diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 199208e94d1bc..97f4597adef23 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.86.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.85.0-alpha.0...v2.86.0-alpha.0) (2023-06-29) + + +### Features + +* **app-staging-synthesizer:** select different bootstrap region ([#26129](https://github.com/aws/aws-cdk/issues/26129)) ([2fec6a4](https://github.com/aws/aws-cdk/commit/2fec6a4cd09bd08b7183f1e67d5d7eb487e4ac29)) +* **integ-runner:** integ-runner --watch ([#26087](https://github.com/aws/aws-cdk/issues/26087)) ([1fe2f09](https://github.com/aws/aws-cdk/commit/1fe2f095a0bc0aafb6b2dbd0cdaae79cc2e59ddd)) +* **integ-tests:** new HttpApiCall method to easily make http calls ([#26102](https://github.com/aws/aws-cdk/issues/26102)) ([00b9c84](https://github.com/aws/aws-cdk/commit/00b9c84ecf17c05a4c794ba7b5bdc9d83b2fba16)) + + +### Bug Fixes + +* **batch-alpha:** cannot import FargateComputeEnvironment with fromFargateComputeEnvironmentArn ([#25985](https://github.com/aws/aws-cdk/issues/25985)) ([05810f4](https://github.com/aws/aws-cdk/commit/05810f44f3fa008c07c6fe39bacd2a00c52b32a0)), closes [40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts#L1071](https://github.com/40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts/issues/L1071) [40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts#L1077-L1079](https://github.com/40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts/issues/L1077-L1079) [#25979](https://github.com/aws/aws-cdk/issues/25979) + ## [2.85.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.84.0-alpha.0...v2.85.0-alpha.0) (2023-06-21) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 94cc13d3359f8..b756c11edd507 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,24 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.86.0](https://github.com/aws/aws-cdk/compare/v2.85.0...v2.86.0) (2023-06-29) + + +### Features + +* **cfnspec:** cloudformation spec v128.1.0 ([#26096](https://github.com/aws/aws-cdk/issues/26096)) ([d71c040](https://github.com/aws/aws-cdk/commit/d71c0407e7091a240dbecfdc910dc632ed1b7bff)) + + +### Bug Fixes + +* **cdk-lib:** Pass lookupRoleArn to NestedStackSynthesizer ([#26116](https://github.com/aws/aws-cdk/issues/26116)) ([3c29223](https://github.com/aws/aws-cdk/commit/3c29223b178840368088b56aba2db9d2365bceed)) +* **core:** network option is not being propagated to Docker ([#26014](https://github.com/aws/aws-cdk/issues/26014)) ([341de48](https://github.com/aws/aws-cdk/commit/341de48e3637953514a009715dfdeeb061aad929)) +* **core:** prevent the error when the condition is split into groups of 10 and 1 in `Fn.conditionAnd()` ([#25999](https://github.com/aws/aws-cdk/issues/25999)) ([ee3d41e](https://github.com/aws/aws-cdk/commit/ee3d41e674bc6b02cabd986de92075350017209b)), closes [/github.com/aws/aws-cdk/issues/25696#issuecomment-1561064092](https://github.com/aws//github.com/aws/aws-cdk/issues/25696/issues/issuecomment-1561064092) +* **ecs:** potential race condition on TaskRole default policy update with CfnService ([#26070](https://github.com/aws/aws-cdk/issues/26070)) ([2d9078c](https://github.com/aws/aws-cdk/commit/2d9078c6afc77c0ef026d74168730bff2a167a60)), closes [#24880](https://github.com/aws/aws-cdk/issues/24880) +* **ecs:** validation for task definition fails when task-level memory is defined but container-level memory and memoryReservation are not defined with EC2 compatibility ([#26027](https://github.com/aws/aws-cdk/issues/26027)) ([0e251e6](https://github.com/aws/aws-cdk/commit/0e251e68bad90b2dd7cb3ef48dfe025695e4ab64)), closes [#25275](https://github.com/aws/aws-cdk/issues/25275) +* **elbv2:** correct wrong timeout validation ([#26031](https://github.com/aws/aws-cdk/issues/26031)) ([636841c](https://github.com/aws/aws-cdk/commit/636841c380ccc3a6da372117cf0317f351a75cff)), closes [#26023](https://github.com/aws/aws-cdk/issues/26023) +* **stepfunctions:** nested arrays are not serialized correctly ([#26055](https://github.com/aws/aws-cdk/issues/26055)) ([f9d4573](https://github.com/aws/aws-cdk/commit/f9d45738d7b1ad0c9ad9877fe961fe063f544224)), closes [#26045](https://github.com/aws/aws-cdk/issues/26045) + ## [2.85.0](https://github.com/aws/aws-cdk/compare/v2.84.0...v2.85.0) (2023-06-21) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/cdk.out index 7925065efbcc4..f0b901e7c06e5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json index 92c11858a9333..d1dae7710dbbb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/instancetestDefaultTestDeployAssert5516EAF1.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ-ec2-instance.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ-ec2-instance.assets.json index 24fa7fa28b059..d9dc293839126 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ-ec2-instance.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ-ec2-instance.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "files": { "488d9cf540c6790fc09af871e06438e043f47d03101ef192131f1dafbbb434cb": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ.json index f7b474f3d5a35..a1ec0058890fb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "testCases": { "instance-test/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/manifest.json index aa23896e254e6..55c2097297737 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "artifacts": { "integ-ec2-instance.assets": { "type": "cdk:asset-manifest", @@ -126,7 +126,10 @@ "/integ-ec2-instance/Instance/Resource": [ { "type": "aws:cdk:logicalId", - "data": "InstanceC1063A87" + "data": "InstanceC1063A87", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_REPLACE" + ] } ], "/integ-ec2-instance/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/tree.json index 87142e2d428c9..81d4408da102e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.instance-public.js.snapshot/tree.json @@ -587,7 +587,7 @@ "path": "instance-test/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.9" + "version": "10.2.26" } }, "DeployAssert": { @@ -633,7 +633,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.9" + "version": "10.2.26" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.d.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.d.ts deleted file mode 100644 index cb0ff5c3b541f..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.d.ts +++ /dev/null @@ -1 +0,0 @@ -export {}; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.js b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.js deleted file mode 100644 index c54782c19fb13..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/ec2/integ.task-definition-container-ulimits.js +++ /dev/null @@ -1,23 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -const cdk = require("aws-cdk-lib"); -const ecs = require("aws-cdk-lib/aws-ecs"); -const integ_tests_alpha_1 = require("@aws-cdk/integ-tests-alpha"); -const app = new cdk.App(); -const stack = new cdk.Stack(app, 'aws-ecs-task-definition-container-ulimits'); -const taskDefinition = new ecs.Ec2TaskDefinition(stack, 'TaskDef', {}); -taskDefinition.addContainer('Container', { - image: ecs.ContainerImage.fromRegistry('public.ecr.aws/ecs-sample-image/amazon-ecs-sample:latest'), - memoryReservationMiB: 32, - memoryLimitMiB: 512, - ulimits: [{ - hardLimit: 128, - name: ecs.UlimitName.RSS, - softLimit: 128, - }], -}); -new integ_tests_alpha_1.IntegTest(app, 'TaskDefinitionContainerUlimits', { - testCases: [stack], -}); -app.synth(); -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZWcudGFzay1kZWZpbml0aW9uLWNvbnRhaW5lci11bGltaXRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiaW50ZWcudGFzay1kZWZpbml0aW9uLWNvbnRhaW5lci11bGltaXRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsbUNBQW1DO0FBQ25DLDJDQUEyQztBQUMzQyxrRUFBdUQ7QUFFdkQsTUFBTSxHQUFHLEdBQUcsSUFBSSxHQUFHLENBQUMsR0FBRyxFQUFFLENBQUM7QUFDMUIsTUFBTSxLQUFLLEdBQUcsSUFBSSxHQUFHLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSwyQ0FBMkMsQ0FBQyxDQUFDO0FBRTlFLE1BQU0sY0FBYyxHQUFHLElBQUksR0FBRyxDQUFDLGlCQUFpQixDQUFDLEtBQUssRUFBRSxTQUFTLEVBQUUsRUFBRSxDQUFDLENBQUM7QUFFdkUsY0FBYyxDQUFDLFlBQVksQ0FBQyxXQUFXLEVBQUU7SUFDdkMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxjQUFjLENBQUMsWUFBWSxDQUFDLDBEQUEwRCxDQUFDO0lBQ2xHLG9CQUFvQixFQUFFLEVBQUU7SUFDeEIsY0FBYyxFQUFFLEdBQUc7SUFDbkIsT0FBTyxFQUFFLENBQUM7WUFDUixTQUFTLEVBQUUsR0FBRztZQUNkLElBQUksRUFBRSxHQUFHLENBQUMsVUFBVSxDQUFDLEdBQUc7WUFDeEIsU0FBUyxFQUFFLEdBQUc7U0FDZixDQUFDO0NBQ0gsQ0FBQyxDQUFDO0FBRUgsSUFBSSw2QkFBUyxDQUFDLEdBQUcsRUFBRSxnQ0FBZ0MsRUFBRTtJQUNuRCxTQUFTLEVBQUUsQ0FBQyxLQUFLLENBQUM7Q0FDbkIsQ0FBQyxDQUFDO0FBRUgsR0FBRyxDQUFDLEtBQUssRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGVjcyBmcm9tICdhd3MtY2RrLWxpYi9hd3MtZWNzJztcbmltcG9ydCB7IEludGVnVGVzdCB9IGZyb20gJ0Bhd3MtY2RrL2ludGVnLXRlc3RzLWFscGhhJztcblxuY29uc3QgYXBwID0gbmV3IGNkay5BcHAoKTtcbmNvbnN0IHN0YWNrID0gbmV3IGNkay5TdGFjayhhcHAsICdhd3MtZWNzLXRhc2stZGVmaW5pdGlvbi1jb250YWluZXItdWxpbWl0cycpO1xuXG5jb25zdCB0YXNrRGVmaW5pdGlvbiA9IG5ldyBlY3MuRWMyVGFza0RlZmluaXRpb24oc3RhY2ssICdUYXNrRGVmJywge30pO1xuXG50YXNrRGVmaW5pdGlvbi5hZGRDb250YWluZXIoJ0NvbnRhaW5lcicsIHtcbiAgaW1hZ2U6IGVjcy5Db250YWluZXJJbWFnZS5mcm9tUmVnaXN0cnkoJ3B1YmxpYy5lY3IuYXdzL2Vjcy1zYW1wbGUtaW1hZ2UvYW1hem9uLWVjcy1zYW1wbGU6bGF0ZXN0JyksXG4gIG1lbW9yeVJlc2VydmF0aW9uTWlCOiAzMixcbiAgbWVtb3J5TGltaXRNaUI6IDUxMixcbiAgdWxpbWl0czogW3tcbiAgICBoYXJkTGltaXQ6IDEyOCxcbiAgICBuYW1lOiBlY3MuVWxpbWl0TmFtZS5SU1MsXG4gICAgc29mdExpbWl0OiAxMjgsXG4gIH1dLFxufSk7XG5cbm5ldyBJbnRlZ1Rlc3QoYXBwLCAnVGFza0RlZmluaXRpb25Db250YWluZXJVbGltaXRzJywge1xuICB0ZXN0Q2FzZXM6IFtzdGFja10sXG59KTtcblxuYXBwLnN5bnRoKCk7Il19 \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.assets.json new file mode 100644 index 0000000000000..2f05db545aadc --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.assets.json @@ -0,0 +1,19 @@ +{ + "version": "32.0.0", + "files": { + "0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332": { + "source": { + "path": "Import-SSM-Parameter.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.template.json new file mode 100644 index 0000000000000..e40c93c965b57 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.template.json @@ -0,0 +1,85 @@ +{ + "Resources": { + "StringParameter472EED0E": { + "Type": "AWS::SSM::Parameter", + "Properties": { + "Type": "String", + "Value": "Initial parameter value", + "Name": "import-parameter-test" + } + } + }, + "Parameters": { + "ImportedWithNameParameter": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs" + }, + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Outputs": { + "ImportedWithNameOutput": { + "Value": { + "Ref": "ImportedWithNameParameter" + } + }, + "ImportedWithIntrinsicOutput": { + "Value": { + "Fn::Join": [ + "", + [ + "{{resolve:ssm:", + { + "Ref": "StringParameter472EED0E" + }, + "}}" + ] + ] + } + }, + "ImportedWithForceFlagOutput": { + "Value": { + "Fn::Join": [ + "", + [ + "{{resolve:ssm:", + { + "Ref": "StringParameter472EED0E" + }, + "}}" + ] + ] + } + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdk.out new file mode 100644 index 0000000000000..f0b901e7c06e5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json new file mode 100644 index 0000000000000..407b910b761ad --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json @@ -0,0 +1,19 @@ +{ + "version": "32.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/integ.json new file mode 100644 index 0000000000000..e0d4a4a12411a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "32.0.0", + "testCases": { + "cdk-integ-import-ssm-parameter/DefaultTest": { + "stacks": [ + "Import-SSM-Parameter" + ], + "assertionStack": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert", + "assertionStackName": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/manifest.json new file mode 100644 index 0000000000000..e0bf437490464 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/manifest.json @@ -0,0 +1,135 @@ +{ + "version": "32.0.0", + "artifacts": { + "Import-SSM-Parameter.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "Import-SSM-Parameter.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "Import-SSM-Parameter": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "Import-SSM-Parameter.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "Import-SSM-Parameter.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "Import-SSM-Parameter.assets" + ], + "metadata": { + "/Import-SSM-Parameter/StringParameter/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "StringParameter472EED0E" + } + ], + "/Import-SSM-Parameter/ImportedWithName.Parameter": [ + { + "type": "aws:cdk:logicalId", + "data": "ImportedWithNameParameter" + } + ], + "/Import-SSM-Parameter/ImportedWithNameOutput": [ + { + "type": "aws:cdk:logicalId", + "data": "ImportedWithNameOutput" + } + ], + "/Import-SSM-Parameter/ImportedWithIntrinsicOutput": [ + { + "type": "aws:cdk:logicalId", + "data": "ImportedWithIntrinsicOutput" + } + ], + "/Import-SSM-Parameter/ImportedWithForceFlagOutput": [ + { + "type": "aws:cdk:logicalId", + "data": "ImportedWithForceFlagOutput" + } + ], + "/Import-SSM-Parameter/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/Import-SSM-Parameter/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "Import-SSM-Parameter" + }, + "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets" + ], + "metadata": { + "/cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/tree.json new file mode 100644 index 0000000000000..e372294ce0e5b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/tree.json @@ -0,0 +1,183 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "Import-SSM-Parameter": { + "id": "Import-SSM-Parameter", + "path": "Import-SSM-Parameter", + "children": { + "StringParameter": { + "id": "StringParameter", + "path": "Import-SSM-Parameter/StringParameter", + "children": { + "Resource": { + "id": "Resource", + "path": "Import-SSM-Parameter/StringParameter/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SSM::Parameter", + "aws:cdk:cloudformation:props": { + "type": "String", + "value": "Initial parameter value", + "name": "import-parameter-test" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ssm.CfnParameter", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_ssm.StringParameter", + "version": "0.0.0" + } + }, + "ImportedWithName.Parameter": { + "id": "ImportedWithName.Parameter", + "path": "Import-SSM-Parameter/ImportedWithName.Parameter", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "ImportedWithName": { + "id": "ImportedWithName", + "path": "Import-SSM-Parameter/ImportedWithName", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "ImportedWithIntrinsic": { + "id": "ImportedWithIntrinsic", + "path": "Import-SSM-Parameter/ImportedWithIntrinsic", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "ImportedWithForceFlag": { + "id": "ImportedWithForceFlag", + "path": "Import-SSM-Parameter/ImportedWithForceFlag", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "ImportedWithNameOutput": { + "id": "ImportedWithNameOutput", + "path": "Import-SSM-Parameter/ImportedWithNameOutput", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "ImportedWithIntrinsicOutput": { + "id": "ImportedWithIntrinsicOutput", + "path": "Import-SSM-Parameter/ImportedWithIntrinsicOutput", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "ImportedWithForceFlagOutput": { + "id": "ImportedWithForceFlagOutput", + "path": "Import-SSM-Parameter/ImportedWithForceFlagOutput", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "Import-SSM-Parameter/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "Import-SSM-Parameter/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "cdk-integ-import-ssm-parameter": { + "id": "cdk-integ-import-ssm-parameter", + "path": "cdk-integ-import-ssm-parameter", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "cdk-integ-import-ssm-parameter/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "cdk-integ-import-ssm-parameter/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.26" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.2.26" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.ts new file mode 100644 index 0000000000000..20e6cc317dce2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.ts @@ -0,0 +1,48 @@ +import * as cdk from 'aws-cdk-lib'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; +import * as ssm from 'aws-cdk-lib/aws-ssm'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'Import-SSM-Parameter'); + +const parameterName = 'import-parameter-test'; + +const param = new ssm.StringParameter(stack, 'StringParameter', { + stringValue: 'Initial parameter value', + parameterName, +}); + +// This will use a CfnParameter. +// We have to use an existing parameter to reference it with a concrete name, so using a parameter managed by EC2. +const importedWithName = ssm.StringParameter.fromStringParameterAttributes(stack, 'ImportedWithName', { + parameterName: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs', +}); + +// This will use a dynamic reference (deduced). +const importedWithIntrinsic = ssm.StringParameter.fromStringParameterAttributes(stack, 'ImportedWithIntrinsic', { + simpleName: true, + parameterName: cdk.Fn.ref((param.node.defaultChild as cdk.CfnResource).logicalId), +}); + +// This will use a dynamic reference (forced). +const importedWithForceFlag = ssm.StringParameter.fromStringParameterAttributes(stack, 'ImportedWithForceFlag', { + simpleName: true, + parameterName: param.parameterName, + forceDynamicReference: true, +}); + +new cdk.CfnOutput(stack, 'ImportedWithNameOutput', { + value: importedWithName.stringValue, +}); + +new cdk.CfnOutput(stack, 'ImportedWithIntrinsicOutput', { + value: importedWithIntrinsic.stringValue, +}); + +new cdk.CfnOutput(stack, 'ImportedWithForceFlagOutput', { + value: importedWithForceFlag.stringValue, +}); + +new IntegTest(app, 'cdk-integ-import-ssm-parameter', { + testCases: [stack], +}); diff --git a/packages/@aws-cdk/aws-batch-alpha/README.md b/packages/@aws-cdk/aws-batch-alpha/README.md index 8ee8f6fb6c50c..434d108e303ae 100644 --- a/packages/@aws-cdk/aws-batch-alpha/README.md +++ b/packages/@aws-cdk/aws-batch-alpha/README.md @@ -495,6 +495,29 @@ jobDefn.container.addVolume(batch.EcsVolume.efs({ })); ``` +### Secrets + +You can expose SecretsManager Secret ARNs to your container as environment variables. +The following example defines the `MY_SECRET_ENV_VAR` environment variable that contains the +ARN of the Secret defined by `mySecret`: + +```ts +import * as cdk from 'aws-cdk-lib'; + +declare const mySecret: secretsmanager.ISecret; + +const jobDefn = new batch.EcsJobDefinition(this, 'JobDefn', { + container: new batch.EcsEc2ContainerDefinition(this, 'containerDefn', { + image: ecs.ContainerImage.fromRegistry('public.ecr.aws/amazonlinux/amazonlinux:latest'), + memory: cdk.Size.mebibytes(2048), + cpu: 256, + secrets: { + MY_SECRET_ENV_VAR: mySecret, + } + }), +}); +``` + ### Running Kubernetes Workflows Batch also supports running workflows on EKS. The following example creates a `JobDefinition` that runs on EKS: diff --git a/packages/@aws-cdk/aws-batch-alpha/lib/ecs-container-definition.ts b/packages/@aws-cdk/aws-batch-alpha/lib/ecs-container-definition.ts index 323798cd66cdf..c4b13e6829253 100644 --- a/packages/@aws-cdk/aws-batch-alpha/lib/ecs-container-definition.ts +++ b/packages/@aws-cdk/aws-batch-alpha/lib/ecs-container-definition.ts @@ -342,13 +342,14 @@ export interface IEcsContainerDefinition extends IConstruct { readonly readonlyRootFilesystem?: boolean; /** - * The secrets for the container. Can be referenced in your job definition. + * A map from environment variable names to the secrets for the container. Allows your job definitions + * to reference the secret by the environment variable name defined in this property. * * @see https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html * * @default - no secrets */ - readonly secrets?: secretsmanager.ISecret[]; + readonly secrets?: { [envVarName: string]: secretsmanager.ISecret }; /** * The user name to use inside the container @@ -458,13 +459,14 @@ export interface EcsContainerDefinitionProps { readonly readonlyRootFilesystem?: boolean; /** - * The secrets for the container. Can be referenced in your job definition. + * A map from environment variable names to the secrets for the container. Allows your job definitions + * to reference the secret by the environment variable name defined in this property. * * @see https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html * * @default - no secrets */ - readonly secrets?: secretsmanager.ISecret[]; + readonly secrets?: { [envVarName: string]: secretsmanager.ISecret }; /** * The user name to use inside the container @@ -495,7 +497,7 @@ abstract class EcsContainerDefinitionBase extends Construct implements IEcsConta public readonly linuxParameters?: LinuxParameters; public readonly logDriverConfig?: ecs.LogDriverConfig; public readonly readonlyRootFilesystem?: boolean; - public readonly secrets?: secretsmanager.ISecret[]; + public readonly secrets?: { [envVarName: string]: secretsmanager.ISecret }; public readonly user?: string; public readonly volumes: EcsVolume[]; @@ -553,12 +555,12 @@ abstract class EcsContainerDefinitionBase extends Construct implements IEcsConta logConfiguration: this.logDriverConfig, readonlyRootFilesystem: this.readonlyRootFilesystem, resourceRequirements: this._renderResourceRequirements(), - secrets: this.secrets?.map((secret) => { + secrets: this.secrets ? Object.entries(this.secrets).map(([name, secret]) => { return { - name: secret.secretName, + name, valueFrom: secret.secretArn, }; - }), + }) : undefined, mountPoints: Lazy.any({ produce: () => { if (this.volumes.length === 0) { diff --git a/packages/@aws-cdk/aws-batch-alpha/lib/eks-container-definition.ts b/packages/@aws-cdk/aws-batch-alpha/lib/eks-container-definition.ts index 446e85d416f3f..63b47a97b1951 100644 --- a/packages/@aws-cdk/aws-batch-alpha/lib/eks-container-definition.ts +++ b/packages/@aws-cdk/aws-batch-alpha/lib/eks-container-definition.ts @@ -647,9 +647,9 @@ export interface EksVolumeOptions { readonly name: string; /** - * The path on the container where the container is mounted. + * The path on the container where the volume is mounted. * - * @default - the container is not mounted + * @default - the volume is not mounted */ readonly mountPath?: string; @@ -902,7 +902,7 @@ export class SecretPathVolume extends EksVolume { constructor(options: SecretPathVolumeOptions) { super(options); this.secretName = options.secretName; - this.optional = options.optional; + this.optional = options.optional ?? true; } } diff --git a/packages/@aws-cdk/aws-batch-alpha/lib/eks-job-definition.ts b/packages/@aws-cdk/aws-batch-alpha/lib/eks-job-definition.ts index f5a58b482bf9c..3d84252dd52e0 100644 --- a/packages/@aws-cdk/aws-batch-alpha/lib/eks-job-definition.ts +++ b/packages/@aws-cdk/aws-batch-alpha/lib/eks-job-definition.ts @@ -192,14 +192,13 @@ export class EksJobDefinition extends JobDefinitionBase implements IEksJobDefini }; } if (SecretPathVolume.isSecretPathVolume(volume)) { - /*return { + return { name: volume.name, secret: { optional: volume.optional, secretName: volume.secretName, }, }; - */ } throw new Error('unknown volume type'); diff --git a/packages/@aws-cdk/aws-batch-alpha/test/ecs-container-definition.test.ts b/packages/@aws-cdk/aws-batch-alpha/test/ecs-container-definition.test.ts index c2eaa8705225a..9665a124136bf 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/ecs-container-definition.test.ts +++ b/packages/@aws-cdk/aws-batch-alpha/test/ecs-container-definition.test.ts @@ -255,9 +255,9 @@ describe.each([EcsEc2ContainerDefinition, EcsFargateContainerDefinition])('%p', new EcsJobDefinition(stack, 'ECSJobDefn', { container: new ContainerDefinition(stack, 'EcsContainer', { ...defaultContainerProps, - secrets: [ - new Secret(stack, 'testSecret'), - ], + secrets: { + envName: new Secret(stack, 'testSecret'), + }, }), }); @@ -268,59 +268,7 @@ describe.each([EcsEc2ContainerDefinition, EcsFargateContainerDefinition])('%p', ...pascalCaseExpectedProps.ContainerProperties, Secrets: [ { - Name: { - 'Fn::Join': [ - '-', - [ - { - 'Fn::Select': [ - 0, - { - 'Fn::Split': [ - '-', - { - 'Fn::Select': [ - 6, - { - 'Fn::Split': [ - ':', - { - Ref: 'testSecretB96AD12C', - }, - ], - }, - ], - }, - ], - }, - ], - }, - { - 'Fn::Select': [ - 1, - { - 'Fn::Split': [ - '-', - { - 'Fn::Select': [ - 6, - { - 'Fn::Split': [ - ':', - { - Ref: 'testSecretB96AD12C', - }, - ], - }, - ], - }, - ], - }, - ], - }, - ], - ], - }, + Name: 'envName', ValueFrom: { Ref: 'testSecretB96AD12C' }, }, ], diff --git a/packages/@aws-cdk/aws-batch-alpha/test/eks-container-definition.test.ts b/packages/@aws-cdk/aws-batch-alpha/test/eks-container-definition.test.ts index aad8c169664ad..6cb61084a0966 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/eks-container-definition.test.ts +++ b/packages/@aws-cdk/aws-batch-alpha/test/eks-container-definition.test.ts @@ -33,7 +33,7 @@ describe('eks container', () => { test('eks container defaults', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, }), @@ -47,7 +47,7 @@ describe('eks container', () => { test('respects args', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, args: ['arg1', 'arg2'], @@ -71,7 +71,7 @@ describe('eks container', () => { test('respects command', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, command: ['echo', 'bar'], @@ -95,7 +95,7 @@ describe('eks container', () => { test('respects cpuLimit', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, cpuLimit: 256, @@ -123,7 +123,7 @@ describe('eks container', () => { test('respects cpuReservation', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, cpuReservation: 256, @@ -151,7 +151,7 @@ describe('eks container', () => { test('respects memoryLimitMiB', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, memoryLimit: Size.mebibytes(2048), @@ -179,7 +179,7 @@ describe('eks container', () => { test('respects memoryReservation', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, memoryReservation: Size.mebibytes(2048), @@ -207,7 +207,7 @@ describe('eks container', () => { test('respects gpuLimit', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, gpuLimit: 20, @@ -235,7 +235,7 @@ describe('eks container', () => { test('respects gpuReservation', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, gpuReservation: 20, @@ -263,7 +263,7 @@ describe('eks container', () => { test('respects resource requests and limits', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, cpuLimit: 256, @@ -303,7 +303,7 @@ describe('eks container', () => { test('respects env', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, env: { @@ -339,7 +339,7 @@ describe('eks container', () => { test('respects imagePullPolicy', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, imagePullPolicy: ImagePullPolicy.NEVER, @@ -363,7 +363,7 @@ describe('eks container', () => { test('respects name', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, name: 'myContainerName', @@ -387,7 +387,7 @@ describe('eks container', () => { test('respects privileged', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, privileged: true, @@ -413,7 +413,7 @@ describe('eks container', () => { test('respects readonlyFileSystem', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, readonlyRootFilesystem: true, @@ -439,7 +439,7 @@ describe('eks container', () => { test('respects runAsGroup', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, runAsGroup: 1, @@ -465,7 +465,7 @@ describe('eks container', () => { test('respects runAsRoot', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefEksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, runAsRoot: true, @@ -491,7 +491,7 @@ describe('eks container', () => { test('respects runAsUser', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, runAsUser: 90, @@ -517,7 +517,7 @@ describe('eks container', () => { test('respects emptyDir volumes', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, volumes: [ @@ -560,7 +560,7 @@ describe('eks container', () => { test('respects hostPath volumes', () => { // WHEN - new EksJobDefinition(stack, 'ECSJobDefn', { + new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, volumes: [EksVolume.hostPath({ @@ -597,9 +597,48 @@ describe('eks container', () => { }); }); + test('respects secret volumes, and ensures optional defaults to true', () => { + // WHEN + new EksJobDefinition(stack, 'EksJobDefn', { + container: new EksContainerDefinition(stack, 'EcsEc2Container', { + ...defaultContainerProps, + volumes: [EksVolume.secret({ + name: 'secretVolumeName', + secretName: 'myKubeSecret', + mountPath: '/mount/path', + readonly: true, + })], + }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Batch::JobDefinition', { + ...pascalCaseExpectedProps, + EksProperties: { + PodProperties: { + ...pascalCaseExpectedProps.EksProperties.PodProperties, + Containers: [{ + ...pascalCaseExpectedProps.EksProperties.PodProperties.Containers[0], + VolumeMounts: [{ + MountPath: '/mount/path', + ReadOnly: true, + }], + }], + Volumes: [{ + Name: 'secretVolumeName', + Secret: { + SecretName: 'myKubeSecret', + Optional: true, + }, + }], + }, + }, + }); + }); + test('respects addVolume() with emptyDir volume', () => { // GIVEN - const jobDefn = new EksJobDefinition(stack, 'ECSJobDefn', { + const jobDefn = new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, }), @@ -642,7 +681,7 @@ describe('eks container', () => { test('respects addVolume() with hostPath volume', () => { // GIVEN - const jobDefn = new EksJobDefinition(stack, 'ECSJobDefn', { + const jobDefn = new EksJobDefinition(stack, 'EksJobDefn', { container: new EksContainerDefinition(stack, 'EcsEc2Container', { ...defaultContainerProps, }), @@ -680,4 +719,47 @@ describe('eks container', () => { }, }); }); + + test('respects addVolume() with secret volume (optional: false)', () => { + // GIVEN + const jobDefn = new EksJobDefinition(stack, 'EKSJobDefn', { + container: new EksContainerDefinition(stack, 'EcsEc2Container', { + ...defaultContainerProps, + }), + }); + + // WHEN + jobDefn.container.addVolume(EksVolume.secret({ + name: 'secretVolumeName', + secretName: 'secretName', + optional: false, + mountPath: '/mount/path', + readonly: true, + })); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::Batch::JobDefinition', { + ...pascalCaseExpectedProps, + EksProperties: { + PodProperties: { + ...pascalCaseExpectedProps.EksProperties.PodProperties, + Containers: [{ + ...pascalCaseExpectedProps.EksProperties.PodProperties.Containers[0], + VolumeMounts: [{ + MountPath: '/mount/path', + Name: 'secretVolumeName', + ReadOnly: true, + }], + }], + Volumes: [{ + Name: 'secretVolumeName', + Secret: { + SecretName: 'secretName', + Optional: false, + }, + }], + }, + }, + }); + }); }); diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json index 337b93a040095..e4db2badc242c 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/cdk.out b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/cdk.out index 7925065efbcc4..f0b901e7c06e5 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"31.0.0"} \ No newline at end of file +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/integ.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/integ.json index 65cdb342d321b..6039a8d046450 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "testCases": { "BatchEcsJobDefinitionTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/manifest.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/manifest.json index 7647ac0d6cf43..765c5357a348f 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "31.0.0", + "version": "32.0.0", "artifacts": { "stack.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7eabaa659955f076359ed72f88d929cfe7651a904b6038ae0f3b3215ab36ac6c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/dbfcc646c8225dd32d69798b87a8a94086dd89a2b3137bdf4e0ec96d79cdd4cb.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -195,6 +195,12 @@ "data": "myFileSystemEfsMountTarget2E187D733" } ], + "/stack/mySecret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "mySecretE4D0A59C" + } + ], "/stack/myContainer/ExecutionRole/Resource": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.assets.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.assets.json index a7e4620dbd902..d33d36502bf5f 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.assets.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.assets.json @@ -1,7 +1,7 @@ { - "version": "31.0.0", + "version": "32.0.0", "files": { - "7eabaa659955f076359ed72f88d929cfe7651a904b6038ae0f3b3215ab36ac6c": { + "dbfcc646c8225dd32d69798b87a8a94086dd89a2b3137bdf4e0ec96d79cdd4cb": { "source": { "path": "stack.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "7eabaa659955f076359ed72f88d929cfe7651a904b6038ae0f3b3215ab36ac6c.json", + "objectKey": "dbfcc646c8225dd32d69798b87a8a94086dd89a2b3137bdf4e0ec96d79cdd4cb.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.template.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.template.json index 5bff5ac49c8a5..00e64916fd22c 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.template.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/stack.template.json @@ -465,6 +465,14 @@ } } }, + "mySecretE4D0A59C": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "GenerateSecretString": {} + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, "myContainerExecutionRoleEBACF86C": { "Type": "AWS::IAM::Role", "Properties": { @@ -525,6 +533,14 @@ "Value": "12" } ], + "Secrets": [ + { + "Name": "MY_SECRET_ENV_VAR", + "ValueFrom": { + "Ref": "mySecretE4D0A59C" + } + } + ], "Ulimits": [ { "HardLimit": 50, diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/tree.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/tree.json index e536fd05d3c4a..041b6d0faa434 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.js.snapshot/tree.json @@ -775,6 +775,30 @@ "version": "0.0.0" } }, + "mySecret": { + "id": "mySecret", + "path": "stack/mySecret", + "children": { + "Resource": { + "id": "Resource", + "path": "stack/mySecret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "generateSecretString": {} + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_secretsmanager.Secret", + "version": "0.0.0" + } + }, "myContainer": { "id": "myContainer", "path": "stack/myContainer", @@ -824,8 +848,8 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch-alpha.EcsEc2ContainerDefinition", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.2.52" } }, "ECSJobDefn": { @@ -868,6 +892,14 @@ "value": "12" } ], + "secrets": [ + { + "name": "MY_SECRET_ENV_VAR", + "valueFrom": { + "Ref": "mySecretE4D0A59C" + } + } + ], "mountPoints": [ { "containerPath": "ahhh", @@ -916,7 +948,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch-alpha.EcsJobDefinition", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -969,8 +1001,8 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch-alpha.EcsFargateContainerDefinition", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.2.52" } }, "ECSFargateJobDefn": { @@ -1054,7 +1086,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch-alpha.EcsJobDefinition", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1066,22 +1098,22 @@ "id": "Staging", "path": "stack/dockerImageAsset/Staging", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" } }, "Repository": { "id": "Repository", "path": "stack/dockerImageAsset/Repository", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_ecr.RepositoryBase", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_ecr_assets.DockerImageAsset", + "version": "0.0.0" } }, "EcsDockerContainer": { @@ -1096,8 +1128,8 @@ "id": "ImportExecutionRole", "path": "stack/EcsDockerContainer/ExecutionRole/ImportExecutionRole", "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "Resource": { @@ -1121,8 +1153,8 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" } }, "DefaultPolicy": { @@ -1185,26 +1217,26 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0" } } }, "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.270" + "version": "10.2.52" } }, "ECSDockerJobDefn": { @@ -1249,14 +1281,14 @@ } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.aws_batch.CfnJobDefinition", + "version": "0.0.0" } } }, "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.270" + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" } }, "BootstrapVersion": { @@ -1294,7 +1326,7 @@ "path": "BatchEcsJobDefinitionTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.9" + "version": "10.2.52" } }, "DeployAssert": { @@ -1340,7 +1372,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.9" + "version": "10.2.52" } } }, diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.ts b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.ts index 2c18122d740af..7dcf064a36cf8 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.ts +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.ecs-job-definition.ts @@ -7,6 +7,7 @@ import * as integ from '@aws-cdk/integ-tests-alpha'; import * as batch from '../lib'; import { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets'; import * as path from 'path'; +import { Secret } from 'aws-cdk-lib/aws-secretsmanager'; const app = new App(); const stack = new Stack(app, 'stack'); @@ -40,6 +41,9 @@ new batch.EcsJobDefinition(stack, 'ECSJobDefn', { name: batch.UlimitName.CORE, softLimit: 10, }], + secrets: { + MY_SECRET_ENV_VAR: new Secret(stack, 'mySecret'), + }, }), }); diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json index 0f5545b944f8a..e4db2badc242c 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/BatchEcsJobDefinitionTestDefaultTestDeployAssertE5BAAC9B.assets.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "32.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/cdk.out b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/cdk.out index b72fef144f05c..f0b901e7c06e5 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"30.1.0"} \ No newline at end of file +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/integ.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/integ.json index 38e1bef264143..6039a8d046450 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "32.0.0", "testCases": { "BatchEcsJobDefinitionTest/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/manifest.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/manifest.json index 68dbc42b8fe7b..3d1e44bd73cdf 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "30.1.0", + "version": "32.0.0", "artifacts": { "stack.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/213e7ea5ab99caf36ccb103cecea697bd723a4413a42b71cd94069791d3f146d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/a8db080420a6ed60209e00bb93fe2579b81f60509f47e3a9723b2ba4b0c50b01.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.assets.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.assets.json index 886ca8843dae2..1776ee6cd6e00 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.assets.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.assets.json @@ -1,7 +1,7 @@ { - "version": "30.1.0", + "version": "32.0.0", "files": { - "213e7ea5ab99caf36ccb103cecea697bd723a4413a42b71cd94069791d3f146d": { + "a8db080420a6ed60209e00bb93fe2579b81f60509f47e3a9723b2ba4b0c50b01": { "source": { "path": "stack.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "213e7ea5ab99caf36ccb103cecea697bd723a4413a42b71cd94069791d3f146d.json", + "objectKey": "a8db080420a6ed60209e00bb93fe2579b81f60509f47e3a9723b2ba4b0c50b01.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.template.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.template.json index 1259f7bb6fb04..a5d5eca078cfd 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.template.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/stack.template.json @@ -48,6 +48,14 @@ "Name": "woah", "ReadOnly": true }, + { + "MountPath": "/secret/path", + "Name": "secretVolumeName" + }, + { + "MountPath": "/secret/path2", + "Name": "defaultOptionalSettingSecretVolume" + }, { "MountPath": "/fooasdfadfs", "Name": "hostPath" @@ -63,6 +71,20 @@ }, "Name": "woah" }, + { + "Name": "secretVolumeName", + "Secret": { + "Optional": false, + "SecretName": "secretName" + } + }, + { + "Name": "defaultOptionalSettingSecretVolume", + "Secret": { + "Optional": true, + "SecretName": "NewSecretName" + } + }, { "HostPath": { "Path": "/foo/bar" diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/tree.json b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/tree.json index e0399e670f2fe..fb73eb4052198 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.js.snapshot/tree.json @@ -12,8 +12,8 @@ "id": "EksContainer", "path": "stack/EksContainer", "constructInfo": { - "fqn": "@aws-cdk/aws-batch.EksContainerDefinition", - "version": "0.0.0" + "fqn": "constructs.Construct", + "version": "10.2.52" } }, "EksJobDefn": { @@ -71,6 +71,14 @@ "mountPath": "/mount/path", "readOnly": true }, + { + "name": "secretVolumeName", + "mountPath": "/secret/path" + }, + { + "name": "defaultOptionalSettingSecretVolume", + "mountPath": "/secret/path2" + }, { "name": "hostPath", "mountPath": "/fooasdfadfs" @@ -86,6 +94,20 @@ "sizeLimit": "2048Mi" } }, + { + "name": "secretVolumeName", + "secret": { + "optional": false, + "secretName": "secretName" + } + }, + { + "name": "defaultOptionalSettingSecretVolume", + "secret": { + "optional": true, + "secretName": "NewSecretName" + } + }, { "name": "hostPath", "hostPath": { @@ -100,13 +122,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch.CfnJobDefinition", + "fqn": "aws-cdk-lib.aws_batch.CfnJobDefinition", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-batch.EksJobDefinition", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -114,7 +136,7 @@ "id": "BootstrapVersion", "path": "stack/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -122,13 +144,13 @@ "id": "CheckBootstrapVersion", "path": "stack/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -145,7 +167,7 @@ "path": "BatchEcsJobDefinitionTest/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.264" + "version": "10.2.52" } }, "DeployAssert": { @@ -156,7 +178,7 @@ "id": "BootstrapVersion", "path": "BatchEcsJobDefinitionTest/DefaultTest/DeployAssert/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -164,25 +186,25 @@ "id": "CheckBootstrapVersion", "path": "BatchEcsJobDefinitionTest/DefaultTest/DeployAssert/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", "version": "0.0.0" } }, @@ -191,12 +213,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.264" + "version": "10.2.52" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.ts b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.ts index 4c585b7d1e656..5b1138acce8e3 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.ts +++ b/packages/@aws-cdk/aws-batch-alpha/test/integ.eks-job-definition.ts @@ -33,11 +33,17 @@ new batch.EksJobDefinition(stack, 'EksJobDefn', { readonly: true, sizeLimit: Size.mebibytes(2048), }), - /*batch.EksVolume.secret({ - name: 'foofoo', - secretName: 'foo', + batch.EksVolume.secret({ + name: 'secretVolumeName', + secretName: 'secretName', + mountPath: '/secret/path', + optional: false, + }), + batch.EksVolume.secret({ + name: 'defaultOptionalSettingSecretVolume', + secretName: 'NewSecretName', + mountPath: '/secret/path2', }), - */ batch.EksVolume.hostPath({ name: 'hostPath', hostPath: '/foo/bar', diff --git a/packages/@aws-cdk/aws-batch-alpha/test/job-definition-base.test.ts b/packages/@aws-cdk/aws-batch-alpha/test/job-definition-base.test.ts index 0662f8d5ab6ed..43334f08926f4 100644 --- a/packages/@aws-cdk/aws-batch-alpha/test/job-definition-base.test.ts +++ b/packages/@aws-cdk/aws-batch-alpha/test/job-definition-base.test.ts @@ -223,16 +223,4 @@ describe.each([batch.EcsJobDefinition, batch.EksJobDefinition, batch.MultiNodeJo }, }); }); - - /* - test('can be imported from name', () => { - // WHEN - const importedJob = JobDefinition.fromJobDefinitionName(stack, 'job-def-clone', 'job-def-name'); - - // THEN - expect(importedJob.jobDefinitionName).toEqual('job-def-name'); - expect(importedJob.jobDefinitionArn) - .toEqual(`arn:${Aws.PARTITION}:batch:${Aws.REGION}:${Aws.ACCOUNT_ID}:job-definition/job-def-name`); - }); - */ }); diff --git a/packages/@aws-cdk/aws-glue-alpha/README.md b/packages/@aws-cdk/aws-glue-alpha/README.md index d1fd381446dfb..b07770c6666f7 100644 --- a/packages/@aws-cdk/aws-glue-alpha/README.md +++ b/packages/@aws-cdk/aws-glue-alpha/README.md @@ -94,6 +94,7 @@ new glue.Job(this, 'RayJob', { executable: glue.JobExecutable.pythonRay({ glueVersion: glue.GlueVersion.V4_0, pythonVersion: glue.PythonVersion.THREE_NINE, + runtime: glue.Runtime.RAY_TWO_FOUR, script: glue.Code.fromAsset(path.join(__dirname, 'job-script/hello_world.py')), }), workerType: glue.WorkerType.Z_2X, diff --git a/packages/@aws-cdk/aws-glue-alpha/lib/job-executable.ts b/packages/@aws-cdk/aws-glue-alpha/lib/job-executable.ts index 8ad29c1108b70..c121f69193b16 100644 --- a/packages/@aws-cdk/aws-glue-alpha/lib/job-executable.ts +++ b/packages/@aws-cdk/aws-glue-alpha/lib/job-executable.ts @@ -87,6 +87,34 @@ export enum PythonVersion { THREE_NINE = '3.9', } +/** + * AWS Glue runtime determines the runtime engine of the job. + * + */ +export class Runtime { + /** + * Runtime for a Glue for Ray 2.4. + */ + public static readonly RAY_TWO_FOUR = new Runtime('Ray2.4'); + + /** + * Custom runtime + * @param runtime custom runtime + */ + public static of(runtime: string): Runtime { + return new Runtime(runtime); + } + + /** + * The name of this Runtime. + */ + public readonly name: string; + + private constructor(name: string) { + this.name = name; + } +} + /** * The job type. * @@ -150,6 +178,12 @@ interface PythonExecutableProps { } interface SharedJobExecutableProps { + /** + * Runtime. It is required for Ray jobs. + * + */ + readonly runtime?: Runtime; + /** * Glue version. * @@ -347,6 +381,9 @@ export class JobExecutable { if (config.pythonVersion === PythonVersion.THREE && config.type === JobType.RAY) { throw new Error('Specified PythonVersion PythonVersion.THREE is not supported for Ray'); } + if (config.runtime === undefined && config.type === JobType.RAY) { + throw new Error('Runtime is required for Ray jobs.'); + } this.config = config; } @@ -388,6 +425,13 @@ export interface JobExecutableConfig { */ readonly pythonVersion?: PythonVersion; + /** + * The Runtime to use. + * + * @default - no runtime specified + */ + readonly runtime?: Runtime; + /** * The script that is executed by a job. */ diff --git a/packages/@aws-cdk/aws-glue-alpha/lib/job.ts b/packages/@aws-cdk/aws-glue-alpha/lib/job.ts index 76487882e3758..beace10bd8acc 100644 --- a/packages/@aws-cdk/aws-glue-alpha/lib/job.ts +++ b/packages/@aws-cdk/aws-glue-alpha/lib/job.ts @@ -685,6 +685,7 @@ export class Job extends JobBase { name: executable.type.name, scriptLocation: this.codeS3ObjectUrl(executable.script), pythonVersion: executable.pythonVersion, + runtime: executable.runtime ? executable.runtime.name : undefined, }, glueVersion: executable.glueVersion.name, workerType: props.workerType?.name, diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.assets.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.assets.json index 5519b93f322d2..ae93bf2c5f576 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.assets.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.assets.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "32.0.0", "files": { "432033e3218068a915d2532fa9be7858a12b228a2ae6e5c10faccd9097b1e855": { "source": { @@ -14,7 +14,7 @@ } } }, - "b553fef631f82898c826f3c20e1de0d155dbd3a35339ef92d0893052a5be69ce": { + "e99fb38377ba41ea9e74da162cf01b6821baa17e8e3d003c711b03d822356b89": { "source": { "path": "aws-glue-job.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "b553fef631f82898c826f3c20e1de0d155dbd3a35339ef92d0893052a5be69ce.json", + "objectKey": "e99fb38377ba41ea9e74da162cf01b6821baa17e8e3d003c711b03d822356b89.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json index f8dc5203f4bba..92ffc1c36ba4a 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/aws-glue-job.template.json @@ -354,7 +354,7 @@ "Tags": { "key": "value" }, - "WorkerType": "G.025X" + "WorkerType": "G.1X" } }, "EtlJob30ServiceRole8E675579": { @@ -1415,6 +1415,7 @@ "Command": { "Name": "glueray", "PythonVersion": "3.9", + "Runtime": "Ray2.4", "ScriptLocation": { "Fn::Join": [ "", diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/cdk.out b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/cdk.out index d8b441d447f8a..f0b901e7c06e5 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"29.0.0"} \ No newline at end of file +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/integ.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/integ.json index fa2e902e93c44..3e404e817257e 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "32.0.0", "testCases": { "integ.job": { "stacks": [ diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/manifest.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/manifest.json index e12d21e1befbd..17c822d1ad95a 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "29.0.0", + "version": "32.0.0", "artifacts": { "aws-glue-job.assets": { "type": "cdk:asset-manifest", @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/b553fef631f82898c826f3c20e1de0d155dbd3a35339ef92d0893052a5be69ce.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e99fb38377ba41ea9e74da162cf01b6821baa17e8e3d003c711b03d822356b89.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/tree.json b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/tree.json index 78899d534c9a9..3a1205674b7ac 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.js.snapshot/tree.json @@ -20,7 +20,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/EtlJob2.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -59,7 +59,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -165,19 +165,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -193,39 +193,39 @@ "aws:cdk:cloudformation:props": {} }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.CfnBucket", + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.Bucket", + "fqn": "aws-cdk-lib.aws_s3.Bucket", "version": "0.0.0" } }, - "Codebeaf1c9f157c9b396ec6972f85317dbc": { - "id": "Codebeaf1c9f157c9b396ec6972f85317dbc", - "path": "aws-glue-job/EtlJob2.0/Codebeaf1c9f157c9b396ec6972f85317dbc", + "Code2fe0fc936e45d982e718ad516d9c48b5": { + "id": "Code2fe0fc936e45d982e718ad516d9c48b5", + "path": "aws-glue-job/EtlJob2.0/Code2fe0fc936e45d982e718ad516d9c48b5", "children": { "Stage": { "id": "Stage", - "path": "aws-glue-job/EtlJob2.0/Codebeaf1c9f157c9b396ec6972f85317dbc/Stage", + "path": "aws-glue-job/EtlJob2.0/Code2fe0fc936e45d982e718ad516d9c48b5/Stage", "constructInfo": { - "fqn": "@aws-cdk/core.AssetStaging", + "fqn": "aws-cdk-lib.AssetStaging", "version": "0.0.0" } }, "AssetBucket": { "id": "AssetBucket", - "path": "aws-glue-job/EtlJob2.0/Codebeaf1c9f157c9b396ec6972f85317dbc/AssetBucket", + "path": "aws-glue-job/EtlJob2.0/Code2fe0fc936e45d982e718ad516d9c48b5/AssetBucket", "constructInfo": { - "fqn": "@aws-cdk/aws-s3.BucketBase", + "fqn": "aws-cdk-lib.aws_s3.BucketBase", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3-assets.Asset", + "fqn": "aws-cdk-lib.aws_s3_assets.Asset", "version": "0.0.0" } }, @@ -296,7 +296,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } }, @@ -345,19 +345,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.CfnRule", + "fqn": "aws-cdk-lib.aws_events.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.Rule", + "fqn": "aws-cdk-lib.aws_events.Rule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -373,7 +373,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/StreamingJob2.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -412,7 +412,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -481,19 +481,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -536,17 +536,17 @@ "tags": { "key": "value" }, - "workerType": "G.025X" + "workerType": "G.1X" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -562,7 +562,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/EtlJob3.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -601,7 +601,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -707,19 +707,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -735,13 +735,13 @@ "aws:cdk:cloudformation:props": {} }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.CfnBucket", + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.Bucket", + "fqn": "aws-cdk-lib.aws_s3.Bucket", "version": "0.0.0" } }, @@ -812,7 +812,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } }, @@ -861,19 +861,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.CfnRule", + "fqn": "aws-cdk-lib.aws_events.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.Rule", + "fqn": "aws-cdk-lib.aws_events.Rule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -889,7 +889,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/StreamingJob3.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -928,7 +928,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -997,19 +997,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1056,13 +1056,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -1078,7 +1078,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/EtlJob4.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1117,7 +1117,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -1223,19 +1223,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1251,13 +1251,13 @@ "aws:cdk:cloudformation:props": {} }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.CfnBucket", + "fqn": "aws-cdk-lib.aws_s3.CfnBucket", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-s3.Bucket", + "fqn": "aws-cdk-lib.aws_s3.Bucket", "version": "0.0.0" } }, @@ -1328,7 +1328,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } }, @@ -1377,19 +1377,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.CfnRule", + "fqn": "aws-cdk-lib.aws_events.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-events.Rule", + "fqn": "aws-cdk-lib.aws_events.Rule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -1405,7 +1405,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/StreamingJob4.0/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1444,7 +1444,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -1513,19 +1513,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1572,13 +1572,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -1594,7 +1594,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/ShellJob/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1633,7 +1633,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -1702,19 +1702,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1759,13 +1759,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -1781,7 +1781,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/ShellJob39/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -1820,7 +1820,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -1889,19 +1889,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -1946,13 +1946,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -1968,7 +1968,7 @@ "id": "ImportServiceRole", "path": "aws-glue-job/RayJob/ServiceRole/ImportServiceRole", "constructInfo": { - "fqn": "@aws-cdk/core.Resource", + "fqn": "aws-cdk-lib.Resource", "version": "0.0.0" } }, @@ -2007,7 +2007,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "aws-cdk-lib.aws_iam.CfnRole", "version": "0.0.0" } }, @@ -2076,19 +2076,19 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "aws-cdk-lib.aws_iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", + "fqn": "aws-cdk-lib.aws_iam.Role", "version": "0.0.0" } }, @@ -2112,7 +2112,8 @@ ] ] }, - "pythonVersion": "3.9" + "pythonVersion": "3.9", + "runtime": "Ray2.4" }, "role": { "Fn::GetAtt": [ @@ -2135,13 +2136,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.CfnJob", + "fqn": "aws-cdk-lib.aws_glue.CfnJob", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-glue.Job", + "fqn": "@aws-cdk/aws-glue-alpha.Job", "version": "0.0.0" } }, @@ -2149,7 +2150,7 @@ "id": "BootstrapVersion", "path": "aws-glue-job/BootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", + "fqn": "aws-cdk-lib.CfnParameter", "version": "0.0.0" } }, @@ -2157,13 +2158,13 @@ "id": "CheckBootstrapVersion", "path": "aws-glue-job/CheckBootstrapVersion", "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", + "fqn": "aws-cdk-lib.CfnRule", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.Stack", + "fqn": "aws-cdk-lib.Stack", "version": "0.0.0" } }, @@ -2172,12 +2173,12 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.209" + "version": "10.2.26" } } }, "constructInfo": { - "fqn": "@aws-cdk/core.App", + "fqn": "aws-cdk-lib.App", "version": "0.0.0" } } diff --git a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.ts b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.ts index 5b00c70ab126e..6ae1dd8074dad 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/integ.job.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/integ.job.ts @@ -55,7 +55,6 @@ const script = glue.Code.fromAsset(path.join(__dirname, 'job-script/hello_world. }, }); etlJob.metricSuccess(); - new glue.Job(stack, 'StreamingJob' + glueVersion.name, { jobName: 'StreamingJob' + glueVersion.name, executable: glue.JobExecutable.pythonStreaming({ @@ -63,7 +62,7 @@ const script = glue.Code.fromAsset(path.join(__dirname, 'job-script/hello_world. glueVersion, script, }), - workerType: glue.WorkerType.G_025X, + workerType: [glue.GlueVersion.V2_0].includes(glueVersion) ? glue.WorkerType.G_1X : glue.WorkerType.G_025X, workerCount: 10, defaultArguments: { arg1: 'value1', @@ -112,6 +111,7 @@ new glue.Job(stack, 'RayJob', { executable: glue.JobExecutable.pythonRay({ glueVersion: glue.GlueVersion.V4_0, pythonVersion: glue.PythonVersion.THREE_NINE, + runtime: glue.Runtime.RAY_TWO_FOUR, script, }), workerType: glue.WorkerType.Z_2X, diff --git a/packages/@aws-cdk/aws-glue-alpha/test/job-executable.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/job-executable.test.ts index 50d890c594bfb..ea575f1a022d4 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/job-executable.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/job-executable.test.ts @@ -150,6 +150,7 @@ describe('JobExecutable', () => { glueVersion: glue.GlueVersion.V4_0, language: glue.JobLanguage.PYTHON, pythonVersion: glue.PythonVersion.THREE_NINE, + runtime: glue.Runtime.RAY_TWO_FOUR, script, })).toBeDefined(); }); diff --git a/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts b/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts index 5816f2428e603..171857e5b5668 100644 --- a/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts +++ b/packages/@aws-cdk/aws-glue-alpha/test/job.test.ts @@ -617,6 +617,7 @@ describe('Job', () => { executable: glue.JobExecutable.pythonRay({ glueVersion: glue.GlueVersion.V3_0, pythonVersion: glue.PythonVersion.THREE_NINE, + runtime: glue.Runtime.RAY_TWO_FOUR, script, }), workerType: glue.WorkerType.Z_2X, @@ -629,6 +630,7 @@ describe('Job', () => { executable: glue.JobExecutable.pythonRay({ glueVersion: glue.GlueVersion.V4_0, pythonVersion: glue.PythonVersion.THREE_NINE, + runtime: glue.Runtime.RAY_TWO_FOUR, script, }), workerType: glue.WorkerType.Z_2X, @@ -636,6 +638,18 @@ describe('Job', () => { sparkUI: { enabled: true }, })).toThrow('Spark UI is not available for JobType.RAY'); }); + + test('without runtime should throw', () => { + expect(() => new glue.Job(stack, 'Job', { + executable: glue.JobExecutable.pythonRay({ + glueVersion: glue.GlueVersion.V4_0, + pythonVersion: glue.PythonVersion.THREE_NINE, + script, + }), + workerType: glue.WorkerType.Z_2X, + workerCount: 2, + })).toThrow('Runtime is required for Ray jobs.'); + }); }); test('etl job with all props should synthesize correctly', () => { diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/manifest.json b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/manifest.json index 41ea24ee3e629..82ee2aac7997a 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/834a14d23abdedaf507b2c26f38b0b86c4251a2fec7fbf3eec4bf794f4d74650.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ccba2c7f389f66409665f07bcb2666a07a8c23938ebc9b56a50efab196a77ed4.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.assets.json b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.assets.json index 942de8c88ca01..424728eeb36e8 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.assets.json +++ b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.assets.json @@ -1,7 +1,7 @@ { "version": "32.0.0", "files": { - "834a14d23abdedaf507b2c26f38b0b86c4251a2fec7fbf3eec4bf794f4d74650": { + "ccba2c7f389f66409665f07bcb2666a07a8c23938ebc9b56a50efab196a77ed4": { "source": { "path": "test-stack.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "834a14d23abdedaf507b2c26f38b0b86c4251a2fec7fbf3eec4bf794f4d74650.json", + "objectKey": "ccba2c7f389f66409665f07bcb2666a07a8c23938ebc9b56a50efab196a77ed4.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json index 34098024529f9..5dc2d8c7d7be7 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json +++ b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.js.snapshot/test-stack.template.json @@ -293,6 +293,9 @@ "eu-west-3": { "FirehoseCidrBlock": "35.180.1.96/27" }, + "me-central-1": { + "FirehoseCidrBlock": "3.28.159.64/26/27" + }, "me-south-1": { "FirehoseCidrBlock": "15.185.91.0/27" }, diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.assets.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.assets.json index c655e6aae678c..2c82b5d43992b 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.assets.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.assets.json @@ -1,7 +1,7 @@ { "version": "32.0.0", "files": { - "466a26e514989ad40188482bf23ec485ab4709d80aed97fd24ed168bb6c3c4b7": { + "67bc58d61807d4199cfee4e3648f547f9166e2cfd4daff09c30e062dc39836bb": { "source": { "path": "aws-cdk-firehose-delivery-stream.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "466a26e514989ad40188482bf23ec485ab4709d80aed97fd24ed168bb6c3c4b7.json", + "objectKey": "67bc58d61807d4199cfee4e3648f547f9166e2cfd4daff09c30e062dc39836bb.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json index 730158ce746f5..86ed3d79505f1 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/aws-cdk-firehose-delivery-stream.template.json @@ -256,6 +256,9 @@ "eu-west-3": { "FirehoseCidrBlock": "35.180.1.96/27" }, + "me-central-1": { + "FirehoseCidrBlock": "3.28.159.64/26/27" + }, "me-south-1": { "FirehoseCidrBlock": "15.185.91.0/27" }, diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/cdk.out b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/cdk.out index 7df7694e7a5a5..f0b901e7c06e5 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"32.0.0"} +{"version":"32.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/manifest.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/manifest.json index f19888b6d563e..ebc72daf2a385 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/466a26e514989ad40188482bf23ec485ab4709d80aed97fd24ed168bb6c3c4b7.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/67bc58d61807d4199cfee4e3648f547f9166e2cfd4daff09c30e062dc39836bb.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.assets.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.assets.json index 0d8931500e9c9..e50765e67a8d6 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.assets.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.assets.json @@ -1,7 +1,7 @@ { "version": "32.0.0", "files": { - "ae388a59961712b21cc8f9722482786c97ec2cbeeacf216f1429cdd0994ee931": { + "2cf7703fe55148d123cd83ca24670c1150ca46d90df2ee140e32782ad3fb1136": { "source": { "path": "aws-cdk-firehose-delivery-stream-source-stream.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "ae388a59961712b21cc8f9722482786c97ec2cbeeacf216f1429cdd0994ee931.json", + "objectKey": "2cf7703fe55148d123cd83ca24670c1150ca46d90df2ee140e32782ad3fb1136.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json index d28a7e9e5b431..84880e2fffaf7 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/aws-cdk-firehose-delivery-stream-source-stream.template.json @@ -272,6 +272,9 @@ "eu-west-3": { "FirehoseCidrBlock": "35.180.1.96/27" }, + "me-central-1": { + "FirehoseCidrBlock": "3.28.159.64/26/27" + }, "me-south-1": { "FirehoseCidrBlock": "15.185.91.0/27" }, diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/manifest.json b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/manifest.json index 936ee321e3947..72c575c00b116 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ae388a59961712b21cc8f9722482786c97ec2cbeeacf216f1429cdd0994ee931.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/2cf7703fe55148d123cd83ca24670c1150ca46d90df2ee140e32782ad3fb1136.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.assets.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.assets.json index 257cc00d1e577..bc1a3b1617343 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.assets.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.assets.json @@ -27,7 +27,7 @@ } } }, - "48e1f2c8943aef3f2c0d9e632783b71b5aae97aee0ec7f626744261be0e01cab": { + "0654178c2e8d0b200d13e08bf7506131fee4d25b379a4bc18413f9af11f397f3": { "source": { "path": "aws-cdk-firehose-delivery-stream-s3-all-properties.template.json", "packaging": "file" @@ -35,7 +35,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "48e1f2c8943aef3f2c0d9e632783b71b5aae97aee0ec7f626744261be0e01cab.json", + "objectKey": "0654178c2e8d0b200d13e08bf7506131fee4d25b379a4bc18413f9af11f397f3.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json index 5b8c528b06805..9b7d3be16ce09 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/aws-cdk-firehose-delivery-stream-s3-all-properties.template.json @@ -871,6 +871,9 @@ "eu-west-3": { "FirehoseCidrBlock": "35.180.1.96/27" }, + "me-central-1": { + "FirehoseCidrBlock": "3.28.159.64/26/27" + }, "me-south-1": { "FirehoseCidrBlock": "15.185.91.0/27" }, diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/manifest.json b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/manifest.json index 5f334aebecb52..e3d6fa021527a 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/48e1f2c8943aef3f2c0d9e632783b71b5aae97aee0ec7f626744261be0e01cab.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0654178c2e8d0b200d13e08bf7506131fee4d25b379a4bc18413f9af11f397f3.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-scheduler-alpha/README.md b/packages/@aws-cdk/aws-scheduler-alpha/README.md index 171cecdf66854..7cc01e45a962a 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/README.md +++ b/packages/@aws-cdk/aws-scheduler-alpha/README.md @@ -37,7 +37,15 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw ## Defining a schedule -TODO: Schedule is not yet implemented. See section in [L2 Event Bridge Scheduler RFC](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0474-event-bridge-scheduler-l2.md) +TODO: Schedule is not yet fully implemented. See section in [L2 Event Bridge Scheduler RFC](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0474-event-bridge-scheduler-l2.md) + +[comment]: <> (TODO: change for each PR that implements more functionality) + +Only an L2 class is created that wraps the L1 class and handles the following properties: + +- schedule +- target (only LambdaInvoke is supported for now) +- flexibleTimeWindow will be set to `{ mode: 'OFF' }` ### Schedule Expressions @@ -95,10 +103,31 @@ TODO: Group is not yet implemented. See section in [L2 Event Bridge Scheduler RF TODO: Scheduler Targets Module is not yet implemented. See section in [L2 Event Bridge Scheduler RFC](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0474-event-bridge-scheduler-l2.md) +Only LambdaInvoke target is added for now. + ### Input -TODO: Target Input is not yet implemented. See section in [L2 Event Bridge Scheduler RFC](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0474-event-bridge-scheduler-l2.md) +Target can be invoked with a custom input. Class `ScheduleTargetInput` supports free form text input and JSON-formatted object input: + +```ts +const input = ScheduleTargetInput.fromObject({ + 'QueueName': 'MyQueue' +}); +``` + +You can include context attributes in your target payload. EventBridge Scheduler will replace each keyword with +its respective value and deliver it to the target. See +[full list of supported context attributes](https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-schedule-context-attributes.html): +1. `ContextAttribute.scheduleArn()` – The ARN of the schedule. +2. `ContextAttribute.scheduledTime()` – The time you specified for the schedule to invoke its target, for example, 2022-03-22T18:59:43Z. +3. `ContextAttribute.executionId()` – The unique ID that EventBridge Scheduler assigns for each attempted invocation of a target, for example, d32c5kddcf5bb8c3. +4. `ContextAttribute.attemptNumber()` – A counter that identifies the attempt number for the current invocation, for example, 1. + +```ts +const text = `Attempt number: ${ContextAttribute.attemptNumber}`; +const input = ScheduleTargetInput.fromText(text); +``` ### Specifying Execution Role diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/index.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/index.ts index c00ab258ae963..c2ff54e61f61b 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/lib/index.ts +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/index.ts @@ -1 +1,3 @@ -export * from './schedule-expression'; \ No newline at end of file +export * from './schedule-expression'; +export * from './input'; +export * from './schedule'; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/input.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/input.ts new file mode 100644 index 0000000000000..682ce0687e374 --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/input.ts @@ -0,0 +1,122 @@ +import { DefaultTokenResolver, IResolveContext, Stack, StringConcat, Token, Tokenization } from 'aws-cdk-lib'; +import { ISchedule } from './schedule'; + +/** + * The text, or well-formed JSON, passed to the target of the schedule. + */ +export abstract class ScheduleTargetInput { + /** + * Pass text to the target, it is possible to embed `ContextAttributes` + * that will be resolved to actual values while the CloudFormation is + * deployed or cdk Tokens that will be resolved when the CloudFormation + * templates are generated by CDK. + * + * The target input value will be a single string that you pass. + * For passing complex values like JSON object to a target use method + * `ScheduleTargetInput.fromObject()` instead. + * + * @param text Text to use as the input for the target + */ + public static fromText(text: string): ScheduleTargetInput { + return new FieldAwareEventInput(text); + } + + /** + * Pass a JSON object to the target, it is possible to embed `ContextAttributes` and other + * cdk references. + * + * @param obj object to use to convert to JSON to use as input for the target + */ + public static fromObject(obj: any): ScheduleTargetInput { + return new FieldAwareEventInput(obj); + } + + protected constructor() { + } + + /** + * Return the input properties for this input object + */ + public abstract bind(schedule: ISchedule): string; +} + +class FieldAwareEventInput extends ScheduleTargetInput { + constructor(private readonly input: any) { + super(); + } + + public bind(schedule: ISchedule): string { + class Replacer extends DefaultTokenResolver { + constructor() { + super(new StringConcat()); + } + + public resolveToken(t: Token, _context: IResolveContext) { + return Token.asString(t); + } + } + + const stack = Stack.of(schedule); + return stack.toJsonString(Tokenization.resolve(this.input, { + scope: schedule, + resolver: new Replacer(), + })); + } +} + +/** + * Represents a field in the event pattern + * + * @see https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-schedule-context-attributes.html + */ +export class ContextAttribute { + /** + * The ARN of the schedule. + */ + public static get scheduleArn(): string { + return this.fromName('schedule-arn'); + } + + /** + * The time you specified for the schedule to invoke its target, for example, + * 2022-03-22T18:59:43Z. + */ + public static get scheduledTime(): string { + return this.fromName('scheduled-time'); + } + + /** + * The unique ID that EventBridge Scheduler assigns for each attempted invocation of + * a target, for example, d32c5kddcf5bb8c3. + */ + public static get executionId(): string { + return this.fromName('execution-id'); + } + + /** + * A counter that identifies the attempt number for the current invocation, for + * example, 1. + */ + public static get attemptNumber(): string { + return this.fromName('attempt-number'); + } + + /** + * Escape hatch for other ContextAttribute that might be resolved in future. + * + * @param name - name will replace xxx in + */ + public static fromName(name: string): string { + return new ContextAttribute(name).toString(); + } + + private constructor(public readonly name: string) { + } + + /** + * Convert the path to the field in the event pattern to JSON + */ + public toString() { + return ``; + } +} diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/private/index.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/index.ts new file mode 100644 index 0000000000000..acb4914fd0c93 --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/index.ts @@ -0,0 +1,2 @@ +export * from './schedule'; +export * from './targets'; diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/private/schedule.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/schedule.ts new file mode 100644 index 0000000000000..0e2b33742d18f --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/schedule.ts @@ -0,0 +1,57 @@ +import { Resource } from 'aws-cdk-lib'; +import { CfnSchedule } from 'aws-cdk-lib/aws-scheduler'; +import { Construct } from 'constructs'; +import { ISchedule } from '../schedule'; +import { ScheduleExpression } from '../schedule-expression'; + +/** + * DISCLAIMER: WORK IN PROGRESS, INTERFACE MIGHT CHANGE + * + * This unit is not yet finished. Only rudimentary Schedule is implemented in order + * to be able to create some sensible unit tests + */ + +export interface IScheduleTarget { + bind(_schedule: ISchedule): CfnSchedule.TargetProperty; +} + +/** + * Construction properties for `Schedule`. + */ +export interface ScheduleProps { + /** + * The expression that defines when the schedule runs. Can be either a `at`, `rate` + * or `cron` expression. + */ + readonly schedule: ScheduleExpression; + + /** + * The schedule's target details. + */ + readonly target: IScheduleTarget; + + /** + * The description you specify for the schedule. + * + * @default - no value + */ + readonly description?: string; +} + +/** + * An EventBridge Schedule + */ +export class Schedule extends Resource implements ISchedule { + constructor(scope: Construct, id: string, props: ScheduleProps) { + super(scope, id); + + new CfnSchedule(this, 'Resource', { + flexibleTimeWindow: { mode: 'OFF' }, + scheduleExpression: props.schedule.expressionString, + scheduleExpressionTimezone: props.schedule.timeZone?.timezoneName, + target: { + ...props.target.bind(this), + }, + }); + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/private/targets.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/targets.ts new file mode 100644 index 0000000000000..1edff1b13db57 --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/private/targets.ts @@ -0,0 +1,58 @@ +import * as iam from 'aws-cdk-lib/aws-iam'; +import * as lambda from 'aws-cdk-lib/aws-lambda'; +import { CfnSchedule } from 'aws-cdk-lib/aws-scheduler'; +import { ScheduleTargetInput } from '../input'; +import { ISchedule } from '../schedule'; + +/** + * DISCLAIMER: WORK IN PROGRESS, INTERFACE MIGHT CHANGE + * + * This unit is not yet finished. The LambaInvoke target is only implemented to be able + * to create some sensible unit tests. + */ + +export namespace targets { + export interface ScheduleTargetBaseProps { + readonly role?: iam.IRole; + readonly input?: ScheduleTargetInput; + } + + abstract class ScheduleTargetBase { + constructor( + private readonly baseProps: ScheduleTargetBaseProps, + protected readonly targetArn: string, + ) { + } + + protected abstract addTargetActionToRole(role: iam.IRole): void; + + protected bindBaseTargetConfig(_schedule: ISchedule): CfnSchedule.TargetProperty { + if (typeof this.baseProps.role === undefined) { + throw Error('A role is needed (for now)'); + } + this.addTargetActionToRole(this.baseProps.role!); + return { + arn: this.targetArn, + roleArn: this.baseProps.role!.roleArn, + input: this.baseProps.input?.bind(_schedule), + }; + } + + bind(schedule: ISchedule): CfnSchedule.TargetProperty { + return this.bindBaseTargetConfig(schedule); + } + } + + export class LambdaInvoke extends ScheduleTargetBase { + constructor( + baseProps: ScheduleTargetBaseProps, + private readonly func: lambda.IFunction, + ) { + super(baseProps, func.functionArn); + } + + protected addTargetActionToRole(role: iam.IRole): void { + this.func.grantInvoke(role); + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts new file mode 100644 index 0000000000000..23bcd9406c0d2 --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/lib/schedule.ts @@ -0,0 +1,8 @@ +import { IResource } from 'aws-cdk-lib'; + +/** + * Interface representing a created or an imported `Schedule`. + */ +export interface ISchedule extends IResource { + +} diff --git a/packages/@aws-cdk/aws-scheduler-alpha/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-scheduler-alpha/rosetta/default.ts-fixture index 71131d04c63a3..776fd224ec9b1 100644 --- a/packages/@aws-cdk/aws-scheduler-alpha/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-scheduler-alpha/rosetta/default.ts-fixture @@ -7,7 +7,7 @@ import * as kms from 'aws-cdk-lib/aws-kms'; import * as sqs from 'aws-cdk-lib/aws-sqs'; import * as cloudwatch from 'aws-cdk-lib/aws-cloudwatch'; import { App, Stack, TimeZone, Duration } from 'aws-cdk-lib'; -import { ScheduleExpression } from '@aws-cdk/aws-scheduler-alpha'; +import { ScheduleExpression, ScheduleTargetInput, ContextAttribute } from '@aws-cdk/aws-scheduler-alpha'; class Fixture extends cdk.Stack { constructor(scope: Construct, id: string) { diff --git a/packages/@aws-cdk/aws-scheduler-alpha/test/input.test.ts b/packages/@aws-cdk/aws-scheduler-alpha/test/input.test.ts new file mode 100644 index 0000000000000..adb6042ba3879 --- /dev/null +++ b/packages/@aws-cdk/aws-scheduler-alpha/test/input.test.ts @@ -0,0 +1,143 @@ +import { Stack } from 'aws-cdk-lib'; +import { Template } from 'aws-cdk-lib/assertions'; +import * as iam from 'aws-cdk-lib/aws-iam'; +import * as lambda from 'aws-cdk-lib/aws-lambda'; +import { ContextAttribute, ScheduleExpression, ScheduleTargetInput } from '../lib'; +import { Schedule, targets } from '../lib/private'; + +describe('schedule target input', () => { + let stack: Stack; + let role: iam.IRole; + let func: lambda.IFunction; + const expr = ScheduleExpression.at(new Date(Date.UTC(1969, 10, 20, 0, 0, 0))); + + beforeEach(() => { + stack = new Stack(); + role = iam.Role.fromRoleArn(stack, 'Role', 'arn:aws:iam::123456789012:role/johndoe'); + func = lambda.Function.fromFunctionArn(stack, 'Function', 'arn:aws:lambda:us-east-1:123456789012:function/somefunc'); + }); + + test('create an input from text', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromText('test'), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: '"test"', + }, + }, + }); + }); + + test('create an input from text with a ref inside', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromText(stack.account), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: { + 'Fn::Join': ['', ['"', { Ref: 'AWS::AccountId' }, '"']], + }, + }, + }, + }); + }); + + test('create an input from object', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromObject({ + test: 'test', + }), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: '{"test":"test"}', + }, + }, + }); + }); + + test('create an input from object with a ref', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromObject({ + test: stack.account, + }), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: { + 'Fn::Join': ['', [ + '{"test":"', + { Ref: 'AWS::AccountId' }, + '"}', + ]], + }, + }, + }, + }); + }); + + test('create an input with fromText with ContextAttribute', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromText(`Test=${ContextAttribute.scheduleArn}`), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: '"Test="', + }, + }, + }); + }); + + test('create an input with fromObject with ContextAttribute', () => { + new Schedule(stack, 'MyScheduleDummy', { + schedule: expr, + target: new targets.LambdaInvoke({ + role, + input: ScheduleTargetInput.fromObject({ + arn: ContextAttribute.scheduleArn, + att: ContextAttribute.attemptNumber, + xid: ContextAttribute.executionId, + tim: ContextAttribute.scheduledTime, + cus: ContextAttribute.fromName('escapehatch'), + }), + }, func), + }); + Template.fromStack(stack).hasResource('AWS::Scheduler::Schedule', { + Properties: { + Target: { + Input: '{"arn":"",' + + '"att":"",' + + '"xid":"",' + + '"tim":"",' + + '"cus":""}', + }, + }, + }); + }); +}); diff --git a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json index 0b85d92108d14..4679d1acd5f06 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json @@ -678,8 +678,7 @@ }, "AWS::AmplifyUIBuilder::Component": { "attributes": { - "Id": "The unique ID of the component.", - "Ref": "" + "Id": "The unique ID of the component." }, "description": "The AWS::AmplifyUIBuilder::Component resource specifies a component within an Amplify app. A component is a user interface (UI) element that you can customize. Use `ComponentChild` to configure an instance of a `Component` . A `ComponentChild` instance inherits the configuration of the main `Component` .", "properties": { @@ -853,8 +852,7 @@ }, "AWS::AmplifyUIBuilder::Form": { "attributes": { - "Id": "The ID for the form.", - "Ref": "" + "Id": "The ID for the form." }, "description": "The AWS::AmplifyUIBuilder::Form resource specifies all of the information that is required to create a form.", "properties": { @@ -1016,8 +1014,7 @@ }, "AWS::AmplifyUIBuilder::Theme": { "attributes": { - "Id": "The ID for the theme.", - "Ref": "" + "Id": "The ID for the theme." }, "description": "The AWS::AmplifyUIBuilder::Theme resource specifies a theme within an Amplify app. A theme is a collection of style settings that apply globally to the components associated with the app.", "properties": { @@ -4308,8 +4305,7 @@ "AutoScalingConfigurationArn": "The Amazon Resource Name (ARN) of this auto scaling configuration.", "AutoScalingConfigurationRevision": "The revision of this auto scaling configuration. It's unique among all the active configurations that share the same `AutoScalingConfigurationName` .", "Latest": "It's set to true for the configuration with the highest `Revision` among all configurations that share the same `AutoScalingConfigurationName` . It's set to false otherwise. App Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code.", - "Ref": "", - "Status": "The current state of the auto scaling configuration. If the status of the configuration revision is `ACTIVE` , your auto scaling configuration exists. If the status of a configuration revision is `INACTIVE` , your auto scaling configuration was deleted and can't be used. Inactive configuration revisions are permanently removed some time after they are deleted." + "Ref": "" }, "description": "Specify an AWS App Runner Automatic Scaling configuration by using the `AWS::AppRunner::AutoScalingConfiguration` resource in an AWS CloudFormation template. \n\nThe `AWS::AppRunner::AutoScalingConfiguration` resource is an AWS App Runner resource type that specifies an App Runner automatic scaling configuration.\n\nApp Runner requires this resource to set non-default auto scaling settings for instances used to process the web requests. You can share an auto scaling configuration across multiple services.\n\nCreate multiple revisions of a configuration by calling this action multiple times using the same `AutoScalingConfigurationName` . The call returns incremental `AutoScalingConfigurationRevision` values. When you create a service and configure an auto scaling configuration resource, the service uses the latest active revision of the auto scaling configuration by default. You can optionally configure the service to use a specific revision.\n\nConfigure a higher `MinSize` to increase the spread of your App Runner service over more Availability Zones in the AWS Region . The tradeoff is a higher minimal cost.\n\nConfigure a lower `MaxSize` to control your cost. The tradeoff is lower responsiveness during peak demand.", "properties": { @@ -4551,6 +4547,8 @@ "Description": "The description of the app block.", "DisplayName": "The display name of the app block.", "Name": "The name of the app block.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`", + "PackagingType": "The packaging type of the app block.", + "PostSetupScriptDetails": "The post setup script details of the app block.", "SetupScriptDetails": "The setup script details of the app block.", "SourceS3Location": "The source S3 location of the app block.", "Tags": "The tags of the app block." @@ -4561,7 +4559,7 @@ "description": "The S3 location of the app block.", "properties": { "S3Bucket": "The S3 bucket of the app block.", - "S3Key": "The S3 key of the S3 object of the virtual hard disk." + "S3Key": "The S3 key of the S3 object of the virtual hard disk.\n\nThis is required when it's used by `SetupScriptDetails` and `PostSetupScriptDetails` ." } }, "AWS::AppStream::AppBlock.ScriptDetails": { @@ -4574,6 +4572,43 @@ "TimeoutInSeconds": "The run timeout, in seconds, for the script." } }, + "AWS::AppStream::AppBlockBuilder": { + "attributes": { + "Arn": "The ARN of the app block builder.", + "CreatedTime": "The time when the app block builder was created.", + "Ref": "When you pass the logical ID of this resource to the intrinsic `Ref` function, `Ref` returns the `Name` of the app block builder, such as `abcdefAppBlockBuilder` .\n\nFor more information about using the `Ref` function, see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) ." + }, + "description": "Creates an app block builder.", + "properties": { + "AccessEndpoints": "The access endpoints of the app block builder.", + "AppBlockArns": "The ARN of the app block.\n\n*Maximum* : `1`", + "Description": "The description of the app block builder.", + "DisplayName": "The display name of the app block builder.", + "EnableDefaultInternetAccess": "Indicates whether default internet access is enabled for the app block builder.", + "IamRoleArn": "The ARN of the IAM role that is applied to the app block builder.", + "InstanceType": "The instance type of the app block builder.", + "Name": "The name of the app block builder.", + "Platform": "The platform of the app block builder.\n\n*Allowed values* : `WINDOWS_SERVER_2019`", + "Tags": "The tags of the app block builder.", + "VpcConfig": "The VPC configuration for the app block builder." + } + }, + "AWS::AppStream::AppBlockBuilder.AccessEndpoint": { + "attributes": {}, + "description": "Describes an interface VPC endpoint (interface endpoint) that lets you create a private connection between the virtual private cloud (VPC) that you specify and AppStream 2.0. When you specify an interface endpoint for a stack, users of the stack can connect to AppStream 2.0 only through that endpoint. When you specify an interface endpoint for an image builder, administrators can connect to the image builder only through that endpoint.", + "properties": { + "EndpointType": "The type of interface endpoint.", + "VpceId": "The identifier (ID) of the VPC in which the interface endpoint is used." + } + }, + "AWS::AppStream::AppBlockBuilder.VpcConfig": { + "attributes": {}, + "description": "Describes VPC configuration information for fleets and image builders.", + "properties": { + "SecurityGroupIds": "The identifiers of the security groups for the fleet or image builder.", + "SubnetIds": "The identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. Fleet instances use one or more subnets. Image builder instances use one subnet." + } + }, "AWS::AppStream::Application": { "attributes": { "Arn": "The ARN of the application.", @@ -10826,6 +10861,83 @@ "Username": "The username for the user." } }, + "AWS::Comprehend::DocumentClassifier": { + "attributes": { + "Arn": "", + "Ref": "" + }, + "description": "", + "properties": { + "DataAccessRoleArn": "", + "DocumentClassifierName": "", + "InputDataConfig": "", + "LanguageCode": "", + "Mode": "", + "ModelKmsKeyId": "", + "ModelPolicy": "", + "OutputDataConfig": "", + "Tags": "", + "VersionName": "", + "VolumeKmsKeyId": "", + "VpcConfig": "" + } + }, + "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { + "attributes": {}, + "description": "", + "properties": { + "AttributeNames": "", + "S3Uri": "", + "Split": "" + } + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "attributes": {}, + "description": "", + "properties": { + "S3Uri": "", + "TestS3Uri": "" + } + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "attributes": {}, + "description": "The input properties for training a document classifier.\n\nFor more information on how the input file is formatted, see [Preparing training data](https://docs.aws.amazon.com/comprehend/latest/dg/prep-classifier-data.html) in the Comprehend Developer Guide.", + "properties": { + "AugmentedManifests": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", + "DataFormat": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", + "DocumentReaderConfig": "", + "DocumentType": "", + "Documents": "", + "LabelDelimiter": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", + "S3Uri": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", + "TestS3Uri": "This specifies the Amazon S3 location where the test annotations for an entity recognizer are located. The URI must be in the same AWS Region as the API endpoint that you are calling." + } + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { + "attributes": {}, + "description": "", + "properties": { + "KmsKeyId": "", + "S3Uri": "" + } + }, + "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { + "attributes": {}, + "description": "", + "properties": { + "DocumentReadAction": "", + "DocumentReadMode": "", + "FeatureTypes": "" + } + }, + "AWS::Comprehend::DocumentClassifier.VpcConfig": { + "attributes": {}, + "description": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "properties": { + "SecurityGroupIds": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "Subnets": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) ." + } + }, "AWS::Comprehend::Flywheel": { "attributes": { "Arn": "The Amazon Resource Name (ARN) of the flywheel.", @@ -13774,16 +13886,16 @@ }, "description": "The `AWS::DataSync::LocationNFS` resource specifies a file system on a Network File System (NFS) server that can be read from or written to.", "properties": { - "MountOptions": "The NFS mount options that DataSync can use to mount your NFS share.", - "OnPremConfig": "Contains a list of Amazon Resource Names (ARNs) of agents that are used to connect to an NFS server.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.", - "ServerHostname": "The name of the NFS server. This value is the IP address or Domain Name Service (DNS) name of the NFS server. An agent that is installed on-premises uses this hostname to mount the NFS server in a network.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.\n\n> This name must either be DNS-compliant or must be an IP version 4 (IPv4) address.", - "Subdirectory": "The subdirectory in the NFS file system that is used to read data from the NFS source location or write data to the NFS destination. The NFS path should be a path that's exported by the NFS server, or a subdirectory of that path. The path should be such that it can be mounted by other NFS clients in your network.\n\nTo see all the paths exported by your NFS server, run \" `showmount -e nfs-server-name` \" from an NFS client that has access to your server. You can specify any directory that appears in the results, and any subdirectory of that directory. Ensure that the NFS export is accessible without Kerberos authentication.\n\nTo transfer all the data in the folder you specified, DataSync needs to have permissions to read all the data. To ensure this, either configure the NFS export with `no_root_squash,` or ensure that the permissions for all of the files that you want DataSync allow read access for all users. Doing either enables the agent to read the files. For the agent to access directories, you must additionally enable all execute access.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.\n\nFor information about NFS export configuration, see [18.7. The /etc/exports Configuration File](https://docs.aws.amazon.com/http://web.mit.edu/rhel-doc/5/RHEL-5-manual/Deployment_Guide-en-US/s1-nfs-server-config-exports.html) in the Red Hat Enterprise Linux documentation.", - "Tags": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources." + "MountOptions": "Specifies the mount options that DataSync can use to mount your NFS share.", + "OnPremConfig": "Specifies the Amazon Resource Names (ARNs) of agents that DataSync uses to connect to your NFS file server.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.", + "ServerHostname": "Specifies the IP address or domain name of your NFS file server. An agent that is installed on-premises uses this hostname to mount the NFS server in a network.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.\n\n> You must specify be an IP version 4 address or Domain Name System (DNS)-compliant name.", + "Subdirectory": "Specifies the subdirectory in the NFS file server that DataSync transfers to or from. The NFS path should be a path that's exported by the NFS server, or a subdirectory of that path. The path should be such that it can be mounted by other NFS clients in your network.\n\nTo see all the paths exported by your NFS server, run \" `showmount -e nfs-server-name` \" from an NFS client that has access to your server. You can specify any directory that appears in the results, and any subdirectory of that directory. Ensure that the NFS export is accessible without Kerberos authentication.\n\nTo transfer all the data in the folder you specified, DataSync needs to have permissions to read all the data. To ensure this, either configure the NFS export with `no_root_squash,` or ensure that the permissions for all of the files that you want DataSync allow read access for all users. Doing either enables the agent to read the files. For the agent to access directories, you must additionally enable all execute access.\n\nIf you are copying data to or from your AWS Snowcone device, see [NFS Server on AWS Snowcone](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#nfs-on-snowcone) for more information.", + "Tags": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location." } }, "AWS::DataSync::LocationNFS.MountOptions": { "attributes": {}, - "description": "The NFS mount options that DataSync can use to mount your NFS share.", + "description": "Specifies the mount options that DataSync can use to mount your NFS share.", "properties": { "Version": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations." } @@ -15618,6 +15730,7 @@ }, "description": "Specifies a key pair for use with an Amazon Elastic Compute Cloud instance as follows:\n\n- To import an existing key pair, include the `PublicKeyMaterial` property.\n- To create a new key pair, omit the `PublicKeyMaterial` property.\n\nWhen you import an existing key pair, you specify the public key material for the key. We assume that you have the private key material for the key. AWS CloudFormation does not create or return the private key material when you import a key pair.\n\nWhen you create a new key pair, the private key is saved to AWS Systems Manager Parameter Store, using a parameter with the following name: `/ec2/keypair/{key_pair_id}` . For more information about retrieving private key, and the required permissions, see [Create a key pair using AWS CloudFormation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html#create-key-pair-cloudformation) in the *Amazon EC2 User Guide* .\n\nWhen AWS CloudFormation deletes a key pair that was created or imported by a stack, it also deletes the parameter that was used to store the private key material in Parameter Store.", "properties": { + "KeyFormat": "The format of the key pair.\n\nDefault: `pem`", "KeyName": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", "KeyType": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", "PublicKeyMaterial": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", @@ -15628,6 +15741,7 @@ "attributes": { "DefaultVersionNumber": "The default version of the launch template, such as 2.\n\nThe default version of a launch template cannot be specified in AWS CloudFormation . The default version can be set in the Amazon EC2 console or by using the `modify-launch-template` AWS CLI command.", "LatestVersionNumber": "The latest version of the launch template, such as `5` .", + "LaunchTemplateId": "", "Ref": "`Ref` returns the ID of the launch template, for example, `lt-01238c059e3466abc` ." }, "description": "Specifies the properties for creating a launch template.\n\nThe minimum required properties for specifying a launch template are as follows:\n\n- You must specify at least one property for the launch template data.\n- You do not need to specify a name for the launch template. If you do not specify a name, AWS CloudFormation creates the name for you.\n\nA launch template can contain some or all of the configuration information to launch an instance. When you launch an instance using a launch template, instance properties that are not specified in the launch template use default values, except the `ImageId` property, which has no default value. If you do not specify an AMI ID for the launch template `ImageId` property, you must specify an AMI ID for the instance `ImageId` property.\n\nFor more information, see [Launch an instance from a launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html) in the *Amazon EC2 User Guide* .", @@ -17037,6 +17151,8 @@ "AWS::EC2::Subnet": { "attributes": { "AvailabilityZone": "The Availability Zone of this subnet. For example:\n\n`{ \"Fn::GetAtt\" : [ \"mySubnet\", \"AvailabilityZone\" ] }`", + "AvailabilityZoneId": "", + "CidrBlock": "", "Ipv6CidrBlocks": "The IPv6 CIDR blocks that are associated with the subnet, such as `[ 2001:db8:1234:1a00::/64 ]` .", "NetworkAclAssociationId": "The ID of the network ACL that is associated with the subnet's VPC, such as `acl-5fb85d36` .", "OutpostArn": "The Amazon Resource Name (ARN) of the Outpost.", @@ -17702,7 +17818,9 @@ "description": "Describes the options for Verified Access logs.", "properties": { "CloudWatchLogs": "CloudWatch Logs logging destination.", + "IncludeTrustContext": "Include trust data sent by trust providers into the logs.", "KinesisDataFirehose": "Kinesis logging destination.", + "LogVersion": "The logging version to use.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", "S3": "Amazon S3 logging options." } }, @@ -17803,11 +17921,11 @@ "attributes": {}, "description": "", "properties": { - "AboutText": "", - "Architectures": "", - "OperatingSystems": "", - "RepositoryDescription": "", - "UsageText": "" + "AboutText": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", + "Architectures": "The architecture tags that are associated with the repository.", + "OperatingSystems": "The operating system tags that are associated with the repository.", + "RepositoryDescription": "The short description of the repository.", + "UsageText": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository." } }, "AWS::ECR::PullThroughCacheRule": { @@ -22431,7 +22549,7 @@ "description": "The `AWS::GameLift::Build` resource creates a game server build that is installed and run on instances in an Amazon GameLift fleet. This resource points to an Amazon S3 location that contains a zip file with all of the components of the game server build.", "properties": { "Name": "A descriptive label that is associated with a build. Build names do not need to be unique.", - "OperatingSystem": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> If you have active fleets using the Windows Server 2012 operating system, you can continue to create new builds using this OS until October 10, 2023, when Microsoft ends its support. All others must use Windows Server 2016 when creating new Windows-based builds.", + "OperatingSystem": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> The Amazon Linux 2023 OS is not available in the China Regions. > Support is ending in 2023 for the Windows Server 2012 and Amazon Linux (AL1) operating systems. If you have active fleets using these operating systems, you can continue to create new builds using these until their end of support. All other users must use Windows Server 2016, Amazon Linux 2, or Amazon Linux 2023. For more information, including specific end-of-support dates, see the Amazon GameLift FAQs for [Windows Server](https://docs.aws.amazon.com/gamelift/faq/win2012/) and [Linux Server](https://docs.aws.amazon.com/gamelift/faq/al1/) .", "ServerSdkVersion": "The Amazon GameLift Server SDK version used to develop your game server.", "StorageLocation": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift will report a `SizeOnDisk` of 0.", "Version": "Version information that is associated with this build. Version strings do not need to be unique." @@ -25273,7 +25391,8 @@ }, "AWS::IAM::ServiceLinkedRole": { "attributes": { - "Ref": "`Ref` returns the `RoleName` created for the service-linked role appended with an underscore followed by the `CustomSuffix` . For example: `AWSServiceRoleForAutoScaling_TestSuffix` ." + "Ref": "`Ref` returns the `RoleName` created for the service-linked role appended with an underscore followed by the `CustomSuffix` . For example: `AWSServiceRoleForAutoScaling_TestSuffix` .", + "RoleName": "" }, "description": "Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps improve service stability and proper cleanup when a service and its role are no longer needed. For more information, see [Using service-linked roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) in the *IAM User Guide* .\n\nTo attach a policy to this service-linked role, you must make the request using the AWS service that depends on this role.", "properties": { @@ -31742,11 +31861,6 @@ "description": "A list of the account IDs of AWS accounts with Amazon EMR clusters that are allowed to perform data filtering.", "properties": {} }, - "AWS::LakeFormation::DataLakeSettings.Permissions": { - "attributes": {}, - "description": "Permissions granted to a principal.", - "properties": {} - }, "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { "attributes": {}, "description": "Permissions granted to a principal.", @@ -38561,12 +38675,14 @@ }, "AWS::NetworkManager::Device": { "attributes": { + "CreatedAt": "", "DeviceArn": "The ARN of the device. For example, `arn:aws:networkmanager::123456789012:device/global-network-01231231231231231/device-07f6fd08867abc123` .", "DeviceId": "The ID of the device. For example, `device-07f6fd08867abc123` .", "Ref": "`Ref` returns the IDs of the global network and device. For example: `global-network-01231231231231231|device-07f6fd08867abc123` ." }, "description": "Specifies a device.", "properties": { + "AWSLocation": "", "Description": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", "GlobalNetworkId": "The ID of the global network.", "Location": "The site location.", @@ -38578,6 +38694,14 @@ "Vendor": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters." } }, + "AWS::NetworkManager::Device.AWSLocation": { + "attributes": {}, + "description": "", + "properties": { + "SubnetArn": "", + "Zone": "" + } + }, "AWS::NetworkManager::Device.Location": { "attributes": {}, "description": "Describes a location.", @@ -40009,12 +40133,10 @@ "ApplicationInstanceIdToReplace": "The ID of an application instance to replace with the new instance.", "DefaultRuntimeContextDevice": "The device's ID.", "Description": "A description for the application instance.", - "DeviceId": "A device's ID.", "ManifestOverridesPayload": "Setting overrides for the application manifest.", "ManifestPayload": "The application's manifest document.", "Name": "A name for the application instance.", "RuntimeRoleArn": "The ARN of a runtime role for the application instance.", - "StatusFilter": "Only include instances with a specific status.", "Tags": "Tags for the application instance." } }, @@ -42210,18 +42332,10 @@ "NullValueColor": "Determines the color that is applied to null values." } }, - "AWS::QuickSight::Analysis.ColorsConfiguration": { - "attributes": {}, - "description": "", - "properties": { - "CustomColors": "" - } - }, "AWS::QuickSight::Analysis.ColumnConfiguration": { "attributes": {}, "description": "The general configuration of a column.", "properties": { - "ColorsConfiguration": "", "Column": "The column.", "FormatConfiguration": "The format configuration of a column.", "Role": "The role of the column." @@ -42473,15 +42587,6 @@ "URLTemplate": "THe URL link of the `CustomActionURLOperation` ." } }, - "AWS::QuickSight::Analysis.CustomColor": { - "attributes": {}, - "description": "", - "properties": { - "Color": "", - "FieldValue": "", - "SpecialValue": "" - } - }, "AWS::QuickSight::Analysis.CustomContentConfiguration": { "attributes": {}, "description": "The configuration of a `CustomContentVisual` .", @@ -42588,6 +42693,7 @@ "MeasureLabelVisibility": "Determines the visibility of the measure field labels.", "Overlap": "Determines whether overlap is enabled or disabled for the data labels.", "Position": "Determines the position of the data labels.", + "TotalsVisibility": "Determines the visibility of the total.", "Visibility": "Determines the visibility of the data labels." } }, @@ -42834,6 +42940,7 @@ "properties": { "CustomValuesConfiguration": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "SelectAllValueOptions": "The configuration that selects all options.", + "SourceColumn": "", "SourceField": "The source field ID of the destination parameter.", "SourceParameterName": "The source parameter name of the destination parameter." } @@ -43129,6 +43236,7 @@ "attributes": {}, "description": "The configuration of selected fields in the `CustomActionFilterOperation` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "properties": { + "SelectedColumns": "The selected columns of a dataset.", "SelectedFieldOptions": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "SelectedFields": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." } @@ -43472,6 +43580,27 @@ "West": "The longitude of the west bound of the geospatial coordinate bounds." } }, + "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { + "attributes": {}, + "description": "The color scale specification for the heatmap point style.", + "properties": { + "Colors": "The list of colors to be used in heatmap point style." + } + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "attributes": {}, + "description": "The heatmap configuration of the geospatial point style.", + "properties": { + "HeatmapColor": "The color scale specification for the heatmap point style." + } + }, + "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "attributes": {}, + "description": "The color to be used in the heatmap point style.", + "properties": { + "Color": "The hex color to be used in the heatmap point style." + } + }, "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { "attributes": {}, "description": "The aggregated field wells for a geospatial map.", @@ -43525,6 +43654,7 @@ "description": "The point style of the geospatial map.", "properties": { "ClusterMarkerConfiguration": "The cluster marker configuration of the geospatial point style.", + "HeatmapConfiguration": "The heatmap configuration of the geospatial point style.", "SelectedPointStyle": "The selected point styles (point, cluster) of the geospatial map." } }, @@ -44512,6 +44642,7 @@ "properties": { "FieldId": "The field ID of the cell for conditional formatting.", "Scope": "The scope of the cell for conditional formatting.", + "Scopes": "A list of cell scopes for conditional formatting.", "TextFormat": "The text format of the cell for conditional formatting." } }, @@ -44556,6 +44687,22 @@ "Width": "The width of the data path option." } }, + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "attributes": {}, + "description": "The collapse state options for the pivot table field options.", + "properties": { + "State": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "Target": "A tagged-union object that sets the collapse state." + } + }, + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "attributes": {}, + "description": "The target of a pivot table field collapse state.", + "properties": { + "FieldDataPathValues": "The data path of the pivot table's header. Used to set the collapse state.", + "FieldId": "The field ID of the pivot table that the collapse state needs to be set to." + } + }, "AWS::QuickSight::Analysis.PivotTableFieldOption": { "attributes": {}, "description": "The selected field options for the pivot table field options.", @@ -44569,6 +44716,7 @@ "attributes": {}, "description": "The field options for a pivot table visual.", "properties": { + "CollapseStateOptions": "The collapse state options for the pivot table field options.", "DataPathOptions": "The data path options for the pivot table field options.", "SelectedFieldOptions": "The selected field options for the pivot table field options." } @@ -44592,6 +44740,7 @@ "description": "The table options for a pivot table visual.", "properties": { "CellStyle": "The table cell style of cells.", + "CollapsedRowDimensionsVisibility": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "ColumnHeaderStyle": "The table cell style of the column header.", "ColumnNamesVisibility": "The visibility of the column names.", "MetricPlacement": "The metric placement (row, column) options.", @@ -44700,6 +44849,7 @@ "AlternateBandColorsVisibility": "Determines the visibility of the colors of alternatign bands in a radar chart.", "AlternateBandEvenColor": "The color of the even-numbered alternate bands of a radar chart.", "AlternateBandOddColor": "The color of the odd-numbered alternate bands of a radar chart.", + "AxesRangeScale": "The axis behavior options of a radar chart.", "BaseSeriesSettings": "The base sreies settings of a radar chart.", "CategoryAxis": "The category axis of a radar chart.", "CategoryLabelOptions": "The category label options of a radar chart.", @@ -44933,6 +45083,7 @@ "description": "The aggregated field well of a scatter plot.", "properties": { "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." @@ -44965,6 +45116,8 @@ "attributes": {}, "description": "The unaggregated field wells of a scatter plot.", "properties": { + "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." @@ -46392,18 +46545,10 @@ "NullValueColor": "Determines the color that is applied to null values." } }, - "AWS::QuickSight::Dashboard.ColorsConfiguration": { - "attributes": {}, - "description": "", - "properties": { - "CustomColors": "" - } - }, "AWS::QuickSight::Dashboard.ColumnConfiguration": { "attributes": {}, "description": "The general configuration of a column.", "properties": { - "ColorsConfiguration": "", "Column": "The column.", "FormatConfiguration": "The format configuration of a column.", "Role": "The role of the column." @@ -46655,15 +46800,6 @@ "URLTemplate": "THe URL link of the `CustomActionURLOperation` ." } }, - "AWS::QuickSight::Dashboard.CustomColor": { - "attributes": {}, - "description": "", - "properties": { - "Color": "", - "FieldValue": "", - "SpecialValue": "" - } - }, "AWS::QuickSight::Dashboard.CustomContentConfiguration": { "attributes": {}, "description": "The configuration of a `CustomContentVisual` .", @@ -46847,6 +46983,7 @@ "MeasureLabelVisibility": "Determines the visibility of the measure field labels.", "Overlap": "Determines whether overlap is enabled or disabled for the data labels.", "Position": "Determines the position of the data labels.", + "TotalsVisibility": "Determines the visibility of the total.", "Visibility": "Determines the visibility of the data labels." } }, @@ -47114,6 +47251,7 @@ "properties": { "CustomValuesConfiguration": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "SelectAllValueOptions": "The configuration that selects all options.", + "SourceColumn": "", "SourceField": "The source field ID of the destination parameter.", "SourceParameterName": "The source parameter name of the destination parameter." } @@ -47430,6 +47568,7 @@ "attributes": {}, "description": "The configuration of selected fields in the `CustomActionFilterOperation` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "properties": { + "SelectedColumns": "The selected columns of a dataset.", "SelectedFieldOptions": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "SelectedFields": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." } @@ -47773,6 +47912,27 @@ "West": "The longitude of the west bound of the geospatial coordinate bounds." } }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "attributes": {}, + "description": "The color scale specification for the heatmap point style.", + "properties": { + "Colors": "The list of colors to be used in heatmap point style." + } + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "attributes": {}, + "description": "The heatmap configuration of the geospatial point style.", + "properties": { + "HeatmapColor": "The color scale specification for the heatmap point style." + } + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "attributes": {}, + "description": "The color to be used in the heatmap point style.", + "properties": { + "Color": "The hex color to be used in the heatmap point style." + } + }, "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { "attributes": {}, "description": "The aggregated field wells for a geospatial map.", @@ -47826,6 +47986,7 @@ "description": "The point style of the geospatial map.", "properties": { "ClusterMarkerConfiguration": "The cluster marker configuration of the geospatial point style.", + "HeatmapConfiguration": "The heatmap configuration of the geospatial point style.", "SelectedPointStyle": "The selected point styles (point, cluster) of the geospatial map." } }, @@ -48813,6 +48974,7 @@ "properties": { "FieldId": "The field ID of the cell for conditional formatting.", "Scope": "The scope of the cell for conditional formatting.", + "Scopes": "A list of cell scopes for conditional formatting.", "TextFormat": "The text format of the cell for conditional formatting." } }, @@ -48857,6 +49019,22 @@ "Width": "The width of the data path option." } }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "attributes": {}, + "description": "The collapse state options for the pivot table field options.", + "properties": { + "State": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "Target": "A tagged-union object that sets the collapse state." + } + }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "attributes": {}, + "description": "The target of a pivot table field collapse state.", + "properties": { + "FieldDataPathValues": "The data path of the pivot table's header. Used to set the collapse state.", + "FieldId": "The field ID of the pivot table that the collapse state needs to be set to." + } + }, "AWS::QuickSight::Dashboard.PivotTableFieldOption": { "attributes": {}, "description": "The selected field options for the pivot table field options.", @@ -48870,6 +49048,7 @@ "attributes": {}, "description": "The field options for a pivot table visual.", "properties": { + "CollapseStateOptions": "The collapse state options for the pivot table field options.", "DataPathOptions": "The data path options for the pivot table field options.", "SelectedFieldOptions": "The selected field options for the pivot table field options." } @@ -48893,6 +49072,7 @@ "description": "The table options for a pivot table visual.", "properties": { "CellStyle": "The table cell style of cells.", + "CollapsedRowDimensionsVisibility": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "ColumnHeaderStyle": "The table cell style of the column header.", "ColumnNamesVisibility": "The visibility of the column names.", "MetricPlacement": "The metric placement (row, column) options.", @@ -49001,6 +49181,7 @@ "AlternateBandColorsVisibility": "Determines the visibility of the colors of alternatign bands in a radar chart.", "AlternateBandEvenColor": "The color of the even-numbered alternate bands of a radar chart.", "AlternateBandOddColor": "The color of the odd-numbered alternate bands of a radar chart.", + "AxesRangeScale": "The axis behavior options of a radar chart.", "BaseSeriesSettings": "The base sreies settings of a radar chart.", "CategoryAxis": "The category axis of a radar chart.", "CategoryLabelOptions": "The category label options of a radar chart.", @@ -49234,6 +49415,7 @@ "description": "The aggregated field well of a scatter plot.", "properties": { "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." @@ -49266,6 +49448,8 @@ "attributes": {}, "description": "The unaggregated field wells of a scatter plot.", "properties": { + "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." @@ -51437,18 +51621,10 @@ "NullValueColor": "Determines the color that is applied to null values." } }, - "AWS::QuickSight::Template.ColorsConfiguration": { - "attributes": {}, - "description": "", - "properties": { - "CustomColors": "" - } - }, "AWS::QuickSight::Template.ColumnConfiguration": { "attributes": {}, "description": "The general configuration of a column.", "properties": { - "ColorsConfiguration": "", "Column": "The column.", "FormatConfiguration": "The format configuration of a column.", "Role": "The role of the column." @@ -51724,15 +51900,6 @@ "URLTemplate": "THe URL link of the `CustomActionURLOperation` ." } }, - "AWS::QuickSight::Template.CustomColor": { - "attributes": {}, - "description": "", - "properties": { - "Color": "", - "FieldValue": "", - "SpecialValue": "" - } - }, "AWS::QuickSight::Template.CustomContentConfiguration": { "attributes": {}, "description": "The configuration of a `CustomContentVisual` .", @@ -51839,6 +52006,7 @@ "MeasureLabelVisibility": "Determines the visibility of the measure field labels.", "Overlap": "Determines whether overlap is enabled or disabled for the data labels.", "Position": "Determines the position of the data labels.", + "TotalsVisibility": "Determines the visibility of the total.", "Visibility": "Determines the visibility of the data labels." } }, @@ -52077,6 +52245,7 @@ "properties": { "CustomValuesConfiguration": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "SelectAllValueOptions": "The configuration that selects all options.", + "SourceColumn": "", "SourceField": "The source field ID of the destination parameter.", "SourceParameterName": "The source parameter name of the destination parameter." } @@ -52372,6 +52541,7 @@ "attributes": {}, "description": "The configuration of selected fields in the `CustomActionFilterOperation` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "properties": { + "SelectedColumns": "The selected columns of a dataset.", "SelectedFieldOptions": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "SelectedFields": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." } @@ -52715,6 +52885,27 @@ "West": "The longitude of the west bound of the geospatial coordinate bounds." } }, + "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "attributes": {}, + "description": "The color scale specification for the heatmap point style.", + "properties": { + "Colors": "The list of colors to be used in heatmap point style." + } + }, + "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "attributes": {}, + "description": "The heatmap configuration of the geospatial point style.", + "properties": { + "HeatmapColor": "The color scale specification for the heatmap point style." + } + }, + "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "attributes": {}, + "description": "The color to be used in the heatmap point style.", + "properties": { + "Color": "The hex color to be used in the heatmap point style." + } + }, "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { "attributes": {}, "description": "The aggregated field wells for a geospatial map.", @@ -52768,6 +52959,7 @@ "description": "The point style of the geospatial map.", "properties": { "ClusterMarkerConfiguration": "The cluster marker configuration of the geospatial point style.", + "HeatmapConfiguration": "The heatmap configuration of the geospatial point style.", "SelectedPointStyle": "The selected point styles (point, cluster) of the geospatial map." } }, @@ -53737,6 +53929,7 @@ "properties": { "FieldId": "The field ID of the cell for conditional formatting.", "Scope": "The scope of the cell for conditional formatting.", + "Scopes": "A list of cell scopes for conditional formatting.", "TextFormat": "The text format of the cell for conditional formatting." } }, @@ -53781,6 +53974,22 @@ "Width": "The width of the data path option." } }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "attributes": {}, + "description": "The collapse state options for the pivot table field options.", + "properties": { + "State": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "Target": "A tagged-union object that sets the collapse state." + } + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "attributes": {}, + "description": "The target of a pivot table field collapse state.", + "properties": { + "FieldDataPathValues": "The data path of the pivot table's header. Used to set the collapse state.", + "FieldId": "The field ID of the pivot table that the collapse state needs to be set to." + } + }, "AWS::QuickSight::Template.PivotTableFieldOption": { "attributes": {}, "description": "The selected field options for the pivot table field options.", @@ -53794,6 +54003,7 @@ "attributes": {}, "description": "The field options for a pivot table visual.", "properties": { + "CollapseStateOptions": "The collapse state options for the pivot table field options.", "DataPathOptions": "The data path options for the pivot table field options.", "SelectedFieldOptions": "The selected field options for the pivot table field options." } @@ -53817,6 +54027,7 @@ "description": "The table options for a pivot table visual.", "properties": { "CellStyle": "The table cell style of cells.", + "CollapsedRowDimensionsVisibility": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "ColumnHeaderStyle": "The table cell style of the column header.", "ColumnNamesVisibility": "The visibility of the column names.", "MetricPlacement": "The metric placement (row, column) options.", @@ -53925,6 +54136,7 @@ "AlternateBandColorsVisibility": "Determines the visibility of the colors of alternatign bands in a radar chart.", "AlternateBandEvenColor": "The color of the even-numbered alternate bands of a radar chart.", "AlternateBandOddColor": "The color of the odd-numbered alternate bands of a radar chart.", + "AxesRangeScale": "The axis behavior options of a radar chart.", "BaseSeriesSettings": "The base sreies settings of a radar chart.", "CategoryAxis": "The category axis of a radar chart.", "CategoryLabelOptions": "The category label options of a radar chart.", @@ -54158,6 +54370,7 @@ "description": "The aggregated field well of a scatter plot.", "properties": { "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." @@ -54190,6 +54403,8 @@ "attributes": {}, "description": "The unaggregated field wells of a scatter plot.", "properties": { + "Category": "The category field well of a scatter plot.", + "Label": "The label field well of a scatter plot.", "Size": "The size field well of a scatter plot.", "XAxis": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "YAxis": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." @@ -55282,7 +55497,8 @@ "description": "Permission for the resource.", "properties": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "Resource": "" } }, "AWS::QuickSight::Theme.SheetStyle": { @@ -61653,19 +61869,15 @@ }, "description": "A versioned model that can be deployed for SageMaker inference.", "properties": { - "AdditionalInferenceSpecificationDefinition": "A structure of additional Inference Specification. Additional Inference Specification specifies details about inference jobs that can be run with models based on this model package", "AdditionalInferenceSpecifications": "An array of additional Inference Specification objects.", "AdditionalInferenceSpecificationsToAdd": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", "ApprovalDescription": "A description provided when the model approval is set.", "CertifyForMarketplace": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", "ClientToken": "A unique token that guarantees that the call to this API is idempotent.", - "CreatedBy": "Information about the user who created or modified an experiment, trial, trial component, lineage group, or project.", "CustomerMetadataProperties": "The metadata properties for the model package.", "Domain": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", "DriftCheckBaselines": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", - "Environment": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", "InferenceSpecification": "Defines how to perform inference generation after a training job is run.", - "LastModifiedBy": "Information about the user who created or modified an experiment, trial, trial component, lineage group, or project.", "LastModifiedTime": "The last time the model package was modified.", "MetadataProperties": "Metadata properties of the tracking entity, trial, or trial component.", "ModelApprovalStatus": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", @@ -61674,7 +61886,6 @@ "ModelPackageGroupName": "The model group to which the model belongs.", "ModelPackageName": "The name of the model.", "ModelPackageStatusDetails": "Specifies the validation and image scan statuses of the model package.", - "ModelPackageStatusItem": "Represents the overall status of a model package.", "ModelPackageVersion": "The version number of a versioned model.", "SamplePayloadUrl": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", "SourceAlgorithmSpecification": "A list of algorithms that were used to create a model package.", @@ -61838,15 +62049,13 @@ "ImageDigest": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", "ModelDataUrl": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", "ModelInput": "A structure with Model Input details.", - "NearestModelName": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", - "ProductId": "The AWS Marketplace product ID of the model package." + "NearestModelName": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` ." } }, "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { "attributes": {}, "description": "Specifies the validation and image scan statuses of the model package.", "properties": { - "ImageScanStatuses": "The status of the scan of the Docker image container for the model package.", "ValidationStatuses": "The validation status of the model package." } }, @@ -61932,15 +62141,6 @@ "VolumeKmsKeyId": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`" } }, - "AWS::SageMaker::ModelPackage.UserContext": { - "attributes": {}, - "description": "Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card.", - "properties": { - "DomainId": "The domain associated with the user.", - "UserProfileArn": "The Amazon Resource Name (ARN) of the user's profile.", - "UserProfileName": "The name of the user's profile." - } - }, "AWS::SageMaker::ModelPackage.ValidationProfile": { "attributes": {}, "description": "Contains data, such as the inputs and targeted instance types that are used in the process of validating the model package.\n\nThe data provided in the validation profile is made available to your buyers on AWS Marketplace.", @@ -62907,7 +63107,7 @@ "Id": "The ARN of the secret.", "Ref": "When you pass the logical ID of an `AWS::SecretsManager::Secret` resource to the intrinsic `Ref` function, the function returns the ARN of the secret configured such as:\n\n`arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c`\n\nIf you know the ARN of a secret, you can reference a secret you created in one part of the stack template from within the definition of another resource in the same template. You typically use the `Ref` function with the [AWS::SecretsManager::SecretTargetAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secrettargetattachment.html) resource type to get references to both the secret and its associated database.\n\nFor more information about using the `Ref` function, see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) ." }, - "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nTo retrieve a secret in a CloudFormation template, use a *dynamic reference* . For more information, see [Retrieve a secret in an AWS CloudFormation resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html) .\n\nA common scenario is to first create a secret with `GenerateSecretString` , which generates a password, and then use a dynamic reference to retrieve the username and password from the secret to use as credentials for a new database. Follow these steps, as shown in the examples below:\n\n- Define the secret without referencing the service or database. You can't reference the service or database because it doesn't exist yet. The secret must contain a username and password.\n- Next, define the service or database. Include the reference to the secret to use stored credentials to define the database admin user and password.\n- Finally, define a `SecretTargetAttachment` resource type to finish configuring the secret with the required database engine type and the connection details of the service or database. The rotation function requires the details, if you attach one later by defining a [AWS::SecretsManager::RotationSchedule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-rotationschedule.html) resource type.\n\nFor information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) . For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html) .\n\nFor information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html) .\n\n> Do not create a dynamic reference using a backslash `(\\)` as the final value. AWS CloudFormation cannot resolve those references, which causes a resource failure.", + "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nTo retrieve a secret in a CloudFormation template, use a *dynamic reference* . For more information, see [Retrieve a secret in an AWS CloudFormation resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html) .\n\nA common scenario is to first create a secret with `GenerateSecretString` , which generates a password, and then use a dynamic reference to retrieve the username and password from the secret to use as credentials for a new database. See the example *Creating a Redshift cluster and a secret for the admin credentials* .\n\nFor information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) . For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html) .\n\nFor information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html) .", "properties": { "Description": "The description of the secret.", "GenerateSecretString": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", @@ -64345,8 +64545,8 @@ "LoggingRole": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.", "PostAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", "PreAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", - "ProtocolDetails": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.", - "Protocols": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3.", + "ProtocolDetails": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "Protocols": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", "SecurityPolicyName": "Specifies the name of the security policy that is attached to the server.", "StructuredLogDestinations": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", "Tags": "Key-value pairs that can be used to group and search for servers.", @@ -64355,7 +64555,7 @@ }, "AWS::Transfer::Server.As2Transport": { "attributes": {}, - "description": "Indicates the transport method for the AS2 messages. Currently, only HTTP is supported.", + "description": "Indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `As2Transports` parameter is an array of `As2Transport` strings.\n\n*Required* : No\n\n*Type* : String\n\n*Allowed values* : `HTTP`\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", "properties": {} }, "AWS::Transfer::Server.EndpointDetails": { @@ -64382,7 +64582,7 @@ }, "AWS::Transfer::Server.Protocol": { "attributes": {}, - "description": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3.", + "description": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of `Protocol` strings.\n\n*Required* : No\n\n*Type* : String\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", "properties": {} }, "AWS::Transfer::Server.ProtocolDetails": { @@ -64397,7 +64597,7 @@ }, "AWS::Transfer::Server.StructuredLogDestination": { "attributes": {}, - "description": "", + "description": "Specifies a log group to which your server logs are sent.", "properties": {} }, "AWS::Transfer::Server.WorkflowDetail": { @@ -64571,6 +64771,131 @@ "Type": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file." } }, + "AWS::VerifiedPermissions::IdentitySource": { + "attributes": { + "Details": "A structure that contains information about the configuration of the identity source.", + "Details.ClientIds": "The application client IDs associated with the specified Amazon Cognito user pool that are enabled for this identity source.", + "Details.DiscoveryUrl": "The well-known URL that points to this user pool's OIDC discovery endpoint. This is a URL string in the following format. This URL replaces the placeholders for both the AWS Region and the user pool identifier with those appropriate for this user pool.\n\n`https://cognito-idp..amazonaws.com//.well-known/openid-configuration`", + "Details.OpenIdIssuer": "A string that identifies the type of OIDC service represented by this identity source. At this time, the only valid value is `cognito` .", + "Details.UserPoolArn": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.", + "IdentitySourceId": "The unique ID of the new or updated identity store.", + "Ref": "`Ref` returns the unique id of the new identity source. For example:\n\n`{ \"Ref\": \"ISEXAMPLEabcdefg111111\" }`" + }, + "description": "Creates or updates a reference to Amazon Cognito as an external identity provider.\n\nIf you are creating a new identity source, then you must specify a `Configuration` . If you are updating an existing identity source, then you must specify an `UpdateConfiguration` .\n\nAfter you create an identity source, you can use the identities provided by the IdP as proxies for the principal in authorization queries that use the [IsAuthorizedWithToken](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operation. These identities take the form of tokens that contain claims about the user, such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens and access tokens, and Verified Permissions can use either or both. Any combination of identity and access tokens results in the same Cedar principal. Verified Permissions automatically translates the information about the identities into the standard Cedar attributes that can be evaluated by your policies. Because the Amazon Cognito identity and access tokens can contain different information, the tokens you choose to use determine the attributes that are available to access in the Cedar principal from your policies.\n\nAmazon Cognito Identity is not available in all of the same AWS Regions as Amazon Verified Permissions . Because of this, the `AWS::VerifiedPermissions::IdentitySource` type is not available to create from AWS CloudFormation in Regions where Amazon Cognito Identity is not currently available. Users can still create `AWS::VerifiedPermissions::IdentitySource` in those Regions, but only from the AWS CLI , Amazon Verified Permissions SDK, or from the AWS console.\n\n> To reference a user from this identity source in your Cedar policies, use the following syntax.\n> \n> *IdentityType::\"|*\n> \n> Where `IdentityType` is the string that you provide to the `PrincipalEntityType` parameter for this operation. The `CognitoUserPoolId` and `CognitoClientId` are defined by the Amazon Cognito user pool.", + "properties": { + "Configuration": "Contains configuration information used when creating or updating an identity source.\n\n> At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.\n> \n> You must specify a `userPoolArn` , and optionally, a `ClientId` .", + "PolicyStoreId": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "PrincipalEntityType": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source." + } + }, + "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { + "attributes": {}, + "description": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", + "properties": { + "ClientIds": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", + "UserPoolArn": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized." + } + }, + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { + "attributes": {}, + "description": "A structure that contains configuration information used when creating or updating a new identity source.\n\n> At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.\n> \n> You must specify a `userPoolArn` , and optionally, a `ClientId` .", + "properties": { + "CognitoUserPoolConfiguration": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions ." + } + }, + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceDetails": { + "attributes": {}, + "description": "A structure that contains configuration of the identity source.", + "properties": { + "ClientIds": "The application client IDs associated with the specified Amazon Cognito user pool that are enabled for this identity source.", + "DiscoveryUrl": "The well-known URL that points to this user pool's OIDC discovery endpoint. This is a URL string in the following format. This URL replaces the placeholders for both the AWS Region and the user pool identifier with those appropriate for this user pool.\n\n`https://cognito-idp. ** .amazonaws.com/ ** /.well-known/openid-configuration`", + "OpenIdIssuer": "A string that identifies the type of OIDC service represented by this identity source.\n\nAt this time, the only valid value is `cognito` .", + "UserPoolArn": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store." + } + }, + "AWS::VerifiedPermissions::Policy": { + "attributes": { + "PolicyId": "The unique ID of the new or updated policy.", + "PolicyType": "The type of the policy. This is one of the following values:\n\n- Static\n- TemplateLinked", + "Ref": "`Ref` returns the unique id of the new or updated policy. For example:\n\n`{ \"Ref\": \"SPEXAMPLEabcdefg111111\" }`" + }, + "description": "Creates or updates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template.\n\nYou can directly update only static policies. To update a template-linked policy, you must update it's linked policy template instead.\n\n- To create a static policy, in the `Definition` include a `Static` element that includes the Cedar policy text in the `Statement` element.\n- To create a policy that is dynamically linked to a policy template, in the `Definition` include a `Templatelinked` element that specifies the policy template ID and the principal and resource to associate with this policy. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template.\n\n> If the policy store has validation enabled, then creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass validation, the operation fails and the policy isn't stored.", + "properties": { + "Definition": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", + "PolicyStoreId": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in." + } + }, + "AWS::VerifiedPermissions::Policy.EntityIdentifier": { + "attributes": {}, + "description": "Contains the identifier of an entity in a policy, including its ID and type.", + "properties": { + "EntityId": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", + "EntityType": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`" + } + }, + "AWS::VerifiedPermissions::Policy.PolicyDefinition": { + "attributes": {}, + "description": "A structure that defines a Cedar policy. It includes the policy type, a description, and a policy body. This is a top level data type used to create a policy.\n\nThis data type is used as a request parameter for the [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation. This structure must always have either an `Static` or a `TemplateLinked` element.", + "properties": { + "Static": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", + "TemplateLinked": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy." + } + }, + "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { + "attributes": {}, + "description": "A structure that defines a static policy.", + "properties": { + "Description": "The description of the static policy.", + "Statement": "The policy content of the static policy, written in the Cedar policy language." + } + }, + "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { + "attributes": {}, + "description": "A structure that describes a policy created by instantiating a policy template.\n\n> You can't directly update a template-linked policy. You must update the associated policy template instead.", + "properties": { + "PolicyTemplateId": "The unique identifier of the policy template used to create this policy.", + "Principal": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", + "Resource": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request." + } + }, + "AWS::VerifiedPermissions::PolicyStore": { + "attributes": { + "Arn": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the new or updated policy store.", + "PolicyStoreId": "The unique ID of the new or updated policy store.", + "Ref": "`Ref` returns the unique id of the new or updated policy store. For example:\n\n`{ \"Ref\": \"PSEXAMPLEabcdefg111111\" }`" + }, + "description": "Creates a policy store. A policy store is a container for policy resources. You can create a separate policy store for each of your applications.", + "properties": { + "Schema": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", + "ValidationSettings": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on." + } + }, + "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { + "attributes": {}, + "description": "Contains a list of principal types, resource types, and actions that can be specified in policies stored in the same policy store. If the validation mode for the policy store is set to `STRICT` , then policies that can't be validated by this schema are rejected by Verified Permissions and can't be stored in the policy store.", + "properties": { + "CedarJson": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the *Amazon Verified Permissions User Guide* ." + } + }, + "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { + "attributes": {}, + "description": "A structure that contains Cedar policy validation settings for the policy store. The validation mode determines which validation failures that Cedar considers serious enough to block acceptance of a new or edited static policy or policy template.", + "properties": { + "Mode": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation." + } + }, + "AWS::VerifiedPermissions::PolicyTemplate": { + "attributes": { + "PolicyTemplateId": "The unique identifier of the new or modified policy template.", + "Ref": "`Ref` returns the unique id of the new or updated policy template. For example:\n\n`{ \"Ref\": \"PTEXAMPLEabcdefg111111\" }`" + }, + "description": "Creates a policy template. A template can use placeholders for the principal and resource. A template must be instantiated into a policy by associating it with specific principals and resources to use for the placeholders. That instantiated policy can then be considered in authorization decisions. The instantiated policy works identically to any other policy, except that it is dynamically linked to the template. If the template changes, then any policies that are linked to that template are immediately updated as well.", + "properties": { + "Description": "The description to attach to the new or updated policy template.", + "PolicyStoreId": "The unique identifier of the policy store that contains the template.", + "Statement": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language." + } + }, "AWS::VoiceID::Domain": { "attributes": { "DomainId": "The identifier of the domain.", @@ -65868,6 +66193,7 @@ }, "description": "> This is the latest version of *AWS WAF* , named AWS WAF V2, released in November, 2019. For information, including how to migrate your AWS WAF resources from the prior release, see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . \n\nUse an `WebACL` to define a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you specify a default action to take (allow, block) for any request that doesn't match any of the rules. The rules in a web ACL can contain rule statements that you define explicitly and rule statements that reference rule groups and managed rule groups. You can associate a web ACL with one or more AWS resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer , an AWS AppSync GraphQL API , an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance.", "properties": { + "AssociationConfig": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected CloudFront distributions forward to AWS WAF for inspection. The default is 16 KB (16,384 kilobytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", "CaptchaConfig": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", "ChallengeConfig": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", "CustomResponseBodies": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", @@ -65911,6 +66237,13 @@ "Statements": "The statements to combine with AND logic. You can use any statements that can be nested." } }, + "AWS::WAFv2::WebACL.AssociationConfig": { + "attributes": {}, + "description": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected CloudFront distributions forward to AWS WAF for inspection. The default is 16 KB (16,384 kilobytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", + "properties": { + "RequestBody": "Customizes the maximum size of the request body that your protected CloudFront distributions forward to AWS WAF for inspection. The default size is 16 KB (16,384 kilobytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) ." + } + }, "AWS::WAFv2::WebACL.BlockAction": { "attributes": {}, "description": "Specifies that AWS WAF should block the request and optionally defines additional custom handling for the response to the web request.\n\nThis is used in the context of other settings, for example to specify values for a rule action or a web ACL default action.", @@ -66225,6 +66558,13 @@ "TextTransformations": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." } }, + "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "attributes": {}, + "description": "Customizes the maximum size of the request body that your protected CloudFront distributions forward to AWS WAF for inspection. The default size is 16 KB (16,384 kilobytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nThis is used in the `AssociationConfig` of the web ACL.", + "properties": { + "DefaultSizeInspectionLimit": "Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 kilobytes)`" + } + }, "AWS::WAFv2::WebACL.RequestInspection": { "attributes": {}, "description": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.\n\nThis is part of the `AWSManagedRulesATPRuleSet` configuration in `ManagedRuleGroupConfig` .\n\nIn these settings, you specify how your application accepts login attempts by providing the request payload type and the names of the fields within the request body where the username and password are provided.", @@ -66406,7 +66746,7 @@ }, "description": "> This is the latest version of *AWS WAF* , named AWS WAF V2, released in November, 2019. For information, including how to migrate your AWS WAF resources from the prior release, see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . \n\nUse a web ACL association to define an association between a web ACL and a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance.\n\nFor Amazon CloudFront , don't use this resource. Instead, use your CloudFront distribution configuration. To associate a web ACL with a distribution, provide the Amazon Resource Name (ARN) of the `WebACL` to your CloudFront distribution configuration. To disassociate a web ACL, provide an empty ARN. For information, see [AWS::CloudFront::Distribution](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html) .\n\nWhen you create a web ACL or make changes to a web ACL or web ACL components, like rules and rule groups, AWS WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an AWS resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.", "properties": { - "ResourceArn": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn:aws:elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn:aws:apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn:aws:appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn:aws:cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn:aws:apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`", + "ResourceArn": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`", "WebACLArn": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource." } }, diff --git a/packages/aws-cdk-lib/aws-lambda/lib/lambda-insights.ts b/packages/aws-cdk-lib/aws-lambda/lib/lambda-insights.ts index b61c3463cb3a6..6490115dd8a6b 100644 --- a/packages/aws-cdk-lib/aws-lambda/lib/lambda-insights.ts +++ b/packages/aws-cdk-lib/aws-lambda/lib/lambda-insights.ts @@ -60,6 +60,11 @@ export abstract class LambdaInsightsVersion { */ public static readonly VERSION_1_0_178_0 = LambdaInsightsVersion.fromInsightsVersion('1.0.178.0'); + /** + * Version 1.0.229.0 + */ + public static readonly VERSION_1_0_229_0 = LambdaInsightsVersion.fromInsightsVersion('1.0.229.0'); + /** * Use the insights extension associated with the provided ARN. Make sure the ARN is associated * with same region as your function diff --git a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts index 1f7acddde80ae..467df41b2fa21 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts @@ -632,14 +632,25 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { * * @internal */ - protected _createInstances(props: DatabaseClusterProps): InstanceConfig { + protected _createInstances(cluster: DatabaseClusterNew, props: DatabaseClusterProps): InstanceConfig { const instanceEndpoints: Endpoint[] = []; const instanceIdentifiers: string[] = []; const readers: IAuroraClusterInstance[] = []; + + let monitoringRole = props.monitoringRole; + if (!props.monitoringRole && props.monitoringInterval && props.monitoringInterval.toSeconds()) { + monitoringRole = new Role(cluster, 'MonitoringRole', { + assumedBy: new ServicePrincipal('monitoring.rds.amazonaws.com'), + managedPolicies: [ + ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonRDSEnhancedMonitoringRole'), + ], + }); + } + // need to create the writer first since writer is determined by what instance is first const writer = props.writer!.bind(this, this, { monitoringInterval: props.monitoringInterval, - monitoringRole: props.monitoringRole, + monitoringRole: monitoringRole, removalPolicy: props.removalPolicy ?? RemovalPolicy.SNAPSHOT, subnetGroup: this.subnetGroup, promotionTier: 0, // override the promotion tier so that writers are always 0 @@ -647,7 +658,7 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { (props.readers ?? []).forEach(instance => { const clusterInstance = instance.bind(this, this, { monitoringInterval: props.monitoringInterval, - monitoringRole: props.monitoringRole, + monitoringRole: monitoringRole, removalPolicy: props.removalPolicy ?? RemovalPolicy.SNAPSHOT, subnetGroup: this.subnetGroup, }); @@ -988,7 +999,7 @@ export class DatabaseCluster extends DatabaseClusterNew { throw new Error('writer must be provided'); } - const createdInstances = props.writer ? this._createInstances(props) : legacyCreateInstances(this, props, this.subnetGroup); + const createdInstances = props.writer ? this._createInstances(this, props) : legacyCreateInstances(this, props, this.subnetGroup); this.instanceIdentifiers = createdInstances.instanceIdentifiers; this.instanceEndpoints = createdInstances.instanceEndpoints; } @@ -1185,7 +1196,7 @@ export class DatabaseClusterFromSnapshot extends DatabaseClusterNew { if ((props.writer || props.readers) && (props.instances || props.instanceProps)) { throw new Error('Cannot provide clusterInstances if instances or instanceProps are provided'); } - const createdInstances = props.writer ? this._createInstances(props) : legacyCreateInstances(this, props, this.subnetGroup); + const createdInstances = props.writer ? this._createInstances(this, props) : legacyCreateInstances(this, props, this.subnetGroup); this.instanceIdentifiers = createdInstances.instanceIdentifiers; this.instanceEndpoints = createdInstances.instanceEndpoints; } diff --git a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts index 298dfec3352e0..afb8472295e2b 100644 --- a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts @@ -1527,7 +1527,7 @@ describe('cluster', () => { }); }); - test('cluster with enabled monitoring', () => { + test('cluster with enabled monitoring (legacy)', () => { // GIVEN const stack = testStack(); const vpc = new ec2.Vpc(stack, 'VPC'); @@ -1584,6 +1584,58 @@ describe('cluster', () => { }); }); + test('cluster with enabled monitoring should create default role with new api', () => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA, + vpc, + writer: ClusterInstance.serverlessV2('writer'), + iamAuthentication: true, + monitoringInterval: cdk.Duration.minutes(1), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::RDS::DBInstance', { + MonitoringInterval: 60, + MonitoringRoleArn: { + 'Fn::GetAtt': ['DatabaseMonitoringRole576991DA', 'Arn'], + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Role', { + AssumeRolePolicyDocument: { + Statement: [ + { + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { + Service: 'monitoring.rds.amazonaws.com', + }, + }, + ], + Version: '2012-10-17', + }, + ManagedPolicyArns: [ + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole', + ], + ], + }, + ], + }); + }); + test('create a cluster with imported monitoring role', () => { // GIVEN const stack = testStack(); diff --git a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts index 09a36373baf83..c4129538a3edf 100644 --- a/packages/aws-cdk-lib/aws-s3/lib/bucket.ts +++ b/packages/aws-cdk-lib/aws-s3/lib/bucket.ts @@ -1344,18 +1344,18 @@ export interface BucketProps { * If you choose KMS, you can specify a KMS key via `encryptionKey`. If * encryption key is not specified, a key will automatically be created. * - * @default - `Kms` if `encryptionKey` is specified, or `Managed` otherwise. + * @default - `KMS` if `encryptionKey` is specified, or `UNENCRYPTED` otherwise. + * But if `UNENCRYPTED` is specified, the bucket will be encrypted as `S3_MANAGED` automatically. */ readonly encryption?: BucketEncryption; /** * External KMS key to use for bucket encryption. * - * The 'encryption' property must be either not specified or set to "Kms". - * An error will be emitted if encryption is set to "Unencrypted" or - * "Managed". + * The `encryption` property must be either not specified or set to `KMS` or `DSSE`. + * An error will be emitted if `encryption` is set to `UNENCRYPTED` or `S3_MANAGED`. * - * @default - If encryption is set to "Kms" and this property is undefined, + * @default - If `encryption` is set to `KMS` and this property is undefined, * a new KMS key will be created and associated with this bucket. */ readonly encryptionKey?: kms.IKey; diff --git a/packages/aws-cdk-lib/aws-ssm/lib/parameter.ts b/packages/aws-cdk-lib/aws-ssm/lib/parameter.ts index 5bb4f6cc5d9b9..e5f65f01333a1 100644 --- a/packages/aws-cdk-lib/aws-ssm/lib/parameter.ts +++ b/packages/aws-cdk-lib/aws-ssm/lib/parameter.ts @@ -389,6 +389,14 @@ export interface StringParameterAttributes extends CommonStringParameterAttribut * @default ParameterValueType.STRING */ readonly valueType?: ParameterValueType; + + /** + * Use a dynamic reference as the representation in CloudFormation template level. + * By default, CDK tries to deduce an appropriate representation based on the parameter value (a CfnParameter or a dynamic reference). Use this flag to override the representation when it does not work. + * + * @default false + */ + readonly forceDynamicReference?: boolean; } /** @@ -472,10 +480,19 @@ export class StringParameter extends ParameterBase implements IStringParameter { } const type = attrs.type ?? attrs.valueType ?? ParameterValueType.STRING; - - const stringValue = attrs.version - ? new CfnDynamicReference(CfnDynamicReferenceService.SSM, `${attrs.parameterName}:${Tokenization.stringifyNumber(attrs.version)}`).toString() - : new CfnParameter(scope, `${id}.Parameter`, { type: `AWS::SSM::Parameter::Value<${type}>`, default: attrs.parameterName }).valueAsString; + const forceDynamicReference = attrs.forceDynamicReference ?? false; + + let stringValue: string; + if (attrs.version) { + stringValue = new CfnDynamicReference(CfnDynamicReferenceService.SSM, `${attrs.parameterName}:${Tokenization.stringifyNumber(attrs.version)}`).toString(); + } else if (forceDynamicReference) { + stringValue = new CfnDynamicReference(CfnDynamicReferenceService.SSM, attrs.parameterName).toString(); + } else if (Token.isUnresolved(attrs.parameterName) && Fn._isFnBase(Tokenization.reverseString(attrs.parameterName).firstToken)) { + // the default value of a CfnParameter can only contain strings, so we cannot use it when a parameter name contains tokens. + stringValue = new CfnDynamicReference(CfnDynamicReferenceService.SSM, attrs.parameterName).toString(); + } else { + stringValue = new CfnParameter(scope, `${id}.Parameter`, { type: `AWS::SSM::Parameter::Value<${type}>`, default: attrs.parameterName }).valueAsString; + } class Import extends ParameterBase { public readonly parameterName = attrs.parameterName; diff --git a/packages/aws-cdk-lib/aws-ssm/test/parameter.test.ts b/packages/aws-cdk-lib/aws-ssm/test/parameter.test.ts index be0b07ba7538d..8e0c20abd426d 100644 --- a/packages/aws-cdk-lib/aws-ssm/test/parameter.test.ts +++ b/packages/aws-cdk-lib/aws-ssm/test/parameter.test.ts @@ -963,3 +963,73 @@ test('fails if parameterName is undefined and simpleName is "false"', () => { // THEN expect(() => new ssm.StringParameter(stack, 'p', { simpleName: false, stringValue: 'foo' })).toThrow(/If "parameterName" is not explicitly defined, "simpleName" must be "true" or undefined since auto-generated parameter names always have simple names/); }); + +test('When a parameter name contains a CFn intrinsic, use dynamic reference instead', () => { + // GIVEN + const app = new cdk.App(); + + const stack = new cdk.Stack(app, 'Stack'); + + // WHEN + const param = ssm.StringParameter.fromStringParameterAttributes(stack, 'import-string-param1', { + simpleName: true, + parameterName: cdk.Fn.importValue('some-exported-value'), + }); + new cdk.CfnOutput(stack, 'OutputParamValue', { + value: param.stringValue, + }); + + // THEN + const template = Template.fromStack(stack); + template.hasOutput('OutputParamValue', { + Value: { + 'Fn::Join': [ + '', + [ + '{{resolve:ssm:', + { + 'Fn::ImportValue': 'some-exported-value', + }, + '}}', + ], + ], + }, + }); +}); + +test('When a parameter representation overridden, use dynamic reference', () => { + // GIVEN + const app = new cdk.App(); + + const stack = new cdk.Stack(app, 'Stack'); + const paramA = new ssm.StringParameter(stack, 'StringParameter', { + stringValue: 'Initial parameter value', + }); + + // WHEN + const paramB = ssm.StringParameter.fromStringParameterAttributes(stack, 'import-string-param', { + simpleName: true, + parameterName: paramA.parameterName, + forceDynamicReference: true, + }); + new cdk.CfnOutput(stack, 'OutputParamValue', { + value: paramB.stringValue, + }); + + // THEN + const template = Template.fromStack(stack); + template.hasOutput('OutputParamValue', { + Value: { + 'Fn::Join': [ + '', + [ + '{{resolve:ssm:', + { + Ref: 'StringParameter472EED0E', + }, + '}}', + ], + ], + }, + }); +}); diff --git a/packages/aws-cdk-lib/core/lib/cfn-fn.ts b/packages/aws-cdk-lib/core/lib/cfn-fn.ts index 01b235a67d13b..755181dd952fe 100644 --- a/packages/aws-cdk-lib/core/lib/cfn-fn.ts +++ b/packages/aws-cdk-lib/core/lib/cfn-fn.ts @@ -450,15 +450,28 @@ export class Fn { return Token.asNumber(new FnLength(array)); } + /** + * Test whether the given object extends FnBase class. + * + * @internal + */ + public static _isFnBase(x: any): x is FnBase { + return x !== null && typeof(x) === 'object' && FN_BASE_SYMBOL in x; + } + private constructor() { } } +const FN_BASE_SYMBOL = Symbol.for('@aws-cdk/core.CfnFnBase'); + /** * Base class for tokens that represent CloudFormation intrinsic functions. */ class FnBase extends Intrinsic { constructor(name: string, value: any) { super({ [name]: value }); + + Object.defineProperty(this, FN_BASE_SYMBOL, { value: true }); } } diff --git a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md index 901042138a6ee..2acd23b556a2f 100644 --- a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md +++ b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md @@ -17,6 +17,10 @@ Flags come in three types: | Flag | Summary | Since | Type | | ----- | ----- | ----- | ----- | +| [@aws-cdk/aws-apigateway:requestValidatorUniqueId](#aws-cdkaws-apigatewayrequestvalidatoruniqueid) | Generate a unique id for each RequestValidator added to a method | V2·NEXT | (fix) | +| [@aws-cdk/aws-ec2:restrictDefaultSecurityGroup](#aws-cdkaws-ec2restrictdefaultsecuritygroup) | Restrict access to the VPC default security group | V2·NEXT | (default) | +| [@aws-cdk/aws-kms:aliasNameRef](#aws-cdkaws-kmsaliasnameref) | KMS Alias name and keyArn will have implicit reference to KMS Key | V2·NEXT | (fix) | +| [@aws-cdk/aws-route53-patters:useCertificate](#aws-cdkaws-route53-pattersusecertificate) | Use the official `Certificate` resource instead of `DnsValidatedCertificate` | V2·NEXT | (default) | | [@aws-cdk/core:newStyleStackSynthesis](#aws-cdkcorenewstylestacksynthesis) | Switch to new stack synthesis method which enables CI/CD | 2.0.0 | (fix) | | [@aws-cdk/core:stackRelativeExports](#aws-cdkcorestackrelativeexports) | Name exports based on the construct paths relative to the stack, rather than the global construct path | 2.0.0 | (fix) | | [@aws-cdk/aws-rds:lowercaseDbIdentifier](#aws-cdkaws-rdslowercasedbidentifier) | Force lowercasing of RDS Cluster names in CDK | 2.0.0 | (fix) | @@ -328,6 +332,82 @@ Encryption can also be configured explicitly using the `encrypted` property. **Compatibility with old behavior:** Pass the `encrypted: false` property to the `FileSystem` construct to disable encryption. +### @aws-cdk/aws-apigateway:requestValidatorUniqueId + +*Generate a unique id for each RequestValidator added to a method* (fix) + +This flag allows multiple RequestValidators to be added to a RestApi when +providing the `RequestValidatorOptions` in the `addMethod()` method. + +If the flag is not set then only a single RequestValidator can be added in this way. +Any additional RequestValidators have to be created directly with `new RequestValidator`. + + +| Since | Default | Recommended | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2·NEXT | `false` | `true` | + + +### @aws-cdk/aws-ec2:restrictDefaultSecurityGroup + +*Restrict access to the VPC default security group* (default) + +Enable this feature flag to remove the default ingress/egress rules from the +VPC default security group. + +When a VPC is created, a default security group is created as well and this cannot +be deleted. The default security group is created with ingress/egress rules that allow +_all_ traffic. [AWS Security best practices recommend](https://docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-2) +removing these ingress/egress rules in order to restrict access to the default security group. + + +| Since | Default | Recommended | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2·NEXT | `false` | `true` | + +**Compatibility with old behavior:** + To allow all ingress/egress traffic to the VPC default security group you + can set the `restrictDefaultSecurityGroup: false`. + + + +### @aws-cdk/aws-kms:aliasNameRef + +*KMS Alias name and keyArn will have implicit reference to KMS Key* (fix) + +This flag allows an implicit dependency to be created between KMS Alias and KMS Key +when referencing key.aliasName or key.keyArn. + +If the flag is not set then a raw string is passed as the Alias name and no +implicit dependencies will be set. + + +| Since | Default | Recommended | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2·NEXT | `false` | `true` | + + +### @aws-cdk/aws-route53-patters:useCertificate + +*Use the official `Certificate` resource instead of `DnsValidatedCertificate`* (default) + +Enable this feature flag to use the official CloudFormation supported `Certificate` resource instead +of the deprecated `DnsValidatedCertificate` construct. If this flag is enabled and you are creating +the stack in a region other than us-east-1 then you must also set `crossRegionReferences=true` on the +stack. + + +| Since | Default | Recommended | +| ----- | ----- | ----- | +| (not in v1) | | | +| V2·NEXT | `false` | `true` | + +**Compatibility with old behavior:** Define a `DnsValidatedCertificate` explicitly and pass in the `certificate` property + + ### @aws-cdk/core:newStyleStackSynthesis *Switch to new stack synthesis method which enables CI/CD* (fix) diff --git a/packages/aws-cdk-lib/region-info/build-tools/fact-tables.ts b/packages/aws-cdk-lib/region-info/build-tools/fact-tables.ts index c53984246afde..51a77f2688045 100644 --- a/packages/aws-cdk-lib/region-info/build-tools/fact-tables.ts +++ b/packages/aws-cdk-lib/region-info/build-tools/fact-tables.ts @@ -220,18 +220,170 @@ export const APPMESH_ECR_ACCOUNTS: { [region: string]: string } = { // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versions.html export const CLOUDWATCH_LAMBDA_INSIGHTS_ARNS: { [key: string]: any } = { + '1.0.229.0': { + arm64: { + // US East (N. Virginia) + 'us-east-1': 'arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // US East (Ohio) + 'us-east-2': 'arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension-Arm64:7', + // US West (N. California) + 'us-west-1': 'arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // US West (Oregon) + 'us-west-2': 'arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Africa (Cape Town) + 'af-south-1': 'arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension-Arm64:2', + // Asia Pacific (Hong Kong) + 'ap-east-1': 'arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension-Arm64:2', + // Asia Pacific (Jakarta) + 'ap-southeast-3': 'arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension-Arm64:2', + // Asia Pacific (Mumbai) + 'ap-south-1': 'arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension-Arm64:7', + // Asia Pacific (Osaka) + 'ap-northeast-3': 'arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension-Arm64:2', + // Asia Pacific (Seoul) + 'ap-northeast-2': 'arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:4', + // Asia Pacific (Singapore) + 'ap-southeast-1': 'arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Asia Pacific (Sydney) + 'ap-southeast-2': 'arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Asia Pacific (Tokyo) + 'ap-northeast-1': 'arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:11', + // Canada (Central) + 'ca-central-1': 'arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:3', + // Europe (Frankfurt) + 'eu-central-1': 'arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Europe (Ireland) + 'eu-west-1': 'arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Europe (London) + 'eu-west-2': 'arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:5', + // Europe (Spain) + 'eu-south-1': 'arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension-Arm64:2', + // Europe (Paris) + 'eu-west-3': 'arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension-Arm64:3', + // Europe (Stockholm) + 'eu-north-1': 'arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension-Arm64:3', + // Middle East (Bahrain) + 'me-south-1': 'arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension-Arm64:2', + // South America (Sao Paulo) + 'sa-east-1': 'arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:3', + }, + x86_64: { + // US East (N. Virginia) + 'us-east-1': 'arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:38', + // US East (Ohio) + 'us-east-2': 'arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:38', + // US West (N. California) + 'us-west-1': 'arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:38', + // US West (Oregon) + 'us-west-2': 'arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:38', + // Africa (Cape Town) + 'af-south-1': 'arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:28', + // Asia Pacific (Hong Kong) + 'ap-east-1': 'arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:28', + // Asia Pacific (Hyderabad) + 'ap-south-2': 'arn:aws:lambda:ap-south-2:891564319516:layer:LambdaInsightsExtension:10', + // Asia Pacific (Jakarta) + 'ap-southeast-3': 'arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:14', + // Asia Pacific (Mumbai) + 'ap-south-1': 'arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:36', + // Asia Pacific (Osaka) + 'ap-northeast-3': 'arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:19', + // Asia Pacific (Seoul) + 'ap-northeast-2': 'arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:37', + // Asia Pacific (Singapore) + 'ap-southeast-1': 'arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:38', + // Asia Pacific (Sydney) + 'ap-southeast-2': 'arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:38', + // Asia Pacific (Tokyo) + 'ap-northeast-1': 'arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:60', + // Canada (Central) + 'ca-central-1': 'arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:37', + // China (Beijing) + 'cn-north-1': 'arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:29', + // China (Ningxia) + 'cn-northwest-1': 'arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:29', + // Europe (Frankfurt) + 'eu-central-1': 'arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:38', + // Europe (Ireland) + 'eu-west-1': 'arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:38', + // Europe (London) + 'eu-west-2': 'arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:38', + // Europe (Milan) + 'eu-south-1': 'arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:28', + // Europe (Paris) + 'eu-west-3': 'arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:37', + // Europe (Spain) + 'eu-south-2': 'arn:aws:lambda:eu-south-2:352183217350:layer:LambdaInsightsExtension:12', + // Europe (Stockholm) + 'eu-north-1': 'arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:35', + // Europe (Zurich) + 'eu-central-2': 'arn:aws:lambda:eu-central-2:033019950311:layer:LambdaInsightsExtension:11', + // Middle East (Bahrain) + 'me-south-1': 'arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:28', + // Middle East (UAE) + 'me-central-1': 'arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:11', + // South America (Sao Paulo) + 'sa-east-1': 'arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:37', + }, + }, '1.0.178.0': { x86_64: { + // US East (N. Virginia) + 'us-east-1': 'arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:35', + // US East (Ohio) + 'us-east-2': 'arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:33', + // US West (N. California) + 'us-west-1': 'arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:33', + // US West (Oregon) + 'us-west-2': 'arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:33', + // Africa (Cape Town) + 'af-south-1': 'arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:25', + // Asia Pacific (Hong Kong) + 'ap-east-1': 'arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:25', // Asia Pacific (Hyderabad) 'ap-south-2': 'arn:aws:lambda:ap-south-2:891564319516:layer:LambdaInsightsExtension:8', // Asia Pacific (Jakarta) - 'ap-southeast-3': 'arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:8', + 'ap-southeast-3': 'arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:11', + // Asia Pacific (Mumbai) + 'ap-south-1': 'arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:31', + // Asia Pacific (Osaka) + 'ap-northeast-3': 'arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:2', + // Asia Pacific (Seoul) + 'ap-northeast-2': 'arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:32', + // Asia Pacific (Singapore) + 'ap-southeast-1': 'arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:33', + // Asia Pacific (Sydney) + 'ap-southeast-2': 'arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:33', + // Asia Pacific (Tokyo) + 'ap-northeast-1': 'arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:50', + // Canada (Central) + 'ca-central-1': 'arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:32', + // China (Beijing) + 'cn-north-1': 'arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:26', + // China (Ningxia) + 'cn-northwest-1': 'arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:26', + // Europe (Frankfurt) + 'eu-central-1': 'arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:35', + // Europe (Ireland) + 'eu-west-1': 'arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:33', + // Europe (London) + 'eu-west-2': 'arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:33', + // Europe (Milan) + 'eu-south-1': 'arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:25', + // Europe (Paris) + 'eu-west-3': 'arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:32', // Europe (Spain) 'eu-south-2': 'arn:aws:lambda:eu-south-2:352183217350:layer:LambdaInsightsExtension:10', + // Europe (Stockholm) + 'eu-north-1': 'arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:30', // Europe (Zurich) 'eu-central-2': 'arn:aws:lambda:eu-central-2:033019950311:layer:LambdaInsightsExtension:7', + // Middle East (Bahrain) + 'me-south-1': 'arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:25', // Middle East (UAE) - 'me-central-1': 'arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:6', + 'me-central-1': 'arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:9', + // South America (Sao Paulo) + 'sa-east-1': 'arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:32', }, }, '1.0.143.0': { @@ -259,7 +411,7 @@ export const CLOUDWATCH_LAMBDA_INSIGHTS_ARNS: { [key: string]: any } = { // Asia Pacific (Sydney) 'ap-southeast-2': 'arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:21', // Asia Pacific (Tokyo) - 'ap-northeast-1': 'arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:31', + 'ap-northeast-1': 'arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:32', // Canada (Central) 'ca-central-1': 'arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:20', // China (Beijing) @@ -538,6 +690,7 @@ export const FIREHOSE_CIDR_BLOCKS: { [region: string]: string } = { 'eu-west-2': '18.130.1.96', 'eu-west-3': '35.180.1.96', 'me-south-1': '15.185.91.0', + 'me-central-1': '3.28.159.64/26', 'sa-east-1': '18.228.1.128', 'us-east-1': '52.70.63.192', 'us-east-2': '13.58.135.96', @@ -666,6 +819,7 @@ const ADOT_LAMBDA_LAYER_JAVA_SDK_ARNS: { [version: string]: { [arch: string]: { 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', + 'ma-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-java-wrapper-amd64-ver-1-24-0:1', @@ -686,6 +840,7 @@ const ADOT_LAMBDA_LAYER_JAVA_SDK_ARNS: { [version: string]: { [arch: string]: { 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-java-wrapper-arm64-ver-1-24-0:1', @@ -907,6 +1062,7 @@ const ADOT_LAMBDA_LAYER_JAVA_AUTO_INSTRUMENTATION_ARNS: { 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-java-agent-amd64-ver-1-24-0:1', @@ -927,6 +1083,7 @@ const ADOT_LAMBDA_LAYER_JAVA_AUTO_INSTRUMENTATION_ARNS: { 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-java-agent-arm64-ver-1-24-0:1', @@ -1146,6 +1303,7 @@ const ADOT_LAMBDA_LAYER_JAVASCRIPT_SDK_ARNS: { [version: string]: { [arch: strin 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-nodejs-amd64-ver-1-12-0:1', @@ -1166,6 +1324,7 @@ const ADOT_LAMBDA_LAYER_JAVASCRIPT_SDK_ARNS: { [version: string]: { [arch: strin 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-nodejs-arm64-ver-1-12-0:1', @@ -1347,6 +1506,7 @@ const ADOT_LAMBDA_LAYER_PYTHON_SDK_ARNS: { [version: string]: { [arch: string]: 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-python-amd64-ver-1-17-0:1', @@ -1367,6 +1527,7 @@ const ADOT_LAMBDA_LAYER_PYTHON_SDK_ARNS: { [version: string]: { [arch: string]: 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-python-arm64-ver-1-17-0:1', @@ -1548,6 +1709,7 @@ const ADOT_LAMBDA_LAYER_GENERIC_ARNS: { [version: string]: { [arch: string]: { [ 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-collector-amd64-ver-0-74-0:1', @@ -1568,6 +1730,7 @@ const ADOT_LAMBDA_LAYER_GENERIC_ARNS: { [version: string]: { [arch: string]: { [ 'eu-west-1': 'arn:aws:lambda:eu-west-1:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', 'eu-west-2': 'arn:aws:lambda:eu-west-2:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', 'eu-west-3': 'arn:aws:lambda:eu-west-3:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', + 'me-central-1': 'arn:aws:lambda:me-central-1:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', 'sa-east-1': 'arn:aws:lambda:sa-east-1:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', 'us-east-1': 'arn:aws:lambda:us-east-1:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', 'us-east-2': 'arn:aws:lambda:us-east-2:901920570463:layer:aws-otel-collector-arm64-ver-0-74-0:1', diff --git a/packages/aws-cdk-lib/region-info/test/__snapshots__/region-info.test.js.snap b/packages/aws-cdk-lib/region-info/test/__snapshots__/region-info.test.js.snap index 5fb7028ef4901..8c0b8deb5b156 100644 --- a/packages/aws-cdk-lib/region-info/test/__snapshots__/region-info.test.js.snap +++ b/packages/aws-cdk-lib/region-info/test/__snapshots__/region-info.test.js.snap @@ -8,12 +8,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:13", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:25", + "1.0.229.0": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension:28", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -43,12 +45,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:13", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:25", + "1.0.229.0": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension:28", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -78,12 +82,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:11", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:23", "1.0.135.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:25", - "1.0.143.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:31", - "1.0.178.0": undefined, + "1.0.143.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:32", + "1.0.178.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:50", + "1.0.229.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:60", "1.0.54.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension:12", @@ -113,12 +119,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:4", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:32", + "1.0.229.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:37", "1.0.54.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension:12", @@ -148,12 +156,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:1", "1.0.143.0": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:2", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:2", + "1.0.229.0": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension:19", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -183,12 +193,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension-Arm64:7", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:31", + "1.0.229.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:36", "1.0.54.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension:12", @@ -218,12 +230,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": "arn:aws:lambda:ap-south-2:891564319516:layer:LambdaInsightsExtension:8", + "1.0.229.0": "arn:aws:lambda:ap-south-2:891564319516:layer:LambdaInsightsExtension:10", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -253,12 +267,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension:12", @@ -288,12 +304,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension:12", @@ -323,12 +341,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, - "1.0.178.0": "arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:8", + "1.0.178.0": "arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:11", + "1.0.229.0": "arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension:14", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -358,12 +378,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:3", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:32", + "1.0.229.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:37", "1.0.54.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension:12", @@ -393,12 +415,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:14", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:26", + "1.0.229.0": "arn:aws-cn:lambda:cn-north-1:488211338238:layer:LambdaInsightsExtension:29", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -428,12 +452,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:14", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:26", + "1.0.229.0": "arn:aws-cn:lambda:cn-northwest-1:488211338238:layer:LambdaInsightsExtension:29", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -463,12 +489,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:35", + "1.0.229.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension:12", @@ -498,12 +526,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": "arn:aws:lambda:eu-central-2:033019950311:layer:LambdaInsightsExtension:7", + "1.0.229.0": "arn:aws:lambda:eu-central-2:033019950311:layer:LambdaInsightsExtension:11", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -533,12 +563,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension-Arm64:3", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:30", + "1.0.229.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:35", "1.0.54.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension:12", @@ -568,12 +600,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:13", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:25", + "1.0.229.0": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension:28", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -603,12 +637,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": "arn:aws:lambda:eu-south-2:352183217350:layer:LambdaInsightsExtension:10", + "1.0.229.0": "arn:aws:lambda:eu-south-2:352183217350:layer:LambdaInsightsExtension:12", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -638,12 +674,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension:12", @@ -673,12 +711,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension:12", @@ -708,12 +748,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension-Arm64:3", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:32", + "1.0.229.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:37", "1.0.54.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension:12", @@ -743,12 +785,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, - "1.0.178.0": "arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:6", + "1.0.178.0": "arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:9", + "1.0.229.0": "arn:aws:lambda:me-central-1:732604637566:layer:LambdaInsightsExtension:11", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -778,12 +822,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension-Arm64:2", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:9", "1.0.135.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:11", "1.0.143.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:13", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:25", + "1.0.229.0": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension:28", "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -813,12 +859,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:3", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:32", + "1.0.229.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:37", "1.0.54.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension:12", @@ -848,12 +896,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:35", + "1.0.229.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:12", @@ -883,12 +933,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension-Arm64:7", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension:12", @@ -918,12 +970,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": undefined, + "1.0.229.0": undefined, "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -953,12 +1007,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": undefined, + "1.0.229.0": undefined, "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -988,12 +1044,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": undefined, + "1.0.229.0": undefined, "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -1023,12 +1081,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": undefined, + "1.0.229.0": undefined, "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -1058,12 +1118,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": undefined, }, "lambdaInsightsVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, "1.0.143.0": undefined, "1.0.178.0": undefined, + "1.0.229.0": undefined, "1.0.54.0": undefined, "1.0.86.0": undefined, "1.0.89.0": undefined, @@ -1093,12 +1155,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": undefined, "1.0.135.0": undefined, + "1.0.229.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:20", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension:12", @@ -1128,12 +1192,14 @@ exports[`built-in data is correct 1`] = ` "lambdaInsightsArmVersions": { "1.0.119.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:1", "1.0.135.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:2", + "1.0.229.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:5", }, "lambdaInsightsVersions": { "1.0.119.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:16", "1.0.135.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:18", "1.0.143.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:21", - "1.0.178.0": undefined, + "1.0.178.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:33", + "1.0.229.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:38", "1.0.54.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:2", "1.0.86.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:11", "1.0.89.0": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension:12", diff --git a/version.v2.json b/version.v2.json index bff29b1fafe02..ffbdc6f954234 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.85.0", - "alphaVersion": "2.85.0-alpha.0" + "version": "2.86.0", + "alphaVersion": "2.86.0-alpha.0" } \ No newline at end of file