diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/AlbFargateServiceWithCommandAndEntryPointDefaultTestDeployAssert84DAACDF.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/AlbFargateServiceWithCommandAndEntryPointDefaultTestDeployAssert84DAACDF.assets.json
index 161b98e729347..afee9f7a14240 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/AlbFargateServiceWithCommandAndEntryPointDefaultTestDeployAssert84DAACDF.assets.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/AlbFargateServiceWithCommandAndEntryPointDefaultTestDeployAssert84DAACDF.assets.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.assets.json
index e2efe1199559d..f0c30a25d7502 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.assets.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.assets.json
@@ -1,7 +1,7 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"files": {
- "bd5c4694c4fe13248b11699dfcee108b7c5a6835e60b9f68628928a30689fa29": {
+ "d5bc6608a501023f394e622f56da7bfa3d009cdcb254814891d1352b1e41bbbe": {
"source": {
"path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json",
"packaging": "file"
@@ -9,7 +9,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "bd5c4694c4fe13248b11699dfcee108b7c5a6835e60b9f68628928a30689fa29.json",
+ "objectKey": "d5bc6608a501023f394e622f56da7bfa3d009cdcb254814891d1352b1e41bbbe.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json
index aff60e08182b5..7adff19cc7449 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json
@@ -18,9 +18,6 @@
"VpcPublicSubnet1Subnet5C2D37C4": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -44,21 +41,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet1RouteTable6C95E38E": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet1RouteTableAssociation97140677": {
@@ -75,12 +75,12 @@
"VpcPublicSubnet1DefaultRoute3DA9E72A": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
}
},
"DependsOn": [
@@ -102,15 +102,15 @@
"VpcPublicSubnet1NATGateway4D7517AA": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
- },
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet1EIPD7E02669",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+ },
"Tags": [
{
"Key": "Name",
@@ -126,9 +126,6 @@
"VpcPublicSubnet2Subnet691E08A3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -152,21 +149,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet2RouteTable94F7E489": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet2RouteTableAssociationDD5762D8": {
@@ -183,12 +183,12 @@
"VpcPublicSubnet2DefaultRoute97F91067": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
}
},
"DependsOn": [
@@ -210,15 +210,15 @@
"VpcPublicSubnet2NATGateway9182C01D": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
- },
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet2EIP3C605A87",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
+ },
"Tags": [
{
"Key": "Name",
@@ -234,9 +234,6 @@
"VpcPrivateSubnet1Subnet536B997A": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -260,21 +257,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet1RouteTableB2C5B500": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
@@ -291,21 +291,18 @@
"VpcPrivateSubnet1DefaultRouteBE02A9ED": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
}
}
},
"VpcPrivateSubnet2Subnet3788AAA1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -329,21 +326,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet2RouteTableA678073B": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
@@ -360,12 +360,12 @@
"VpcPrivateSubnet2DefaultRoute060D2087": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet2NATGateway9182C01D"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
}
}
},
@@ -383,17 +383,56 @@
"VpcVPCGWBF912B6E": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"InternetGatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
}
}
},
"TestFargateCluster0BF869F3": {
"Type": "AWS::ECS::Cluster"
},
+ "SecurityGroupDD263621": {
+ "Type": "AWS::EC2::SecurityGroup",
+ "Properties": {
+ "GroupDescription": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup",
+ "SecurityGroupIngress": [
+ {
+ "CidrIp": "0.0.0.0/0",
+ "Description": "from 0.0.0.0/0:80",
+ "FromPort": 80,
+ "IpProtocol": "tcp",
+ "ToPort": 80
+ }
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
+ }
+ },
+ "SecurityGrouptoawsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F1180E99BF818": {
+ "Type": "AWS::EC2::SecurityGroupEgress",
+ "Properties": {
+ "Description": "Load balancer to target",
+ "DestinationSecurityGroupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupD154E880",
+ "GroupId"
+ ]
+ },
+ "FromPort": 80,
+ "GroupId": {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ },
+ "IpProtocol": "tcp",
+ "ToPort": 80
+ }
+ },
"ALBFargateServiceWithCommandAndEntryPointLB353EA7CA": {
"Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties": {
@@ -410,6 +449,12 @@
"ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
"GroupId"
]
+ },
+ {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
}
],
"Subnets": [
@@ -450,13 +495,6 @@
"ALBFargateServiceWithCommandAndEntryPointLBSecurityGrouptoawsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F11801B449FAA": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
- "GroupId": {
- "Fn::GetAtt": [
- "ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
- "GroupId"
- ]
- },
- "IpProtocol": "tcp",
"Description": "Load balancer to target",
"DestinationSecurityGroupId": {
"Fn::GetAtt": [
@@ -465,6 +503,13 @@
]
},
"FromPort": 80,
+ "GroupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
+ "GroupId"
+ ]
+ },
+ "IpProtocol": "tcp",
"ToPort": 80
}
},
@@ -526,15 +571,14 @@
"ContainerDefinitions": [
{
"Command": [
- "/usr/sbin/apache2",
- "-D",
- "FOREGROUND"
+ "/bin/sh -c \"echo 'Amazon ECS Sample App
' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""
],
"EntryPoint": [
- "/bin/bash"
+ "sh",
+ "-c"
],
"Essential": true,
- "Image": "amazon/amazon-ecs-sample",
+ "Image": "public.ecr.aws/docker/library/httpd:2.4",
"LogConfiguration": {
"LogDriver": "awslogs",
"Options": {
@@ -708,7 +752,6 @@
"ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupfromawsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointLBSecurityGroup886E70918046DDBFE6": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
- "IpProtocol": "tcp",
"Description": "Load balancer to target",
"FromPort": 80,
"GroupId": {
@@ -717,6 +760,7 @@
"GroupId"
]
},
+ "IpProtocol": "tcp",
"SourceSecurityGroupId": {
"Fn::GetAtt": [
"ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
@@ -728,6 +772,30 @@
"DependsOn": [
"ALBFargateServiceWithCommandAndEntryPointTaskDefTaskRole65CE9392"
]
+ },
+ "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupfromawsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B806B1E1C2D": {
+ "Type": "AWS::EC2::SecurityGroupIngress",
+ "Properties": {
+ "Description": "Load balancer to target",
+ "FromPort": 80,
+ "GroupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupD154E880",
+ "GroupId"
+ ]
+ },
+ "IpProtocol": "tcp",
+ "SourceSecurityGroupId": {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ },
+ "ToPort": 80
+ },
+ "DependsOn": [
+ "ALBFargateServiceWithCommandAndEntryPointTaskDefTaskRole65CE9392"
+ ]
}
},
"Outputs": {
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/cdk.out
index f0b901e7c06e5..1f0068d32659a 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/cdk.out
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/cdk.out
@@ -1 +1 @@
-{"version":"32.0.0"}
\ No newline at end of file
+{"version":"36.0.0"}
\ No newline at end of file
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/integ.json
index 5e4bcf603026b..6cc5d28209e4a 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/integ.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/integ.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"testCases": {
"AlbFargateServiceWithCommandAndEntryPoint/DefaultTest": {
"stacks": [
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/manifest.json
index 487bb373d901d..2af9e7724ebd3 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/manifest.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/manifest.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"artifacts": {
"aws-ecs-integ-lb-fargate-cmd-entrypoint-test.assets": {
"type": "cdk:asset-manifest",
@@ -14,10 +14,11 @@
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test.template.json",
+ "terminationProtection": false,
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/bd5c4694c4fe13248b11699dfcee108b7c5a6835e60b9f68628928a30689fa29.json",
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d5bc6608a501023f394e622f56da7bfa3d009cdcb254814891d1352b1e41bbbe.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
@@ -177,6 +178,18 @@
"data": "TestFargateCluster0BF869F3"
}
],
+ "/aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup/Resource": [
+ {
+ "type": "aws:cdk:logicalId",
+ "data": "SecurityGroupDD263621"
+ }
+ ],
+ "/aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup/to awsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F11:80": [
+ {
+ "type": "aws:cdk:logicalId",
+ "data": "SecurityGrouptoawsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F1180E99BF818"
+ }
+ ],
"/aws-ecs-integ-lb-fargate-cmd-entrypoint-test/ALBFargateServiceWithCommandAndEntryPoint/LB/Resource": [
{
"type": "aws:cdk:logicalId",
@@ -267,6 +280,12 @@
"data": "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupfromawsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointLBSecurityGroup886E70918046DDBFE6"
}
],
+ "/aws-ecs-integ-lb-fargate-cmd-entrypoint-test/ALBFargateServiceWithCommandAndEntryPoint/Service/SecurityGroup/from awsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B:80": [
+ {
+ "type": "aws:cdk:logicalId",
+ "data": "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupfromawsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B806B1E1C2D"
+ }
+ ],
"/aws-ecs-integ-lb-fargate-cmd-entrypoint-test/BootstrapVersion": [
{
"type": "aws:cdk:logicalId",
@@ -295,6 +314,7 @@
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "AlbFargateServiceWithCommandAndEntryPointDefaultTestDeployAssert84DAACDF.template.json",
+ "terminationProtection": false,
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/tree.json
index d1a001dceb12c..8488ff8dbd2af 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/tree.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.js.snapshot/tree.json
@@ -45,9 +45,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -71,7 +68,10 @@
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -93,15 +93,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -134,12 +134,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "routeTableId": {
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
}
}
},
@@ -174,15 +174,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
- },
"allocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet1EIPD7E02669",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+ },
"tags": [
{
"key": "Name",
@@ -212,9 +212,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -238,7 +235,10 @@
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -260,15 +260,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -301,12 +301,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "routeTableId": {
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
}
}
},
@@ -341,15 +341,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
- },
"allocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet2EIP3C605A87",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
+ },
"tags": [
{
"key": "Name",
@@ -379,9 +379,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -405,7 +402,10 @@
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -427,15 +427,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -468,12 +468,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+ },
+ "routeTableId": {
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
}
}
},
@@ -498,9 +498,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -524,7 +521,10 @@
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -546,15 +546,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -587,12 +587,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VpcPublicSubnet2NATGateway9182C01D"
+ },
+ "routeTableId": {
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
}
}
},
@@ -632,11 +632,11 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"internetGatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
}
}
},
@@ -673,6 +673,71 @@
"version": "0.0.0"
}
},
+ "SecurityGroup": {
+ "id": "SecurityGroup",
+ "path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup",
+ "children": {
+ "Resource": {
+ "id": "Resource",
+ "path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup/Resource",
+ "attributes": {
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup",
+ "aws:cdk:cloudformation:props": {
+ "groupDescription": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup",
+ "securityGroupIngress": [
+ {
+ "cidrIp": "0.0.0.0/0",
+ "ipProtocol": "tcp",
+ "fromPort": 80,
+ "toPort": 80,
+ "description": "from 0.0.0.0/0:80"
+ }
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
+ }
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup",
+ "version": "0.0.0"
+ }
+ },
+ "to awsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F11:80": {
+ "id": "to awsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F11:80",
+ "path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/SecurityGroup/to awsecsinteglbfargatecmdentrypointtestALBFargateServiceWithCommandAndEntryPointServiceSecurityGroup6D1E5F11:80",
+ "attributes": {
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress",
+ "aws:cdk:cloudformation:props": {
+ "description": "Load balancer to target",
+ "destinationSecurityGroupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupD154E880",
+ "GroupId"
+ ]
+ },
+ "fromPort": 80,
+ "groupId": {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ },
+ "ipProtocol": "tcp",
+ "toPort": 80
+ }
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupEgress",
+ "version": "0.0.0"
+ }
+ }
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup",
+ "version": "0.0.0"
+ }
+ },
"ALBFargateServiceWithCommandAndEntryPoint": {
"id": "ALBFargateServiceWithCommandAndEntryPoint",
"path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/ALBFargateServiceWithCommandAndEntryPoint",
@@ -700,6 +765,12 @@
"ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
"GroupId"
]
+ },
+ {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
}
],
"subnets": [
@@ -754,13 +825,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupEgress",
"aws:cdk:cloudformation:props": {
- "groupId": {
- "Fn::GetAtt": [
- "ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
- "GroupId"
- ]
- },
- "ipProtocol": "tcp",
"description": "Load balancer to target",
"destinationSecurityGroupId": {
"Fn::GetAtt": [
@@ -769,6 +833,13 @@
]
},
"fromPort": 80,
+ "groupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
+ "GroupId"
+ ]
+ },
+ "ipProtocol": "tcp",
"toPort": 80
}
},
@@ -932,15 +1003,14 @@
"containerDefinitions": [
{
"command": [
- "/usr/sbin/apache2",
- "-D",
- "FOREGROUND"
+ "/bin/sh -c \"echo 'Amazon ECS Sample App
' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""
],
"entryPoint": [
- "/bin/bash"
+ "sh",
+ "-c"
],
"essential": true,
- "image": "amazon/amazon-ecs-sample",
+ "image": "public.ecr.aws/docker/library/httpd:2.4",
"name": "web",
"portMappings": [
{
@@ -1215,7 +1285,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress",
"aws:cdk:cloudformation:props": {
- "ipProtocol": "tcp",
"description": "Load balancer to target",
"fromPort": 80,
"groupId": {
@@ -1224,6 +1293,7 @@
"GroupId"
]
},
+ "ipProtocol": "tcp",
"sourceSecurityGroupId": {
"Fn::GetAtt": [
"ALBFargateServiceWithCommandAndEntryPointLBSecurityGroupD7099797",
@@ -1237,6 +1307,35 @@
"fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress",
"version": "0.0.0"
}
+ },
+ "from awsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B:80": {
+ "id": "from awsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B:80",
+ "path": "aws-ecs-integ-lb-fargate-cmd-entrypoint-test/ALBFargateServiceWithCommandAndEntryPoint/Service/SecurityGroup/from awsecsinteglbfargatecmdentrypointtestSecurityGroupECF7922B:80",
+ "attributes": {
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroupIngress",
+ "aws:cdk:cloudformation:props": {
+ "description": "Load balancer to target",
+ "fromPort": 80,
+ "groupId": {
+ "Fn::GetAtt": [
+ "ALBFargateServiceWithCommandAndEntryPointServiceSecurityGroupD154E880",
+ "GroupId"
+ ]
+ },
+ "ipProtocol": "tcp",
+ "sourceSecurityGroupId": {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ },
+ "toPort": 80
+ }
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroupIngress",
+ "version": "0.0.0"
+ }
}
},
"constructInfo": {
@@ -1291,7 +1390,7 @@
"path": "AlbFargateServiceWithCommandAndEntryPoint/DefaultTest/Default",
"constructInfo": {
"fqn": "constructs.Construct",
- "version": "10.2.55"
+ "version": "10.3.0"
}
},
"DeployAssert": {
@@ -1337,7 +1436,7 @@
"path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
- "version": "10.2.55"
+ "version": "10.3.0"
}
}
},
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.ts
index 32e2c2ebf7cbe..72eba5604fb9f 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.ts
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.alb-fargate-service-command-entry-point.ts
@@ -13,9 +13,14 @@ const stack = new cdk.Stack(
// Create VPC and cluster
const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false });
const cluster = new ecs.Cluster(stack, 'TestFargateCluster', { vpc });
+const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', {
+ vpc,
+ allowAllOutbound: false,
+});
+securityGroup.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(80));
// Create ALB service with Command and EntryPoint
-new ecsPatterns.ApplicationLoadBalancedFargateService(
+const applicationLoadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(
stack,
'ALBFargateServiceWithCommandAndEntryPoint',
{
@@ -23,12 +28,13 @@ new ecsPatterns.ApplicationLoadBalancedFargateService(
memoryLimitMiB: 512,
cpu: 256,
taskImageOptions: {
- image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
- command: ['/usr/sbin/apache2', '-D', 'FOREGROUND'],
- entryPoint: ['/bin/bash'],
+ image: ecs.ContainerImage.fromRegistry('public.ecr.aws/docker/library/httpd:2.4'),
+ command: ['/bin/sh -c \"echo \'Amazon ECS Sample App
\' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"'],
+ entryPoint: ['sh', '-c'],
},
},
);
+applicationLoadBalancedFargateService.loadBalancer.connections.addSecurityGroup(securityGroup);
new integ.IntegTest(app, 'AlbFargateServiceWithCommandAndEntryPoint', {
testCases: [stack],
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.assets.json
index 73554612de597..7e55a126fcd09 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.assets.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.assets.json
@@ -1,7 +1,7 @@
{
- "version": "20.0.0",
+ "version": "36.0.0",
"files": {
- "dca8c6f29f9cb97c3091fd8ea69f720a8c9ff8f0fe20301e64be7b4db1fd7ca2": {
+ "48343d2f7c978d432f304a99e23ee0dff7134e50337ead0cebee5112e9b31f16": {
"source": {
"path": "aws-cdk-ec2-vpc-endpoint-service.template.json",
"packaging": "file"
@@ -9,7 +9,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "dca8c6f29f9cb97c3091fd8ea69f720a8c9ff8f0fe20301e64be7b4db1fd7ca2.json",
+ "objectKey": "48343d2f7c978d432f304a99e23ee0dff7134e50337ead0cebee5112e9b31f16.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.template.json
index b6a82772e1960..a584e76c17d36 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.template.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/aws-cdk-ec2-vpc-endpoint-service.template.json
@@ -18,9 +18,6 @@
"VPCPublicSubnet1SubnetB4246D30": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -44,21 +41,24 @@
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPublicSubnet1RouteTableFEE4B781": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPublicSubnet1RouteTableAssociation0B0896DC": {
@@ -75,12 +75,12 @@
"VPCPublicSubnet1DefaultRoute91CEF279": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VPCPublicSubnet1RouteTableFEE4B781"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "RouteTableId": {
+ "Ref": "VPCPublicSubnet1RouteTableFEE4B781"
}
},
"DependsOn": [
@@ -102,15 +102,15 @@
"VPCPublicSubnet1NATGatewayE0556630": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VPCPublicSubnet1SubnetB4246D30"
- },
"AllocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet1EIP6AD938E8",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VPCPublicSubnet1SubnetB4246D30"
+ },
"Tags": [
{
"Key": "Name",
@@ -126,9 +126,6 @@
"VPCPublicSubnet2Subnet74179F39": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -152,21 +149,24 @@
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPublicSubnet2RouteTable6F1A15F1": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPublicSubnet2RouteTableAssociation5A808732": {
@@ -183,12 +183,12 @@
"VPCPublicSubnet2DefaultRouteB7481BBA": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "RouteTableId": {
+ "Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
}
},
"DependsOn": [
@@ -210,15 +210,15 @@
"VPCPublicSubnet2NATGateway3C070193": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VPCPublicSubnet2Subnet74179F39"
- },
"AllocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet2EIP4947BC00",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VPCPublicSubnet2Subnet74179F39"
+ },
"Tags": [
{
"Key": "Name",
@@ -234,9 +234,6 @@
"VPCPrivateSubnet1Subnet8BCA10E0": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -260,21 +257,24 @@
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPrivateSubnet1RouteTableBE8A6027": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPrivateSubnet1RouteTableAssociation347902D1": {
@@ -291,21 +291,18 @@
"VPCPrivateSubnet1DefaultRouteAE1D6490": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VPCPublicSubnet1NATGatewayE0556630"
+ },
+ "RouteTableId": {
+ "Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
}
}
},
"VPCPrivateSubnet2SubnetCFCDAA7A": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -329,21 +326,24 @@
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPrivateSubnet2RouteTable0A19E10E": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"VPCPrivateSubnet2RouteTableAssociation0C73D413": {
@@ -360,12 +360,12 @@
"VPCPrivateSubnet2DefaultRouteF4F5CFD2": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VPCPublicSubnet2NATGateway3C070193"
+ },
+ "RouteTableId": {
+ "Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
}
}
},
@@ -383,11 +383,11 @@
"VPCVPCGW99B986DC": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
- "VpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"InternetGatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "VpcId": {
+ "Ref": "VPCB9E5F0B4"
}
}
},
@@ -458,12 +458,13 @@
"MyVpcEndpointServiceWithPrincipalsPermissions29F9BD5A": {
"Type": "AWS::EC2::VPCEndpointServicePermissions",
"Properties": {
+ "AllowedPrincipals": [
+ "arn:aws:iam::123456789012:root",
+ "ec2.amazonaws.com"
+ ],
"ServiceId": {
"Ref": "MyVpcEndpointServiceWithPrincipals41EE2DF2"
- },
- "AllowedPrincipals": [
- "arn:aws:iam::123456789012:root"
- ]
+ }
}
}
},
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/cdk.out
index 588d7b269d34f..1f0068d32659a 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/cdk.out
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/cdk.out
@@ -1 +1 @@
-{"version":"20.0.0"}
\ No newline at end of file
+{"version":"36.0.0"}
\ No newline at end of file
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/integ.json
index 55a8721b7882e..42410539fb4cd 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/integ.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/integ.json
@@ -1,5 +1,5 @@
{
- "version": "20.0.0",
+ "version": "36.0.0",
"testCases": {
"integ.vpc-endpoint-service": {
"stacks": [
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json
index 95360b8ffed6f..75955cc4a642e 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/manifest.json
@@ -1,12 +1,6 @@
{
- "version": "20.0.0",
+ "version": "36.0.0",
"artifacts": {
- "Tree": {
- "type": "cdk:tree",
- "properties": {
- "file": "tree.json"
- }
- },
"aws-cdk-ec2-vpc-endpoint-service.assets": {
"type": "cdk:asset-manifest",
"properties": {
@@ -20,10 +14,11 @@
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "aws-cdk-ec2-vpc-endpoint-service.template.json",
+ "terminationProtection": false,
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/dca8c6f29f9cb97c3091fd8ea69f720a8c9ff8f0fe20301e64be7b4db1fd7ca2.json",
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/48343d2f7c978d432f304a99e23ee0dff7134e50337ead0cebee5112e9b31f16.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
@@ -233,6 +228,12 @@
]
},
"displayName": "aws-cdk-ec2-vpc-endpoint-service"
+ },
+ "Tree": {
+ "type": "cdk:tree",
+ "properties": {
+ "file": "tree.json"
+ }
}
}
}
\ No newline at end of file
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/tree.json
index 9a30c0df0107d..be5e71860f044 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/tree.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.js.snapshot/tree.json
@@ -4,14 +4,6 @@
"id": "App",
"path": "",
"children": {
- "Tree": {
- "id": "Tree",
- "path": "Tree",
- "constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
- }
- },
"aws-cdk-ec2-vpc-endpoint-service": {
"id": "aws-cdk-ec2-vpc-endpoint-service",
"path": "aws-cdk-ec2-vpc-endpoint-service",
@@ -39,7 +31,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnVPC",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPC",
"version": "0.0.0"
}
},
@@ -53,9 +45,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -79,11 +68,14 @@
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
"version": "0.0.0"
}
},
@@ -91,8 +83,8 @@
"id": "Acl",
"path": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet1/Acl",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.Resource",
+ "version": "0.0.0"
}
},
"RouteTable": {
@@ -101,19 +93,19 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"tags": [
{
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRouteTable",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
"version": "0.0.0"
}
},
@@ -132,7 +124,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
"version": "0.0.0"
}
},
@@ -142,17 +134,17 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VPCPublicSubnet1RouteTableFEE4B781"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "routeTableId": {
+ "Ref": "VPCPublicSubnet1RouteTableFEE4B781"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRoute",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRoute",
"version": "0.0.0"
}
},
@@ -172,7 +164,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnEIP",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnEIP",
"version": "0.0.0"
}
},
@@ -182,15 +174,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VPCPublicSubnet1SubnetB4246D30"
- },
"allocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet1EIP6AD938E8",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VPCPublicSubnet1SubnetB4246D30"
+ },
"tags": [
{
"key": "Name",
@@ -200,13 +192,13 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnNatGateway",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.PublicSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet",
"version": "0.0.0"
}
},
@@ -220,9 +212,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -246,11 +235,14 @@
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
"version": "0.0.0"
}
},
@@ -258,8 +250,8 @@
"id": "Acl",
"path": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet2/Acl",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.Resource",
+ "version": "0.0.0"
}
},
"RouteTable": {
@@ -268,19 +260,19 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"tags": [
{
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRouteTable",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
"version": "0.0.0"
}
},
@@ -299,7 +291,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
"version": "0.0.0"
}
},
@@ -309,17 +301,17 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "routeTableId": {
+ "Ref": "VPCPublicSubnet2RouteTable6F1A15F1"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRoute",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRoute",
"version": "0.0.0"
}
},
@@ -339,7 +331,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnEIP",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnEIP",
"version": "0.0.0"
}
},
@@ -349,15 +341,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VPCPublicSubnet2Subnet74179F39"
- },
"allocationId": {
"Fn::GetAtt": [
"VPCPublicSubnet2EIP4947BC00",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VPCPublicSubnet2Subnet74179F39"
+ },
"tags": [
{
"key": "Name",
@@ -367,13 +359,13 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnNatGateway",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.PublicSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet",
"version": "0.0.0"
}
},
@@ -387,9 +379,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -413,11 +402,14 @@
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
"version": "0.0.0"
}
},
@@ -425,8 +417,8 @@
"id": "Acl",
"path": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet1/Acl",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.Resource",
+ "version": "0.0.0"
}
},
"RouteTable": {
@@ -435,19 +427,19 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"tags": [
{
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRouteTable",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
"version": "0.0.0"
}
},
@@ -466,7 +458,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
"version": "0.0.0"
}
},
@@ -476,23 +468,23 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VPCPublicSubnet1NATGatewayE0556630"
+ },
+ "routeTableId": {
+ "Ref": "VPCPrivateSubnet1RouteTableBE8A6027"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRoute",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRoute",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.PrivateSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet",
"version": "0.0.0"
}
},
@@ -506,9 +498,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -532,11 +521,14 @@
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet",
"version": "0.0.0"
}
},
@@ -544,8 +536,8 @@
"id": "Acl",
"path": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet2/Acl",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.Resource",
+ "version": "0.0.0"
}
},
"RouteTable": {
@@ -554,19 +546,19 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"tags": [
{
"key": "Name",
"value": "aws-cdk-ec2-vpc-endpoint-service/VPC/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRouteTable",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable",
"version": "0.0.0"
}
},
@@ -585,7 +577,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnSubnetRouteTableAssociation",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation",
"version": "0.0.0"
}
},
@@ -595,23 +587,23 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VPCPublicSubnet2NATGateway3C070193"
+ },
+ "routeTableId": {
+ "Ref": "VPCPrivateSubnet2RouteTable0A19E10E"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnRoute",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnRoute",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.PrivateSubnet",
+ "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet",
"version": "0.0.0"
}
},
@@ -630,7 +622,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnInternetGateway",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway",
"version": "0.0.0"
}
},
@@ -640,22 +632,22 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "VPCB9E5F0B4"
- },
"internetGatewayId": {
"Ref": "VPCIGWB7E252D3"
+ },
+ "vpcId": {
+ "Ref": "VPCB9E5F0B4"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnVPCGatewayAttachment",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.Vpc",
+ "fqn": "aws-cdk-lib.aws_ec2.Vpc",
"version": "0.0.0"
}
},
@@ -688,13 +680,13 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer",
+ "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer",
+ "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkLoadBalancer",
"version": "0.0.0"
}
},
@@ -717,13 +709,13 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnVPCEndpointService",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpointService",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.VpcEndpointService",
+ "fqn": "aws-cdk-lib.aws_ec2.VpcEndpointService",
"version": "0.0.0"
}
},
@@ -756,13 +748,13 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-elasticloadbalancingv2.CfnLoadBalancer",
+ "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancer",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-elasticloadbalancingv2.NetworkLoadBalancer",
+ "fqn": "aws-cdk-lib.aws_elasticloadbalancingv2.NetworkLoadBalancer",
"version": "0.0.0"
}
},
@@ -785,7 +777,7 @@
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnVPCEndpointService",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpointService",
"version": "0.0.0"
}
},
@@ -795,22 +787,23 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::VPCEndpointServicePermissions",
"aws:cdk:cloudformation:props": {
+ "allowedPrincipals": [
+ "arn:aws:iam::123456789012:root",
+ "ec2.amazonaws.com"
+ ],
"serviceId": {
"Ref": "MyVpcEndpointServiceWithPrincipals41EE2DF2"
- },
- "allowedPrincipals": [
- "arn:aws:iam::123456789012:root"
- ]
+ }
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.CfnVPCEndpointServicePermissions",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnVPCEndpointServicePermissions",
"version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "@aws-cdk/aws-ec2.VpcEndpointService",
+ "fqn": "aws-cdk-lib.aws_ec2.VpcEndpointService",
"version": "0.0.0"
}
},
@@ -818,28 +811,52 @@
"id": "MyVpcEndpointServiceWithNoPrincipalsServiceName",
"path": "aws-cdk-ec2-vpc-endpoint-service/MyVpcEndpointServiceWithNoPrincipalsServiceName",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.CfnOutput",
+ "version": "0.0.0"
}
},
"MyVpcEndpointServiceWithPrincipalsEndpointServiceId": {
"id": "MyVpcEndpointServiceWithPrincipalsEndpointServiceId",
"path": "aws-cdk-ec2-vpc-endpoint-service/MyVpcEndpointServiceWithPrincipalsEndpointServiceId",
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.CfnOutput",
+ "version": "0.0.0"
+ }
+ },
+ "BootstrapVersion": {
+ "id": "BootstrapVersion",
+ "path": "aws-cdk-ec2-vpc-endpoint-service/BootstrapVersion",
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.CfnParameter",
+ "version": "0.0.0"
+ }
+ },
+ "CheckBootstrapVersion": {
+ "id": "CheckBootstrapVersion",
+ "path": "aws-cdk-ec2-vpc-endpoint-service/CheckBootstrapVersion",
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.CfnRule",
+ "version": "0.0.0"
}
}
},
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.Stack",
+ "version": "0.0.0"
+ }
+ },
+ "Tree": {
+ "id": "Tree",
+ "path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
- "version": "10.1.85"
+ "version": "10.3.0"
}
}
},
"constructInfo": {
- "fqn": "constructs.Construct",
- "version": "10.1.85"
+ "fqn": "aws-cdk-lib.App",
+ "version": "0.0.0"
}
}
}
\ No newline at end of file
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.ts
index 77bf310da823c..915acf2680fdf 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.ts
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-elasticloadbalancingv2/test/integ.vpc-endpoint-service.ts
@@ -24,11 +24,12 @@ class VpcEndpointServiceStack extends cdk.Stack {
vpc,
});
const principalArn = new ArnPrincipal('arn:aws:iam::123456789012:root');
+ const servicePrincipal = new ArnPrincipal('ec2.amazonaws.com');
const service2 = new ec2.VpcEndpointService(this, 'MyVpcEndpointServiceWithPrincipals', {
vpcEndpointServiceLoadBalancers: [nlbWithPrincipals],
acceptanceRequired: false,
- allowedPrincipals: [principalArn],
+ allowedPrincipals: [principalArn, servicePrincipal],
});
new cdk.CfnOutput(this, 'MyVpcEndpointServiceWithNoPrincipalsServiceName', {
diff --git a/packages/@aws-cdk/aws-lambda-go-alpha/README.md b/packages/@aws-cdk/aws-lambda-go-alpha/README.md
index 40ffa67b0dfd7..aa812502227b3 100644
--- a/packages/@aws-cdk/aws-lambda-go-alpha/README.md
+++ b/packages/@aws-cdk/aws-lambda-go-alpha/README.md
@@ -29,7 +29,7 @@ Define a `GoFunction`:
```ts
new go.GoFunction(this, 'handler', {
- entry: 'app/cmd/api',
+ entry: 'lambda-app/cmd/api',
});
```
@@ -37,7 +37,7 @@ By default, if `entry` points to a directory, then the construct will assume the
Let's look at an example Go project:
```bash
-lamda-app
+lambda-app
├── cmd
│ └── api
│ └── main.go
@@ -244,7 +244,7 @@ all of your functions if anything changes, then `AssetHashType.SOURCE` will prob
For example, if my app looked like this:
```bash
-lamda-app
+lambda-app
├── cmd
│ └── api
│ └── main.go
@@ -263,7 +263,7 @@ should trigger a new deploy, I could specify `AssetHashType.SOURCE`.
On the other hand, if I had a project that deployed multiple Lambda functions, for example:
```bash
-lamda-app
+lambda-app
├── cmd
│ ├── api
│ │ └── main.go
diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json
index 630dad1fe9969..4939bd5efacbb 100644
--- a/packages/@aws-cdk/cloudformation-diff/package.json
+++ b/packages/@aws-cdk/cloudformation-diff/package.json
@@ -23,8 +23,8 @@
},
"license": "Apache-2.0",
"dependencies": {
- "@aws-cdk/aws-service-spec": "^0.0.54",
- "@aws-cdk/service-spec-types": "^0.0.54",
+ "@aws-cdk/aws-service-spec": "^0.0.56",
+ "@aws-cdk/service-spec-types": "^0.0.56",
"aws-sdk": "2.1576.0",
"chalk": "^4",
"diff": "^5.2.0",
diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json
index 7b34469a007de..73faa034d8012 100644
--- a/packages/@aws-cdk/integ-runner/package.json
+++ b/packages/@aws-cdk/integ-runner/package.json
@@ -74,7 +74,7 @@
"@aws-cdk/cloud-assembly-schema": "0.0.0",
"@aws-cdk/cloudformation-diff": "0.0.0",
"@aws-cdk/cx-api": "0.0.0",
- "@aws-cdk/aws-service-spec": "^0.0.54",
+ "@aws-cdk/aws-service-spec": "^0.0.56",
"cdk-assets": "0.0.0",
"@aws-cdk/cdk-cli-wrapper": "0.0.0",
"aws-cdk": "0.0.0",
diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md
index 50b7bf8d2c72b..24fb39b3605c0 100644
--- a/packages/aws-cdk-lib/aws-ec2/README.md
+++ b/packages/aws-cdk-lib/aws-ec2/README.md
@@ -1052,6 +1052,17 @@ new ec2.VpcEndpointService(this, 'EndpointService', {
});
```
+You can also include a service principal in the `allowedPrincipals` property by specifying it as a parameter to the `ArnPrincipal` constructor.
+The resulting VPC endpoint will have an allowlisted principal of type `Service`, instead of `Arn` for that item in the list.
+```ts
+declare const networkLoadBalancer: elbv2.NetworkLoadBalancer;
+
+new ec2.VpcEndpointService(this, 'EndpointService', {
+ vpcEndpointServiceLoadBalancers: [networkLoadBalancer],
+ allowedPrincipals: [new iam.ArnPrincipal('ec2.amazonaws.com')],
+});
+```
+
Endpoint services support private DNS, which makes it easier for clients to connect to your service by automatically setting up DNS in their VPC.
You can enable private DNS on an endpoint service like so:
diff --git a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts
index 3ba1f09f81dfa..7a9322fc522a6 100644
--- a/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts
+++ b/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts
@@ -92,6 +92,7 @@ export interface IGatewayVpcEndpointService {
export class GatewayVpcEndpointAwsService implements IGatewayVpcEndpointService {
public static readonly DYNAMODB = new GatewayVpcEndpointAwsService('dynamodb');
public static readonly S3 = new GatewayVpcEndpointAwsService('s3');
+ public static readonly S3_EXPRESS = new GatewayVpcEndpointAwsService('s3express');
/**
* The name of the service.
@@ -264,7 +265,10 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly AIRFLOW_ENV = new InterfaceVpcEndpointAwsService('airflow.env');
public static readonly AIRFLOW_OPS = new InterfaceVpcEndpointAwsService('airflow.ops');
public static readonly APIGATEWAY = new InterfaceVpcEndpointAwsService('execute-api');
+ /** @deprecated - Use InterfaceVpcEndpointAwsService.APP_MESH_ENVOY_MANAGEMENT instead. */
public static readonly APP_MESH = new InterfaceVpcEndpointAwsService('appmesh-envoy-management');
+ public static readonly APP_MESH_ENVOY_MANAGEMENT = new InterfaceVpcEndpointAwsService('appmesh-envoy-management');
+ public static readonly APP_MESH_OPS = new InterfaceVpcEndpointAwsService('appmesh');
public static readonly APP_RUNNER = new InterfaceVpcEndpointAwsService('apprunner');
public static readonly APP_RUNNER_REQUESTS = new InterfaceVpcEndpointAwsService('apprunner.requests');
public static readonly APP_SYNC = new InterfaceVpcEndpointAwsService('appsync-api');
@@ -278,17 +282,28 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly AUDIT_MANAGER = new InterfaceVpcEndpointAwsService('auditmanager');
public static readonly AUTOSCALING = new InterfaceVpcEndpointAwsService('autoscaling');
public static readonly AUTOSCALING_PLANS = new InterfaceVpcEndpointAwsService('autoscaling-plans');
+ public static readonly B2B_DATA_INTERCHANGE = new InterfaceVpcEndpointAwsService('b2bi');
public static readonly BACKUP = new InterfaceVpcEndpointAwsService('backup');
public static readonly BACKUP_GATEWAY = new InterfaceVpcEndpointAwsService('backup-gateway');
public static readonly BATCH = new InterfaceVpcEndpointAwsService('batch');
+ public static readonly BEDROCK = new InterfaceVpcEndpointAwsService('bedrock');
+ public static readonly BEDROCK_AGENT = new InterfaceVpcEndpointAwsService('bedrock-agent');
+ public static readonly BEDROCK_AGENT_RUNTIME = new InterfaceVpcEndpointAwsService('bedrock-agent-runtime');
+ public static readonly BEDROCK_RUNTIME = new InterfaceVpcEndpointAwsService('bedrock-runtime');
public static readonly BILLING_CONDUCTOR = new InterfaceVpcEndpointAwsService('billingconductor');
public static readonly BRAKET = new InterfaceVpcEndpointAwsService('braket');
+ public static readonly CLEAN_ROOMS = new InterfaceVpcEndpointAwsService('cleanrooms');
public static readonly CLOUD_CONTROL_API = new InterfaceVpcEndpointAwsService('cloudcontrolapi');
public static readonly CLOUD_CONTROL_API_FIPS = new InterfaceVpcEndpointAwsService('cloudcontrolapi-fips');
public static readonly CLOUD_DIRECTORY = new InterfaceVpcEndpointAwsService('clouddirectory');
+ public static readonly CLOUD_MAP_DATA_SERVICE_DISCOVERY = new InterfaceVpcEndpointAwsService('data-servicediscovery');
+ public static readonly CLOUD_MAP_DATA_SERVICE_DISCOVERY_FIPS = new InterfaceVpcEndpointAwsService('data-servicediscovery-fips');
+ public static readonly CLOUD_MAP_SERVICE_DISCOVERY = new InterfaceVpcEndpointAwsService('servicediscovery');
+ public static readonly CLOUD_MAP_SERVICE_DISCOVERY_FIPS = new InterfaceVpcEndpointAwsService('servicediscovery-fips');
public static readonly CLOUDFORMATION = new InterfaceVpcEndpointAwsService('cloudformation');
public static readonly CLOUDHSM = new InterfaceVpcEndpointAwsService('cloudhsmv2');
public static readonly CLOUDTRAIL = new InterfaceVpcEndpointAwsService('cloudtrail');
+ public static readonly CODEWHISPERER = new InterfaceVpcEndpointAwsService('codewhisperer');
/** @deprecated - Use InterfaceVpcEndpointAwsService.CLOUDWATCH_MONITORING instead. */
public static readonly CLOUDWATCH = new InterfaceVpcEndpointAwsService('monitoring');
/** @deprecated - Use InterfaceVpcEndpointAwsService.EVENTBRIDGE instead. */
@@ -297,6 +312,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly CLOUDWATCH_EVIDENTLY_DATAPLANE = new InterfaceVpcEndpointAwsService('evidently-dataplane');
public static readonly CLOUDWATCH_LOGS = new InterfaceVpcEndpointAwsService('logs');
public static readonly CLOUDWATCH_MONITORING = new InterfaceVpcEndpointAwsService('monitoring');
+ public static readonly CLOUDWATCH_NETWORK_MONITOR = new InterfaceVpcEndpointAwsService('networkmonitor');
public static readonly CLOUDWATCH_RUM = new InterfaceVpcEndpointAwsService('rum');
public static readonly CLOUDWATCH_RUM_DATAPLANE = new InterfaceVpcEndpointAwsService('rum-dataplane');
public static readonly CLOUDWATCH_SYNTHETICS = new InterfaceVpcEndpointAwsService('synthetics');
@@ -304,6 +320,8 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly CODEARTIFACT_REPOSITORIES = new InterfaceVpcEndpointAwsService('codeartifact.repositories');
public static readonly CODEBUILD = new InterfaceVpcEndpointAwsService('codebuild');
public static readonly CODEBUILD_FIPS = new InterfaceVpcEndpointAwsService('codebuild-fips');
+ public static readonly CODECATALYST_GIT = new InterfaceVpcEndpointAwsService('codecatalyst.git');
+ public static readonly CODECATALYST_PACKAGES = new InterfaceVpcEndpointAwsService('codecatalyst.packages');
public static readonly CODECOMMIT = new InterfaceVpcEndpointAwsService('codecommit');
public static readonly CODECOMMIT_FIPS = new InterfaceVpcEndpointAwsService('codecommit-fips');
public static readonly CODEDEPLOY = new InterfaceVpcEndpointAwsService('codedeploy');
@@ -322,10 +340,12 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly CONNECT_VOICEID = new InterfaceVpcEndpointAwsService('voiceid');
public static readonly CONNECT_WISDOM = new InterfaceVpcEndpointAwsService('wisdom');
public static readonly DATA_EXCHANGE = new InterfaceVpcEndpointAwsService('dataexchange');
+ public static readonly DATASYNC = new InterfaceVpcEndpointAwsService('datasync');
+ public static readonly DATAZONE = new InterfaceVpcEndpointAwsService('datazone');
public static readonly DATABASE_MIGRATION_SERVICE = new InterfaceVpcEndpointAwsService('dms');
public static readonly DATABASE_MIGRATION_SERVICE_FIPS = new InterfaceVpcEndpointAwsService('dms-fips');
- public static readonly DATASYNC = new InterfaceVpcEndpointAwsService('datasync');
public static readonly DEVOPS_GURU = new InterfaceVpcEndpointAwsService('devops-guru');
+ public static readonly DIRECTORY_SERVICE = new InterfaceVpcEndpointAwsService('ds');
public static readonly EBS_DIRECT = new InterfaceVpcEndpointAwsService('ebs');
public static readonly EC2 = new InterfaceVpcEndpointAwsService('ec2');
public static readonly EC2_MESSAGES = new InterfaceVpcEndpointAwsService('ec2messages');
@@ -335,6 +355,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly ECS_AGENT = new InterfaceVpcEndpointAwsService('ecs-agent');
public static readonly ECS_TELEMETRY = new InterfaceVpcEndpointAwsService('ecs-telemetry');
public static readonly EKS = new InterfaceVpcEndpointAwsService('eks');
+ public static readonly EKS_AUTH = new InterfaceVpcEndpointAwsService('eks-auth');
public static readonly ELASTIC_BEANSTALK = new InterfaceVpcEndpointAwsService('elasticbeanstalk');
public static readonly ELASTIC_BEANSTALK_HEALTH = new InterfaceVpcEndpointAwsService('elasticbeanstalk-health');
public static readonly ELASTIC_DISASTER_RECOVERY = new InterfaceVpcEndpointAwsService('drs');
@@ -344,10 +365,13 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly ELASTIC_LOAD_BALANCING = new InterfaceVpcEndpointAwsService('elasticloadbalancing');
public static readonly ELASTICACHE = new InterfaceVpcEndpointAwsService('elasticache');
public static readonly ELASTICACHE_FIPS = new InterfaceVpcEndpointAwsService('elasticache-fips');
+ public static readonly ELEMENTAL_MEDIACONNECT = new InterfaceVpcEndpointAwsService('mediaconnect');
public static readonly EMAIL_SMTP = new InterfaceVpcEndpointAwsService('email-smtp');
public static readonly EMR = new InterfaceVpcEndpointAwsService('elasticmapreduce');
public static readonly EMR_EKS = new InterfaceVpcEndpointAwsService('emr-containers');
public static readonly EMR_SERVERLESS = new InterfaceVpcEndpointAwsService('emr-serverless');
+ public static readonly EMR_WAL = new InterfaceVpcEndpointAwsService('emrwal.prod');
+ public static readonly ENTITY_RESOLUTION = new InterfaceVpcEndpointAwsService('entityresolution');
public static readonly EVENTBRIDGE = new InterfaceVpcEndpointAwsService('events');
public static readonly FAULT_INJECTION_SIMULATOR = new InterfaceVpcEndpointAwsService('fis');
public static readonly FINSPACE = new InterfaceVpcEndpointAwsService('finspace');
@@ -366,14 +390,22 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly GRAFANA = new InterfaceVpcEndpointAwsService('grafana');
public static readonly GRAFANA_WORKSPACE = new InterfaceVpcEndpointAwsService('grafana-workspace');
public static readonly GROUNDSTATION = new InterfaceVpcEndpointAwsService('groundstation');
+ public static readonly GUARDDUTY_DATA = new InterfaceVpcEndpointAwsService('guardduty-data');
+ public static readonly GUARDDUTY_DATA_FIPS = new InterfaceVpcEndpointAwsService('guardduty-data-fips');
+ public static readonly HEALTH_IMAGING = new InterfaceVpcEndpointAwsService('medical-imaging');
+ public static readonly HEALTH_IMAGING_RUNTIME = new InterfaceVpcEndpointAwsService('runtime-medical-imaging');
public static readonly HEALTHLAKE = new InterfaceVpcEndpointAwsService('healthlake');
public static readonly IAM_IDENTITY_CENTER = new InterfaceVpcEndpointAwsService('identitystore');
public static readonly IAM_ROLES_ANYWHERE = new InterfaceVpcEndpointAwsService('rolesanywhere');
public static readonly IMAGE_BUILDER = new InterfaceVpcEndpointAwsService('imagebuilder');
public static readonly INSPECTOR = new InterfaceVpcEndpointAwsService('inspector2');
+ public static readonly INSPECTOR_SCAN = new InterfaceVpcEndpointAwsService('inspector-scan');
public static readonly IOT_CORE = new InterfaceVpcEndpointAwsService('iot.data');
+ public static readonly IOT_CORE_CREDENTIALS = new InterfaceVpcEndpointAwsService('iot.credentials');
public static readonly IOT_CORE_DEVICE_ADVISOR = new InterfaceVpcEndpointAwsService('deviceadvisor.iot');
+ public static readonly IOT_CORE_FLEETHUB_API = new InterfaceVpcEndpointAwsService('iot.fleethub.api');
public static readonly IOT_CORE_FOR_LORAWAN = new InterfaceVpcEndpointAwsService('iotwireless.api');
+ public static readonly IOT_FLEETWISE = new InterfaceVpcEndpointAwsService('iotfleetwise');
public static readonly IOT_LORAWAN_CUPS = new InterfaceVpcEndpointAwsService('lorawan.cups');
public static readonly IOT_LORAWAN_LNS = new InterfaceVpcEndpointAwsService('lorawan.lns');
public static readonly IOT_GREENGRASS = new InterfaceVpcEndpointAwsService('greengrass');
@@ -396,44 +428,66 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly LEX_RUNTIME = new InterfaceVpcEndpointAwsService('runtime-v2-lex');
public static readonly LICENSE_MANAGER = new InterfaceVpcEndpointAwsService('license-manager');
public static readonly LICENSE_MANAGER_FIPS = new InterfaceVpcEndpointAwsService('license-manager-fips');
+ public static readonly LICENSE_MANAGER_USER_SUBSCRIPTIONS = new InterfaceVpcEndpointAwsService('license-manager-user-subscriptions');
public static readonly LOOKOUT_EQUIPMENT = new InterfaceVpcEndpointAwsService('lookoutequipment');
public static readonly LOOKOUT_METRICS = new InterfaceVpcEndpointAwsService('lookoutmetrics');
public static readonly LOOKOUT_VISION = new InterfaceVpcEndpointAwsService('lookoutvision');
- public static readonly MACIE = new InterfaceVpcEndpointAwsService('macie2');
public static readonly MAINFRAME_MODERNIZATION = new InterfaceVpcEndpointAwsService('m2');
- public static readonly PROMETHEUS = new InterfaceVpcEndpointAwsService('aps');
- public static readonly PROMETHEUS_WORKSPACES = new InterfaceVpcEndpointAwsService('aps-workspaces');
+ public static readonly MACIE = new InterfaceVpcEndpointAwsService('macie2');
+ public static readonly MANAGEMENT_CONSOLE = new InterfaceVpcEndpointAwsService('console');
+ public static readonly MANAGEMENT_CONSOLE_SIGNIN = new InterfaceVpcEndpointAwsService('signin');
+ public static readonly MANAGED_BLOCKCHAIN_QUERY = new InterfaceVpcEndpointAwsService('managedblockchain-query');
+ public static readonly MANAGED_BLOCKCHAIN_BITCOIN_MAINNET = new InterfaceVpcEndpointAwsService('managedblockchain.bitcoin.mainnet');
+ public static readonly MANAGED_BLOCKCHAIN_BITCOIN_TESTNET = new InterfaceVpcEndpointAwsService('managedblockchain.bitcoin.testnet');
public static readonly MEMORY_DB = new InterfaceVpcEndpointAwsService('memory-db');
public static readonly MEMORY_DB_FIPS = new InterfaceVpcEndpointAwsService('memorydb-fips');
public static readonly MIGRATIONHUB_ORCHESTRATOR = new InterfaceVpcEndpointAwsService('migrationhub-orchestrator');
public static readonly MIGRATIONHUB_REFACTOR_SPACES = new InterfaceVpcEndpointAwsService('refactor-spaces');
public static readonly MIGRATIONHUB_STRATEGY = new InterfaceVpcEndpointAwsService('migrationhub-strategy');
+ public static readonly NEPTUNE_ANALYTICS = new InterfaceVpcEndpointAwsService('neptune-graph');
public static readonly NIMBLE_STUDIO = new InterfaceVpcEndpointAwsService('nimble');
+ public static readonly ORGANIZATIONS = new InterfaceVpcEndpointAwsService('organizations');
+ public static readonly ORGANIZATIONS_FIPS = new InterfaceVpcEndpointAwsService('organizations-fips');
public static readonly OMICS_ANALYTICS = new InterfaceVpcEndpointAwsService('analytics-omics');
public static readonly OMICS_CONTROL_STORAGE = new InterfaceVpcEndpointAwsService('control-storage-omics');
public static readonly OMICS_STORAGE = new InterfaceVpcEndpointAwsService('storage-omics');
public static readonly OMICS_TAGS = new InterfaceVpcEndpointAwsService('tags-omics');
public static readonly OMICS_WORKFLOWS = new InterfaceVpcEndpointAwsService('workflows-omics');
public static readonly PANORAMA = new InterfaceVpcEndpointAwsService('panorama');
+ public static readonly PAYMENT_CRYPTOGRAPHY_CONTROLPLANE = new InterfaceVpcEndpointAwsService('payment-cryptography.controlplane');
+ public static readonly PAYMENT_CRYTOGRAPHY_DATAPLANE = new InterfaceVpcEndpointAwsService('payment-cryptography.dataplane');
+ public static readonly PERSONALIZE = new InterfaceVpcEndpointAwsService('personalize');
+ public static readonly PERSONALIZE_EVENTS = new InterfaceVpcEndpointAwsService('personalize-events');
+ public static readonly PERSONALIZE_RUNTIME = new InterfaceVpcEndpointAwsService('personalize-runtime');
+ public static readonly PINPOINT_V1 = new InterfaceVpcEndpointAwsService('pinpoint');
+ /** @deprecated - Use InterfaceVpcEndpointAwsService.PINPOINT_SMS_VOICE_V2 instead. */
public static readonly PINPOINT = new InterfaceVpcEndpointAwsService('pinpoint-sms-voice-v2');
+ public static readonly PINPOINT_SMS_VOICE_V2 = new InterfaceVpcEndpointAwsService('pinpoint-sms-voice-v2');
public static readonly POLLY = new InterfaceVpcEndpointAwsService('polly');
public static readonly PRIVATE_5G = new InterfaceVpcEndpointAwsService('private-networks');
public static readonly PRIVATE_CERTIFICATE_AUTHORITY = new InterfaceVpcEndpointAwsService('acm-pca');
+ public static readonly PRIVATE_CERTIFICATE_AUTHORITY_CONNECTOR_AD = new InterfaceVpcEndpointAwsService('pca-connector-ad');
+ public static readonly PROMETHEUS = new InterfaceVpcEndpointAwsService('aps');
+ public static readonly PROMETHEUS_WORKSPACES = new InterfaceVpcEndpointAwsService('aps-workspaces');
public static readonly PROTON = new InterfaceVpcEndpointAwsService('proton');
public static readonly QLDB = new InterfaceVpcEndpointAwsService('qldb.session');
public static readonly RDS = new InterfaceVpcEndpointAwsService('rds');
public static readonly RDS_DATA = new InterfaceVpcEndpointAwsService('rds-data');
- public static readonly ROBOMAKER = new InterfaceVpcEndpointAwsService('robomaker');
public static readonly REDSHIFT = new InterfaceVpcEndpointAwsService('redshift');
public static readonly REDSHIFT_FIPS = new InterfaceVpcEndpointAwsService('redshift-fips');
public static readonly REDSHIFT_DATA = new InterfaceVpcEndpointAwsService('redshift-data');
public static readonly REKOGNITION = new InterfaceVpcEndpointAwsService('rekognition');
public static readonly REKOGNITION_FIPS = new InterfaceVpcEndpointAwsService('rekognition-fips');
+ public static readonly REKOGNITION_STREAMING = new InterfaceVpcEndpointAwsService('streaming-rekognition');
+ public static readonly REKOGNITION_STREAMING_FIPS = new InterfaceVpcEndpointAwsService('streaming-rekognition-fips');
+ public static readonly REPOST_SPACE = new InterfaceVpcEndpointAwsService('repostspace');
+ public static readonly ROBOMAKER = new InterfaceVpcEndpointAwsService('robomaker');
public static readonly S3 = new InterfaceVpcEndpointAwsService('s3');
- public static readonly S3_MULTI_REGION_ACCESS_POINTS = new InterfaceVpcEndpointAwsService('s3-global.accesspoint', 'com.amazonaws');
public static readonly S3_OUTPOSTS = new InterfaceVpcEndpointAwsService('s3-outposts');
+ public static readonly S3_MULTI_REGION_ACCESS_POINTS = new InterfaceVpcEndpointAwsService('s3-global.accesspoint', 'com.amazonaws');
public static readonly SAGEMAKER_API = new InterfaceVpcEndpointAwsService('sagemaker.api');
public static readonly SAGEMAKER_FEATURESTORE_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.featurestore-runtime');
+ public static readonly SAGEMAKER_GEOSPATIAL = new InterfaceVpcEndpointAwsService('sagemaker-geospatial');
public static readonly SAGEMAKER_METRICS = new InterfaceVpcEndpointAwsService('sagemaker.metrics');
public static readonly SAGEMAKER_NOTEBOOK = new InterfaceVpcEndpointAwsService('notebook', 'aws.sagemaker');
public static readonly SAGEMAKER_RUNTIME = new InterfaceVpcEndpointAwsService('sagemaker.runtime');
@@ -448,6 +502,7 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly SERVER_MIGRATION_SERVICE_AWSCONNECTOR = new InterfaceVpcEndpointAwsService('awsconnector');
/** @deprecated - Use InterfaceVpcEndpointAwsService.EMAIL_SMTP instead. */
public static readonly SES = new InterfaceVpcEndpointAwsService('email-smtp');
+ public static readonly SIMSPACE_WEAVER = new InterfaceVpcEndpointAwsService('simspaceweaver');
public static readonly SNOW_DEVICE_MANAGEMENT = new InterfaceVpcEndpointAwsService('snow-device-management');
public static readonly SNS = new InterfaceVpcEndpointAwsService('sns');
public static readonly SQS = new InterfaceVpcEndpointAwsService('sqs');
@@ -459,16 +514,24 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
public static readonly STEP_FUNCTIONS_SYNC = new InterfaceVpcEndpointAwsService('sync-states');
public static readonly STORAGE_GATEWAY = new InterfaceVpcEndpointAwsService('storagegateway');
public static readonly STS = new InterfaceVpcEndpointAwsService('sts');
+ public static readonly SUPPLY_CHAIN = new InterfaceVpcEndpointAwsService('scn');
+ public static readonly SWF = new InterfaceVpcEndpointAwsService('swf');
+ public static readonly SWF_FIPS = new InterfaceVpcEndpointAwsService('swf-fips');
+ public static readonly TELCO_NETWORK_BUILDER = new InterfaceVpcEndpointAwsService('tnb');
public static readonly TEXTRACT = new InterfaceVpcEndpointAwsService('textract');
public static readonly TEXTRACT_FIPS = new InterfaceVpcEndpointAwsService('textract-fips');
+ public static readonly TIMESTREAM_INFLUXDB = new InterfaceVpcEndpointAwsService('timestream-influxdb');
public static readonly TRANSCRIBE = new InterfaceVpcEndpointAwsService('transcribe');
public static readonly TRANSCRIBE_STREAMING = new InterfaceVpcEndpointAwsService('transcribestreaming');
public static readonly TRANSFER = new InterfaceVpcEndpointAwsService('transfer');
public static readonly TRANSFER_SERVER = new InterfaceVpcEndpointAwsService('transfer.server');
public static readonly TRANSLATE = new InterfaceVpcEndpointAwsService('translate');
+ public static readonly TRUSTED_ADVISOR = new InterfaceVpcEndpointAwsService('trustedadvisor');
public static readonly WORKSPACES = new InterfaceVpcEndpointAwsService('workspaces');
+ public static readonly WORKSPACES_THIN_CLIENT = new InterfaceVpcEndpointAwsService('thinclient.api');
public static readonly XRAY = new InterfaceVpcEndpointAwsService('xray');
public static readonly VERIFIED_PERMISSIONS = new InterfaceVpcEndpointAwsService('verifiedpermissions');
+ public static readonly VPC_LATTICE = new InterfaceVpcEndpointAwsService('vpc-lattice');
/**
* The name of the service. e.g. com.amazonaws.us-east-1.ecs
diff --git a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts
index 66f67f3ee8ba2..5ffc11c5025e2 100644
--- a/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts
+++ b/packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint-service.test.ts
@@ -75,6 +75,33 @@ describe('vpc endpoint service', () => {
});
+ test('create endpoint service with a service principal (workaround)', () => {
+ // GIVEN
+ const stack = new Stack();
+
+ // WHEN
+ const lb = new DummyEndpointLoadBalacer('arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/Test/9bn6qkf4e9jrw77a');
+ new VpcEndpointService(stack, 'EndpointService', {
+ vpcEndpointServiceLoadBalancers: [lb],
+ acceptanceRequired: false,
+ allowedPrincipals: [new ArnPrincipal('ec2.amazonaws.com')],
+ });
+
+ // THEN
+ Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpointService', {
+ NetworkLoadBalancerArns: ['arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/Test/9bn6qkf4e9jrw77a'],
+ AcceptanceRequired: false,
+ });
+
+ Template.fromStack(stack).hasResourceProperties('AWS::EC2::VPCEndpointServicePermissions', {
+ ServiceId: {
+ Ref: 'EndpointServiceED36BE1F',
+ },
+ AllowedPrincipals: ['ec2.amazonaws.com'],
+ });
+
+ });
+
test('with acceptance required', () => {
// GIVEN
const stack = new Stack();
diff --git a/packages/aws-cdk-lib/awslint.json b/packages/aws-cdk-lib/awslint.json
index 91782293bdb5f..3e0a4fe6f0cb7 100644
--- a/packages/aws-cdk-lib/awslint.json
+++ b/packages/aws-cdk-lib/awslint.json
@@ -306,6 +306,7 @@
"docs-public-apis:aws-cdk-lib.aws_ec2.GatewayVpcEndpoint.fromGatewayVpcEndpointId",
"docs-public-apis:aws-cdk-lib.aws_ec2.GatewayVpcEndpointAwsService.DYNAMODB",
"docs-public-apis:aws-cdk-lib.aws_ec2.GatewayVpcEndpointAwsService.S3",
+ "docs-public-apis:aws-cdk-lib.aws_ec2.GatewayVpcEndpointAwsService.S3_EXPRESS",
"docs-public-apis:aws-cdk-lib.aws_ec2.InstanceType.sameInstanceClassAs",
"docs-public-apis:aws-cdk-lib.aws_ec2.InterfaceVpcEndpointAwsService.*",
"docs-public-apis:aws-cdk-lib.aws_ec2.LogFormat.value",
diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json
index 131af161d4ac4..7cfc0ed0cd198 100644
--- a/packages/aws-cdk-lib/package.json
+++ b/packages/aws-cdk-lib/package.json
@@ -135,7 +135,7 @@
"mime-types": "^2.1.35"
},
"devDependencies": {
- "@aws-cdk/aws-service-spec": "^0.0.54",
+ "@aws-cdk/aws-service-spec": "^0.0.56",
"@aws-cdk/cdk-build-tools": "0.0.0",
"@aws-cdk/custom-resource-handlers": "0.0.0",
"@aws-cdk/pkglint": "0.0.0",
diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json
index 9451aa46c1de9..ed2fb316c78ca 100644
--- a/tools/@aws-cdk/spec2cdk/package.json
+++ b/tools/@aws-cdk/spec2cdk/package.json
@@ -32,9 +32,9 @@
},
"license": "Apache-2.0",
"dependencies": {
- "@aws-cdk/aws-service-spec": "^0.0.54",
- "@aws-cdk/service-spec-importers": "^0.0.25",
- "@aws-cdk/service-spec-types": "^0.0.54",
+ "@aws-cdk/aws-service-spec": "^0.0.56",
+ "@aws-cdk/service-spec-importers": "^0.0.26",
+ "@aws-cdk/service-spec-types": "^0.0.56",
"@cdklabs/tskb": "^0.0.3",
"@cdklabs/typewriter": "^0.0.3",
"camelcase": "^6",
diff --git a/yarn.lock b/yarn.lock
index e8090c904b481..dc07b4ce70fca 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -56,12 +56,12 @@
resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac"
integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg==
-"@aws-cdk/aws-service-spec@^0.0.54":
- version "0.0.54"
- resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.54.tgz#8dfa55eeb9e968cefee0f5decb807efd0cd3e862"
- integrity sha512-Hg0YVQBVk1yRWs7273bvjIk0iYlxlSDp3BbOUeYjx6Rd/cH8Ifkqgl8fFBOW9qF0+qbXboakpOKfSsNJ8QinvQ==
+"@aws-cdk/aws-service-spec@^0.0.56":
+ version "0.0.56"
+ resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.56.tgz#6b559681f2cb1a6fef053ce95befb0c9816368d6"
+ integrity sha512-fn243Q7nlDJ/H3Iu986ZSRsHVj3kpL/fzRNlajYPIN4HrxBd0FnSlTHm5JiTuOJpNHpaH6dMIRg/y1xZS/izAA==
dependencies:
- "@aws-cdk/service-spec-types" "^0.0.54"
+ "@aws-cdk/service-spec-types" "^0.0.56"
"@cdklabs/tskb" "^0.0.3"
"@aws-cdk/lambda-layer-kubectl-v24@^2.0.242":
@@ -69,12 +69,12 @@
resolved "https://registry.npmjs.org/@aws-cdk/lambda-layer-kubectl-v24/-/lambda-layer-kubectl-v24-2.0.242.tgz#4273a5ad7714f933a7eba155eb9280823086db71"
integrity sha512-7/wIOo685tmrEe4hh6zqDELhBZh5OQGf3Hd2FU2Vnwy2ZubW8qTmEw5gqJCsCrGKeYDoa1BcVhDRZ/nzjkaqyA==
-"@aws-cdk/service-spec-importers@^0.0.25":
- version "0.0.25"
- resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.25.tgz#4b8266753d133e83b9a4ac267f4996294583bdf5"
- integrity sha512-PRiZ9CtiiLO3wXwIhk5jc5r2Sa4dLvhDpvLodjQ5n4RN0I6xxF9GGAs0d81Tj9gFMJE43x3loE+qV51v1vUGhQ==
+"@aws-cdk/service-spec-importers@^0.0.26":
+ version "0.0.26"
+ resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.26.tgz#1d986384b7201af28dfb6b6346b0344f617f5403"
+ integrity sha512-iTBedoJpAa+zON579CGECiKBLUj2BRXwv6o1efBC6fsfwTydZo2OYg3sRhE6dHnBajOQyTUzLoSY1F5ZR4MUsQ==
dependencies:
- "@aws-cdk/service-spec-types" "^0.0.54"
+ "@aws-cdk/service-spec-types" "^0.0.55"
"@cdklabs/tskb" "^0.0.3"
ajv "^6"
canonicalize "^2.0.0"
@@ -85,10 +85,17 @@
glob "^8"
sort-json "^2.0.1"
-"@aws-cdk/service-spec-types@^0.0.54":
- version "0.0.54"
- resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.54.tgz#f83f45c93b32a5a3cb8a5af277790fe5fb34bdd5"
- integrity sha512-q9+3rxvd2uT4bh34CGX9akfvDO6CdxxWoU0aWzkDgZ095txVdrMC5ZX8eJz5ZkK+IuIsgpK27i/mAbZCXz3ZZg==
+"@aws-cdk/service-spec-types@^0.0.55":
+ version "0.0.55"
+ resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.55.tgz#5327b3850b6b9769f197c345f96dfb01fd49830d"
+ integrity sha512-VoAojxUaV8XE3ArOuOxVoJhZPFNWD08+OCE2DShR+f7syvmvKpdsB7YqKirH2m511SI0TLhUnQCOBxDxyu0Pbg==
+ dependencies:
+ "@cdklabs/tskb" "^0.0.3"
+
+"@aws-cdk/service-spec-types@^0.0.56":
+ version "0.0.56"
+ resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.56.tgz#962ff1144018c31ad8f788b000de17e9ded8a943"
+ integrity sha512-ggMwHnDy4KJSks1nKrMKoxipDj2xVBDk055KE5Ipl09Sxzmd6JU9Bopju7drJKKW1EOn/DJLTUbpyFrh1UqPlA==
dependencies:
"@cdklabs/tskb" "^0.0.3"