From dab3bcaf1d937ca1aa7f5f44df5cf467afde41bb Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Sun, 15 Jan 2023 14:40:36 +0100 Subject: [PATCH 01/11] Add app runner secrets manager integration --- packages/@aws-cdk/aws-apprunner/README.md | 30 ++ .../@aws-cdk/aws-apprunner/lib/service.ts | 63 +++- packages/@aws-cdk/aws-apprunner/package.json | 3 + .../test/integ.service-secrets-manager.ts | 42 +++ ...efaultTestDeployAssert6B977D95.assets.json | 19 ++ ...aultTestDeployAssert6B977D95.template.json | 36 +++ .../cdk.out | 1 + ...nteg-apprunner-secrets-manager.assets.json | 19 ++ ...eg-apprunner-secrets-manager.template.json | 143 +++++++++ .../integ.json | 12 + .../manifest.json | 135 +++++++++ .../tree.json | 274 ++++++++++++++++++ .../aws-apprunner/test/service.test.ts | 126 +++++++- yarn.lock | 2 +- 14 files changed, 893 insertions(+), 12 deletions(-) create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json diff --git a/packages/@aws-cdk/aws-apprunner/README.md b/packages/@aws-cdk/aws-apprunner/README.md index de5aa782b26df..4ea01be22195d 100644 --- a/packages/@aws-cdk/aws-apprunner/README.md +++ b/packages/@aws-cdk/aws-apprunner/README.md @@ -160,3 +160,33 @@ new apprunner.Service(this, 'Service', { vpcConnector, }); ``` + +## Secrets Manager + +To include an environment variable integrated with AWS Secrets Manager we will be using the `environmentSecrets` attribute. +`instanceRole` attribute is mandatory when using `environmentSecrets`. + +```ts +const secret = new secretsmanager.Secret(stack, 'Secret', { + secretObjectValue: { foo: SecretValue.unsafePlainText('mySecretVal') }, +}); + +const role = new iam.Role(stack, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), +}); + +secret.grantRead(role); + +new Service(stack, 'Service', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + port: 8000, + environmentSecrets: { + mySecretKey: secret.secretArn, + }, + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + instanceRole: role, +}); +``` \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index a37b5b6d40104..c08eb8f0b773a 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -168,6 +168,14 @@ interface EnvironmentVariable { readonly value: string; } +/** + * The environment secret for the service. + */ +interface EnvironmentSecret { + readonly name: string; + readonly value: string; +} + /** * Result of binding `Source` into a `Service`. */ @@ -431,7 +439,14 @@ export interface ImageConfiguration { * * @default - no environment variables */ - readonly environment?: { [key: string]: string }; + readonly environmentVariables?: { [key: string]: string }; + + /** + * Environment secrets that are available to your running App Runner service. + * + * @default - no environment secrets + */ + readonly environmentSecrets?: { [key: string]: string }; /** * An optional command that App Runner runs to start the application in the source image. @@ -667,7 +682,14 @@ export interface CodeConfigurationValues { * * @default - no environment variables. */ - readonly environment?: { [key: string]: string }; + readonly environmentVariables?: { [key: string]: string }; + + /** + * The environment secrets that are available to your running App Runner service. + * + * @default - no environment secrets. + */ + readonly environmentSecrets?: { [key: string]: string }; /** * The command App Runner runs to start your application. @@ -782,7 +804,12 @@ export class Service extends cdk.Resource { /** * Environment variables for this service */ - private environment?: { [key: string]: string } = {}; + private environmentVariables?: { [key: string]: string } = {}; + + /** + * Environment secrets for this service + */ + private environmentSecrets?: { [key: string]: string } = {}; /** * The ARN of the Service. @@ -880,31 +907,35 @@ export class Service extends cdk.Resource { } private renderCodeConfigurationValues(props: CodeConfigurationValues): any { - this.environment = props.environment; + this.environmentVariables = props.environmentVariables; + this.environmentSecrets = props.environmentSecrets; return { port: props.port, buildCommand: props.buildCommand, runtime: props.runtime.name, runtimeEnvironmentVariables: this.renderEnvironmentVariables(), + runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), startCommand: props.startCommand, }; } private renderImageRepository(): any { const repo = this.source.imageRepository!; - this.environment = repo.imageConfiguration?.environment; + this.environmentVariables = repo.imageConfiguration?.environmentVariables; + this.environmentSecrets = repo.imageConfiguration?.environmentSecrets; return Object.assign(repo, { imageConfiguration: { port: repo.imageConfiguration?.port?.toString(), startCommand: repo.imageConfiguration?.startCommand, runtimeEnvironmentVariables: this.renderEnvironmentVariables(), + runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), }, }); } private renderEnvironmentVariables(): EnvironmentVariable[] | undefined { - if (this.environment) { + if (this.environmentVariables) { let env: EnvironmentVariable[] = []; - for (const [key, value] of Object.entries(this.environment)) { + for (const [key, value] of Object.entries(this.environmentVariables)) { if (key.startsWith('AWSAPPRUNNER')) { throw new Error(`Environment variable key ${key} with a prefix of AWSAPPRUNNER is not allowed`); } @@ -916,6 +947,24 @@ export class Service extends cdk.Resource { } } + private renderEnvironmentSecrets(): EnvironmentSecret[] | undefined { + if (this.environmentSecrets) { + if (!this.props.instanceRole) { + throw new Error('Instance Role have to be provided if passing in RuntimeEnvironmentSecrets'); + } + let env: EnvironmentSecret[] = []; + for (const [key, value] of Object.entries(this.environmentSecrets)) { + if (key.startsWith('AWSAPPRUNNER')) { + throw new Error(`Environment secret key ${key} with a prefix of AWSAPPRUNNER is not allowed`); + } + env.push({ name: key, value: value }); + } + return env; + } else { + return undefined; + } + } + private generateDefaultRole(): iam.Role { const accessRole = new iam.Role(this, 'AccessRole', { assumedBy: new iam.ServicePrincipal('build.apprunner.amazonaws.com'), diff --git a/packages/@aws-cdk/aws-apprunner/package.json b/packages/@aws-cdk/aws-apprunner/package.json index e05b1991509b8..dfb02a953de3a 100644 --- a/packages/@aws-cdk/aws-apprunner/package.json +++ b/packages/@aws-cdk/aws-apprunner/package.json @@ -87,6 +87,7 @@ "@aws-cdk/assertions": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", + "@aws-cdk/integ-tests": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", "@types/jest": "^27.5.2" @@ -96,6 +97,7 @@ "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecr-assets": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", + "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^10.0.0" }, @@ -104,6 +106,7 @@ "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecr-assets": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", + "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^10.0.0" }, diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts new file mode 100644 index 0000000000000..aef440647fd80 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts @@ -0,0 +1,42 @@ +import * as iam from '@aws-cdk/aws-iam'; +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as cdk from '@aws-cdk/core'; +import { SecretValue } from '@aws-cdk/core'; +import * as integ from '@aws-cdk/integ-tests'; +import { Service, Source } from '../lib'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'integ-apprunner-secrets-manager'); + +// Scenario 8: Create the service from ECR public with secrets manager environment variable +const secret = new secretsmanager.Secret(stack, 'Secret', { + secretObjectValue: { foo: SecretValue.unsafePlainText('fooval') }, +}); + +const role = new iam.Role(stack, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), +}); + +secret.grantRead(role); + +const service8 = new Service(stack, 'Service8', { + source: Source.fromEcrPublic({ + imageConfiguration: { + port: 8000, + environmentSecrets: { + foo: secret.secretArn, + }, + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + instanceRole: role, +}); + +new cdk.CfnOutput(stack, 'URL8', { value: `https://${service8.serviceUrl}` }); + +new integ.IntegTest(app, 'AppRunnerSecretsManger', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json new file mode 100644 index 0000000000000..6a1de7aa5e5dd --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json new file mode 100644 index 0000000000000..8ee77ec78e119 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2": { + "source": { + "path": "integ-apprunner-secrets-manager.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json new file mode 100644 index 0000000000000..7da1bb5a63742 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json @@ -0,0 +1,143 @@ +{ + "Resources": { + "SecretA720EF05": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": "{\"foo\":\"fooval\"}" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "InstanceRole3CCE2F1D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "InstanceRoleDefaultPolicy1531605C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "SecretA720EF05" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "InstanceRoleDefaultPolicy1531605C", + "Roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "Service86269A78B": { + "Type": "AWS::AppRunner::Service", + "Properties": { + "SourceConfiguration": { + "AuthenticationConfiguration": {}, + "ImageRepository": { + "ImageConfiguration": { + "Port": "8000", + "RuntimeEnvironmentSecrets": [ + { + "Name": "foo", + "Value": { + "Ref": "SecretA720EF05" + } + } + ] + }, + "ImageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "ImageRepositoryType": "ECR_PUBLIC" + } + }, + "InstanceConfiguration": { + "InstanceRoleArn": { + "Fn::GetAtt": [ + "InstanceRole3CCE2F1D", + "Arn" + ] + } + }, + "NetworkConfiguration": { + "EgressConfiguration": { + "EgressType": "DEFAULT" + } + } + } + } + }, + "Outputs": { + "URL8": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Fn::GetAtt": [ + "Service86269A78B", + "ServiceUrl" + ] + } + ] + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json new file mode 100644 index 0000000000000..0be359a9018cc --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "29.0.0", + "testCases": { + "AppRunnerSecretsManger/DefaultTest": { + "stacks": [ + "integ-apprunner-secrets-manager" + ], + "assertionStack": "AppRunnerSecretsManger/DefaultTest/DeployAssert", + "assertionStackName": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json new file mode 100644 index 0000000000000..8f4989946b879 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json @@ -0,0 +1,135 @@ +{ + "version": "29.0.0", + "artifacts": { + "integ-apprunner-secrets-manager.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-apprunner-secrets-manager.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-apprunner-secrets-manager": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-apprunner-secrets-manager.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-apprunner-secrets-manager.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-apprunner-secrets-manager.assets" + ], + "metadata": { + "/integ-apprunner-secrets-manager/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SecretA720EF05" + } + ], + "/integ-apprunner-secrets-manager/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRole3CCE2F1D" + } + ], + "/integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRoleDefaultPolicy1531605C" + } + ], + "/integ-apprunner-secrets-manager/Service8/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service86269A78B" + } + ], + "/integ-apprunner-secrets-manager/URL8": [ + { + "type": "aws:cdk:logicalId", + "data": "URL8" + } + ], + "/integ-apprunner-secrets-manager/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-apprunner-secrets-manager/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-apprunner-secrets-manager" + }, + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" + ], + "metadata": { + "/AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "AppRunnerSecretsManger/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json new file mode 100644 index 0000000000000..f8df0730c31de --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json @@ -0,0 +1,274 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "integ-apprunner-secrets-manager": { + "id": "integ-apprunner-secrets-manager", + "path": "integ-apprunner-secrets-manager", + "children": { + "Secret": { + "id": "Secret", + "path": "integ-apprunner-secrets-manager/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": "{\"foo\":\"fooval\"}" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "integ-apprunner-secrets-manager/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "integ-apprunner-secrets-manager/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "SecretA720EF05" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "InstanceRoleDefaultPolicy1531605C", + "roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Service8": { + "id": "Service8", + "path": "integ-apprunner-secrets-manager/Service8", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/Service8/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppRunner::Service", + "aws:cdk:cloudformation:props": { + "sourceConfiguration": { + "authenticationConfiguration": {}, + "imageRepository": { + "imageConfiguration": { + "port": "8000", + "runtimeEnvironmentSecrets": [ + { + "name": "foo", + "value": { + "Ref": "SecretA720EF05" + } + } + ] + }, + "imageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "imageRepositoryType": "ECR_PUBLIC" + } + }, + "instanceConfiguration": { + "instanceRoleArn": { + "Fn::GetAtt": [ + "InstanceRole3CCE2F1D", + "Arn" + ] + } + }, + "networkConfiguration": { + "egressConfiguration": { + "egressType": "DEFAULT" + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.CfnService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.Service", + "version": "0.0.0" + } + }, + "URL8": { + "id": "URL8", + "path": "integ-apprunner-secrets-manager/URL8", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-apprunner-secrets-manager/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-apprunner-secrets-manager/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "AppRunnerSecretsManger": { + "id": "AppRunnerSecretsManger", + "path": "AppRunnerSecretsManger", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "AppRunnerSecretsManger/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "AppRunnerSecretsManger/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.209" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.209" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/service.test.ts b/packages/@aws-cdk/aws-apprunner/test/service.test.ts index ed41689c9f255..954b322eaaaa5 100644 --- a/packages/@aws-cdk/aws-apprunner/test/service.test.ts +++ b/packages/@aws-cdk/aws-apprunner/test/service.test.ts @@ -47,7 +47,7 @@ test('custom environment variables and start commands are allowed for imageConfi source: Source.fromEcrPublic({ imageConfiguration: { port: 8000, - environment: { + environmentVariables: { foo: 'fooval', bar: 'barval', }, @@ -87,6 +87,66 @@ test('custom environment variables and start commands are allowed for imageConfi }); }); +test('custom environment secrets and start commands are allowed for imageConfiguration with defined port', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + // WHEN + new Service(stack, 'DemoService', { + source: Source.fromEcrPublic({ + imageConfiguration: { + port: 8000, + environmentSecrets: { + foo: 'fooval', + bar: 'barval', + }, + startCommand: '/root/start-command.sh', + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + instanceRole: new iam.Role(stack, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), + }), + }); + // we should have the service + Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { + SourceConfiguration: { + AuthenticationConfiguration: {}, + ImageRepository: { + ImageConfiguration: { + Port: '8000', + RuntimeEnvironmentSecrets: [ + { + Name: 'foo', + Value: 'fooval', + }, + { + Name: 'bar', + Value: 'barval', + }, + ], + StartCommand: '/root/start-command.sh', + }, + ImageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + ImageRepositoryType: 'ECR_PUBLIC', + }, + }, + InstanceConfiguration: { + InstanceRoleArn: { + 'Fn::GetAtt': [ + 'InstanceRole3CCE2F1D', + 'Arn', + ], + }, + }, + NetworkConfiguration: { + EgressConfiguration: { + EgressType: 'DEFAULT', + }, + }, + }); +}); + test('custom environment variables and start commands are allowed for imageConfiguration with port undefined', () => { // GIVEN const app = new cdk.App(); @@ -95,7 +155,7 @@ test('custom environment variables and start commands are allowed for imageConfi new Service(stack, 'DemoService', { source: Source.fromEcrPublic({ imageConfiguration: { - environment: { + environmentVariables: { foo: 'fooval', bar: 'barval', }, @@ -134,6 +194,64 @@ test('custom environment variables and start commands are allowed for imageConfi }); }); +test('custom environment secrets and start commands are allowed for imageConfiguration with port undefined', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + // WHEN + new Service(stack, 'DemoService', { + source: Source.fromEcrPublic({ + imageConfiguration: { + environmentSecrets: { + foo: 'fooval', + bar: 'barval', + }, + startCommand: '/root/start-command.sh', + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + instanceRole: new iam.Role(stack, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), + }), + }); + // we should have the service + Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { + SourceConfiguration: { + AuthenticationConfiguration: {}, + ImageRepository: { + ImageConfiguration: { + RuntimeEnvironmentSecrets: [ + { + Name: 'foo', + Value: 'fooval', + }, + { + Name: 'bar', + Value: 'barval', + }, + ], + StartCommand: '/root/start-command.sh', + }, + ImageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + ImageRepositoryType: 'ECR_PUBLIC', + }, + }, + InstanceConfiguration: { + InstanceRoleArn: { + 'Fn::GetAtt': [ + 'InstanceRole3CCE2F1D', + 'Arn', + ], + }, + }, + NetworkConfiguration: { + EgressConfiguration: { + EgressType: 'DEFAULT', + }, + }, + }); +}); + test('create a service from existing ECR repository(image repository type: ECR)', () => { // GIVEN const app = new cdk.App(); @@ -368,7 +486,7 @@ test('create a service with github repository - buildCommand, environment and st runtime: Runtime.PYTHON_3, port: '8000', buildCommand: '/root/build.sh', - environment: { + environmentVariables: { foo: 'fooval', bar: 'barval', }, @@ -603,7 +721,7 @@ test('environment variable with a prefix of AWSAPPRUNNER should throw an error', new Service(stack, 'DemoService', { source: Source.fromEcrPublic({ imageConfiguration: { - environment: { + environmentVariables: { AWSAPPRUNNER_FOO: 'bar', }, }, diff --git a/yarn.lock b/yarn.lock index c01d8efadadaa..03aaf807e9709 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6344,7 +6344,7 @@ jest-docblock@^27.5.1: dependencies: detect-newline "^3.0.0" -jest-each@^27.5.1, jest-each@^27.5.2: +jest-each@^27.5.1: version "27.5.1" resolved "https://registry.npmjs.org/jest-each/-/jest-each-27.5.1.tgz#5bc87016f45ed9507fed6e4702a5b468a5b2c44e" integrity sha512-1Ff6p+FbhT/bXQnEouYy00bkNSY7OUpfIcmdl8vZ31A1UUaurOLPA8a8BbJOF2RDUElwJhmeaV7LnagI+5UwNQ== From 89af81740a7b88fa31b8c9043f35343e3a4c2fc9 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Sun, 15 Jan 2023 14:41:08 +0100 Subject: [PATCH 02/11] update cfn spec to latest version --- packages/@aws-cdk/cfnspec/CHANGELOG.md | 86 +++++++++++++++++++ packages/@aws-cdk/cfnspec/cfn.version | 2 +- .../000_cfn/000_official/000_AWS_ACMPCA.json | 2 +- .../000_cfn/000_official/000_AWS_APS.json | 2 +- .../000_official/000_AWS_AccessAnalyzer.json | 2 +- .../000_official/000_AWS_AmazonMQ.json | 2 +- .../000_cfn/000_official/000_AWS_Amplify.json | 2 +- .../000_AWS_AmplifyUIBuilder.json | 2 +- .../000_official/000_AWS_ApiGateway.json | 6 +- .../000_official/000_AWS_ApiGatewayV2.json | 2 +- .../000_official/000_AWS_AppConfig.json | 2 +- .../000_cfn/000_official/000_AWS_AppFlow.json | 2 +- .../000_official/000_AWS_AppIntegrations.json | 2 +- .../000_cfn/000_official/000_AWS_AppMesh.json | 2 +- .../000_official/000_AWS_AppRunner.json | 18 +++- .../000_official/000_AWS_AppStream.json | 2 +- .../000_cfn/000_official/000_AWS_AppSync.json | 19 +++- .../000_AWS_ApplicationAutoScaling.json | 2 +- .../000_AWS_ApplicationInsights.json | 2 +- .../000_cfn/000_official/000_AWS_Athena.json | 2 +- .../000_official/000_AWS_AuditManager.json | 14 +-- .../000_official/000_AWS_AutoScaling.json | 2 +- .../000_AWS_AutoScalingPlans.json | 2 +- .../000_cfn/000_official/000_AWS_Backup.json | 2 +- .../000_cfn/000_official/000_AWS_Batch.json | 2 +- .../000_AWS_BillingConductor.json | 2 +- .../000_cfn/000_official/000_AWS_Budgets.json | 2 +- .../000_cfn/000_official/000_AWS_CE.json | 2 +- .../000_cfn/000_official/000_AWS_CUR.json | 2 +- .../000_official/000_AWS_Cassandra.json | 2 +- .../000_AWS_CertificateManager.json | 2 +- .../000_cfn/000_official/000_AWS_Chatbot.json | 2 +- .../000_cfn/000_official/000_AWS_Cloud9.json | 2 +- .../000_official/000_AWS_CloudFormation.json | 2 +- .../000_official/000_AWS_CloudFront.json | 2 +- .../000_official/000_AWS_CloudTrail.json | 2 +- .../000_official/000_AWS_CloudWatch.json | 2 +- .../000_official/000_AWS_CodeArtifact.json | 2 +- .../000_official/000_AWS_CodeBuild.json | 2 +- .../000_official/000_AWS_CodeCommit.json | 2 +- .../000_official/000_AWS_CodeDeploy.json | 2 +- .../000_AWS_CodeGuruProfiler.json | 2 +- .../000_AWS_CodeGuruReviewer.json | 2 +- .../000_official/000_AWS_CodePipeline.json | 2 +- .../000_official/000_AWS_CodeStar.json | 2 +- .../000_AWS_CodeStarConnections.json | 2 +- .../000_AWS_CodeStarNotifications.json | 2 +- .../000_cfn/000_official/000_AWS_Cognito.json | 2 +- .../000_cfn/000_official/000_AWS_Config.json | 2 +- .../000_cfn/000_official/000_AWS_Connect.json | 2 +- .../000_AWS_ConnectCampaigns.json | 2 +- .../000_official/000_AWS_ControlTower.json | 2 +- .../000_AWS_CustomerProfiles.json | 2 +- .../000_cfn/000_official/000_AWS_DAX.json | 2 +- .../000_cfn/000_official/000_AWS_DLM.json | 2 +- .../000_cfn/000_official/000_AWS_DMS.json | 2 +- .../000_official/000_AWS_DataBrew.json | 2 +- .../000_official/000_AWS_DataPipeline.json | 2 +- .../000_official/000_AWS_DataSync.json | 28 +++--- .../000_official/000_AWS_Detective.json | 2 +- .../000_official/000_AWS_DevOpsGuru.json | 2 +- .../000_AWS_DirectoryService.json | 2 +- .../000_cfn/000_official/000_AWS_DocDB.json | 2 +- .../000_official/000_AWS_DocDBElastic.json | 2 +- .../000_official/000_AWS_DynamoDB.json | 2 +- .../000_cfn/000_official/000_AWS_EC2.json | 16 +++- .../000_cfn/000_official/000_AWS_ECR.json | 2 +- .../000_cfn/000_official/000_AWS_ECS.json | 2 +- .../000_cfn/000_official/000_AWS_EFS.json | 2 +- .../000_cfn/000_official/000_AWS_EKS.json | 2 +- .../000_cfn/000_official/000_AWS_EMR.json | 2 +- .../000_official/000_AWS_EMRContainers.json | 2 +- .../000_official/000_AWS_EMRServerless.json | 2 +- .../000_official/000_AWS_ElastiCache.json | 2 +- .../000_AWS_ElasticBeanstalk.json | 2 +- .../000_AWS_ElasticLoadBalancing.json | 2 +- .../000_AWS_ElasticLoadBalancingV2.json | 2 +- .../000_official/000_AWS_Elasticsearch.json | 2 +- .../000_official/000_AWS_EventSchemas.json | 2 +- .../000_cfn/000_official/000_AWS_Events.json | 2 +- .../000_official/000_AWS_Evidently.json | 2 +- .../000_cfn/000_official/000_AWS_FIS.json | 2 +- .../000_cfn/000_official/000_AWS_FMS.json | 2 +- .../000_cfn/000_official/000_AWS_FSx.json | 2 +- .../000_official/000_AWS_FinSpace.json | 2 +- .../000_official/000_AWS_Forecast.json | 2 +- .../000_official/000_AWS_FraudDetector.json | 2 +- .../000_official/000_AWS_GameLift.json | 2 +- .../000_AWS_GlobalAccelerator.json | 2 +- .../000_cfn/000_official/000_AWS_Glue.json | 2 +- .../000_cfn/000_official/000_AWS_Grafana.json | 2 +- .../000_official/000_AWS_Greengrass.json | 2 +- .../000_official/000_AWS_GreengrassV2.json | 2 +- .../000_official/000_AWS_GroundStation.json | 2 +- .../000_official/000_AWS_GuardDuty.json | 2 +- .../000_official/000_AWS_HealthLake.json | 2 +- .../000_cfn/000_official/000_AWS_IAM.json | 2 +- .../000_cfn/000_official/000_AWS_IVS.json | 2 +- .../000_official/000_AWS_IdentityStore.json | 2 +- .../000_official/000_AWS_ImageBuilder.json | 2 +- .../000_official/000_AWS_Inspector.json | 2 +- .../000_official/000_AWS_InspectorV2.json | 2 +- .../000_cfn/000_official/000_AWS_IoT.json | 38 +++++++- .../000_official/000_AWS_IoT1Click.json | 2 +- .../000_official/000_AWS_IoTAnalytics.json | 2 +- .../000_AWS_IoTCoreDeviceAdvisor.json | 2 +- .../000_official/000_AWS_IoTEvents.json | 2 +- .../000_official/000_AWS_IoTFleetHub.json | 2 +- .../000_official/000_AWS_IoTFleetWise.json | 2 +- .../000_official/000_AWS_IoTSiteWise.json | 2 +- .../000_official/000_AWS_IoTThingsGraph.json | 2 +- .../000_official/000_AWS_IoTTwinMaker.json | 2 +- .../000_official/000_AWS_IoTWireless.json | 2 +- .../000_cfn/000_official/000_AWS_KMS.json | 2 +- .../000_official/000_AWS_KafkaConnect.json | 2 +- .../000_cfn/000_official/000_AWS_Kendra.json | 2 +- .../000_cfn/000_official/000_AWS_Kinesis.json | 2 +- .../000_AWS_KinesisAnalytics.json | 2 +- .../000_AWS_KinesisAnalyticsV2.json | 2 +- .../000_official/000_AWS_KinesisFirehose.json | 2 +- .../000_official/000_AWS_KinesisVideo.json | 2 +- .../000_official/000_AWS_LakeFormation.json | 2 +- .../000_cfn/000_official/000_AWS_Lambda.json | 19 +++- .../000_cfn/000_official/000_AWS_Lex.json | 2 +- .../000_official/000_AWS_LicenseManager.json | 2 +- .../000_official/000_AWS_Lightsail.json | 2 +- .../000_official/000_AWS_Location.json | 2 +- .../000_cfn/000_official/000_AWS_Logs.json | 2 +- .../000_AWS_LookoutEquipment.json | 2 +- .../000_official/000_AWS_LookoutMetrics.json | 2 +- .../000_official/000_AWS_LookoutVision.json | 2 +- .../000_cfn/000_official/000_AWS_M2.json | 2 +- .../000_cfn/000_official/000_AWS_MSK.json | 2 +- .../000_cfn/000_official/000_AWS_MWAA.json | 2 +- .../000_cfn/000_official/000_AWS_Macie.json | 2 +- .../000_AWS_ManagedBlockchain.json | 2 +- .../000_official/000_AWS_MediaConnect.json | 2 +- .../000_official/000_AWS_MediaConvert.json | 2 +- .../000_official/000_AWS_MediaLive.json | 2 +- .../000_official/000_AWS_MediaPackage.json | 29 ++++--- .../000_official/000_AWS_MediaStore.json | 2 +- .../000_official/000_AWS_MediaTailor.json | 2 +- .../000_official/000_AWS_MemoryDB.json | 2 +- .../000_cfn/000_official/000_AWS_Neptune.json | 2 +- .../000_official/000_AWS_NetworkFirewall.json | 2 +- .../000_official/000_AWS_NetworkManager.json | 2 +- .../000_official/000_AWS_NimbleStudio.json | 2 +- .../000_cfn/000_official/000_AWS_Oam.json | 2 +- .../000_AWS_OpenSearchServerless.json | 2 +- .../000_AWS_OpenSearchService.json | 2 +- .../000_official/000_AWS_OpsWorks.json | 2 +- .../000_official/000_AWS_OpsWorksCM.json | 2 +- .../000_official/000_AWS_Organizations.json | 2 +- .../000_official/000_AWS_Panorama.json | 2 +- .../000_official/000_AWS_Personalize.json | 2 +- .../000_official/000_AWS_Pinpoint.json | 2 +- .../000_official/000_AWS_PinpointEmail.json | 2 +- .../000_cfn/000_official/000_AWS_Pipes.json | 2 +- .../000_cfn/000_official/000_AWS_QLDB.json | 2 +- .../000_official/000_AWS_QuickSight.json | 2 +- .../000_cfn/000_official/000_AWS_RAM.json | 2 +- .../000_cfn/000_official/000_AWS_RDS.json | 66 +++++++++++++- .../000_cfn/000_official/000_AWS_RUM.json | 2 +- .../000_official/000_AWS_Redshift.json | 2 +- .../000_AWS_RedshiftServerless.json | 2 +- .../000_official/000_AWS_RefactorSpaces.json | 2 +- .../000_official/000_AWS_Rekognition.json | 2 +- .../000_official/000_AWS_ResilienceHub.json | 2 +- .../000_AWS_ResourceExplorer2.json | 2 +- .../000_official/000_AWS_ResourceGroups.json | 2 +- .../000_official/000_AWS_RoboMaker.json | 2 +- .../000_official/000_AWS_RolesAnywhere.json | 2 +- .../000_cfn/000_official/000_AWS_Route53.json | 2 +- .../000_AWS_Route53RecoveryControl.json | 2 +- .../000_AWS_Route53RecoveryReadiness.json | 2 +- .../000_official/000_AWS_Route53Resolver.json | 2 +- .../000_cfn/000_official/000_AWS_S3.json | 2 +- .../000_official/000_AWS_S3ObjectLambda.json | 2 +- .../000_official/000_AWS_S3Outposts.json | 2 +- .../000_cfn/000_official/000_AWS_SDB.json | 2 +- .../000_cfn/000_official/000_AWS_SES.json | 2 +- .../000_cfn/000_official/000_AWS_SNS.json | 2 +- .../000_cfn/000_official/000_AWS_SQS.json | 2 +- .../000_cfn/000_official/000_AWS_SSM.json | 2 +- .../000_official/000_AWS_SSMContacts.json | 2 +- .../000_official/000_AWS_SSMIncidents.json | 2 +- .../000_cfn/000_official/000_AWS_SSO.json | 2 +- .../000_official/000_AWS_SageMaker.json | 2 +- .../000_official/000_AWS_Scheduler.json | 2 +- .../000_official/000_AWS_SecretsManager.json | 2 +- .../000_official/000_AWS_SecurityHub.json | 2 +- .../000_official/000_AWS_ServiceCatalog.json | 2 +- .../000_AWS_ServiceCatalogAppRegistry.json | 2 +- .../000_AWS_ServiceDiscovery.json | 2 +- .../000_cfn/000_official/000_AWS_Signer.json | 2 +- .../000_official/000_AWS_StepFunctions.json | 2 +- .../000_official/000_AWS_SupportApp.json | 2 +- .../000_official/000_AWS_Synthetics.json | 2 +- .../000_official/000_AWS_Timestream.json | 2 +- .../000_official/000_AWS_Transfer.json | 2 +- .../000_cfn/000_official/000_AWS_VoiceID.json | 2 +- .../000_cfn/000_official/000_AWS_WAF.json | 2 +- .../000_official/000_AWS_WAFRegional.json | 2 +- .../000_cfn/000_official/000_AWS_WAFv2.json | 2 +- .../000_cfn/000_official/000_AWS_Wisdom.json | 2 +- .../000_official/000_AWS_WorkSpaces.json | 2 +- .../000_cfn/000_official/000_AWS_XRay.json | 2 +- .../000_cfn/000_official/000_Alexa_ASK.json | 2 +- .../000_cfn/000_official/000_Tag.json | 2 +- .../000_cfn/000_official/001_Version.json | 2 +- 210 files changed, 496 insertions(+), 241 deletions(-) diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 4ee9e6a4f21ea..0096664d36de4 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,89 @@ +# CloudFormation Resource Specification v107.0.0 + +## New Resource Types + + +## Attribute Changes + +* AWS::ApiGateway::RestApi RestApiId (__added__) +* AWS::AuditManager::Assessment Delegations (__deleted__) +* AWS::DataSync::Task ErrorCode (__deleted__) +* AWS::DataSync::Task ErrorDetail (__deleted__) +* AWS::MediaPackage::Channel HlsIngest (__deleted__) +* AWS::MediaPackage::Channel HlsIngest.ingestEndpoints (__deleted__) +* AWS::RDS::DBCluster MasterUserSecret.SecretArn (__added__) +* AWS::RDS::DBInstance MasterUserSecret.SecretArn (__added__) + +## Property Changes + +* AWS::ApiGateway::RestApi Parameters.DuplicatesAllowed (__deleted__) +* AWS::AppSync::DataSource EventBridgeConfig (__added__) +* AWS::AuditManager::Assessment Delegations (__added__) +* AWS::DataSync::LocationFSxLustre FsxFilesystemArn.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationFSxWindows FsxFilesystemArn.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationFSxWindows Password.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationNFS ServerHostname.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationNFS Subdirectory.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationObjectStorage BucketName.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationObjectStorage ServerHostname.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationSMB Password.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationSMB ServerHostname.Required (__changed__) + * Old: true + * New: false +* AWS::DataSync::LocationSMB Subdirectory.Required (__changed__) + * Old: true + * New: false +* AWS::EC2::PlacementGroup PartitionCount (__added__) +* AWS::EC2::PlacementGroup Tags (__added__) +* AWS::IoT::JobTemplate JobExecutionsRetryConfig (__added__) +* AWS::Lambda::EventSourceMapping ScalingConfig (__added__) +* AWS::MediaPackage::Channel HlsIngest (__added__) +* AWS::RDS::DBCluster ManageMasterUserPassword (__added__) +* AWS::RDS::DBCluster MasterUserSecret (__added__) +* AWS::RDS::DBInstance ManageMasterUserPassword (__added__) +* AWS::RDS::DBInstance MasterUserSecret (__added__) + +## Property Type Changes + +* AWS::AppSync::DataSource.EventBridgeConfig (__added__) +* AWS::IoT::JobTemplate.JobExecutionsRetryConfig (__added__) +* AWS::IoT::JobTemplate.RetryCriteria (__added__) +* AWS::Lambda::EventSourceMapping.ScalingConfig (__added__) +* AWS::RDS::DBCluster.MasterUserSecret (__added__) +* AWS::RDS::DBInstance.MasterUserSecret (__added__) +* AWS::AppRunner::Service.CodeConfigurationValues RuntimeEnvironmentSecrets (__added__) +* AWS::AppRunner::Service.ImageConfiguration RuntimeEnvironmentSecrets (__added__) +* AWS::MediaPackage::Channel.IngestEndpoint Id.Required (__changed__) + * Old: false + * New: true +* AWS::MediaPackage::Channel.IngestEndpoint Password.Required (__changed__) + * Old: false + * New: true +* AWS::MediaPackage::Channel.IngestEndpoint Url.Required (__changed__) + * Old: false + * New: true +* AWS::MediaPackage::Channel.IngestEndpoint Username.Required (__changed__) + * Old: false + * New: true +* AWS::MediaPackage::PackagingConfiguration.DashPackage IncludeIframeOnlyStream (__added__) + + # CloudFormation Resource Specification v106.0.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 8cc2138c2964a..86cf4ece30e5b 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -106.0.0 +107.0.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json index 1fdf405f795b6..2474f1e238237 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ACMPCA.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ACMPCA::Certificate.ApiPassthrough": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificate-apipassthrough.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json index b668af02c672a..5f54e830574ea 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_APS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::APS::Workspace.LoggingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-aps-workspace-loggingconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json index acb6ca326ef75..8a36feb2d78fe 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AccessAnalyzer.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AccessAnalyzer::Analyzer.ArchiveRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-archiverule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json index 78e881e5eeccb..738b447423efb 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmazonMQ.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AmazonMQ::Broker.ConfigurationId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amazonmq-broker-configurationid.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json index 796ec064fdfb7..4ad3334b7f3aa 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Amplify.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Amplify::App.AutoBranchCreationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplify-app-autobranchcreationconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json index 71af08989bd02..8ba1a4d652dd9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AmplifyUIBuilder.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AmplifyUIBuilder::Component.ActionParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-amplifyuibuilder-component-actionparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json index e6b939bfdd585..98843c6f1ece0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGateway.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ApiGateway::ApiKey.StageKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-apikey-stagekey.html", @@ -1329,6 +1329,9 @@ }, "AWS::ApiGateway::RestApi": { "Attributes": { + "RestApiId": { + "PrimitiveType": "String" + }, "RootResourceId": { "PrimitiveType": "String" } @@ -1411,7 +1414,6 @@ }, "Parameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-parameters", - "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, "Type": "Map", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json index c5ff77eeca388..dbc76c3c1ba4b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApiGatewayV2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ApiGatewayV2::Api.BodyS3Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-api-bodys3location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json index f82dd87f2c31c..d654da8142251 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppConfig.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppConfig::Application.Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appconfig-application-tags.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json index 00b74ba7aa8c2..d0996d873b21e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppFlow.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppFlow::Connector.ConnectorProvisioningConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appflow-connector-connectorprovisioningconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json index d4b60ed4032ef..6bea294230384 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppIntegrations.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppIntegrations::DataIntegration.ScheduleConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appintegrations-dataintegration-scheduleconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json index 7a7b1ea4582e7..2864f071849ac 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppMesh.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppMesh::GatewayRoute.GatewayRouteHostnameMatch": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appmesh-gatewayroute-gatewayroutehostnamematch.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json index e948be7d1c0e0..a48164c813f47 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppRunner.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppRunner::ObservabilityConfiguration.TraceConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-observabilityconfiguration-traceconfiguration.html", @@ -67,6 +67,14 @@ "Required": true, "UpdateType": "Mutable" }, + "RuntimeEnvironmentSecrets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-codeconfigurationvalues.html#cfn-apprunner-service-codeconfigurationvalues-runtimeenvironmentsecrets", + "DuplicatesAllowed": true, + "ItemType": "KeyValuePair", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "RuntimeEnvironmentVariables": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-codeconfigurationvalues.html#cfn-apprunner-service-codeconfigurationvalues-runtimeenvironmentvariables", "DuplicatesAllowed": true, @@ -184,6 +192,14 @@ "Required": false, "UpdateType": "Mutable" }, + "RuntimeEnvironmentSecrets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-imageconfiguration.html#cfn-apprunner-service-imageconfiguration-runtimeenvironmentsecrets", + "DuplicatesAllowed": true, + "ItemType": "KeyValuePair", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "RuntimeEnvironmentVariables": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-imageconfiguration.html#cfn-apprunner-service-imageconfiguration-runtimeenvironmentvariables", "DuplicatesAllowed": true, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json index 6f69ef69082f3..aa59e6dd2e01b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppStream.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppStream::AppBlock.S3Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appstream-appblock-s3location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json index 5c95c3c5aa036..fae73fe566433 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AppSync.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AppSync::DataSource.AuthorizationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-datasource-authorizationconfig.html", @@ -110,6 +110,17 @@ } } }, + "AWS::AppSync::DataSource.EventBridgeConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-datasource-eventbridgeconfig.html", + "Properties": { + "EventBusArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-datasource-eventbridgeconfig.html#cfn-appsync-datasource-eventbridgeconfig-eventbusarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::AppSync::DataSource.HttpConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-datasource-httpconfig.html", "Properties": { @@ -610,6 +621,12 @@ "Type": "ElasticsearchConfig", "UpdateType": "Mutable" }, + "EventBridgeConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-datasource.html#cfn-appsync-datasource-eventbridgeconfig", + "Required": false, + "Type": "EventBridgeConfig", + "UpdateType": "Mutable" + }, "HttpConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-datasource.html#cfn-appsync-datasource-httpconfig", "Required": false, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json index 841a812bdf060..c9aa7ff17fa29 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationAutoScaling.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalabletarget-scalabletargetaction.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json index 6f6ad4b862593..ab3d279426040 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ApplicationInsights.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ApplicationInsights::Application.Alarm": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationinsights-application-alarm.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json index 496e7a0544357..7813c5112b4ed 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Athena.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Athena::WorkGroup.EncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-encryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json index edbde1b0e73c2..8ec5dfc3a9bbc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AuditManager.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AuditManager::Assessment.AWSAccount": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html", @@ -173,10 +173,6 @@ }, "CreationTime": { "PrimitiveType": "Double" - }, - "Delegations": { - "ItemType": "Delegation", - "Type": "List" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html", @@ -193,6 +189,14 @@ "Type": "AWSAccount", "UpdateType": "Immutable" }, + "Delegations": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-delegations", + "DuplicatesAllowed": true, + "ItemType": "Delegation", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "Description": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-description", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json index e56b76b858692..679591864fc39 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScaling.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AutoScaling::AutoScalingGroup.AcceleratorCountRequest": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-acceleratorcountrequest.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json index 9ae9337d46c08..c7a12daa5eb3f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_AutoScalingPlans.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::AutoScalingPlans::ScalingPlan.ApplicationSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscalingplans-scalingplan-applicationsource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json index 8be59b0400ac7..c8f622c2196e4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Backup.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Backup::BackupPlan.AdvancedBackupSettingResourceType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupplan-advancedbackupsettingresourcetype.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json index 0b1fe11e079b6..189775b36b6f7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Batch.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Batch::ComputeEnvironment.ComputeResources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json index 5400cd5e355cd..402685f319d8f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_BillingConductor.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::BillingConductor::BillingGroup.AccountGrouping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-billingconductor-billinggroup-accountgrouping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json index 5da5b19131897..f0760f36c20b2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Budgets.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Budgets::Budget.AutoAdjustData": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-budgets-budget-autoadjustdata.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json index 8c52ded989ad5..0fc4ea2d08bf3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CE.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CE::AnomalyMonitor.ResourceTag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ce-anomalymonitor-resourcetag.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json index 96cb938a31a72..d1fb3803512d1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CUR.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CUR::ReportDefinition": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json index fcac0529b4026..daf14e2d77ca4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cassandra.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Cassandra::Table.BillingMode": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cassandra-table-billingmode.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json index a5a1e92c2fc28..5cc52c10a208a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CertificateManager.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-account-expiryeventsconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json index 4843fbdf0541b..41c773de1d629 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Chatbot.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Chatbot::SlackChannelConfiguration": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json index 816d72f04b1de..06cd158532ac2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cloud9.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Cloud9::EnvironmentEC2.Repository": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloud9-environmentec2-repository.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json index 9a4ec75f4429d..fd9597fb77fb4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFormation.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CloudFormation::HookVersion.LoggingConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-hookversion-loggingconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json index 647d3f9ed7013..f81a0cda2106e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudFront.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-cachepolicy-cachepolicyconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json index 3303fd8452d7e..9d548ab3b4848 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudTrail.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudtrail-eventdatastore-advancedeventselector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json index 92b074178b590..a0537d846962b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CloudWatch.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CloudWatch::Alarm.Dimension": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-dimension.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json index 066ca59ddadab..6d090bcab726c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeArtifact.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeArtifact::Domain": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json index 95c5cb2e72bf1..278a15a4cc5ff 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeBuild.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeBuild::Project.Artifacts": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-artifacts.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json index f3b0cb8c2702d..fcb896314db7a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeCommit.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeCommit::Repository.Code": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codecommit-repository-code.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json index c67ab192e357e..bcf4b967062d0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeDeploy.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentconfig-minimumhealthyhosts.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json index 83d7ccb369042..aea4997053c20 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruProfiler.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codeguruprofiler-profilinggroup-agentpermissions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json index 0e9bd89d01bcc..072000a8a4741 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeGuruReviewer.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeGuruReviewer::RepositoryAssociation": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json index 99ea0419a7802..ae7e621d3f85e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodePipeline.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-customactiontype-artifactdetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json index e84ac0b95fffc..6d319209979c8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStar.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeStar::GitHubRepository.Code": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codestar-githubrepository-code.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json index 3ba6671c14a89..360c6288b850f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarConnections.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::CodeStarConnections::Connection": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json index 3dc4d9c7553f4..9776d317fc1e0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CodeStarNotifications.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CodeStarNotifications::NotificationRule.Target": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codestarnotifications-notificationrule-target.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json index 490fe48a774d9..a2cd9dcb90532 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Cognito.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json index 8a0e6d506f8b4..061db37e37e93 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Config.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Config::ConfigRule.CustomPolicyDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-custompolicydetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json index c62efbf0946ee..f9b79b2085986 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Connect.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-hoursofoperation-hoursofoperationconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ConnectCampaigns.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ConnectCampaigns.json index 6ffe3bd53d34f..f2c9f841e7f18 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ConnectCampaigns.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ConnectCampaigns.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ConnectCampaigns::Campaign.DialerConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connectcampaigns-campaign-dialerconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ControlTower.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ControlTower.json index dffc9f3cb6686..f0d827d7d8fa7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ControlTower.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ControlTower.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::ControlTower::EnabledControl": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json index d281b168d1df2..8f926207cc3d0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_CustomerProfiles.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::CustomerProfiles::Integration.ConnectorOperator": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-customerprofiles-integration-connectoroperator.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json index a7f75256a0e63..8061582f6af7b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DAX.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DAX::Cluster.SSESpecification": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dax-cluster-ssespecification.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json index 70ea224c09036..928f69d8eb0a3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DLM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DLM::LifecyclePolicy.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dlm-lifecyclepolicy-action.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json index cb7ef7571a795..4bba2f85c55c9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DMS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DMS::Endpoint.DocDbSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dms-endpoint-docdbsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json index 918c60f314fbe..34d93dc4edd48 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataBrew.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DataBrew::Dataset.CsvOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-databrew-dataset-csvoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json index fccbc661676d5..eabda1f45ba93 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataPipeline.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DataPipeline::Pipeline.Field": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datapipeline-pipeline-field.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json index bf1726839acbb..3ce196223039b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DataSync.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DataSync::LocationEFS.Ec2Config": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html", @@ -463,7 +463,7 @@ "FsxFilesystemArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxlustre.html#cfn-datasync-locationfsxlustre-fsxfilesystemarn", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "SecurityGroupArns": { @@ -607,13 +607,13 @@ "FsxFilesystemArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-fsxfilesystemarn", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "Password": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-password", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "SecurityGroupArns": { @@ -769,13 +769,13 @@ "ServerHostname": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-serverhostname", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "Subdirectory": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-subdirectory", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "Tags": { @@ -816,7 +816,7 @@ "BucketName": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-bucketname", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "SecretKey": { @@ -828,7 +828,7 @@ "ServerHostname": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-serverhostname", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "ServerPort": { @@ -938,19 +938,19 @@ "Password": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-password", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "ServerHostname": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-serverhostname", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Immutable" }, "Subdirectory": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-subdirectory", "PrimitiveType": "String", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "Tags": { @@ -975,12 +975,6 @@ "PrimitiveItemType": "String", "Type": "List" }, - "ErrorCode": { - "PrimitiveType": "String" - }, - "ErrorDetail": { - "PrimitiveType": "String" - }, "SourceNetworkInterfaceArns": { "PrimitiveItemType": "String", "Type": "List" diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json index cfedaf25eaa73..b6eb8fbda1eeb 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Detective.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Detective::Graph": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json index 6fd55a62211a7..c436a1744275c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DevOpsGuru.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-devopsguru-notificationchannel-notificationchannelconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json index 768a0c589b457..0792db0ef7962 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DirectoryService.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DirectoryService::MicrosoftAD.VpcSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-directoryservice-microsoftad-vpcsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json index c9caf271aba17..601504b296ba3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDB.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::DocDB::DBCluster": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDBElastic.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDBElastic.json index 8b5970fe22d36..5377a9f2ab6ed 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDBElastic.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DocDBElastic.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::DocDBElastic::Cluster": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DynamoDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DynamoDB.json index 4f3adc42c9d74..8aa57c99a75f0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DynamoDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_DynamoDB.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-globaltable-attributedefinition.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json index a69a843ef34f8..d1c1d95844c14 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EC2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EC2::CapacityReservation.TagSpecification": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-capacityreservation-tagspecification.html", @@ -6799,6 +6799,12 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-placementgroup.html", "Properties": { + "PartitionCount": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-placementgroup.html#cfn-ec2-placementgroup-partitioncount", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + }, "SpreadLevel": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-placementgroup.html#cfn-ec2-placementgroup-spreadlevel", "PrimitiveType": "String", @@ -6810,6 +6816,14 @@ "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-placementgroup.html#cfn-ec2-placementgroup-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" } } }, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json index 749daf0d1ea18..a9c49b8418d6a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECR.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ECR::PublicRepository.RepositoryCatalogData": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json index 4cb5101960e7e..cab6fa29799f3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ECS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-capacityprovider-autoscalinggroupprovider.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json index 073355f518c28..46a2b676abee4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EFS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EFS::AccessPoint.AccessPointTag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-accesspoint-accesspointtag.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json index 11835cd4b266b..c196766b96860 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EKS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EKS::Cluster.ClusterLogging": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-clusterlogging.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json index d8bf014243e9c..8f4d96cac5e46 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMR.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EMR::Cluster.Application": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-application.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json index 155a1a06e587a..1d80f0555fd16 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRContainers.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrcontainers-virtualcluster-containerinfo.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json index ba9504c3cc5db..a332d384042ae 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EMRServerless.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EMRServerless::Application.AutoStartConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrserverless-application-autostartconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json index efcd8b03beca5..bf998b9477616 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElastiCache.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-cachecluster-cloudwatchlogsdestinationdetails.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json index 5d41f4e35d1d9..af599333af5a8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticBeanstalk.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticbeanstalk-application-applicationresourcelifecycleconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json index 123a3c0e2c404..99c52b6d8ce16 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancing.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-accessloggingpolicy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json index d517c26c64087..6e1929785d1d7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ElasticLoadBalancingV2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ElasticLoadBalancingV2::Listener.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json index b1e8a5e79d758..176a7e2173014 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Elasticsearch.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticsearch-domain-advancedsecurityoptionsinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json index ecddf61fa488d..9aa543601b632 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_EventSchemas.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::EventSchemas::Discoverer.TagsEntry": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eventschemas-discoverer-tagsentry.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json index 7d4401fd3ea7b..98ef0e5d9b5fc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Events.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Events::Connection.ApiKeyAuthParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-connection-apikeyauthparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json index cdc5b42cbd092..f75d6ed8e7bf1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Evidently.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Evidently::Experiment.MetricGoalObject": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evidently-experiment-metricgoalobject.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json index 21121d8802852..97558c1e7e750 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FIS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-cloudwatchlogsconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json index b523254f57adb..5707552a19290 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FMS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::FMS::Policy.IEMap": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-iemap.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json index da21517b4cba0..56e1e5a1a2d06 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FSx.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fsx-datarepositoryassociation-autoexportpolicy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json index cf644710cce52..c62095975027b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FinSpace.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::FinSpace::Environment.FederationParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-finspace-environment-federationparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json index 2932ce66680ef..a2a3b2bde7c19 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Forecast.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Forecast::Dataset.AttributesItems": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-forecast-dataset-attributesitems.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json index b2927bed0dacd..c707a7c0f5eb2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_FraudDetector.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::FraudDetector::Detector.EntityType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-frauddetector-detector-entitytype.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json index 474770e853ad7..1af755bb59bb1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GameLift.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::GameLift::Alias.RoutingStrategy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-alias-routingstrategy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json index 547c007909879..7952bcd99a4e3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GlobalAccelerator.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-globalaccelerator-endpointgroup-endpointconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json index e19179fad5c1a..31594a857dcc4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Glue.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Glue::Classifier.CsvClassifier": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-glue-classifier-csvclassifier.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Grafana.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Grafana.json index 62997c39da0b1..953d0b37ae308 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Grafana.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Grafana.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Grafana::Workspace.AssertionAttributes": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-grafana-workspace-assertionattributes.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json index e3ead9e0a438d..19a8f55f2e183 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Greengrass.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Greengrass::ConnectorDefinition.Connector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json index 1f70b75b42cef..26dd989d4f528 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GreengrassV2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrassv2-componentversion-componentdependencyrequirement.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json index 72bfa94fb4df7..41fe029b70352 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GroundStation.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::GroundStation::Config.AntennaDownlinkConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-groundstation-config-antennadownlinkconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json index d1339961b54a3..263659de526f3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_GuardDuty.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json index 3839bdba4a5a0..2982114cf2e4d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_HealthLake.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::HealthLake::FHIRDatastore.CreatedAt": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-createdat.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json index 16bd173cc3879..86d46d7cf0d81 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IAM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IAM::Group.Policy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json index 8246220458e65..69eef6d1e0585 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IVS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-destinationconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IdentityStore.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IdentityStore.json index edb5c47a40dc0..37ee3ed8ccea4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IdentityStore.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IdentityStore.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IdentityStore::GroupMembership.MemberId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-identitystore-groupmembership-memberid.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json index 840f915a1bd8e..a2a34340fe952 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ImageBuilder.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-imagebuilder-containerrecipe-componentconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json index d19a69a5c55cf..b3091c1445657 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Inspector.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Inspector::AssessmentTarget": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json index 582e9e9eece9e..0c82110633147 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_InspectorV2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::InspectorV2::Filter.DateFilter": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-inspectorv2-filter-datefilter.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json index 74d1dd302b059..b148c5126ea36 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfiguration.html", @@ -294,6 +294,19 @@ } } }, + "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-jobexecutionsretryconfig.html", + "Properties": { + "RetryCriteriaList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-jobexecutionsretryconfig.html#cfn-iot-jobtemplate-jobexecutionsretryconfig-retrycriterialist", + "DuplicatesAllowed": true, + "ItemType": "RetryCriteria", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-jobexecutionsrolloutconfig.html", "Properties": { @@ -345,6 +358,23 @@ } } }, + "AWS::IoT::JobTemplate.RetryCriteria": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-retrycriteria.html", + "Properties": { + "FailureType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-retrycriteria.html#cfn-iot-jobtemplate-retrycriteria-failuretype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "NumberOfRetries": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-retrycriteria.html#cfn-iot-jobtemplate-retrycriteria-numberofretries", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::IoT::JobTemplate.TimeoutConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-jobtemplate-timeoutconfig.html", "Properties": { @@ -2312,6 +2342,12 @@ "Required": false, "UpdateType": "Immutable" }, + "JobExecutionsRetryConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-jobtemplate.html#cfn-iot-jobtemplate-jobexecutionsretryconfig", + "Required": false, + "Type": "JobExecutionsRetryConfig", + "UpdateType": "Mutable" + }, "JobExecutionsRolloutConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-jobtemplate.html#cfn-iot-jobtemplate-jobexecutionsrolloutconfig", "Required": false, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json index 98dae796b859a..67f9f041484cb 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoT1Click.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoT1Click::Project.DeviceTemplate": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot1click-project-devicetemplate.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json index 1c5fe09eef49a..d42576ca8bf3c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTAnalytics.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTAnalytics::Channel.ChannelStorage": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotanalytics-channel-channelstorage.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json index eb3f0480aa5de..54317cb7fef0b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTCoreDeviceAdvisor.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotcoredeviceadvisor-suitedefinition-deviceundertest.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json index ae02439a5cb9a..a4f16e94eeaf9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTEvents.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotevents-alarmmodel-acknowledgeflow.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json index 31e88b88f0645..b12f5ccec7312 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetHub.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::IoTFleetHub::Application": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetWise.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetWise.json index 6ffe8e71f0fef..8db61776ca55a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetWise.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTFleetWise.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTFleetWise::Campaign.CollectionScheme": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotfleetwise-campaign-collectionscheme.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json index beacf455a2226..57ae5f81defb1 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTSiteWise.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotsitewise-accesspolicy-accesspolicyidentity.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json index 44fce883090fe..cc1d12fcd6b7a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTThingsGraph.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotthingsgraph-flowtemplate-definitiondocument.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json index 55237f35d375b..d869bc28a4878 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTTwinMaker.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTTwinMaker::ComponentType.DataConnector": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iottwinmaker-componenttype-dataconnector.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json index e470fecb29da6..ab86ed6a33484 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_IoTWireless.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-deviceprofile-lorawandeviceprofile.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json index e576930380f46..95fbfadb9b8e4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KMS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::KMS::Alias": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json index e97973134f9df..c9580498269cf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KafkaConnect.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kafkaconnect-connector-apachekafkacluster.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json index 9789b6eafec68..94d789931f3a2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kendra.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Kendra::DataSource.AccessControlListConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-accesscontrollistconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json index d52c98dc524fb..9150a534f9906 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Kinesis.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Kinesis::Stream.StreamEncryption": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesis-stream-streamencryption.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json index 6bc4724ea1da5..975bda95caa47 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalytics.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-csvmappingparameters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json index e67473a755247..422581141b4fd 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisAnalyticsV2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationcodeconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json index 27348f041d0a7..5348aaaa06a47 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisFirehose.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-amazonopensearchserverlessbufferinghints.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json index b8a71a4632cb0..59307c8b085a7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_KinesisVideo.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::KinesisVideo::SignalingChannel": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json index 67a158a417f48..20609f50bedb7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LakeFormation.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lakeformation-datacellsfilter-columnwildcard.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json index 8ed2d0553c62c..d64250e7be4b2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lambda.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Lambda::Alias.AliasRoutingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-aliasroutingconfiguration.html", @@ -175,6 +175,17 @@ } } }, + "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-scalingconfig.html", + "Properties": { + "MaximumConcurrency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-scalingconfig.html#cfn-lambda-eventsourcemapping-scalingconfig-maximumconcurrency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedeventsource.html", "Properties": { @@ -675,6 +686,12 @@ "Type": "List", "UpdateType": "Mutable" }, + "ScalingConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-scalingconfig", + "Required": false, + "Type": "ScalingConfig", + "UpdateType": "Mutable" + }, "SelfManagedEventSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-selfmanagedeventsource", "Required": false, diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json index 1553d46b24c3a..23a3ebd69a067 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lex.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Lex::Bot.AdvancedRecognitionSetting": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lex-bot-advancedrecognitionsetting.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json index 9c866cc7437db..8df04c0b3e913 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LicenseManager.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::LicenseManager::License.BorrowConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-borrowconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json index 501c5663e683e..13cd10e463777 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Lightsail.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Lightsail::Bucket.AccessRules": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lightsail-bucket-accessrules.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json index eca9c842d7961..e2de91a675777 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Location.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Location::Map.MapConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-location-map-mapconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json index 8af6944a94736..ee01f69f3456d 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Logs.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Logs::MetricFilter.Dimension": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-logs-metricfilter-dimension.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json index e9709c142f40e..71004c230c3ba 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutEquipment.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lookoutequipment-inferencescheduler-datainputconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json index 599c911241fee..6350ee5f8b15b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutMetrics.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::LookoutMetrics::Alert.Action": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lookoutmetrics-alert-action.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json index fb92288b9639c..d6c62a045a312 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_LookoutVision.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::LookoutVision::Project": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_M2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_M2.json index 6e7c8d919b4f8..e58d9f2ddfd08 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_M2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_M2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::M2::Application.Definition": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-m2-application-definition.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json index bb1737bda9959..6f130422d7c55 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MSK.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MSK::Cluster.BrokerLogs": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json index 53ecf642f30c7..bc774ba82cf76 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MWAA.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MWAA::Environment.LoggingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mwaa-environment-loggingconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json index f5e480989eda4..a26520d99495b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Macie.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Macie::AllowList.Criteria": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-macie-allowlist-criteria.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json index b9ae365f57a44..fd60b22993dab 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ManagedBlockchain.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-managedblockchain-member-approvalthresholdpolicy.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json index 8eae91dd8cc11..3667601f8f0ea 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConnect.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaConnect::Flow.Encryption": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json index dbe97f99c5e3a..507e3ce24e6bc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaConvert.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaConvert::JobTemplate.AccelerationSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconvert-jobtemplate-accelerationsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json index d7e04da3b8a91..796133fb6c213 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaLive.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaLive::Channel.AacSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-aacsettings.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json index 2481f74fac3eb..fce25bea04c33 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaPackage.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaPackage::Asset.EgressEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-asset-egressendpoint.html", @@ -37,25 +37,25 @@ "Id": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-channel-ingestendpoint.html#cfn-mediapackage-channel-ingestendpoint-id", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "Password": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-channel-ingestendpoint.html#cfn-mediapackage-channel-ingestendpoint-password", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "Url": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-channel-ingestendpoint.html#cfn-mediapackage-channel-ingestendpoint-url", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "Username": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-channel-ingestendpoint.html#cfn-mediapackage-channel-ingestendpoint-username", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -697,6 +697,12 @@ "Required": false, "UpdateType": "Mutable" }, + "IncludeIframeOnlyStream": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-packagingconfiguration-dashpackage.html#cfn-mediapackage-packagingconfiguration-dashpackage-includeiframeonlystream", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "PeriodTriggers": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackage-packagingconfiguration-dashpackage.html#cfn-mediapackage-packagingconfiguration-dashpackage-periodtriggers", "DuplicatesAllowed": true, @@ -1033,13 +1039,6 @@ "Attributes": { "Arn": { "PrimitiveType": "String" - }, - "HlsIngest": { - "Type": "HlsIngest" - }, - "HlsIngest.ingestEndpoints": { - "ItemType": "IngestEndpoint", - "Type": "List" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediapackage-channel.html", @@ -1056,6 +1055,12 @@ "Type": "LogConfiguration", "UpdateType": "Mutable" }, + "HlsIngest": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediapackage-channel.html#cfn-mediapackage-channel-hlsingest", + "Required": false, + "Type": "HlsIngest", + "UpdateType": "Mutable" + }, "Id": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediapackage-channel.html#cfn-mediapackage-channel-id", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json index 4c27b98f36e68..8cebd7b21732f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaStore.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaStore::Container.CorsRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediastore-container-corsrule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json index 70dc28bf99710..6a55e1d5bf6d5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MediaTailor.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediatailor-playbackconfiguration-admarkerpassthrough.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json index ce2940a5c8b54..06f7a1babd4dc 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_MemoryDB.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::MemoryDB::Cluster.Endpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-memorydb-cluster-endpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json index e1fcd79086502..945c32c631879 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Neptune.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Neptune::DBCluster.DBClusterRole": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-neptune-dbcluster-dbclusterrole.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json index 00212c6ba1c99..7fa60b655acdf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkFirewall.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::NetworkFirewall::Firewall.SubnetMapping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-firewall-subnetmapping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json index 8fb7ff1a79a12..b8f48f8392f64 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NetworkManager.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-connectattachment-connectattachmentoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json index 4fb7c4b793b2a..5c4f8dd06ac35 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_NimbleStudio.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-nimblestudio-launchprofile-streamconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Oam.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Oam.json index 281db56b93d6c..99e14b7e2bce3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Oam.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Oam.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Oam::Link": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchServerless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchServerless.json index d3d6528877f67..b9af56935e27c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchServerless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchServerless.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json index c0ae53ff2b3b4..73f19a924d1d4 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpenSearchService.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json index ed5e8ccb3929a..8d1e0c1d6f970 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorks.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::OpsWorks::App.DataSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opsworks-app-datasource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json index 023c47b6bc0ff..8c55fbe1fab4e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_OpsWorksCM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::OpsWorksCM::Server.EngineAttribute": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opsworkscm-server-engineattribute.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Organizations.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Organizations.json index 04d961c8871b9..83b35bf920f36 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Organizations.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Organizations.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::Organizations::Account": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json index 1e9a59d43a737..1564233a0ba0e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Panorama.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-panorama-applicationinstance-manifestoverridespayload.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json index a8e0cf6720d70..65d84bd4a11c0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Personalize.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Personalize::Dataset.DataSource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-personalize-dataset-datasource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json index 8cd5adb3c069b..a31b2e832b7aa 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pinpoint.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pinpoint-applicationsettings-campaignhook.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json index a968dd97710f9..451dc8713338c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_PinpointEmail.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pinpointemail-configurationset-deliveryoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pipes.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pipes.json index f1f2f3698cabc..8afb59ad0c6b3 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pipes.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Pipes.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Pipes::Pipe.AwsVpcConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pipes-pipe-awsvpcconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json index 9244428af213d..1584ce4511112 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QLDB.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::QLDB::Stream.KinesisConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-qldb-stream-kinesisconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json index f33294a293f62..3a12d9b95f357 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_QuickSight.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::QuickSight::Analysis.AnalysisError": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-analysis-analysiserror.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json index 6c700c4534f23..289a0d7f86712 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RAM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::RAM::ResourceShare": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json index ff23618bec497..25eb39e27a2ad 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RDS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RDS::DBCluster.DBClusterRole": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-dbclusterrole.html", @@ -35,6 +35,23 @@ } } }, + "AWS::RDS::DBCluster.MasterUserSecret": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html", + "Properties": { + "KmsKeyId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html#cfn-rds-dbcluster-masterusersecret-kmskeyid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html#cfn-rds-dbcluster-masterusersecret-secretarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::RDS::DBCluster.ReadEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-readendpoint.html", "Properties": { @@ -144,6 +161,23 @@ } } }, + "AWS::RDS::DBInstance.MasterUserSecret": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbinstance-masterusersecret.html", + "Properties": { + "KmsKeyId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbinstance-masterusersecret.html#cfn-rds-dbinstance-masterusersecret-kmskeyid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbinstance-masterusersecret.html#cfn-rds-dbinstance-masterusersecret-secretarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::RDS::DBInstance.ProcessorFeature": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbinstance-processorfeature.html", "Properties": { @@ -385,6 +419,9 @@ "Endpoint.Port": { "PrimitiveType": "String" }, + "MasterUserSecret.SecretArn": { + "PrimitiveType": "String" + }, "ReadEndpoint.Address": { "PrimitiveType": "String" } @@ -553,12 +590,24 @@ "Required": false, "UpdateType": "Immutable" }, + "ManageMasterUserPassword": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-managemasteruserpassword", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "MasterUserPassword": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masteruserpassword", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, + "MasterUserSecret": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masterusersecret", + "Required": false, + "Type": "MasterUserSecret", + "UpdateType": "Mutable" + }, "MasterUsername": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masterusername", "PrimitiveType": "String", @@ -759,6 +808,9 @@ }, "Endpoint.Port": { "PrimitiveType": "String" + }, + "MasterUserSecret.SecretArn": { + "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html", @@ -961,12 +1013,24 @@ "Required": false, "UpdateType": "Mutable" }, + "ManageMasterUserPassword": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-managemasteruserpassword", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "MasterUserPassword": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-masteruserpassword", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, + "MasterUserSecret": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-masterusersecret", + "Required": false, + "Type": "MasterUserSecret", + "UpdateType": "Mutable" + }, "MasterUsername": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-masterusername", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json index bff358647e3df..ed3bb3301ed34 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RUM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-appmonitorconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json index fd7a82454ef9f..028e40a5342d5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Redshift.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Redshift::Cluster.Endpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-redshift-cluster-endpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json index e9e49570f96cb..732a495d03211 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RedshiftServerless.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RedshiftServerless::Namespace.Namespace": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-redshiftserverless-namespace-namespace.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json index 3ca6011356d5a..b515322a9202e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RefactorSpaces.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-refactorspaces-application-apigatewayproxyinput.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Rekognition.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Rekognition.json index 575c06ae58b95..68631605954b2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Rekognition.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Rekognition.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Rekognition::StreamProcessor.BoundingBox": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rekognition-streamprocessor-boundingbox.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json index 1f9bf7b9c017f..00c665e558c30 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResilienceHub.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ResilienceHub::App.PhysicalResourceId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resiliencehub-app-physicalresourceid.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceExplorer2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceExplorer2.json index c547c2cf09a40..06ba0bb28c46f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceExplorer2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceExplorer2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ResourceExplorer2::View.Filters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourceexplorer2-view-filters.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json index c457051e96f33..c5a4aefa4830a 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ResourceGroups.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ResourceGroups::Group.ConfigurationItem": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourcegroups-group-configurationitem.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json index c2a7b91ba3f83..3d8d75aba7ef9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RoboMaker.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-robomaker-robotapplication-robotsoftwaresuite.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RolesAnywhere.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RolesAnywhere.json index 3592da00ef5d1..bc6ba4c2e29fe 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RolesAnywhere.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_RolesAnywhere.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::RolesAnywhere::TrustAnchor.Source": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rolesanywhere-trustanchor-source.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json index 869d1eaf8e4d4..50d7979db4734 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Route53::CidrCollection.Location": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-cidrcollection-location.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json index 0f94d70660ddd..8e695317d1733 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryControl.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53recoverycontrol-cluster-clusterendpoint.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json index d9c77609a9cd0..a1d0ddc7b5594 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53RecoveryReadiness.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53recoveryreadiness-resourceset-dnstargetresource.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json index 34167ffeb4b20..140a635edd409 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Route53Resolver.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json index d8a7b5ed81c04..7eb5d0cf37eb8 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::S3::AccessPoint.PolicyStatus": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-accesspoint-policystatus.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json index 2c35a5bc518b9..52b2f95cd2a45 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3ObjectLambda.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-awslambda.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json index e14bb91b9703d..c0c92dd68ab8c 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_S3Outposts.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3outposts-accesspoint-vpcconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json index 521331a6ee33e..e2d8ae4ee7b1f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SDB.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SDB::Domain": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json index 1c40bfed761c2..0c87b5aebe164 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SES.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SES::ConfigurationSet.DashboardOptions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-configurationset-dashboardoptions.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json index 7c40bd5721426..d08b041e94caa 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SNS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SNS::Topic.Subscription": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic-subscription.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json index 49b0c550144b2..500bf5ba4591e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SQS.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SQS::Queue": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json index b0902a49f613e..e78500856a687 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSM.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SSM::Association.InstanceAssociationOutputLocation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json index e2adf35c699f4..206f8f4d96bd2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMContacts.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SSMContacts::Contact.ChannelTargetInfo": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmcontacts-contact-channeltargetinfo.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json index 38a67273ccd55..581445630df6b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSMIncidents.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmincidents-replicationset-regionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json index c3dfed55179ab..9420a93c47d32 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SageMaker.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SageMaker.json index db3c464a9543c..e6bfbbecf2f28 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SageMaker.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SageMaker.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SageMaker::App.ResourceSpec": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-app-resourcespec.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Scheduler.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Scheduler.json index f625fa5291a70..f846c9a9194f2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Scheduler.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Scheduler.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Scheduler::Schedule.AwsVpcConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-awsvpcconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json index 6d2b169dab091..7b910ec7575df 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecretsManager.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-secretsmanager-rotationschedule-hostedrotationlambda.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json index a9aeac8115c44..225841f504bb2 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SecurityHub.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SecurityHub::Hub": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json index f434377a43776..7fdcc6afd3af5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalog.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicecatalog-cloudformationproduct-provisioningartifactproperties.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json index 45c3ce562f522..d418cae63a717 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceCatalogAppRegistry.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::ServiceCatalogAppRegistry::Application": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json index 03e2e04bb9aa3..e4355e2cecc35 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_ServiceDiscovery.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-privatednsnamespace-privatednspropertiesmutable.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json index 7393151da0852..6f706f895cb3f 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Signer.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Signer::SigningProfile.SignatureValidityPeriod": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-signer-signingprofile-signaturevalidityperiod.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json index 61f1a5c802031..7059b67420b53 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_StepFunctions.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::StepFunctions::Activity.TagsEntry": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-activity-tagsentry.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SupportApp.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SupportApp.json index 381792c85ea1f..d685930682492 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SupportApp.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SupportApp.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": {}, "ResourceTypes": { "AWS::SupportApp::AccountAlias": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json index 7bf5c8abcbb91..b04d2fc34893e 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Synthetics.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Synthetics::Canary.ArtifactConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-artifactconfig.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json index 5637503f86681..cefb779eb0281 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Timestream.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Timestream::ScheduledQuery.DimensionMapping": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-timestream-scheduledquery-dimensionmapping.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json index 555c06d701564..a186095583935 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Transfer.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Transfer::Connector.As2Config": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-connector-as2config.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json index cad7c3e4a5fb3..e306e9b33ed87 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_VoiceID.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-voiceid-domain-serversideencryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json index ddcafcb6368d2..3243af1558a4b 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAF.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::WAF::ByteMatchSet.ByteMatchTuple": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json index ab848de185240..d882a90765294 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFRegional.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-bytematchset-bytematchtuple.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json index 4f84b1b414d48..595461e8984a7 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WAFv2.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::WAFv2::LoggingConfiguration.ActionCondition": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-loggingconfiguration-actioncondition.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json index e21579f130aec..41b8b98cd8ab6 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_Wisdom.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wisdom-assistant-serversideencryptionconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json index ac415ab54b88f..ceb2f3e83bae5 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_WorkSpaces.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::WorkSpaces::ConnectionAlias.ConnectionAliasAssociation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspaces-connectionalias-connectionaliasassociation.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json index b34b8a74cd7a8..6f3f25f74f4c0 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_XRay.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "AWS::XRay::Group.InsightsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-xray-group-insightsconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json index cfe6bdddbfc89..d967ee9dc0292 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Alexa_ASK.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "Alexa::ASK::Skill.AuthenticationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ask-skill-authenticationconfiguration.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json index 75db42cd96a73..53dd0b161efdf 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_Tag.json @@ -1,5 +1,5 @@ { - "$version": "106.0.0", + "$version": "107.0.0", "PropertyTypes": { "Tag": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html", diff --git a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json index 7af9c5f68860f..5297fe34ac1e9 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json +++ b/packages/@aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/001_Version.json @@ -1,3 +1,3 @@ { - "ResourceSpecificationVersion": "106.0.0" + "ResourceSpecificationVersion": "107.0.0" } From 2504af46856f339c68794a8511526294f7d99095 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Mon, 16 Jan 2023 10:08:28 +0100 Subject: [PATCH 03/11] fix linter for readme --- packages/@aws-cdk/aws-apprunner/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/README.md b/packages/@aws-cdk/aws-apprunner/README.md index 4ea01be22195d..33b04ce18d284 100644 --- a/packages/@aws-cdk/aws-apprunner/README.md +++ b/packages/@aws-cdk/aws-apprunner/README.md @@ -163,7 +163,7 @@ new apprunner.Service(this, 'Service', { ## Secrets Manager -To include an environment variable integrated with AWS Secrets Manager we will be using the `environmentSecrets` attribute. +To include an environment variables integrated with AWS Secrets Manager, use the `environmentSecrets` attribute. `instanceRole` attribute is mandatory when using `environmentSecrets`. ```ts @@ -189,4 +189,4 @@ new Service(stack, 'Service', { }), instanceRole: role, }); -``` \ No newline at end of file +``` From ebe62d0b2e303504c7aa728f05f2da64325f263c Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Mon, 16 Jan 2023 11:00:39 +0100 Subject: [PATCH 04/11] update integration tests --- ...efaultTestDeployAssert6B977D95.assets.json | 19 ++ ...aultTestDeployAssert6B977D95.template.json | 36 +++ .../cdk.out | 1 + ...nteg-apprunner-secrets-manager.assets.json | 19 ++ ...eg-apprunner-secrets-manager.template.json | 143 +++++++++ .../integ.json | 12 + .../manifest.json | 135 +++++++++ .../tree.json | 274 ++++++++++++++++++ 8 files changed, 639 insertions(+) create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json new file mode 100644 index 0000000000000..6a1de7aa5e5dd --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/cdk.out b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json new file mode 100644 index 0000000000000..8ee77ec78e119 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2": { + "source": { + "path": "integ-apprunner-secrets-manager.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json new file mode 100644 index 0000000000000..7da1bb5a63742 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json @@ -0,0 +1,143 @@ +{ + "Resources": { + "SecretA720EF05": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "SecretString": "{\"foo\":\"fooval\"}" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "InstanceRole3CCE2F1D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "InstanceRoleDefaultPolicy1531605C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "SecretA720EF05" + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "InstanceRoleDefaultPolicy1531605C", + "Roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "Service86269A78B": { + "Type": "AWS::AppRunner::Service", + "Properties": { + "SourceConfiguration": { + "AuthenticationConfiguration": {}, + "ImageRepository": { + "ImageConfiguration": { + "Port": "8000", + "RuntimeEnvironmentSecrets": [ + { + "Name": "foo", + "Value": { + "Ref": "SecretA720EF05" + } + } + ] + }, + "ImageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "ImageRepositoryType": "ECR_PUBLIC" + } + }, + "InstanceConfiguration": { + "InstanceRoleArn": { + "Fn::GetAtt": [ + "InstanceRole3CCE2F1D", + "Arn" + ] + } + }, + "NetworkConfiguration": { + "EgressConfiguration": { + "EgressType": "DEFAULT" + } + } + } + } + }, + "Outputs": { + "URL8": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Fn::GetAtt": [ + "Service86269A78B", + "ServiceUrl" + ] + } + ] + ] + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ.json new file mode 100644 index 0000000000000..0be359a9018cc --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "29.0.0", + "testCases": { + "AppRunnerSecretsManger/DefaultTest": { + "stacks": [ + "integ-apprunner-secrets-manager" + ], + "assertionStack": "AppRunnerSecretsManger/DefaultTest/DeployAssert", + "assertionStackName": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json new file mode 100644 index 0000000000000..8f4989946b879 --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json @@ -0,0 +1,135 @@ +{ + "version": "29.0.0", + "artifacts": { + "integ-apprunner-secrets-manager.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-apprunner-secrets-manager.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-apprunner-secrets-manager": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-apprunner-secrets-manager.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-apprunner-secrets-manager.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-apprunner-secrets-manager.assets" + ], + "metadata": { + "/integ-apprunner-secrets-manager/Secret/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "SecretA720EF05" + } + ], + "/integ-apprunner-secrets-manager/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRole3CCE2F1D" + } + ], + "/integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRoleDefaultPolicy1531605C" + } + ], + "/integ-apprunner-secrets-manager/Service8/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service86269A78B" + } + ], + "/integ-apprunner-secrets-manager/URL8": [ + { + "type": "aws:cdk:logicalId", + "data": "URL8" + } + ], + "/integ-apprunner-secrets-manager/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-apprunner-secrets-manager/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-apprunner-secrets-manager" + }, + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" + ], + "metadata": { + "/AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "AppRunnerSecretsManger/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json new file mode 100644 index 0000000000000..f8df0730c31de --- /dev/null +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json @@ -0,0 +1,274 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "integ-apprunner-secrets-manager": { + "id": "integ-apprunner-secrets-manager", + "path": "integ-apprunner-secrets-manager", + "children": { + "Secret": { + "id": "Secret", + "path": "integ-apprunner-secrets-manager/Secret", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/Secret/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", + "aws:cdk:cloudformation:props": { + "secretString": "{\"foo\":\"fooval\"}" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-secretsmanager.Secret", + "version": "0.0.0" + } + }, + "InstanceRole": { + "id": "InstanceRole", + "path": "integ-apprunner-secrets-manager/InstanceRole", + "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "integ-apprunner-secrets-manager/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/InstanceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "SecretA720EF05" + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "InstanceRoleDefaultPolicy1531605C", + "roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Policy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Service8": { + "id": "Service8", + "path": "integ-apprunner-secrets-manager/Service8", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/Service8/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppRunner::Service", + "aws:cdk:cloudformation:props": { + "sourceConfiguration": { + "authenticationConfiguration": {}, + "imageRepository": { + "imageConfiguration": { + "port": "8000", + "runtimeEnvironmentSecrets": [ + { + "name": "foo", + "value": { + "Ref": "SecretA720EF05" + } + } + ] + }, + "imageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", + "imageRepositoryType": "ECR_PUBLIC" + } + }, + "instanceConfiguration": { + "instanceRoleArn": { + "Fn::GetAtt": [ + "InstanceRole3CCE2F1D", + "Arn" + ] + } + }, + "networkConfiguration": { + "egressConfiguration": { + "egressType": "DEFAULT" + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.CfnService", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-apprunner.Service", + "version": "0.0.0" + } + }, + "URL8": { + "id": "URL8", + "path": "integ-apprunner-secrets-manager/URL8", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnOutput", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-apprunner-secrets-manager/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-apprunner-secrets-manager/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "AppRunnerSecretsManger": { + "id": "AppRunnerSecretsManger", + "path": "AppRunnerSecretsManger", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "AppRunnerSecretsManger/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "AppRunnerSecretsManger/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.209" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.209" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file From 0b2c4809ecc2be1751795a2a6a180bec01b92a3b Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Mon, 16 Jan 2023 13:16:17 +0100 Subject: [PATCH 05/11] fix readme and package.json --- packages/@aws-cdk/aws-apprunner/README.md | 8 +++++++- packages/@aws-cdk/aws-apprunner/package.json | 16 +++++++++++----- .../aws-apprunner/rosetta/default.ts-fixture | 2 +- 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/README.md b/packages/@aws-cdk/aws-apprunner/README.md index 33b04ce18d284..f284cb31b5435 100644 --- a/packages/@aws-cdk/aws-apprunner/README.md +++ b/packages/@aws-cdk/aws-apprunner/README.md @@ -167,6 +167,12 @@ To include an environment variables integrated with AWS Secrets Manager, use the `instanceRole` attribute is mandatory when using `environmentSecrets`. ```ts + +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as iam from '@aws-cdk/aws-iam'; + +declare const stack: Stack; + const secret = new secretsmanager.Secret(stack, 'Secret', { secretObjectValue: { foo: SecretValue.unsafePlainText('mySecretVal') }, }); @@ -177,7 +183,7 @@ const role = new iam.Role(stack, 'InstanceRole', { secret.grantRead(role); -new Service(stack, 'Service', { +new apprunner.Service(stack, 'Service', { source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000, diff --git a/packages/@aws-cdk/aws-apprunner/package.json b/packages/@aws-cdk/aws-apprunner/package.json index dfb02a953de3a..3e8334ee2d330 100644 --- a/packages/@aws-cdk/aws-apprunner/package.json +++ b/packages/@aws-cdk/aws-apprunner/package.json @@ -83,19 +83,25 @@ }, "license": "Apache-2.0", "devDependencies": { - "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/assertions": "0.0.0", + "@aws-cdk/aws-ec2": "0.0.0", + "@aws-cdk/aws-ecr-assets": "0.0.0", + "@aws-cdk/aws-ecr": "0.0.0", + "@aws-cdk/aws-iam": "0.0.0", + "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", + "@aws-cdk/cfn2ts": "0.0.0", + "@aws-cdk/core": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", "@aws-cdk/integ-tests": "0.0.0", - "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/pkglint": "0.0.0", - "@types/jest": "^27.5.2" + "@types/jest": "^27.5.2", + "constructs": "^10.0.0" }, "dependencies": { "@aws-cdk/aws-ec2": "0.0.0", - "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecr-assets": "0.0.0", + "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", @@ -103,8 +109,8 @@ }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", - "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-ecr-assets": "0.0.0", + "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", diff --git a/packages/@aws-cdk/aws-apprunner/rosetta/default.ts-fixture b/packages/@aws-cdk/aws-apprunner/rosetta/default.ts-fixture index b74a57c217fbd..585b54c64cf81 100644 --- a/packages/@aws-cdk/aws-apprunner/rosetta/default.ts-fixture +++ b/packages/@aws-cdk/aws-apprunner/rosetta/default.ts-fixture @@ -1,5 +1,5 @@ // Fixture with packages imported, but nothing else -import { Stack } from '@aws-cdk/core'; +import { Stack, SecretValue } from '@aws-cdk/core'; import { Construct } from 'constructs'; import * as apprunner from '@aws-cdk/aws-apprunner'; import * as path from 'path'; From 6053a1ec6ac3b889e269bc7d2d213904fd0c17af Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Mon, 16 Jan 2023 15:28:47 +0100 Subject: [PATCH 06/11] remove ts test --- ...efaultTestDeployAssert6B977D95.assets.json | 19 -- ...aultTestDeployAssert6B977D95.template.json | 36 --- .../cdk.out | 1 - ...nteg-apprunner-secrets-manager.assets.json | 19 -- ...eg-apprunner-secrets-manager.template.json | 143 --------- .../integ.json | 12 - .../manifest.json | 135 --------- .../tree.json | 274 ------------------ 8 files changed, 639 deletions(-) delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json delete mode 100644 packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json deleted file mode 100644 index 6a1de7aa5e5dd..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "29.0.0", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "source": { - "path": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out deleted file mode 100644 index d8b441d447f8a..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json deleted file mode 100644 index 8ee77ec78e119..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "29.0.0", - "files": { - "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2": { - "source": { - "path": "integ-apprunner-secrets-manager.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json deleted file mode 100644 index 7da1bb5a63742..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ-apprunner-secrets-manager.template.json +++ /dev/null @@ -1,143 +0,0 @@ -{ - "Resources": { - "SecretA720EF05": { - "Type": "AWS::SecretsManager::Secret", - "Properties": { - "SecretString": "{\"foo\":\"fooval\"}" - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "InstanceRole3CCE2F1D": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "tasks.apprunner.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "InstanceRoleDefaultPolicy1531605C": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "secretsmanager:DescribeSecret", - "secretsmanager:GetSecretValue" - ], - "Effect": "Allow", - "Resource": { - "Ref": "SecretA720EF05" - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "InstanceRoleDefaultPolicy1531605C", - "Roles": [ - { - "Ref": "InstanceRole3CCE2F1D" - } - ] - } - }, - "Service86269A78B": { - "Type": "AWS::AppRunner::Service", - "Properties": { - "SourceConfiguration": { - "AuthenticationConfiguration": {}, - "ImageRepository": { - "ImageConfiguration": { - "Port": "8000", - "RuntimeEnvironmentSecrets": [ - { - "Name": "foo", - "Value": { - "Ref": "SecretA720EF05" - } - } - ] - }, - "ImageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", - "ImageRepositoryType": "ECR_PUBLIC" - } - }, - "InstanceConfiguration": { - "InstanceRoleArn": { - "Fn::GetAtt": [ - "InstanceRole3CCE2F1D", - "Arn" - ] - } - }, - "NetworkConfiguration": { - "EgressConfiguration": { - "EgressType": "DEFAULT" - } - } - } - } - }, - "Outputs": { - "URL8": { - "Value": { - "Fn::Join": [ - "", - [ - "https://", - { - "Fn::GetAtt": [ - "Service86269A78B", - "ServiceUrl" - ] - } - ] - ] - } - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json deleted file mode 100644 index 0be359a9018cc..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/integ.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "version": "29.0.0", - "testCases": { - "AppRunnerSecretsManger/DefaultTest": { - "stacks": [ - "integ-apprunner-secrets-manager" - ], - "assertionStack": "AppRunnerSecretsManger/DefaultTest/DeployAssert", - "assertionStackName": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json deleted file mode 100644 index 8f4989946b879..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/manifest.json +++ /dev/null @@ -1,135 +0,0 @@ -{ - "version": "29.0.0", - "artifacts": { - "integ-apprunner-secrets-manager.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "integ-apprunner-secrets-manager.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "integ-apprunner-secrets-manager": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "integ-apprunner-secrets-manager.template.json", - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "integ-apprunner-secrets-manager.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "integ-apprunner-secrets-manager.assets" - ], - "metadata": { - "/integ-apprunner-secrets-manager/Secret/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "SecretA720EF05" - } - ], - "/integ-apprunner-secrets-manager/InstanceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "InstanceRole3CCE2F1D" - } - ], - "/integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "InstanceRoleDefaultPolicy1531605C" - } - ], - "/integ-apprunner-secrets-manager/Service8/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Service86269A78B" - } - ], - "/integ-apprunner-secrets-manager/URL8": [ - { - "type": "aws:cdk:logicalId", - "data": "URL8" - } - ], - "/integ-apprunner-secrets-manager/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/integ-apprunner-secrets-manager/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "integ-apprunner-secrets-manager" - }, - "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.template.json", - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "AppRunnerSecretsMangerDefaultTestDeployAssert6B977D95.assets" - ], - "metadata": { - "/AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "AppRunnerSecretsManger/DefaultTest/DeployAssert" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json deleted file mode 100644 index f8df0730c31de..0000000000000 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts.snapshot/tree.json +++ /dev/null @@ -1,274 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "integ-apprunner-secrets-manager": { - "id": "integ-apprunner-secrets-manager", - "path": "integ-apprunner-secrets-manager", - "children": { - "Secret": { - "id": "Secret", - "path": "integ-apprunner-secrets-manager/Secret", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-apprunner-secrets-manager/Secret/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", - "aws:cdk:cloudformation:props": { - "secretString": "{\"foo\":\"fooval\"}" - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.CfnSecret", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-secretsmanager.Secret", - "version": "0.0.0" - } - }, - "InstanceRole": { - "id": "InstanceRole", - "path": "integ-apprunner-secrets-manager/InstanceRole", - "children": { - "ImportInstanceRole": { - "id": "ImportInstanceRole", - "path": "integ-apprunner-secrets-manager/InstanceRole/ImportInstanceRole", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-apprunner-secrets-manager/InstanceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "tasks.apprunner.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": [ - "secretsmanager:DescribeSecret", - "secretsmanager:GetSecretValue" - ], - "Effect": "Allow", - "Resource": { - "Ref": "SecretA720EF05" - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "InstanceRoleDefaultPolicy1531605C", - "roles": [ - { - "Ref": "InstanceRole3CCE2F1D" - } - ] - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", - "version": "0.0.0" - } - }, - "Service8": { - "id": "Service8", - "path": "integ-apprunner-secrets-manager/Service8", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-apprunner-secrets-manager/Service8/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AppRunner::Service", - "aws:cdk:cloudformation:props": { - "sourceConfiguration": { - "authenticationConfiguration": {}, - "imageRepository": { - "imageConfiguration": { - "port": "8000", - "runtimeEnvironmentSecrets": [ - { - "name": "foo", - "value": { - "Ref": "SecretA720EF05" - } - } - ] - }, - "imageIdentifier": "public.ecr.aws/aws-containers/hello-app-runner:latest", - "imageRepositoryType": "ECR_PUBLIC" - } - }, - "instanceConfiguration": { - "instanceRoleArn": { - "Fn::GetAtt": [ - "InstanceRole3CCE2F1D", - "Arn" - ] - } - }, - "networkConfiguration": { - "egressConfiguration": { - "egressType": "DEFAULT" - } - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apprunner.CfnService", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-apprunner.Service", - "version": "0.0.0" - } - }, - "URL8": { - "id": "URL8", - "path": "integ-apprunner-secrets-manager/URL8", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnOutput", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "integ-apprunner-secrets-manager/BootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "integ-apprunner-secrets-manager/CheckBootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.Stack", - "version": "0.0.0" - } - }, - "AppRunnerSecretsManger": { - "id": "AppRunnerSecretsManger", - "path": "AppRunnerSecretsManger", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "AppRunnerSecretsManger/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "AppRunnerSecretsManger/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.209" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert", - "children": { - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/BootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "AppRunnerSecretsManger/DefaultTest/DeployAssert/CheckBootstrapVersion", - "constructInfo": { - "fqn": "@aws-cdk/core.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.Stack", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests.IntegTest", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.1.209" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/core.App", - "version": "0.0.0" - } - } -} \ No newline at end of file From 4367ffcfa9cee2cf08f86278d57d0922fc6915b8 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Tue, 17 Jan 2023 14:43:42 +0100 Subject: [PATCH 07/11] keep deprecated attribute for compatibility --- .../@aws-cdk/aws-apprunner/lib/service.ts | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index c08eb8f0b773a..edad0f8f2b26d 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -434,6 +434,14 @@ export interface ImageConfiguration { */ readonly port?: number; + /** + * Environment variables that are available to your running App Runner service. + * + * @default - no environment variables + * @deprecated use environmentVariables() + */ + readonly environment?: { [key: string]: string }; + /** * Environment variables that are available to your running App Runner service. * @@ -677,6 +685,14 @@ export interface CodeConfigurationValues { */ readonly runtime: Runtime; + /** + * The environment variables that are available to your running App Runner service. + * + * @default - no environment variables. + * @deprecated use environmentVariables() + */ + readonly environment?: { [key: string]: string }; + /** * The environment variables that are available to your running App Runner service. * @@ -801,6 +817,20 @@ export class Service extends cdk.Resource { private readonly props: ServiceProps; private accessRole?: iam.IRole; private source: SourceConfig; + + // /** + // * @deprecated - Throws error in some use cases that have been enabled since this deprecation notice. Use `RestApi.urlForPath()` instead. + // */ + // public get url(): string { + // return this.restApi.urlForPath(this.path); + // } + + /** + * Environment variables for this service + * @deprecated use environmentVariables() + */ + readonly environment?: { [key: string]: string } = {}; + /** * Environment variables for this service */ From 41ed2b7764ef0c3b135620b50beac0137552ff9b Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Wed, 18 Jan 2023 18:14:14 +0100 Subject: [PATCH 08/11] improvements --- packages/@aws-cdk/aws-apprunner/README.md | 32 +- .../@aws-cdk/aws-apprunner/lib/service.ts | 255 ++++++++++--- packages/@aws-cdk/aws-apprunner/package.json | 3 + ...nteg-apprunner-secrets-manager.assets.json | 4 +- ...eg-apprunner-secrets-manager.template.json | 98 ++++- .../manifest.json | 16 +- .../tree.json | 232 ++++++++--- .../test/integ.service-secrets-manager.ts | 30 +- .../aws-apprunner/test/service.test.ts | 361 +++++++++++++----- 9 files changed, 776 insertions(+), 255 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/README.md b/packages/@aws-cdk/aws-apprunner/README.md index f284cb31b5435..ffbec457413ab 100644 --- a/packages/@aws-cdk/aws-apprunner/README.md +++ b/packages/@aws-cdk/aws-apprunner/README.md @@ -163,36 +163,36 @@ new apprunner.Service(this, 'Service', { ## Secrets Manager -To include an environment variables integrated with AWS Secrets Manager, use the `environmentSecrets` attribute. -`instanceRole` attribute is mandatory when using `environmentSecrets`. +To include environment variables integrated with AWS Secrets Manager, use the `environmentSecrets` attribute. +You can use the `addSecret` method from the App Runner `Service` class to include secrets from outside the +service definition. ```ts - import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; -import * as iam from '@aws-cdk/aws-iam'; +import * as ssm from '@aws-cdk/aws-ssm'; declare const stack: Stack; -const secret = new secretsmanager.Secret(stack, 'Secret', { - secretObjectValue: { foo: SecretValue.unsafePlainText('mySecretVal') }, -}); - -const role = new iam.Role(stack, 'InstanceRole', { - assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), +const secret = new secretsmanager.Secret(stack, 'Secret'); +const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', { + parameterName: '/name', + version: 1, }); -secret.grantRead(role); - -new apprunner.Service(stack, 'Service', { +const service = new apprunner.Service(stack, 'Service', { source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000, environmentSecrets: { - mySecretKey: secret.secretArn, + SECRET: apprunner.Secret.fromSecretsManager(secret), + PARAMETER: apprunner.Secret.fromSsmParameter(parameter), + SECRET_ID: apprunner.Secret.fromSecretsManagerVersion(secret, { versionId: 'version-id' }), + SECRET_STAGE: apprunner.Secret.fromSecretsManagerVersion(secret, { versionStage: 'version-stage' }), }, }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', - }), - instanceRole: role, + }) }); + +service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field')); ``` diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index edad0f8f2b26d..016a01395572e 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -1,6 +1,8 @@ import * as ecr from '@aws-cdk/aws-ecr'; import * as assets from '@aws-cdk/aws-ecr-assets'; import * as iam from '@aws-cdk/aws-iam'; +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as ssm from '@aws-cdk/aws-ssm'; import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnService } from './apprunner.generated'; @@ -235,7 +237,6 @@ export interface GithubRepositoryProps { readonly connection: GitHubConnection; } - /** * Properties of the image repository for `Source.fromEcrPublic()` */ @@ -246,6 +247,7 @@ export interface EcrPublicProps { * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-imageconfiguration.html#cfn-apprunner-service-imageconfiguration-port */ readonly imageConfiguration?: ImageConfiguration; + /** * The ECR Public image URI. */ @@ -262,16 +264,19 @@ export interface EcrProps { * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-imageconfiguration.html#cfn-apprunner-service-imageconfiguration-port */ readonly imageConfiguration?: ImageConfiguration; + /** * Represents the ECR repository. */ readonly repository: ecr.IRepository; + /** * Image tag. * @default - 'latest' * @deprecated use `tagOrDigest` */ readonly tag?: string; + /** * Image tag or digest (digests must start with `sha256:`). * @default - 'latest' @@ -289,12 +294,31 @@ export interface AssetProps { * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apprunner-service-imageconfiguration.html#cfn-apprunner-service-imageconfiguration-port */ readonly imageConfiguration?: ImageConfiguration; + /** * Represents the docker image asset. */ readonly asset: assets.DockerImageAsset; } +/** + * Specify the secret's version id or version stage + */ +export interface SecretVersionInfo { + /** + * version id of the secret + * + * @default - use default version id + */ + readonly versionId?: string; + + /** + * version stage of the secret + * + * @default - use default version stage + */ + readonly versionStage?: string; +} /** * Represents the App Runner service source. @@ -306,24 +330,28 @@ export abstract class Source { public static fromGitHub(props: GithubRepositoryProps): GithubSource { return new GithubSource(props); } + /** * Source from the ECR repository. */ public static fromEcr(props: EcrProps): EcrSource { return new EcrSource(props); } + /** * Source from the ECR Public repository. */ public static fromEcrPublic(props: EcrPublicProps): EcrPublicSource { return new EcrPublicSource(props); } + /** * Source from local assets. */ public static fromAsset(props: AssetProps): AssetSource { return new AssetSource(props); } + /** * Called when the Job is initialized to allow this object to bind. */ @@ -356,6 +384,7 @@ export class GithubSource extends Source { }; } } + /** * Represents the service source from ECR. */ @@ -454,7 +483,7 @@ export interface ImageConfiguration { * * @default - no environment secrets */ - readonly environmentSecrets?: { [key: string]: string }; + readonly environmentSecrets?: { [key: string]: Secret; }; /** * An optional command that App Runner runs to start the application in the source image. @@ -705,7 +734,7 @@ export interface CodeConfigurationValues { * * @default - no environment secrets. */ - readonly environmentSecrets?: { [key: string]: string }; + readonly environmentSecrets?: { [key: string]: Secret }; /** * The command App Runner runs to start your application. @@ -728,6 +757,7 @@ export class GitHubConnection { public static fromConnectionArn(arn: string): GitHubConnection { return new GitHubConnection(arn); } + /** * The ARN of the Connection for App Runner service to connect to the repository. */ @@ -777,6 +807,74 @@ export interface IService extends cdk.IResource { readonly serviceArn: string; } +/** + * A secret environment variable. + */ +export abstract class Secret { + /** + * Creates an environment variable value from a parameter stored in AWS + * Systems Manager Parameter Store. + */ + public static fromSsmParameter(parameter: ssm.IParameter): Secret { + return { + arn: parameter.parameterArn, + grantRead: grantee => parameter.grantRead(grantee), + }; + } + + /** + * Creates a environment variable value from a secret stored in AWS Secrets + * Manager. + * + * @param secret the secret stored in AWS Secrets Manager + * @param field the name of the field with the value that you want to set as + * the environment variable value. Only values in JSON format are supported. + * If you do not specify a JSON field, then the full content of the secret is + * used. + */ + public static fromSecretsManager(secret: secretsmanager.ISecret, field?: string): Secret { + return { + arn: field ? `${secret.secretArn}:${field}::` : secret.secretArn, + hasField: !!field, + grantRead: grantee => secret.grantRead(grantee), + }; + } + + /** + * Creates a environment variable value from a secret stored in AWS Secrets + * Manager. + * + * @param secret the secret stored in AWS Secrets Manager + * @param versionInfo the version information to reference the secret + * @param field the name of the field with the value that you want to set as + * the environment variable value. Only values in JSON format are supported. + * If you do not specify a JSON field, then the full content of the secret is + * used. + */ + public static fromSecretsManagerVersion(secret: secretsmanager.ISecret, versionInfo: SecretVersionInfo, field?: string): Secret { + return { + arn: `${secret.secretArn}:${field ?? ''}:${versionInfo.versionStage ?? ''}:${versionInfo.versionId ?? ''}`, + hasField: !!field, + grantRead: grantee => secret.grantRead(grantee), + }; + } + + /** + * The ARN of the secret + */ + public abstract readonly arn: string; + + /** + * Whether this secret uses a specific JSON field + */ + public abstract readonly hasField?: boolean; + + /** + * Grants reading the secret to a principal + */ + public abstract grantRead(grantee: iam.IGrantable): iam.Grant; +} + /** * The App Runner Service. */ @@ -816,15 +914,9 @@ export class Service extends cdk.Resource { } private readonly props: ServiceProps; private accessRole?: iam.IRole; + private instanceRole?: iam.IRole; private source: SourceConfig; - // /** - // * @deprecated - Throws error in some use cases that have been enabled since this deprecation notice. Use `RestApi.urlForPath()` instead. - // */ - // public get url(): string { - // return this.restApi.urlForPath(this.path); - // } - /** * Environment variables for this service * @deprecated use environmentVariables() @@ -839,7 +931,17 @@ export class Service extends cdk.Resource { /** * Environment secrets for this service */ - private environmentSecrets?: { [key: string]: string } = {}; + private environmentSecrets?: { [key: string]: Secret; }; + + /** + * Environment variables for this service + */ + private readonly variables: EnvironmentVariable[] = [] + + /** + * Environment secrets for this service + */ + private readonly secrets: EnvironmentSecret[] = [] /** * The ARN of the Service. @@ -878,25 +980,36 @@ export class Service extends cdk.Resource { this.source = source; this.props = props; - // generate an IAM role only when ImageRepositoryType is ECR and props.role is undefined + this.environmentVariables = this.getEnvironmentVariables(); + this.environmentSecrets = this.getEnvironmentSecrets(); + + // generate an IAM role only when ImageRepositoryType is ECR and props.accessRole is undefined this.accessRole = (this.source.imageRepository?.imageRepositoryType == ImageRepositoryType.ECR) ? - this.props.accessRole ? this.props.accessRole : this.generateDefaultRole() : undefined; + this.props.accessRole ?? this.generateDefaultRole() : undefined; + + // generalte an IAM role only when environmentSecrets has values and props.instanceRole is undefined + this.instanceRole = (this.environmentSecrets && !this.props.instanceRole) ? + this.createInstanceRole() : this.props.instanceRole; - if (source.codeRepository?.codeConfiguration.configurationSource == ConfigurationSourceType.REPOSITORY && - source.codeRepository?.codeConfiguration.configurationValues) { + if (this.source.codeRepository?.codeConfiguration.configurationSource == ConfigurationSourceType.REPOSITORY && + this.source.codeRepository?.codeConfiguration.configurationValues) { throw new Error('configurationValues cannot be provided if the ConfigurationSource is Repository'); } const resource = new CfnService(this, 'Resource', { instanceConfiguration: { - cpu: props.cpu?.unit, - memory: props.memory?.unit, - instanceRoleArn: props.instanceRole?.roleArn, + cpu: this.props.cpu?.unit, + memory: this.props.memory?.unit, + instanceRoleArn: this.instanceRole?.roleArn, }, sourceConfiguration: { authenticationConfiguration: this.renderAuthenticationConfiguration(), - imageRepository: source.imageRepository ? this.renderImageRepository() : undefined, - codeRepository: source.codeRepository ? this.renderCodeConfiguration() : undefined, + imageRepository: source.imageRepository ? + this.renderImageRepository(this.source.imageRepository!) : + undefined, + codeRepository: source.codeRepository ? + this.renderCodeConfiguration(this.source.codeRepository!.codeConfiguration.configurationValues!) : + undefined, }, networkConfiguration: { egressConfiguration: { @@ -917,28 +1030,85 @@ export class Service extends cdk.Resource { this.serviceStatus = resource.attrStatus; this.serviceName = resource.ref; } + + /** + * This method adds an environment variable to the App Runner service. + */ + public addEnvironment(name: string, value: string) { + this.variables.push({ name: name, value: value }); + } + + /** + * This method adds a secret as environment variable to the App Runner service. + */ + public addSecret(name: string, secret: Secret) { + if (this.instanceRole) { + secret.grantRead(this.instanceRole); + this.secrets.push({ name: name, value: secret.arn }); + } + } + + /** + * This method generates an Instance Role. Needed if using secrets and props.instanceRole is undefined + * @returns iam.IRole + */ + private createInstanceRole(): iam.IRole { + return new iam.Role(this, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), + roleName: cdk.PhysicalName.GENERATE_IF_NEEDED, + }); + } + + /** + * This method generates an Access Role only when ImageRepositoryType is ECR and props.accessRole is undefined + * @returns iam.IRole + */ + private generateDefaultRole(): iam.Role { + const accessRole = new iam.Role(this, 'AccessRole', { + assumedBy: new iam.ServicePrincipal('build.apprunner.amazonaws.com'), + }); + accessRole.addToPrincipalPolicy(new iam.PolicyStatement({ + actions: ['ecr:GetAuthorizationToken'], + resources: ['*'], + })); + this.accessRole = accessRole; + return accessRole; + } + + private getEnvironmentVariables(): { [key: string]: string } | undefined { + return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentVariables || + this.source.codeRepository?.codeConfiguration.configurationValues?.environment || + this.source.imageRepository?.imageConfiguration?.environmentVariables || + this.source.imageRepository?.imageConfiguration?.environment; + } + + private getEnvironmentSecrets(): { [key: string]: Secret } | undefined { + return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentSecrets || + this.source.imageRepository?.imageConfiguration?.environmentSecrets; + } + private renderAuthenticationConfiguration(): AuthenticationConfiguration { return { accessRoleArn: this.accessRole?.roleArn, connectionArn: this.source.codeRepository?.connection?.connectionArn, }; } - private renderCodeConfiguration() { + + private renderCodeConfiguration(props: CodeConfigurationValues) { return { codeConfiguration: { configurationSource: this.source.codeRepository!.codeConfiguration.configurationSource, // codeConfigurationValues will be ignored if configurationSource is REPOSITORY codeConfigurationValues: this.source.codeRepository!.codeConfiguration.configurationValues ? - this.renderCodeConfigurationValues(this.source.codeRepository!.codeConfiguration.configurationValues) : undefined, + this.renderCodeConfigurationValues(props) : + undefined, }, repositoryUrl: this.source.codeRepository!.repositoryUrl, sourceCodeVersion: this.source.codeRepository!.sourceCodeVersion, }; - } + private renderCodeConfigurationValues(props: CodeConfigurationValues): any { - this.environmentVariables = props.environmentVariables; - this.environmentSecrets = props.environmentSecrets; return { port: props.port, buildCommand: props.buildCommand, @@ -948,10 +1118,8 @@ export class Service extends cdk.Resource { startCommand: props.startCommand, }; } - private renderImageRepository(): any { - const repo = this.source.imageRepository!; - this.environmentVariables = repo.imageConfiguration?.environmentVariables; - this.environmentSecrets = repo.imageConfiguration?.environmentSecrets; + + private renderImageRepository(repo: ImageRepository): any { return Object.assign(repo, { imageConfiguration: { port: repo.imageConfiguration?.port?.toString(), @@ -964,46 +1132,31 @@ export class Service extends cdk.Resource { private renderEnvironmentVariables(): EnvironmentVariable[] | undefined { if (this.environmentVariables) { - let env: EnvironmentVariable[] = []; for (const [key, value] of Object.entries(this.environmentVariables)) { if (key.startsWith('AWSAPPRUNNER')) { throw new Error(`Environment variable key ${key} with a prefix of AWSAPPRUNNER is not allowed`); } - env.push({ name: key, value: value }); + this.variables.push({ name: key, value: value }); } - return env; + return this.variables; } else { return undefined; } } private renderEnvironmentSecrets(): EnvironmentSecret[] | undefined { - if (this.environmentSecrets) { - if (!this.props.instanceRole) { - throw new Error('Instance Role have to be provided if passing in RuntimeEnvironmentSecrets'); - } - let env: EnvironmentSecret[] = []; + if (this.environmentSecrets && this.instanceRole) { for (const [key, value] of Object.entries(this.environmentSecrets)) { if (key.startsWith('AWSAPPRUNNER')) { throw new Error(`Environment secret key ${key} with a prefix of AWSAPPRUNNER is not allowed`); } - env.push({ name: key, value: value }); + + value.grantRead(this.instanceRole); + this.secrets.push({ name: key, value: value.arn }); } - return env; + return this.secrets; } else { return undefined; } } - - private generateDefaultRole(): iam.Role { - const accessRole = new iam.Role(this, 'AccessRole', { - assumedBy: new iam.ServicePrincipal('build.apprunner.amazonaws.com'), - }); - accessRole.addToPrincipalPolicy(new iam.PolicyStatement({ - actions: ['ecr:GetAuthorizationToken'], - resources: ['*'], - })); - this.accessRole = accessRole; - return accessRole; - } } diff --git a/packages/@aws-cdk/aws-apprunner/package.json b/packages/@aws-cdk/aws-apprunner/package.json index 3e8334ee2d330..e4c4e7747b193 100644 --- a/packages/@aws-cdk/aws-apprunner/package.json +++ b/packages/@aws-cdk/aws-apprunner/package.json @@ -89,6 +89,7 @@ "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", + "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/cfn2ts": "0.0.0", "@aws-cdk/core": "0.0.0", @@ -104,6 +105,7 @@ "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", + "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^10.0.0" }, @@ -113,6 +115,7 @@ "@aws-cdk/aws-ecr": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", + "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "constructs": "^10.0.0" }, diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json index 8ee77ec78e119..0d2a4279683d7 100644 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.assets.json @@ -1,7 +1,7 @@ { "version": "29.0.0", "files": { - "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2": { + "9c8d514c785fb19cbd23269b19753175ccbb3324a5998af72a0855c5dff09e83": { "source": { "path": "integ-apprunner-secrets-manager.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "objectKey": "9c8d514c785fb19cbd23269b19753175ccbb3324a5998af72a0855c5dff09e83.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json index 7da1bb5a63742..48ed28d733e26 100644 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/integ-apprunner-secrets-manager.template.json @@ -3,12 +3,20 @@ "SecretA720EF05": { "Type": "AWS::SecretsManager::Secret", "Properties": { - "SecretString": "{\"foo\":\"fooval\"}" + "SecretString": "{\"password\":\"mySecretPassword\",\"apikey\":\"mySecretApiKey\"}" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "InstanceRole3CCE2F1D": { + "String0BA8456E": { + "Type": "AWS::SSM::Parameter", + "Properties": { + "Type": "String", + "Value": "Abc123", + "Name": "/My/Public/Parameter" + } + }, + "Service8InstanceRole6CC2A03A": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { @@ -25,7 +33,7 @@ } } }, - "InstanceRoleDefaultPolicy1531605C": { + "Service8InstanceRoleDefaultPolicy7BC4087D": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyDocument": { @@ -39,14 +47,43 @@ "Resource": { "Ref": "SecretA720EF05" } + }, + { + "Action": [ + "ssm:DescribeParameters", + "ssm:GetParameter", + "ssm:GetParameterHistory", + "ssm:GetParameters" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":ssm:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":parameter/My/Public/Parameter" + ] + ] + } } ], "Version": "2012-10-17" }, - "PolicyName": "InstanceRoleDefaultPolicy1531605C", + "PolicyName": "Service8InstanceRoleDefaultPolicy7BC4087D", "Roles": [ { - "Ref": "InstanceRole3CCE2F1D" + "Ref": "Service8InstanceRole6CC2A03A" } ] } @@ -61,9 +98,54 @@ "Port": "8000", "RuntimeEnvironmentSecrets": [ { - "Name": "foo", + "Name": "PASSWORD", + "Value": { + "Fn::Join": [ + "", + [ + { + "Ref": "SecretA720EF05" + }, + ":password::" + ] + ] + } + }, + { + "Name": "PARAMETER", + "Value": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":ssm:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":parameter/My/Public/Parameter" + ] + ] + } + }, + { + "Name": "API_KEY", "Value": { - "Ref": "SecretA720EF05" + "Fn::Join": [ + "", + [ + { + "Ref": "SecretA720EF05" + }, + ":apikey::" + ] + ] } } ] @@ -75,7 +157,7 @@ "InstanceConfiguration": { "InstanceRoleArn": { "Fn::GetAtt": [ - "InstanceRole3CCE2F1D", + "Service8InstanceRole6CC2A03A", "Arn" ] } diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json index 8f4989946b879..6161ee5dd7214 100644 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9ca68c85825bc7081452c4b5a9e83bc17c984f4b1c4abe7dec694d11162e3de2.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9c8d514c785fb19cbd23269b19753175ccbb3324a5998af72a0855c5dff09e83.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -39,16 +39,22 @@ "data": "SecretA720EF05" } ], - "/integ-apprunner-secrets-manager/InstanceRole/Resource": [ + "/integ-apprunner-secrets-manager/String/Resource": [ { "type": "aws:cdk:logicalId", - "data": "InstanceRole3CCE2F1D" + "data": "String0BA8456E" } ], - "/integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource": [ + "/integ-apprunner-secrets-manager/Service8/InstanceRole/Resource": [ { "type": "aws:cdk:logicalId", - "data": "InstanceRoleDefaultPolicy1531605C" + "data": "Service8InstanceRole6CC2A03A" + } + ], + "/integ-apprunner-secrets-manager/Service8/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Service8InstanceRoleDefaultPolicy7BC4087D" } ], "/integ-apprunner-secrets-manager/Service8/Resource": [ diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json index f8df0730c31de..dea6f76b6f788 100644 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.js.snapshot/tree.json @@ -18,7 +18,7 @@ "attributes": { "aws:cdk:cloudformation:type": "AWS::SecretsManager::Secret", "aws:cdk:cloudformation:props": { - "secretString": "{\"foo\":\"fooval\"}" + "secretString": "{\"password\":\"mySecretPassword\",\"apikey\":\"mySecretApiKey\"}" } }, "constructInfo": { @@ -32,97 +32,160 @@ "version": "0.0.0" } }, - "InstanceRole": { - "id": "InstanceRole", - "path": "integ-apprunner-secrets-manager/InstanceRole", + "String": { + "id": "String", + "path": "integ-apprunner-secrets-manager/String", "children": { - "ImportInstanceRole": { - "id": "ImportInstanceRole", - "path": "integ-apprunner-secrets-manager/InstanceRole/ImportInstanceRole", - "constructInfo": { - "fqn": "@aws-cdk/core.Resource", - "version": "0.0.0" - } - }, "Resource": { "id": "Resource", - "path": "integ-apprunner-secrets-manager/InstanceRole/Resource", + "path": "integ-apprunner-secrets-manager/String/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:type": "AWS::SSM::Parameter", "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "tasks.apprunner.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - } + "type": "String", + "value": "Abc123", + "name": "/My/Public/Parameter" } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnRole", + "fqn": "@aws-cdk/aws-ssm.CfnParameter", "version": "0.0.0" } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy", + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-ssm.StringParameter", + "version": "0.0.0" + } + }, + "Parameter": { + "id": "Parameter", + "path": "integ-apprunner-secrets-manager/Parameter", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Service8": { + "id": "Service8", + "path": "integ-apprunner-secrets-manager/Service8", + "children": { + "InstanceRole": { + "id": "InstanceRole", + "path": "integ-apprunner-secrets-manager/Service8/InstanceRole", "children": { + "ImportInstanceRole": { + "id": "ImportInstanceRole", + "path": "integ-apprunner-secrets-manager/Service8/InstanceRole/ImportInstanceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, "Resource": { "id": "Resource", - "path": "integ-apprunner-secrets-manager/InstanceRole/DefaultPolicy/Resource", + "path": "integ-apprunner-secrets-manager/Service8/InstanceRole/Resource", "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:type": "AWS::IAM::Role", "aws:cdk:cloudformation:props": { - "policyDocument": { + "assumeRolePolicyDocument": { "Statement": [ { - "Action": [ - "secretsmanager:DescribeSecret", - "secretsmanager:GetSecretValue" - ], + "Action": "sts:AssumeRole", "Effect": "Allow", - "Resource": { - "Ref": "SecretA720EF05" + "Principal": { + "Service": "tasks.apprunner.amazonaws.com" } } ], "Version": "2012-10-17" - }, - "policyName": "InstanceRoleDefaultPolicy1531605C", - "roles": [ - { - "Ref": "InstanceRole3CCE2F1D" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-apprunner-secrets-manager/Service8/InstanceRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-apprunner-secrets-manager/Service8/InstanceRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": [ + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue" + ], + "Effect": "Allow", + "Resource": { + "Ref": "SecretA720EF05" + } + }, + { + "Action": [ + "ssm:DescribeParameters", + "ssm:GetParameter", + "ssm:GetParameterHistory", + "ssm:GetParameters" + ], + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":ssm:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":parameter/My/Public/Parameter" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "Service8InstanceRoleDefaultPolicy7BC4087D", + "roles": [ + { + "Ref": "Service8InstanceRole6CC2A03A" + } + ] } - ] + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "version": "0.0.0" + } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.CfnPolicy", + "fqn": "@aws-cdk/aws-iam.Policy", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Policy", + "fqn": "@aws-cdk/aws-iam.Role", "version": "0.0.0" } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/aws-iam.Role", - "version": "0.0.0" - } - }, - "Service8": { - "id": "Service8", - "path": "integ-apprunner-secrets-manager/Service8", - "children": { + }, "Resource": { "id": "Resource", "path": "integ-apprunner-secrets-manager/Service8/Resource", @@ -136,9 +199,54 @@ "port": "8000", "runtimeEnvironmentSecrets": [ { - "name": "foo", + "name": "PASSWORD", + "value": { + "Fn::Join": [ + "", + [ + { + "Ref": "SecretA720EF05" + }, + ":password::" + ] + ] + } + }, + { + "name": "PARAMETER", + "value": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":ssm:", + { + "Ref": "AWS::Region" + }, + ":", + { + "Ref": "AWS::AccountId" + }, + ":parameter/My/Public/Parameter" + ] + ] + } + }, + { + "name": "API_KEY", "value": { - "Ref": "SecretA720EF05" + "Fn::Join": [ + "", + [ + { + "Ref": "SecretA720EF05" + }, + ":apikey::" + ] + ] } } ] @@ -150,7 +258,7 @@ "instanceConfiguration": { "instanceRoleArn": { "Fn::GetAtt": [ - "InstanceRole3CCE2F1D", + "Service8InstanceRole6CC2A03A", "Arn" ] } diff --git a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts index aef440647fd80..2adc7193cfee1 100644 --- a/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts +++ b/packages/@aws-cdk/aws-apprunner/test/integ.service-secrets-manager.ts @@ -1,9 +1,8 @@ -import * as iam from '@aws-cdk/aws-iam'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as ssm from '@aws-cdk/aws-ssm'; import * as cdk from '@aws-cdk/core'; -import { SecretValue } from '@aws-cdk/core'; import * as integ from '@aws-cdk/integ-tests'; -import { Service, Source } from '../lib'; +import * as apprunner from '../lib'; const app = new cdk.App(); @@ -11,28 +10,37 @@ const stack = new cdk.Stack(app, 'integ-apprunner-secrets-manager'); // Scenario 8: Create the service from ECR public with secrets manager environment variable const secret = new secretsmanager.Secret(stack, 'Secret', { - secretObjectValue: { foo: SecretValue.unsafePlainText('fooval') }, + secretObjectValue: { + password: cdk.SecretValue.unsafePlainText('mySecretPassword'), + apikey: cdk.SecretValue.unsafePlainText('mySecretApiKey'), + }, }); -const role = new iam.Role(stack, 'InstanceRole', { - assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), +new ssm.StringParameter(stack, 'String', { + parameterName: '/My/Public/Parameter', + stringValue: 'Abc123', }); -secret.grantRead(role); +const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', { + parameterName: '/My/Public/Parameter', + version: 1, +}); -const service8 = new Service(stack, 'Service8', { - source: Source.fromEcrPublic({ +const service8 = new apprunner.Service(stack, 'Service8', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000, environmentSecrets: { - foo: secret.secretArn, + PASSWORD: apprunner.Secret.fromSecretsManager(secret, 'password'), + PARAMETER: apprunner.Secret.fromSsmParameter(parameter), }, }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), - instanceRole: role, }); +service8.addSecret('API_KEY', apprunner.Secret.fromSecretsManager(secret, 'apikey')); + new cdk.CfnOutput(stack, 'URL8', { value: `https://${service8.serviceUrl}` }); new integ.IntegTest(app, 'AppRunnerSecretsManger', { diff --git a/packages/@aws-cdk/aws-apprunner/test/service.test.ts b/packages/@aws-cdk/aws-apprunner/test/service.test.ts index 954b322eaaaa5..d4f16cd4e45cd 100644 --- a/packages/@aws-cdk/aws-apprunner/test/service.test.ts +++ b/packages/@aws-cdk/aws-apprunner/test/service.test.ts @@ -4,20 +4,24 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecr from '@aws-cdk/aws-ecr'; import * as ecr_assets from '@aws-cdk/aws-ecr-assets'; import * as iam from '@aws-cdk/aws-iam'; +import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; +import * as ssm from '@aws-cdk/aws-ssm'; import * as cdk from '@aws-cdk/core'; -import { Service, GitHubConnection, Runtime, Source, Cpu, Memory, ConfigurationSourceType, VpcConnector } from '../lib'; +import * as apprunner from '../lib'; test('create a service with ECR Public(image repository type: ECR_PUBLIC)', () => { // GIVEN const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000 }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), }); + + // THEN // we should have the service Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { SourceConfiguration: { @@ -43,19 +47,22 @@ test('custom environment variables and start commands are allowed for imageConfi const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000, environmentVariables: { - foo: 'fooval', - bar: 'barval', + TEST_ENVIRONMENT_VARIABLE: 'test environment variable value', }, startCommand: '/root/start-command.sh', }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), }); + + service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + + // THEN // we should have the service Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { SourceConfiguration: { @@ -65,12 +72,12 @@ test('custom environment variables and start commands are allowed for imageConfi Port: '8000', RuntimeEnvironmentVariables: [ { - Name: 'foo', - Value: 'fooval', + Name: 'TEST_ENVIRONMENT_VARIABLE', + Value: 'test environment variable value', }, { - Name: 'bar', - Value: 'barval', + Name: 'SECOND_ENVIRONEMENT_VARIABLE', + Value: 'second test value', }, ], StartCommand: '/root/start-command.sh', @@ -92,22 +99,31 @@ test('custom environment secrets and start commands are allowed for imageConfigu const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + const secret = new secretsmanager.Secret(stack, 'Secret'); + const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', { + parameterName: '/name', + version: 1, + }); + + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { port: 8000, environmentSecrets: { - foo: 'fooval', - bar: 'barval', + SECRET: apprunner.Secret.fromSecretsManager(secret), + PARAMETER: apprunner.Secret.fromSsmParameter(parameter), + SECRET_ID: apprunner.Secret.fromSecretsManagerVersion(secret, { versionId: 'version-id' }), + SECRET_STAGE: apprunner.Secret.fromSecretsManagerVersion(secret, { versionStage: 'version-stage' }), }, startCommand: '/root/start-command.sh', }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), - instanceRole: new iam.Role(stack, 'InstanceRole', { - assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), - }), }); + + service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field')); + + // THEN // we should have the service Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { SourceConfiguration: { @@ -117,12 +133,75 @@ test('custom environment secrets and start commands are allowed for imageConfigu Port: '8000', RuntimeEnvironmentSecrets: [ { - Name: 'foo', - Value: 'fooval', + Name: 'SECRET', + Value: { + Ref: 'SecretA720EF05', + }, + }, + { + Name: 'PARAMETER', + Value: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter/name', + ], + ], + }, }, { - Name: 'bar', - Value: 'barval', + Name: 'SECRET_ID', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + ':::version-id', + ], + ], + }, + }, + { + Name: 'SECRET_STAGE', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + '::version-stage:', + ], + ], + }, + }, + { + Name: 'LATER_SECRET', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + ':field::', + ], + ], + }, }, ], StartCommand: '/root/start-command.sh', @@ -131,14 +210,6 @@ test('custom environment secrets and start commands are allowed for imageConfigu ImageRepositoryType: 'ECR_PUBLIC', }, }, - InstanceConfiguration: { - InstanceRoleArn: { - 'Fn::GetAtt': [ - 'InstanceRole3CCE2F1D', - 'Arn', - ], - }, - }, NetworkConfiguration: { EgressConfiguration: { EgressType: 'DEFAULT', @@ -152,18 +223,21 @@ test('custom environment variables and start commands are allowed for imageConfi const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { environmentVariables: { - foo: 'fooval', - bar: 'barval', + TEST_ENVIRONMENT_VARIABLE: 'test environment variable value', }, startCommand: '/root/start-command.sh', }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), }); + + service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + + // THEN // we should have the service Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { SourceConfiguration: { @@ -172,12 +246,12 @@ test('custom environment variables and start commands are allowed for imageConfi ImageConfiguration: { RuntimeEnvironmentVariables: [ { - Name: 'foo', - Value: 'fooval', + Name: 'TEST_ENVIRONMENT_VARIABLE', + Value: 'test environment variable value', }, { - Name: 'bar', - Value: 'barval', + Name: 'SECOND_ENVIRONEMENT_VARIABLE', + Value: 'second test value', }, ], StartCommand: '/root/start-command.sh', @@ -199,21 +273,30 @@ test('custom environment secrets and start commands are allowed for imageConfigu const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + const secret = new secretsmanager.Secret(stack, 'Secret'); + const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', { + parameterName: '/name', + version: 1, + }); + + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { environmentSecrets: { - foo: 'fooval', - bar: 'barval', + SECRET: apprunner.Secret.fromSecretsManager(secret), + PARAMETER: apprunner.Secret.fromSsmParameter(parameter), + SECRET_ID: apprunner.Secret.fromSecretsManagerVersion(secret, { versionId: 'version-id' }), + SECRET_STAGE: apprunner.Secret.fromSecretsManagerVersion(secret, { versionStage: 'version-stage' }), }, startCommand: '/root/start-command.sh', }, imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), - instanceRole: new iam.Role(stack, 'InstanceRole', { - assumedBy: new iam.ServicePrincipal('tasks.apprunner.amazonaws.com'), - }), }); + + service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field')); + + // THEN // we should have the service Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { SourceConfiguration: { @@ -222,12 +305,75 @@ test('custom environment secrets and start commands are allowed for imageConfigu ImageConfiguration: { RuntimeEnvironmentSecrets: [ { - Name: 'foo', - Value: 'fooval', + Name: 'SECRET', + Value: { + Ref: 'SecretA720EF05', + }, + }, + { + Name: 'PARAMETER', + Value: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter/name', + ], + ], + }, + }, + { + Name: 'SECRET_ID', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + ':::version-id', + ], + ], + }, }, { - Name: 'bar', - Value: 'barval', + Name: 'SECRET_STAGE', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + '::version-stage:', + ], + ], + }, + }, + { + Name: 'LATER_SECRET', + Value: { + 'Fn::Join': [ + '', + [ + { + Ref: 'SecretA720EF05', + }, + ':field::', + ], + ], + }, }, ], StartCommand: '/root/start-command.sh', @@ -236,14 +382,6 @@ test('custom environment secrets and start commands are allowed for imageConfigu ImageRepositoryType: 'ECR_PUBLIC', }, }, - InstanceConfiguration: { - InstanceRoleArn: { - 'Fn::GetAtt': [ - 'InstanceRole3CCE2F1D', - 'Arn', - ], - }, - }, NetworkConfiguration: { EgressConfiguration: { EgressType: 'DEFAULT', @@ -257,8 +395,8 @@ test('create a service from existing ECR repository(image repository type: ECR)' const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'Service', { - source: Source.fromEcr({ + new apprunner.Service(stack, 'Service', { + source: apprunner.Source.fromEcr({ imageConfiguration: { port: 80 }, repository: ecr.Repository.fromRepositoryName(stack, 'NginxRepository', 'nginx'), }), @@ -333,8 +471,8 @@ test('create a service with local assets(image repository type: ECR)', () => { const dockerAsset = new ecr_assets.DockerImageAsset(stack, 'Assets', { directory: path.join(__dirname, './docker.assets'), }); - new Service(stack, 'DemoService', { - source: Source.fromAsset({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromAsset({ imageConfiguration: { port: 8000 }, asset: dockerAsset, }), @@ -391,12 +529,12 @@ test('create a service with github repository', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromGitHub({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromGitHub({ repositoryUrl: 'https://github.com/aws-containers/hello-app-runner', branch: 'main', - configurationSource: ConfigurationSourceType.REPOSITORY, - connection: GitHubConnection.fromConnectionArn('MOCK'), + configurationSource: apprunner.ConfigurationSourceType.REPOSITORY, + connection: apprunner.GitHubConnection.fromConnectionArn('MOCK'), }), }); @@ -431,15 +569,15 @@ test('create a service with github repository - undefined branch name is allowed const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromGitHub({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromGitHub({ repositoryUrl: 'https://github.com/aws-containers/hello-app-runner', - configurationSource: ConfigurationSourceType.API, + configurationSource: apprunner.ConfigurationSourceType.API, codeConfigurationValues: { - runtime: Runtime.PYTHON_3, + runtime: apprunner.Runtime.PYTHON_3, port: '8000', }, - connection: GitHubConnection.fromConnectionArn('MOCK'), + connection: apprunner.GitHubConnection.fromConnectionArn('MOCK'), }), }); @@ -478,24 +616,25 @@ test('create a service with github repository - buildCommand, environment and st const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromGitHub({ + const service = new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromGitHub({ repositoryUrl: 'https://github.com/aws-containers/hello-app-runner', - configurationSource: ConfigurationSourceType.API, + configurationSource: apprunner.ConfigurationSourceType.API, codeConfigurationValues: { - runtime: Runtime.PYTHON_3, + runtime: apprunner.Runtime.PYTHON_3, port: '8000', buildCommand: '/root/build.sh', environmentVariables: { - foo: 'fooval', - bar: 'barval', + TEST_ENVIRONMENT_VARIABLE: 'test environment variable value', }, startCommand: '/root/start.sh', }, - connection: GitHubConnection.fromConnectionArn('MOCK'), + connection: apprunner.GitHubConnection.fromConnectionArn('MOCK'), }), }); + service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + // THEN // we should have the service with the branch value as 'main' Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { @@ -511,12 +650,12 @@ test('create a service with github repository - buildCommand, environment and st BuildCommand: '/root/build.sh', RuntimeEnvironmentVariables: [ { - Name: 'foo', - Value: 'fooval', + Name: 'TEST_ENVIRONMENT_VARIABLE', + Value: 'test environment variable value', }, { - Name: 'bar', - Value: 'barval', + Name: 'SECOND_ENVIRONEMENT_VARIABLE', + Value: 'second test value', }, ], StartCommand: '/root/start.sh', @@ -544,7 +683,7 @@ test('import from service name', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - const svc = Service.fromServiceName(stack, 'ImportService', 'ExistingService'); + const svc = apprunner.Service.fromServiceName(stack, 'ImportService', 'ExistingService'); // THEN expect(svc).toHaveProperty('serviceName'); expect(svc).toHaveProperty('serviceArn'); @@ -555,7 +694,7 @@ test('import from service attributes', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - const svc = Service.fromServiceAttributes(stack, 'ImportService', { + const svc = apprunner.Service.fromServiceAttributes(stack, 'ImportService', { serviceName: 'mock', serviceArn: 'mock', serviceStatus: 'mock', @@ -574,8 +713,8 @@ test('undefined imageConfiguration port is allowed', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'Service', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'Service', { + source: apprunner.Source.fromEcrPublic({ imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), }); @@ -606,8 +745,8 @@ test('custom IAM access role and instance role are allowed', () => { const dockerAsset = new ecr_assets.DockerImageAsset(stack, 'Assets', { directory: path.join(__dirname, './docker.assets'), }); - new Service(stack, 'DemoService', { - source: Source.fromAsset({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromAsset({ asset: dockerAsset, imageConfiguration: { port: 8000 }, }), @@ -664,12 +803,12 @@ test('cpu and memory properties are allowed', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), - cpu: Cpu.ONE_VCPU, - memory: Memory.THREE_GB, + cpu: apprunner.Cpu.ONE_VCPU, + memory: apprunner.Memory.THREE_GB, }); // THEN Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { @@ -690,12 +829,12 @@ test('custom cpu and memory units are allowed', () => { const app = new cdk.App(); const stack = new cdk.Stack(app, 'demo-stack'); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), - cpu: Cpu.of('Some vCPU'), - memory: Memory.of('Some GB'), + cpu: apprunner.Cpu.of('Some vCPU'), + memory: apprunner.Memory.of('Some GB'), }); // THEN Template.fromStack(stack).hasResourceProperties('AWS::AppRunner::Service', { @@ -718,8 +857,8 @@ test('environment variable with a prefix of AWSAPPRUNNER should throw an error', // WHEN // we should have the service expect(() => { - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageConfiguration: { environmentVariables: { AWSAPPRUNNER_FOO: 'bar', @@ -731,6 +870,28 @@ test('environment variable with a prefix of AWSAPPRUNNER should throw an error', }).toThrow('Environment variable key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); }); +test('environment secrets with a prefix of AWSAPPRUNNER should throw an error', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + const secret = new secretsmanager.Secret(stack, 'Secret'); + + // WHEN + // we should have the service + expect(() => { + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + environmentSecrets: { + AWSAPPRUNNER_FOO: apprunner.Secret.fromSecretsManager(secret), + }, + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + }).toThrow('Environment secret key AWSAPPRUNNER_FOO with a prefix of AWSAPPRUNNER is not allowed'); +}); + test('specifying a vpcConnector should assign the service to it and set the egressType to VPC', () => { // GIVEN const app = new cdk.App(); @@ -742,15 +903,15 @@ test('specifying a vpcConnector should assign the service to it and set the egre const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', { vpc }); - const vpcConnector = new VpcConnector(stack, 'VpcConnector', { + const vpcConnector = new apprunner.VpcConnector(stack, 'VpcConnector', { securityGroups: [securityGroup], vpc, vpcSubnets: vpc.selectSubnets({ subnetType: ec2.SubnetType.PUBLIC }), vpcConnectorName: 'MyVpcConnector', }); // WHEN - new Service(stack, 'DemoService', { - source: Source.fromEcrPublic({ + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', }), vpcConnector, From 009680ec818bf3455ae5eecdf147ec93d148e452 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Wed, 18 Jan 2023 18:33:48 +0100 Subject: [PATCH 09/11] minor style changes and alphabetical order --- .../@aws-cdk/aws-apprunner/lib/service.ts | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index 016a01395572e..1a5a72f1e9a51 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -163,17 +163,17 @@ export class Runtime { } /** - * The environment variable for the service. + * The environment secret for the service. */ -interface EnvironmentVariable { +interface EnvironmentSecret { readonly name: string; readonly value: string; } /** - * The environment secret for the service. + * The environment variable for the service. */ -interface EnvironmentSecret { +interface EnvironmentVariable { readonly name: string; readonly value: string; } @@ -934,14 +934,14 @@ export class Service extends cdk.Resource { private environmentSecrets?: { [key: string]: Secret; }; /** - * Environment variables for this service + * Environment secrets for this service */ - private readonly variables: EnvironmentVariable[] = [] + private readonly secrets: EnvironmentSecret[] = [] /** - * Environment secrets for this service + * Environment variables for this service */ - private readonly secrets: EnvironmentSecret[] = [] + private readonly variables: EnvironmentVariable[] = [] /** * The ARN of the Service. @@ -1004,10 +1004,10 @@ export class Service extends cdk.Resource { }, sourceConfiguration: { authenticationConfiguration: this.renderAuthenticationConfiguration(), - imageRepository: source.imageRepository ? + imageRepository: this.source.imageRepository ? this.renderImageRepository(this.source.imageRepository!) : undefined, - codeRepository: source.codeRepository ? + codeRepository: this.source.codeRepository ? this.renderCodeConfiguration(this.source.codeRepository!.codeConfiguration.configurationValues!) : undefined, }, @@ -1020,8 +1020,8 @@ export class Service extends cdk.Resource { }); // grant required privileges for the role - if (source.ecrRepository && this.accessRole) { - source.ecrRepository.grantPull(this.accessRole); + if (this.source.ecrRepository && this.accessRole) { + this.source.ecrRepository.grantPull(this.accessRole); } this.serviceArn = resource.attrServiceArn; @@ -1075,6 +1075,11 @@ export class Service extends cdk.Resource { return accessRole; } + private getEnvironmentSecrets(): { [key: string]: Secret } | undefined { + return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentSecrets || + this.source.imageRepository?.imageConfiguration?.environmentSecrets; + } + private getEnvironmentVariables(): { [key: string]: string } | undefined { return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentVariables || this.source.codeRepository?.codeConfiguration.configurationValues?.environment || @@ -1082,11 +1087,6 @@ export class Service extends cdk.Resource { this.source.imageRepository?.imageConfiguration?.environment; } - private getEnvironmentSecrets(): { [key: string]: Secret } | undefined { - return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentSecrets || - this.source.imageRepository?.imageConfiguration?.environmentSecrets; - } - private renderAuthenticationConfiguration(): AuthenticationConfiguration { return { accessRoleArn: this.accessRole?.roleArn, @@ -1119,17 +1119,6 @@ export class Service extends cdk.Resource { }; } - private renderImageRepository(repo: ImageRepository): any { - return Object.assign(repo, { - imageConfiguration: { - port: repo.imageConfiguration?.port?.toString(), - startCommand: repo.imageConfiguration?.startCommand, - runtimeEnvironmentVariables: this.renderEnvironmentVariables(), - runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), - }, - }); - } - private renderEnvironmentVariables(): EnvironmentVariable[] | undefined { if (this.environmentVariables) { for (const [key, value] of Object.entries(this.environmentVariables)) { @@ -1159,4 +1148,15 @@ export class Service extends cdk.Resource { return undefined; } } + + private renderImageRepository(repo: ImageRepository): any { + return Object.assign(repo, { + imageConfiguration: { + port: repo.imageConfiguration?.port?.toString(), + startCommand: repo.imageConfiguration?.startCommand, + runtimeEnvironmentVariables: this.renderEnvironmentVariables(), + runtimeEnvironmentSecrets: this.renderEnvironmentSecrets(), + }, + }); + } } From 5b43e3d54ac52605e3e7e3d04e836743b7d092b9 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Thu, 19 Jan 2023 09:22:30 +0100 Subject: [PATCH 10/11] hotfix: addSecret method should create the instance Role if not provided before --- packages/@aws-cdk/aws-apprunner/lib/service.ts | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index 1a5a72f1e9a51..42ea583e850c1 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -1042,10 +1042,11 @@ export class Service extends cdk.Resource { * This method adds a secret as environment variable to the App Runner service. */ public addSecret(name: string, secret: Secret) { - if (this.instanceRole) { - secret.grantRead(this.instanceRole); - this.secrets.push({ name: name, value: secret.arn }); + if (!this.instanceRole) { + this.instanceRole = this.createInstanceRole(); } + secret.grantRead(this.instanceRole); + this.secrets.push({ name: name, value: secret.arn }); } /** From e37e541097bff2bdb2758f7e6dea8e234625bd68 Mon Sep 17 00:00:00 2001 From: Lizaga Anadon Date: Thu, 19 Jan 2023 12:55:29 +0100 Subject: [PATCH 11/11] fix comments --- .../@aws-cdk/aws-apprunner/lib/service.ts | 62 ++++++++++++------- .../aws-apprunner/test/service.test.ts | 28 ++++++++- 2 files changed, 64 insertions(+), 26 deletions(-) diff --git a/packages/@aws-cdk/aws-apprunner/lib/service.ts b/packages/@aws-cdk/aws-apprunner/lib/service.ts index 42ea583e850c1..4ab5553ad0442 100644 --- a/packages/@aws-cdk/aws-apprunner/lib/service.ts +++ b/packages/@aws-cdk/aws-apprunner/lib/service.ts @@ -467,9 +467,9 @@ export interface ImageConfiguration { * Environment variables that are available to your running App Runner service. * * @default - no environment variables - * @deprecated use environmentVariables() + * @deprecated use environmentVariables. */ - readonly environment?: { [key: string]: string }; + readonly environment?: { [key: string]: string } /** * Environment variables that are available to your running App Runner service. @@ -718,7 +718,7 @@ export interface CodeConfigurationValues { * The environment variables that are available to your running App Runner service. * * @default - no environment variables. - * @deprecated use environmentVariables() + * @deprecated use environmentVariables. */ readonly environment?: { [key: string]: string }; @@ -918,28 +918,29 @@ export class Service extends cdk.Resource { private source: SourceConfig; /** - * Environment variables for this service - * @deprecated use environmentVariables() + * Environment variables for this service. + * + * @deprecated use environmentVariables. */ - readonly environment?: { [key: string]: string } = {}; + readonly environment: { [key: string]: string } = {}; /** - * Environment variables for this service + * Environment variables for this service. */ - private environmentVariables?: { [key: string]: string } = {}; + private environmentVariables: { [key: string]: string } = {}; /** - * Environment secrets for this service + * Environment secrets for this service. */ - private environmentSecrets?: { [key: string]: Secret; }; + private environmentSecrets: { [key: string]: Secret; } = {}; /** - * Environment secrets for this service + * Environment secrets for this service. */ private readonly secrets: EnvironmentSecret[] = [] /** - * Environment variables for this service + * Environment variables for this service. */ private readonly variables: EnvironmentVariable[] = [] @@ -988,7 +989,7 @@ export class Service extends cdk.Resource { this.props.accessRole ?? this.generateDefaultRole() : undefined; // generalte an IAM role only when environmentSecrets has values and props.instanceRole is undefined - this.instanceRole = (this.environmentSecrets && !this.props.instanceRole) ? + this.instanceRole = (Object.keys(this.environmentSecrets).length > 0 && !this.props.instanceRole) ? this.createInstanceRole() : this.props.instanceRole; if (this.source.codeRepository?.codeConfiguration.configurationSource == ConfigurationSourceType.REPOSITORY && @@ -1034,7 +1035,7 @@ export class Service extends cdk.Resource { /** * This method adds an environment variable to the App Runner service. */ - public addEnvironment(name: string, value: string) { + public addEnvironmentVariable(name: string, value: string) { this.variables.push({ name: name, value: value }); } @@ -1076,16 +1077,31 @@ export class Service extends cdk.Resource { return accessRole; } - private getEnvironmentSecrets(): { [key: string]: Secret } | undefined { - return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentSecrets || + private getEnvironmentSecrets(): { [key: string]: Secret } { + let secrets = this.source.codeRepository?.codeConfiguration.configurationValues?.environmentSecrets ?? this.source.imageRepository?.imageConfiguration?.environmentSecrets; + + return secrets || {}; } - private getEnvironmentVariables(): { [key: string]: string } | undefined { - return this.source.codeRepository?.codeConfiguration.configurationValues?.environmentVariables || - this.source.codeRepository?.codeConfiguration.configurationValues?.environment || - this.source.imageRepository?.imageConfiguration?.environmentVariables || - this.source.imageRepository?.imageConfiguration?.environment; + private getEnvironmentVariables(): { [key: string]: string } { + let codeEnv = [ + this.source.codeRepository?.codeConfiguration.configurationValues?.environmentVariables, + this.source.codeRepository?.codeConfiguration.configurationValues?.environment, + ]; + let imageEnv = [ + this.source.imageRepository?.imageConfiguration?.environmentVariables, + this.source.imageRepository?.imageConfiguration?.environment, + ]; + + if (codeEnv.every(el => el !== undefined) || imageEnv.every(el => el !== undefined)) { + throw new Error([ + 'You cannot set both \'environmentVariables\' and \'environment\' properties.', + 'Please only use environmentVariables, as environment is deprecated.', + ].join(' ')); + } + + return codeEnv.find(el => el !== undefined) || imageEnv.find(el => el !== undefined) || {}; } private renderAuthenticationConfiguration(): AuthenticationConfiguration { @@ -1121,7 +1137,7 @@ export class Service extends cdk.Resource { } private renderEnvironmentVariables(): EnvironmentVariable[] | undefined { - if (this.environmentVariables) { + if (Object.keys(this.environmentVariables).length > 0) { for (const [key, value] of Object.entries(this.environmentVariables)) { if (key.startsWith('AWSAPPRUNNER')) { throw new Error(`Environment variable key ${key} with a prefix of AWSAPPRUNNER is not allowed`); @@ -1135,7 +1151,7 @@ export class Service extends cdk.Resource { } private renderEnvironmentSecrets(): EnvironmentSecret[] | undefined { - if (this.environmentSecrets && this.instanceRole) { + if (Object.keys(this.environmentSecrets).length > 0 && this.instanceRole) { for (const [key, value] of Object.entries(this.environmentSecrets)) { if (key.startsWith('AWSAPPRUNNER')) { throw new Error(`Environment secret key ${key} with a prefix of AWSAPPRUNNER is not allowed`); diff --git a/packages/@aws-cdk/aws-apprunner/test/service.test.ts b/packages/@aws-cdk/aws-apprunner/test/service.test.ts index d4f16cd4e45cd..a5e4604278194 100644 --- a/packages/@aws-cdk/aws-apprunner/test/service.test.ts +++ b/packages/@aws-cdk/aws-apprunner/test/service.test.ts @@ -6,6 +6,7 @@ import * as ecr_assets from '@aws-cdk/aws-ecr-assets'; import * as iam from '@aws-cdk/aws-iam'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; import * as ssm from '@aws-cdk/aws-ssm'; +import { testDeprecated } from '@aws-cdk/cdk-build-tools'; import * as cdk from '@aws-cdk/core'; import * as apprunner from '../lib'; @@ -60,7 +61,7 @@ test('custom environment variables and start commands are allowed for imageConfi }), }); - service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + service.addEnvironmentVariable('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); // THEN // we should have the service @@ -235,7 +236,7 @@ test('custom environment variables and start commands are allowed for imageConfi }), }); - service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + service.addEnvironmentVariable('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); // THEN // we should have the service @@ -633,7 +634,7 @@ test('create a service with github repository - buildCommand, environment and st }), }); - service.addEnvironment('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); + service.addEnvironmentVariable('SECOND_ENVIRONEMENT_VARIABLE', 'second test value'); // THEN // we should have the service with the branch value as 'main' @@ -950,4 +951,25 @@ test('specifying a vpcConnector should assign the service to it and set the egre ], VpcConnectorName: 'MyVpcConnector', }); +}); + +testDeprecated('Using both environmentVariables and environment should throw an error', () => { + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'demo-stack'); + + expect(() => { + new apprunner.Service(stack, 'DemoService', { + source: apprunner.Source.fromEcrPublic({ + imageConfiguration: { + environmentVariables: { + AWSAPPRUNNER_FOO: 'bar', + }, + environment: { + AWSAPPRUNNER_FOO: 'bar', + }, + }, + imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest', + }), + }); + }).toThrow(/You cannot set both \'environmentVariables\' and \'environment\' properties./); }); \ No newline at end of file