From 7761b71f2f95c32218b8056bf3d3d6e2780186c6 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Fri, 31 May 2024 23:51:27 +0900 Subject: [PATCH 1/5] feat: add userRoleRequired --- .../aws-chatbot/lib/slack-channel-configuration.ts | 8 ++++++++ .../test/slack-channel-configuration.test.ts | 13 +++++++++++++ .../lib/nlb/network-load-balancer.ts | 12 +++++++++++- 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-chatbot/lib/slack-channel-configuration.ts b/packages/aws-cdk-lib/aws-chatbot/lib/slack-channel-configuration.ts index 530975ab3a1d2..dadf4600cda45 100644 --- a/packages/aws-cdk-lib/aws-chatbot/lib/slack-channel-configuration.ts +++ b/packages/aws-cdk-lib/aws-chatbot/lib/slack-channel-configuration.ts @@ -87,6 +87,13 @@ export interface SlackChannelConfigurationProps { * @default - The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set. */ readonly guardrailPolicies?: iam.IManagedPolicy[]; + + /** + * Enables use of a user role requirement in your chat configuration. + * + * @default false + */ + readonly userRoleRequired?: boolean; } /** @@ -300,6 +307,7 @@ export class SlackChannelConfiguration extends SlackChannelConfigurationBase { snsTopicArns: cdk.Lazy.list({ produce: () => this.notificationTopics.map(topic => topic.topicArn) }, { omitEmpty: true } ), loggingLevel: props.loggingLevel?.toString(), guardrailPolicies: cdk.Lazy.list({ produce: () => props.guardrailPolicies?.map(policy => policy.managedPolicyArn) }, { omitEmpty: true } ), + userRoleRequired: props.userRoleRequired, }); // Log retention diff --git a/packages/aws-cdk-lib/aws-chatbot/test/slack-channel-configuration.test.ts b/packages/aws-cdk-lib/aws-chatbot/test/slack-channel-configuration.test.ts index 5d1ff3e94ccb2..3b6d145ba0029 100644 --- a/packages/aws-cdk-lib/aws-chatbot/test/slack-channel-configuration.test.ts +++ b/packages/aws-cdk-lib/aws-chatbot/test/slack-channel-configuration.test.ts @@ -175,6 +175,19 @@ describe('SlackChannelConfiguration', () => { }); }); + test('specifying user role required', () => { + new chatbot.SlackChannelConfiguration(stack, 'MySlackChannel', { + slackWorkspaceId: 'ABC123', + slackChannelId: 'DEF456', + slackChannelConfigurationName: 'ConfigurationName', + userRoleRequired: true, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::Chatbot::SlackChannelConfiguration', { + UserRoleRequired: true, + }); + }); + test('getting configuration metric', () => { const slackChannel = new chatbot.SlackChannelConfiguration(stack, 'MySlackChannel', { slackWorkspaceId: 'ABC123', diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index 2ea54549cb977..18f9c6e3336b5 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -8,7 +8,7 @@ import * as cxapi from '../../../cx-api'; import { NetworkELBMetrics } from '../elasticloadbalancingv2-canned-metrics.generated'; import { BaseLoadBalancer, BaseLoadBalancerLookupOptions, BaseLoadBalancerProps, ILoadBalancerV2 } from '../shared/base-load-balancer'; import { IpAddressType } from '../shared/enums'; -import { parseLoadBalancerFullName } from '../shared/util'; +import { ifUndefined, parseLoadBalancerFullName } from '../shared/util'; /** * Indicates how traffic is distributed among the load balancer Availability Zones. @@ -66,6 +66,16 @@ export interface NetworkLoadBalancerProps extends BaseLoadBalancerProps { * @default true */ readonly enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: boolean; + + /** + * Indicates whether to specify static IPv4 address. + * When enabled, a static IP address is assigned in every Availability Zone where the NLB is deployed. + * + * This parameter is valid for only internal NLB. + * + * @default false + */ + readonly staticIpv4?: boolean; } /** From a1e5fe0cb3a38fdf9e6bb79b1eff152966af132b Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Fri, 31 May 2024 23:56:50 +0900 Subject: [PATCH 2/5] fix: remove --- .../lib/nlb/network-load-balancer.ts | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index 18f9c6e3336b5..2ea54549cb977 100644 --- a/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -8,7 +8,7 @@ import * as cxapi from '../../../cx-api'; import { NetworkELBMetrics } from '../elasticloadbalancingv2-canned-metrics.generated'; import { BaseLoadBalancer, BaseLoadBalancerLookupOptions, BaseLoadBalancerProps, ILoadBalancerV2 } from '../shared/base-load-balancer'; import { IpAddressType } from '../shared/enums'; -import { ifUndefined, parseLoadBalancerFullName } from '../shared/util'; +import { parseLoadBalancerFullName } from '../shared/util'; /** * Indicates how traffic is distributed among the load balancer Availability Zones. @@ -66,16 +66,6 @@ export interface NetworkLoadBalancerProps extends BaseLoadBalancerProps { * @default true */ readonly enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: boolean; - - /** - * Indicates whether to specify static IPv4 address. - * When enabled, a static IP address is assigned in every Availability Zone where the NLB is deployed. - * - * This parameter is valid for only internal NLB. - * - * @default false - */ - readonly staticIpv4?: boolean; } /** From 6c27859972b8fd6b88986fdbc4b48eda96807e3e Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Sat, 1 Jun 2024 00:15:23 +0900 Subject: [PATCH 3/5] test: add integ test --- .../ChatbotInteg.assets.json | 19 ++ .../ChatbotInteg.template.json | 70 +++++++ .../cdk.out | 1 + .../integ.json | 12 ++ ...efaultTestDeployAssert995C2DD6.assets.json | 19 ++ ...aultTestDeployAssert995C2DD6.template.json | 36 ++++ .../manifest.json | 119 ++++++++++++ .../tree.json | 177 ++++++++++++++++++ .../test/integ.chatbot-user-role-required.ts | 16 ++ 9 files changed, 469 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.assets.json new file mode 100644 index 0000000000000..df15e50748b93 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "fab2d1b84ca3a56733f8cdf46ed2ca79b240b8663982bb6ff00b438be185bc41": { + "source": { + "path": "ChatbotInteg.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "fab2d1b84ca3a56733f8cdf46ed2ca79b240b8663982bb6ff00b438be185bc41.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.template.json new file mode 100644 index 0000000000000..10b9aac81637a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/ChatbotInteg.template.json @@ -0,0 +1,70 @@ +{ + "Resources": { + "MySlackChannelConfigurationRole1D3F23AE": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "chatbot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "MySlackChannelA8E0B56C": { + "Type": "AWS::Chatbot::SlackChannelConfiguration", + "Properties": { + "ConfigurationName": "test-channel", + "IamRoleArn": { + "Fn::GetAtt": [ + "MySlackChannelConfigurationRole1D3F23AE", + "Arn" + ] + }, + "SlackChannelId": "C07639U21PW", + "SlackWorkspaceId": "T075XU2GKBP", + "UserRoleRequired": true + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integ.json new file mode 100644 index 0000000000000..73834df9fbbfb --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "integ-chatbot-user-role-required/DefaultTest": { + "stacks": [ + "ChatbotInteg" + ], + "assertionStack": "integ-chatbot-user-role-required/DefaultTest/DeployAssert", + "assertionStackName": "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets.json new file mode 100644 index 0000000000000..59d309f47578c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/manifest.json new file mode 100644 index 0000000000000..b3079815b81c5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/manifest.json @@ -0,0 +1,119 @@ +{ + "version": "36.0.0", + "artifacts": { + "ChatbotInteg.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "ChatbotInteg.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "ChatbotInteg": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "ChatbotInteg.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/fab2d1b84ca3a56733f8cdf46ed2ca79b240b8663982bb6ff00b438be185bc41.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "ChatbotInteg.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "ChatbotInteg.assets" + ], + "metadata": { + "/ChatbotInteg/MySlackChannel/ConfigurationRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MySlackChannelConfigurationRole1D3F23AE" + } + ], + "/ChatbotInteg/MySlackChannel/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MySlackChannelA8E0B56C" + } + ], + "/ChatbotInteg/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/ChatbotInteg/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "ChatbotInteg" + }, + "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integchatbotuserrolerequiredDefaultTestDeployAssert995C2DD6.assets" + ], + "metadata": { + "/integ-chatbot-user-role-required/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-chatbot-user-role-required/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-chatbot-user-role-required/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/tree.json new file mode 100644 index 0000000000000..b3f13b56e6fa4 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.js.snapshot/tree.json @@ -0,0 +1,177 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "ChatbotInteg": { + "id": "ChatbotInteg", + "path": "ChatbotInteg", + "children": { + "MySlackChannel": { + "id": "MySlackChannel", + "path": "ChatbotInteg/MySlackChannel", + "children": { + "ConfigurationRole": { + "id": "ConfigurationRole", + "path": "ChatbotInteg/MySlackChannel/ConfigurationRole", + "children": { + "ImportConfigurationRole": { + "id": "ImportConfigurationRole", + "path": "ChatbotInteg/MySlackChannel/ConfigurationRole/ImportConfigurationRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "ChatbotInteg/MySlackChannel/ConfigurationRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "chatbot.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "ChatbotInteg/MySlackChannel/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Chatbot::SlackChannelConfiguration", + "aws:cdk:cloudformation:props": { + "configurationName": "test-channel", + "iamRoleArn": { + "Fn::GetAtt": [ + "MySlackChannelConfigurationRole1D3F23AE", + "Arn" + ] + }, + "slackChannelId": "C07639U21PW", + "slackWorkspaceId": "T075XU2GKBP", + "userRoleRequired": true + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_chatbot.CfnSlackChannelConfiguration", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_chatbot.SlackChannelConfiguration", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "ChatbotInteg/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "ChatbotInteg/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "integ-chatbot-user-role-required": { + "id": "integ-chatbot-user-role-required", + "path": "integ-chatbot-user-role-required", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "integ-chatbot-user-role-required/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "integ-chatbot-user-role-required/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "integ-chatbot-user-role-required/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-chatbot-user-role-required/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-chatbot-user-role-required/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.ts new file mode 100644 index 0000000000000..b04c6d4eeb73b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-chatbot/test/integ.chatbot-user-role-required.ts @@ -0,0 +1,16 @@ +import * as cdk from 'aws-cdk-lib'; +import * as chatbot from 'aws-cdk-lib/aws-chatbot'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +const app = new cdk.App(); +const testStack = new cdk.Stack(app, 'ChatbotInteg'); +new chatbot.SlackChannelConfiguration(testStack, 'MySlackChannel', { + slackChannelConfigurationName: 'test-channel', + slackWorkspaceId: 'T075XU2GKBP', + slackChannelId: 'C07639U21PW', + userRoleRequired: true, +}); + +new IntegTest(app, 'integ-chatbot-user-role-required', { + testCases: [testStack], +}); From 78e1e9cfb3782a543892581f247d0c3c04198df9 Mon Sep 17 00:00:00 2001 From: Kazuho CryerShinozuka Date: Sat, 1 Jun 2024 21:58:26 +0900 Subject: [PATCH 4/5] docs: update readme --- packages/aws-cdk-lib/aws-chatbot/README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/packages/aws-cdk-lib/aws-chatbot/README.md b/packages/aws-cdk-lib/aws-chatbot/README.md index 0bb650ac21693..7091032e55fc9 100644 --- a/packages/aws-cdk-lib/aws-chatbot/README.md +++ b/packages/aws-cdk-lib/aws-chatbot/README.md @@ -47,3 +47,20 @@ correct log retention period (never expire, by default). By default slack channel will use `AdministratorAccess` managed policy as guardrail policy. The `guardrailPolicies` property can be used to set a different set of managed policies. + +## User Role Requirement + +Administrators can [require user roles](https://docs.aws.amazon.com/chatbot/latest/adminguide/understanding-permissions.html#user-role-requirement) for all current channel members and channels and all channels created in the future by enabling a user role requirement. + +You can configure this feature by set `userRoleRequired` property. + +```ts +import * as chatbot from 'aws-cdk-lib/aws-chatbot'; + +const slackChannel = new chatbot.SlackChannelConfiguration(this, 'MySlackChannel', { + slackChannelConfigurationName: 'YOUR_CHANNEL_NAME', + slackWorkspaceId: 'YOUR_SLACK_WORKSPACE_ID', + slackChannelId: 'YOUR_SLACK_CHANNEL_ID', + userRoleRequired: true, +}); +``` From 34602b901fb3d41603a3d6041c7eb58f768dad33 Mon Sep 17 00:00:00 2001 From: kazuho cryer-shinozuka Date: Sun, 2 Jun 2024 07:18:53 +0900 Subject: [PATCH 5/5] Update packages/aws-cdk-lib/aws-chatbot/README.md Co-authored-by: Luca Pizzini --- packages/aws-cdk-lib/aws-chatbot/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-chatbot/README.md b/packages/aws-cdk-lib/aws-chatbot/README.md index 7091032e55fc9..3a0e05ffb138f 100644 --- a/packages/aws-cdk-lib/aws-chatbot/README.md +++ b/packages/aws-cdk-lib/aws-chatbot/README.md @@ -52,7 +52,7 @@ The `guardrailPolicies` property can be used to set a different set of managed p Administrators can [require user roles](https://docs.aws.amazon.com/chatbot/latest/adminguide/understanding-permissions.html#user-role-requirement) for all current channel members and channels and all channels created in the future by enabling a user role requirement. -You can configure this feature by set `userRoleRequired` property. +You can configure this feature by setting the `userRoleRequired` property. ```ts import * as chatbot from 'aws-cdk-lib/aws-chatbot';