diff --git a/.github/workflows/request-cli-integ-test.yml b/.github/workflows/request-cli-integ-test.yml index fcac8f5814c46..a75209adcfb84 100644 --- a/.github/workflows/request-cli-integ-test.yml +++ b/.github/workflows/request-cli-integ-test.yml @@ -19,7 +19,7 @@ jobs: persist-credentials: false - name: Find changed cli files id: changed-cli-files - uses: tj-actions/changed-files@cc733854b1f224978ef800d29e4709d5ee2883e4 + uses: tj-actions/changed-files@6b2903bdce6310cfbddd87c418f253cf29b2dec9 with: base_sha: ${{ github.event.pull_request.base.sha }} files_yaml: | diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index f0d0f68233769..c3b28c2d15a6c 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.150.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.149.0-alpha.0...v2.150.0-alpha.0) (2024-07-22) + ## [2.149.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.148.1-alpha.0...v2.149.0-alpha.0) (2024-07-12) ## [2.148.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.148.0-alpha.0...v2.148.1-alpha.0) (2024-07-11) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index c2bb0994ac96c..88d57a683671c 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,23 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.150.0](https://github.com/aws/aws-cdk/compare/v2.149.0...v2.150.0) (2024-07-22) + + +### Features + +* update L1 CloudFormation resource definitions ([#30921](https://github.com/aws/aws-cdk/issues/30921)) ([153a698](https://github.com/aws/aws-cdk/commit/153a698f9fff7c244d4ca6f5e97d15b63840ab7a)) +* **ec2:** add g6 instance ([#30693](https://github.com/aws/aws-cdk/issues/30693)) ([90a41d5](https://github.com/aws/aws-cdk/commit/90a41d5622857a0bc2ae6e0be19b72b00a609a7d)), closes [#30683](https://github.com/aws/aws-cdk/issues/30683) +* **lambda:** add SnapStart support for arm64 functions ([#30898](https://github.com/aws/aws-cdk/issues/30898)) ([b4377a5](https://github.com/aws/aws-cdk/commit/b4377a5a3ad6d30730a084de6bc29c909a5c0e9d)), closes [#30899](https://github.com/aws/aws-cdk/issues/30899) +* **logs:** enabling IA log group creation in CN and GovCloud regions ([#30904](https://github.com/aws/aws-cdk/issues/30904)) ([230b56b](https://github.com/aws/aws-cdk/commit/230b56bb6b39d25655df26411d4e3c5a05b04231)) +* update L1 CloudFormation resource definitions ([#30860](https://github.com/aws/aws-cdk/issues/30860)) ([ce7a8d5](https://github.com/aws/aws-cdk/commit/ce7a8d59b9c0351818a26c3dac299d53ca63e8ca)) + + +### Bug Fixes + +* **custom-resources:** provider framework will always log all data including confidential data ([#30689](https://github.com/aws/aws-cdk/issues/30689)) ([9bd92da](https://github.com/aws/aws-cdk/commit/9bd92da62d8c4594a11f4ab078f07b8c20762329)), closes [#30275](https://github.com/aws/aws-cdk/issues/30275) +* **stepfunctions-tasks:** allow camelCase for parameters of CallAwsServiceCrossRegion ([#30795](https://github.com/aws/aws-cdk/issues/30795)) ([5d6ace8](https://github.com/aws/aws-cdk/commit/5d6ace8c69a16fbfb7b8109bfa35fc70f6fadeab)), closes [#30799](https://github.com/aws/aws-cdk/issues/30799) + ## [2.149.0](https://github.com/aws/aws-cdk/compare/v2.148.1...v2.149.0) (2024-07-12) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.assets.json index 06756a2e5598d..54d26fb516d85 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.assets.json @@ -1,7 +1,7 @@ { - "version": "20.0.0", + "version": "36.0.0", "files": { - "5626e75fff43d2eed0d63a5a925cb78eb1fd3d7fded40fe3b4036e0ce26a1ea9": { + "d0e21994eba50227669b2052acb6e237940781e64fc7baad9c2946a2c56d4b8d": { "source": { "path": "aws-cdk-aws-apigatewayv2-http-stage.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "5626e75fff43d2eed0d63a5a925cb78eb1fd3d7fded40fe3b4036e0ce26a1ea9.json", + "objectKey": "d0e21994eba50227669b2052acb6e237940781e64fc7baad9c2946a2c56d4b8d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.template.json index b76d9a45614f9..e684ea62ef5e0 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.template.json @@ -13,11 +13,12 @@ "ApiId": { "Ref": "HttpApiF5A9A8A7" }, - "StageName": "$default", "DefaultRouteSettings": { "ThrottlingBurstLimit": 1000, "ThrottlingRateLimit": 1000 - } + }, + "Description": "My Stage", + "StageName": "$default" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/cdk.out index 588d7b269d34f..1f0068d32659a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"20.0.0"} \ No newline at end of file +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/integ.json index c6c8b8b07f69d..6f3b6b3048bfd 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "20.0.0", + "version": "36.0.0", "testCases": { "integ.stage": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/manifest.json index d3158c39559bf..7619a5e497d6c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "20.0.0", + "version": "36.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "aws-cdk-aws-apigatewayv2-http-stage.assets": { "type": "cdk:asset-manifest", "properties": { @@ -20,10 +14,11 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "aws-cdk-aws-apigatewayv2-http-stage.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/5626e75fff43d2eed0d63a5a925cb78eb1fd3d7fded40fe3b4036e0ce26a1ea9.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/d0e21994eba50227669b2052acb6e237940781e64fc7baad9c2946a2c56d4b8d.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -65,6 +60,12 @@ ] }, "displayName": "aws-cdk-aws-apigatewayv2-http-stage" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/tree.json index f31d5e8093c41..d51fb3fce8033 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" - } - }, "aws-cdk-aws-apigatewayv2-http-stage": { "id": "aws-cdk-aws-apigatewayv2-http-stage", "path": "aws-cdk-aws-apigatewayv2-http-stage", @@ -31,14 +23,14 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.CfnApi", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.HttpApi", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "HttpStageWithProperties": { @@ -54,34 +46,59 @@ "apiId": { "Ref": "HttpApiF5A9A8A7" }, - "stageName": "$default", "defaultRouteSettings": { "throttlingBurstLimit": 1000, "throttlingRateLimit": 1000 - } + }, + "description": "My Stage", + "stageName": "$default" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.CfnStage", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.HttpStage", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-aws-apigatewayv2-http-stage/BootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-aws-apigatewayv2-http-stage/CheckBootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.3.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.3.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.ts index aecd99bf008e5..bf3bec4e11a04 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.ts @@ -12,6 +12,7 @@ new apigw.HttpStage(stack, 'HttpStageWithProperties', { rateLimit: 1000, burstLimit: 1000, }, + description: 'My Stage', }); app.synth(); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.assets.json index 119ff1f7003e3..772dd4683f795 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.assets.json @@ -1,7 +1,7 @@ { - "version": "20.0.0", + "version": "36.0.0", "files": { - "dd0f806b2fa0378baba7f8e65cc092119e36b7975bcba997a6ecd0b4e03d044f": { + "02efbccda911967e201733b39679d97db7a1c0b2ee2c60da90fb7fe7b4352502": { "source": { "path": "aws-cdk-aws-apigatewayv2-websocket-stage.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "dd0f806b2fa0378baba7f8e65cc092119e36b7975bcba997a6ecd0b4e03d044f.json", + "objectKey": "02efbccda911967e201733b39679d97db7a1c0b2ee2c60da90fb7fe7b4352502.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.template.json index 16328be32e85c..03da37384007b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-websocket-stage.template.json @@ -14,11 +14,12 @@ "ApiId": { "Ref": "WebSocketApi34BCF99B" }, - "StageName": "dev", "DefaultRouteSettings": { "ThrottlingBurstLimit": 1000, "ThrottlingRateLimit": 1000 - } + }, + "Description": "My Stage", + "StageName": "dev" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/cdk.out index 588d7b269d34f..1f0068d32659a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"20.0.0"} \ No newline at end of file +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/integ.json index 1d60b8f02d922..d35c639b2cf4c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "20.0.0", + "version": "36.0.0", "testCases": { "integ.stage": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/manifest.json index 7b98580ef726f..a42e23755bdcf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/manifest.json @@ -1,12 +1,6 @@ { - "version": "20.0.0", + "version": "36.0.0", "artifacts": { - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, "aws-cdk-aws-apigatewayv2-websocket-stage.assets": { "type": "cdk:asset-manifest", "properties": { @@ -20,10 +14,11 @@ "environment": "aws://unknown-account/unknown-region", "properties": { "templateFile": "aws-cdk-aws-apigatewayv2-websocket-stage.template.json", + "terminationProtection": false, "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/dd0f806b2fa0378baba7f8e65cc092119e36b7975bcba997a6ecd0b4e03d044f.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/02efbccda911967e201733b39679d97db7a1c0b2ee2c60da90fb7fe7b4352502.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -65,6 +60,12 @@ ] }, "displayName": "aws-cdk-aws-apigatewayv2-websocket-stage" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/tree.json index 525202a1ad08a..c1e47bf0a01af 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.js.snapshot/tree.json @@ -4,14 +4,6 @@ "id": "App", "path": "", "children": { - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.85" - } - }, "aws-cdk-aws-apigatewayv2-websocket-stage": { "id": "aws-cdk-aws-apigatewayv2-websocket-stage", "path": "aws-cdk-aws-apigatewayv2-websocket-stage", @@ -32,14 +24,14 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.CfnApi", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.WebSocketApi", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } }, "WebSocketStage": { @@ -55,34 +47,59 @@ "apiId": { "Ref": "WebSocketApi34BCF99B" }, - "stageName": "dev", "defaultRouteSettings": { "throttlingBurstLimit": 1000, "throttlingRateLimit": 1000 - } + }, + "description": "My Stage", + "stageName": "dev" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.CfnStage", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2.WebSocketStage", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-aws-apigatewayv2-websocket-stage/BootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-aws-apigatewayv2-websocket-stage/CheckBootstrapVersion", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.3.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.85" + "version": "10.3.0" } } } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.ts index 214632ef68a33..ecfff658d5f4b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/websocket/integ.stage.ts @@ -13,6 +13,7 @@ new apigw.WebSocketStage(stack, 'WebSocketStage', { rateLimit: 1000, burstLimit: 1000, }, + description: 'My Stage', }); app.synth(); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.assets.json new file mode 100644 index 0000000000000..ea7093d4eef0c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "603e01b8a28b3701dc4a16dcc90ff1b0dd7de76f7c1e20e07b3458a72955b7b0": { + "source": { + "path": "eventbue-customer-managed-key.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "603e01b8a28b3701dc4a16dcc90ff1b0dd7de76f7c1e20e07b3458a72955b7b0.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.template.json new file mode 100644 index 0000000000000..ab122e99ffc58 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbue-customer-managed-key.template.json @@ -0,0 +1,144 @@ +{ + "Resources": { + "KmsKey46693ADD": { + "Type": "AWS::KMS::Key", + "Properties": { + "KeyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey" + ], + "Condition": { + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + }, + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":event-bus/eventbuecustomermanagedkeyBus178EB991" + ] + ] + }, + "kms:EncryptionContext:aws:events:event-bus:arn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":event-bus/eventbuecustomermanagedkeyBus178EB991" + ] + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "BusEA82B648": { + "Type": "AWS::Events::EventBus", + "Properties": { + "KmsKeyIdentifier": { + "Fn::GetAtt": [ + "KmsKey46693ADD", + "Arn" + ] + }, + "Name": "eventbuecustomermanagedkeyBus178EB991" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets.json new file mode 100644 index 0000000000000..299d2f1c06fcd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/integ.json new file mode 100644 index 0000000000000..18f50967ebf05 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "eventbue-customer-managed-key-test/DefaultTest": { + "stacks": [ + "eventbue-customer-managed-key" + ], + "assertionStack": "eventbue-customer-managed-key-test/DefaultTest/DeployAssert", + "assertionStackName": "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/manifest.json new file mode 100644 index 0000000000000..1bd01669db3a8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "36.0.0", + "artifacts": { + "eventbue-customer-managed-key.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "eventbue-customer-managed-key.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "eventbue-customer-managed-key": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "eventbue-customer-managed-key.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/603e01b8a28b3701dc4a16dcc90ff1b0dd7de76f7c1e20e07b3458a72955b7b0.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "eventbue-customer-managed-key.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "eventbue-customer-managed-key.assets" + ], + "metadata": { + "/eventbue-customer-managed-key/KmsKey/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "KmsKey46693ADD" + } + ], + "/eventbue-customer-managed-key/Bus/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "BusEA82B648" + } + ], + "/eventbue-customer-managed-key/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/eventbue-customer-managed-key/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "eventbue-customer-managed-key" + }, + "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "eventbuecustomermanagedkeytestDefaultTestDeployAssertBCCA03C5.assets" + ], + "metadata": { + "/eventbue-customer-managed-key-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/eventbue-customer-managed-key-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "eventbue-customer-managed-key-test/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/tree.json new file mode 100644 index 0000000000000..8425b89a1bbcb --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.js.snapshot/tree.json @@ -0,0 +1,241 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "eventbue-customer-managed-key": { + "id": "eventbue-customer-managed-key", + "path": "eventbue-customer-managed-key", + "children": { + "KmsKey": { + "id": "KmsKey", + "path": "eventbue-customer-managed-key/KmsKey", + "children": { + "Resource": { + "id": "Resource", + "path": "eventbue-customer-managed-key/KmsKey/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::KMS::Key", + "aws:cdk:cloudformation:props": { + "keyPolicy": { + "Statement": [ + { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { + "AWS": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::", + { + "Ref": "AWS::AccountId" + }, + ":root" + ] + ] + } + }, + "Resource": "*" + }, + { + "Action": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey" + ], + "Condition": { + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId" + }, + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":event-bus/eventbuecustomermanagedkeyBus178EB991" + ] + ] + }, + "kms:EncryptionContext:aws:events:event-bus:arn": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":events:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":event-bus/eventbuecustomermanagedkeyBus178EB991" + ] + ] + } + } + }, + "Effect": "Allow", + "Principal": { + "Service": "events.amazonaws.com" + }, + "Resource": "*" + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_kms.CfnKey", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_kms.Key", + "version": "0.0.0" + } + }, + "Bus": { + "id": "Bus", + "path": "eventbue-customer-managed-key/Bus", + "children": { + "Resource": { + "id": "Resource", + "path": "eventbue-customer-managed-key/Bus/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Events::EventBus", + "aws:cdk:cloudformation:props": { + "kmsKeyIdentifier": { + "Fn::GetAtt": [ + "KmsKey46693ADD", + "Arn" + ] + }, + "name": "eventbuecustomermanagedkeyBus178EB991" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_events.CfnEventBus", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_events.EventBus", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "eventbue-customer-managed-key/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "eventbue-customer-managed-key/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "eventbue-customer-managed-key-test": { + "id": "eventbue-customer-managed-key-test", + "path": "eventbue-customer-managed-key-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "eventbue-customer-managed-key-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "eventbue-customer-managed-key-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "eventbue-customer-managed-key-test/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "eventbue-customer-managed-key-test/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "eventbue-customer-managed-key-test/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.ts new file mode 100644 index 0000000000000..fc2e9883ec221 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-events/test/integ.eventbus-customer-managed-key.ts @@ -0,0 +1,17 @@ +import * as kms from 'aws-cdk-lib/aws-kms'; +import { App, RemovalPolicy, Stack } from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import { EventBus } from 'aws-cdk-lib/aws-events'; + +const app = new App(); +const stack = new Stack(app, 'eventbue-customer-managed-key'); + +const kmsKey =new kms.Key(stack, 'KmsKey', { + removalPolicy: RemovalPolicy.DESTROY, +}); + +new EventBus(stack, 'Bus', { kmsKey }); + +new IntegTest(app, 'eventbue-customer-managed-key-test', { + testCases: [stack], +}); diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index ed7b8815d0938..82365b2bdc11d 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.11", - "@aws-cdk/service-spec-types": "^0.0.79", + "@aws-cdk/aws-service-spec": "^0.1.12", + "@aws-cdk/service-spec-types": "^0.0.80", "chalk": "^4", "diff": "^5.2.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index 790e4d2d08834..aeb23b6153f68 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -74,7 +74,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.1.11", + "@aws-cdk/aws-service-spec": "^0.1.12", "cdk-assets": "0.0.0", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/README.md b/packages/aws-cdk-lib/aws-apigatewayv2/README.md index e5604dafebf1a..8b74889d941cb 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/README.md +++ b/packages/aws-cdk-lib/aws-apigatewayv2/README.md @@ -137,6 +137,7 @@ declare const api: apigwv2.HttpApi; new apigwv2.HttpStage(this, 'Stage', { httpApi: api, stageName: 'beta', + description: 'My Stage', }); ``` @@ -373,6 +374,7 @@ const webSocketApi = new apigwv2.WebSocketApi(this, 'mywsapi', { new apigwv2.WebSocketStage(this, 'mystage', { webSocketApi, stageName: 'dev', + description: 'My Stage', autoDeploy: true, }); ``` diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/lib/common/stage.ts b/packages/aws-cdk-lib/aws-apigatewayv2/lib/common/stage.ts index 0301bf4b31c4c..3eca733715514 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/lib/common/stage.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/lib/common/stage.ts @@ -66,6 +66,13 @@ export interface StageOptions { * @default - no throttling configuration */ readonly throttle?: ThrottleSettings; + + /** + * The description for the API stage + * + * @default - no description + */ + readonly description?: string; } /** diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/stage.ts b/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/stage.ts index c8484904271f9..0ec38b893af56 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/stage.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/stage.ts @@ -171,6 +171,7 @@ export class HttpStage extends HttpStageBase { throttlingBurstLimit: props.throttle?.burstLimit, throttlingRateLimit: props.throttle?.rateLimit, }, + description: props.description, }); this.stageName = this.physicalName; diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/lib/websocket/stage.ts b/packages/aws-cdk-lib/aws-apigatewayv2/lib/websocket/stage.ts index 2e534ff7a75a5..6332b7532fd17 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/lib/websocket/stage.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/lib/websocket/stage.ts @@ -95,6 +95,7 @@ export class WebSocketStage extends StageBase implements IWebSocketStage { throttlingBurstLimit: props.throttle?.burstLimit, throttlingRateLimit: props.throttle?.rateLimit, }, + description: props.description, }); if (props.domainMapping) { diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/test/http/stage.test.ts b/packages/aws-cdk-lib/aws-apigatewayv2/test/http/stage.test.ts index ebd2e7b593ab8..357b4617f11ba 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/test/http/stage.test.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/test/http/stage.test.ts @@ -190,4 +190,23 @@ describe('HttpStage with domain mapping', () => { }, }); }); + + test('specify description', () => { + // GIVEN + const stack = new Stack(); + const api = new HttpApi(stack, 'Api', { + createDefaultStage: false, + }); + + // WHEN + new HttpStage(stack, 'DefaultStage', { + httpApi: api, + description: 'My Stage', + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Stage', { + Description: 'My Stage', + }); + }); }); diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/test/websocket/stage.test.ts b/packages/aws-cdk-lib/aws-apigatewayv2/test/websocket/stage.test.ts index 20cc23a2e50da..549f7c02b2c91 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/test/websocket/stage.test.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/test/websocket/stage.test.ts @@ -133,4 +133,22 @@ describe('WebSocketStage', () => { }, }); }); + + test('specify description', () => { + // GIVEN + const stack = new Stack(); + const api = new WebSocketApi(stack, 'Api'); + + // WHEN + new WebSocketStage(stack, 'DefaultStage', { + webSocketApi: api, + stageName: 'dev', + description: 'My Stage', + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Stage', { + Description: 'My Stage', + }); + }); }); diff --git a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts index 2cbea1c5eb0b4..89fc0d7434f41 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts @@ -19,6 +19,8 @@ import { ArnFormat, FeatureFlags, Token, + Arn, + Fn, } from '../../../core'; import * as cxapi from '../../../cx-api'; import { RegionInfo } from '../../../region-info'; @@ -516,16 +518,20 @@ export abstract class BaseService extends Resource public static fromServiceArnWithCluster(scope: Construct, id: string, serviceArn: string): IBaseService { const stack = Stack.of(scope); const arn = stack.splitArn(serviceArn, ArnFormat.SLASH_RESOURCE_NAME); - const resourceName = arn.resourceName; - if (!resourceName) { - throw new Error(`Missing resource Name from service ARN: ${serviceArn}`); - } - const resourceNameParts = resourceName.split('/'); - if (resourceNameParts.length !== 2) { - throw new Error(`resource name ${resourceName} from service ARN: ${serviceArn} is not using the ARN cluster format`); + const resourceName = Arn.extractResourceName(serviceArn, 'service'); + let clusterName: string; + let serviceName: string; + if (Token.isUnresolved(resourceName)) { + clusterName = Fn.select(0, Fn.split('/', resourceName)); + serviceName = Fn.select(1, Fn.split('/', resourceName)); + } else { + const resourceNameParts = resourceName.split('/'); + if (resourceNameParts.length !== 2) { + throw new Error(`resource name ${resourceName} from service ARN: ${serviceArn} is not using the ARN cluster format`); + } + clusterName = resourceNameParts[0]; + serviceName = resourceNameParts[1]; } - const clusterName = resourceNameParts[0]; - const serviceName = resourceNameParts[1]; const clusterArn = Stack.of(scope).formatArn({ partition: arn.partition, diff --git a/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts b/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts index d670e8fbc8c32..9ef3b54a68c43 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/base-service.test.ts @@ -38,7 +38,7 @@ describe('When import an ECS Service', () => { test('throws an expection if no resourceName provided on fromServiceArnWithCluster', () => { expect(() => { ecs.BaseService.fromServiceArnWithCluster(stack, 'Service', 'arn:aws:ecs:service-region:service-account:service'); - }).toThrowError(/Missing resource Name from service ARN/); + }).toThrowError(/Expected resource name in ARN, didn't find one: 'arn:aws:ecs:service-region:service-account:service'/); }); test('throws an expection if not using cluster arn format on fromServiceArnWithCluster', () => { @@ -47,6 +47,11 @@ describe('When import an ECS Service', () => { }).toThrowError(/is not using the ARN cluster format/); }); + test('skip validation for tokenized values', () => { + expect(() => ecs.BaseService.fromServiceArnWithCluster(stack, 'Service', + cdk.Lazy.string({ produce: () => 'arn:aws:ecs:service-region:service-account:service' }))).not.toThrow(); + }); + test('should add a dependency on task role', () => { // GIVEN const vpc = new ec2.Vpc(stack, 'Vpc'); diff --git a/packages/aws-cdk-lib/aws-events/README.md b/packages/aws-cdk-lib/aws-events/README.md index 7dc3377590068..0a9c871d4fddb 100644 --- a/packages/aws-cdk-lib/aws-events/README.md +++ b/packages/aws-cdk-lib/aws-events/README.md @@ -236,3 +236,22 @@ const eventBus = events.EventBus.fromEventBusArn(this, 'ImportedEventBus', 'arn: // now you can just call methods on the eventbus eventBus.grantPutEventsTo(lambdaFunction); ``` + +## Use a customer managed key + +To use a customer managed key for events on the event bus, use the `kmsKey` attribute. + +```ts +import * as kms from 'aws-cdk-lib/aws-kms'; + +declare const kmsKey: kms.IKey; + +new events.EventBus(this, 'Bus', { + kmsKey, +}); +``` + +**Note**: Archives and schema discovery are not supported for event buses encrypted using a customer managed key. +To enable archives or schema discovery on an event bus, choose to use an AWS owned key. +For more information, see [KMS key options for event bus encryption](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-at-rest-key-options.html). + diff --git a/packages/aws-cdk-lib/aws-events/lib/event-bus.ts b/packages/aws-cdk-lib/aws-events/lib/event-bus.ts index 78f533c5a5536..6b164ceae7c84 100644 --- a/packages/aws-cdk-lib/aws-events/lib/event-bus.ts +++ b/packages/aws-cdk-lib/aws-events/lib/event-bus.ts @@ -2,6 +2,7 @@ import { Construct } from 'constructs'; import { Archive, BaseArchiveProps } from './archive'; import { CfnEventBus, CfnEventBusPolicy } from './events.generated'; import * as iam from '../../aws-iam'; +import * as kms from '../../aws-kms'; import { ArnFormat, IResource, Lazy, Names, Resource, Stack, Token } from '../../core'; /** @@ -78,6 +79,13 @@ export interface EventBusProps { * @default - no partner event source */ readonly eventSourceName?: string; + + /** + * The customer managed key that encrypt events on this event bus. + * + * @default - Use an AWS managed key + */ + readonly kmsKey?: kms.IKey; } /** @@ -320,6 +328,7 @@ export class EventBus extends EventBusBase { const eventBus = new CfnEventBus(this, 'Resource', { name: this.physicalName, eventSourceName, + kmsKeyIdentifier: props?.kmsKey?.keyArn, }); this.eventBusArn = this.getResourceArnAttribute(eventBus.attrArn, { @@ -328,6 +337,31 @@ export class EventBus extends EventBusBase { resourceName: eventBus.name, }); + // Allow EventBridge to use customer managed key + // See https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-key-policy.html + if (props?.kmsKey) { + props?.kmsKey.addToResourcePolicy(new iam.PolicyStatement({ + resources: ['*'], + actions: ['kms:Decrypt', 'kms:GenerateDataKey', 'kms:DescribeKey'], + principals: [new iam.ServicePrincipal('events.amazonaws.com')], + conditions: { + StringEquals: { + 'aws:SourceAccount': this.stack.account, + 'aws:SourceArn': Stack.of(this).formatArn({ + service: 'events', + resource: 'event-bus', + resourceName: eventBusName, + }), + 'kms:EncryptionContext:aws:events:event-bus:arn': Stack.of(this).formatArn({ + service: 'events', + resource: 'event-bus', + resourceName: eventBusName, + }), + }, + }, + })); + } + this.eventBusName = this.getResourceNameAttribute(eventBus.ref); this.eventBusPolicy = eventBus.attrPolicy; this.eventSourceName = eventBus.eventSourceName; diff --git a/packages/aws-cdk-lib/aws-events/test/event-bus.test.ts b/packages/aws-cdk-lib/aws-events/test/event-bus.test.ts index da4a96a3763e3..7b2a034b64d58 100644 --- a/packages/aws-cdk-lib/aws-events/test/event-bus.test.ts +++ b/packages/aws-cdk-lib/aws-events/test/event-bus.test.ts @@ -2,6 +2,7 @@ import { testDeprecated } from '@aws-cdk/cdk-build-tools'; import { Template } from '../../assertions'; import * as iam from '../../aws-iam'; import { Effect } from '../../aws-iam'; +import * as kms from '../../aws-kms'; import { Aws, CfnResource, Stack, Arn, App, PhysicalName, CfnOutput } from '../../core'; import { EventBus } from '../lib'; @@ -625,4 +626,112 @@ describe('event bus', () => { actions: ['events:PutEvents'], }))).toThrow('Event Bus policy statements must have a sid'); }); + + test('Event Bus with a customer managed key', () => { + // GIVEN + const app = new App(); + const stack = new Stack(app, 'Stack'); + const key = new kms.Key(stack, 'Key'); + + // WHEN + const eventBus = new EventBus(stack, 'Bus', { + kmsKey: key, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Events::EventBus', { + KmsKeyIdentifier: stack.resolve(key.keyArn), + }); + + Template.fromStack(stack).hasResourceProperties('AWS::KMS::Key', { + KeyPolicy: { + Statement: [ + { + Action: 'kms:*', + Effect: 'Allow', + Principal: { + AWS: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':iam::', + { + Ref: 'AWS::AccountId', + }, + ':root', + ], + ], + }, + }, + Resource: '*', + }, + { + Action: [ + 'kms:Decrypt', + 'kms:GenerateDataKey', + 'kms:DescribeKey', + ], + Condition: { + StringEquals: { + 'aws:SourceAccount': { + Ref: 'AWS::AccountId', + }, + 'aws:SourceArn': { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':events:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':event-bus/StackBusAA0A1E4B', + ], + ], + }, + 'kms:EncryptionContext:aws:events:event-bus:arn': { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':events:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':event-bus/StackBusAA0A1E4B', + ], + ], + }, + }, + }, + Effect: 'Allow', + Principal: { + Service: 'events.amazonaws.com', + }, + Resource: '*', + }, + ], + Version: '2012-10-17', + }, + }); + }); + }); diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index f1959368727a2..bc15082dbc092 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -135,7 +135,7 @@ "mime-types": "^2.1.35" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.1.11", + "@aws-cdk/aws-service-spec": "^0.1.12", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index 7cccaa70dedf4..b6cef52e84d10 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.11", - "@aws-cdk/service-spec-importers": "^0.0.40", - "@aws-cdk/service-spec-types": "^0.0.79", + "@aws-cdk/aws-service-spec": "^0.1.12", + "@aws-cdk/service-spec-importers": "^0.0.41", + "@aws-cdk/service-spec-types": "^0.0.80", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/version.v2.json b/version.v2.json index 7dd7edd090610..e88258feb31cc 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.149.0", - "alphaVersion": "2.149.0-alpha.0" + "version": "2.150.0", + "alphaVersion": "2.150.0-alpha.0" } \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index 196e2fc5a9ec2..a38305994df03 100644 --- a/yarn.lock +++ b/yarn.lock @@ -51,12 +51,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.3.tgz#9b5d213b5ce5ad4461f6a4720195ff8de72e6523" integrity sha512-twhuEG+JPOYCYPx/xy5uH2+VUsIEhPTzDY0F1KuB+ocjWWB/KEDiOVL19nHvbPCB6fhWnkykXEMJ4HHcKvjtvg== -"@aws-cdk/aws-service-spec@^0.1.11": - version "0.1.11" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.11.tgz#a0e2acddf9fb260a992ea813767525d9509ec657" - integrity sha512-OGsu1Z+xWZcUBmbBazcplYzXopweuZGd3HL8rBgn5LbSyGAeiRVsw8/EhwBg4/emUu+sw6L7PmDJ2igX8HWYMw== +"@aws-cdk/aws-service-spec@^0.1.12": + version "0.1.12" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.12.tgz#202b8ee67fc9e56c61f9c8970c940eaec10659e3" + integrity sha512-WhqQw+0xWgZLs4CAwZ1+SMM/xj7oodFkqNJoRxJ2Cq5ErwcPjbtKGaua1BkMavEvIgOPkgfTaggqSRo4ACojdQ== dependencies: - "@aws-cdk/service-spec-types" "^0.0.79" + "@aws-cdk/service-spec-types" "^0.0.80" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/lambda-layer-kubectl-v24@^2.0.242": @@ -74,12 +74,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/lambda-layer-kubectl-v30/-/lambda-layer-kubectl-v30-2.0.0.tgz#97c40d31e5350ce7170be5d188361118b1e39231" integrity sha512-yES6NfrJ3QV1372lAZ2FLXp/no4bqDWBXeSREJdrpWjQzD0wvL/hCpHEyjZrzHhOi27YbMxFTQ3g9isKAul8+A== -"@aws-cdk/service-spec-importers@^0.0.40": - version "0.0.40" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.40.tgz#3f27aebe00a030067294194166fc06d3e700935e" - integrity sha512-JTIWU7+LK1uUvAo+7QekGqskJpM0wLAWrW6T8+eHP5SlJvy6Qt9sdENgYThFjDsgzVkveyaAS/VcARsLzEkJcA== +"@aws-cdk/service-spec-importers@^0.0.41": + version "0.0.41" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.41.tgz#d956180a3aa4d25a16bbabb92d854c9b2da9df0c" + integrity sha512-Cmh0U8xUYhcduLSCto8RJOldqORlavZ+9kZ/4eWK4MSgbdx6y0qekW6fPRkhFIvuamUyGdcq12vov+o24mSr7Q== dependencies: - "@aws-cdk/service-spec-types" "^0.0.79" + "@aws-cdk/service-spec-types" "^0.0.80" "@cdklabs/tskb" "^0.0.3" ajv "^6" canonicalize "^2.0.0" @@ -90,10 +90,10 @@ glob "^8" sort-json "^2.0.1" -"@aws-cdk/service-spec-types@^0.0.79": - version "0.0.79" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.79.tgz#9efdc886768e3b3754826ad0da291b7ecc209775" - integrity sha512-of5gMJx8Qn54rh5bxnsTg12d2N4EFToIEyczeWOXsNYsmsDDJlsrswCsBySe0BwLWvRga2iv1kFk8W6f+cIAZQ== +"@aws-cdk/service-spec-types@^0.0.80": + version "0.0.80" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.80.tgz#6532855ca854c236b3dd4342726f1351b6ac55ee" + integrity sha512-h+GK+gNP3QvCUjrnm12+AdrpTlI9twrBHRAUMCq1d0pIcvWyFNoiMrxWVYeRs3stgvSKZYdanqt/zS3SUPwkZw== dependencies: "@cdklabs/tskb" "^0.0.3"