }); + + // WHEN + promptlyConfirm.mockResolvedValue(true); // Confirm yes/no + await importTemplateFromClean(stack); + + // THEN + expect(createChangeSetInput?.ResourcesToImport).toEqual([ + { + LogicalResourceId: 'MyTable', + ResourceIdentifier: { TableName: 'TheTableName' }, + ResourceType: 'AWS::DynamoDB::GlobalTable', + }, + ]); +}); + +test('only ask user for one identifier if multiple possible ones are possible', async () => { + // GIVEN -- no identifiers in template, so ask user + const stack = stackWithGlobalTable({}); + + // WHEN + promptlyPrompt.mockResolvedValue('Banana'); + const importable = await importTemplateFromClean(stack); + + // THEN -- only asked once + expect(promptlyPrompt).toHaveBeenCalledTimes(1); + expect(importable.resourceMap).toEqual({ + MyTable: { TableName: 'Banana' }, + }); +}); + +test('ask identifier if the value in the template is a CFN intrinsic', async () => { + // GIVEN -- identifier in template is a CFN intrinsic so it doesn't count + const stack = stackWithQueue({ + QueueName: { Ref: 'SomeParam' }, + }); + + // WHEN + promptlyPrompt.mockResolvedValue('Banana'); + const importable = await importTemplateFromClean(stack); + + // THEN + expect(importable.resourceMap).toEqual({ + MyQueue: { QueueName: 'Banana' }, + }); +}); + +test('take compound identifiers from the template if found', async () => { + // GIVEN + const stack = stackWithKeySigningKey({ + HostedZoneId: 'z-123', + Name: 'KeyName', + }); + + // WHEN + promptlyConfirm.mockResolvedValue(true); + await importTemplateFromClean(stack); + + // THEN + expect(createChangeSetInput?.ResourcesToImport).toEqual([ + { + LogicalResourceId: 'MyKSK', + ResourceIdentifier: { HostedZoneId: 'z-123', Name: 'KeyName' }, + ResourceType: 'AWS::Route53::KeySigningKey', + }, + ]); +}); + +test('ask user for compound identifiers if not found', async () => { + // GIVEN + const stack = stackWithKeySigningKey({}); + + // WHEN + promptlyPrompt.mockReturnValue('Banana'); + await importTemplateFromClean(stack); + + // THEN + expect(createChangeSetInput?.ResourcesToImport).toEqual([ + { + LogicalResourceId: 'MyKSK', + ResourceIdentifier: { HostedZoneId: 'Banana', Name: 'Banana' }, + ResourceType: 'AWS::Route53::KeySigningKey', + }, + ]); +}); + +test('do not ask for second part of compound identifier if the user skips the first', async () => { + // GIVEN + const stack = stackWithKeySigningKey({}); + + // WHEN + promptlyPrompt.mockReturnValue(''); + const importMap = await importTemplateFromClean(stack); + + // THEN + expect(importMap.resourceMap).toEqual({}); +}); + +/** + * Do a full import cycle with the given stack template + */ +async function importTemplateFromClean(stack: ReturnType) { + givenCurrentStack(stack.stackName, { Resources: {} }); + const importer = new ResourceImporter(stack, deployments); + const { additions } = await importer.discoverImportableResources(); + const importable = await importer.askForResourceIdentifiers(additions); + await importer.importResources(importable, { stack }); + return importable; +} + function givenCurrentStack(stackName: string, template: any) { sdkProvider.stubCloudFormation({ describeStacks() { @@ -181,6 +319,14 @@ function givenCurrentStack(stackName: string, template: any) { ResourceType: 'AWS::SQS::Queue', ResourceIdentifiers: ['QueueName'], }, + { + ResourceType: 'AWS::DynamoDB::GlobalTable', + ResourceIdentifiers: ['TableName', 'TableArn', 'TableStreamArn'], + }, + { + ResourceType: 'AWS::Route53::KeySigningKey', + ResourceIdentifiers: ['HostedZoneId,Name'], + }, ], }; },