From 9381880be98ab76580e7638c5d1b929d1e94e80d Mon Sep 17 00:00:00 2001 From: Daniel Bartholomae Date: Mon, 17 Jul 2023 15:41:01 +0200 Subject: [PATCH] fix(s3): allow empty string as keyPrefixEquals (#26243) Closes #26242 . ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../cdk.out | 1 + ...efaultTestDeployAssertB89636B8.assets.json | 19 +++ ...aultTestDeployAssertB89636B8.template.json | 36 +++++ .../integ.json | 12 ++ .../manifest.json | 111 ++++++++++++++ .../s3-bucket-routing.assets.json | 19 +++ .../s3-bucket-routing.template.json | 60 ++++++++ .../tree.json | 139 ++++++++++++++++++ .../integ.bucket.website-routing-rules.ts | 23 +++ packages/aws-cdk-lib/aws-s3/lib/bucket.ts | 2 +- .../aws-cdk-lib/aws-s3/test/bucket.test.ts | 32 ++++ 11 files changed, 453 insertions(+), 1 deletion(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdk.out new file mode 100644 index 0000000000000..f0b901e7c06e5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets.json new file mode 100644 index 0000000000000..09966cb17b39d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets.json @@ -0,0 +1,19 @@ +{ + "version": "32.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/integ.json new file mode 100644 index 0000000000000..0a80e2e885375 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "32.0.0", + "testCases": { + "cdk-integ-s3-bucket/DefaultTest": { + "stacks": [ + "s3-bucket-routing" + ], + "assertionStack": "cdk-integ-s3-bucket/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegs3bucketDefaultTestDeployAssertB89636B8" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/manifest.json new file mode 100644 index 0000000000000..940b94f176503 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/manifest.json @@ -0,0 +1,111 @@ +{ + "version": "32.0.0", + "artifacts": { + "s3-bucket-routing.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "s3-bucket-routing.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "s3-bucket-routing": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "s3-bucket-routing.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4c953dadd81493b9ba7f2a1c7b5aea35907c8e0df9be35cd5171c5d4393f5482.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "s3-bucket-routing.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "s3-bucket-routing.assets" + ], + "metadata": { + "/s3-bucket-routing/MyBucketWithRoutingRules/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyBucketWithRoutingRulesC6E1CAA2" + } + ], + "/s3-bucket-routing/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/s3-bucket-routing/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "s3-bucket-routing" + }, + "cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegs3bucketDefaultTestDeployAssertB89636B8": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegs3bucketDefaultTestDeployAssertB89636B8.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegs3bucketDefaultTestDeployAssertB89636B8.assets" + ], + "metadata": { + "/cdk-integ-s3-bucket/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-s3-bucket/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-s3-bucket/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.assets.json new file mode 100644 index 0000000000000..d429f99eb00e3 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.assets.json @@ -0,0 +1,19 @@ +{ + "version": "32.0.0", + "files": { + "4c953dadd81493b9ba7f2a1c7b5aea35907c8e0df9be35cd5171c5d4393f5482": { + "source": { + "path": "s3-bucket-routing.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "4c953dadd81493b9ba7f2a1c7b5aea35907c8e0df9be35cd5171c5d4393f5482.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.template.json new file mode 100644 index 0000000000000..1f15e8e9a5c9f --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/s3-bucket-routing.template.json @@ -0,0 +1,60 @@ +{ + "Resources": { + "MyBucketWithRoutingRulesC6E1CAA2": { + "Type": "AWS::S3::Bucket", + "Properties": { + "WebsiteConfiguration": { + "IndexDocument": "index.html", + "RoutingRules": [ + { + "RedirectRule": { + "HostName": "example.com", + "Protocol": "https", + "ReplaceKeyWith": "/" + }, + "RoutingRuleCondition": { + "KeyPrefixEquals": "" + } + } + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/tree.json new file mode 100644 index 0000000000000..d2a695b2395d7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.js.snapshot/tree.json @@ -0,0 +1,139 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "s3-bucket-routing": { + "id": "s3-bucket-routing", + "path": "s3-bucket-routing", + "children": { + "MyBucketWithRoutingRules": { + "id": "MyBucketWithRoutingRules", + "path": "s3-bucket-routing/MyBucketWithRoutingRules", + "children": { + "Resource": { + "id": "Resource", + "path": "s3-bucket-routing/MyBucketWithRoutingRules/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": { + "websiteConfiguration": { + "indexDocument": "index.html", + "routingRules": [ + { + "redirectRule": { + "hostName": "example.com", + "protocol": "https", + "replaceKeyWith": "/" + }, + "routingRuleCondition": { + "keyPrefixEquals": "" + } + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.Bucket", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "s3-bucket-routing/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "s3-bucket-routing/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-s3-bucket": { + "id": "cdk-integ-s3-bucket", + "path": "cdk-integ-s3-bucket", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-s3-bucket/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-s3-bucket/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.55" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-s3-bucket/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-s3-bucket/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-s3-bucket/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.55" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.ts new file mode 100644 index 0000000000000..4f0ffc8054b4f --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket.website-routing-rules.ts @@ -0,0 +1,23 @@ +#!/usr/bin/env node +import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as s3 from 'aws-cdk-lib/aws-s3'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 's3-bucket-routing'); + +new s3.Bucket(stack, 'MyBucketWithRoutingRules', { + removalPolicy: cdk.RemovalPolicy.DESTROY, + websiteIndexDocument: 'index.html', + websiteRoutingRules: [{ + condition: { keyPrefixEquals: '' }, + hostName: 'example.com', + protocol: s3.RedirectProtocol.HTTPS, + replaceKey: s3.ReplaceKey.with('/'), + }], +}); + +new IntegTest(app, 'cdk-integ-s3-bucket', { + testCases: [stack], +}); diff --git a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts index 3eb7cfce25a78..6812e73bb0af5 100644 --- a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts +++ b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts @@ -2318,7 +2318,7 @@ export class Bucket extends BucketBase { } const routingRules = props.websiteRoutingRules ? props.websiteRoutingRules.map((rule) => { - if (rule.condition && !rule.condition.httpErrorCodeReturnedEquals && !rule.condition.keyPrefixEquals) { + if (rule.condition && rule.condition.httpErrorCodeReturnedEquals == null && rule.condition.keyPrefixEquals == null) { throw new Error('The condition property cannot be an empty object'); } diff --git a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts index 1eef08ff7ad8b..7f7b672f5df00 100644 --- a/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts +++ b/packages/aws-cdk-lib/aws-s3/test/bucket.test.ts @@ -2592,6 +2592,38 @@ describe('bucket', () => { }, }); + }); + test('adds RedirectRules property with empty keyPrefixEquals condition', () => { + const stack = new cdk.Stack(); + new s3.Bucket(stack, 'Website', { + websiteRoutingRules: [{ + hostName: 'www.example.com', + httpRedirectCode: '302', + protocol: s3.RedirectProtocol.HTTPS, + replaceKey: s3.ReplaceKey.prefixWith('test/'), + condition: { + httpErrorCodeReturnedEquals: '200', + keyPrefixEquals: '', + }, + }], + }); + Template.fromStack(stack).hasResourceProperties('AWS::S3::Bucket', { + WebsiteConfiguration: { + RoutingRules: [{ + RedirectRule: { + HostName: 'www.example.com', + HttpRedirectCode: '302', + Protocol: 'https', + ReplaceKeyPrefixWith: 'test/', + }, + RoutingRuleCondition: { + HttpErrorCodeReturnedEquals: '200', + KeyPrefixEquals: '', + }, + }], + }, + }); + }); test('fails if routingRule condition object is empty', () => { const stack = new cdk.Stack();