From b5b777b7a52462784651fa08568b9a2e68e242a4 Mon Sep 17 00:00:00 2001 From: Pahud Hsieh Date: Fri, 14 Nov 2025 00:47:05 -0500 Subject: [PATCH] feat(opensearchservice): add support for instance store domains - Update integration test for OpenSearch Domain with instance store configuration - Add new test case for r8gd instance type with EBS disabled - Update snapshot files and integration test metadata --- ...efaultTestDeployAssert4E6713E1.assets.json | 4 +- ...nteg-opensearch-instance-store.assets.json | 8 +- ...eg-opensearch-instance-store.template.json | 29 + .../integ.opensearch.ebs.js.snapshot/cdk.out | 2 +- .../integ.json | 4 +- .../manifest.json | 552 ++++++++++++++++-- .../tree.json | 2 +- .../test/integ.opensearch.ebs.ts | 2 +- .../aws-opensearchservice/lib/domain.ts | 1 + .../aws-opensearchservice/test/domain.test.ts | 6 +- 10 files changed, 558 insertions(+), 52 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json index 4020fb4238859..663c558b3c3b1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "displayName": "IntegDefaultTestDeployAssert4E6713E1 Template", @@ -8,7 +8,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.assets.json index bf29926e0f367..af67531d2ceeb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.assets.json @@ -1,16 +1,16 @@ { - "version": "44.0.0", + "version": "48.0.0", "files": { - "7d33352f78462dd72c51edb98b20b84b6e9f155f9f96873ac615fc32758db5a0": { + "854c51676000ffd0dbc9006218d1ce1cd13818f9f46ebc4e640705f6094bec1a": { "displayName": "cdk-integ-opensearch-instance-store Template", "source": { "path": "cdk-integ-opensearch-instance-store.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-4c47a68f": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7d33352f78462dd72c51edb98b20b84b6e9f155f9f96873ac615fc32758db5a0.json", + "objectKey": "854c51676000ffd0dbc9006218d1ce1cd13818f9f46ebc4e640705f6094bec1a.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.template.json index 9aab16a98c9b1..570c84e597eb1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk-integ-opensearch-instance-store.template.json @@ -86,6 +86,35 @@ }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" + }, + "Domain4590DF99F": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r8gd.medium.search", + "MultiAZWithStandbyEnabled": false, + "ZoneAwarenessEnabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" + }, + "EBSOptions": { + "EBSEnabled": false + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_2.17", + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" } }, "Parameters": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk.out index b3a26d44a5f73..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"44.0.0"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/integ.json index e048f1951afd3..e07c60d67aa18 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "testCases": { "Integ/DefaultTest": { "stacks": [ @@ -9,5 +9,5 @@ "assertionStackName": "IntegDefaultTestDeployAssert4E6713E1" } }, - "minimumCliVersion": "2.1018.0" + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/manifest.json index c206cf695a218..e0741cb82145e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "artifacts": { "cdk-integ-opensearch-instance-store.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7d33352f78462dd72c51edb98b20b84b6e9f155f9f96873ac615fc32758db5a0.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/854c51676000ffd0dbc9006218d1ce1cd13818f9f46ebc4e640705f6094bec1a.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -37,18 +37,7 @@ "/cdk-integ-opensearch-instance-store/Domain1": [ { "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "version": "*", - "capacity": { - "multiAzWithStandbyEnabled": false, - "dataNodeInstanceType": "*", - "dataNodes": "*" - }, - "ebs": { - "enabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-instance-store/Domain1/Resource": [ @@ -60,18 +49,7 @@ "/cdk-integ-opensearch-instance-store/Domain2": [ { "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "version": "*", - "capacity": { - "multiAzWithStandbyEnabled": false, - "dataNodeInstanceType": "*", - "dataNodes": "*" - }, - "ebs": { - "enabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-instance-store/Domain2/Resource": [ @@ -83,18 +61,7 @@ "/cdk-integ-opensearch-instance-store/Domain3": [ { "type": "aws:cdk:analytics:construct", - "data": { - "removalPolicy": "destroy", - "version": "*", - "capacity": { - "multiAzWithStandbyEnabled": false, - "dataNodeInstanceType": "*", - "dataNodes": "*" - }, - "ebs": { - "enabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-instance-store/Domain3/Resource": [ @@ -103,6 +70,18 @@ "data": "Domain3BE108C7A" } ], + "/cdk-integ-opensearch-instance-store/Domain4": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/cdk-integ-opensearch-instance-store/Domain4/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Domain4590DF99F" + } + ], "/cdk-integ-opensearch-instance-store/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -171,7 +150,502 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "userValue": true, + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "userValue": true, + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + }, + "@aws-cdk/aws-elasticloadbalancingv2:networkLoadBalancerWithSecurityGroupByDefault": { + "recommendedValue": true, + "explanation": "When enabled, Network Load Balancer will be created with a security group by default." + }, + "@aws-cdk/aws-stepfunctions-tasks:httpInvokeDynamicJsonPathEndpoint": { + "recommendedValue": true, + "explanation": "When enabled, allows using a dynamic apiEndpoint with JSONPath format in HttpInvoke tasks.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:uniqueTargetGroupId": { + "recommendedValue": true, + "explanation": "When enabled, ECS patterns will generate unique target group IDs to prevent conflicts during load balancer replacement" + } + } + } } }, - "minimumCliVersion": "2.1018.0" + "minimumCliVersion": "2.1031.2" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/tree.json index 6a5ced4ae0613..1a22ea58a77b1 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"cdk-integ-opensearch-instance-store":{"id":"cdk-integ-opensearch-instance-store","path":"cdk-integ-opensearch-instance-store","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Domain1":{"id":"Domain1","path":"cdk-integ-opensearch-instance-store/Domain1","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"removalPolicy":"destroy","version":"*","capacity":{"multiAzWithStandbyEnabled":false,"dataNodeInstanceType":"*","dataNodes":"*"},"ebs":{"enabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain1/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"i4g.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"Domain2":{"id":"Domain2","path":"cdk-integ-opensearch-instance-store/Domain2","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"removalPolicy":"destroy","version":"*","capacity":{"multiAzWithStandbyEnabled":false,"dataNodeInstanceType":"*","dataNodes":"*"},"ebs":{"enabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain2/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"i4i.xlarge.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"Domain3":{"id":"Domain3","path":"cdk-integ-opensearch-instance-store/Domain3","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"removalPolicy":"destroy","version":"*","capacity":{"multiAzWithStandbyEnabled":false,"dataNodeInstanceType":"*","dataNodes":"*"},"ebs":{"enabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain3/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r7gd.xlarge.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-instance-store/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-instance-store/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"Integ":{"id":"Integ","path":"Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-instance-store":{"id":"cdk-integ-opensearch-instance-store","path":"cdk-integ-opensearch-instance-store","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Domain1":{"id":"Domain1","path":"cdk-integ-opensearch-instance-store/Domain1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain1/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"i4g.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"Domain2":{"id":"Domain2","path":"cdk-integ-opensearch-instance-store/Domain2","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain2/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"i4i.xlarge.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"Domain3":{"id":"Domain3","path":"cdk-integ-opensearch-instance-store/Domain3","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain3/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r7gd.xlarge.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"Domain4":{"id":"Domain4","path":"cdk-integ-opensearch-instance-store/Domain4","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-instance-store/Domain4/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r8gd.medium.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":false},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-instance-store/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-instance-store/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"Integ":{"id":"Integ","path":"Integ","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"Integ/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"Integ/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"Integ/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"Integ/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"Integ/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.ts index e42d44d041b71..c9460b057b940 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.ebs.ts @@ -7,7 +7,7 @@ class TestStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); - const instanceTypes = ['i4g.large.search', 'i4i.xlarge.search', 'r7gd.xlarge.search']; + const instanceTypes = ['i4g.large.search', 'i4i.xlarge.search', 'r7gd.xlarge.search', 'r8gd.medium.search']; instanceTypes.forEach((instanceType, index) => { new opensearch.Domain(this, `Domain${index + 1}`, { diff --git a/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts b/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts index a296c16785303..57efcb81c4ea2 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts @@ -1651,6 +1651,7 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { ec2.InstanceClass.I8G, ec2.InstanceClass.IM4GN, ec2.InstanceClass.R7GD, + ec2.InstanceClass.R8GD, ]; const supportInstanceStorageInstanceType = [ diff --git a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts index c6837c4eb3981..3b2a59289460d 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts @@ -2008,6 +2008,7 @@ each(testedOpenSearchVersions).describe('custom error responses', (engineVersion 'i4i.xlarge.search', 'i8g.4xlarge.search', 'r7gd.xlarge.search', + 'r8gd.medium.search', ])('error when %s instance type is specified with EBS enabled', (dataNodeInstanceType) => { expect(() => new Domain(stack, 'Domain2', { version: engineVersion, @@ -2018,7 +2019,7 @@ each(testedOpenSearchVersions).describe('custom error responses', (engineVersion volumeSize: 100, volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, }, - })).toThrow(/I3, R6GD, I4G, I4I, I8G, IM4GN and R7GD instance types do not support EBS storage volumes./); + })).toThrow(/I3, R6GD, I4G, I4I, I8G, IM4GN, R7GD and R8GD instance types do not support EBS storage volumes./); }); test.each([ @@ -2029,6 +2030,7 @@ each(testedOpenSearchVersions).describe('custom error responses', (engineVersion 'i4i.xlarge.search', 'i8g.4xlarge.search', 'r7gd.xlarge.search', + 'r8gd.medium.search', ])('should not throw when %s instance type is specified without EBS enabled', (dataNodeInstanceType) => { expect(() => new Domain(stack, 'Domain2', { version: engineVersion, @@ -2077,7 +2079,7 @@ each(testedOpenSearchVersions).describe('custom error responses', (engineVersion capacity: { masterNodeInstanceType, }, - })).toThrow(/EBS volumes are required when using instance types other than R3, I3, R6GD, I4G, I4I, I8G, IM4GN or R7GD./); + })).toThrow(/EBS volumes are required when using instance types other than R3, I3, R6GD, I4G, I4I, I8G, IM4GN, R7GD or R8GD./); }); test('can use compatible master instance types that does not have local storage when data node type is i3 or r6gd', () => {