Merge branch 'master' into benisrae/cfn-json

aws · May 20, 2020 · d131ae3 · d131ae3
2 parents e1bbf37 + 1bfe70a
commit d131ae3
Show file tree

Hide file tree

Showing 21 changed files with 531 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,20 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.40.0](https://github.com/aws/aws-cdk/compare/v1.39.0...v1.40.0) (2020-05-20)
+
+
+### Features
+
+* add support for Gitpod workspaces ([20d5511](https://github.com/aws/aws-cdk/commit/20d551142ea13c57981ad8b24ac61d03091da6b9))
+* **autoscaling:** support max instance lifetime  ([d126c46](https://github.com/aws/aws-cdk/commit/d126c46f8429b30e1937e2e970011bc6fac8b5a2)), closes [#7758](https://github.com/aws/aws-cdk/issues/7758)
+* **cfn-include:** add support for the DependsOn attribute ([613df1b](https://github.com/aws/aws-cdk/commit/613df1b8e4b794a772d6124a22463072617aef62))
+* **docdb:** high level constrcuts for db clusters and instances ([#6511](https://github.com/aws/aws-cdk/issues/6511)) ([a376dd3](https://github.com/aws/aws-cdk/commit/a376dd326e180462044b610c6925998482bd04d2))
+* **eks:** IAM roles for service accounts ([3f0d2c8](https://github.com/aws/aws-cdk/commit/3f0d2c82ef6102fb6b8cea23e397f559fa6a4d61)), closes [#6062](https://github.com/aws/aws-cdk/issues/6062) [#5388](https://github.com/aws/aws-cdk/issues/5388) [#3949](https://github.com/aws/aws-cdk/issues/3949)
+* **elbv2:** full Action support ([2939105](https://github.com/aws/aws-cdk/commit/29391059a571fc41d94275f36cf54e08c6f5441f)), closes [#2563](https://github.com/aws/aws-cdk/issues/2563) [#6310](https://github.com/aws/aws-cdk/issues/6310) [#6308](https://github.com/aws/aws-cdk/issues/6308)
+* **region-info:** add information for us-gov, us-iso, and us-isob regions ([afe0b00](https://github.com/aws/aws-cdk/commit/afe0b00b12afe383da49dcfa07f85b578728a0d1)), closes [#7876](https://github.com/aws/aws-cdk/issues/7876) [#4669](https://github.com/aws/aws-cdk/issues/4669)
+* **s3-asset:** add httpUrl and s3ObjectUrl ([eeff393](https://github.com/aws/aws-cdk/commit/eeff39324e4735096f85b32d37c95011881467b6)), closes [#7509](https://github.com/aws/aws-cdk/issues/7509) [#7221](https://github.com/aws/aws-cdk/issues/7221)
+
 ## [1.39.0](https://github.com/aws/aws-cdk/compare/v1.38.0...v1.39.0) (2020-05-15)
 
 

diff --git a/lerna.json b/lerna.json
@@ -10,5 +10,5 @@
     "tools/*"
   ],
   "rejectCycles": "true",
-  "version": "1.39.0"
+  "version": "1.40.0"
 }
diff --git a/packages/@aws-cdk/aws-apigateway/lib/access-log.ts b/packages/@aws-cdk/aws-apigateway/lib/access-log.ts
@@ -46,7 +46,7 @@ export class AccessLogField {
    * The API owner's AWS account ID.
    */
   public static contextAccountId() {
-    return '$context.requestId';
+    return '$context.identity.accountId';
   }
 
   /**

diff --git a/packages/@aws-cdk/aws-apigateway/test/test.access-log.ts b/packages/@aws-cdk/aws-apigateway/test/test.access-log.ts
@@ -38,12 +38,13 @@ export = {
       requestId: apigateway.AccessLogField.contextRequestId(),
       sourceIp: apigateway.AccessLogField.contextIdentitySourceIp(),
       method: apigateway.AccessLogField.contextHttpMethod(),
+      accountId: apigateway.AccessLogField.contextAccountId(),
       userContext: {
         sub: apigateway.AccessLogField.contextAuthorizerClaims('sub'),
         email: apigateway.AccessLogField.contextAuthorizerClaims('email'),
       },
     }));
-    test.deepEqual(testFormat.toString(), '{"requestId":"$context.requestId","sourceIp":"$context.identity.sourceIp","method":"$context.httpMethod","userContext":{"sub":"$context.authorizer.claims.sub","email":"$context.authorizer.claims.email"}}');
+    test.deepEqual(testFormat.toString(), '{"requestId":"$context.requestId","sourceIp":"$context.identity.sourceIp","method":"$context.httpMethod","accountId":"$context.identity.accountId","userContext":{"sub":"$context.authorizer.claims.sub","email":"$context.authorizer.claims.email"}}');
 
     test.done();
   },

diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md
@@ -148,6 +148,9 @@ new UserPool(this, 'myuserpool', {
 });
 ```
 
+A user pool can optionally ignore case when evaluating sign-ins. When `signInCaseSensitive` is false, Cognito will not
+check the capitalization of the alias when signing in. Default is true.
+
 ### Attributes
 
 Attributes represent the various properties of each user that's collected and stored in the user pool. Cognito

diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts
@@ -500,6 +500,13 @@ export interface UserPoolProps {
    * @default - No Lambda triggers.
    */
   readonly lambdaTriggers?: UserPoolTriggers;
+
+  /**
+   * Whether sign-in aliases should be evaluated with case sensitivity.
+   * For example, when this option is set to false, users will be able to sign in using either `MyUsername` or `myusername`.
+   * @default true
+   */
+  readonly signInCaseSensitive?: boolean;
 }
 
 /**
@@ -637,6 +644,9 @@ export class UserPool extends Resource implements IUserPool {
         from: props.emailSettings?.from,
         replyToEmailAddress: props.emailSettings?.replyTo,
       }),
+      usernameConfiguration: undefinedIfNoKeys({
+        caseSensitive: props.signInCaseSensitive,
+      }),
     });
 
     this.userPoolId = userPool.ref;

diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts
@@ -454,6 +454,36 @@ describe('User Pool', () => {
     });
   });
 
+  test('sign in case sensitive is correctly picked up', () => {
+    // GIVEN
+    const stack = new Stack();
+
+    // WHEN
+    new UserPool(stack, 'Pool', {
+      signInCaseSensitive: false,
+    });
+
+    // THEN
+    expect(stack).toHaveResourceLike('AWS::Cognito::UserPool', {
+      UsernameConfiguration: {
+        CaseSensitive: false,
+      },
+    });
+  });
+
+  test('sign in case sensitive is absent by default', () => {
+    // GIVEN
+    const stack = new Stack();
+
+    // WHEN
+    new UserPool(stack, 'Pool', {});
+
+    // THEN
+    expect(stack).toHaveResourceLike('AWS::Cognito::UserPool', {
+      UsernameConfiguration: ABSENT,
+    });
+  });
+
   test('required attributes', () => {
     // GIVEN
     const stack = new Stack();

diff --git a/packages/@aws-cdk/aws-sns-subscriptions/lib/email.ts b/packages/@aws-cdk/aws-sns-subscriptions/lib/email.ts
@@ -32,6 +32,7 @@ export class EmailSubscription implements sns.ITopicSubscription {
       endpoint: this.emailAddress,
       protocol: this.props.json ? sns.SubscriptionProtocol.EMAIL_JSON : sns.SubscriptionProtocol.EMAIL,
       filterPolicy: this.props.filterPolicy,
+      deadLetterQueue: this.props.deadLetterQueue,
     };
   }
 }
diff --git a/packages/@aws-cdk/aws-sns-subscriptions/lib/lambda.ts b/packages/@aws-cdk/aws-sns-subscriptions/lib/lambda.ts
@@ -39,6 +39,7 @@ export class LambdaSubscription implements sns.ITopicSubscription {
       protocol: sns.SubscriptionProtocol.LAMBDA,
       filterPolicy: this.props.filterPolicy,
       region: this.regionFromArn(topic),
+      deadLetterQueue: this.props.deadLetterQueue,
     };
   }
 

diff --git a/packages/@aws-cdk/aws-sns-subscriptions/lib/sqs.ts b/packages/@aws-cdk/aws-sns-subscriptions/lib/sqs.ts
@@ -54,6 +54,7 @@ export class SqsSubscription implements sns.ITopicSubscription {
       rawMessageDelivery: this.props.rawMessageDelivery,
       filterPolicy: this.props.filterPolicy,
       region: this.regionFromArn(topic),
+      deadLetterQueue: this.props.deadLetterQueue,
     };
   }
 

diff --git a/packages/@aws-cdk/aws-sns-subscriptions/lib/subscription.ts b/packages/@aws-cdk/aws-sns-subscriptions/lib/subscription.ts
@@ -1,4 +1,5 @@
 import * as sns from '@aws-cdk/aws-sns';
+import { IQueue } from '@aws-cdk/aws-sqs';
 
 /**
  * Options to subscribing to an SNS topic
@@ -10,4 +11,12 @@ export interface SubscriptionProps {
    * @default - all messages are delivered
    */
   readonly filterPolicy?: { [attribute: string]: sns.SubscriptionFilter };
+
+  /**
+   * Queue to be used as dead letter queue.
+   * If not passed no dead letter queue is enabled.
+   *
+   * @default - No dead letter queue enabled.
+   */
+  readonly deadLetterQueue?: IQueue;
 }
diff --git a/packages/@aws-cdk/aws-sns-subscriptions/lib/url.ts b/packages/@aws-cdk/aws-sns-subscriptions/lib/url.ts
@@ -61,6 +61,7 @@ export class UrlSubscription implements sns.ITopicSubscription {
       protocol: this.protocol,
       rawMessageDelivery: this.props.rawMessageDelivery,
       filterPolicy: this.props.filterPolicy,
+      deadLetterQueue: this.props.deadLetterQueue,
     };
   }
 }
diff --git a/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-lambda.expected.json b/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-lambda.expected.json
@@ -81,9 +81,57 @@
             "Echo11F3FB29",
             "Arn"
           ]
+        },
+        "RedrivePolicy": {
+          "deadLetterTargetArn": {
+            "Fn::GetAtt": [
+              "DeadLetterQueue9F481546",
+              "Arn"
+            ]
+          }
         }
       }
     },
+    "DeadLetterQueue9F481546": {
+      "Type": "AWS::SQS::Queue",
+      "Properties": {
+      }
+    },
+    "DeadLetterQueuePolicyB1FB890C": {
+      "Type": "AWS::SQS::QueuePolicy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sqs:SendMessage",
+              "Condition": {
+                "ArnEquals": {
+                  "aws:SourceArn": {
+                    "Ref": "MyTopic86869434"
+                  }
+                }
+              },
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "sns.amazonaws.com"
+              },
+              "Resource": {
+                "Fn::GetAtt": [
+                  "DeadLetterQueue9F481546",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Queues": [
+          {
+            "Ref": "DeadLetterQueue9F481546"
+          }
+        ]
+      }
+    },
     "FilteredServiceRole16D9DDC1": {
       "Type": "AWS::IAM::Role",
       "Properties": {

diff --git a/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-lambda.ts b/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-lambda.ts
@@ -1,5 +1,6 @@
 import * as lambda from '@aws-cdk/aws-lambda';
 import * as sns from '@aws-cdk/aws-sns';
+import * as sqs from '@aws-cdk/aws-sqs';
 import * as cdk from '@aws-cdk/core';
 import * as subs from '../lib';
 
@@ -15,7 +16,9 @@ class SnsToLambda extends cdk.Stack {
       code: lambda.Code.fromInline(`exports.handler = ${handler.toString()}`),
     });
 
-    topic.addSubscription(new subs.LambdaSubscription(fction));
+    topic.addSubscription(new subs.LambdaSubscription(fction, {
+      deadLetterQueue: new sqs.Queue(this, 'DeadLetterQueue'),
+    }));
 
     const fctionFiltered = new lambda.Function(this, 'Filtered', {
       handler: 'index.handler',

diff --git a/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-sqs.lit.expected.json b/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-sqs.lit.expected.json
@@ -53,8 +53,56 @@
             "MyQueueE6CA6235",
             "Arn"
           ]
+        },
+        "RedrivePolicy": {
+          "deadLetterTargetArn": {
+            "Fn::GetAtt": [
+              "DeadLetterQueue9F481546",
+              "Arn"
+            ]
+          }
         }
       }
+    },
+    "DeadLetterQueue9F481546": {
+      "Type": "AWS::SQS::Queue",
+      "Properties": {
+      }
+    },
+    "DeadLetterQueuePolicyB1FB890C": {
+      "Type": "AWS::SQS::QueuePolicy",
+      "Properties": {
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sqs:SendMessage",
+              "Condition": {
+                "ArnEquals": {
+                  "aws:SourceArn": {
+                    "Ref": "MyTopic86869434"
+                  }
+                }
+              },
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "sns.amazonaws.com"
+              },
+              "Resource": {
+                "Fn::GetAtt": [
+                  "DeadLetterQueue9F481546",
+                  "Arn"
+                ]
+              }
+            }
+          ],
+          "Version": "2012-10-17"
+        },
+        "Queues": [
+          {
+            "Ref": "DeadLetterQueue9F481546"
+          }
+        ]
+      }
     }
   }
 }
diff --git a/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-sqs.lit.ts b/packages/@aws-cdk/aws-sns-subscriptions/test/integ.sns-sqs.lit.ts
@@ -11,7 +11,9 @@ class SnsToSqs extends cdk.Stack {
     const topic = new sns.Topic(this, 'MyTopic');
     const queue = new sqs.Queue(this, 'MyQueue');
 
-    topic.addSubscription(new subs.SqsSubscription(queue));
+    topic.addSubscription(new subs.SqsSubscription(queue, {
+      deadLetterQueue: new sqs.Queue(this, 'DeadLetterQueue'),
+    }));
     /// !hide
   }
 }