From 2f26f78abec3ca313b18026e58eb24698baaa1f9 Mon Sep 17 00:00:00 2001 From: u-pant Date: Wed, 15 Nov 2023 19:56:55 -0600 Subject: [PATCH 1/8] chore: add integ test for postgres with access to S3 bucket (#28000) Add integ test for postgres with access to S3 bucket for import and export. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...s-cdk-rds-s3-postgres-15-integ.assets.json | 19 + ...cdk-rds-s3-postgres-15-integ.template.json | 742 ++++++++++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 317 ++++ ...efaultTestDeployAssert71482B98.assets.json | 19 + ...aultTestDeployAssert71482B98.template.json | 36 + .../tree.json | 1272 +++++++++++++++++ .../aws-rds/test/integ.cluster-s3.postgres.ts | 39 + 9 files changed, 2457 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.assets.json new file mode 100644 index 0000000000000..1c7a6886df6c7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "ea895614984ac841bbd8a10c8301e71d72ec6b84142e6fbb849ad47874282215": { + "source": { + "path": "aws-cdk-rds-s3-postgres-15-integ.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "ea895614984ac841bbd8a10c8301e71d72ec6b84142e6fbb849ad47874282215.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.template.json new file mode 100644 index 0000000000000..ed4a37b7fb7e3 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/aws-cdk-rds-s3-postgres-15-integ.template.json @@ -0,0 +1,742 @@ +{ + "Resources": { + "VPCB9E5F0B4": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC" + } + ] + } + }, + "VPCPublicSubnet1SubnetB4246D30": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPublicSubnet1RouteTableFEE4B781": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPublicSubnet1RouteTableAssociation0B0896DC": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "VPCPublicSubnet1DefaultRoute91CEF279": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + }, + "DependsOn": [ + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet1EIP6AD938E8": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ] + } + }, + "VPCPublicSubnet1NATGatewayE0556630": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VPCPublicSubnet1DefaultRoute91CEF279", + "VPCPublicSubnet1RouteTableAssociation0B0896DC" + ] + }, + "VPCPublicSubnet2Subnet74179F39": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPublicSubnet2RouteTable6F1A15F1": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPublicSubnet2RouteTableAssociation5A808732": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "SubnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "VPCPublicSubnet2DefaultRouteB7481BBA": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "RouteTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + }, + "DependsOn": [ + "VPCVPCGW99B986DC" + ] + }, + "VPCPublicSubnet2EIP4947BC00": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ] + } + }, + "VPCPublicSubnet2NATGateway3C070193": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet2EIP4947BC00", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VPCPublicSubnet2DefaultRouteB7481BBA", + "VPCPublicSubnet2RouteTableAssociation5A808732" + ] + }, + "VPCPrivateSubnet1Subnet8BCA10E0": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPrivateSubnet1RouteTableBE8A6027": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPrivateSubnet1RouteTableAssociation347902D1": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "SubnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "VPCPrivateSubnet1DefaultRouteAE1D6490": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + }, + "RouteTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + } + } + }, + "VPCPrivateSubnet2SubnetCFCDAA7A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPrivateSubnet2RouteTable0A19E10E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "VPCPrivateSubnet2RouteTableAssociation0C73D413": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "SubnetId": { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + } + }, + "VPCPrivateSubnet2DefaultRouteF4F5CFD2": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VPCPublicSubnet2NATGateway3C070193" + }, + "RouteTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + } + } + }, + "VPCIGWB7E252D3": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-cdk-rds-s3-postgres-15-integ/VPC" + } + ] + } + }, + "VPCVPCGW99B986DC": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "ImportExportBucket642DD829": { + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "PostgresDatabaseSubnets7DD9954C": { + "Type": "AWS::RDS::DBSubnetGroup", + "Properties": { + "DBSubnetGroupDescription": "Subnets for PostgresDatabase database", + "SubnetIds": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ] + } + }, + "PostgresDatabaseSecurityGroup29446EF6": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "RDS security group", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "PostgresDatabaseS3ImportRole4084FB4D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PostgresDatabaseS3ImportRoleDefaultPolicy3F7A1AD5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PostgresDatabaseS3ImportRoleDefaultPolicy3F7A1AD5", + "Roles": [ + { + "Ref": "PostgresDatabaseS3ImportRole4084FB4D" + } + ] + } + }, + "PostgresDatabaseS3ExportRoleE7B3885C": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "PostgresDatabaseS3ExportRoleDefaultPolicy629F8CCF": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "PostgresDatabaseS3ExportRoleDefaultPolicy629F8CCF", + "Roles": [ + { + "Ref": "PostgresDatabaseS3ExportRoleE7B3885C" + } + ] + } + }, + "PostgresDatabaseSecret8058A22A": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "Description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "GenerateSecretString": { + "ExcludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\", + "GenerateStringKey": "password", + "PasswordLength": 30, + "SecretStringTemplate": "{\"username\":\"postgres\"}" + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "PostgresDatabaseSecretAttachment25D11930": { + "Type": "AWS::SecretsManager::SecretTargetAttachment", + "Properties": { + "SecretId": { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + "TargetId": { + "Ref": "PostgresDatabase0A8A7373" + }, + "TargetType": "AWS::RDS::DBCluster" + } + }, + "PostgresDatabase0A8A7373": { + "Type": "AWS::RDS::DBCluster", + "Properties": { + "AssociatedRoles": [ + { + "FeatureName": "s3Import", + "RoleArn": { + "Fn::GetAtt": [ + "PostgresDatabaseS3ImportRole4084FB4D", + "Arn" + ] + } + }, + { + "FeatureName": "s3Export", + "RoleArn": { + "Fn::GetAtt": [ + "PostgresDatabaseS3ExportRoleE7B3885C", + "Arn" + ] + } + } + ], + "CopyTagsToSnapshot": true, + "DBClusterParameterGroupName": "default.aurora-postgresql15", + "DBSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "Engine": "aurora-postgresql", + "EngineVersion": "15.3", + "MasterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + ":SecretString:password::}}" + ] + ] + }, + "MasterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + ":SecretString:username::}}" + ] + ] + }, + "Port": 5432, + "VpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "PostgresDatabaseSecurityGroup29446EF6", + "GroupId" + ] + } + ] + }, + "UpdateReplacePolicy": "Snapshot", + "DeletionPolicy": "Snapshot" + }, + "PostgresDatabaseWriterInstance3FA5D5E7": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBClusterIdentifier": { + "Ref": "PostgresDatabase0A8A7373" + }, + "DBInstanceClass": "db.t3.medium", + "DBSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "Engine": "aurora-postgresql" + }, + "DependsOn": [ + "VPCPrivateSubnet1DefaultRouteAE1D6490", + "VPCPrivateSubnet1RouteTableAssociation347902D1", + "VPCPrivateSubnet2DefaultRouteF4F5CFD2", + "VPCPrivateSubnet2RouteTableAssociation0C73D413" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "PostgresDatabaseReaderInstance70A1AD02": { + "Type": "AWS::RDS::DBInstance", + "Properties": { + "DBClusterIdentifier": { + "Ref": "PostgresDatabase0A8A7373" + }, + "DBInstanceClass": "db.t3.medium", + "DBSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "Engine": "aurora-postgresql" + }, + "DependsOn": [ + "VPCPrivateSubnet1DefaultRouteAE1D6490", + "VPCPrivateSubnet1RouteTableAssociation347902D1", + "VPCPrivateSubnet2DefaultRouteF4F5CFD2", + "VPCPrivateSubnet2RouteTableAssociation0C73D413" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/cdk.out new file mode 100644 index 0000000000000..c5cb2e5de6344 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/integ.json new file mode 100644 index 0000000000000..1f1e0f987787d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "35.0.0", + "testCases": { + "postgres-s3-integ-test/DefaultTest": { + "stacks": [ + "aws-cdk-rds-s3-postgres-15-integ" + ], + "assertionStack": "postgres-s3-integ-test/DefaultTest/DeployAssert", + "assertionStackName": "postgress3integtestDefaultTestDeployAssert71482B98" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/manifest.json new file mode 100644 index 0000000000000..28a2f58890f08 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/manifest.json @@ -0,0 +1,317 @@ +{ + "version": "35.0.0", + "artifacts": { + "aws-cdk-rds-s3-postgres-15-integ.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-rds-s3-postgres-15-integ.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-rds-s3-postgres-15-integ": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-rds-s3-postgres-15-integ.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ea895614984ac841bbd8a10c8301e71d72ec6b84142e6fbb849ad47874282215.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-rds-s3-postgres-15-integ.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-rds-s3-postgres-15-integ.assets" + ], + "metadata": { + "/aws-cdk-rds-s3-postgres-15-integ/VPC/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCB9E5F0B4" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1SubnetB4246D30" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableFEE4B781" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1RouteTableAssociation0B0896DC" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1DefaultRoute91CEF279" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1EIP6AD938E8" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet1NATGatewayE0556630" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2Subnet74179F39" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTable6F1A15F1" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2RouteTableAssociation5A808732" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2DefaultRouteB7481BBA" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2EIP4947BC00" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPublicSubnet2NATGateway3C070193" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1Subnet8BCA10E0" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableBE8A6027" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1RouteTableAssociation347902D1" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet1DefaultRouteAE1D6490" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTable0A19E10E" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2RouteTableAssociation0C73D413" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCPrivateSubnet2DefaultRouteF4F5CFD2" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCIGWB7E252D3" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/VPC/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VPCVPCGW99B986DC" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/ImportExportBucket/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ImportExportBucket642DD829" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Subnets/Default": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseSubnets7DD9954C" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseSecurityGroup29446EF6" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseS3ImportRole4084FB4D" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseS3ImportRoleDefaultPolicy3F7A1AD5" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseS3ExportRoleE7B3885C" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseS3ExportRoleDefaultPolicy629F8CCF" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseSecret8058A22A" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret/Attachment/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseSecretAttachment25D11930" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabase0A8A7373" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/WriterInstance": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseWriterInstance3FA5D5E7" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/ReaderInstance": [ + { + "type": "aws:cdk:logicalId", + "data": "PostgresDatabaseReaderInstance70A1AD02" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-rds-s3-postgres-15-integ/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-rds-s3-postgres-15-integ" + }, + "postgress3integtestDefaultTestDeployAssert71482B98.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "postgress3integtestDefaultTestDeployAssert71482B98.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "postgress3integtestDefaultTestDeployAssert71482B98": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "postgress3integtestDefaultTestDeployAssert71482B98.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "postgress3integtestDefaultTestDeployAssert71482B98.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "postgress3integtestDefaultTestDeployAssert71482B98.assets" + ], + "metadata": { + "/postgres-s3-integ-test/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/postgres-s3-integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "postgres-s3-integ-test/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.assets.json new file mode 100644 index 0000000000000..be2bce84bf56a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.assets.json @@ -0,0 +1,19 @@ +{ + "version": "35.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "postgress3integtestDefaultTestDeployAssert71482B98.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/postgress3integtestDefaultTestDeployAssert71482B98.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/tree.json new file mode 100644 index 0000000000000..672e1cbe055fa --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.js.snapshot/tree.json @@ -0,0 +1,1272 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-rds-s3-postgres-15-integ": { + "id": "aws-cdk-rds-s3-postgres-15-integ", + "path": "aws-cdk-rds-s3-postgres-15-integ", + "children": { + "VPC": { + "id": "VPC", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPC", + "aws:cdk:cloudformation:props": { + "cidrBlock": "10.0.0.0/16", + "enableDnsHostnames": true, + "enableDnsSupport": true, + "instanceTenancy": "default", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", + "version": "0.0.0" + } + }, + "PublicSubnet1": { + "id": "PublicSubnet1", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.0.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet1RouteTableFEE4B781" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet1EIP6AD938E8", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VPCPublicSubnet1SubnetB4246D30" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet1" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PublicSubnet2": { + "id": "PublicSubnet2", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.64.0/18", + "mapPublicIpOnLaunch": true, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Public" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Public" + }, + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + }, + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "gatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "routeTableId": { + "Ref": "VPCPublicSubnet2RouteTable6F1A15F1" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + }, + "EIP": { + "id": "EIP", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/EIP", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::EIP", + "aws:cdk:cloudformation:props": { + "domain": "vpc", + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", + "version": "0.0.0" + } + }, + "NATGateway": { + "id": "NATGateway", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2/NATGateway", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", + "aws:cdk:cloudformation:props": { + "allocationId": { + "Fn::GetAtt": [ + "VPCPublicSubnet2EIP4947BC00", + "AllocationId" + ] + }, + "subnetId": { + "Ref": "VPCPublicSubnet2Subnet74179F39" + }, + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PublicSubnet2" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet1": { + "id": "PrivateSubnet1", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.128.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet1/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet1NATGatewayE0556630" + }, + "routeTableId": { + "Ref": "VPCPrivateSubnet1RouteTableBE8A6027" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "PrivateSubnet2": { + "id": "PrivateSubnet2", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2", + "children": { + "Subnet": { + "id": "Subnet", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/Subnet", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", + "aws:cdk:cloudformation:props": { + "availabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "cidrBlock": "10.0.192.0/18", + "mapPublicIpOnLaunch": false, + "tags": [ + { + "key": "aws-cdk:subnet-name", + "value": "Private" + }, + { + "key": "aws-cdk:subnet-type", + "value": "Private" + }, + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", + "version": "0.0.0" + } + }, + "Acl": { + "id": "Acl", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/Acl", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "RouteTable": { + "id": "RouteTable", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/RouteTable", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", + "version": "0.0.0" + } + }, + "RouteTableAssociation": { + "id": "RouteTableAssociation", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/RouteTableAssociation", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", + "aws:cdk:cloudformation:props": { + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + }, + "subnetId": { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", + "version": "0.0.0" + } + }, + "DefaultRoute": { + "id": "DefaultRoute", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/PrivateSubnet2/DefaultRoute", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::Route", + "aws:cdk:cloudformation:props": { + "destinationCidrBlock": "0.0.0.0/0", + "natGatewayId": { + "Ref": "VPCPublicSubnet2NATGateway3C070193" + }, + "routeTableId": { + "Ref": "VPCPrivateSubnet2RouteTable0A19E10E" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", + "version": "0.0.0" + } + }, + "IGW": { + "id": "IGW", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/IGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", + "aws:cdk:cloudformation:props": { + "tags": [ + { + "key": "Name", + "value": "aws-cdk-rds-s3-postgres-15-integ/VPC" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", + "version": "0.0.0" + } + }, + "VPCGW": { + "id": "VPCGW", + "path": "aws-cdk-rds-s3-postgres-15-integ/VPC/VPCGW", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", + "aws:cdk:cloudformation:props": { + "internetGatewayId": { + "Ref": "VPCIGWB7E252D3" + }, + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.Vpc", + "version": "0.0.0" + } + }, + "ImportExportBucket": { + "id": "ImportExportBucket", + "path": "aws-cdk-rds-s3-postgres-15-integ/ImportExportBucket", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/ImportExportBucket/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::S3::Bucket", + "aws:cdk:cloudformation:props": {} + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.Bucket", + "version": "0.0.0" + } + }, + "PostgresDatabase": { + "id": "PostgresDatabase", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase", + "children": { + "Subnets": { + "id": "Subnets", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Subnets", + "children": { + "Default": { + "id": "Default", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Subnets/Default", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBSubnetGroup", + "aws:cdk:cloudformation:props": { + "dbSubnetGroupDescription": "Subnets for PostgresDatabase database", + "subnetIds": [ + { + "Ref": "VPCPrivateSubnet1Subnet8BCA10E0" + }, + { + "Ref": "VPCPrivateSubnet2SubnetCFCDAA7A" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBSubnetGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.SubnetGroup", + "version": "0.0.0" + } + }, + "SecurityGroup": { + "id": "SecurityGroup", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/SecurityGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/SecurityGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", + "aws:cdk:cloudformation:props": { + "groupDescription": "RDS security group", + "securityGroupEgress": [ + { + "cidrIp": "0.0.0.0/0", + "description": "Allow all outbound traffic by default", + "ipProtocol": "-1" + } + ], + "vpcId": { + "Ref": "VPCB9E5F0B4" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", + "version": "0.0.0" + } + }, + "S3ImportRole": { + "id": "S3ImportRole", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole", + "children": { + "ImportS3ImportRole": { + "id": "ImportS3ImportRole", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/ImportS3ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ImportRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PostgresDatabaseS3ImportRoleDefaultPolicy3F7A1AD5", + "roles": [ + { + "Ref": "PostgresDatabaseS3ImportRole4084FB4D" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "S3ExportRole": { + "id": "S3ExportRole", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole", + "children": { + "ImportS3ExportRole": { + "id": "ImportS3ExportRole", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/ImportS3ExportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "rds.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/S3ExportRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "s3:Abort*", + "s3:DeleteObject*", + "s3:GetBucket*", + "s3:GetObject*", + "s3:List*", + "s3:PutObject", + "s3:PutObjectLegalHold", + "s3:PutObjectRetention", + "s3:PutObjectTagging", + "s3:PutObjectVersionTagging" + ], + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "ImportExportBucket642DD829", + "Arn" + ] + }, + "/*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "PostgresDatabaseS3ExportRoleDefaultPolicy629F8CCF", + "roles": [ + { + "Ref": "PostgresDatabaseS3ExportRoleE7B3885C" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "AuroraPostgreSqlDatabaseClusterEngineDefaultParameterGroup": { + "id": "AuroraPostgreSqlDatabaseClusterEngineDefaultParameterGroup", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/AuroraPostgreSqlDatabaseClusterEngineDefaultParameterGroup", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Secret": { + "id": "Secret", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "description": { + "Fn::Join": [ + "", + [ + "Generated by the CDK for stack: ", + { + "Ref": "AWS::StackName" + } + ] + ] + }, + "generateSecretString": { + "passwordLength": 30, + "secretStringTemplate": "{\"username\":\"postgres\"}", + "generateStringKey": "password", + "excludeCharacters": " %+~`#$&*()|[]{}:;<>?!'/@\"\\" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", + "version": "0.0.0" + } + }, + "Attachment": { + "id": "Attachment", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret/Attachment", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Secret/Attachment/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::SecretTargetAttachment", + "aws:cdk:cloudformation:props": { + "secretId": { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + "targetId": { + "Ref": "PostgresDatabase0A8A7373" + }, + "targetType": "AWS::RDS::DBCluster" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_secretsmanager.SecretTargetAttachment", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.DatabaseSecret", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBCluster", + "aws:cdk:cloudformation:props": { + "associatedRoles": [ + { + "roleArn": { + "Fn::GetAtt": [ + "PostgresDatabaseS3ImportRole4084FB4D", + "Arn" + ] + }, + "featureName": "s3Import" + }, + { + "roleArn": { + "Fn::GetAtt": [ + "PostgresDatabaseS3ExportRoleE7B3885C", + "Arn" + ] + }, + "featureName": "s3Export" + } + ], + "copyTagsToSnapshot": true, + "dbClusterParameterGroupName": "default.aurora-postgresql15", + "dbSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "engine": "aurora-postgresql", + "engineVersion": "15.3", + "masterUsername": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + ":SecretString:username::}}" + ] + ] + }, + "masterUserPassword": { + "Fn::Join": [ + "", + [ + "{{resolve:secretsmanager:", + { + "Ref": "PostgresDatabaseSecret8058A22A" + }, + ":SecretString:password::}}" + ] + ] + }, + "port": 5432, + "vpcSecurityGroupIds": [ + { + "Fn::GetAtt": [ + "PostgresDatabaseSecurityGroup29446EF6", + "GroupId" + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBCluster", + "version": "0.0.0" + } + }, + "WriterInstanceWrapper": { + "id": "WriterInstanceWrapper", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/WriterInstanceWrapper", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "WriterInstance": { + "id": "WriterInstance", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/WriterInstance", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbClusterIdentifier": { + "Ref": "PostgresDatabase0A8A7373" + }, + "dbInstanceClass": "db.t3.medium", + "dbSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "engine": "aurora-postgresql" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", + "version": "0.0.0" + } + }, + "ReaderInstanceWrapper": { + "id": "ReaderInstanceWrapper", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/ReaderInstanceWrapper", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "ReaderInstance": { + "id": "ReaderInstance", + "path": "aws-cdk-rds-s3-postgres-15-integ/PostgresDatabase/ReaderInstance", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::RDS::DBInstance", + "aws:cdk:cloudformation:props": { + "dbClusterIdentifier": { + "Ref": "PostgresDatabase0A8A7373" + }, + "dbInstanceClass": "db.t3.medium", + "dbSubnetGroupName": { + "Ref": "PostgresDatabaseSubnets7DD9954C" + }, + "engine": "aurora-postgresql" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.CfnDBInstance", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_rds.DatabaseCluster", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-rds-s3-postgres-15-integ/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-rds-s3-postgres-15-integ/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "postgres-s3-integ-test": { + "id": "postgres-s3-integ-test", + "path": "postgres-s3-integ-test", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "postgres-s3-integ-test/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "postgres-s3-integ-test/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "postgres-s3-integ-test/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "postgres-s3-integ-test/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "postgres-s3-integ-test/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.ts new file mode 100644 index 0000000000000..8aef501338380 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-rds/test/integ.cluster-s3.postgres.ts @@ -0,0 +1,39 @@ +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as s3 from 'aws-cdk-lib/aws-s3'; +import * as cdk from 'aws-cdk-lib'; +import * as rds from 'aws-cdk-lib/aws-rds'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +const app = new cdk.App(); + +class PostgresS3TestStack extends cdk.Stack { + constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { + super(scope, id, props); + + const vpc = new ec2.Vpc(this, 'VPC', { maxAzs: 2, restrictDefaultSecurityGroup: false }); + + const instanceProps = { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MEDIUM), + isFromLegacyInstanceProps: true, + }; + + const importExportBucket = new s3.Bucket(this, 'ImportExportBucket', { + removalPolicy: cdk.RemovalPolicy.DESTROY, + }); + + new rds.DatabaseCluster(this, 'PostgresDatabase', { + engine: rds.DatabaseClusterEngine.auroraPostgres({ + version: rds.AuroraPostgresEngineVersion.VER_15_3, + }), + readers: [rds.ClusterInstance.provisioned('ReaderInstance', instanceProps)], + writer: rds.ClusterInstance.provisioned('WriterInstance', instanceProps), + vpc, + s3ImportBuckets: [importExportBucket], + s3ExportBuckets: [importExportBucket], + }); + } +} + +new IntegTest(app, 'postgres-s3-integ-test', { + testCases: [new PostgresS3TestStack(app, 'aws-cdk-rds-s3-postgres-15-integ')], +}); From bf9bb3d124f3b8bd4cdca3453b251b6c3a406c40 Mon Sep 17 00:00:00 2001 From: "k.goto" <24818752+go-to-k@users.noreply.github.com> Date: Fri, 17 Nov 2023 00:15:33 +0900 Subject: [PATCH 2/8] chore(rds): support RDS for SQL Server 16.00.4085.2.v1 as major version 2022 (#28029) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR supports RDS for SQL Server 16.00.4085.2.v1 as major version 2022. https://aws.amazon.com/jp/about-aws/whats-new/2023/11/amazon-rds-sql-server-sql-server-major-version-2022/ ```bash ❯ aws rds describe-db-engine-versions --engine sqlserver-ee --query "DBEngineVersions[?EngineVersion=='16.00.4085.2.v1'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]" [ [ "SQL Server 2022 16.00.4085.2.v1", "16.00.4085.2.v1", "sqlserver-ee-16.0", "16.00", "available" ] ] ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts index bfe99ba4ea992..82f238c23dada 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/instance-engine.ts @@ -1944,6 +1944,8 @@ export class SqlServerEngineVersion { public static readonly VER_15_00_4322_2_V1 = SqlServerEngineVersion.of('15.00.4322.2.v1', '15.00'); /** Version "15.00.4335.1.v1". */ public static readonly VER_15_00_4335_1_V1 = SqlServerEngineVersion.of('15.00.4335.1.v1', '15.00'); + /** Version "16.00.4085.2.v1". */ + public static readonly VER_16_00_4085_2_V1 = SqlServerEngineVersion.of('16.00.4085.2.v1', '16.00'); /** * Create a new SqlServerEngineVersion with an arbitrary version. From c00b9746e3b8663fffc7658932eb11c132c266a0 Mon Sep 17 00:00:00 2001 From: Paul Meinhardt Date: Thu, 16 Nov 2023 16:46:45 +0100 Subject: [PATCH 3/8] docs: Update template README.md (JavaScript, TypeScript) (#28003) Use npx to run project-specific cdk, not a globally installed version. This ensures everybody working on the project uses the same version of the command-line interface. With the previous instructions, if anybody had `cdk` installed globally, e.g., via `npm install --global aws-cdk` or `homebrew install aws-cdk`, they would run that version. It seems desirable that everybody working on a CDK app uses the same version of the command-line interface, as specified in `package.json` (or `package-lock.json`). Example: Given a `package.json` which specifies `"aws-cdk": "2.104.0"` and a globally installed `cdk`, this can happen: ```shell $ cdk --version 2.108.1 (build 2320255) $ npx cdk --version 2.104.0 (build 3b99abe) ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-cdk/lib/init-templates/app/javascript/README.md | 6 +++--- .../aws-cdk/lib/init-templates/app/typescript/README.md | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/packages/aws-cdk/lib/init-templates/app/javascript/README.md b/packages/aws-cdk/lib/init-templates/app/javascript/README.md index e275326a4243e..8b69061e1c153 100644 --- a/packages/aws-cdk/lib/init-templates/app/javascript/README.md +++ b/packages/aws-cdk/lib/init-templates/app/javascript/README.md @@ -7,6 +7,6 @@ The `cdk.json` file tells the CDK Toolkit how to execute your app. The build ste ## Useful commands * `npm run test` perform the jest unit tests -* `cdk deploy` deploy this stack to your default AWS account/region -* `cdk diff` compare deployed stack with current state -* `cdk synth` emits the synthesized CloudFormation template +* `npx cdk deploy` deploy this stack to your default AWS account/region +* `npx cdk diff` compare deployed stack with current state +* `npx cdk synth` emits the synthesized CloudFormation template diff --git a/packages/aws-cdk/lib/init-templates/app/typescript/README.md b/packages/aws-cdk/lib/init-templates/app/typescript/README.md index 320efc02a9275..9315fe5b9fc53 100644 --- a/packages/aws-cdk/lib/init-templates/app/typescript/README.md +++ b/packages/aws-cdk/lib/init-templates/app/typescript/README.md @@ -9,6 +9,6 @@ The `cdk.json` file tells the CDK Toolkit how to execute your app. * `npm run build` compile typescript to js * `npm run watch` watch for changes and compile * `npm run test` perform the jest unit tests -* `cdk deploy` deploy this stack to your default AWS account/region -* `cdk diff` compare deployed stack with current state -* `cdk synth` emits the synthesized CloudFormation template +* `npx cdk deploy` deploy this stack to your default AWS account/region +* `npx cdk diff` compare deployed stack with current state +* `npx cdk synth` emits the synthesized CloudFormation template From ca71980a3752ae8d28a286d6c9a6283e955de9e5 Mon Sep 17 00:00:00 2001 From: Tatsuya Mori Date: Fri, 17 Nov 2023 01:16:46 +0900 Subject: [PATCH 4/8] docs(ec2): fix typo from Amazon Linux 2022 to Amazon Linux 2023 (#28033) Document for AmazonLinux2023ImageSsmParameter has typo `amazon linux 2022`. https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2.AmazonLinux2023ImageSsmParameter.html > Generates a SSM Parameter name for a specific amazon linux 2022 AMI. It seems to be code clone from AmazonLinux2022ImageSsmParameter. https://github.com/aws/aws-cdk/blob/2f26f78abec3ca313b18026e58eb24698baaa1f9/packages/aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2022.ts#L56 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2023.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2023.ts b/packages/aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2023.ts index d00bad8d84c96..2983bbaee3cc6 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2023.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/machine-image/amazon-linux-2023.ts @@ -52,7 +52,7 @@ export interface AmazonLinux2023ImageSsmParameterProps extends AmazonLinuxImageS */ export class AmazonLinux2023ImageSsmParameter extends AmazonLinuxImageSsmParameterBase { /** - * Generates a SSM Parameter name for a specific amazon linux 2022 AMI + * Generates a SSM Parameter name for a specific amazon linux 2023 AMI * * Example values: * From 1d1876c2caf741953cf42ffc59029ea875ebccb7 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Thu, 16 Nov 2023 09:11:38 -0800 Subject: [PATCH 5/8] feat: update AWS Service Spec (#28034) AWS Service Spec packages to latest versions. --- .../@aws-cdk/cloudformation-diff/package.json | 4 ++-- packages/@aws-cdk/integ-runner/package.json | 2 +- packages/aws-cdk-lib/package.json | 2 +- tools/@aws-cdk/spec2cdk/package.json | 4 ++-- yarn.lock | 17 ++++++++++++----- 5 files changed, 18 insertions(+), 11 deletions(-) diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 70879f0184cd3..89f4606422424 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.28", - "@aws-cdk/service-spec-types": "^0.0.28", + "@aws-cdk/aws-service-spec": "^0.0.29", + "@aws-cdk/service-spec-types": "^0.0.29", "chalk": "^4", "diff": "^5.1.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index 22e9301e1ab65..6bed14ad083f0 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -74,7 +74,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.0.28", + "@aws-cdk/aws-service-spec": "^0.0.29", "cdk-assets": "0.0.0", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 4785e51322592..5316b6952fcb6 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -133,7 +133,7 @@ "yaml": "1.10.2" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.0.28", + "@aws-cdk/aws-service-spec": "^0.0.29", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index fd69e6b58d1df..ae9f368381cb8 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.0.28", + "@aws-cdk/aws-service-spec": "^0.0.29", "@aws-cdk/service-spec-importers": "^0.0.6", - "@aws-cdk/service-spec-types": "^0.0.28", + "@aws-cdk/service-spec-types": "^0.0.29", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/yarn.lock b/yarn.lock index 5e3e5195f4d15..921ec3e77c0a5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -56,12 +56,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac" integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg== -"@aws-cdk/aws-service-spec@^0.0.28": - version "0.0.28" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.28.tgz#de4ec81316ca0e794ba895638f9fcc8998969db1" - integrity sha512-Wg0h3sAl/XNrLPT7TXbh1FfWQ8c/ZzuBeL6Njc9LWWd2zTCcCQ7ii3usStzU1ZhTGo2TwAhe4V3hHIA8hwWJVA== +"@aws-cdk/aws-service-spec@^0.0.29": + version "0.0.29" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.29.tgz#d6ceb096522569ebdb94e1cb0446489354967eab" + integrity sha512-/Zp5aPDlG5M3CTXJW5KU2Jki3l9Xu/la37gdurawp9cpgufze5vboTyBd/ymHAXNINuApQdmGJ0iDn8HihzQ0Q== dependencies: - "@aws-cdk/service-spec-types" "^0.0.28" + "@aws-cdk/service-spec-types" "^0.0.29" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/lambda-layer-kubectl-v24@^2.0.242": @@ -92,6 +92,13 @@ dependencies: "@cdklabs/tskb" "^0.0.3" +"@aws-cdk/service-spec-types@^0.0.29": + version "0.0.29" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.29.tgz#4fa65491e7198ad69aab409be04d6671e12b3bf4" + integrity sha512-qvt2dV2QuqtxzY6l8ZBuxKA965sFZH72pCcaxM9unGCFuF5ucrxeh9Zc4AYsma/MZCCbMx2i/+fvjCVzJX9soQ== + dependencies: + "@cdklabs/tskb" "^0.0.3" + "@aws-crypto/crc32@3.0.0": version "3.0.0" resolved "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz#07300eca214409c33e3ff769cd5697b57fdd38fa" From 3278c190e1d63d0a99d60c1ae8a2ae690d64113f Mon Sep 17 00:00:00 2001 From: Otavio Macedo <288203+otaviomacedo@users.noreply.github.com> Date: Thu, 16 Nov 2023 19:19:31 +0000 Subject: [PATCH 6/8] feat(lambda): support for advanced logging (#28039) Structured logging enables automated analysis of the logs, thus enables customers to perform quick exploratory and automated monitoring the health of their applications, and helps them troubleshoot their production issues faster. Structured logging is now considered to be a monitoring best practice. Lambda is developing Advance Logging Controls to give developers and operators more control over their function logs. The feature allows customers to capture logs in JSON format and control the level of details in emitted logs. To ensure compatibility and enable these capabilities, four new fields (LogFormat, ApplicationLogLevel, SystemLogLevel, and LogGroup) will be added to the existing LoggingConfig structure. Also, even adding custom log group for Log group section to have the flexibility of changing the name instead of having it as default. This update empowers customers to define their logging behavior and efficiently manage their function logs, reflecting Lambda's commitment to delivering a user-friendly logging solution that addresses the evolving needs of users. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-cdk-lambda-logging-config.assets.json | 19 + ...ws-cdk-lambda-logging-config.template.json | 326 +++++++++ .../integ.logging-config.js.snapshot/cdk.out | 1 + .../integ.json | 12 + ...efaultTestDeployAssert24012B25.assets.json | 19 + ...aultTestDeployAssert24012B25.template.json | 36 + .../manifest.json | 179 +++++ .../tree.json | 626 ++++++++++++++++++ .../aws-lambda/test/integ.logging-config.ts | 55 ++ packages/aws-cdk-lib/aws-lambda/README.md | 22 + .../aws-cdk-lib/aws-lambda/lib/function.ts | 125 +++- .../aws-lambda/test/logging-config.test.ts | 138 ++++ .../us-east-1/aws-lambda-function.json | 546 +++++++++++++++ 13 files changed, 2101 insertions(+), 3 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.ts create mode 100644 packages/aws-cdk-lib/aws-lambda/test/logging-config.test.ts create mode 100644 tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function.json diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.assets.json new file mode 100644 index 0000000000000..cc242bdce487c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "c10a26dd32e7f7d2a9c057ec71b82b23ad867563a9b092f09ed73ef671035641": { + "source": { + "path": "aws-cdk-lambda-logging-config.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "c10a26dd32e7f7d2a9c057ec71b82b23ad867563a9b092f09ed73ef671035641.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.template.json new file mode 100644 index 0000000000000..e121f281cd843 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/aws-cdk-lambda-logging-config.template.json @@ -0,0 +1,326 @@ +{ + "Resources": { + "MyLogGroupWithLogGroupNameB577EB65": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "LogGroupName": "customLogGroup", + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "LambdaWithLogGroupServiceRoleC5DDB031": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaWithLogGroupC3B62A1A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "LoggingConfig": { + "LogGroup": { + "Ref": "MyLogGroupWithLogGroupNameB577EB65" + } + }, + "Role": { + "Fn::GetAtt": [ + "LambdaWithLogGroupServiceRoleC5DDB031", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "LambdaWithLogGroupServiceRoleC5DDB031" + ] + }, + "MyLogGroupWithoutLogGroupName385E46B7": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "LambdaWithLogGroupAndNoLogGroupNameServiceRoleFEE6AF87": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaWithLogGroupAndNoLogGroupName1F5C7375": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "LoggingConfig": { + "LogGroup": { + "Ref": "MyLogGroupWithoutLogGroupName385E46B7" + } + }, + "Role": { + "Fn::GetAtt": [ + "LambdaWithLogGroupAndNoLogGroupNameServiceRoleFEE6AF87", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "LambdaWithLogGroupAndNoLogGroupNameServiceRoleFEE6AF87" + ] + }, + "LambdaWithTextFormatServiceRoleABCC0E93": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaWithTextFormatA0EDE227": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "LoggingConfig": { + "LogFormat": "Text" + }, + "Role": { + "Fn::GetAtt": [ + "LambdaWithTextFormatServiceRoleABCC0E93", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "LambdaWithTextFormatServiceRoleABCC0E93" + ] + }, + "LambdaWithJSONFormatServiceRole37FFB486": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaWithJSONFormat20E01C00": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "LoggingConfig": { + "LogFormat": "JSON" + }, + "Role": { + "Fn::GetAtt": [ + "LambdaWithJSONFormatServiceRole37FFB486", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "LambdaWithJSONFormatServiceRole37FFB486" + ] + }, + "LambdaWithLogLevelServiceRole90A45743": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "LambdaWithLogLevelCBBBEFFC": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.handler", + "LoggingConfig": { + "ApplicationLogLevel": "INFO", + "LogFormat": "JSON", + "SystemLogLevel": "INFO" + }, + "Role": { + "Fn::GetAtt": [ + "LambdaWithLogLevelServiceRole90A45743", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "LambdaWithLogLevelServiceRole90A45743" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/cdk.out new file mode 100644 index 0000000000000..2313ab5436501 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"34.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/integ.json new file mode 100644 index 0000000000000..e5feef0abe915 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "34.0.0", + "testCases": { + "lambda-logging-config/DefaultTest": { + "stacks": [ + "aws-cdk-lambda-logging-config" + ], + "assertionStack": "lambda-logging-config/DefaultTest/DeployAssert", + "assertionStackName": "lambdaloggingconfigDefaultTestDeployAssert24012B25" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.assets.json new file mode 100644 index 0000000000000..a8e852ceaf06f --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.assets.json @@ -0,0 +1,19 @@ +{ + "version": "34.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/manifest.json new file mode 100644 index 0000000000000..8feb2b46a85b2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/manifest.json @@ -0,0 +1,179 @@ +{ + "version": "34.0.0", + "artifacts": { + "aws-cdk-lambda-logging-config.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "aws-cdk-lambda-logging-config.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "aws-cdk-lambda-logging-config": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "aws-cdk-lambda-logging-config.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c10a26dd32e7f7d2a9c057ec71b82b23ad867563a9b092f09ed73ef671035641.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "aws-cdk-lambda-logging-config.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "aws-cdk-lambda-logging-config.assets" + ], + "metadata": { + "/aws-cdk-lambda-logging-config/MyLogGroupWithLogGroupName/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyLogGroupWithLogGroupNameB577EB65" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogGroup/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogGroupServiceRoleC5DDB031" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogGroupC3B62A1A" + } + ], + "/aws-cdk-lambda-logging-config/MyLogGroupWithoutLogGroupName/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyLogGroupWithoutLogGroupName385E46B7" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogGroupAndNoLogGroupNameServiceRoleFEE6AF87" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogGroupAndNoLogGroupName1F5C7375" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithTextFormat/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithTextFormatServiceRoleABCC0E93" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithTextFormat/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithTextFormatA0EDE227" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithJSONFormat/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithJSONFormatServiceRole37FFB486" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithJSONFormat/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithJSONFormat20E01C00" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogLevel/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogLevelServiceRole90A45743" + } + ], + "/aws-cdk-lambda-logging-config/LambdaWithLogLevel/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "LambdaWithLogLevelCBBBEFFC" + } + ], + "/aws-cdk-lambda-logging-config/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/aws-cdk-lambda-logging-config/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "aws-cdk-lambda-logging-config" + }, + "lambdaloggingconfigDefaultTestDeployAssert24012B25.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "lambdaloggingconfigDefaultTestDeployAssert24012B25.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "lambdaloggingconfigDefaultTestDeployAssert24012B25": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "lambdaloggingconfigDefaultTestDeployAssert24012B25.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "lambdaloggingconfigDefaultTestDeployAssert24012B25.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "lambdaloggingconfigDefaultTestDeployAssert24012B25.assets" + ], + "metadata": { + "/lambda-logging-config/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/lambda-logging-config/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "lambda-logging-config/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/tree.json new file mode 100644 index 0000000000000..3807537378927 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.js.snapshot/tree.json @@ -0,0 +1,626 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "aws-cdk-lambda-logging-config": { + "id": "aws-cdk-lambda-logging-config", + "path": "aws-cdk-lambda-logging-config", + "children": { + "MyLogGroupWithLogGroupName": { + "id": "MyLogGroupWithLogGroupName", + "path": "aws-cdk-lambda-logging-config/MyLogGroupWithLogGroupName", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/MyLogGroupWithLogGroupName/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": { + "logGroupName": "customLogGroup", + "retentionInDays": 731 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.LogGroup", + "version": "0.0.0" + } + }, + "LambdaWithLogGroup": { + "id": "LambdaWithLogGroup", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroup", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroup/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroup/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroup/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.handler", + "loggingConfig": { + "logGroup": { + "Ref": "MyLogGroupWithLogGroupNameB577EB65" + } + }, + "role": { + "Fn::GetAtt": [ + "LambdaWithLogGroupServiceRoleC5DDB031", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "MyLogGroupWithoutLogGroupName": { + "id": "MyLogGroupWithoutLogGroupName", + "path": "aws-cdk-lambda-logging-config/MyLogGroupWithoutLogGroupName", + "children": { + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/MyLogGroupWithoutLogGroupName/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": { + "retentionInDays": 731 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.LogGroup", + "version": "0.0.0" + } + }, + "LambdaWithLogGroupAndNoLogGroupName": { + "id": "LambdaWithLogGroupAndNoLogGroupName", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogGroupAndNoLogGroupName/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.handler", + "loggingConfig": { + "logGroup": { + "Ref": "MyLogGroupWithoutLogGroupName385E46B7" + } + }, + "role": { + "Fn::GetAtt": [ + "LambdaWithLogGroupAndNoLogGroupNameServiceRoleFEE6AF87", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "LambdaWithTextFormat": { + "id": "LambdaWithTextFormat", + "path": "aws-cdk-lambda-logging-config/LambdaWithTextFormat", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithTextFormat/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithTextFormat/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithTextFormat/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithTextFormat/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.handler", + "loggingConfig": { + "logFormat": "Text" + }, + "role": { + "Fn::GetAtt": [ + "LambdaWithTextFormatServiceRoleABCC0E93", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "LambdaWithJSONFormat": { + "id": "LambdaWithJSONFormat", + "path": "aws-cdk-lambda-logging-config/LambdaWithJSONFormat", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithJSONFormat/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithJSONFormat/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithJSONFormat/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithJSONFormat/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.handler", + "loggingConfig": { + "logFormat": "JSON" + }, + "role": { + "Fn::GetAtt": [ + "LambdaWithJSONFormatServiceRole37FFB486", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "LambdaWithLogLevel": { + "id": "LambdaWithLogLevel", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogLevel", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogLevel/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogLevel/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogLevel/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "aws-cdk-lambda-logging-config/LambdaWithLogLevel/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.handler", + "loggingConfig": { + "logFormat": "JSON", + "systemLogLevel": "INFO", + "applicationLogLevel": "INFO" + }, + "role": { + "Fn::GetAtt": [ + "LambdaWithLogLevelServiceRole90A45743", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "aws-cdk-lambda-logging-config/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "aws-cdk-lambda-logging-config/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "lambda-logging-config": { + "id": "lambda-logging-config", + "path": "lambda-logging-config", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "lambda-logging-config/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "lambda-logging-config/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "lambda-logging-config/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "lambda-logging-config/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "lambda-logging-config/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.70" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.ts new file mode 100644 index 0000000000000..7029acfe3a94c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.logging-config.ts @@ -0,0 +1,55 @@ +import { App, Stack } from 'aws-cdk-lib'; +import * as logs from 'aws-cdk-lib/aws-logs'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import { Function, InlineCode, Runtime, LogFormat, SystemLogLevel, ApplicationLogLevel } from 'aws-cdk-lib/aws-lambda'; + +const app = new App(); + +const stack = new Stack(app, 'aws-cdk-lambda-logging-config'); + +const logGroup = new logs.LogGroup(stack, 'MyLogGroupWithLogGroupName', { + logGroupName: 'customLogGroup', +}); + +new Function(stack, 'LambdaWithLogGroup', { + code: new InlineCode('foo'), + handler: 'index.handler', + runtime: Runtime.NODEJS_18_X, + logGroup: logGroup, +}); + +new Function(stack, 'LambdaWithLogGroupAndNoLogGroupName', { + code: new InlineCode('foo'), + handler: 'index.handler', + runtime: Runtime.NODEJS_18_X, + logGroup: new logs.LogGroup(stack, 'MyLogGroupWithoutLogGroupName'), +}); + +new Function(stack, 'LambdaWithTextFormat', { + code: new InlineCode('foo'), + handler: 'index.handler', + runtime: Runtime.NODEJS_18_X, + logFormat: LogFormat.TEXT, +}); + +new Function(stack, 'LambdaWithJSONFormat', { + code: new InlineCode('foo'), + handler: 'index.handler', + runtime: Runtime.NODEJS_18_X, + logFormat: LogFormat.JSON, +}); + +new Function(stack, 'LambdaWithLogLevel', { + code: new InlineCode('foo'), + handler: 'index.handler', + runtime: Runtime.NODEJS_18_X, + logFormat: LogFormat.JSON, + systemLogLevel: SystemLogLevel.INFO, + applicationLogLevel: ApplicationLogLevel.INFO, +}); + +new integ.IntegTest(app, 'lambda-logging-config', { + testCases: [stack], +}); + +app.synth(); diff --git a/packages/aws-cdk-lib/aws-lambda/README.md b/packages/aws-cdk-lib/aws-lambda/README.md index 1f18942c2128e..bf78d75090b26 100644 --- a/packages/aws-cdk-lib/aws-lambda/README.md +++ b/packages/aws-cdk-lib/aws-lambda/README.md @@ -151,6 +151,28 @@ if (fn.timeout) { } ``` +## Advanced Logging + +You can have more control over your function logs, by specifying the log format +(Json or plain text), the system log level, the application log level, as well +as choosing the log group: + +```ts +import { ILogGroup } from 'aws-cdk-lib/aws-logs'; + +declare const logGroup: ILogGroup; + +new lambda.Function(this, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logFormat: lambda.LogFormat.JSON, + systemLogLevel: lambda.SystemLogLevel.INFO, + applicationLogLevel: lambda.ApplicationLogLevel.INFO, + logGroup: logGroup, +}); +``` + ## Resource-based Policies AWS Lambda supports resource-based policies for controlling access to Lambda diff --git a/packages/aws-cdk-lib/aws-lambda/lib/function.ts b/packages/aws-cdk-lib/aws-lambda/lib/function.ts index 49474a936b89c..5c64c7069f65e 100644 --- a/packages/aws-cdk-lib/aws-lambda/lib/function.ts +++ b/packages/aws-cdk-lib/aws-lambda/lib/function.ts @@ -51,6 +51,76 @@ export enum Tracing { DISABLED = 'Disabled' } +/** + * Lambda service will automatically captures system logs about function invocation + * generated by the Lambda service (known as system logs) and sends these logs to a + * default CloudWatch log group named after the Lambda function. + */ +export enum SystemLogLevel { + /** + * Lambda will capture only logs at info level. + */ + INFO = 'INFO', + /** + * Lambda will capture only logs at debug level. + */ + DEBUG = 'DEBUG', + /** + * Lambda will capture only logs at warn level. + */ + WARN = 'WARN' +} + +/** + * Lambda service automatically captures logs generated by the function code + * (known as application logs) and sends these logs to a default CloudWatch + * log group named after the Lambda function. + */ +export enum ApplicationLogLevel { + /** + * Lambda will capture only logs at info level. + */ + INFO = 'INFO', + /** + * Lambda will capture only logs at debug level. + */ + DEBUG = 'DEBUG', + /** + * Lambda will capture only logs at warn level. + */ + WARN = 'WARN', + /** + * Lambda will capture only logs at trace level. + */ + TRACE = 'TRACE', + /** + * Lambda will capture only logs at error level. + */ + ERROR = 'ERROR', + /** + * Lambda will capture only logs at fatal level. + */ + FATAL = 'FATAL' +} + +/** + * This field takes in 2 values either Text or JSON. By setting this value to Text, + * will result in the current structure of logs format, whereas, by setting this value to JSON, + * Lambda will print the logs as Structured JSON Logs, with the corresponding timestamp and log level + * of each event. Selecting ‘JSON’ format will only allow customer’s to have different log level + * Application log level and the System log level. + */ +export enum LogFormat { + /** + * Lambda Logs text format. + */ + TEXT = 'Text', + /** + * Lambda structured logging in Json format. + */ + JSON = 'JSON' +} + /** * Non runtime options */ @@ -385,6 +455,30 @@ export interface FunctionOptions extends EventInvokeConfigOptions { * @default Auto */ readonly runtimeManagementMode?: RuntimeManagementMode; + + /** + * Sets the log group name for the function. + * @default `/aws/lambda/${this.functionName}` default log group name created by Lambda + */ + readonly logGroup?: logs.ILogGroup; + + /** + * Sets the logFormat for the function. + * @default Text format + */ + readonly logFormat?: string; + + /** + * Sets the application log level for the function. + * @default INFO + */ + readonly applicationLogLevel?: string; + + /** + * Sets the system log level for the function. + * @default INFO + */ + readonly systemLogLevel?: string; } export interface FunctionProps extends FunctionOptions { @@ -842,12 +936,15 @@ export class Function extends FunctionBase { architectures: this._architecture ? [this._architecture.name] : undefined, runtimeManagementConfig: props.runtimeManagementMode?.runtimeManagementConfig, snapStart: this.configureSnapStart(props), + loggingConfig: this.getLoggingConfig(props), }); if ((props.tracing !== undefined) || (props.adotInstrumentation !== undefined)) { resource.tracingConfig = this.buildTracingConfig(props.tracing ?? Tracing.ACTIVE); } + this._logGroup = props.logGroup; + resource.node.addDependency(this.role); this.functionName = this.getResourceNameAttribute(resource.ref); @@ -877,6 +974,9 @@ export class Function extends FunctionBase { // Log retention if (props.logRetention) { + if (props.logGroup) { + throw new Error('CDK does not support setting logRetention and logGroup'); + } const logRetention = new logs.LogRetention(this, 'LogRetention', { logGroupName: `/aws/lambda/${this.functionName}`, retention: props.logRetention, @@ -971,6 +1071,25 @@ export class Function extends FunctionBase { return this; } + /** + * Get Logging Config propety for the function. + * This method returns the function LoggingConfig Property if the property is set on the + * function and undefined if not. + */ + private getLoggingConfig(props: FunctionProps): CfnFunction.LoggingConfigProperty | undefined { + let loggingConfig: CfnFunction.LoggingConfigProperty; + if (props.logFormat || props.logGroup) { + loggingConfig = { + logFormat: props.logFormat, + systemLogLevel: props.systemLogLevel, + applicationLogLevel: props.applicationLogLevel, + logGroup: props.logGroup?.logGroupName, + }; + return loggingConfig; + } + return undefined; + }; + /** * Mix additional information into the hash of the Version object * @@ -1317,7 +1436,7 @@ Environment variables can be marked for removal when used in Lambda@Edge by sett // See https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html Annotations.of(this).addWarningV2('@aws-cdk/aws-lambda:snapStartRequirePublish', 'SnapStart only support published Lambda versions. Ignore if function already have published versions'); - if (!props.runtime.supportsSnapStart ) { + if (!props.runtime.supportsSnapStart) { throw new Error(`SnapStart currently not supported by runtime ${props.runtime.name}`); } @@ -1466,7 +1585,7 @@ export function verifyCodeConfig(code: CodeConfig, props: FunctionProps) { } } -function undefinedIfNoKeys(struct: A): A | undefined { +function undefinedIfNoKeys(struct: A): A | undefined { const allUndefined = Object.values(struct).every(val => val === undefined); return allUndefined ? undefined : struct; } @@ -1479,7 +1598,7 @@ function undefinedIfNoKeys(struct: A): A | * which "validates" the new function hash. */ export class FunctionVersionUpgrade implements IAspect { - constructor(private readonly featureFlag: string, private readonly enabled=true) {} + constructor(private readonly featureFlag: string, private readonly enabled = true) { } public visit(node: IConstruct): void { if (node instanceof Function && diff --git a/packages/aws-cdk-lib/aws-lambda/test/logging-config.test.ts b/packages/aws-cdk-lib/aws-lambda/test/logging-config.test.ts new file mode 100644 index 0000000000000..ad4c5dd2b956b --- /dev/null +++ b/packages/aws-cdk-lib/aws-lambda/test/logging-config.test.ts @@ -0,0 +1,138 @@ +import { Template } from '../../assertions'; +import * as logs from '../../aws-logs'; +import * as cdk from '../../core'; +import * as lambda from '../lib'; + +describe('logging Config', () => { + test('Logging Config with LogGroup and no LogGroupName', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + const logGroup = new logs.LogGroup(stack, 'MyLogGroup'); + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logGroup: logGroup, + }); + // WHEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogGroup: { + Ref: 'MyLogGroup5C0DAD85', + }, + }, + }); + }); + test('Logging Config with LogGroup', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + const logGroup = new logs.LogGroup(stack, 'MyLogGroup', { + logGroupName: 'customLogGroup', + }); + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logGroup: logGroup, + }); + // WHEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogGroup: { + Ref: 'MyLogGroup5C0DAD85', + }, + }, + }); + }); + test('Logging Config TEXT logFormat', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logFormat: lambda.LogFormat.TEXT, + }); + // WHEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogFormat: 'Text', + }, + }); + }); + test('Logging Config JSON logFormat', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logFormat: lambda.LogFormat.JSON, + }); + // WHEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogFormat: 'JSON', + }, + }); + }); + test('Logging Config with LogLevel set', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logFormat: lambda.LogFormat.JSON, + systemLogLevel: lambda.SystemLogLevel.INFO, + applicationLogLevel: lambda.ApplicationLogLevel.INFO, + }); + // WHEN + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogFormat: 'JSON', + SystemLogLevel: 'INFO', + ApplicationLogLevel: 'INFO', + }, + }); + }); + + test('Get function custom logGroup', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + const logGroup = new logs.LogGroup(stack, 'MyLogGroup', { + logGroupName: 'customLogGroup', + }); + const lambdaFunction = new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logGroup: logGroup, + }); + expect(lambdaFunction.logGroup).toEqual(logGroup); + expect(lambdaFunction.logGroup.logGroupName).toEqual(logGroup.logGroupName); + expect(lambdaFunction.logGroup.logGroupPhysicalName()).toEqual(logGroup.logGroupPhysicalName()); + }); + + test('Throws when logGroup and LogRention are set', () => { + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'stack'); + expect(() => { + new lambda.Function(stack, 'Lambda', { + code: new lambda.InlineCode('foo'), + handler: 'index.handler', + runtime: lambda.Runtime.NODEJS_18_X, + logRetention: logs.RetentionDays.INFINITE, + logGroup: new logs.LogGroup(stack, 'MyLogGroup', { + logGroupName: 'customLogGroup', + }), + }); + }).toThrowError('CDK does not support setting logRetention and logGroup'); + }); +}); diff --git a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function.json b/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function.json new file mode 100644 index 0000000000000..3ea4aac85560f --- /dev/null +++ b/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function.json @@ -0,0 +1,546 @@ +{ + "tagging": { + "taggable": true, + "tagOnCreate": true, + "tagUpdatable": true, + "tagProperty": "/properties/Tags", + "cloudFormationSystemTags": true + }, + "handlers": { + "read": { + "permissions": [ + "lambda:GetFunction", + "lambda:GetFunctionCodeSigningConfig" + ] + }, + "create": { + "permissions": [ + "lambda:CreateFunction", + "lambda:GetFunction", + "lambda:PutFunctionConcurrency", + "iam:PassRole", + "s3:GetObject", + "s3:GetObjectVersion", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "elasticfilesystem:DescribeMountTargets", + "kms:CreateGrant", + "kms:Decrypt", + "kms:Encrypt", + "kms:GenerateDataKey", + "lambda:GetCodeSigningConfig", + "lambda:GetFunctionCodeSigningConfig", + "lambda:GetLayerVersion", + "lambda:GetRuntimeManagementConfig", + "lambda:PutRuntimeManagementConfig", + "lambda:TagResource", + "lambda:GetPolicy", + "lambda:AddPermission", + "lambda:RemovePermission", + "lambda:GetResourcePolicy", + "lambda:PutResourcePolicy" + ] + }, + "update": { + "permissions": [ + "lambda:DeleteFunctionConcurrency", + "lambda:GetFunction", + "lambda:PutFunctionConcurrency", + "lambda:ListTags", + "lambda:TagResource", + "lambda:UntagResource", + "lambda:UpdateFunctionConfiguration", + "lambda:UpdateFunctionCode", + "iam:PassRole", + "s3:GetObject", + "s3:GetObjectVersion", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "elasticfilesystem:DescribeMountTargets", + "kms:CreateGrant", + "kms:Decrypt", + "kms:GenerateDataKey", + "lambda:GetRuntimeManagementConfig", + "lambda:PutRuntimeManagementConfig", + "lambda:PutFunctionCodeSigningConfig", + "lambda:DeleteFunctionCodeSigningConfig", + "lambda:GetCodeSigningConfig", + "lambda:GetFunctionCodeSigningConfig", + "lambda:GetPolicy", + "lambda:AddPermission", + "lambda:RemovePermission", + "lambda:GetResourcePolicy", + "lambda:PutResourcePolicy", + "lambda:DeleteResourcePolicy" + ] + }, + "list": { + "permissions": [ + "lambda:ListFunctions" + ] + }, + "delete": { + "permissions": [ + "lambda:DeleteFunction", + "ec2:DescribeNetworkInterfaces" + ] + } + }, + "typeName": "AWS::Lambda::Function", + "readOnlyProperties": [ + "/properties/SnapStartResponse", + "/properties/SnapStartResponse/ApplyOn", + "/properties/SnapStartResponse/OptimizationStatus", + "/properties/Arn" + ], + "description": "Resource Type definition for AWS::Lambda::Function in region", + "writeOnlyProperties": [ + "/properties/SnapStart", + "/properties/SnapStart/ApplyOn", + "/properties/Code", + "/properties/Code/ImageUri", + "/properties/Code/S3Bucket", + "/properties/Code/S3Key", + "/properties/Code/S3ObjectVersion", + "/properties/Code/ZipFile", + "/properties/Policy" + ], + "createOnlyProperties": [ + "/properties/FunctionName" + ], + "additionalProperties": false, + "primaryIdentifier": [ + "/properties/FunctionName" + ], + "definitions": { + "ImageConfig": { + "additionalProperties": false, + "type": "object", + "properties": { + "WorkingDirectory": { + "description": "WorkingDirectory.", + "type": "string" + }, + "Command": { + "maxItems": 1500, + "uniqueItems": true, + "description": "Command.", + "type": "array", + "items": { + "type": "string" + } + }, + "EntryPoint": { + "maxItems": 1500, + "uniqueItems": true, + "description": "EntryPoint.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "TracingConfig": { + "description": "The function's AWS X-Ray tracing configuration. To sample and record incoming requests, set Mode to Active.", + "additionalProperties": false, + "type": "object", + "properties": { + "Mode": { + "description": "The tracing mode.", + "type": "string", + "enum": [ + "Active", + "PassThrough" + ] + } + } + }, + "VpcConfig": { + "description": "The VPC security groups and subnets that are attached to a Lambda function. When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC.", + "additionalProperties": false, + "type": "object", + "properties": { + "Ipv6AllowedForDualStack": { + "description": "A boolean indicating whether IPv6 protocols will be allowed for dual stack subnets", + "type": "boolean" + }, + "SecurityGroupIds": { + "maxItems": 5, + "uniqueItems": false, + "description": "A list of VPC security groups IDs.", + "type": "array", + "items": { + "type": "string" + } + }, + "SubnetIds": { + "maxItems": 16, + "uniqueItems": false, + "description": "A list of VPC subnet IDs.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "DeadLetterConfig": { + "description": "The dead-letter queue for failed asynchronous invocations.", + "additionalProperties": false, + "type": "object", + "properties": { + "TargetArn": { + "pattern": "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$", + "description": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "type": "string" + } + } + }, + "RuntimeManagementConfig": { + "additionalProperties": false, + "type": "object", + "properties": { + "UpdateRuntimeOn": { + "description": "Trigger for runtime update", + "type": "string", + "enum": [ + "Auto", + "FunctionUpdate", + "Manual" + ] + }, + "RuntimeVersionArn": { + "description": "Unique identifier for a runtime version arn", + "type": "string" + } + }, + "required": [ + "UpdateRuntimeOn" + ] + }, + "SnapStart": { + "description": "The function's SnapStart setting. When set to PublishedVersions, Lambda creates a snapshot of the execution environment when you publish a function version.", + "additionalProperties": false, + "type": "object", + "properties": { + "ApplyOn": { + "description": "Applying SnapStart setting on function resource type.", + "type": "string", + "enum": [ + "PublishedVersions", + "None" + ] + } + }, + "required": [ + "ApplyOn" + ] + }, + "SnapStartResponse": { + "description": "The function's SnapStart Response. When set to PublishedVersions, Lambda creates a snapshot of the execution environment when you publish a function version.", + "additionalProperties": false, + "type": "object", + "properties": { + "OptimizationStatus": { + "description": "Indicates whether SnapStart is activated for the specified function version.", + "type": "string", + "enum": [ + "On", + "Off" + ] + }, + "ApplyOn": { + "description": "Applying SnapStart setting on function resource type.", + "type": "string", + "enum": [ + "PublishedVersions", + "None" + ] + } + } + }, + "Code": { + "additionalProperties": false, + "type": "object", + "properties": { + "S3ObjectVersion": { + "minLength": 1, + "description": "For versioned objects, the version of the deployment package object to use.", + "type": "string", + "maxLength": 1024 + }, + "S3Bucket": { + "minLength": 3, + "pattern": "^[0-9A-Za-z\\.\\-_]*(? Date: Thu, 16 Nov 2023 11:50:18 -0800 Subject: [PATCH 7/8] chore(migrate): improve warning (#28025) This feature is still under development and the warning isn't clear enough on that point. I also added in a small improvement to compare the input language as lowercase. No need to throw an error just because someone types TypeScript instead of typescript. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/lib/cdk-toolkit.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index 0ab13f0261412..d2faab3a274c9 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -703,8 +703,8 @@ export class CdkToolkit { * @param options Options for CDK app creation */ public async migrate(options: MigrateOptions): Promise { - warning('This is an experimental feature. We make no guarantees about the outcome or stability of the functionality.'); - const language = options.language ?? 'typescript'; + warning('This is an experimental feature and development on it is still in progress. We make no guarantees about the outcome or stability of the functionality.'); + const language = options.language?.toLowerCase() ?? 'typescript'; try { validateSourceOptions(options.fromPath, options.fromStack); From 7480baf309190bc271a9173ef891b27f36de81fb Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Thu, 16 Nov 2023 21:15:15 +0000 Subject: [PATCH 8/8] chore(release): 2.110.0 --- CHANGELOG.v2.alpha.md | 2 ++ CHANGELOG.v2.md | 8 ++++++++ version.v2.json | 4 ++-- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 0fdb4a8f1b79d..2c3829e35f9d7 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.110.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.109.0-alpha.0...v2.110.0-alpha.0) (2023-11-16) + ## [2.109.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.108.1-alpha.0...v2.109.0-alpha.0) (2023-11-15) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index f0a48d353def2..134e1f1c262e6 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.110.0](https://github.com/aws/aws-cdk/compare/v2.109.0...v2.110.0) (2023-11-16) + + +### Features + +* **lambda:** support for advanced logging ([#28039](https://github.com/aws/aws-cdk/issues/28039)) ([3278c19](https://github.com/aws/aws-cdk/commit/3278c190e1d63d0a99d60c1ae8a2ae690d64113f)) +* update AWS Service Spec ([#28034](https://github.com/aws/aws-cdk/issues/28034)) ([1d1876c](https://github.com/aws/aws-cdk/commit/1d1876c2caf741953cf42ffc59029ea875ebccb7)) + ## [2.109.0](https://github.com/aws/aws-cdk/compare/v2.108.1...v2.109.0) (2023-11-15) diff --git a/version.v2.json b/version.v2.json index 872fe18434c82..ba3a9e7b2999a 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.109.0", - "alphaVersion": "2.109.0-alpha.0" + "version": "2.110.0", + "alphaVersion": "2.110.0-alpha.0" } \ No newline at end of file