chore: fix example compilation issues (aws#26331)

Turning rosetta back on again. Was turned off in April in aws#26330 and never turned on again. Therefore we have a significant diff of uncompilable examples. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
bmoffatt · Jul 28, 2023 · 36b2e49 · 36b2e49
1 parent 0cac95a
commit 36b2e49
Show file tree

Hide file tree

Showing 36 changed files with 230 additions and 184 deletions.
diff --git a/package.json b/package.json
@@ -19,7 +19,7 @@
  "@types/node": "18.11.19",
  "@types/prettier": "2.6.0",
  "@yarnpkg/lockfile": "^1.1.0",
- "cdk-generate-synthetic-examples": "^0.1.287",
+ "cdk-generate-synthetic-examples": "^0.1.291",
  "conventional-changelog-cli": "^2.2.2",
  "fs-extra": "^9.1.0",
  "graceful-fs": "^4.2.11",

diff --git a/packages/aws-cdk-lib/aws-apigateway/README.md b/packages/aws-cdk-lib/aws-apigateway/README.md
@@ -63,9 +63,11 @@ book.addMethod('DELETE');
 To give an IAM User or Role permission to invoke a method, use `grantExecute`:
 
 ```ts
-declare user: iam.User;
-const books = api.root.addResource('books');
-books.grantExecute(user);
+declare const api: apigateway.RestApi;
+declare const user: iam.User;
+
+const method = api.root.addResource('books').addMethod('GET');
+method.grantExecute(user);
 ```
 
 ## AWS Lambda-backed APIs

diff --git a/packages/aws-cdk-lib/aws-appmesh/README.md b/packages/aws-cdk-lib/aws-appmesh/README.md
@@ -233,7 +233,7 @@ const node = new appmesh.VirtualNode(this, 'node', {
 
 By using a key-value pair indexed signature, you can specify json key pairs to customize the log entry pattern. You can also use text format as below. You can only specify one of these 2 formats.
 
-```ts
+```text
  accessLog: appmesh.AccessLog.fromFilePath('/dev/stdout', appmesh.LoggingFormat.fromText('test_pattern')),
 ```
 

diff --git a/packages/aws-cdk-lib/aws-appsync/README.md b/packages/aws-cdk-lib/aws-appsync/README.md
@@ -220,8 +220,8 @@ const httpDs = api.addHttpDataSource(
  authorizationConfig: {
  signingRegion: 'us-east-1',
  signingServiceName: 'states',
- }
- }
+ },
+ },
 );
 
 httpDs.createResolver('MutationCallStepFunctionResolver', {
@@ -302,12 +302,14 @@ events. More information can be found
 CDK stack file `app-stack.ts`:
 
 ```ts
-const api = new appsync.GraphqlApi(stack, 'EventBridgeApi', {
+import * as events from 'aws-cdk-lib/aws-events';
+
+const api = new appsync.GraphqlApi(this, 'EventBridgeApi', {
  name: 'EventBridgeApi',
  schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.eventbridge.graphql')),
 });
 
-const bus = new events.EventBus(stack, 'DestinationEventBus', {});
+const bus = new events.EventBus(this, 'DestinationEventBus', {});
 
 const dataSource = api.addEventBridgeDataSource('NoneDS', bus);
 
@@ -468,15 +470,15 @@ sources and resolvers, an `apiId` is sufficient.
 By default all AppSync GraphQL APIs are public and can be accessed from the internet. 
 For customers that want to limit access to be from their VPC, the optional API `visibility` property can be set to `Visibility.PRIVATE` 
 at creation time. To explicitly create a public API, the `visibility` property should be set to `Visibility.GLOBAL`. 
-If visbility is not set, the service will default to `GLOBAL`.
+If visibility is not set, the service will default to `GLOBAL`.
 
 CDK stack file `app-stack.ts`:
 
 ```ts
-const api = new appsync.GraphqlApi(stack, 'api', {
+const api = new appsync.GraphqlApi(this, 'api', {
  name: 'MyPrivateAPI',
  schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.schema.graphql')),
- visbility: appsync.Visibility.PRIVATE,
+ visibility: appsync.Visibility.PRIVATE,
 });
 ```
 

diff --git a/packages/aws-cdk-lib/aws-codepipeline-actions/README.md b/packages/aws-cdk-lib/aws-codepipeline-actions/README.md
@@ -857,9 +857,11 @@ Here's an example:
 To use an S3 Bucket as a deployment target in CodePipeline:
 
 ```ts
+import * as kms from 'aws-cdk-lib/aws-kms';
+
 const sourceOutput = new codepipeline.Artifact();
 const targetBucket = new s3.Bucket(this, 'MyBucket');
-const key: kms.IKey = new kms.Key(stack, 'EnvVarEncryptKey', {
+const key: kms.IKey = new kms.Key(this, 'EnvVarEncryptKey', {
  description: 'sample key',
 });
 

diff --git a/packages/aws-cdk-lib/aws-ec2/README.md b/packages/aws-cdk-lib/aws-ec2/README.md
@@ -1862,8 +1862,6 @@ an instance. For information on Launch Templates please see the
 The following demonstrates how to create a launch template with an Amazon Machine Image, security group, and an instance profile.
 
 ```ts
-import * as iam from 'aws-cdk-lib/aws-iam';
-
 declare const vpc: ec2.Vpc;
 
 const role = new iam.Role(this, 'Role', {
@@ -1897,14 +1895,16 @@ new ec2.LaunchTemplate(this, 'LaunchTemplate', {
 And the following demonstrates how to add one or more security groups to launch template.
 
 ```ts
-const sg1 = new ec2.SecurityGroup(stack, 'sg1', {
+declare const vpc: ec2.Vpc;
+
+const sg1 = new ec2.SecurityGroup(this, 'sg1', {
  vpc: vpc,
 });
-const sg2 = new ec2.SecurityGroup(stack, 'sg2', {
+const sg2 = new ec2.SecurityGroup(this, 'sg2', {
  vpc: vpc,
 });
 
-const launchTemplate = new ec2.LaunchTemplate(stack, 'LaunchTemplate', {
+const launchTemplate = new ec2.LaunchTemplate(this, 'LaunchTemplate', {
  machineImage: ec2.MachineImage.latestAmazonLinux2022(),
  securityGroup: sg1,
 });
@@ -1915,8 +1915,8 @@ launchTemplate.addSecurityGroup(sg2);
 To use [AWS Systems Manager parameters instead of AMI IDs](https://docs.aws.amazon.com/autoscaling/ec2/userguide/using-systems-manager-parameters.html) in launch templates and resolve the AMI IDs at instance launch time:
 
 ```ts
-const launchTemplate = new ec2.LaunchTemplate(stack, 'LaunchTemplate', {
- machineImage: ec2.MachineImage.resolveSsmParameterAtLaunch('parameterName');
+const launchTemplate = new ec2.LaunchTemplate(this, 'LaunchTemplate', {
+ machineImage: ec2.MachineImage.resolveSsmParameterAtLaunch('parameterName'),
 });
 ```
 

diff --git a/packages/aws-cdk-lib/aws-ec2/lib/launch-template.ts b/packages/aws-cdk-lib/aws-ec2/lib/launch-template.ts
@@ -245,15 +245,14 @@ export interface LaunchTemplateProps {
  /**
  * An IAM role to associate with the instance profile that is used by instances.
  *
- * The role must be assumable by the service principal `ec2.amazonaws.com`:
+ * The role must be assumable by the service principal `ec2.amazonaws.com`.
+ * Note: You can provide an instanceProfile or a role, but not both.
  *
  * @example
  * const role = new iam.Role(this, 'MyRole', {
  * assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com')
  * });
  *
- * Note: You can provide an instanceProfile or a role, but not both.
- *
  * @default - No new role is created.
  */
  readonly role?: iam.IRole;

diff --git a/packages/aws-cdk-lib/aws-ecr/README.md b/packages/aws-cdk-lib/aws-ecr/README.md
@@ -1,6 +1,5 @@
 # Amazon ECR Construct Library
 
-
 This package contains constructs for working with Amazon Elastic Container Registry.
 
 ## Repositories
@@ -14,7 +13,10 @@ const repository = new ecr.Repository(this, 'Repository');
 
 ## Image scanning
 
-Amazon ECR image scanning helps in identifying software vulnerabilities in your container images. You can manually scan container images stored in Amazon ECR, or you can configure your repositories to scan images when you push them to a repository. To create a new repository to scan on push, simply enable `imageScanOnPush` in the properties
+Amazon ECR image scanning helps in identifying software vulnerabilities in your container images.
+You can manually scan container images stored in Amazon ECR, or you can configure your repositories
+to scan images when you push them to a repository. To create a new repository to scan on push, simply
+enable `imageScanOnPush` in the properties.
 
 ```ts
 const repository = new ecr.Repository(this, 'Repo', {
@@ -76,6 +78,8 @@ The grantPush method grants the specified IAM entity (the grantee) permission to
 Here is an example of granting a user push permissions:
 
 ```ts
+declare const repository: ecr.Repository;
+
 const role = new iam.Role(this, 'Role', {
  assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com'),
 });
@@ -91,6 +95,8 @@ The grantPull method grants the specified IAM entity (the grantee) permission to
 - 'ecr:GetAuthorizationToken'
 
 ```ts
+declare const repository: ecr.Repository;
+
 const role = new iam.Role(this, 'Role', {
  assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com'),
 });
@@ -103,6 +109,8 @@ The grantPullPush method grants the specified IAM entity (the grantee) permissio
 Here is an example of granting a user both pull and push permissions:
 
 ```ts
+declare const repository: ecr.Repository;
+
 const role = new iam.Role(this, 'Role', {
  assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com'),
 });

diff --git a/packages/aws-cdk-lib/aws-ecs/README.md b/packages/aws-cdk-lib/aws-ecs/README.md
@@ -631,15 +631,17 @@ changes the status of the primary deployment to COMPLETED.
 
 ```ts
 import * as cw from 'aws-cdk-lib/aws-cloudwatch';
+
 declare const cluster: ecs.Cluster;
 declare const taskDefinition: ecs.TaskDefinition;
-declare const elbAlarm: cloudwatch.Alarm; 
+declare const elbAlarm: cw.Alarm;
+
 const service = new ecs.FargateService(this, 'Service', {
  cluster,
  taskDefinition,
  deploymentAlarms: {
- alarms: [elbAlarm.alarmName]
- behavior: AlarmBehavior.ROLLBACK_ON_ALARM,
+ alarmNames: [elbAlarm.alarmName],
+ behavior: ecs.AlarmBehavior.ROLLBACK_ON_ALARM,
  },
 });
 
@@ -651,8 +653,11 @@ new cw.Alarm(this, 'CPUAlarm', {
  evaluationPeriods: 2,
  threshold: 80,
 });
-service.enableDeploymentAlarms([cpuAlarmName], AlarmBehavior.FAIL_ON_ALARM);
+service.enableDeploymentAlarms([cpuAlarmName], {
+ behavior: ecs.AlarmBehavior.FAIL_ON_ALARM,
+});
 ```
+
 > Note: Deployment alarms are only available when `deploymentController` is set
 > to `DeploymentControllerType.ECS`, which is the default.
 
@@ -685,8 +690,10 @@ there are two options to avoid the circular dependency.
 Option 1, defining a physical name for the alarm:
 ```ts
 import * as cw from 'aws-cdk-lib/aws-cloudwatch';
+
 declare const cluster: ecs.Cluster;
 declare const taskDefinition: ecs.TaskDefinition;
+
 const service = new ecs.FargateService(this, 'Service', {
  cluster,
  taskDefinition,
@@ -701,13 +708,16 @@ const myAlarm = new cw.Alarm(this, 'CPUAlarm', {
 });
 
 // Using `myAlarm.alarmName` here will cause a circular dependency
-service.enableDeploymentAlarms([cpuAlarmName], AlarmBehavior.FAIL_ON_ALARM);
+service.enableDeploymentAlarms([cpuAlarmName], {
+ behavior: ecs.AlarmBehavior.FAIL_ON_ALARM,
+});
 ```
 
 Option 2, defining a physical name for the service:
+
 ```ts
-import * as cdk from 'aws-cdk-lib'
 import * as cw from 'aws-cdk-lib/aws-cloudwatch';
+
 declare const cluster: ecs.Cluster;
 declare const taskDefinition: ecs.TaskDefinition;
 const serviceName = 'MyFargateService';
@@ -717,25 +727,27 @@ const service = new ecs.FargateService(this, 'Service', {
  taskDefinition,
 });
 
-const cpuMetric = new cw.Metric(
- metricName: 'CPUUtilization'
- namespace: 'AWS/ECS'
- period: cdk.Duration.minutes(5),
+const cpuMetric = new cw.Metric({
+ metricName: 'CPUUtilization',
+ namespace: 'AWS/ECS',
+ period: Duration.minutes(5),
  statistic: 'Average',
  dimensionsMap: {
  ClusterName: cluster.clusterName,
  // Using `service.serviceName` here will cause a circular dependency
  ServiceName: serviceName,
  },
-);
+});
 const myAlarm = new cw.Alarm(this, 'CPUAlarm', {
- alarmName: cpuAlarmName,
+ alarmName: 'cpuAlarmName',
  metric: cpuMetric,
  evaluationPeriods: 2,
  threshold: 80,
 });
 
-service.enableDeploymentAlarms([myAlarm.alarmName], AlarmBehavior.FAIL_ON_ALARM);
+service.enableDeploymentAlarms([myAlarm.alarmName], {
+ behavior: ecs.AlarmBehavior.FAIL_ON_ALARM,
+});
 ```
 
 This issue only applies if the metrics to alarm on are emitted by the service

diff --git a/packages/aws-cdk-lib/aws-eks/README.md b/packages/aws-cdk-lib/aws-eks/README.md
@@ -654,6 +654,12 @@ You can optionally choose to configure your cluster to use IPv6 using the [`ipFa
 ```ts
 declare const vpc: ec2.Vpc;
 
+function associateSubnetWithV6Cidr(vpc: ec2.Vpc, count: number, subnet: ec2.ISubnet) {
+ const cfnSubnet = subnet.node.defaultChild as ec2.CfnSubnet;
+ cfnSubnet.ipv6CidrBlock = Fn.select(count, Fn.cidr(Fn.select(0, vpc.vpcIpv6CidrBlocks), 256, (128 - 64).toString()));
+ cfnSubnet.assignIpv6AddressOnCreation = true;
+}
+
 // make an ipv6 cidr
 const ipv6cidr = new ec2.CfnVPCCidrBlock(this, 'CIDR6', {
  vpcId: vpc.vpcId,
@@ -662,20 +668,20 @@ const ipv6cidr = new ec2.CfnVPCCidrBlock(this, 'CIDR6', {
 
 // connect the ipv6 cidr to all vpc subnets
 let subnetcount = 0;
-let subnets = [...vpc.publicSubnets, ...vpc.privateSubnets];
-for ( let subnet of subnets) {
+const subnets = vpc.publicSubnets.concat(vpc.privateSubnets);
+for (let subnet of subnets) {
  // Wait for the ipv6 cidr to complete
  subnet.node.addDependency(ipv6cidr);
- this._associate_subnet_with_v6_cidr(subnetcount, subnet);
- subnetcount++;
+ associateSubnetWithV6Cidr(vpc, subnetcount, subnet);
+ subnetcount = subnetcount + 1;
 }
 
 const cluster = new eks.Cluster(this, 'hello-eks', {
+ version: eks.KubernetesVersion.V1_27,
  vpc: vpc,
  ipFamily: eks.IpFamily.IP_V6,
- vpcSubnets: [{ subnets: [...vpc.publicSubnets] }],
+ vpcSubnets: [{ subnets: vpc.publicSubnets }],
 });
-
 ```
 
 ### Kubectl Support