diff --git a/.github/workflows/auto-approve-v2-merge-forward.yml b/.github/workflows/auto-approve-v2-merge-forward.yml index 96dd3d0837e6e..f05cd6753316c 100644 --- a/.github/workflows/auto-approve-v2-merge-forward.yml +++ b/.github/workflows/auto-approve-v2-merge-forward.yml @@ -1,7 +1,7 @@ # Automatically approve PRs that merge master forward to v2-main # # Only does approvals! mergify takes care of the actual merge. -name: Auto-approve forward merges onto v2-main +name: Auto-approve automated PRs around CDK v2 on: pull_request: types: @@ -21,6 +21,6 @@ jobs: if: > github.event.pull_request.user.login == 'aws-cdk-automation' && github.event.pull_request.base.ref == 'v2-main' - && contains(github.event.pull_request.labels.*.name, 'pr/forward-merge') + && contains(github.event.pull_request.labels.*.name, 'pr/auto-approve') with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.yarnrc b/.yarnrc index 591e9c3d57b96..46241e3f5e5bc 100644 --- a/.yarnrc +++ b/.yarnrc @@ -1 +1,2 @@ --install.check-files true # install will verify file tree of packages for consistency +ignore-engines true # the 'engines' key for 'aws-cdk-lib' has specifies node14 as min while v1 will remain at node10 diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f5ba6592ea70..731ddcf6c5e4f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,57 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.85.0](https://github.com/aws/aws-cdk/compare/v1.84.0...v1.85.0) (2021-01-14) + +* **s3-deployment**: This version includes an important update, please upgrade to prevent deployment failure. This is in prepartion of Lambda deprecation of the request module in boto, more details are available in [AWS blog](https://aws.amazon.com/blogs/compute/upcoming-changes-to-the-python-sdk-in-aws-lambda/). Note, users of versions < `1.81.0` will not be impacted by this deprecation, but are still encouraged to upgrade to the latest version. + +### Features + +* **apigatewayv2:** http api - disable execute api endpoint ([#12426](https://github.com/aws/aws-cdk/issues/12426)) ([1724da7](https://github.com/aws/aws-cdk/commit/1724da758666ec92f7b923c899d2f2f439083ba2)), closes [#12241](https://github.com/aws/aws-cdk/issues/12241) +* **appmesh:** add listener TLS certificates for VirtualNodes and VirtualGateways ([#11863](https://github.com/aws/aws-cdk/issues/11863)) ([175a257](https://github.com/aws/aws-cdk/commit/175a2570465d484aa0a73a7bded34e686da493ed)), closes [#10051](https://github.com/aws/aws-cdk/issues/10051) +* **cfnspec:** CloudFormation resource specification update to v23.0.0 ([#12490](https://github.com/aws/aws-cdk/issues/12490)) ([a7a2236](https://github.com/aws/aws-cdk/commit/a7a2236367f8f01b00b6d90f1d3fe7bf674b1aee)) + + +### Bug Fixes + +* **appsync:** rds data source configured with cluster arn ([#12255](https://github.com/aws/aws-cdk/issues/12255)) ([d0305f3](https://github.com/aws/aws-cdk/commit/d0305f33da41ce1f07a5d571eb21c0ee9ea852d0)), closes [#11536](https://github.com/aws/aws-cdk/issues/11536) +* **aws-ecs:** Support configuring Windows capacity for cluster ASGs ([#12365](https://github.com/aws/aws-cdk/issues/12365)) ([6d9a0f1](https://github.com/aws/aws-cdk/commit/6d9a0f1ea0c05e7902ccca4d0fc4040e688846e5)) +* **eks:** aws-node-termination-handler incorrectly deployed to on-demand instances as well ([#12369](https://github.com/aws/aws-cdk/issues/12369)) ([05c0b5f](https://github.com/aws/aws-cdk/commit/05c0b5f5a31c3fe89c47c6db8d9051f7165641a9)), closes [#12368](https://github.com/aws/aws-cdk/issues/12368) +* **s3:** Bucket.grantWrite() no longer adds s3:PutObject* permission ([#12391](https://github.com/aws/aws-cdk/issues/12391)) ([cd437cf](https://github.com/aws/aws-cdk/commit/cd437cf630266086a3ddf9e326f215b5d1acdfd7)) +* **s3-deployment:** stop using deprecated API's that will cause breakage post 01/31/21 ([#12491](https://github.com/aws/aws-cdk/issues/12491)) ([f50f928](https://github.com/aws/aws-cdk/commit/f50f92880bbc219c331c858eaace712e0757507d)) +* **sns:** require topic name for fifo topic [#12386](https://github.com/aws/aws-cdk/issues/12386) ([#12437](https://github.com/aws/aws-cdk/issues/12437)) ([37d8ccc](https://github.com/aws/aws-cdk/commit/37d8ccc763f532999bc9f114264f3d29725b0f28)) + +## [1.84.0](https://github.com/aws/aws-cdk/compare/v1.83.0...v1.84.0) (2021-01-12) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **apigatewayv2:** `subnets` prop in `VpcLink` resource now takes `SubnetSelection` instead of `ISubnet[]` + +### Features + +* **aws-lambda-nodejs:** add esbuild `define` bundling option ([#12424](https://github.com/aws/aws-cdk/issues/12424)) ([581f6af](https://github.com/aws/aws-cdk/commit/581f6af3d1f71737ca93b6ecb9b004bdade149a8)), closes [#12423](https://github.com/aws/aws-cdk/issues/12423) +* **cdk-assets:** add external asset support ([#12259](https://github.com/aws/aws-cdk/issues/12259)) ([05a9980](https://github.com/aws/aws-cdk/commit/05a998065b3333854715c456b20b7cc5d5daac67)) +* **cli:** `--quiet` does not print template in `cdk synth` ([#12178](https://github.com/aws/aws-cdk/issues/12178)) ([74458a0](https://github.com/aws/aws-cdk/commit/74458a0e9eebce4ee254673aad8933d39588d843)), closes [#11970](https://github.com/aws/aws-cdk/issues/11970) +* **codebuild:** support Standard 5.0 ([#12434](https://github.com/aws/aws-cdk/issues/12434)) ([422dc8e](https://github.com/aws/aws-cdk/commit/422dc8e9d50105af4e710d409a4f301079d43f3f)), closes [#12433](https://github.com/aws/aws-cdk/issues/12433) +* **core:** validate maximum amount of resources in a stack ([#12193](https://github.com/aws/aws-cdk/issues/12193)) ([26121c8](https://github.com/aws/aws-cdk/commit/26121c81abf0fb92de97567c758a1ecf60f85f63)), closes [#276](https://github.com/aws/aws-cdk/issues/276) +* **eks:** spot interruption handler can be disabled for self managed nodes ([#12453](https://github.com/aws/aws-cdk/issues/12453)) ([6ac1f4f](https://github.com/aws/aws-cdk/commit/6ac1f4fdef5853785d8e57652ec4c4e1d770844d)), closes [#12451](https://github.com/aws/aws-cdk/issues/12451) +* **synthetics:** Update Cloudwatch Synthetics canaries NodeJS runtimes ([#11866](https://github.com/aws/aws-cdk/issues/11866)) ([4f6e377](https://github.com/aws/aws-cdk/commit/4f6e377ae3f35c3fa010e1597c3d71ef6e6e9a04)), closes [#11870](https://github.com/aws/aws-cdk/issues/11870) + + +### Bug Fixes + +* **apigatewayv2:** vpclink - explicit subnet specification still causes private subnets to be included ([#12401](https://github.com/aws/aws-cdk/issues/12401)) ([336a58f](https://github.com/aws/aws-cdk/commit/336a58f06a3b3a9f5db2a79350f8721244767e3b)), closes [#12083](https://github.com/aws/aws-cdk/issues/12083) +* **cli:** CLI doesn't read context from ~/.cdk.json ([#12394](https://github.com/aws/aws-cdk/issues/12394)) ([2389a9b](https://github.com/aws/aws-cdk/commit/2389a9b5742583f1d58c66a4f513ee4d833baab5)), closes [#10823](https://github.com/aws/aws-cdk/issues/10823) [#4802](https://github.com/aws/aws-cdk/issues/4802) +* **core:** DefaultStackSynthesizer bucket prefix missing for template assets ([#11855](https://github.com/aws/aws-cdk/issues/11855)) ([50a3d3a](https://github.com/aws/aws-cdk/commit/50a3d3acf3e413d9b4e51197d2be4ea1349c0955)), closes [#10710](https://github.com/aws/aws-cdk/issues/10710) [#11327](https://github.com/aws/aws-cdk/issues/11327) +* **dynamodb:** missing grantRead for ConditionCheckItem ([#12313](https://github.com/aws/aws-cdk/issues/12313)) ([e157007](https://github.com/aws/aws-cdk/commit/e1570072440b07b6b82219c1a4371386c541fb1c)) +* **ec2:** interface endpoint AZ lookup does not guard against broken situations ([#12033](https://github.com/aws/aws-cdk/issues/12033)) ([80f0bfd](https://github.com/aws/aws-cdk/commit/80f0bfd167430a015e71b00506e0ecc280068e86)) +* **eks:** nodegroup synthesis fails when configured with an AMI type that is not compatible to the default instance type ([#12441](https://github.com/aws/aws-cdk/issues/12441)) ([5f6f0f9](https://github.com/aws/aws-cdk/commit/5f6f0f9d46dbd460ac03dd5f9f4874eaa41611d8)), closes [#12389](https://github.com/aws/aws-cdk/issues/12389) +* **elasticsearch:** domain fails due to log publishing keys on unsupported cluster versions ([#11622](https://github.com/aws/aws-cdk/issues/11622)) ([e6bb96f](https://github.com/aws/aws-cdk/commit/e6bb96ff6bae96e3167c82f6de97807217ddb3be)) +* **elbv2:** can't import two application listeners into the same scope ([#12373](https://github.com/aws/aws-cdk/issues/12373)) ([6534dcf](https://github.com/aws/aws-cdk/commit/6534dcf3e04a55f5c6d28203192cbbddb5d119e6)), closes [#12132](https://github.com/aws/aws-cdk/issues/12132) +* **logs:** custom resource Lambda uses old NodeJS version ([#12228](https://github.com/aws/aws-cdk/issues/12228)) ([29c4943](https://github.com/aws/aws-cdk/commit/29c4943466f4a911f65a2a13cf9e776ade9b8dfe)) +* **stepfunctions-tasks:** EvaluateExpression does not support JSON paths with dash ([#12248](https://github.com/aws/aws-cdk/issues/12248)) ([da1ed08](https://github.com/aws/aws-cdk/commit/da1ed08a6a2de584f5ddf43dab4efbb530541419)), closes [#12221](https://github.com/aws/aws-cdk/issues/12221) + ## [1.83.0](https://github.com/aws/aws-cdk/compare/v1.82.0...v1.83.0) (2021-01-06) diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt index 9120903b01912..2ca2ca5b6067f 100644 --- a/allowed-breaking-changes.txt +++ b/allowed-breaking-changes.txt @@ -52,3 +52,7 @@ incompatible-argument:@aws-cdk/aws-ecs.FargateTaskDefinition. incompatible-argument:@aws-cdk/aws-ecs.FargateTaskDefinition.addVolume incompatible-argument:@aws-cdk/aws-ecs.TaskDefinition. incompatible-argument:@aws-cdk/aws-ecs.TaskDefinition.addVolume + +# We made properties optional and it's really fine but our differ doesn't think so. +weakened:@aws-cdk/cloud-assembly-schema.DockerImageSource +weakened:@aws-cdk/cloud-assembly-schema.FileSource diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/cloudwatch-agent.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/cloudwatch-agent.ts index a6d6bd19e49c8..b4bbd4286ae9f 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/cloudwatch-agent.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/cloudwatch-agent.ts @@ -70,4 +70,4 @@ export class CloudwatchAgentExtension extends ServiceExtension { }); } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/container.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/container.ts index 3ae65bfe6994b..0635c24c6f759 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/container.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/container.ts @@ -1,5 +1,5 @@ import * as ecs from '@aws-cdk/aws-ecs'; -import * as cdk from '@aws-cdk/core'; +import { Construct } from 'constructs'; import { Service } from '../service'; import { ServiceExtension } from './extension-interfaces'; @@ -59,7 +59,7 @@ export class Container extends ServiceExtension { } // @ts-ignore - Ignore unused params that are required for abstract class extend - public prehook(service: Service, scope: cdk.Construct) { + public prehook(service: Service, scope: Construct) { this.parentService = service; } @@ -142,4 +142,4 @@ export class Container extends ServiceExtension { }); } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/xray.ts b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/xray.ts index 3ba344f4133d8..652d6a5dd8b7d 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/xray.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/lib/extensions/xray.ts @@ -1,6 +1,7 @@ import * as ecs from '@aws-cdk/aws-ecs'; import * as iam from '@aws-cdk/aws-iam'; import * as cdk from '@aws-cdk/core'; +import { Construct } from 'constructs'; import { Service } from '../service'; import { ServiceExtension } from './extension-interfaces'; @@ -17,7 +18,7 @@ export class XRayExtension extends ServiceExtension { } // @ts-ignore - Ignore unused params that are required for abstract class extend - public prehook(service: Service, scope: cdk.Construct) { + public prehook(service: Service, scope: Construct) { this.parentService = service; } diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/package.json b/packages/@aws-cdk-containers/ecs-service-extensions/package.json index eea2d3553aa45..4b2e3f0a2de28 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/package.json +++ b/packages/@aws-cdk-containers/ecs-service-extensions/package.json @@ -95,7 +95,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awscdkio": { "announce": false diff --git a/packages/@aws-cdk/alexa-ask/README.md b/packages/@aws-cdk/alexa-ask/README.md index 125b909867ec7..766afeef6d3cd 100644 --- a/packages/@aws-cdk/alexa-ask/README.md +++ b/packages/@aws-cdk/alexa-ask/README.md @@ -9,14 +9,6 @@ > > [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. - --- diff --git a/packages/@aws-cdk/alexa-ask/package.json b/packages/@aws-cdk/alexa-ask/package.json index 7758e78a06c8a..b14e11df91d8e 100644 --- a/packages/@aws-cdk/alexa-ask/package.json +++ b/packages/@aws-cdk/alexa-ask/package.json @@ -89,10 +89,10 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", - "maturity": "experimental", + "maturity": "cfn-only", "awscdkio": { "announce": false } diff --git a/packages/@aws-cdk/app-delivery/package.json b/packages/@aws-cdk/app-delivery/package.json index 50ec9c01b73cf..929246d143257 100644 --- a/packages/@aws-cdk/app-delivery/package.json +++ b/packages/@aws-cdk/app-delivery/package.json @@ -98,7 +98,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "deprecated", "maturity": "deprecated", diff --git a/packages/@aws-cdk/assert/package.json b/packages/@aws-cdk/assert/package.json index c2444a9ede633..c5178d691e66a 100644 --- a/packages/@aws-cdk/assert/package.json +++ b/packages/@aws-cdk/assert/package.json @@ -51,7 +51,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/assets/package.json b/packages/@aws-cdk/assets/package.json index b1791d6fa0963..7c2d554666f99 100644 --- a/packages/@aws-cdk/assets/package.json +++ b/packages/@aws-cdk/assets/package.json @@ -93,7 +93,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "deprecated", "maturity": "deprecated", diff --git a/packages/@aws-cdk/aws-accessanalyzer/package.json b/packages/@aws-cdk/aws-accessanalyzer/package.json index 5d1c39ee62e43..f71b75a9da62d 100644 --- a/packages/@aws-cdk/aws-accessanalyzer/package.json +++ b/packages/@aws-cdk/aws-accessanalyzer/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-acmpca/README.md b/packages/@aws-cdk/aws-acmpca/README.md index fd3c39c9f5e4c..04d167836539c 100644 --- a/packages/@aws-cdk/aws-acmpca/README.md +++ b/packages/@aws-cdk/aws-acmpca/README.md @@ -9,6 +9,14 @@ > > [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib +![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) + +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. + --- diff --git a/packages/@aws-cdk/aws-acmpca/package.json b/packages/@aws-cdk/aws-acmpca/package.json index 5422e74d07d87..d462cce372238 100644 --- a/packages/@aws-cdk/aws-acmpca/package.json +++ b/packages/@aws-cdk/aws-acmpca/package.json @@ -90,10 +90,10 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", - "maturity": "cfn-only", + "maturity": "experimental", "awscdkio": { "announce": false } diff --git a/packages/@aws-cdk/aws-amazonmq/package.json b/packages/@aws-cdk/aws-amazonmq/package.json index 9676bb176e4f2..9402b6afcc479 100644 --- a/packages/@aws-cdk/aws-amazonmq/package.json +++ b/packages/@aws-cdk/aws-amazonmq/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-amplify/package.json b/packages/@aws-cdk/aws-amplify/package.json index 1fd6faa048cb4..49f6496d7ae0f 100644 --- a/packages/@aws-cdk/aws-amplify/package.json +++ b/packages/@aws-cdk/aws-amplify/package.json @@ -101,7 +101,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-apigateway/package.json b/packages/@aws-cdk/aws-apigateway/package.json index 109bb8bbf704a..976a0d8cad79f 100644 --- a/packages/@aws-cdk/aws-apigateway/package.json +++ b/packages/@aws-cdk/aws-apigateway/package.json @@ -112,7 +112,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "nyc": { "exclude": [ diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json index 49b9cbb3cd2ae..70cd006b9282b 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json @@ -100,7 +100,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-apigatewayv2/README.md b/packages/@aws-cdk/aws-apigatewayv2/README.md index 297ec5ce2bfdb..1fda5a731ff40 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2/README.md @@ -95,7 +95,13 @@ httpApi.addRoutes({ }); ``` -The URL to the endpoint can be retrieved via the `apiEndpoint` attribute. +The URL to the endpoint can be retrieved via the `apiEndpoint` attribute. By default this URL is enabled for clients. Use `disableExecuteApiEndpoint` to disable it. + +```ts +const httpApi = new HttpApi(stack, 'HttpApi', { + disableExecuteApiEndpoint: true, +}); +``` The `defaultIntegration` option while defining HTTP APIs lets you create a default catch-all integration that is matched when a client reaches a route that is not explicitly defined. diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts index cc2e646443f0e..5ced1f20f18a0 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts @@ -128,6 +128,15 @@ export interface HttpApiProps { * @default - no default domain mapping configured. meaningless if `createDefaultStage` is `false`. */ readonly defaultDomainMapping?: DefaultDomainMappingOptions; + + /** + * Specifies whether clients can invoke your API using the default endpoint. + * By default, clients can invoke your API with the default + * `https://{api_id}.execute-api.{region}.amazonaws.com` endpoint. Enable + * this if you would like clients to use your custom domain name. + * @default false execute-api endpoint enabled. + */ + readonly disableExecuteApiEndpoint?: boolean; } /** @@ -283,17 +292,24 @@ export class HttpApi extends HttpApiBase { */ public readonly httpApiName?: string; public readonly httpApiId: string; - public readonly apiEndpoint: string; + + /** + * Specifies whether clients can invoke this HTTP API by using the default execute-api endpoint. + */ + public readonly disableExecuteApiEndpoint?: boolean; /** * default stage of the api resource */ public readonly defaultStage: HttpStage | undefined; + private readonly _apiEndpoint: string; + constructor(scope: Construct, id: string, props?: HttpApiProps) { super(scope, id); this.httpApiName = props?.apiName ?? id; + this.disableExecuteApiEndpoint = props?.disableExecuteApiEndpoint; let corsConfiguration: CfnApi.CorsProperty | undefined; if (props?.corsPreflight) { @@ -324,11 +340,12 @@ export class HttpApi extends HttpApiBase { protocolType: 'HTTP', corsConfiguration, description: props?.description, + disableExecuteApiEndpoint: this.disableExecuteApiEndpoint, }; const resource = new CfnApi(this, 'Resource', apiProps); this.httpApiId = resource.ref; - this.apiEndpoint = resource.attrApiEndpoint; + this._apiEndpoint = resource.attrApiEndpoint; if (props?.defaultIntegration) { new HttpRoute(this, 'DefaultRoute', { @@ -357,6 +374,16 @@ export class HttpApi extends HttpApiBase { } } + /** + * Get the default endpoint for this API. + */ + public get apiEndpoint(): string { + if (this.disableExecuteApiEndpoint) { + throw new Error('apiEndpoint is not accessible when disableExecuteApiEndpoint is set to true.'); + } + return this._apiEndpoint; + } + /** * Get the URL to the default stage of this API. * Returns `undefined` if `createDefaultStage` is unset. diff --git a/packages/@aws-cdk/aws-apigatewayv2/package.json b/packages/@aws-cdk/aws-apigatewayv2/package.json index 2273b4773d06f..47d08c5f18ce5 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2/package.json @@ -102,7 +102,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts index b061f613f4ca3..70bc45000ddec 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts @@ -215,6 +215,19 @@ describe('HttpApi', () => { }); }); + test('disableExecuteApiEndpoint is enabled', () => { + const stack = new Stack(); + new HttpApi(stack, 'api', { + disableExecuteApiEndpoint: true, + }); + + expect(stack).toHaveResource('AWS::ApiGatewayV2::Api', { + Name: 'api', + ProtocolType: 'HTTP', + DisableExecuteApiEndpoint: true, + }); + }); + test('can add a vpc links', () => { // GIVEN const stack = new Stack(); @@ -261,6 +274,17 @@ describe('HttpApi', () => { expect(api.apiEndpoint).toBeDefined(); }); + test('throws when accessing apiEndpoint and disableExecuteApiEndpoint is true', () => { + const stack = new Stack(); + const api = new HttpApi(stack, 'api', { + disableExecuteApiEndpoint: true, + }); + + expect(() => api.apiEndpoint).toThrow( + /apiEndpoint is not accessible when disableExecuteApiEndpoint is set to true./, + ); + }); + test('apiEndpoint for imported', () => { const stack = new Stack(); const api = HttpApi.fromHttpApiAttributes(stack, 'imported', { httpApiId: 'api-1234' }); diff --git a/packages/@aws-cdk/aws-appconfig/package.json b/packages/@aws-cdk/aws-appconfig/package.json index 2b53f982ac627..a5a4ff2cffeaf 100644 --- a/packages/@aws-cdk/aws-appconfig/package.json +++ b/packages/@aws-cdk/aws-appconfig/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-appflow/package.json b/packages/@aws-cdk/aws-appflow/package.json index 77ecabd32dfc7..c4c9e0656ece7 100644 --- a/packages/@aws-cdk/aws-appflow/package.json +++ b/packages/@aws-cdk/aws-appflow/package.json @@ -87,7 +87,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-applicationautoscaling/lib/step-scaling-policy.ts b/packages/@aws-cdk/aws-applicationautoscaling/lib/step-scaling-policy.ts index 1949e53f771e2..092609125e70f 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/lib/step-scaling-policy.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/lib/step-scaling-policy.ts @@ -57,7 +57,7 @@ export interface StepScalingPolicyProps extends BasicStepScalingPolicyProps { } /** - * Define a acaling strategy which scales depending on absolute values of some metric. + * Define a scaling strategy which scales depending on absolute values of some metric. * * You can specify the scaling behavior for various values of the metric. * diff --git a/packages/@aws-cdk/aws-applicationautoscaling/package.json b/packages/@aws-cdk/aws-applicationautoscaling/package.json index a05d2c8d7a96b..9fdb2bc837af4 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/package.json +++ b/packages/@aws-cdk/aws-applicationautoscaling/package.json @@ -97,7 +97,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "nyc": { "branches": 65, diff --git a/packages/@aws-cdk/aws-applicationinsights/package.json b/packages/@aws-cdk/aws-applicationinsights/package.json index 046e2e03399c8..143f9273c9f58 100644 --- a/packages/@aws-cdk/aws-applicationinsights/package.json +++ b/packages/@aws-cdk/aws-applicationinsights/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-appmesh/README.md b/packages/@aws-cdk/aws-appmesh/README.md index 9a4fcddf386cc..2253b12d2987d 100644 --- a/packages/@aws-cdk/aws-appmesh/README.md +++ b/packages/@aws-cdk/aws-appmesh/README.md @@ -241,6 +241,44 @@ The `backends` property can be added with `node.addBackend()`. We define a virtu The `backendsDefaultClientPolicy` property are added to the node while creating the virtual node. These are virtual node's service backends client policy defaults. +## Adding TLS to a listener + +The `tlsCertificate` property can be added to a Virtual Node listener or Virtual Gateway listener to add TLS configuration. +A certificate from AWS Certificate Manager can be incorporated or a customer provided certificate can be specified with a `certificateChain` path file and a `privateKey` file path. + +```typescript +import * as certificatemanager from '@aws-cdk/aws-certificatemanager'; + +// A Virtual Node with listener TLS from an ACM provided certificate +const cert = new certificatemanager.Certificate(this, 'cert', {...}); + +const node = new appmesh.VirtualNode(stack, 'node', { + mesh, + dnsHostName: 'node', + listeners: [appmesh.VirtualNodeListener.grpc({ + port: 80, + tlsCertificate: appmesh.TlsCertificate.acm({ + certificate: cert, + tlsMode: TlsMode.STRICT, + }), + })], +}); + +// A Virtual Gateway with listener TLS from a customer provided file certificate +const gateway = new appmesh.VirtualGateway(this, 'gateway', { + mesh: mesh, + listeners: [appmesh.VirtualGatewayListener.grpc({ + port: 8080, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChain: 'path/to/certChain', + privateKey: 'path/to/privateKey', + tlsMode: TlsMode.STRICT, + }), + })], + virtualGatewayName: 'gateway', +}); +``` + ## Adding a Route A `route` is associated with a virtual router, and it's used to match requests for a virtual router and distribute traffic accordingly to its associated virtual nodes. diff --git a/packages/@aws-cdk/aws-appmesh/lib/index.ts b/packages/@aws-cdk/aws-appmesh/lib/index.ts index a10ef54aa977b..1f5ca87def34d 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/index.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/index.ts @@ -5,6 +5,7 @@ export * from './route'; export * from './service-discovery'; export * from './route-spec'; export * from './shared-interfaces'; +export * from './tls-certificate'; export * from './virtual-node'; export * from './virtual-router'; export * from './virtual-router-listener'; diff --git a/packages/@aws-cdk/aws-appmesh/lib/service-discovery.ts b/packages/@aws-cdk/aws-appmesh/lib/service-discovery.ts index 91884cecb2550..5793bbf746eda 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/service-discovery.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/service-discovery.ts @@ -2,7 +2,6 @@ import * as cloudmap from '@aws-cdk/aws-servicediscovery'; import { Construct } from 'constructs'; import { CfnVirtualNode } from './appmesh.generated'; - /** * Represents the properties needed to define CloudMap Service Discovery */ diff --git a/packages/@aws-cdk/aws-appmesh/lib/tls-certificate.ts b/packages/@aws-cdk/aws-appmesh/lib/tls-certificate.ts new file mode 100644 index 0000000000000..8fde7e8b7694f --- /dev/null +++ b/packages/@aws-cdk/aws-appmesh/lib/tls-certificate.ts @@ -0,0 +1,173 @@ +import * as acm from '@aws-cdk/aws-certificatemanager'; +import { Construct } from 'constructs'; +import { CfnVirtualNode } from './appmesh.generated'; + +/** + * Enum of supported TLS modes + */ +export enum TlsMode { + /** + * Only accept encrypted traffic + */ + STRICT = 'STRICT', + + /** + * Accept encrypted and plaintext traffic. + */ + PERMISSIVE = 'PERMISSIVE', + + /** + * TLS is disabled, only accept plaintext traffic. + */ + DISABLED = 'DISABLED', +} + +/** + * A wrapper for the tls config returned by {@link TlsCertificate.bind} + */ +export interface TlsCertificateConfig { + /** + * The CFN shape for a listener TLS certificate + */ + readonly tlsCertificate: CfnVirtualNode.ListenerTlsCertificateProperty, + + /** + * The TLS mode. + */ + readonly tlsMode: TlsMode; +} + +/** + * ACM Certificate Properties + */ +export interface AcmCertificateOptions { + /** + * The TLS mode. + */ + readonly tlsMode: TlsMode; + + /** + * The ACM certificate + */ + readonly certificate: acm.ICertificate; +} + +/** + * File Certificate Properties + */ +export interface FileCertificateOptions { + /** + * The TLS mode. + */ + readonly tlsMode: TlsMode; + + /** + * The file path of the certificate chain file. + */ + readonly certificateChainPath: string; + + /** + * The file path of the private key file. + */ + readonly privateKeyPath: string; +} + +/** + * Represents a TLS certificate + */ +export abstract class TlsCertificate { + /** + * Returns an File TLS Certificate + */ + public static file(props: FileCertificateOptions): TlsCertificate { + return new FileTlsCertificate(props); + } + + /** + * Returns an ACM TLS Certificate + */ + public static acm(props: AcmCertificateOptions): TlsCertificate { + return new AcmTlsCertificate(props); + } + + /** + * Returns TLS certificate based provider. + */ + public abstract bind(_scope: Construct): TlsCertificateConfig; + +} + +/** + * Represents a ACM provided TLS certificate + */ +class AcmTlsCertificate extends TlsCertificate { + /** + * The TLS mode. + * + * @default - TlsMode.DISABLED + */ + readonly tlsMode: TlsMode; + + /** + * The ARN of the ACM certificate + */ + readonly acmCertificate: acm.ICertificate; + + constructor(props: AcmCertificateOptions) { + super(); + this.tlsMode = props.tlsMode; + this.acmCertificate = props.certificate; + } + + bind(_scope: Construct): TlsCertificateConfig { + return { + tlsCertificate: { + acm: { + certificateArn: this.acmCertificate.certificateArn, + }, + }, + tlsMode: this.tlsMode, + }; + } +} + +/** + * Represents a file provided TLS certificate + */ +class FileTlsCertificate extends TlsCertificate { + /** + * The TLS mode. + * + * @default - TlsMode.DISABLED + */ + readonly tlsMode: TlsMode; + + /** + * The file path of the certificate chain file. + */ + readonly certificateChain: string; + + /** + * The file path of the private key file. + */ + readonly privateKey: string; + + constructor(props: FileCertificateOptions) { + super(); + this.tlsMode = props.tlsMode; + this.certificateChain = props.certificateChainPath; + this.privateKey = props.privateKeyPath; + } + + bind(_scope: Construct): TlsCertificateConfig { + return { + tlsCertificate: { + file: { + certificateChain: this.certificateChain, + privateKey: this.privateKey, + }, + }, + tlsMode: this.tlsMode, + }; + } +} diff --git a/packages/@aws-cdk/aws-appmesh/lib/virtual-gateway-listener.ts b/packages/@aws-cdk/aws-appmesh/lib/virtual-gateway-listener.ts index 0fdcbbf7e256a..9428b2fd41748 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/virtual-gateway-listener.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/virtual-gateway-listener.ts @@ -3,6 +3,7 @@ import { Construct } from 'constructs'; import { CfnVirtualGateway } from './appmesh.generated'; import { validateHealthChecks } from './private/utils'; import { HealthCheck, Protocol } from './shared-interfaces'; +import { TlsCertificate, TlsCertificateConfig } from './tls-certificate'; /** * Represents the properties needed to define HTTP Listeners for a VirtualGateway @@ -21,6 +22,13 @@ export interface HttpGatewayListenerOptions { * @default - no healthcheck */ readonly healthCheck?: HealthCheck; + + /** + * Represents the configuration for enabling TLS on a listener + * + * @default - none + */ + readonly tlsCertificate?: TlsCertificate; } /** @@ -40,6 +48,13 @@ export interface GrpcGatewayListenerOptions { * @default - no healthcheck */ readonly healthCheck?: HealthCheck; + + /** + * Represents the listener certificate + * + * @default - none + */ + readonly tlsCertificate?: TlsCertificate; } /** @@ -49,7 +64,7 @@ export interface VirtualGatewayListenerConfig { /** * Single listener config for a VirtualGateway */ - readonly listener: CfnVirtualGateway.VirtualGatewayListenerProperty, + readonly listener: CfnVirtualGateway.VirtualGatewayListenerProperty; } /** @@ -60,21 +75,21 @@ export abstract class VirtualGatewayListener { * Returns an HTTP Listener for a VirtualGateway */ public static http(options: HttpGatewayListenerOptions = {}): VirtualGatewayListener { - return new HttpGatewayListener(options); + return new VirtualGatewayListenerImpl(Protocol.HTTP, options.healthCheck, options.port, options.tlsCertificate); } /** * Returns an HTTP2 Listener for a VirtualGateway */ public static http2(options: HttpGatewayListenerOptions = {}): VirtualGatewayListener { - return new Http2GatewayListener(options); + return new VirtualGatewayListenerImpl(Protocol.HTTP2, options.healthCheck, options.port, options.tlsCertificate); } /** * Returns a GRPC Listener for a VirtualGateway */ public static grpc(options: GrpcGatewayListenerOptions = {}): VirtualGatewayListener { - return new GrpcGatewayListener(options); + return new VirtualGatewayListenerImpl(Protocol.GRPC, options.healthCheck, options.port, options.tlsCertificate); } /** @@ -87,37 +102,21 @@ export abstract class VirtualGatewayListener { /** * Represents the properties needed to define an HTTP Listener for a VirtualGateway */ -class HttpGatewayListener extends VirtualGatewayListener { - /** - * Port to listen for connections on - * - * @default - 8080 - */ - readonly port: number; +class VirtualGatewayListenerImpl extends VirtualGatewayListener { - /** - * Health checking strategy upstream nodes should use when communicating with the listener - * - * @default - no healthcheck - */ - readonly healthCheck?: HealthCheck; - - /** - * Protocol the listener implements - */ - protected protocol: Protocol = Protocol.HTTP; - - constructor(options: HttpGatewayListenerOptions = {}) { + constructor(private readonly protocol: Protocol, + private readonly healthCheck: HealthCheck | undefined, + private readonly port: number = 8080, + private readonly tlsCertificate: TlsCertificate | undefined) { super(); - this.port = options.port ? options.port : 8080; - this.healthCheck = options.healthCheck; } /** * Called when the GatewayListener type is initialized. Can be used to enforce * mutual exclusivity */ - public bind(_scope: Construct): VirtualGatewayListenerConfig { + public bind(scope: Construct): VirtualGatewayListenerConfig { + const tlsConfig = this.tlsCertificate?.bind(scope); return { listener: { portMapping: { @@ -125,69 +124,25 @@ class HttpGatewayListener extends VirtualGatewayListener { protocol: this.protocol, }, healthCheck: this.healthCheck ? renderHealthCheck(this.healthCheck, this.protocol, this.port): undefined, + tls: tlsConfig ? renderTls(tlsConfig) : undefined, }, }; } -} -/** -* Represents the properties needed to define an HTTP2 Listener for a VirtualGateway -*/ -class Http2GatewayListener extends HttpGatewayListener { - constructor(options: HttpGatewayListenerOptions = {}) { - super(options); - this.protocol = Protocol.HTTP2; - } } /** - * Represents the properties needed to define a GRPC Listener for Virtual Gateway + * Renders the TLS config for a listener */ -class GrpcGatewayListener extends VirtualGatewayListener { - /** - * Port to listen for connections on - * - * @default - 8080 - */ - readonly port: number; - - /** - * Health checking strategy upstream nodes should use when communicating with the listener - * - * @default - no healthcheck - */ - readonly healthCheck?: HealthCheck; - - /** - * Protocol the listener implements - */ - protected protocol: Protocol = Protocol.GRPC; - - constructor(options: HttpGatewayListenerOptions = {}) { - super(); - this.port = options.port ? options.port : 8080; - this.healthCheck = options.healthCheck; - } - - /** - * Called when the GatewayListener type is initialized. Can be used to enforce - * mutual exclusivity - */ - public bind(_scope: Construct): VirtualGatewayListenerConfig { - return { - listener: { - portMapping: { - port: this.port, - protocol: Protocol.GRPC, - }, - healthCheck: this.healthCheck ? renderHealthCheck(this.healthCheck, this.protocol, this.port): undefined, - }, - }; - } +function renderTls(tlsCertificateConfig: TlsCertificateConfig): CfnVirtualGateway.VirtualGatewayListenerTlsProperty { + return { + certificate: tlsCertificateConfig.tlsCertificate, + mode: tlsCertificateConfig.tlsMode.toString(), + }; } -function renderHealthCheck( - hc: HealthCheck, listenerProtocol: Protocol, listenerPort: number): CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty { +function renderHealthCheck(hc: HealthCheck, listenerProtocol: Protocol, + listenerPort: number): CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty { if (hc.protocol === Protocol.TCP) { throw new Error('TCP health checks are not permitted for gateway listeners'); diff --git a/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts b/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts index af690970ab192..f918fb9443228 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts @@ -3,6 +3,7 @@ import { Construct } from 'constructs'; import { CfnVirtualNode } from './appmesh.generated'; import { validateHealthChecks } from './private/utils'; import { HealthCheck, Protocol, HttpTimeout, GrpcTimeout, TcpTimeout } from './shared-interfaces'; +import { TlsCertificate, TlsCertificateConfig } from './tls-certificate'; /** * Properties for a VirtualNode listener @@ -31,6 +32,13 @@ interface VirtualNodeListenerCommonOptions { * @default - no healthcheck */ readonly healthCheck?: HealthCheck; + + /** + * Represents the configuration for enabling TLS on a listener + * + * @default - none + */ + readonly tlsCertificate?: TlsCertificate; } /** @@ -77,28 +85,28 @@ export abstract class VirtualNodeListener { * Returns an HTTP Listener for a VirtualNode */ public static http(props: HttpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.HTTP, props.healthCheck, props.timeout, props.port); + return new VirtualNodeListenerImpl(Protocol.HTTP, props.healthCheck, props.timeout, props.port, props.tlsCertificate); } /** * Returns an HTTP2 Listener for a VirtualNode */ public static http2(props: HttpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.HTTP2, props.healthCheck, props.timeout, props.port); + return new VirtualNodeListenerImpl(Protocol.HTTP2, props.healthCheck, props.timeout, props.port, props.tlsCertificate); } /** * Returns an GRPC Listener for a VirtualNode */ public static grpc(props: GrpcVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.GRPC, props.healthCheck, props.timeout, props.port); + return new VirtualNodeListenerImpl(Protocol.GRPC, props.healthCheck, props.timeout, props.port, props.tlsCertificate); } /** * Returns an TCP Listener for a VirtualNode */ public static tcp(props: TcpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.TCP, props.healthCheck, props.timeout, props.port); + return new VirtualNodeListenerImpl(Protocol.TCP, props.healthCheck, props.timeout, props.port, props.tlsCertificate); } /** @@ -112,9 +120,11 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { constructor(private readonly protocol: Protocol, private readonly healthCheck: HealthCheck | undefined, private readonly timeout: HttpTimeout | undefined, - private readonly port: number = 8080) { super(); } + private readonly port: number = 8080, + private readonly tlsCertificate: TlsCertificate | undefined) { super(); } - public bind(_scope: Construct): VirtualNodeListenerConfig { + public bind(scope: Construct): VirtualNodeListenerConfig { + const tlsConfig = this.tlsCertificate?.bind(scope); return { listener: { portMapping: { @@ -123,10 +133,21 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { }, healthCheck: this.healthCheck ? this.renderHealthCheck(this.healthCheck) : undefined, timeout: this.timeout ? this.renderTimeout(this.timeout) : undefined, + tls: tlsConfig ? this.renderTls(tlsConfig) : undefined, }, }; } + /** + * Renders the TLS config for a listener + */ + private renderTls(tlsCertificateConfig: TlsCertificateConfig): CfnVirtualNode.ListenerTlsProperty { + return { + certificate: tlsCertificateConfig.tlsCertificate, + mode: tlsCertificateConfig.tlsMode.toString(), + }; + } + private renderHealthCheck(hc: HealthCheck): CfnVirtualNode.HealthCheckProperty | undefined { if (hc === undefined) { return undefined; } @@ -168,3 +189,4 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { }); } } + diff --git a/packages/@aws-cdk/aws-appmesh/package.json b/packages/@aws-cdk/aws-appmesh/package.json index d684ac2641dc2..b2dd882828beb 100644 --- a/packages/@aws-cdk/aws-appmesh/package.json +++ b/packages/@aws-cdk/aws-appmesh/package.json @@ -88,6 +88,7 @@ }, "dependencies": { "@aws-cdk/aws-acmpca": "0.0.0", + "@aws-cdk/aws-certificatemanager": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", @@ -96,6 +97,7 @@ }, "peerDependencies": { "@aws-cdk/aws-acmpca": "0.0.0", + "@aws-cdk/aws-certificatemanager": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", @@ -103,7 +105,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json b/packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json index e642633387206..db9277d071432 100644 --- a/packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json +++ b/packages/@aws-cdk/aws-appmesh/test/integ.mesh.expected.json @@ -649,6 +649,17 @@ "VirtualServiceName": "service1.domain.local" } }, + "cert56CA94EB": { + "Type": "AWS::CertificateManager::Certificate", + "Properties": { + "DomainName":"node1.domain.local", + "DomainValidationOptions": [{ + "DomainName":"node1.domain.local", + "ValidationDomain":"local" + }], + "ValidationMethod": "EMAIL" + } + }, "meshnode726C787D": { "Type": "AWS::AppMesh::VirtualNode", "Properties": { @@ -695,6 +706,16 @@ "PortMapping": { "Port": 8080, "Protocol": "http" + }, + "TLS": { + "Certificate": { + "ACM": { + "CertificateArn": { + "Ref": "cert56CA94EB" + } + } + }, + "Mode": "STRICT" } } ], @@ -1019,6 +1040,15 @@ "PortMapping": { "Port": 443, "Protocol": "http" + }, + "TLS": { + "Certificate": { + "File": { + "CertificateChain": "path/to/certChain", + "PrivateKey": "path/to/privateKey" + } + }, + "Mode": "STRICT" } } ] diff --git a/packages/@aws-cdk/aws-appmesh/test/integ.mesh.ts b/packages/@aws-cdk/aws-appmesh/test/integ.mesh.ts index 2f1884b3f7e63..730418aef7970 100644 --- a/packages/@aws-cdk/aws-appmesh/test/integ.mesh.ts +++ b/packages/@aws-cdk/aws-appmesh/test/integ.mesh.ts @@ -1,4 +1,5 @@ import * as acmpca from '@aws-cdk/aws-acmpca'; +import * as acm from '@aws-cdk/aws-certificatemanager'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as cloudmap from '@aws-cdk/aws-servicediscovery'; import * as cdk from '@aws-cdk/core'; @@ -29,6 +30,10 @@ const virtualService = mesh.addVirtualService('service', { virtualServiceName: 'service1.domain.local', }); +const cert = new acm.Certificate(stack, 'cert', { + domainName: `node1.${namespace.namespaceName}`, +}); + const node = mesh.addVirtualNode('node', { serviceDiscovery: appmesh.ServiceDiscovery.dns(`node1.${namespace.namespaceName}`), listeners: [appmesh.VirtualNodeListener.http({ @@ -36,6 +41,10 @@ const node = mesh.addVirtualNode('node', { healthyThreshold: 3, path: '/check-path', }, + tlsCertificate: appmesh.TlsCertificate.acm({ + certificate: cert, + tlsMode: appmesh.TlsMode.STRICT, + }), })], backends: [ virtualService, @@ -155,6 +164,11 @@ new appmesh.VirtualGateway(stack, 'gateway2', { healthCheck: { interval: cdk.Duration.seconds(10), }, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChainPath: 'path/to/certChain', + privateKeyPath: 'path/to/privateKey', + tlsMode: appmesh.TlsMode.STRICT, + }), })], }); diff --git a/packages/@aws-cdk/aws-appmesh/test/test.virtual-gateway.ts b/packages/@aws-cdk/aws-appmesh/test/test.virtual-gateway.ts index 6207e49ce0be1..7b4a563c90d34 100644 --- a/packages/@aws-cdk/aws-appmesh/test/test.virtual-gateway.ts +++ b/packages/@aws-cdk/aws-appmesh/test/test.virtual-gateway.ts @@ -1,7 +1,7 @@ import { expect, haveResourceLike } from '@aws-cdk/assert'; +import * as acm from '@aws-cdk/aws-certificatemanager'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; - import * as appmesh from '../lib'; export = { @@ -153,6 +153,142 @@ export = { })); test.done(); }, + + 'with an http listener with a TLS certificate from ACM'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + const cert = new acm.Certificate(stack, 'cert', { + domainName: '', + }); + + new appmesh.VirtualGateway(stack, 'testGateway', { + virtualGatewayName: 'test-gateway', + mesh: mesh, + listeners: [appmesh.VirtualGatewayListener.http({ + port: 8080, + tlsCertificate: appmesh.TlsCertificate.acm({ + tlsMode: appmesh.TlsMode.STRICT, + certificate: cert, + }), + })], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualGateway', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.STRICT, + Certificate: { + ACM: { + CertificateArn: { + Ref: 'cert56CA94EB', + }, + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, + + 'with an grpc listener with a TLS certificate from file'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + new appmesh.VirtualGateway(stack, 'testGateway', { + virtualGatewayName: 'test-gateway', + mesh: mesh, + listeners: [appmesh.VirtualGatewayListener.grpc({ + port: 8080, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChainPath: 'path/to/certChain', + privateKeyPath: 'path/to/privateKey', + tlsMode: appmesh.TlsMode.STRICT, + }), + })], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualGateway', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.STRICT, + Certificate: { + File: { + CertificateChain: 'path/to/certChain', + PrivateKey: 'path/to/privateKey', + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, + + 'with an grpc listener with the TLS mode permissive'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + new appmesh.VirtualGateway(stack, 'testGateway', { + virtualGatewayName: 'test-gateway', + mesh: mesh, + listeners: [appmesh.VirtualGatewayListener.grpc({ + port: 8080, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChainPath: 'path/to/certChain', + privateKeyPath: 'path/to/privateKey', + tlsMode: appmesh.TlsMode.PERMISSIVE, + }), + })], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualGateway', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.PERMISSIVE, + Certificate: { + File: { + CertificateChain: 'path/to/certChain', + PrivateKey: 'path/to/privateKey', + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, }, 'When adding a gateway route to existing VirtualGateway ': { diff --git a/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts b/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts index ffc7e60107ba1..9fb05931a2a44 100644 --- a/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts +++ b/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts @@ -1,5 +1,6 @@ import { expect, haveResourceLike } from '@aws-cdk/assert'; import * as acmpca from '@aws-cdk/aws-acmpca'; +import * as acm from '@aws-cdk/aws-certificatemanager'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; import * as appmesh from '../lib'; @@ -357,7 +358,149 @@ export = { test.done(); }, }, + + 'when a grpc listener is added with a TLS certificate from ACM': { + 'the listener should include the TLS configuration'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + const cert = new acm.Certificate(stack, 'cert', { + domainName: '', + }); + + new appmesh.VirtualNode(stack, 'test-node', { + mesh, + listeners: [appmesh.VirtualNodeListener.grpc({ + port: 80, + tlsCertificate: appmesh.TlsCertificate.acm({ + certificate: cert, + tlsMode: appmesh.TlsMode.STRICT, + }), + }, + )], + }); + + // THEN + + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualNode', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.STRICT, + Certificate: { + ACM: { + CertificateArn: { + Ref: 'cert56CA94EB', + }, + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, + }, + + 'when an http listener is added with a TLS certificate from file': { + 'the listener should include the TLS configuration'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + new appmesh.VirtualNode(stack, 'test-node', { + mesh, + listeners: [appmesh.VirtualNodeListener.http({ + port: 80, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChainPath: 'path/to/certChain', + privateKeyPath: 'path/to/privateKey', + tlsMode: appmesh.TlsMode.STRICT, + }), + })], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualNode', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.STRICT, + Certificate: { + File: { + CertificateChain: 'path/to/certChain', + PrivateKey: 'path/to/privateKey', + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, + }, + + 'when an http listener is added with the TLS mode permissive': { + 'the listener should include the TLS configuration'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + new appmesh.VirtualNode(stack, 'test-node', { + mesh, + listeners: [appmesh.VirtualNodeListener.http({ + port: 80, + tlsCertificate: appmesh.TlsCertificate.file({ + certificateChainPath: 'path/to/certChain', + privateKeyPath: 'path/to/privateKey', + tlsMode: appmesh.TlsMode.PERMISSIVE, + }), + })], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualNode', { + Spec: { + Listeners: [ + { + TLS: { + Mode: appmesh.TlsMode.PERMISSIVE, + Certificate: { + File: { + CertificateChain: 'path/to/certChain', + PrivateKey: 'path/to/privateKey', + }, + }, + }, + }, + ], + }, + })); + + test.done(); + }, + }, }, + 'Can import Virtual Nodes using an ARN'(test: Test) { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-appstream/package.json b/packages/@aws-cdk/aws-appstream/package.json index dc58f32d7dfe0..bd25e2530059d 100644 --- a/packages/@aws-cdk/aws-appstream/package.json +++ b/packages/@aws-cdk/aws-appstream/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-appsync/README.md b/packages/@aws-cdk/aws-appsync/README.md index 794cff6db3cda..61c4e797f5bb4 100644 --- a/packages/@aws-cdk/aws-appsync/README.md +++ b/packages/@aws-cdk/aws-appsync/README.md @@ -75,20 +75,23 @@ const demoTable = new db.Table(stack, 'DemoTable', { const demoDS = api.addDynamoDbDataSource('demoDataSource', demoTable); -// Resolver for the Query "getDemos" that scans the DyanmoDb table and returns the entire list. +// Resolver for the Query "getDemos" that scans the DynamoDb table and returns the entire list. demoDS.createResolver({ typeName: 'Query', fieldName: 'getDemos', - requestMappingTemplate: MappingTemplate.dynamoDbScanTable(), - responseMappingTemplate: MappingTemplate.dynamoDbResultList(), + requestMappingTemplate: appsync.MappingTemplate.dynamoDbScanTable(), + responseMappingTemplate: appsync.MappingTemplate.dynamoDbResultList(), }); // Resolver for the Mutation "addDemo" that puts the item into the DynamoDb table. demoDS.createResolver({ typeName: 'Mutation', fieldName: 'addDemo', - requestMappingTemplate: MappingTemplate.dynamoDbPutItem(PrimaryKey.partition('id').auto(), Values.projecting('demo')), - responseMappingTemplate: MappingTemplate.dynamoDbResultItem(), + requestMappingTemplate: appsync.MappingTemplate.dynamoDbPutItem( + appsync.PrimaryKey.partition('id').auto(), + appsync.Values.projecting('demo') + ), + responseMappingTemplate: appsync.MappingTemplate.dynamoDbResultItem(), }); ``` diff --git a/packages/@aws-cdk/aws-appsync/lib/data-source.ts b/packages/@aws-cdk/aws-appsync/lib/data-source.ts index 70e0576687de7..0132de1534383 100644 --- a/packages/@aws-cdk/aws-appsync/lib/data-source.ts +++ b/packages/@aws-cdk/aws-appsync/lib/data-source.ts @@ -3,7 +3,7 @@ import { Grant, IGrantable, IPrincipal, IRole, Role, ServicePrincipal } from '@a import { IFunction } from '@aws-cdk/aws-lambda'; import { IDatabaseCluster } from '@aws-cdk/aws-rds'; import { ISecret } from '@aws-cdk/aws-secretsmanager'; -import { IResolvable, Stack } from '@aws-cdk/core'; +import { IResolvable, Lazy, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { BaseAppsyncFunctionProps, AppsyncFunction } from './appsync-function'; import { CfnDataSource } from './appsync.generated'; @@ -314,17 +314,25 @@ export class RdsDataSource extends BackedDataSource { relationalDatabaseConfig: { rdsHttpEndpointConfig: { awsRegion: props.databaseCluster.stack.region, - dbClusterIdentifier: props.databaseCluster.clusterIdentifier, + dbClusterIdentifier: Lazy.string({ + produce: () => { + return Stack.of(this).formatArn({ + service: 'rds', + resource: `cluster:${props.databaseCluster.clusterIdentifier}`, + }); + }, + }), awsSecretStoreArn: props.secretStore.secretArn, }, relationalDatabaseSourceType: 'RDS_HTTP_ENDPOINT', }, }); - props.secretStore.grantRead(this); const clusterArn = Stack.of(this).formatArn({ service: 'rds', resource: `cluster:${props.databaseCluster.clusterIdentifier}`, }); + props.secretStore.grantRead(this); + // Change to grant with RDS grant becomes implemented Grant.addToPrincipal({ grantee: this, diff --git a/packages/@aws-cdk/aws-appsync/package.json b/packages/@aws-cdk/aws-appsync/package.json index 675b7dd08f3a7..1f4779edad008 100644 --- a/packages/@aws-cdk/aws-appsync/package.json +++ b/packages/@aws-cdk/aws-appsync/package.json @@ -108,7 +108,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts b/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts index ba0d80d00037b..97cea819de8f3 100644 --- a/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts +++ b/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts @@ -97,6 +97,32 @@ describe('Rds Data Source configuration', () => { }); }); + test('rds cluster arn saved to RdsHttpEndpointConfig', () => { + // WHEN + api.addRdsDataSource('ds', cluster, secret); + + // THEN + expect(stack).toHaveResourceLike('AWS::AppSync::DataSource', { + Type: 'RELATIONAL_DATABASE', + RelationalDatabaseConfig: { + RdsHttpEndpointConfig: { + AwsRegion: { Ref: 'AWS::Region' }, + AwsSecretStoreArn: { Ref: 'AuroraSecret41E6E877' }, + DbClusterIdentifier: { + 'Fn::Join': ['', ['arn:', + { Ref: 'AWS::Partition' }, + ':rds:', + { Ref: 'AWS::Region' }, + ':', + { Ref: 'AWS::AccountId' }, + ':cluster:', + { Ref: 'AuroraCluster23D869C0' }]], + }, + }, + }, + }); + }); + test('default configuration produces name identical to the id', () => { // WHEN api.addRdsDataSource('ds', cluster, secret); diff --git a/packages/@aws-cdk/aws-athena/package.json b/packages/@aws-cdk/aws-athena/package.json index 60190909b1eb7..636e7e0db2440 100644 --- a/packages/@aws-cdk/aws-athena/package.json +++ b/packages/@aws-cdk/aws-athena/package.json @@ -91,7 +91,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-auditmanager/.eslintrc.js b/packages/@aws-cdk/aws-auditmanager/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-auditmanager/.gitignore b/packages/@aws-cdk/aws-auditmanager/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-auditmanager/.npmignore b/packages/@aws-cdk/aws-auditmanager/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-auditmanager/LICENSE b/packages/@aws-cdk/aws-auditmanager/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-auditmanager/NOTICE b/packages/@aws-cdk/aws-auditmanager/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-auditmanager/README.md b/packages/@aws-cdk/aws-auditmanager/README.md new file mode 100644 index 0000000000000..ee34051ab78e3 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/README.md @@ -0,0 +1,20 @@ +# AWS::AuditManager Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import auditmanager = require('@aws-cdk/aws-auditmanager'); +``` diff --git a/packages/@aws-cdk/aws-auditmanager/jest.config.js b/packages/@aws-cdk/aws-auditmanager/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-auditmanager/lib/index.ts b/packages/@aws-cdk/aws-auditmanager/lib/index.ts new file mode 100644 index 0000000000000..f6234117e603f --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::AuditManager CloudFormation Resources: +export * from './auditmanager.generated'; diff --git a/packages/@aws-cdk/aws-auditmanager/package.json b/packages/@aws-cdk/aws-auditmanager/package.json new file mode 100644 index 0000000000000..6ba8246bf99e5 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/package.json @@ -0,0 +1,100 @@ +{ + "name": "@aws-cdk/aws-auditmanager", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::AuditManager", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.AuditManager", + "packageId": "Amazon.CDK.AWS.AuditManager", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.auditmanager", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "auditmanager" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-auditmanager", + "module": "aws_cdk.aws_auditmanager" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-auditmanager" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test+package": "npm run build+test && npm run package", + "build+test": "npm run build && npm test", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::AuditManager", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::AuditManager", + "aws-auditmanager" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "engines": { + "node": ">= 14.15.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "private": true +} diff --git a/packages/@aws-cdk/aws-auditmanager/test/auditmanager.test.ts b/packages/@aws-cdk/aws-auditmanager/test/auditmanager.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-auditmanager/test/auditmanager.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-autoscaling-common/package.json b/packages/@aws-cdk/aws-autoscaling-common/package.json index 74ee22b8e4e68..d2a4727f8dd5f 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/package.json +++ b/packages/@aws-cdk/aws-autoscaling-common/package.json @@ -106,7 +106,7 @@ ] }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json index 92243308c0f6f..817a72b2a57df 100644 --- a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json +++ b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json @@ -97,7 +97,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-autoscaling/package.json b/packages/@aws-cdk/aws-autoscaling/package.json index d3ae544c25854..866ab4faa891b 100644 --- a/packages/@aws-cdk/aws-autoscaling/package.json +++ b/packages/@aws-cdk/aws-autoscaling/package.json @@ -107,7 +107,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-autoscalingplans/package.json b/packages/@aws-cdk/aws-autoscalingplans/package.json index dc3f19ca4eacb..3471d9669f49d 100644 --- a/packages/@aws-cdk/aws-autoscalingplans/package.json +++ b/packages/@aws-cdk/aws-autoscalingplans/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-backup/package.json b/packages/@aws-cdk/aws-backup/package.json index 73e4aea43bad6..aaab59716d22d 100644 --- a/packages/@aws-cdk/aws-backup/package.json +++ b/packages/@aws-cdk/aws-backup/package.json @@ -107,7 +107,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-batch/package.json b/packages/@aws-cdk/aws-batch/package.json index 1138c735829cb..a0466afc56ced 100644 --- a/packages/@aws-cdk/aws-batch/package.json +++ b/packages/@aws-cdk/aws-batch/package.json @@ -103,7 +103,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-budgets/package.json b/packages/@aws-cdk/aws-budgets/package.json index 9e6337dacca2e..14b8c8e6a27dd 100644 --- a/packages/@aws-cdk/aws-budgets/package.json +++ b/packages/@aws-cdk/aws-budgets/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-cassandra/package.json b/packages/@aws-cdk/aws-cassandra/package.json index 260bf21b88421..52e56a27d2e4d 100644 --- a/packages/@aws-cdk/aws-cassandra/package.json +++ b/packages/@aws-cdk/aws-cassandra/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-ce/package.json b/packages/@aws-cdk/aws-ce/package.json index cea361aa5330e..846c609faa1f8 100644 --- a/packages/@aws-cdk/aws-ce/package.json +++ b/packages/@aws-cdk/aws-ce/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-certificatemanager/package.json b/packages/@aws-cdk/aws-certificatemanager/package.json index 1408d12da5030..186844eba2905 100644 --- a/packages/@aws-cdk/aws-certificatemanager/package.json +++ b/packages/@aws-cdk/aws-certificatemanager/package.json @@ -95,7 +95,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-chatbot/package.json b/packages/@aws-cdk/aws-chatbot/package.json index 411d86b8decf6..fd0bd2e678b02 100644 --- a/packages/@aws-cdk/aws-chatbot/package.json +++ b/packages/@aws-cdk/aws-chatbot/package.json @@ -99,7 +99,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-cloud9/package.json b/packages/@aws-cdk/aws-cloud9/package.json index 75392c444cc7b..f03ea8fc68eb4 100644 --- a/packages/@aws-cdk/aws-cloud9/package.json +++ b/packages/@aws-cdk/aws-cloud9/package.json @@ -95,7 +95,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-cloudformation/package.json b/packages/@aws-cdk/aws-cloudformation/package.json index 5eb0f585689bb..7d6b8ce021e9c 100644 --- a/packages/@aws-cdk/aws-cloudformation/package.json +++ b/packages/@aws-cdk/aws-cloudformation/package.json @@ -104,7 +104,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-cloudfront-origins/package.json b/packages/@aws-cdk/aws-cloudfront-origins/package.json index 2f54cd51caa60..8ba4f39f0d7b3 100644 --- a/packages/@aws-cdk/aws-cloudfront-origins/package.json +++ b/packages/@aws-cdk/aws-cloudfront-origins/package.json @@ -74,7 +74,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "pkglint": "0.0.0" @@ -95,7 +95,7 @@ "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index eaee0e452a805..d75c587889e3d 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -75,7 +75,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -108,7 +108,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index 8a768f18b97c7..1d2e72f08a587 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -75,7 +75,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -112,7 +112,7 @@ ] }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-cloudwatch-actions/package.json b/packages/@aws-cdk/aws-cloudwatch-actions/package.json index a500201df2b70..0ec045589ab34 100644 --- a/packages/@aws-cdk/aws-cloudwatch-actions/package.json +++ b/packages/@aws-cdk/aws-cloudwatch-actions/package.json @@ -93,7 +93,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-cloudwatch/package.json b/packages/@aws-cdk/aws-cloudwatch/package.json index 145245299dde3..ef6b44705ebc5 100644 --- a/packages/@aws-cdk/aws-cloudwatch/package.json +++ b/packages/@aws-cdk/aws-cloudwatch/package.json @@ -115,7 +115,7 @@ ] }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-codeartifact/package.json b/packages/@aws-cdk/aws-codeartifact/package.json index f7ecfab89b381..af2f92dc4d913 100644 --- a/packages/@aws-cdk/aws-codeartifact/package.json +++ b/packages/@aws-cdk/aws-codeartifact/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 656772bd6b188..fe3ab4424220d 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -1431,6 +1431,8 @@ export class LinuxBuildImage implements IBuildImage { public static readonly STANDARD_3_0 = LinuxBuildImage.codeBuildImage('aws/codebuild/standard:3.0'); /** The `aws/codebuild/standard:4.0` build image. */ public static readonly STANDARD_4_0 = LinuxBuildImage.codeBuildImage('aws/codebuild/standard:4.0'); + /** The `aws/codebuild/standard:5.0` build image. */ + public static readonly STANDARD_5_0 = LinuxBuildImage.codeBuildImage('aws/codebuild/standard:5.0'); public static readonly AMAZON_LINUX_2 = LinuxBuildImage.codeBuildImage('aws/codebuild/amazonlinux2-x86_64-standard:1.0'); public static readonly AMAZON_LINUX_2_2 = LinuxBuildImage.codeBuildImage('aws/codebuild/amazonlinux2-x86_64-standard:2.0'); @@ -1771,8 +1773,10 @@ export interface BuildEnvironmentVariable { readonly type?: BuildEnvironmentVariableType; /** - * The value of the environment variable (or the name of the parameter in - * the SSM parameter store.) + * The value of the environment variable. + * For plain-text variables (the default), this is the literal value of variable. + * For SSM parameter variables, pass the name of the parameter here (`parameterName` property of `IParameter`). + * For SecretsManager variables secrets, pass the secret name here (`secretName` property of `ISecret`). */ readonly value: any; } diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index caa6ea540bf3b..c6695504192d0 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -81,7 +81,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -126,7 +126,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index 0b0a1e59e0067..b6984776ef19a 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -81,7 +81,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -102,7 +102,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-codedeploy/package.json b/packages/@aws-cdk/aws-codedeploy/package.json index f148fda75d9a7..30f68f86a19a6 100644 --- a/packages/@aws-cdk/aws-codedeploy/package.json +++ b/packages/@aws-cdk/aws-codedeploy/package.json @@ -112,7 +112,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-codeguruprofiler/package.json b/packages/@aws-cdk/aws-codeguruprofiler/package.json index de619dff0c1ce..427d99cfccf4e 100644 --- a/packages/@aws-cdk/aws-codeguruprofiler/package.json +++ b/packages/@aws-cdk/aws-codeguruprofiler/package.json @@ -93,7 +93,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-codegurureviewer/package.json b/packages/@aws-cdk/aws-codegurureviewer/package.json index ff9b04bf1dcca..9aa4f8c52be08 100644 --- a/packages/@aws-cdk/aws-codegurureviewer/package.json +++ b/packages/@aws-cdk/aws-codegurureviewer/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/s3/deploy-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/s3/deploy-action.ts index 0273a1cafe827..0805ae2ab8cab 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/s3/deploy-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/s3/deploy-action.ts @@ -112,6 +112,12 @@ export class S3DeployAction extends Action { // pipeline needs permissions to write to the S3 bucket this.props.bucket.grantWrite(options.role); + if (this.props.accessControl !== undefined) { + // we need to modify the ACL settings of objects within the Bucket, + // so grant the Action's Role permissions to do that + this.props.bucket.grantPutAcl(options.role); + } + // the Action Role also needs to read from the Pipeline's bucket options.bucket.grantRead(options.role); diff --git a/packages/@aws-cdk/aws-codepipeline-actions/package.json b/packages/@aws-cdk/aws-codepipeline-actions/package.json index d083acbf9cefd..7461f76edf534 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/package.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/package.json @@ -127,7 +127,7 @@ "case" ], "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.expected.json index d6bc02e90525c..d37bdc0c6798c 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.expected.json @@ -12,155 +12,9 @@ }, "DeployBucket67E2C076": { "Type": "AWS::S3::Bucket", - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, - "PipelineArtifactsBucketEncryptionKey01D58D69": { - "Type": "AWS::KMS::Key", - "Properties": { - "KeyPolicy": { - "Statement": [ - { - "Action": [ - "kms:Create*", - "kms:Describe*", - "kms:Enable*", - "kms:List*", - "kms:Put*", - "kms:Update*", - "kms:Revoke*", - "kms:Disable*", - "kms:Get*", - "kms:Delete*", - "kms:ScheduleKeyDeletion", - "kms:CancelKeyDeletion", - "kms:GenerateDataKey", - "kms:TagResource", - "kms:UntagResource" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::", - { - "Ref": "AWS::AccountId" - }, - ":root" - ] - ] - } - }, - "Resource": "*" - }, - { - "Action": [ - "kms:Decrypt", - "kms:DescribeKey", - "kms:Encrypt", - "kms:ReEncrypt*", - "kms:GenerateDataKey*" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "PipelineRoleD68726F7", - "Arn" - ] - } - }, - "Resource": "*" - }, - { - "Action": [ - "kms:Encrypt", - "kms:ReEncrypt*", - "kms:GenerateDataKey*", - "kms:Decrypt" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "PipelineSourceCodePipelineActionRoleC6F9E7F5", - "Arn" - ] - } - }, - "Resource": "*" - }, - { - "Action": [ - "kms:Decrypt", - "kms:DescribeKey" - ], - "Effect": "Allow", - "Principal": { - "AWS": { - "Fn::GetAtt": [ - "PipelineDeployDeployActionCodePipelineActionRole1C288A60", - "Arn" - ] - } - }, - "Resource": "*" - } - ], - "Version": "2012-10-17" - } - }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, - "PipelineArtifactsBucketEncryptionKeyAlias5C510EEE": { - "Type": "AWS::KMS::Alias", - "Properties": { - "AliasName": "alias/codepipeline-awscdkcodepipelines3deploypipeline907bf1e7", - "TargetKeyId": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - } - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, - "PipelineArtifactsBucket22248F97": { - "Type": "AWS::S3::Bucket", - "Properties": { - "BucketEncryption": { - "ServerSideEncryptionConfiguration": [ - { - "ServerSideEncryptionByDefault": { - "KMSMasterKeyID": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - }, - "SSEAlgorithm": "aws:kms" - } - } - ] - }, - "PublicAccessBlockConfiguration": { - "BlockPublicAcls": true, - "BlockPublicPolicy": true, - "IgnorePublicAcls": true, - "RestrictPublicBuckets": true - } - }, - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" - }, "PipelineRoleD68726F7": { "Type": "AWS::IAM::Role", "Properties": { @@ -196,7 +50,7 @@ "Resource": [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -206,7 +60,7 @@ [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -216,22 +70,6 @@ } ] }, - { - "Action": [ - "kms:Decrypt", - "kms:DescribeKey", - "kms:Encrypt", - "kms:ReEncrypt*", - "kms:GenerateDataKey*" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - } - }, { "Action": "sts:AssumeRole", "Effect": "Allow", @@ -341,17 +179,8 @@ } ], "ArtifactStore": { - "EncryptionKey": { - "Id": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - }, - "Type": "KMS" - }, "Location": { - "Ref": "PipelineArtifactsBucket22248F97" + "Ref": "PipelineBucketB967BD35" }, "Type": "S3" } @@ -438,7 +267,7 @@ "Resource": [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -448,7 +277,7 @@ [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -457,21 +286,6 @@ ] } ] - }, - { - "Action": [ - "kms:Encrypt", - "kms:ReEncrypt*", - "kms:GenerateDataKey*", - "kms:Decrypt" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - } } ], "Version": "2012-10-17" @@ -551,6 +365,24 @@ } ] }, + { + "Action": "s3:PutObjectAcl", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "DeployBucket67E2C076", + "Arn" + ] + }, + "/*" + ] + ] + } + }, { "Action": [ "s3:GetObject*", @@ -561,7 +393,7 @@ "Resource": [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -571,7 +403,7 @@ [ { "Fn::GetAtt": [ - "PipelineArtifactsBucket22248F97", + "PipelineBucketB967BD35", "Arn" ] }, @@ -580,19 +412,6 @@ ] } ] - }, - { - "Action": [ - "kms:Decrypt", - "kms:DescribeKey" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "PipelineArtifactsBucketEncryptionKey01D58D69", - "Arn" - ] - } } ], "Version": "2012-10-17" diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.ts index b012d6ff8aeb8..5277170c0ca59 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-s3-deploy.ts @@ -19,9 +19,12 @@ const sourceAction = new cpactions.S3SourceAction({ bucketKey: 'key', }); -const deployBucket = new s3.Bucket(stack, 'DeployBucket', {}); +const deployBucket = new s3.Bucket(stack, 'DeployBucket', { + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); new codepipeline.Pipeline(stack, 'Pipeline', { + artifactBucket: bucket, stages: [ { stageName: 'Source', diff --git a/packages/@aws-cdk/aws-codepipeline/package.json b/packages/@aws-cdk/aws-codepipeline/package.json index 26bce804351c9..bf8f9fee5a456 100644 --- a/packages/@aws-cdk/aws-codepipeline/package.json +++ b/packages/@aws-cdk/aws-codepipeline/package.json @@ -107,7 +107,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-codestar/package.json b/packages/@aws-cdk/aws-codestar/package.json index 56bac132e6acf..7e71ddca2b7b9 100644 --- a/packages/@aws-cdk/aws-codestar/package.json +++ b/packages/@aws-cdk/aws-codestar/package.json @@ -93,7 +93,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-codestarconnections/package.json b/packages/@aws-cdk/aws-codestarconnections/package.json index 761c8e42b7df2..ad88fe1cda03b 100644 --- a/packages/@aws-cdk/aws-codestarconnections/package.json +++ b/packages/@aws-cdk/aws-codestarconnections/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-codestarnotifications/package.json b/packages/@aws-cdk/aws-codestarnotifications/package.json index 9c8feaf505dc3..6b6ee628a1565 100644 --- a/packages/@aws-cdk/aws-codestarnotifications/package.json +++ b/packages/@aws-cdk/aws-codestarnotifications/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-cognito/package.json b/packages/@aws-cdk/aws-cognito/package.json index 26064cc93dce1..085ef0953d4b7 100644 --- a/packages/@aws-cdk/aws-cognito/package.json +++ b/packages/@aws-cdk/aws-cognito/package.json @@ -104,7 +104,7 @@ "punycode" ], "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-config/package.json b/packages/@aws-cdk/aws-config/package.json index 5b8812acb1d8f..8c03cccbc41ef 100644 --- a/packages/@aws-cdk/aws-config/package.json +++ b/packages/@aws-cdk/aws-config/package.json @@ -100,7 +100,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-databrew/package.json b/packages/@aws-cdk/aws-databrew/package.json index 6a42329c36617..f516110f39116 100644 --- a/packages/@aws-cdk/aws-databrew/package.json +++ b/packages/@aws-cdk/aws-databrew/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-datapipeline/package.json b/packages/@aws-cdk/aws-datapipeline/package.json index 377bace5f77f4..f612b24e4bde1 100644 --- a/packages/@aws-cdk/aws-datapipeline/package.json +++ b/packages/@aws-cdk/aws-datapipeline/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-datasync/.eslintrc.js b/packages/@aws-cdk/aws-datasync/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-datasync/.gitignore b/packages/@aws-cdk/aws-datasync/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-datasync/.npmignore b/packages/@aws-cdk/aws-datasync/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-datasync/LICENSE b/packages/@aws-cdk/aws-datasync/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-datasync/NOTICE b/packages/@aws-cdk/aws-datasync/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-datasync/README.md b/packages/@aws-cdk/aws-datasync/README.md new file mode 100644 index 0000000000000..ab865b0be83a8 --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/README.md @@ -0,0 +1,20 @@ +# AWS::DataSync Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import datasync = require('@aws-cdk/aws-datasync'); +``` diff --git a/packages/@aws-cdk/aws-datasync/jest.config.js b/packages/@aws-cdk/aws-datasync/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-datasync/lib/index.ts b/packages/@aws-cdk/aws-datasync/lib/index.ts new file mode 100644 index 0000000000000..e6edd2b3a8a5f --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::DataSync CloudFormation Resources: +export * from './datasync.generated'; diff --git a/packages/@aws-cdk/aws-datasync/package.json b/packages/@aws-cdk/aws-datasync/package.json new file mode 100644 index 0000000000000..65d0fc8fab75a --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/package.json @@ -0,0 +1,100 @@ +{ + "name": "@aws-cdk/aws-datasync", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::DataSync", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.DataSync", + "packageId": "Amazon.CDK.AWS.DataSync", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.datasync", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "datasync" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-datasync", + "module": "aws_cdk.aws_datasync" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-datasync" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test+package": "npm run build+test && npm run package", + "build+test": "npm run build && npm test", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::DataSync", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::DataSync", + "aws-datasync" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "engines": { + "node": ">= 14.15.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "private": true +} diff --git a/packages/@aws-cdk/aws-datasync/test/datasync.test.ts b/packages/@aws-cdk/aws-datasync/test/datasync.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-datasync/test/datasync.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-dax/package.json b/packages/@aws-cdk/aws-dax/package.json index b61cf80ba6694..6582f4fc69a19 100644 --- a/packages/@aws-cdk/aws-dax/package.json +++ b/packages/@aws-cdk/aws-dax/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-detective/package.json b/packages/@aws-cdk/aws-detective/package.json index c1f1e091807c4..bcc38a1b454ac 100644 --- a/packages/@aws-cdk/aws-detective/package.json +++ b/packages/@aws-cdk/aws-detective/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "awscdkio": { diff --git a/packages/@aws-cdk/aws-devopsguru/package.json b/packages/@aws-cdk/aws-devopsguru/package.json index 409a0d2a6b9c6..590085c5a5fed 100644 --- a/packages/@aws-cdk/aws-devopsguru/package.json +++ b/packages/@aws-cdk/aws-devopsguru/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-directoryservice/package.json b/packages/@aws-cdk/aws-directoryservice/package.json index 948fac3e84ef0..a3aaed26eb565 100644 --- a/packages/@aws-cdk/aws-directoryservice/package.json +++ b/packages/@aws-cdk/aws-directoryservice/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-dlm/package.json b/packages/@aws-cdk/aws-dlm/package.json index 6a816e5ee5590..d9bca4e2cd251 100644 --- a/packages/@aws-cdk/aws-dlm/package.json +++ b/packages/@aws-cdk/aws-dlm/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-dms/package.json b/packages/@aws-cdk/aws-dms/package.json index 1c3ff387a3029..40fa193c0c1d8 100644 --- a/packages/@aws-cdk/aws-dms/package.json +++ b/packages/@aws-cdk/aws-dms/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-docdb/package.json b/packages/@aws-cdk/aws-docdb/package.json index f16c155a95439..32aef49367ea5 100644 --- a/packages/@aws-cdk/aws-docdb/package.json +++ b/packages/@aws-cdk/aws-docdb/package.json @@ -99,7 +99,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-dynamodb-global/package.json b/packages/@aws-cdk/aws-dynamodb-global/package.json index 8bfdc673ae756..11ac33a37de9d 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/package.json +++ b/packages/@aws-cdk/aws-dynamodb-global/package.json @@ -88,7 +88,7 @@ "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "main": "lib/index.js", "types": "lib/index.d.ts", diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index 7317cc34c981d..c05531dbc3da4 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -76,7 +76,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/jest": "^26.0.15", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", @@ -108,7 +108,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-ec2/lib/security-group.ts b/packages/@aws-cdk/aws-ec2/lib/security-group.ts index 62a0ceb19e0ca..b5c3e4bf5cff2 100644 --- a/packages/@aws-cdk/aws-ec2/lib/security-group.ts +++ b/packages/@aws-cdk/aws-ec2/lib/security-group.ts @@ -321,6 +321,13 @@ export class SecurityGroup extends SecurityGroupBase { /** * Import an existing security group into this app. + * + * This method will assume that the Security Group has a rule in it which allows + * all outbound traffic, and so will not add egress rules to the imported Security + * Group (only ingress rules). + * + * If your existing Security Group needs to have egress rules added, pass the + * `allowAllOutbound: false` option on import. */ public static fromSecurityGroupId(scope: Construct, id: string, securityGroupId: string, options: SecurityGroupImportOptions = {}): ISecurityGroup { class MutableImport extends SecurityGroupBase { diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index afd9d1ae25081..9aa676bc06c33 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -113,7 +113,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-ecr-assets/package.json b/packages/@aws-cdk/aws-ecr-assets/package.json index 0fa09d212e9b2..0129b307f72de 100644 --- a/packages/@aws-cdk/aws-ecr-assets/package.json +++ b/packages/@aws-cdk/aws-ecr-assets/package.json @@ -100,7 +100,7 @@ "statements": 70 }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "bundledDependencies": [ "minimatch" diff --git a/packages/@aws-cdk/aws-ecr/package.json b/packages/@aws-cdk/aws-ecr/package.json index 396c853a88c17..1b9f1a81f3c6a 100644 --- a/packages/@aws-cdk/aws-ecr/package.json +++ b/packages/@aws-cdk/aws-ecr/package.json @@ -99,7 +99,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-ecs-patterns/package.json b/packages/@aws-cdk/aws-ecs-patterns/package.json index 5aa12690e1955..330a3466e1198 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/package.json +++ b/packages/@aws-cdk/aws-ecs-patterns/package.json @@ -109,7 +109,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-ecs/lib/cluster.ts b/packages/@aws-cdk/aws-ecs/lib/cluster.ts index 4b1f3cbc56aec..b27da8557b757 100644 --- a/packages/@aws-cdk/aws-ecs/lib/cluster.ts +++ b/packages/@aws-cdk/aws-ecs/lib/cluster.ts @@ -227,38 +227,42 @@ export class Cluster extends Resource implements ICluster { this._hasEc2Capacity = true; this.connections.connections.addSecurityGroup(...autoScalingGroup.connections.securityGroups); - // Tie instances to cluster - switch (options.machineImageType) { - // Bottlerocket AMI - case MachineImageType.BOTTLEROCKET: { - autoScalingGroup.addUserData( - // Connect to the cluster - // Source: https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-ECS.md#connecting-to-your-cluster - '[settings.ecs]', - `cluster = "${this.clusterName}"`, - ); - // Enabling SSM - // Source: https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-ECS.md#enabling-ssm - autoScalingGroup.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore')); - // required managed policy - autoScalingGroup.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEC2ContainerServiceforEC2Role')); - break; - } - default: - // Amazon ECS-optimized AMI for Amazon Linux 2 - autoScalingGroup.addUserData(`echo ECS_CLUSTER=${this.clusterName} >> /etc/ecs/ecs.config`); - if (!options.canContainersAccessInstanceRole) { - // Deny containers access to instance metadata service - // Source: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html - autoScalingGroup.addUserData('sudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP'); - autoScalingGroup.addUserData('sudo service iptables save'); - // The following is only for AwsVpc networking mode, but doesn't hurt for the other modes. - autoScalingGroup.addUserData('echo ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config'); - } - - if (autoScalingGroup.spotPrice && options.spotInstanceDraining) { - autoScalingGroup.addUserData('echo ECS_ENABLE_SPOT_INSTANCE_DRAINING=true >> /etc/ecs/ecs.config'); + if ( autoScalingGroup.osType === ec2.OperatingSystemType.WINDOWS ) { + this.configureWindowsAutoScalingGroup(autoScalingGroup, options); + } else { + // Tie instances to cluster + switch (options.machineImageType) { + // Bottlerocket AMI + case MachineImageType.BOTTLEROCKET: { + autoScalingGroup.addUserData( + // Connect to the cluster + // Source: https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-ECS.md#connecting-to-your-cluster + '[settings.ecs]', + `cluster = "${this.clusterName}"`, + ); + // Enabling SSM + // Source: https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-ECS.md#enabling-ssm + autoScalingGroup.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore')); + // required managed policy + autoScalingGroup.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEC2ContainerServiceforEC2Role')); + break; } + default: + // Amazon ECS-optimized AMI for Amazon Linux 2 + autoScalingGroup.addUserData(`echo ECS_CLUSTER=${this.clusterName} >> /etc/ecs/ecs.config`); + if (!options.canContainersAccessInstanceRole) { + // Deny containers access to instance metadata service + // Source: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html + autoScalingGroup.addUserData('sudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP'); + autoScalingGroup.addUserData('sudo service iptables save'); + // The following is only for AwsVpc networking mode, but doesn't hurt for the other modes. + autoScalingGroup.addUserData('echo ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config'); + } + + if (autoScalingGroup.spotPrice && options.spotInstanceDraining) { + autoScalingGroup.addUserData('echo ECS_ENABLE_SPOT_INSTANCE_DRAINING=true >> /etc/ecs/ecs.config'); + } + } } // ECS instances must be able to do these things @@ -315,6 +319,33 @@ export class Cluster extends Resource implements ICluster { } } + private configureWindowsAutoScalingGroup(autoScalingGroup: autoscaling.AutoScalingGroup, options: AddAutoScalingGroupCapacityOptions = {}) { + // clear the cache of the agent + autoScalingGroup.addUserData('Remove-Item -Recurse C:\\ProgramData\\Amazon\\ECS\\Cache'); + + // pull the latest ECS Tools + autoScalingGroup.addUserData('Import-Module ECSTools'); + + // set the cluster name environment variable + autoScalingGroup.addUserData(`[Environment]::SetEnvironmentVariable("ECS_CLUSTER", "${this.clusterName}", "Machine")`); + autoScalingGroup.addUserData('[Environment]::SetEnvironmentVariable("ECS_ENABLE_AWSLOGS_EXECUTIONROLE_OVERRIDE", "true", "Machine")'); + // tslint:disable-next-line: max-line-length + autoScalingGroup.addUserData('[Environment]::SetEnvironmentVariable("ECS_AVAILABLE_LOGGING_DRIVERS", "[\"json-file\",\"awslogs\"]", "Machine")'); + + // enable instance draining + if (autoScalingGroup.spotPrice && options.spotInstanceDraining) { + autoScalingGroup.addUserData('[Environment]::SetEnvironmentVariable("ECS_ENABLE_SPOT_INSTANCE_DRAINING", "true", "Machine")'); + } + + // enable task iam role + if (!options.canContainersAccessInstanceRole) { + autoScalingGroup.addUserData('[Environment]::SetEnvironmentVariable("ECS_ENABLE_TASK_IAM_ROLE", "true", "Machine")'); + autoScalingGroup.addUserData(`Initialize-ECSAgent -Cluster '${this.clusterName}' -EnableTaskIAMRole'`); + } else { + autoScalingGroup.addUserData(`Initialize-ECSAgent -Cluster '${this.clusterName}'`); + } + } + /** * Getter for autoscaling group added to cluster */ diff --git a/packages/@aws-cdk/aws-ecs/package.json b/packages/@aws-cdk/aws-ecs/package.json index b1a530e41c624..fbaf5bb20cc2c 100644 --- a/packages/@aws-cdk/aws-ecs/package.json +++ b/packages/@aws-cdk/aws-ecs/package.json @@ -143,7 +143,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json index 7ba376073123b..34017cbb94b10 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json @@ -711,14 +711,12 @@ "Code": { "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, - "Handler": "index.lambda_handler", "Role": { "Fn::GetAtt": [ "EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA", "Arn" ] }, - "Runtime": "python3.6", "Environment": { "Variables": { "CLUSTER": { @@ -726,6 +724,8 @@ } } }, + "Handler": "index.lambda_handler", + "Runtime": "python3.6", "Tags": [ { "Key": "Name", @@ -1219,7 +1219,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00" }, "S3Key": { "Fn::Join": [ @@ -1232,7 +1232,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -1245,7 +1245,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -1255,19 +1255,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", "Arn" ] }, - "Runtime": "python3.6", + "Handler": "index.handler", "Layers": [ { "Ref": "EnvFileDeploymentAwsCliLayerA8FC897D" } ], + "Runtime": "python3.6", "Timeout": 900 }, "DependsOn": [ @@ -1348,17 +1348,17 @@ "Type": "String", "Description": "Artifact hash for asset \"e9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00": { "Type": "String", - "Description": "S3 bucket for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 bucket for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76": { "Type": "String", - "Description": "S3 key for asset version \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 key for asset version \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7ArtifactHash8926088E": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aArtifactHash595EC1E7": { "Type": "String", - "Description": "Artifact hash for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "Artifact hash for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, "AssetParameters972240f9dd6e036a93d5f081af9a24315b2053828ac049b3b19b2fa12d7ae64aS3Bucket1F1A8472": { "Type": "String", diff --git a/packages/@aws-cdk/aws-ecs/test/test.ecs-cluster.ts b/packages/@aws-cdk/aws-ecs/test/test.ecs-cluster.ts index cbccd0683dd0d..b8f3b3621a71c 100644 --- a/packages/@aws-cdk/aws-ecs/test/test.ecs-cluster.ts +++ b/packages/@aws-cdk/aws-ecs/test/test.ecs-cluster.ts @@ -755,6 +755,59 @@ export = { test.done(); }, + 'configures userdata with powershell if windows machine image is specified'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'MyVpc', {}); + + const cluster = new ecs.Cluster(stack, 'EcsCluster', { vpc }); + cluster.addCapacity('WindowsAutoScalingGroup', { + instanceType: new ec2.InstanceType('t2.micro'), + machineImage: new ecs.EcsOptimizedAmi({ + windowsVersion: ecs.WindowsOptimizedVersion.SERVER_2019, + }), + }); + + // THEN + expect(stack).to(haveResource('AWS::AutoScaling::LaunchConfiguration', { + ImageId: { + Ref: 'SsmParameterValueawsserviceecsoptimizedamiwindowsserver2019englishfullrecommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter', + }, + InstanceType: 't2.micro', + IamInstanceProfile: { + Ref: 'EcsClusterWindowsAutoScalingGroupInstanceProfile65DFA6BB', + }, + SecurityGroups: [ + { + 'Fn::GetAtt': [ + 'EcsClusterWindowsAutoScalingGroupInstanceSecurityGroupDA468DF1', + 'GroupId', + ], + }, + ], + UserData: { + 'Fn::Base64': { + 'Fn::Join': [ + '', + [ + 'Remove-Item -Recurse C:\\ProgramData\\Amazon\\ECS\\Cache\nImport-Module ECSTools\n[Environment]::SetEnvironmentVariable("ECS_CLUSTER", "', + { + Ref: 'EcsCluster97242B84', + }, + "\", \"Machine\")\n[Environment]::SetEnvironmentVariable(\"ECS_ENABLE_AWSLOGS_EXECUTIONROLE_OVERRIDE\", \"true\", \"Machine\")\n[Environment]::SetEnvironmentVariable(\"ECS_AVAILABLE_LOGGING_DRIVERS\", \"[\"json-file\",\"awslogs\"]\", \"Machine\")\n[Environment]::SetEnvironmentVariable(\"ECS_ENABLE_TASK_IAM_ROLE\", \"true\", \"Machine\")\nInitialize-ECSAgent -Cluster '", + { + Ref: 'EcsCluster97242B84', + }, + "' -EnableTaskIAMRole'", + ], + ], + }, + }, + })); + + test.done(); + }, + /* * TODO:v2.0.0 BEGINNING OF OBSOLETE BLOCK */ diff --git a/packages/@aws-cdk/aws-efs/package.json b/packages/@aws-cdk/aws-efs/package.json index 559a961679bc1..8ef7ebb087d9e 100644 --- a/packages/@aws-cdk/aws-efs/package.json +++ b/packages/@aws-cdk/aws-efs/package.json @@ -98,7 +98,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-eks-legacy/package.json b/packages/@aws-cdk/aws-eks-legacy/package.json index ca92246e41c7c..b5adddcd25205 100644 --- a/packages/@aws-cdk/aws-eks-legacy/package.json +++ b/packages/@aws-cdk/aws-eks-legacy/package.json @@ -100,7 +100,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md index 0b92c183fb786..35fc9c24c244e 100644 --- a/packages/@aws-cdk/aws-eks/README.md +++ b/packages/@aws-cdk/aws-eks/README.md @@ -232,8 +232,40 @@ cluster.addNodegroupCapacity('extra-ng-spot', { #### Launch Template Support -You can specify a launch template that the node group will use. Note that when using a custom AMI, Amazon EKS doesn't merge any user data. -Rather, You are responsible for supplying the required bootstrap commands for nodes to join the cluster. +You can specify a launch template that the node group will use. For example, this can be useful if you want to use +a custom AMI or add custom user data. + +When supplying a custom user data script, it must be encoded in the MIME multi-part archive format, since Amazon EKS merges with its own user data. Visit the [Launch Template Docs](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html#launch-template-user-data) +for mode details. + +```ts +const userData = `MIME-Version: 1.0 +Content-Type: multipart/mixed; boundary="==MYBOUNDARY==" + +--==MYBOUNDARY== +Content-Type: text/x-shellscript; charset="us-ascii" + +#!/bin/bash +echo "Running custom user data script" + +--==MYBOUNDARY==--\\ +`; +const lt = new ec2.CfnLaunchTemplate(this, 'LaunchTemplate', { + launchTemplateData: { + instanceType: 't3.small', + userData: Fn.base64(userData), + }, +}); +cluster.addNodegroupCapacity('extra-ng', { + launchTemplateSpec: { + id: lt.ref, + version: lt.attrLatestVersionNumber, + }, +}); + +``` + +Note that when using a custom AMI, Amazon EKS doesn't merge any user data. Which means you do not need the multi-part encoding. and are responsible for supplying the required bootstrap commands for nodes to join the cluster. In the following example, `/ect/eks/bootstrap.sh` from the AMI will be used to bootstrap the node. ```ts @@ -245,19 +277,19 @@ userData.addCommands( const lt = new ec2.CfnLaunchTemplate(this, 'LaunchTemplate', { launchTemplateData: { imageId: 'some-ami-id', // custom AMI - instanceType: new ec2.InstanceType('t3.small').toString(), + instanceType: 't3.small', userData: Fn.base64(userData.render()), }, }); cluster.addNodegroupCapacity('extra-ng', { launchTemplateSpec: { id: lt.ref, - version: lt.attrDefaultVersionNumber, + version: lt.attrLatestVersionNumber, }, }); ``` -You may specify one or instance types in either the `instanceTypes` property of `NodeGroup` or in the launch template, **but not both**. +You may specify one `instanceType` in the launch template or multiple `instanceTypes` in the node group, **but not both**. > For more details visit [Launch Template Support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html). @@ -401,6 +433,8 @@ terminated. > > Chart Version: [0.9.5](https://github.com/aws/eks-charts/blob/v0.0.28/stable/aws-node-termination-handler/Chart.yaml) +To disable the installation of the termination handler, set the `spotInterruptHandler` property to `false`. This applies both to `addAutoScalingGroupCapacity` and `connectAutoScalingGroupCapacity`. + #### Bottlerocket [Bottlerocket](https://aws.amazon.com/bottlerocket/) is a Linux-based open-source operating system that is purpose-built by Amazon Web Services for running containers on virtual machines or bare metal hosts. diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index cb35a3c719283..0b221c8347b56 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -1177,6 +1177,7 @@ export class Cluster extends ClusterBase { bootstrapOptions: options.bootstrapOptions, bootstrapEnabled: options.bootstrapEnabled, machineImageType: options.machineImageType, + spotInterruptHandler: options.spotInterruptHandler, }); if (nodeTypeForInstanceType(options.instanceType) === NodeType.INFERENTIA) { @@ -1286,8 +1287,9 @@ export class Cluster extends ClusterBase { }); } + const addSpotInterruptHandler = options.spotInterruptHandler ?? true; // if this is an ASG with spot instances, install the spot interrupt handler (only if kubectl is enabled). - if (autoScalingGroup.spotPrice) { + if (autoScalingGroup.spotPrice && addSpotInterruptHandler) { this.addSpotInterruptHandler(); } } @@ -1444,7 +1446,9 @@ export class Cluster extends ClusterBase { repository: 'https://aws.github.io/eks-charts', namespace: 'kube-system', values: { - 'nodeSelector.lifecycle': LifecycleLabel.SPOT, + nodeSelector: { + lifecycle: LifecycleLabel.SPOT, + }, }, }); } @@ -1576,6 +1580,14 @@ export interface AutoScalingGroupCapacityOptions extends autoscaling.CommonAutoS * @default MachineImageType.AMAZON_LINUX_2 */ readonly machineImageType?: MachineImageType; + + /** + * Installs the AWS spot instance interrupt handler on the cluster if it's not + * already added. Only relevant if `spotPrice` is used. + * + * @default true + */ + readonly spotInterruptHandler?: boolean; } /** @@ -1667,6 +1679,14 @@ export interface AutoScalingGroupOptions { * @default MachineImageType.AMAZON_LINUX_2 */ readonly machineImageType?: MachineImageType; + + /** + * Installs the AWS spot instance interrupt handler on the cluster if it's not + * already added. Only relevant if `spotPrice` is configured on the auto-scaling group. + * + * @default true + */ + readonly spotInterruptHandler?: boolean; } /** diff --git a/packages/@aws-cdk/aws-eks/lib/managed-nodegroup.ts b/packages/@aws-cdk/aws-eks/lib/managed-nodegroup.ts index 576957512cc6d..7d46fb00c6e92 100644 --- a/packages/@aws-cdk/aws-eks/lib/managed-nodegroup.ts +++ b/packages/@aws-cdk/aws-eks/lib/managed-nodegroup.ts @@ -226,10 +226,6 @@ export interface NodegroupProps extends NodegroupOptions { * The Nodegroup resource class */ export class Nodegroup extends Resource implements INodegroup { - /** - * Default instanceTypes - */ - public static readonly DEFAULT_INSTANCE_TYPES = [new InstanceType('t3.medium')]; /** * Import the Nodegroup from attributes */ @@ -291,16 +287,17 @@ export class Nodegroup extends Resource implements INodegroup { if (props.instanceType) { Annotations.of(this).addWarning('"instanceType" is deprecated and will be removed in the next major version. please use "instanceTypes" instead'); } - const instanceTypes = props.instanceTypes ?? (props.instanceType ? [props.instanceType] : Nodegroup.DEFAULT_INSTANCE_TYPES); - // get unique AMI types from instanceTypes - const uniqAmiTypes = getAmiTypes(instanceTypes); - // uniqAmiTypes.length should be at least 1 - if (uniqAmiTypes.length > 1) { - throw new Error('instanceTypes of different CPU architectures is not allowed'); - } - const determinedAmiType = uniqAmiTypes[0]; - if (props.amiType && props.amiType !== determinedAmiType) { - throw new Error(`The specified AMI does not match the instance types architecture, either specify ${determinedAmiType} or dont specify any`); + const instanceTypes = props.instanceTypes ?? (props.instanceType ? [props.instanceType] : undefined); + let expectedAmiType = undefined; + + if (instanceTypes && instanceTypes.length > 0) { + // if the user explicitly configured instance types, we can calculate the expected ami type. + expectedAmiType = getAmiType(instanceTypes); + + // if the user explicitly configured an ami type, make sure its the same as the expected one. + if (props.amiType && props.amiType !== expectedAmiType) { + throw new Error(`The specified AMI does not match the instance types architecture, either specify ${expectedAmiType} or dont specify any`); + } } if (!props.nodeRole) { @@ -321,13 +318,18 @@ export class Nodegroup extends Resource implements INodegroup { nodegroupName: props.nodegroupName, nodeRole: this.role.roleArn, subnets: this.cluster.vpc.selectSubnets(props.subnets).subnetIds, - // AmyType is not allowed by CFN when specifying an image id in your launch template. - amiType: props.launchTemplateSpec === undefined ? determinedAmiType : undefined, + + // if a launch template is configured, we cannot apply a default since it + // might exist in the launch template as well, causing a deployment failure. + amiType: props.launchTemplateSpec !== undefined ? props.amiType : (props.amiType ?? expectedAmiType), + capacityType: props.capacityType ? props.capacityType.valueOf() : undefined, diskSize: props.diskSize, forceUpdateEnabled: props.forceUpdate ?? true, - instanceTypes: props.instanceTypes ? props.instanceTypes.map(t => t.toString()) : - props.instanceType ? [props.instanceType.toString()] : undefined, + + // note that we don't check if a launch template is configured here (even though it might configure instance types as well) + // because this doesn't have a default value, meaning the user had to explicitly configure this. + instanceTypes: instanceTypes?.map(t => t.toString()), labels: props.labels, releaseVersion: props.releaseVersion, remoteAccess: props.remoteAccess ? { @@ -392,8 +394,16 @@ function getAmiTypeForInstanceType(instanceType: InstanceType) { NodegroupAmiType.AL2_X86_64; } -function getAmiTypes(instanceType: InstanceType[]) { - const amiTypes = instanceType.map(i =>getAmiTypeForInstanceType(i)); - // retuen unique AMI types - return [...new Set(amiTypes)]; +// this function examines the CPU architecture of every instance type and determines +// what ami type is compatible for all of them. it either throws or produces a single value because +// instance types of different CPU architectures are not supported. +function getAmiType(instanceTypes: InstanceType[]) { + const amiTypes = new Set(instanceTypes.map(i => getAmiTypeForInstanceType(i))); + if (amiTypes.size == 0) { // protective code, the current implementation will never result in this. + throw new Error(`Cannot determine any ami type comptaible with instance types: ${instanceTypes.map(i => i.toString).join(',')}`); + } + if (amiTypes.size > 1) { + throw new Error('instanceTypes of different CPU architectures is not allowed'); + } + return amiTypes.values().next().value; } diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 39a08e0352fd5..773a62c580d25 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -76,7 +76,7 @@ "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", "@types/yaml": "1.9.6", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -118,7 +118,7 @@ "@aws-cdk/lambda-layer-kubectl": "0.0.0" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json index 230268fdca0f7..5c0b4bf402a5b 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json @@ -2739,7 +2739,7 @@ "Release": "ksclustertestclusterchartspotinterrupthandlerf41ba997", "Chart": "aws-node-termination-handler", "Version": "0.13.2", - "Values": "{\"nodeSelector.lifecycle\":\"Ec2Spot\"}", + "Values": "{\"nodeSelector\":{\"lifecycle\":\"Ec2Spot\"}}", "Namespace": "kube-system", "Repository": "https://aws.github.io/eks-charts", "CreateNamespace": true diff --git a/packages/@aws-cdk/aws-eks/test/test.cluster.ts b/packages/@aws-cdk/aws-eks/test/test.cluster.ts index f485253d1eba4..171e07fdced72 100644 --- a/packages/@aws-cdk/aws-eks/test/test.cluster.ts +++ b/packages/@aws-cdk/aws-eks/test/test.cluster.ts @@ -188,6 +188,31 @@ export = { }, + 'spot interrupt handler is not added if spotInterruptHandler is false when connecting self-managed nodes'(test: Test) { + + // GIVEN + const { stack, vpc } = testFixture(); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + prune: false, + }); + + const selfManaged = new asg.AutoScalingGroup(stack, 'self-managed', { + instanceType: new ec2.InstanceType('t2.medium'), + vpc: vpc, + machineImage: new ec2.AmazonLinuxImage(), + spotPrice: '0.1', + }); + + // WHEN + cluster.connectAutoScalingGroupCapacity(selfManaged, { spotInterruptHandler: false }); + + test.equal(cluster.node.findAll().filter(c => c.node.id === 'chart-spot-interrupt-handler').length, 0); + test.done(); + }, + 'throws when a non cdk8s chart construct is added as cdk8s chart'(test: Test) { const { stack } = testFixture(); @@ -1285,13 +1310,30 @@ export = { expect(stack).to(haveResource(eks.HelmChart.RESOURCE_TYPE, { Release: 'stackclusterchartspotinterrupthandlerdec62e07', Chart: 'aws-node-termination-handler', - Values: '{\"nodeSelector.lifecycle\":\"Ec2Spot\"}', + Values: '{\"nodeSelector\":{\"lifecycle\":\"Ec2Spot\"}}', Namespace: 'kube-system', Repository: 'https://aws.github.io/eks-charts', })); test.done(); }, + 'interrupt handler is not added when spotInterruptHandler is false'(test: Test) { + // GIVEN + const { stack } = testFixtureNoVpc(); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION, prune: false }); + + // WHEN + cluster.addAutoScalingGroupCapacity('MyCapcity', { + instanceType: new ec2.InstanceType('m3.xlarge'), + spotPrice: '0.01', + spotInterruptHandler: false, + }); + + // THEN + test.equal(cluster.node.findAll().filter(c => c.node.id === 'chart-spot-interrupt-handler').length, 0); + test.done(); + }, + 'its possible to add two capacities with spot instances and only one stop handler will be installed'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); diff --git a/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts b/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts index ff962572a6f92..241482d469c65 100644 --- a/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts +++ b/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts @@ -10,6 +10,92 @@ import { testFixture } from './util'; const CLUSTER_VERSION = eks.KubernetesVersion.V1_18; export = { + + 'default ami type is not applied when launch template is configured'(test: Test) { + + // GIVEN + const { stack, vpc } = testFixture(); + + const launchTemplate = new ec2.CfnLaunchTemplate(stack, 'LaunchTemplate', { + launchTemplateData: { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.C5, ec2.InstanceSize.MEDIUM).toString(), + }, + }); + + // WHEN + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); + new eks.Nodegroup(stack, 'Nodegroup', { + cluster, + instanceTypes: [ec2.InstanceType.of(ec2.InstanceClass.C5, ec2.InstanceSize.LARGE)], + launchTemplateSpec: { + id: launchTemplate.ref, + version: launchTemplate.attrLatestVersionNumber, + }, + }); + + // THEN + test.equal(expect(stack).value.Resources.Nodegroup62B4B2C1.Properties.AmiType, undefined); + test.done(); + }, + + 'explicit ami type is applied even when launch template is configured'(test: Test) { + + // GIVEN + const { stack, vpc } = testFixture(); + + const launchTemplate = new ec2.CfnLaunchTemplate(stack, 'LaunchTemplate', { + launchTemplateData: { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.C5, ec2.InstanceSize.MEDIUM).toString(), + }, + }); + + // WHEN + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); + new eks.Nodegroup(stack, 'Nodegroup', { + cluster, + amiType: eks.NodegroupAmiType.AL2_X86_64, + launchTemplateSpec: { + id: launchTemplate.ref, + version: launchTemplate.attrLatestVersionNumber, + }, + }); + + // THEN + test.equal(expect(stack).value.Resources.Nodegroup62B4B2C1.Properties.AmiType, 'AL2_x86_64'); + test.done(); + }, + + 'ami type is taken as is when no instance types are configured'(test: Test) { + + // GIVEN + const { stack, vpc } = testFixture(); + + // WHEN + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); + new eks.Nodegroup(stack, 'Nodegroup', { + cluster, + amiType: eks.NodegroupAmiType.AL2_X86_64_GPU, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::EKS::Nodegroup', { + AmiType: 'AL2_x86_64_GPU', + })); + test.done(); + }, + 'create nodegroup correctly'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); diff --git a/packages/@aws-cdk/aws-elasticache/package.json b/packages/@aws-cdk/aws-elasticache/package.json index 8f89a5c5b7238..c28539b5b06b5 100644 --- a/packages/@aws-cdk/aws-elasticache/package.json +++ b/packages/@aws-cdk/aws-elasticache/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-elasticbeanstalk/package.json b/packages/@aws-cdk/aws-elasticbeanstalk/package.json index da4ed4bc4f320..c112c9280c718 100644 --- a/packages/@aws-cdk/aws-elasticbeanstalk/package.json +++ b/packages/@aws-cdk/aws-elasticbeanstalk/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/package.json b/packages/@aws-cdk/aws-elasticloadbalancing/package.json index 42612b65ae9ea..7792b2c813531 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/package.json @@ -92,7 +92,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "nyc": { "statements": 75 diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json index f0df897f6db29..ae4c86ed370c7 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json index 2c5de8a263103..a3813eea37f1d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 25f2a85c1d082..141302e37b87a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -108,7 +108,7 @@ "@aws-cdk/region-info": "0.0.0" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts index 480361c1358f6..668086dab5372 100644 --- a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts +++ b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts @@ -1474,6 +1474,36 @@ export class Domain extends DomainBase implements IDomain { }); } + const logPublishing: Record = {}; + + if (this.appLogGroup) { + logPublishing.ES_APPLICATION_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.appLogGroup.logGroupArn, + }; + } + + if (this.slowSearchLogGroup) { + logPublishing.SEARCH_SLOW_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.slowSearchLogGroup.logGroupArn, + }; + } + + if (this.slowIndexLogGroup) { + logPublishing.INDEX_SLOW_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.slowIndexLogGroup.logGroupArn, + }; + } + + if (this.auditLogGroup) { + logPublishing.AUDIT_LOGS = { + enabled: this.auditLogGroup != null, + cloudWatchLogsLogGroupArn: this.auditLogGroup?.logGroupArn, + }; + } + // Create the domain this.domain = new CfnDomain(this, 'Resource', { domainName: this.physicalName, @@ -1506,24 +1536,7 @@ export class Domain extends DomainBase implements IDomain { : undefined, }, nodeToNodeEncryptionOptions: { enabled: nodeToNodeEncryptionEnabled }, - logPublishingOptions: { - AUDIT_LOGS: { - enabled: this.auditLogGroup != null, - cloudWatchLogsLogGroupArn: this.auditLogGroup?.logGroupArn, - }, - ES_APPLICATION_LOGS: { - enabled: this.appLogGroup != null, - cloudWatchLogsLogGroupArn: this.appLogGroup?.logGroupArn, - }, - SEARCH_SLOW_LOGS: { - enabled: this.slowSearchLogGroup != null, - cloudWatchLogsLogGroupArn: this.slowSearchLogGroup?.logGroupArn, - }, - INDEX_SLOW_LOGS: { - enabled: this.slowIndexLogGroup != null, - cloudWatchLogsLogGroupArn: this.slowIndexLogGroup?.logGroupArn, - }, - }, + logPublishingOptions: logPublishing, cognitoOptions: { enabled: props.cognitoKibanaAuth != null, identityPoolId: props.cognitoKibanaAuth?.identityPoolId, diff --git a/packages/@aws-cdk/aws-elasticsearch/package.json b/packages/@aws-cdk/aws-elasticsearch/package.json index 07c8b997db14c..00cf8c59b320d 100644 --- a/packages/@aws-cdk/aws-elasticsearch/package.json +++ b/packages/@aws-cdk/aws-elasticsearch/package.json @@ -104,7 +104,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts index affa1d45e4477..ff85a85e218f8 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts +++ b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts @@ -89,18 +89,10 @@ test('minimal example renders correctly', () => { Enabled: false, }, LogPublishingOptions: { - AUDIT_LOGS: { - Enabled: false, - }, - ES_APPLICATION_LOGS: { - Enabled: false, - }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + AUDIT_LOGS: assert.ABSENT, + ES_APPLICATION_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, NodeToNodeEncryptionOptions: { Enabled: false, @@ -133,9 +125,6 @@ describe('log groups', () => { expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { LogPublishingOptions: { - ES_APPLICATION_LOGS: { - Enabled: false, - }, SEARCH_SLOW_LOGS: { CloudWatchLogsLogGroupArn: { 'Fn::GetAtt': [ @@ -145,9 +134,9 @@ describe('log groups', () => { }, Enabled: true, }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + AUDIT_LOGS: assert.ABSENT, + ES_APPLICATION_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -162,12 +151,6 @@ describe('log groups', () => { expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { LogPublishingOptions: { - ES_APPLICATION_LOGS: { - Enabled: false, - }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, INDEX_SLOW_LOGS: { CloudWatchLogsLogGroupArn: { 'Fn::GetAtt': [ @@ -177,6 +160,9 @@ describe('log groups', () => { }, Enabled: true, }, + AUDIT_LOGS: assert.ABSENT, + ES_APPLICATION_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -200,12 +186,9 @@ describe('log groups', () => { }, Enabled: true, }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + AUDIT_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -237,15 +220,9 @@ describe('log groups', () => { }, Enabled: true, }, - ES_APPLICATION_LOGS: { - Enabled: false, - }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + ES_APPLICATION_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -296,6 +273,7 @@ describe('log groups', () => { }, Enabled: true, }, + AUDIT_LOGS: assert.ABSENT, }, }); expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { @@ -327,6 +305,7 @@ describe('log groups', () => { }, Enabled: true, }, + AUDIT_LOGS: assert.ABSENT, }, }); }); @@ -385,12 +364,6 @@ describe('log groups', () => { expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { LogPublishingOptions: { - AUDIT_LOGS: { - Enabled: false, - }, - ES_APPLICATION_LOGS: { - Enabled: false, - }, SEARCH_SLOW_LOGS: { CloudWatchLogsLogGroupArn: { 'Fn::GetAtt': [ @@ -400,9 +373,9 @@ describe('log groups', () => { }, Enabled: true, }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + AUDIT_LOGS: assert.ABSENT, + ES_APPLICATION_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -420,15 +393,6 @@ describe('log groups', () => { expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { LogPublishingOptions: { - AUDIT_LOGS: { - Enabled: false, - }, - ES_APPLICATION_LOGS: { - Enabled: false, - }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, INDEX_SLOW_LOGS: { CloudWatchLogsLogGroupArn: { 'Fn::GetAtt': [ @@ -438,6 +402,9 @@ describe('log groups', () => { }, Enabled: true, }, + AUDIT_LOGS: assert.ABSENT, + ES_APPLICATION_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -455,9 +422,6 @@ describe('log groups', () => { expect(stack).toHaveResourceLike('AWS::Elasticsearch::Domain', { LogPublishingOptions: { - AUDIT_LOGS: { - Enabled: false, - }, ES_APPLICATION_LOGS: { CloudWatchLogsLogGroupArn: { 'Fn::GetAtt': [ @@ -467,12 +431,9 @@ describe('log groups', () => { }, Enabled: true, }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + AUDIT_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); @@ -507,15 +468,9 @@ describe('log groups', () => { }, Enabled: true, }, - ES_APPLICATION_LOGS: { - Enabled: false, - }, - SEARCH_SLOW_LOGS: { - Enabled: false, - }, - INDEX_SLOW_LOGS: { - Enabled: false, - }, + ES_APPLICATION_LOGS: assert.ABSENT, + SEARCH_SLOW_LOGS: assert.ABSENT, + INDEX_SLOW_LOGS: assert.ABSENT, }, }); }); diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.advancedsecurity.expected.json b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.advancedsecurity.expected.json index a4ec48af68521..e919ee6365e8e 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.advancedsecurity.expected.json +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.advancedsecurity.expected.json @@ -40,20 +40,7 @@ "EncryptionAtRestOptions": { "Enabled": true }, - "LogPublishingOptions": { - "AUDIT_LOGS": { - "Enabled": false - }, - "ES_APPLICATION_LOGS": { - "Enabled": false - }, - "SEARCH_SLOW_LOGS": { - "Enabled": false - }, - "INDEX_SLOW_LOGS": { - "Enabled": false - } - }, + "LogPublishingOptions": {}, "NodeToNodeEncryptionOptions": { "Enabled": true } diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.custom-kms-key.expected.json b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.custom-kms-key.expected.json index f987bec734004..fafc653e73740 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.custom-kms-key.expected.json +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.custom-kms-key.expected.json @@ -211,9 +211,6 @@ } }, "LogPublishingOptions": { - "AUDIT_LOGS": { - "Enabled": false - }, "ES_APPLICATION_LOGS": { "CloudWatchLogsLogGroupArn": { "Fn::GetAtt": [ @@ -231,9 +228,6 @@ ] }, "Enabled": true - }, - "INDEX_SLOW_LOGS": { - "Enabled": false } }, "NodeToNodeEncryptionOptions": { @@ -442,13 +436,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn" ] }, + "Handler": "index.handler", "Runtime": "nodejs12.x", "Timeout": 120 }, diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.expected.json b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.expected.json index a6a6dd2b0d37f..6c782aee20cc9 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.expected.json +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.expected.json @@ -157,9 +157,6 @@ "Enabled": true }, "LogPublishingOptions": { - "AUDIT_LOGS": { - "Enabled": false - }, "ES_APPLICATION_LOGS": { "CloudWatchLogsLogGroupArn": { "Fn::GetAtt": [ @@ -177,9 +174,6 @@ ] }, "Enabled": true - }, - "INDEX_SLOW_LOGS": { - "Enabled": false } }, "NodeToNodeEncryptionOptions": { @@ -358,13 +352,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn" ] }, + "Handler": "index.handler", "Runtime": "nodejs12.x", "Timeout": 120 }, @@ -529,9 +523,6 @@ "Enabled": true }, "LogPublishingOptions": { - "AUDIT_LOGS": { - "Enabled": false - }, "ES_APPLICATION_LOGS": { "CloudWatchLogsLogGroupArn": { "Fn::GetAtt": [ @@ -549,9 +540,6 @@ ] }, "Enabled": true - }, - "INDEX_SLOW_LOGS": { - "Enabled": false } }, "NodeToNodeEncryptionOptions": { diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.unsignedbasicauth.expected.json b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.unsignedbasicauth.expected.json index 99ca282a3469a..b55ac9e14df69 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.unsignedbasicauth.expected.json +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch.unsignedbasicauth.expected.json @@ -4,8 +4,8 @@ "Type": "AWS::SecretsManager::Secret", "Properties": { "GenerateSecretString": { - "GenerateStringKey": "password", "ExcludeCharacters": "{}'\\*[]()`", + "GenerateStringKey": "password", "SecretStringTemplate": "{\"username\":\"admin\"}" } } @@ -54,20 +54,7 @@ "EncryptionAtRestOptions": { "Enabled": true }, - "LogPublishingOptions": { - "AUDIT_LOGS": { - "Enabled": false - }, - "ES_APPLICATION_LOGS": { - "Enabled": false - }, - "SEARCH_SLOW_LOGS": { - "Enabled": false - }, - "INDEX_SLOW_LOGS": { - "Enabled": false - } - }, + "LogPublishingOptions": {}, "NodeToNodeEncryptionOptions": { "Enabled": true } @@ -297,4 +284,4 @@ "Description": "Artifact hash for asset \"b64b129569a5ac7a9abf88a18ac0b504d1fb1208872460476ed3fd435830eb94\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-emr/package.json b/packages/@aws-cdk/aws-emr/package.json index 184ed9060344a..12827772ad057 100644 --- a/packages/@aws-cdk/aws-emr/package.json +++ b/packages/@aws-cdk/aws-emr/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index 9f67340edfe04..b7f6923e10b0d 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -77,7 +77,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", @@ -126,7 +126,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-events/package.json b/packages/@aws-cdk/aws-events/package.json index 4f4831fcd03c3..6ce0c48eb34db 100644 --- a/packages/@aws-cdk/aws-events/package.json +++ b/packages/@aws-cdk/aws-events/package.json @@ -94,7 +94,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-eventschemas/package.json b/packages/@aws-cdk/aws-eventschemas/package.json index c6430908d2217..a1f8138f6e3bf 100644 --- a/packages/@aws-cdk/aws-eventschemas/package.json +++ b/packages/@aws-cdk/aws-eventschemas/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-fms/package.json b/packages/@aws-cdk/aws-fms/package.json index 168a95167750b..37db1822688df 100644 --- a/packages/@aws-cdk/aws-fms/package.json +++ b/packages/@aws-cdk/aws-fms/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-fsx/package.json b/packages/@aws-cdk/aws-fsx/package.json index 39cac9ed7ffc0..62a572c56f0f1 100644 --- a/packages/@aws-cdk/aws-fsx/package.json +++ b/packages/@aws-cdk/aws-fsx/package.json @@ -97,7 +97,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-gamelift/package.json b/packages/@aws-cdk/aws-gamelift/package.json index fda4f58696f60..dbf22cc3ba4ce 100644 --- a/packages/@aws-cdk/aws-gamelift/package.json +++ b/packages/@aws-cdk/aws-gamelift/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-globalaccelerator/package.json b/packages/@aws-cdk/aws-globalaccelerator/package.json index 331ba5ddea4fc..40b1013bc82b8 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/package.json +++ b/packages/@aws-cdk/aws-globalaccelerator/package.json @@ -96,7 +96,7 @@ "@aws-cdk/custom-resources": "0.0.0" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-glue/package.json b/packages/@aws-cdk/aws-glue/package.json index 1d50c80e32441..4a4a540875740 100644 --- a/packages/@aws-cdk/aws-glue/package.json +++ b/packages/@aws-cdk/aws-glue/package.json @@ -98,7 +98,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-greengrass/package.json b/packages/@aws-cdk/aws-greengrass/package.json index 93dfabe51ee99..606c143dbe8f3 100644 --- a/packages/@aws-cdk/aws-greengrass/package.json +++ b/packages/@aws-cdk/aws-greengrass/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-greengrassv2/package.json b/packages/@aws-cdk/aws-greengrassv2/package.json index 635baceaae643..d653e6304a4c4 100644 --- a/packages/@aws-cdk/aws-greengrassv2/package.json +++ b/packages/@aws-cdk/aws-greengrassv2/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-guardduty/package.json b/packages/@aws-cdk/aws-guardduty/package.json index 26a7e84f19f97..ffad049d9738a 100644 --- a/packages/@aws-cdk/aws-guardduty/package.json +++ b/packages/@aws-cdk/aws-guardduty/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iam/README.md b/packages/@aws-cdk/aws-iam/README.md index a676af6352cf2..d9488e7d081c8 100644 --- a/packages/@aws-cdk/aws-iam/README.md +++ b/packages/@aws-cdk/aws-iam/README.md @@ -320,6 +320,34 @@ const provider = new iam.OpenIdConnectProvider(this, 'MyProvider', { const principal = new iam.OpenIdConnectPrincipal(provider); ``` +## Users + +IAM manages users for your AWS account. To create a new user: + +```ts +const user = new User(this, 'MyUser'); +``` + +To import an existing user by name [with path](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names): + +```ts +const user = User.fromUserName(stack, 'MyImportedUserByName', 'johnsmith'); +``` + +To import an existing user by ARN: + +```ts +const user = User.fromUserArn(this, 'MyImportedUserByArn', 'arn:aws:iam::123456789012:user/johnsmith'); +``` + +To import an existing user by attributes: + +```ts +const user = User.fromUserAttributes(stack, 'MyImportedUserByAttributes', { + userArn: 'arn:aws:iam::123456789012:user/johnsmith', +}); +``` + ## Features * Policy name uniqueness is enforced. If two policies by the same name are attached to the same diff --git a/packages/@aws-cdk/aws-iam/lib/user.ts b/packages/@aws-cdk/aws-iam/lib/user.ts index a8c3b61443771..5c8f6418a9bb8 100644 --- a/packages/@aws-cdk/aws-iam/lib/user.ts +++ b/packages/@aws-cdk/aws-iam/lib/user.ts @@ -1,4 +1,4 @@ -import { Aws, Lazy, Resource, SecretValue, Stack } from '@aws-cdk/core'; +import { Arn, Aws, Lazy, Resource, SecretValue, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { IGroup } from './group'; import { CfnUser } from './iam.generated'; @@ -119,6 +119,18 @@ export interface UserProps { readonly passwordResetRequired?: boolean; } +/** + * Represents a user defined outside of this stack. + */ +export interface UserAttributes { + /** + * The ARN of the user. + * + * Format: arn::iam:::user/ + */ + readonly userArn: string; +} + /** * Define a new IAM user */ @@ -131,20 +143,42 @@ export class User extends Resource implements IIdentity, IUser { * @param userName the username of the existing user to import */ public static fromUserName(scope: Construct, id: string, userName: string): IUser { - const arn = Stack.of(scope).formatArn({ + const userArn = Stack.of(scope).formatArn({ service: 'iam', region: '', resource: 'user', resourceName: userName, }); + return User.fromUserAttributes(scope, id, { userArn }); + } + + /** + * Import an existing user given a user ARN. + * + * @param scope construct scope + * @param id construct id + * @param userArn the ARN of an existing user to import + */ + public static fromUserArn(scope: Construct, id: string, userArn: string): IUser { + return User.fromUserAttributes(scope, id, { userArn }); + } + + /** + * Import an existing user given user attributes. + * + * @param scope construct scope + * @param id construct id + * @param attrs the attributes of the user to import + */ + public static fromUserAttributes(scope: Construct, id: string, attrs: UserAttributes): IUser { class Import extends Resource implements IUser { public readonly grantPrincipal: IPrincipal = this; public readonly principalAccount = Aws.ACCOUNT_ID; - public readonly userName: string = userName; - public readonly userArn: string = arn; + public readonly userName: string = Arn.extractResourceName(attrs.userArn, 'user'); + public readonly userArn: string = attrs.userArn; public readonly assumeRoleAction: string = 'sts:AssumeRole'; - public readonly policyFragment: PrincipalPolicyFragment = new ArnPrincipal(arn).policyFragment; + public readonly policyFragment: PrincipalPolicyFragment = new ArnPrincipal(attrs.userArn).policyFragment; private readonly attachedPolicies = new AttachedPolicies(); private defaultPolicy?: Policy; diff --git a/packages/@aws-cdk/aws-iam/package.json b/packages/@aws-cdk/aws-iam/package.json index 1697e6f640398..ebb1a574fe55c 100644 --- a/packages/@aws-cdk/aws-iam/package.json +++ b/packages/@aws-cdk/aws-iam/package.json @@ -101,7 +101,7 @@ }, "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-iam/test/integ.user.expected.json b/packages/@aws-cdk/aws-iam/test/integ.user.expected.json index 2c4bc6c9b52c0..a57b3db4c6f32 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.user.expected.json +++ b/packages/@aws-cdk/aws-iam/test/integ.user.expected.json @@ -4,11 +4,22 @@ "Type": "AWS::IAM::User", "Properties": { "LoginProfile": { - "Password": "1234", + "Password": "Test1234567890!", "PasswordResetRequired": true }, "UserName": "benisrae" } } + }, + "Outputs": { + "NameForUserImportedByArn": { + "Value": "rossrhodes" + }, + "NameForUserImportedByAttributes": { + "Value": "johndoe" + }, + "NameForUserImportedByName": { + "Value": "janedoe" + } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-iam/test/integ.user.ts b/packages/@aws-cdk/aws-iam/test/integ.user.ts index 198f3ecb77c4c..7f8d00695742c 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.user.ts +++ b/packages/@aws-cdk/aws-iam/test/integ.user.ts @@ -1,4 +1,4 @@ -import { App, SecretValue, Stack } from '@aws-cdk/core'; +import { App, CfnOutput, SecretValue, Stack } from '@aws-cdk/core'; import { User } from '../lib'; const app = new App(); @@ -7,8 +7,18 @@ const stack = new Stack(app, 'aws-cdk-iam-user'); new User(stack, 'MyUser', { userName: 'benisrae', - password: SecretValue.plainText('1234'), + password: SecretValue.plainText('Test1234567890!'), passwordResetRequired: true, }); +const userImportedByArn = User.fromUserArn(stack, 'ImportedUserByArn', 'arn:aws:iam::123456789012:user/rossrhodes'); +const userImportedByAttributes = User.fromUserAttributes(stack, 'ImportedUserByAttributes', { + userArn: 'arn:aws:iam::123456789012:user/johndoe', +}); +const userImportedByName = User.fromUserName(stack, 'ImportedUserByName', 'janedoe'); + +new CfnOutput(stack, 'NameForUserImportedByArn', { value: userImportedByArn.userName }); +new CfnOutput(stack, 'NameForUserImportedByAttributes', { value: userImportedByAttributes.userName }); +new CfnOutput(stack, 'NameForUserImportedByName', { value: userImportedByName.userName }); + app.synth(); diff --git a/packages/@aws-cdk/aws-iam/test/user.test.ts b/packages/@aws-cdk/aws-iam/test/user.test.ts index 9908eeac2c6c7..4a59a86d4a45d 100644 --- a/packages/@aws-cdk/aws-iam/test/user.test.ts +++ b/packages/@aws-cdk/aws-iam/test/user.test.ts @@ -81,7 +81,7 @@ describe('IAM user', () => { }); }); - test('imported user has an ARN', () => { + test('user imported by user name has an ARN', () => { // GIVEN const stack = new Stack(); @@ -94,6 +94,32 @@ describe('IAM user', () => { }); }); + test('user imported by user ARN has a name', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserArn(stack, 'import', `arn:aws:iam::account-id:user/${userName}`); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + + test('user imported by user attributes has a name', () => { + // GIVEN + const stack = new Stack(); + const userName = 'MyUserName'; + + // WHEN + const user = User.fromUserAttributes(stack, 'import', { + userArn: `arn:aws:iam::account-id:user/${userName}`, + }); + + // THEN + expect(stack.resolve(user.userName)).toStrictEqual(userName); + }); + test('add to policy of imported user', () => { // GIVEN const stack = new Stack(); diff --git a/packages/@aws-cdk/aws-imagebuilder/package.json b/packages/@aws-cdk/aws-imagebuilder/package.json index ff0ed2bbe9678..452e2f6ed8fa2 100644 --- a/packages/@aws-cdk/aws-imagebuilder/package.json +++ b/packages/@aws-cdk/aws-imagebuilder/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-inspector/package.json b/packages/@aws-cdk/aws-inspector/package.json index 72920e0d8da05..d767da5c11463 100644 --- a/packages/@aws-cdk/aws-inspector/package.json +++ b/packages/@aws-cdk/aws-inspector/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iot/package.json b/packages/@aws-cdk/aws-iot/package.json index 1a93905cc3e9f..ecb5945f55aba 100644 --- a/packages/@aws-cdk/aws-iot/package.json +++ b/packages/@aws-cdk/aws-iot/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iot1click/package.json b/packages/@aws-cdk/aws-iot1click/package.json index 6ca9e533cc1ea..5b2e454c8cb81 100644 --- a/packages/@aws-cdk/aws-iot1click/package.json +++ b/packages/@aws-cdk/aws-iot1click/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iotanalytics/package.json b/packages/@aws-cdk/aws-iotanalytics/package.json index 4b630c634fb92..6d575f2a93943 100644 --- a/packages/@aws-cdk/aws-iotanalytics/package.json +++ b/packages/@aws-cdk/aws-iotanalytics/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iotevents/package.json b/packages/@aws-cdk/aws-iotevents/package.json index 270da397bb18a..adba82161f209 100644 --- a/packages/@aws-cdk/aws-iotevents/package.json +++ b/packages/@aws-cdk/aws-iotevents/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iotsitewise/package.json b/packages/@aws-cdk/aws-iotsitewise/package.json index 9a2540e65c512..aa3c45d292f89 100644 --- a/packages/@aws-cdk/aws-iotsitewise/package.json +++ b/packages/@aws-cdk/aws-iotsitewise/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iotthingsgraph/package.json b/packages/@aws-cdk/aws-iotthingsgraph/package.json index 69732aa3d083e..2c4767ead3820 100644 --- a/packages/@aws-cdk/aws-iotthingsgraph/package.json +++ b/packages/@aws-cdk/aws-iotthingsgraph/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-iotwireless/package.json b/packages/@aws-cdk/aws-iotwireless/package.json index 0c23c066e878b..3fb0230c95f8a 100644 --- a/packages/@aws-cdk/aws-iotwireless/package.json +++ b/packages/@aws-cdk/aws-iotwireless/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-ivs/package.json b/packages/@aws-cdk/aws-ivs/package.json index 1d7d8f8ee01ab..185b02bf71af2 100644 --- a/packages/@aws-cdk/aws-ivs/package.json +++ b/packages/@aws-cdk/aws-ivs/package.json @@ -101,7 +101,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-kendra/package.json b/packages/@aws-cdk/aws-kendra/package.json index 85d72f4303039..155a344e95d7c 100644 --- a/packages/@aws-cdk/aws-kendra/package.json +++ b/packages/@aws-cdk/aws-kendra/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-kinesis/package.json b/packages/@aws-cdk/aws-kinesis/package.json index 5e19c404ba772..23b368db79eb4 100644 --- a/packages/@aws-cdk/aws-kinesis/package.json +++ b/packages/@aws-cdk/aws-kinesis/package.json @@ -96,7 +96,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-kinesisanalytics/package.json b/packages/@aws-cdk/aws-kinesisanalytics/package.json index 2daa7d2bd9f2b..58e6fff01d6f0 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics/package.json +++ b/packages/@aws-cdk/aws-kinesisanalytics/package.json @@ -92,7 +92,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-kinesisfirehose/package.json b/packages/@aws-cdk/aws-kinesisfirehose/package.json index 471d30713a914..da5ce87c6c6c7 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose/package.json +++ b/packages/@aws-cdk/aws-kinesisfirehose/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-kms/package.json b/packages/@aws-cdk/aws-kms/package.json index 16df28eb2ec90..6fa29b998daa0 100644 --- a/packages/@aws-cdk/aws-kms/package.json +++ b/packages/@aws-cdk/aws-kms/package.json @@ -94,7 +94,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-lakeformation/package.json b/packages/@aws-cdk/aws-lakeformation/package.json index 0282c39139f47..bf47bee33119f 100644 --- a/packages/@aws-cdk/aws-lakeformation/package.json +++ b/packages/@aws-cdk/aws-lakeformation/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-lambda-destinations/package.json b/packages/@aws-cdk/aws-lambda-destinations/package.json index 50e53b0389e75..9ff5c4376d83f 100644 --- a/packages/@aws-cdk/aws-lambda-destinations/package.json +++ b/packages/@aws-cdk/aws-lambda-destinations/package.json @@ -92,7 +92,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-lambda-event-sources/package.json b/packages/@aws-cdk/aws-lambda-event-sources/package.json index 332e03d15e83c..d633b09927b32 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/package.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/package.json @@ -104,7 +104,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index 90d7f73f18cde..daf110688f6fd 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -70,7 +70,7 @@ "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "4.4.0", - "esbuild": "^0.8.31", + "esbuild": "^0.8.32", "pkglint": "0.0.0" }, "dependencies": { @@ -85,7 +85,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-lambda-python/package.json b/packages/@aws-cdk/aws-lambda-python/package.json index 5cab113b0f8f6..70a147b834984 100644 --- a/packages/@aws-cdk/aws-lambda-python/package.json +++ b/packages/@aws-cdk/aws-lambda-python/package.json @@ -84,7 +84,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-lambda/README.md b/packages/@aws-cdk/aws-lambda/README.md index 54e7811688134..5b7ee7cd3240e 100644 --- a/packages/@aws-cdk/aws-lambda/README.md +++ b/packages/@aws-cdk/aws-lambda/README.md @@ -458,5 +458,5 @@ new lambda.Function(this, 'Function', { Language-specific higher level constructs are provided in separate modules: -* Node.js: [`@aws-cdk/aws-lambda-nodejs`](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda-nodejs) -* Python: [`@aws-cdk/aws-lambda-python`](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda-python) +* `@aws-cdk/aws-lambda-nodejs`: [Github](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda-nodejs) & [CDK Docs](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-lambda-nodejs-readme.html) +* `@aws-cdk/aws-lambda-python`: [Github](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-lambda-python) & [CDK Docs](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-lambda-python-readme.html) diff --git a/packages/@aws-cdk/aws-lambda/lib/code.ts b/packages/@aws-cdk/aws-lambda/lib/code.ts index 491644b6c5ab6..af8b9d6dc26fd 100644 --- a/packages/@aws-cdk/aws-lambda/lib/code.ts +++ b/packages/@aws-cdk/aws-lambda/lib/code.ts @@ -249,6 +249,9 @@ export class AssetCode extends Code { path: this.path, ...this.options, }); + } else if (cdk.Stack.of(this.asset) !== cdk.Stack.of(scope)) { + throw new Error(`Asset is already associated with another stack '${cdk.Stack.of(this.asset).stackName}'. ` + + 'Create a new Code instance for every stack.'); } if (!this.asset.isZipArchive) { diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 8c5def823b223..c67ad82ff7f74 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -128,7 +128,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-lambda/test/code.test.ts b/packages/@aws-cdk/aws-lambda/test/code.test.ts index a822ba698697e..9b99c095c2467 100644 --- a/packages/@aws-cdk/aws-lambda/test/code.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/code.test.ts @@ -77,6 +77,26 @@ describe('code', () => { }, }, ResourcePart.CompleteDefinition); }); + + test('fails if asset is bound with a second stack', () => { + // GIVEN + const asset = lambda.Code.fromAsset(path.join(__dirname, 'my-lambda-handler')); + + const app = new cdk.App(); + const stack1 = new cdk.Stack(app, 'Stack1'); + new lambda.Function(stack1, 'Func', { + code: asset, + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'foom', + }); + + const stack2 = new cdk.Stack(app, 'Stack2'); + expect(() => new lambda.Function(stack2, 'Func', { + code: asset, + runtime: lambda.Runtime.NODEJS_10_X, + handler: 'foom', + })).toThrow(/already associated/); + }); }); describe('lambda.Code.fromCfnParameters', () => { diff --git a/packages/@aws-cdk/aws-licensemanager/package.json b/packages/@aws-cdk/aws-licensemanager/package.json index 42d765826a30d..d20a899707fa0 100644 --- a/packages/@aws-cdk/aws-licensemanager/package.json +++ b/packages/@aws-cdk/aws-licensemanager/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-logs-destinations/package.json b/packages/@aws-cdk/aws-logs-destinations/package.json index 5185d7075e1e3..13e6a5543905c 100644 --- a/packages/@aws-cdk/aws-logs-destinations/package.json +++ b/packages/@aws-cdk/aws-logs-destinations/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-logs/package.json b/packages/@aws-cdk/aws-logs/package.json index 711de0a3d82bc..b8df0773819e7 100644 --- a/packages/@aws-cdk/aws-logs/package.json +++ b/packages/@aws-cdk/aws-logs/package.json @@ -75,7 +75,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", @@ -103,7 +103,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-macie/package.json b/packages/@aws-cdk/aws-macie/package.json index 3d47c18c61083..b406426cc12e2 100644 --- a/packages/@aws-cdk/aws-macie/package.json +++ b/packages/@aws-cdk/aws-macie/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-managedblockchain/package.json b/packages/@aws-cdk/aws-managedblockchain/package.json index f9afaaef1e147..fa719693e2864 100644 --- a/packages/@aws-cdk/aws-managedblockchain/package.json +++ b/packages/@aws-cdk/aws-managedblockchain/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-mediaconnect/.eslintrc.js b/packages/@aws-cdk/aws-mediaconnect/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-mediaconnect/.gitignore b/packages/@aws-cdk/aws-mediaconnect/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-mediaconnect/.npmignore b/packages/@aws-cdk/aws-mediaconnect/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-mediaconnect/LICENSE b/packages/@aws-cdk/aws-mediaconnect/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-mediaconnect/NOTICE b/packages/@aws-cdk/aws-mediaconnect/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-mediaconnect/README.md b/packages/@aws-cdk/aws-mediaconnect/README.md new file mode 100644 index 0000000000000..46776462c67ff --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/README.md @@ -0,0 +1,20 @@ +# AWS::MediaConnect Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import mediaconnect = require('@aws-cdk/aws-mediaconnect'); +``` diff --git a/packages/@aws-cdk/aws-mediaconnect/jest.config.js b/packages/@aws-cdk/aws-mediaconnect/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-mediaconnect/lib/index.ts b/packages/@aws-cdk/aws-mediaconnect/lib/index.ts new file mode 100644 index 0000000000000..ffee08204e7b6 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::MediaConnect CloudFormation Resources: +export * from './mediaconnect.generated'; diff --git a/packages/@aws-cdk/aws-mediaconnect/package.json b/packages/@aws-cdk/aws-mediaconnect/package.json new file mode 100644 index 0000000000000..cba3f940f3510 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/package.json @@ -0,0 +1,100 @@ +{ + "name": "@aws-cdk/aws-mediaconnect", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::MediaConnect", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.MediaConnect", + "packageId": "Amazon.CDK.AWS.MediaConnect", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.mediaconnect", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "mediaconnect" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-mediaconnect", + "module": "aws_cdk.aws_mediaconnect" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-mediaconnect" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test+package": "npm run build+test && npm run package", + "build+test": "npm run build && npm test", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::MediaConnect", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::MediaConnect", + "aws-mediaconnect" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "10.0.0-pre.5" + }, + "engines": { + "node": ">= 14.15.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "private": true +} diff --git a/packages/@aws-cdk/aws-mediaconnect/test/mediaconnect.test.ts b/packages/@aws-cdk/aws-mediaconnect/test/mediaconnect.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-mediaconnect/test/mediaconnect.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-mediaconvert/package.json b/packages/@aws-cdk/aws-mediaconvert/package.json index 0a44b32b9d184..de7f37a53ca1d 100644 --- a/packages/@aws-cdk/aws-mediaconvert/package.json +++ b/packages/@aws-cdk/aws-mediaconvert/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-medialive/package.json b/packages/@aws-cdk/aws-medialive/package.json index c6d5d99df2a29..8a6e1a6ed4095 100644 --- a/packages/@aws-cdk/aws-medialive/package.json +++ b/packages/@aws-cdk/aws-medialive/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-mediapackage/package.json b/packages/@aws-cdk/aws-mediapackage/package.json index bfe6be1316e52..e8da81e9330ed 100644 --- a/packages/@aws-cdk/aws-mediapackage/package.json +++ b/packages/@aws-cdk/aws-mediapackage/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-mediastore/package.json b/packages/@aws-cdk/aws-mediastore/package.json index a519de117fded..25fb05a01edb9 100644 --- a/packages/@aws-cdk/aws-mediastore/package.json +++ b/packages/@aws-cdk/aws-mediastore/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-msk/package.json b/packages/@aws-cdk/aws-msk/package.json index a65ca6e875c4d..62603ab056c80 100644 --- a/packages/@aws-cdk/aws-msk/package.json +++ b/packages/@aws-cdk/aws-msk/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-mwaa/package.json b/packages/@aws-cdk/aws-mwaa/package.json index dc9b81df0ed47..1fa969e08b06d 100644 --- a/packages/@aws-cdk/aws-mwaa/package.json +++ b/packages/@aws-cdk/aws-mwaa/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-neptune/package.json b/packages/@aws-cdk/aws-neptune/package.json index a3ec119e4387a..1f006cbc69c52 100644 --- a/packages/@aws-cdk/aws-neptune/package.json +++ b/packages/@aws-cdk/aws-neptune/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-networkfirewall/package.json b/packages/@aws-cdk/aws-networkfirewall/package.json index f5bd7120e51ed..ca8c3ecf2bf30 100644 --- a/packages/@aws-cdk/aws-networkfirewall/package.json +++ b/packages/@aws-cdk/aws-networkfirewall/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-networkmanager/package.json b/packages/@aws-cdk/aws-networkmanager/package.json index a78f59a812e28..f15f61d559b79 100644 --- a/packages/@aws-cdk/aws-networkmanager/package.json +++ b/packages/@aws-cdk/aws-networkmanager/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-opsworks/package.json b/packages/@aws-cdk/aws-opsworks/package.json index cd7725a8fb859..ea9d4e937e706 100644 --- a/packages/@aws-cdk/aws-opsworks/package.json +++ b/packages/@aws-cdk/aws-opsworks/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-opsworkscm/package.json b/packages/@aws-cdk/aws-opsworkscm/package.json index 1a6ac9dc50b12..7d7647e4df78d 100644 --- a/packages/@aws-cdk/aws-opsworkscm/package.json +++ b/packages/@aws-cdk/aws-opsworkscm/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-pinpoint/package.json b/packages/@aws-cdk/aws-pinpoint/package.json index 1d5d4678eb364..779029d2c56a6 100644 --- a/packages/@aws-cdk/aws-pinpoint/package.json +++ b/packages/@aws-cdk/aws-pinpoint/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-pinpointemail/package.json b/packages/@aws-cdk/aws-pinpointemail/package.json index 1c1f984d535f2..c496a4050238b 100644 --- a/packages/@aws-cdk/aws-pinpointemail/package.json +++ b/packages/@aws-cdk/aws-pinpointemail/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-qldb/package.json b/packages/@aws-cdk/aws-qldb/package.json index cf6b0007c39ac..4ba97349e2de4 100644 --- a/packages/@aws-cdk/aws-qldb/package.json +++ b/packages/@aws-cdk/aws-qldb/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-ram/package.json b/packages/@aws-cdk/aws-ram/package.json index 97889d4010649..1d4706a60e3bd 100644 --- a/packages/@aws-cdk/aws-ram/package.json +++ b/packages/@aws-cdk/aws-ram/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts index 6fa16927fd51a..b877db48533e6 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster-engine.ts @@ -422,6 +422,10 @@ export class AuroraPostgresEngineVersion { public static readonly VER_9_6_16 = AuroraPostgresEngineVersion.of('9.6.16', '9.6'); /** Version "9.6.17". */ public static readonly VER_9_6_17 = AuroraPostgresEngineVersion.of('9.6.17', '9.6'); + /** Version "9.6.18". */ + public static readonly VER_9_6_18 = AuroraPostgresEngineVersion.of('9.6.18', '9.6'); + /** Version "9.6.19". */ + public static readonly VER_9_6_19 = AuroraPostgresEngineVersion.of('9.6.19', '9.6'); /** Version "10.4". */ public static readonly VER_10_4 = AuroraPostgresEngineVersion.of('10.4', '10'); /** Version "10.5". */ @@ -434,6 +438,10 @@ export class AuroraPostgresEngineVersion { public static readonly VER_10_11 = AuroraPostgresEngineVersion.of('10.11', '10', { s3Import: true, s3Export: true }); /** Version "10.12". */ public static readonly VER_10_12 = AuroraPostgresEngineVersion.of('10.12', '10', { s3Import: true, s3Export: true }); + /** Version "10.13". */ + public static readonly VER_10_13 = AuroraPostgresEngineVersion.of('10.13', '10', { s3Import: true, s3Export: true }); + /** Version "10.14". */ + public static readonly VER_10_14 = AuroraPostgresEngineVersion.of('10.14', '10', { s3Import: true, s3Export: true }); /** Version "11.4". */ public static readonly VER_11_4 = AuroraPostgresEngineVersion.of('11.4', '11', { s3Import: true }); /** Version "11.6". */ diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index ea25b5bd99d77..4505e29e5da29 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -109,7 +109,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-redshift/package.json b/packages/@aws-cdk/aws-redshift/package.json index 7347b516e04dd..5ce179a8c1419 100644 --- a/packages/@aws-cdk/aws-redshift/package.json +++ b/packages/@aws-cdk/aws-redshift/package.json @@ -100,7 +100,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-resourcegroups/package.json b/packages/@aws-cdk/aws-resourcegroups/package.json index 189f725467b50..47984d69dd1b1 100644 --- a/packages/@aws-cdk/aws-resourcegroups/package.json +++ b/packages/@aws-cdk/aws-resourcegroups/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-robomaker/package.json b/packages/@aws-cdk/aws-robomaker/package.json index 242d9f031ba37..f8485776136d7 100644 --- a/packages/@aws-cdk/aws-robomaker/package.json +++ b/packages/@aws-cdk/aws-robomaker/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-route53-patterns/package.json b/packages/@aws-cdk/aws-route53-patterns/package.json index 0e34f572424a9..b510696b08f54 100644 --- a/packages/@aws-cdk/aws-route53-patterns/package.json +++ b/packages/@aws-cdk/aws-route53-patterns/package.json @@ -97,7 +97,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-route53-targets/package.json b/packages/@aws-cdk/aws-route53-targets/package.json index 4aede2b1be6c8..c7ef229dc3407 100644 --- a/packages/@aws-cdk/aws-route53-targets/package.json +++ b/packages/@aws-cdk/aws-route53-targets/package.json @@ -106,7 +106,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index f549ea9dc319e..f91398736574e 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -75,7 +75,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -101,7 +101,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-route53resolver/README.md b/packages/@aws-cdk/aws-route53resolver/README.md index f6eea77064f22..9cf4ab7748b3d 100644 --- a/packages/@aws-cdk/aws-route53resolver/README.md +++ b/packages/@aws-cdk/aws-route53resolver/README.md @@ -9,14 +9,6 @@ > > [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. - --- diff --git a/packages/@aws-cdk/aws-route53resolver/package.json b/packages/@aws-cdk/aws-route53resolver/package.json index a7d4597fa58f9..d1dcd3718c83c 100644 --- a/packages/@aws-cdk/aws-route53resolver/package.json +++ b/packages/@aws-cdk/aws-route53resolver/package.json @@ -89,10 +89,10 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", - "maturity": "experimental", + "maturity": "cfn-only", "awscdkio": { "announce": false } diff --git a/packages/@aws-cdk/aws-s3-assets/package.json b/packages/@aws-cdk/aws-s3-assets/package.json index 10dfc20dc1cd4..c3254542be8af 100644 --- a/packages/@aws-cdk/aws-s3-assets/package.json +++ b/packages/@aws-cdk/aws-s3-assets/package.json @@ -98,7 +98,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/lambda/index.py b/packages/@aws-cdk/aws-s3-deployment/lib/lambda/index.py index 34a2da1681f4d..bf16d84608517 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/lambda/index.py +++ b/packages/@aws-cdk/aws-s3-deployment/lib/lambda/index.py @@ -7,10 +7,11 @@ import logging import shutil import boto3 +import contextlib from datetime import datetime from uuid import uuid4 -from botocore.vendored import requests +from urllib.request import Request, urlopen from zipfile import ZipFile logger = logging.getLogger() @@ -212,8 +213,9 @@ def cfn_send(event, context, responseStatus, responseData={}, physicalResourceId } try: - response = requests.put(responseUrl, data=body, headers=headers) - logger.info("| status code: " + response.reason) + request = Request(responseUrl, method='PUT', data=bytes(body.encode('utf-8')), headers=headers) + with contextlib.closing(urlopen(request)) as response: + logger.info("| status code: " + response.reason) except Exception as e: logger.error("| unable to send response to CloudFormation") logger.exception(e) diff --git a/packages/@aws-cdk/aws-s3-deployment/package.json b/packages/@aws-cdk/aws-s3-deployment/package.json index 0ae5312216d20..1c6a156813c45 100644 --- a/packages/@aws-cdk/aws-s3-deployment/package.json +++ b/packages/@aws-cdk/aws-s3-deployment/package.json @@ -111,7 +111,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json index aa8c7fddd60c7..3e138f405e0d6 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment-cloudfront.expected.json @@ -295,7 +295,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00" }, "S3Key": { "Fn::Join": [ @@ -308,7 +308,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -321,7 +321,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -331,19 +331,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", "Arn" ] }, - "Runtime": "python3.6", + "Handler": "index.handler", "Layers": [ { "Ref": "DeployWithInvalidationAwsCliLayerDEDD5787" } ], + "Runtime": "python3.6", "Timeout": 900 }, "DependsOn": [ @@ -365,17 +365,17 @@ "Type": "String", "Description": "Artifact hash for asset \"e9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00": { "Type": "String", - "Description": "S3 bucket for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 bucket for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76": { "Type": "String", - "Description": "S3 key for asset version \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 key for asset version \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7ArtifactHash8926088E": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aArtifactHash595EC1E7": { "Type": "String", - "Description": "Artifact hash for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "Artifact hash for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, "AssetParametersfc4481abf279255619ff7418faa5d24456fef3432ea0da59c95542578ff0222eS3Bucket9CD8B20A": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json index 267c6eaa23476..9d52b89269f5a 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json +++ b/packages/@aws-cdk/aws-s3-deployment/test/integ.bucket-deployment.expected.json @@ -304,7 +304,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00" }, "S3Key": { "Fn::Join": [ @@ -317,7 +317,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -330,7 +330,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED" + "Ref": "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76" } ] } @@ -340,19 +340,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756CServiceRole89A01265", "Arn" ] }, - "Runtime": "python3.6", + "Handler": "index.handler", "Layers": [ { "Ref": "DeployMeAwsCliLayer5F9219E9" } ], + "Runtime": "python3.6", "Timeout": 900 }, "DependsOn": [ @@ -700,17 +700,17 @@ "Type": "String", "Description": "Artifact hash for asset \"e9882ab123687399f934da0d45effe675ecc8ce13b40cb946f3e1d6141fe8d68\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3Bucket28CE5152": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3BucketFD1BBE00": { "Type": "String", - "Description": "S3 bucket for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 bucket for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7S3VersionKeyAF6E05ED": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aS3VersionKey6E54DC76": { "Type": "String", - "Description": "S3 key for asset version \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "S3 key for asset version \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, - "AssetParameters3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7ArtifactHash8926088E": { + "AssetParameters8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59aArtifactHash595EC1E7": { "Type": "String", - "Description": "Artifact hash for asset \"3c3ed777478fe845fb5950df5e26461242b39cf220f00e0683aab244d9d7c0f7\"" + "Description": "Artifact hash for asset \"8bda025b845a88fbeb54ef75e52048aa9f3378463116cb413f12f6014673a59a\"" }, "AssetParametersfc4481abf279255619ff7418faa5d24456fef3432ea0da59c95542578ff0222eS3Bucket9CD8B20A": { "Type": "String", diff --git a/packages/@aws-cdk/aws-s3-deployment/test/lambda/test.py b/packages/@aws-cdk/aws-s3-deployment/test/lambda/test.py index cd88eaf6a5269..fcd79f18af4d5 100644 --- a/packages/@aws-cdk/aws-s3-deployment/test/lambda/test.py +++ b/packages/@aws-cdk/aws-s3-deployment/test/lambda/test.py @@ -425,7 +425,7 @@ def read_aws_out(): # resourceProps: map to pass to "ResourceProperties" # expected_status: "SUCCESS" or "FAILED" def invoke_handler(requestType, resourceProps, old_resource_props=None, physical_id=None, expected_status='SUCCESS'): - response_url = '' + response_url = 'http://' event={ 'ResponseURL': response_url, @@ -443,25 +443,33 @@ def invoke_handler(requestType, resourceProps, old_resource_props=None, physical event['PhysicalResourceId'] = physical_id class ContextMock: log_stream_name = 'log_stream' - class ResponseMock: reason = 'OK' + class ResponseMock: + reason = 'OK' + # needed because the context manager calls this + close = lambda _: _ context = ContextMock() - requests.put = MagicMock(return_value=ResponseMock()) + index.urlopen = MagicMock(return_value=ResponseMock()) #-------------------- # invoke the handler #-------------------- index.handler(event, context) - requests.put.assert_called_once() - (pos_args, kw_args) = requests.put.call_args + index.urlopen.assert_called_once() + (pos_args, _) = index.urlopen.call_args - actual_url = pos_args[0] - actual_data = kw_args['data'] + actual_request = pos_args[0] + actual_url = actual_request.full_url + actual_data = actual_request.data + actual_method = actual_request.method if actual_url != response_url: raise Exception("Invalid url used for sending CFN response. expected=%s actual=%s" % (response_url, actual_url)) + if actual_method != 'PUT': + raise Exception("Invalid method used for sending CFN response. expected=PUT actual=%s" % (actual_method,)) + resp = json.loads(actual_data) def assert_field(name, expect=None): diff --git a/packages/@aws-cdk/aws-s3-notifications/package.json b/packages/@aws-cdk/aws-s3-notifications/package.json index 89d5fa86793b1..7f5bb8ab5a193 100644 --- a/packages/@aws-cdk/aws-s3-notifications/package.json +++ b/packages/@aws-cdk/aws-s3-notifications/package.json @@ -91,7 +91,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index 2d3a10285198f..4dbda84d6b34d 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -5,8 +5,9 @@ import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import { Fn, IResource, Lazy, RemovalPolicy, Resource, ResourceProps, Stack, Token, - CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, + CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, FeatureFlags, } from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { BucketPolicy } from './bucket-policy'; import { IBucketNotificationDestination } from './destination'; @@ -161,6 +162,18 @@ export interface IBucket extends IResource { */ grantPut(identity: iam.IGrantable, objectsKeyPattern?: any): iam.Grant; + /** + * Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket. + * + * If your application has the '@aws-cdk/aws-s3:grantWriteWithoutAcl' feature flag set, + * calling {@link grantWrite} or {@link grantReadWrite} no longer grants permissions to modify the ACLs of the objects; + * in this case, if you need to modify object ACLs, call this method explicitly. + * + * @param identity The principal + * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*') + */ + grantPutAcl(identity: iam.IGrantable, objectsKeyPattern?: string): iam.Grant; + /** * Grants s3:DeleteObject* permission to an IAM pricipal for objects * in this bucket. @@ -584,7 +597,7 @@ abstract class BucketBase extends Resource implements IBucket { * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*') */ public grantWrite(identity: iam.IGrantable, objectsKeyPattern: any = '*') { - return this.grant(identity, perms.BUCKET_WRITE_ACTIONS, perms.KEY_WRITE_ACTIONS, + return this.grant(identity, this.writeActions, perms.KEY_WRITE_ACTIONS, this.bucketArn, this.arnForObjects(objectsKeyPattern)); } @@ -598,7 +611,12 @@ abstract class BucketBase extends Resource implements IBucket { * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*') */ public grantPut(identity: iam.IGrantable, objectsKeyPattern: any = '*') { - return this.grant(identity, perms.BUCKET_PUT_ACTIONS, perms.KEY_WRITE_ACTIONS, + return this.grant(identity, this.putActions, perms.KEY_WRITE_ACTIONS, + this.arnForObjects(objectsKeyPattern)); + } + + public grantPutAcl(identity: iam.IGrantable, objectsKeyPattern: string = '*') { + return this.grant(identity, perms.BUCKET_PUT_ACL_ACTIONS, [], this.arnForObjects(objectsKeyPattern)); } @@ -625,7 +643,7 @@ abstract class BucketBase extends Resource implements IBucket { * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*') */ public grantReadWrite(identity: iam.IGrantable, objectsKeyPattern: any = '*') { - const bucketActions = perms.BUCKET_READ_ACTIONS.concat(perms.BUCKET_WRITE_ACTIONS); + const bucketActions = perms.BUCKET_READ_ACTIONS.concat(this.writeActions); // we need unique permissions because some permissions are common between read and write key actions const keyActions = [...new Set([...perms.KEY_READ_ACTIONS, ...perms.KEY_WRITE_ACTIONS])]; @@ -673,6 +691,19 @@ abstract class BucketBase extends Resource implements IBucket { }); } + private get writeActions(): string[] { + return [ + ...perms.BUCKET_DELETE_ACTIONS, + ...this.putActions, + ]; + } + + private get putActions(): string[] { + return FeatureFlags.of(this).isEnabled(cxapi.S3_GRANT_WRITE_WITHOUT_ACL) + ? perms.BUCKET_PUT_ACTIONS + : perms.LEGACY_BUCKET_PUT_ACTIONS; + } + private urlJoin(...components: string[]): string { return components.reduce((result, component) => { if (result.endsWith('/')) { diff --git a/packages/@aws-cdk/aws-s3/lib/perms.ts b/packages/@aws-cdk/aws-s3/lib/perms.ts index 544bdda936da9..eebab60da2104 100644 --- a/packages/@aws-cdk/aws-s3/lib/perms.ts +++ b/packages/@aws-cdk/aws-s3/lib/perms.ts @@ -4,18 +4,22 @@ export const BUCKET_READ_ACTIONS = [ 's3:List*', ]; -export const BUCKET_PUT_ACTIONS = [ +export const LEGACY_BUCKET_PUT_ACTIONS = [ 's3:PutObject*', 's3:Abort*', ]; -export const BUCKET_DELETE_ACTIONS = [ - 's3:DeleteObject*', +export const BUCKET_PUT_ACTIONS = [ + 's3:PutObject', + 's3:Abort*', ]; -export const BUCKET_WRITE_ACTIONS = [ - ...BUCKET_DELETE_ACTIONS, - ...BUCKET_PUT_ACTIONS, +export const BUCKET_PUT_ACL_ACTIONS = [ + 's3:PutObjectAcl', +]; + +export const BUCKET_DELETE_ACTIONS = [ + 's3:DeleteObject*', ]; export const KEY_READ_ACTIONS = [ diff --git a/packages/@aws-cdk/aws-s3/package.json b/packages/@aws-cdk/aws-s3/package.json index 3ed503ab990cd..5fd6bb04be7b9 100644 --- a/packages/@aws-cdk/aws-s3/package.json +++ b/packages/@aws-cdk/aws-s3/package.json @@ -86,7 +86,8 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "10.0.0-pre.5" + "constructs": "10.0.0-pre.5", + "@aws-cdk/cx-api": "0.0.0" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -94,10 +95,11 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "10.0.0-pre.5" + "constructs": "10.0.0-pre.5", + "@aws-cdk/cx-api": "0.0.0" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-s3/test/bucket.test.ts b/packages/@aws-cdk/aws-s3/test/bucket.test.ts index 997a3abd4e56f..cb9202b28cfd7 100644 --- a/packages/@aws-cdk/aws-s3/test/bucket.test.ts +++ b/packages/@aws-cdk/aws-s3/test/bucket.test.ts @@ -3,6 +3,7 @@ import { countResources, expect, haveResource, haveResourceLike, ResourcePart, S import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as cdk from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { nodeunitShim, Test } from 'nodeunit-shim'; import * as s3 from '../lib'; @@ -1085,176 +1086,293 @@ nodeunitShim({ test.done(); }, - }, - 'grantWrite with KMS key has appropriate permissions for multipart uploads'(test: Test) { - const stack = new cdk.Stack(); - const bucket = new s3.Bucket(stack, 'MyBucket', { encryption: s3.BucketEncryption.KMS }); - const user = new iam.User(stack, 'MyUser'); - bucket.grantWrite(user); + 'does not grant PutObjectAcl when the S3_GRANT_WRITE_WITHOUT_ACL feature is enabled'(test: Test) { + const app = new cdk.App({ + context: { + [cxapi.S3_GRANT_WRITE_WITHOUT_ACL]: true, + }, + }); + const stack = new cdk.Stack(app, 'Stack'); + const bucket = new s3.Bucket(stack, 'MyBucket'); + const user = new iam.User(stack, 'MyUser'); - expect(stack).toMatch({ - 'Resources': { - 'MyBucketKeyC17130CF': { - 'Type': 'AWS::KMS::Key', - 'Properties': { - 'KeyPolicy': { - 'Statement': [ + bucket.grantReadWrite(user); + + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': [ + { + 'Action': [ + 's3:GetObject*', + 's3:GetBucket*', + 's3:List*', + 's3:DeleteObject*', + 's3:PutObject', + 's3:Abort*', + ], + 'Resource': [ + { 'Fn::GetAtt': ['MyBucketF68F3FF0', 'Arn'] }, { - 'Action': [ - 'kms:Create*', - 'kms:Describe*', - 'kms:Enable*', - 'kms:List*', - 'kms:Put*', - 'kms:Update*', - 'kms:Revoke*', - 'kms:Disable*', - 'kms:Get*', - 'kms:Delete*', - 'kms:ScheduleKeyDeletion', - 'kms:CancelKeyDeletion', - 'kms:GenerateDataKey', - 'kms:TagResource', - 'kms:UntagResource', - ], - 'Effect': 'Allow', - 'Principal': { - 'AWS': { - 'Fn::Join': [ - '', - [ - 'arn:', - { - 'Ref': 'AWS::Partition', - }, - ':iam::', - { - 'Ref': 'AWS::AccountId', - }, - ':root', + 'Fn::Join': ['', [ + { 'Fn::GetAtt': ['MyBucketF68F3FF0', 'Arn'] }, + '/*', + ]], + }, + ], + }, + ], + }, + })); + + test.done(); + }, + }, + + 'grantWrite': { + 'with KMS key has appropriate permissions for multipart uploads'(test: Test) { + const stack = new cdk.Stack(); + const bucket = new s3.Bucket(stack, 'MyBucket', { encryption: s3.BucketEncryption.KMS }); + const user = new iam.User(stack, 'MyUser'); + bucket.grantWrite(user); + + expect(stack).toMatch({ + 'Resources': { + 'MyBucketKeyC17130CF': { + 'Type': 'AWS::KMS::Key', + 'Properties': { + 'KeyPolicy': { + 'Statement': [ + { + 'Action': [ + 'kms:Create*', + 'kms:Describe*', + 'kms:Enable*', + 'kms:List*', + 'kms:Put*', + 'kms:Update*', + 'kms:Revoke*', + 'kms:Disable*', + 'kms:Get*', + 'kms:Delete*', + 'kms:ScheduleKeyDeletion', + 'kms:CancelKeyDeletion', + 'kms:GenerateDataKey', + 'kms:TagResource', + 'kms:UntagResource', + ], + 'Effect': 'Allow', + 'Principal': { + 'AWS': { + 'Fn::Join': [ + '', + [ + 'arn:', + { + 'Ref': 'AWS::Partition', + }, + ':iam::', + { + 'Ref': 'AWS::AccountId', + }, + ':root', + ], ], - ], + }, }, + 'Resource': '*', }, - 'Resource': '*', - }, - { - 'Action': [ - 'kms:Encrypt', - 'kms:ReEncrypt*', - 'kms:GenerateDataKey*', - 'kms:Decrypt', - ], - 'Effect': 'Allow', - 'Principal': { - 'AWS': { - 'Fn::GetAtt': [ - 'MyUserDC45028B', - 'Arn', - ], + { + 'Action': [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + 'kms:Decrypt', + ], + 'Effect': 'Allow', + 'Principal': { + 'AWS': { + 'Fn::GetAtt': [ + 'MyUserDC45028B', + 'Arn', + ], + }, }, + 'Resource': '*', }, - 'Resource': '*', - }, - ], - 'Version': '2012-10-17', + ], + 'Version': '2012-10-17', + }, + 'Description': 'Created by Default/MyBucket', }, - 'Description': 'Created by Default/MyBucket', + 'UpdateReplacePolicy': 'Retain', + 'DeletionPolicy': 'Retain', }, - 'UpdateReplacePolicy': 'Retain', - 'DeletionPolicy': 'Retain', - }, - 'MyBucketF68F3FF0': { - 'Type': 'AWS::S3::Bucket', - 'Properties': { - 'BucketEncryption': { - 'ServerSideEncryptionConfiguration': [ - { - 'ServerSideEncryptionByDefault': { - 'KMSMasterKeyID': { + 'MyBucketF68F3FF0': { + 'Type': 'AWS::S3::Bucket', + 'Properties': { + 'BucketEncryption': { + 'ServerSideEncryptionConfiguration': [ + { + 'ServerSideEncryptionByDefault': { + 'KMSMasterKeyID': { + 'Fn::GetAtt': [ + 'MyBucketKeyC17130CF', + 'Arn', + ], + }, + 'SSEAlgorithm': 'aws:kms', + }, + }, + ], + }, + }, + 'UpdateReplacePolicy': 'Retain', + 'DeletionPolicy': 'Retain', + }, + 'MyUserDC45028B': { + 'Type': 'AWS::IAM::User', + }, + 'MyUserDefaultPolicy7B897426': { + 'Type': 'AWS::IAM::Policy', + 'Properties': { + 'PolicyDocument': { + 'Statement': [ + { + 'Action': [ + 's3:DeleteObject*', + 's3:PutObject*', + 's3:Abort*', + ], + 'Effect': 'Allow', + 'Resource': [ + { + 'Fn::GetAtt': [ + 'MyBucketF68F3FF0', + 'Arn', + ], + }, + { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'MyBucketF68F3FF0', + 'Arn', + ], + }, + '/*', + ], + ], + }, + ], + }, + { + 'Action': [ + 'kms:Encrypt', + 'kms:ReEncrypt*', + 'kms:GenerateDataKey*', + 'kms:Decrypt', + ], + 'Effect': 'Allow', + 'Resource': { 'Fn::GetAtt': [ 'MyBucketKeyC17130CF', 'Arn', ], }, - 'SSEAlgorithm': 'aws:kms', }, + ], + 'Version': '2012-10-17', + }, + 'PolicyName': 'MyUserDefaultPolicy7B897426', + 'Users': [ + { + 'Ref': 'MyUserDC45028B', }, ], }, }, - 'UpdateReplacePolicy': 'Retain', - 'DeletionPolicy': 'Retain', }, - 'MyUserDC45028B': { - 'Type': 'AWS::IAM::User', + }); + + test.done(); + }, + + 'does not grant PutObjectAcl when the S3_GRANT_WRITE_WITHOUT_ACL feature is enabled'(test: Test) { + const app = new cdk.App({ + context: { + [cxapi.S3_GRANT_WRITE_WITHOUT_ACL]: true, }, - 'MyUserDefaultPolicy7B897426': { - 'Type': 'AWS::IAM::Policy', - 'Properties': { - 'PolicyDocument': { - 'Statement': [ - { - 'Action': [ - 's3:DeleteObject*', - 's3:PutObject*', - 's3:Abort*', - ], - 'Effect': 'Allow', - 'Resource': [ - { - 'Fn::GetAtt': [ - 'MyBucketF68F3FF0', - 'Arn', - ], - }, - { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'MyBucketF68F3FF0', - 'Arn', - ], - }, - '/*', - ], - ], - }, - ], - }, + }); + const stack = new cdk.Stack(app, 'Stack'); + const bucket = new s3.Bucket(stack, 'MyBucket'); + const user = new iam.User(stack, 'MyUser'); + + bucket.grantWrite(user); + + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': [ + { + 'Action': [ + 's3:DeleteObject*', + 's3:PutObject', + 's3:Abort*', + ], + 'Resource': [ + { 'Fn::GetAtt': ['MyBucketF68F3FF0', 'Arn'] }, { - 'Action': [ - 'kms:Encrypt', - 'kms:ReEncrypt*', - 'kms:GenerateDataKey*', - 'kms:Decrypt', - ], - 'Effect': 'Allow', - 'Resource': { - 'Fn::GetAtt': [ - 'MyBucketKeyC17130CF', - 'Arn', - ], - }, + 'Fn::Join': ['', [ + { 'Fn::GetAtt': ['MyBucketF68F3FF0', 'Arn'] }, + '/*', + ]], }, ], - 'Version': '2012-10-17', }, - 'PolicyName': 'MyUserDefaultPolicy7B897426', - 'Users': [ - { - 'Ref': 'MyUserDC45028B', + ], + }, + })); + + test.done(); + }, + }, + + 'grantPut': { + 'does not grant PutObjectAcl when the S3_GRANT_WRITE_WITHOUT_ACL feature is enabled'(test: Test) { + const app = new cdk.App({ + context: { + [cxapi.S3_GRANT_WRITE_WITHOUT_ACL]: true, + }, + }); + const stack = new cdk.Stack(app, 'Stack'); + const bucket = new s3.Bucket(stack, 'MyBucket'); + const user = new iam.User(stack, 'MyUser'); + + bucket.grantPut(user); + + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': [ + { + 'Action': [ + 's3:PutObject', + 's3:Abort*', + ], + 'Resource': { + 'Fn::Join': ['', [ + { 'Fn::GetAtt': ['MyBucketF68F3FF0', 'Arn'] }, + '/*', + ]], }, - ], - }, + }, + ], }, - }, - }); + })); - test.done(); + test.done(); + }, }, 'more grants'(test: Test) { diff --git a/packages/@aws-cdk/aws-sagemaker/package.json b/packages/@aws-cdk/aws-sagemaker/package.json index d6c58403a5414..e4981ab8180e0 100644 --- a/packages/@aws-cdk/aws-sagemaker/package.json +++ b/packages/@aws-cdk/aws-sagemaker/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-sam/package.json b/packages/@aws-cdk/aws-sam/package.json index e4ccbaa37c62f..fd6cd8628a312 100644 --- a/packages/@aws-cdk/aws-sam/package.json +++ b/packages/@aws-cdk/aws-sam/package.json @@ -92,7 +92,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-sdb/package.json b/packages/@aws-cdk/aws-sdb/package.json index 2ae25527bbcbf..c536472f8c508 100644 --- a/packages/@aws-cdk/aws-sdb/package.json +++ b/packages/@aws-cdk/aws-sdb/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-secretsmanager/package.json b/packages/@aws-cdk/aws-secretsmanager/package.json index 0420b2402529c..fd74429eddca2 100644 --- a/packages/@aws-cdk/aws-secretsmanager/package.json +++ b/packages/@aws-cdk/aws-secretsmanager/package.json @@ -102,7 +102,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-securityhub/package.json b/packages/@aws-cdk/aws-securityhub/package.json index cddae0a79b9b0..cdcd56d59ba6d 100644 --- a/packages/@aws-cdk/aws-securityhub/package.json +++ b/packages/@aws-cdk/aws-securityhub/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-servicecatalog/package.json b/packages/@aws-cdk/aws-servicecatalog/package.json index 535b2205ee518..ccbf4b26d856d 100644 --- a/packages/@aws-cdk/aws-servicecatalog/package.json +++ b/packages/@aws-cdk/aws-servicecatalog/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-servicediscovery/package.json b/packages/@aws-cdk/aws-servicediscovery/package.json index a2f12ab225ebc..99ee44935b839 100644 --- a/packages/@aws-cdk/aws-servicediscovery/package.json +++ b/packages/@aws-cdk/aws-servicediscovery/package.json @@ -100,7 +100,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-ses-actions/package.json b/packages/@aws-cdk/aws-ses-actions/package.json index 31d1cfa549e39..a4b0472f346c3 100644 --- a/packages/@aws-cdk/aws-ses-actions/package.json +++ b/packages/@aws-cdk/aws-ses-actions/package.json @@ -95,7 +95,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-ses/package.json b/packages/@aws-cdk/aws-ses/package.json index bd5b41df2ce40..c44c7e3c4ef78 100644 --- a/packages/@aws-cdk/aws-ses/package.json +++ b/packages/@aws-cdk/aws-ses/package.json @@ -95,7 +95,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/aws-signer/package.json b/packages/@aws-cdk/aws-signer/package.json index 26ae15e0fec33..1c8fdfa9efa8d 100644 --- a/packages/@aws-cdk/aws-signer/package.json +++ b/packages/@aws-cdk/aws-signer/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-sns-subscriptions/package.json b/packages/@aws-cdk/aws-sns-subscriptions/package.json index 7dfacbe739f40..8c39536ed26f0 100644 --- a/packages/@aws-cdk/aws-sns-subscriptions/package.json +++ b/packages/@aws-cdk/aws-sns-subscriptions/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-sns/README.md b/packages/@aws-cdk/aws-sns/README.md index 05ad30fc9af17..b5d9f52c3d9b9 100644 --- a/packages/@aws-cdk/aws-sns/README.md +++ b/packages/@aws-cdk/aws-sns/README.md @@ -30,9 +30,12 @@ const topic = new sns.Topic(this, 'Topic', { contentBasedDeduplication: true, displayName: 'Customer subscription topic', fifo: true, + topicName: 'customerTopic', }); ``` +Note that FIFO topics require a topic name to be provided. The required `.fifo` suffix will be automatically added to the topic name if it is not explicitly provided. + ## Subscriptions Various subscriptions can be added to the topic by calling the diff --git a/packages/@aws-cdk/aws-sns/lib/topic.ts b/packages/@aws-cdk/aws-sns/lib/topic.ts index 532c138fd7ef3..f4bbfc10cb2ca 100644 --- a/packages/@aws-cdk/aws-sns/lib/topic.ts +++ b/packages/@aws-cdk/aws-sns/lib/topic.ts @@ -80,13 +80,26 @@ export class Topic extends TopicBase { physicalName: props.topicName, }); + if (props.fifo && !props.topicName) { + // NOTE: Workaround for CloudFormation problem reported in CDK issue 12386 + // see https://github.com/aws/aws-cdk/issues/12386 + throw new Error('FIFO SNS topics must be given a topic name.'); + } + if (props.contentBasedDeduplication && !props.fifo) { throw new Error('Content based deduplication can only be enabled for FIFO SNS topics.'); } + let cfnTopicName: string; + if (props.fifo && props.topicName && !props.topicName.endsWith('.fifo')) { + cfnTopicName = this.physicalName + '.fifo'; + } else { + cfnTopicName = this.physicalName; + } + const resource = new CfnTopic(this, 'Resource', { displayName: props.displayName, - topicName: this.physicalName, + topicName: cfnTopicName, kmsMasterKeyId: props.masterKey && props.masterKey.keyArn, contentBasedDeduplication: props.contentBasedDeduplication, fifoTopic: props.fifo, diff --git a/packages/@aws-cdk/aws-sns/package.json b/packages/@aws-cdk/aws-sns/package.json index b79497e6e998a..1e701393a8cff 100644 --- a/packages/@aws-cdk/aws-sns/package.json +++ b/packages/@aws-cdk/aws-sns/package.json @@ -105,7 +105,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-sns/test/integ.sns-fifo.ts b/packages/@aws-cdk/aws-sns/test/integ.sns-fifo.ts index 76e4cef96994c..a4352cbe6fe44 100644 --- a/packages/@aws-cdk/aws-sns/test/integ.sns-fifo.ts +++ b/packages/@aws-cdk/aws-sns/test/integ.sns-fifo.ts @@ -6,7 +6,7 @@ class SNSFifoInteg extends Stack { super(scope, id, props); new Topic(this, 'MyTopic', { - topicName: 'fooTopic.fifo', + topicName: 'fooTopic', displayName: 'fooDisplayName', contentBasedDeduplication: true, fifo: true, diff --git a/packages/@aws-cdk/aws-sns/test/test.sns.ts b/packages/@aws-cdk/aws-sns/test/test.sns.ts index bbe171ca188ab..cc4b50aed717c 100644 --- a/packages/@aws-cdk/aws-sns/test/test.sns.ts +++ b/packages/@aws-cdk/aws-sns/test/test.sns.ts @@ -81,7 +81,7 @@ export = { test.done(); }, - 'specify both'(test: Test) { + 'specify displayName and topicName'(test: Test) { const stack = new cdk.Stack(); new sns.Topic(stack, 'MyTopic', { @@ -104,11 +104,70 @@ export = { test.done(); }, + // NOTE: This test case should be invalid when CloudFormation problem reported in CDK issue 12386 is resolved + // see https://github.com/aws/aws-cdk/issues/12386 + 'throw with missing topicName on fifo topic'(test: Test) { + const stack = new cdk.Stack(); + + test.throws(() => new sns.Topic(stack, 'MyTopic', { + fifo: true, + }), /FIFO SNS topics must be given a topic name./); + + test.done(); + }, + + 'specify fifo without .fifo suffix in topicName'(test: Test) { + const stack = new cdk.Stack(); + + new sns.Topic(stack, 'MyTopic', { + fifo: true, + topicName: 'topicName', + }); + + expect(stack).toMatch({ + 'Resources': { + 'MyTopic86869434': { + 'Type': 'AWS::SNS::Topic', + 'Properties': { + 'FifoTopic': true, + 'TopicName': 'topicName.fifo', + }, + }, + }, + }); + + test.done(); + }, + + 'specify fifo with .fifo suffix in topicName'(test: Test) { + const stack = new cdk.Stack(); + + new sns.Topic(stack, 'MyTopic', { + fifo: true, + topicName: 'topicName.fifo', + }); + + expect(stack).toMatch({ + 'Resources': { + 'MyTopic86869434': { + 'Type': 'AWS::SNS::Topic', + 'Properties': { + 'FifoTopic': true, + 'TopicName': 'topicName.fifo', + }, + }, + }, + }); + + test.done(); + }, + 'specify fifo without contentBasedDeduplication'(test: Test) { const stack = new cdk.Stack(); new sns.Topic(stack, 'MyTopic', { fifo: true, + topicName: 'topicName', }); expect(stack).toMatch({ @@ -117,6 +176,7 @@ export = { 'Type': 'AWS::SNS::Topic', 'Properties': { 'FifoTopic': true, + 'TopicName': 'topicName.fifo', }, }, }, @@ -131,6 +191,7 @@ export = { new sns.Topic(stack, 'MyTopic', { contentBasedDeduplication: true, fifo: true, + topicName: 'topicName', }); expect(stack).toMatch({ @@ -140,6 +201,7 @@ export = { 'Properties': { 'ContentBasedDeduplication': true, 'FifoTopic': true, + 'TopicName': 'topicName.fifo', }, }, }, diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index 18bb815996ac7..7be27a709ae75 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -76,7 +76,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -99,7 +99,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-ssm/package.json b/packages/@aws-cdk/aws-ssm/package.json index 43b5bdc958e03..38f62f0bb40f3 100644 --- a/packages/@aws-cdk/aws-ssm/package.json +++ b/packages/@aws-cdk/aws-ssm/package.json @@ -97,7 +97,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/aws-sso/package.json b/packages/@aws-cdk/aws-sso/package.json index ea7aaa1d2c45b..02842e0bbb53d 100644 --- a/packages/@aws-cdk/aws-sso/package.json +++ b/packages/@aws-cdk/aws-sso/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md index 32044b4a23649..689ed0a53195f 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md @@ -667,7 +667,7 @@ You can call the [`StartJobRun`](https://docs.aws.amazon.com/glue/latest/dg/aws- ```ts new GlueStartJobRun(stack, 'Task', { - jobName: 'my-glue-job', + glueJobName: 'my-glue-job', arguments: { key: 'value', }, diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json index 3176bf2829eb5..05e29937628d3 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json @@ -118,7 +118,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable", diff --git a/packages/@aws-cdk/aws-stepfunctions/package.json b/packages/@aws-cdk/aws-stepfunctions/package.json index 81c0056c5c017..9f20f1437939c 100644 --- a/packages/@aws-cdk/aws-stepfunctions/package.json +++ b/packages/@aws-cdk/aws-stepfunctions/package.json @@ -98,7 +98,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-synthetics/package.json b/packages/@aws-cdk/aws-synthetics/package.json index 2a4bc2170c834..e9c168a03b00d 100644 --- a/packages/@aws-cdk/aws-synthetics/package.json +++ b/packages/@aws-cdk/aws-synthetics/package.json @@ -99,7 +99,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "developer-preview", diff --git a/packages/@aws-cdk/aws-timestream/package.json b/packages/@aws-cdk/aws-timestream/package.json index c9c5c606d1361..40af4cde4d161 100644 --- a/packages/@aws-cdk/aws-timestream/package.json +++ b/packages/@aws-cdk/aws-timestream/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-transfer/package.json b/packages/@aws-cdk/aws-transfer/package.json index 5f30d3ad91603..e7537ca2a0c04 100644 --- a/packages/@aws-cdk/aws-transfer/package.json +++ b/packages/@aws-cdk/aws-transfer/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-waf/package.json b/packages/@aws-cdk/aws-waf/package.json index 907e68f31eb51..7bbbbd97f7287 100644 --- a/packages/@aws-cdk/aws-waf/package.json +++ b/packages/@aws-cdk/aws-waf/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-wafregional/package.json b/packages/@aws-cdk/aws-wafregional/package.json index 60f7c2052c232..f07a701b7d05f 100644 --- a/packages/@aws-cdk/aws-wafregional/package.json +++ b/packages/@aws-cdk/aws-wafregional/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-wafv2/package.json b/packages/@aws-cdk/aws-wafv2/package.json index f06a0b25d4d39..264600e14ddd5 100644 --- a/packages/@aws-cdk/aws-wafv2/package.json +++ b/packages/@aws-cdk/aws-wafv2/package.json @@ -90,7 +90,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/aws-workspaces/package.json b/packages/@aws-cdk/aws-workspaces/package.json index 4c14d7649c0d7..d8dc39a0c53d1 100644 --- a/packages/@aws-cdk/aws-workspaces/package.json +++ b/packages/@aws-cdk/aws-workspaces/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "cfn-only", diff --git a/packages/@aws-cdk/cdk-assets-schema/package.json b/packages/@aws-cdk/cdk-assets-schema/package.json index d38f3fb7674b5..041fcf748eea0 100644 --- a/packages/@aws-cdk/cdk-assets-schema/package.json +++ b/packages/@aws-cdk/cdk-assets-schema/package.json @@ -69,7 +69,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "deprecated", "awscdkio": { diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index c2eac793948d6..b2d9016a94475 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,472 @@ +# CloudFormation Resource Specification v23.0.0 + +## New Resource Types + +* AWS::Config::StoredQuery +* AWS::DataSync::Agent +* AWS::DataSync::LocationEFS +* AWS::DataSync::LocationFSxWindows +* AWS::DataSync::LocationNFS +* AWS::DataSync::LocationObjectStorage +* AWS::DataSync::LocationS3 +* AWS::DataSync::LocationSMB +* AWS::DataSync::Task +* AWS::MediaConnect::Flow +* AWS::MediaConnect::FlowEntitlement +* AWS::MediaConnect::FlowOutput +* AWS::MediaConnect::FlowSource +* AWS::MediaConnect::FlowVpcInterface +* AWS::Route53::DNSSEC +* AWS::Route53::KeySigningKey +* AWS::Route53Resolver::ResolverDNSSECConfig + +## Attribute Changes + +* AWS::ApiGateway::ClientCertificate ClientCertificateId (__added__) +* AWS::AuditManager::Assessment arn (__deleted__) +* AWS::AuditManager::Assessment assessmentId (__deleted__) +* AWS::AuditManager::Assessment creationTime (__deleted__) +* AWS::AuditManager::Assessment delegations (__deleted__) +* AWS::AuditManager::Assessment frameworkId (__deleted__) +* AWS::AuditManager::Assessment Arn (__added__) +* AWS::AuditManager::Assessment AssessmentId (__added__) +* AWS::AuditManager::Assessment CreationTime (__added__) +* AWS::AuditManager::Assessment Delegations (__added__) +* AWS::AuditManager::Assessment FrameworkId (__added__) +* AWS::EC2::NetworkInsightsAnalysis StatusMessage (__added__) +* AWS::ElastiCache::User Authentication (__deleted__) +* AWS::ElastiCache::User UserGroupIds (__deleted__) +* AWS::ElastiCache::UserGroup PendingChanges (__deleted__) +* AWS::ElastiCache::UserGroup ReplicationGroupIds (__deleted__) +* AWS::ElasticLoadBalancingV2::ListenerRule IsDefault (__added__) +* AWS::ElasticLoadBalancingV2::ListenerRule RuleArn (__added__) +* AWS::SageMaker::Device DeviceFleetName (__deleted__) +* AWS::SageMaker::DeviceFleet DeviceFleetName (__deleted__) + +## Property Changes + +* AWS::ACMPCA::CertificateAuthority CsrExtensions (__added__) +* AWS::ApiGatewayV2::Integration ResponseParameters (__added__) +* AWS::Athena::DataCatalog Tags.ItemType (__added__) +* AWS::Athena::DataCatalog Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::Athena::WorkGroup Tags.ItemType (__added__) +* AWS::Athena::WorkGroup Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::AuditManager::Assessment assessmentReportsDestination (__deleted__) +* AWS::AuditManager::Assessment awsAccount (__deleted__) +* AWS::AuditManager::Assessment description (__deleted__) +* AWS::AuditManager::Assessment frameworkId (__deleted__) +* AWS::AuditManager::Assessment name (__deleted__) +* AWS::AuditManager::Assessment roles (__deleted__) +* AWS::AuditManager::Assessment scope (__deleted__) +* AWS::AuditManager::Assessment status (__deleted__) +* AWS::AuditManager::Assessment tags (__deleted__) +* AWS::AuditManager::Assessment AssessmentReportsDestination (__added__) +* AWS::AuditManager::Assessment AwsAccount (__added__) +* AWS::AuditManager::Assessment Description (__added__) +* AWS::AuditManager::Assessment FrameworkId (__added__) +* AWS::AuditManager::Assessment Name (__added__) +* AWS::AuditManager::Assessment Roles (__added__) +* AWS::AuditManager::Assessment Scope (__added__) +* AWS::AuditManager::Assessment Status (__added__) +* AWS::AuditManager::Assessment Tags (__added__) +* AWS::EC2::CarrierGateway Tags.DuplicatesAllowed (__added__) +* AWS::EC2::CarrierGateway Tags.ItemType (__added__) +* AWS::EC2::CarrierGateway Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::EC2::LocalGatewayRouteTableVPCAssociation Tags.DuplicatesAllowed (__added__) +* AWS::EC2::LocalGatewayRouteTableVPCAssociation Tags.ItemType (__added__) +* AWS::EC2::LocalGatewayRouteTableVPCAssociation Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::EC2::NetworkInsightsAnalysis StatusMessage (__deleted__) +* AWS::ECR::PublicRepository RepositoryPolicyText.PrimitiveType (__added__) +* AWS::ECR::Repository RepositoryPolicyText.PrimitiveType (__added__) +* AWS::ElastiCache::User Authentication (__added__) +* AWS::ElastiCache::User UserGroupIds (__added__) +* AWS::ElastiCache::User Passwords.DuplicatesAllowed (__added__) +* AWS::ElastiCache::User Passwords.PrimitiveItemType (__added__) +* AWS::ElastiCache::User Passwords.Type (__changed__) + * Old: PasswordList + * New: List +* AWS::ElastiCache::UserGroup PendingChanges (__added__) +* AWS::ElastiCache::UserGroup ReplicationGroupIds (__added__) +* AWS::ElastiCache::UserGroup UserIds.DuplicatesAllowed (__added__) +* AWS::ElastiCache::UserGroup UserIds.PrimitiveItemType (__added__) +* AWS::ElastiCache::UserGroup UserIds.Type (__changed__) + * Old: UserIdList + * New: List +* AWS::GameLift::GameServerGroup InstanceDefinitions.ItemType (__added__) +* AWS::GameLift::GameServerGroup InstanceDefinitions.Type (__changed__) + * Old: InstanceDefinitions + * New: List +* AWS::GameLift::GameServerGroup Tags.ItemType (__added__) +* AWS::GameLift::GameServerGroup Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::GameLift::GameServerGroup VpcSubnets.PrimitiveItemType (__added__) +* AWS::GameLift::GameServerGroup VpcSubnets.Type (__changed__) + * Old: VpcSubnets + * New: List +* AWS::IoT::Authorizer Tags.ItemType (__added__) +* AWS::IoT::Authorizer Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::IoT::Authorizer TokenSigningPublicKeys.PrimitiveItemType (__added__) +* AWS::IoT::Authorizer TokenSigningPublicKeys.Type (__changed__) + * Old: TokenSigningPublicKeys + * New: Map +* AWS::IoT::DomainConfiguration Tags.ItemType (__added__) +* AWS::IoT::DomainConfiguration Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::IoT::ProvisioningTemplate Tags.ItemType (__added__) +* AWS::IoT::ProvisioningTemplate Tags.Type (__changed__) + * Old: Tags + * New: List +* AWS::KMS::Key KeyPolicy.PrimitiveType (__added__) +* AWS::Kendra::DataSource Tags.ItemType (__added__) +* AWS::Kendra::DataSource Tags.Type (__changed__) + * Old: TagList + * New: List +* AWS::Kendra::Faq Tags.ItemType (__added__) +* AWS::Kendra::Faq Tags.Type (__changed__) + * Old: TagList + * New: List +* AWS::Kendra::Index DocumentMetadataConfigurations.ItemType (__added__) +* AWS::Kendra::Index DocumentMetadataConfigurations.Type (__changed__) + * Old: DocumentMetadataConfigurationList + * New: List +* AWS::Kendra::Index Tags.ItemType (__added__) +* AWS::Kendra::Index Tags.Type (__changed__) + * Old: TagList + * New: List +* AWS::Kendra::Index UserTokenConfigurations.ItemType (__added__) +* AWS::Kendra::Index UserTokenConfigurations.Type (__changed__) + * Old: UserTokenConfigurationList + * New: List +* AWS::LicenseManager::Grant AllowedOperations.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant AllowedOperations.PrimitiveItemType (__added__) +* AWS::LicenseManager::Grant AllowedOperations.Type (__changed__) + * Old: AllowedOperationList + * New: List +* AWS::LicenseManager::Grant Filters.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant Filters.ItemType (__added__) +* AWS::LicenseManager::Grant Filters.Type (__changed__) + * Old: FilterList + * New: List +* AWS::LicenseManager::Grant GrantArns.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant GrantArns.PrimitiveItemType (__added__) +* AWS::LicenseManager::Grant GrantArns.Type (__changed__) + * Old: ArnList + * New: List +* AWS::LicenseManager::Grant GrantedOperations.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant GrantedOperations.PrimitiveItemType (__added__) +* AWS::LicenseManager::Grant GrantedOperations.Type (__changed__) + * Old: AllowedOperationList + * New: List +* AWS::LicenseManager::Grant Principals.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant Principals.PrimitiveItemType (__added__) +* AWS::LicenseManager::Grant Principals.Type (__changed__) + * Old: ArnList + * New: List +* AWS::LicenseManager::Grant Tags.DuplicatesAllowed (__added__) +* AWS::LicenseManager::Grant Tags.ItemType (__added__) +* AWS::LicenseManager::Grant Tags.Type (__changed__) + * Old: TagList + * New: List +* AWS::LicenseManager::License Entitlements.DuplicatesAllowed (__added__) +* AWS::LicenseManager::License Entitlements.ItemType (__added__) +* AWS::LicenseManager::License Entitlements.Type (__changed__) + * Old: EntitlementList + * New: List +* AWS::LicenseManager::License Filters.DuplicatesAllowed (__added__) +* AWS::LicenseManager::License Filters.ItemType (__added__) +* AWS::LicenseManager::License Filters.Type (__changed__) + * Old: FilterList + * New: List +* AWS::LicenseManager::License LicenseArns.DuplicatesAllowed (__added__) +* AWS::LicenseManager::License LicenseArns.PrimitiveItemType (__added__) +* AWS::LicenseManager::License LicenseArns.Type (__changed__) + * Old: ArnList + * New: List +* AWS::LicenseManager::License LicenseMetadata.DuplicatesAllowed (__added__) +* AWS::LicenseManager::License LicenseMetadata.ItemType (__added__) +* AWS::LicenseManager::License LicenseMetadata.Type (__changed__) + * Old: MetadataList + * New: List +* AWS::LicenseManager::License Tags.DuplicatesAllowed (__added__) +* AWS::LicenseManager::License Tags.ItemType (__added__) +* AWS::LicenseManager::License Tags.Type (__changed__) + * Old: TagList + * New: List +* AWS::MediaLive::Channel CdiInputSpecification (__added__) +* AWS::SSO::InstanceAccessControlAttributeConfiguration AccessControlAttributes (__added__) +* AWS::SSO::InstanceAccessControlAttributeConfiguration InstanceAccessControlAttributeConfiguration.Required (__changed__) + * Old: true + * New: false +* AWS::SSO::InstanceAccessControlAttributeConfiguration InstanceArn.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::SSO::PermissionSet InlinePolicy.PrimitiveType (__changed__) + * Old: String + * New: Json +* AWS::SageMaker::Device DeviceFleetName (__added__) +* AWS::SageMaker::DeviceFleet DeviceFleetName (__added__) +* AWS::SageMaker::ModelPackageGroup ModelPackageGroupPolicy.PrimitiveType (__added__) +* AWS::StepFunctions::StateMachine DefinitionSubstitutions.PrimitiveItemType (__added__) +* AWS::StepFunctions::StateMachine DefinitionSubstitutions.Type (__changed__) + * Old: DefinitionSubstitutions + * New: Map +* AWS::Transfer::Server Domain (__added__) +* AWS::Transfer::User PosixProfile (__added__) + +## Property Type Changes + +* AWS::Athena::DataCatalog.Tags (__removed__) +* AWS::Athena::WorkGroup.Tags (__removed__) +* AWS::AuditManager::Assessment.AWSAccounts (__removed__) +* AWS::AuditManager::Assessment.AWSServices (__removed__) +* AWS::AuditManager::Assessment.Delegations (__removed__) +* AWS::AuditManager::Assessment.Roles (__removed__) +* AWS::AuditManager::Assessment.Tags (__removed__) +* AWS::EC2::CarrierGateway.Tags (__removed__) +* AWS::EC2::LocalGatewayRouteTableVPCAssociation.Tags (__removed__) +* AWS::ElastiCache::User.PasswordList (__removed__) +* AWS::ElastiCache::User.UserGroupIdList (__removed__) +* AWS::ElastiCache::UserGroup.ReplicationGroupIdList (__removed__) +* AWS::ElastiCache::UserGroup.UserIdList (__removed__) +* AWS::GameLift::GameServerGroup.InstanceDefinitions (__removed__) +* AWS::GameLift::GameServerGroup.Tags (__removed__) +* AWS::GameLift::GameServerGroup.VpcSubnets (__removed__) +* AWS::IoT::Authorizer.Tags (__removed__) +* AWS::IoT::Authorizer.TokenSigningPublicKeys (__removed__) +* AWS::IoT::DomainConfiguration.Tags (__removed__) +* AWS::IoT::ProvisioningTemplate.Tags (__removed__) +* AWS::Kendra::DataSource.TagList (__removed__) +* AWS::Kendra::Faq.TagList (__removed__) +* AWS::Kendra::Index.DocumentMetadataConfigurationList (__removed__) +* AWS::Kendra::Index.TagList (__removed__) +* AWS::Kendra::Index.UserTokenConfigurationList (__removed__) +* AWS::LicenseManager::Grant.AllowedOperationList (__removed__) +* AWS::LicenseManager::Grant.ArnList (__removed__) +* AWS::LicenseManager::Grant.FilterList (__removed__) +* AWS::LicenseManager::Grant.TagList (__removed__) +* AWS::LicenseManager::License.ArnList (__removed__) +* AWS::LicenseManager::License.EntitlementList (__removed__) +* AWS::LicenseManager::License.FilterList (__removed__) +* AWS::LicenseManager::License.MetadataList (__removed__) +* AWS::LicenseManager::License.TagList (__removed__) +* AWS::StepFunctions::StateMachine.DefinitionSubstitutions (__removed__) +* AWS::ACMPCA::CertificateAuthority.AccessDescription (__added__) +* AWS::ACMPCA::CertificateAuthority.AccessMethod (__added__) +* AWS::ACMPCA::CertificateAuthority.CsrExtensions (__added__) +* AWS::ACMPCA::CertificateAuthority.EdiPartyName (__added__) +* AWS::ACMPCA::CertificateAuthority.GeneralName (__added__) +* AWS::ACMPCA::CertificateAuthority.KeyUsage (__added__) +* AWS::ACMPCA::CertificateAuthority.OtherName (__added__) +* AWS::ACMPCA::CertificateAuthority.SubjectInformationAccess (__added__) +* AWS::ApiGatewayV2::Integration.ResponseParameter (__added__) +* AWS::ApiGatewayV2::Integration.ResponseParameterList (__added__) +* AWS::MediaLive::Channel.AncillarySourceSettings (__added__) +* AWS::MediaLive::Channel.AudioSilenceFailoverSettings (__added__) +* AWS::MediaLive::Channel.CdiInputSpecification (__added__) +* AWS::MediaLive::Channel.FailoverCondition (__added__) +* AWS::MediaLive::Channel.FailoverConditionSettings (__added__) +* AWS::MediaLive::Channel.InputLossFailoverSettings (__added__) +* AWS::MediaLive::Channel.Mpeg2FilterSettings (__added__) +* AWS::MediaLive::Channel.Mpeg2Settings (__added__) +* AWS::MediaLive::Channel.RawSettings (__added__) +* AWS::MediaLive::Channel.VideoBlackFailoverSettings (__added__) +* AWS::MediaLive::Channel.WavSettings (__added__) +* AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute (__added__) +* AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue (__added__) +* AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValueSourceList (__added__) +* AWS::Transfer::User.PosixProfile (__added__) +* AWS::AuditManager::Assessment.AWSAccount emailAddress (__deleted__) +* AWS::AuditManager::Assessment.AWSAccount id (__deleted__) +* AWS::AuditManager::Assessment.AWSAccount name (__deleted__) +* AWS::AuditManager::Assessment.AWSAccount EmailAddress (__added__) +* AWS::AuditManager::Assessment.AWSAccount Id (__added__) +* AWS::AuditManager::Assessment.AWSAccount Name (__added__) +* AWS::AuditManager::Assessment.AWSService serviceName (__deleted__) +* AWS::AuditManager::Assessment.AWSService ServiceName (__added__) +* AWS::AuditManager::Assessment.AssessmentReportsDestination destination (__deleted__) +* AWS::AuditManager::Assessment.AssessmentReportsDestination destinationType (__deleted__) +* AWS::AuditManager::Assessment.AssessmentReportsDestination Destination (__added__) +* AWS::AuditManager::Assessment.AssessmentReportsDestination DestinationType (__added__) +* AWS::AuditManager::Assessment.Delegation assessmentId (__deleted__) +* AWS::AuditManager::Assessment.Delegation assessmentName (__deleted__) +* AWS::AuditManager::Assessment.Delegation comment (__deleted__) +* AWS::AuditManager::Assessment.Delegation controlSetId (__deleted__) +* AWS::AuditManager::Assessment.Delegation createdBy (__deleted__) +* AWS::AuditManager::Assessment.Delegation creationTime (__deleted__) +* AWS::AuditManager::Assessment.Delegation id (__deleted__) +* AWS::AuditManager::Assessment.Delegation lastUpdated (__deleted__) +* AWS::AuditManager::Assessment.Delegation roleArn (__deleted__) +* AWS::AuditManager::Assessment.Delegation roleType (__deleted__) +* AWS::AuditManager::Assessment.Delegation status (__deleted__) +* AWS::AuditManager::Assessment.Delegation AssessmentId (__added__) +* AWS::AuditManager::Assessment.Delegation AssessmentName (__added__) +* AWS::AuditManager::Assessment.Delegation Comment (__added__) +* AWS::AuditManager::Assessment.Delegation ControlSetId (__added__) +* AWS::AuditManager::Assessment.Delegation CreatedBy (__added__) +* AWS::AuditManager::Assessment.Delegation CreationTime (__added__) +* AWS::AuditManager::Assessment.Delegation Id (__added__) +* AWS::AuditManager::Assessment.Delegation LastUpdated (__added__) +* AWS::AuditManager::Assessment.Delegation RoleArn (__added__) +* AWS::AuditManager::Assessment.Delegation RoleType (__added__) +* AWS::AuditManager::Assessment.Delegation Status (__added__) +* AWS::AuditManager::Assessment.Role roleArn (__deleted__) +* AWS::AuditManager::Assessment.Role roleType (__deleted__) +* AWS::AuditManager::Assessment.Role RoleArn (__added__) +* AWS::AuditManager::Assessment.Role RoleType (__added__) +* AWS::AuditManager::Assessment.Scope awsAccounts (__deleted__) +* AWS::AuditManager::Assessment.Scope awsServices (__deleted__) +* AWS::AuditManager::Assessment.Scope AwsAccounts (__added__) +* AWS::AuditManager::Assessment.Scope AwsServices (__added__) +* AWS::EC2::LaunchTemplate.Ebs Throughput (__added__) +* AWS::ElasticLoadBalancingV2::ListenerRule.Action AuthenticateCognitoConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticatecognitoconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticatecognitoconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.Action AuthenticateOidcConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticateoidcconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticateoidcconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.Action FixedResponseConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-fixedresponseconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-fixedresponseconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.Action ForwardConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-forwardconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-forwardconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.Action Order.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-order + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-order +* AWS::ElasticLoadBalancingV2::ListenerRule.Action RedirectConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-redirectconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-redirectconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.Action TargetGroupArn.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listener-actions-targetgrouparn + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-targetgrouparn +* AWS::ElasticLoadBalancingV2::ListenerRule.Action Type.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listener-actions-type + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-type +* AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig AuthenticationRequestExtraParams.DuplicatesAllowed (__deleted__) +* AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig SessionTimeout.PrimitiveType (__changed__) + * Old: Long + * New: Integer +* AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig UseExistingClientSecret (__added__) +* AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig AuthenticationRequestExtraParams.DuplicatesAllowed (__deleted__) +* AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig SessionTimeout.PrimitiveType (__changed__) + * Old: Long + * New: Integer +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition Field.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-conditions-field + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-field +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition HostHeaderConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-hostheaderconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-hostheaderconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition HttpHeaderConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httpheaderconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httpheaderconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition HttpRequestMethodConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httprequestmethodconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httprequestmethodconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition PathPatternConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-pathpatternconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-pathpatternconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition QueryStringConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-querystringconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-querystringconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition SourceIpConfig.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-sourceipconfig + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-sourceipconfig +* AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition Values.Documentation (__changed__) + * Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-conditions-values + * New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-values +* AWS::ImageBuilder::DistributionConfiguration.Distribution ContainerDistributionConfiguration (__added__) +* AWS::IoTWireless::WirelessDevice.AbpV10X DevAddr.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.AbpV10X SessionKeys.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.AbpV11 DevAddr.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.AbpV11 SessionKeys.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.OtaaV10X AppEui.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.OtaaV10X AppKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.OtaaV11 AppKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.OtaaV11 JoinEui.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.OtaaV11 NwkKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10X AppSKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10X NwkSKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11 AppSKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11 FNwkSIntKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11 NwkSEncKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11 SNwkSIntKey.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessGateway.LoRaWANGateway GatewayEui.Required (__changed__) + * Old: false + * New: true +* AWS::IoTWireless::WirelessGateway.LoRaWANGateway RfRegion.Required (__changed__) + * Old: false + * New: true +* AWS::MediaLive::Channel.ArchiveContainerSettings RawSettings (__added__) +* AWS::MediaLive::Channel.AudioCodecSettings WavSettings (__added__) +* AWS::MediaLive::Channel.AutomaticInputFailoverSettings ErrorClearTimeMsec (__added__) +* AWS::MediaLive::Channel.AutomaticInputFailoverSettings FailoverConditions (__added__) +* AWS::MediaLive::Channel.CaptionSelectorSettings AncillarySourceSettings (__added__) +* AWS::MediaLive::Channel.HlsGroupSettings DiscontinuityTags (__added__) +* AWS::MediaLive::Channel.HlsGroupSettings IncompleteSegmentBehavior (__added__) +* AWS::MediaLive::Channel.RtmpGroupSettings AdMarkers (__added__) +* AWS::MediaLive::Channel.VideoCodecSettings Mpeg2Settings (__added__) + +# Serverless Application Model (SAM) Resource Specification v2016-10-31 + +## New Resource Types + + +## Attribute Changes + + +## Property Changes + +* AWS::Serverless::LayerVersion ContentUri.PrimitiveType (__deleted__) +* AWS::Serverless::LayerVersion ContentUri.PrimitiveTypes (__added__) +* AWS::Serverless::LayerVersion ContentUri.Types (__added__) + +## Property Type Changes + +* AWS::Serverless::LayerVersion.S3Location (__added__) + # CloudFormation Resource Specification v22.0.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts index 1cf4c4f9cc32e..73276889da9df 100644 --- a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts +++ b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts @@ -272,7 +272,7 @@ async function main() { '', '![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge)', '', - '> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use.' + + '> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use.', '>', '> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib', '', diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 1d975bef24600..84b76f4d1c529 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -22.0.0 +23.0.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index ca6f3aa09b55b..861e9f77698ac 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -17,6 +17,40 @@ } } }, + "AWS::ACMPCA::CertificateAuthority.AccessDescription": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessdescription.html", + "Properties": { + "AccessLocation": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessdescription.html#cfn-acmpca-certificateauthority-accessdescription-accesslocation", + "Required": true, + "Type": "GeneralName", + "UpdateType": "Immutable" + }, + "AccessMethod": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessdescription.html#cfn-acmpca-certificateauthority-accessdescription-accessmethod", + "Required": true, + "Type": "AccessMethod", + "UpdateType": "Immutable" + } + } + }, + "AWS::ACMPCA::CertificateAuthority.AccessMethod": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessmethod.html", + "Properties": { + "AccessMethodType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessmethod.html#cfn-acmpca-certificateauthority-accessmethod-accessmethodtype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "CustomObjectIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-accessmethod.html#cfn-acmpca-certificateauthority-accessmethod-customobjectidentifier", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::ACMPCA::CertificateAuthority.CrlConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-crlconfiguration.html", "Properties": { @@ -46,6 +80,169 @@ } } }, + "AWS::ACMPCA::CertificateAuthority.CsrExtensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-csrextensions.html", + "Properties": { + "KeyUsage": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-csrextensions.html#cfn-acmpca-certificateauthority-csrextensions-keyusage", + "Required": false, + "Type": "KeyUsage", + "UpdateType": "Immutable" + }, + "SubjectInformationAccess": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-csrextensions.html#cfn-acmpca-certificateauthority-csrextensions-subjectinformationaccess", + "Required": false, + "Type": "SubjectInformationAccess", + "UpdateType": "Immutable" + } + } + }, + "AWS::ACMPCA::CertificateAuthority.EdiPartyName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-edipartyname.html", + "Properties": { + "NameAssigner": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-edipartyname.html#cfn-acmpca-certificateauthority-edipartyname-nameassigner", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "PartyName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-edipartyname.html#cfn-acmpca-certificateauthority-edipartyname-partyname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::ACMPCA::CertificateAuthority.GeneralName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html", + "Properties": { + "DirectoryName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-directoryname", + "Required": false, + "Type": "Subject", + "UpdateType": "Immutable" + }, + "DnsName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-dnsname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "EdiPartyName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-edipartyname", + "Required": false, + "Type": "EdiPartyName", + "UpdateType": "Immutable" + }, + "IpAddress": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-ipaddress", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "OtherName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-othername", + "Required": false, + "Type": "OtherName", + "UpdateType": "Immutable" + }, + "RegisteredId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-registeredid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Rfc822Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-rfc822name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "UniformResourceIdentifier": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-generalname.html#cfn-acmpca-certificateauthority-generalname-uniformresourceidentifier", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::ACMPCA::CertificateAuthority.KeyUsage": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html", + "Properties": { + "CRLSign": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-crlsign", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "DataEncipherment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-dataencipherment", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "DecipherOnly": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-decipheronly", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "DigitalSignature": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-digitalsignature", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "EncipherOnly": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-encipheronly", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "KeyAgreement": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-keyagreement", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "KeyCertSign": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-keycertsign", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "KeyEncipherment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-keyencipherment", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + }, + "NonRepudiation": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-keyusage.html#cfn-acmpca-certificateauthority-keyusage-nonrepudiation", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::ACMPCA::CertificateAuthority.OtherName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-othername.html", + "Properties": { + "TypeId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-othername.html#cfn-acmpca-certificateauthority-othername-typeid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-othername.html#cfn-acmpca-certificateauthority-othername-value", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, "AWS::ACMPCA::CertificateAuthority.RevocationConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-revocationconfiguration.html", "Properties": { @@ -146,6 +343,18 @@ } } }, + "AWS::ACMPCA::CertificateAuthority.SubjectInformationAccess": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-subjectinformationaccess.html", + "Properties": { + "SubjectInformationAccess": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-subjectinformationaccess.html#cfn-acmpca-certificateauthority-subjectinformationaccess-subjectinformationaccess", + "ItemType": "AccessDescription", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + } + } + }, "AWS::AccessAnalyzer::Analyzer.ArchiveRule": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-archiverule.html", "Properties": { @@ -1647,6 +1856,35 @@ } } }, + "AWS::ApiGatewayV2::Integration.ResponseParameter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameter.html", + "Properties": { + "Destination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameter.html#cfn-apigatewayv2-integration-responseparameter-destination", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameter.html#cfn-apigatewayv2-integration-responseparameter-source", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::ApiGatewayV2::Integration.ResponseParameterList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html", + "Properties": { + "ResponseParameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html#cfn-apigatewayv2-integration-responseparameterlist-responseparameters", + "ItemType": "ResponseParameter", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::ApiGatewayV2::Integration.TlsConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-tlsconfig.html", "Properties": { @@ -6242,18 +6480,6 @@ } } }, - "AWS::Athena::DataCatalog.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-datacatalog-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-datacatalog-tags.html#cfn-athena-datacatalog-tags-tags", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Athena::WorkGroup.EncryptionConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-encryptionconfiguration.html", "Properties": { @@ -6317,18 +6543,6 @@ } } }, - "AWS::Athena::WorkGroup.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-tags.html#cfn-athena-workgroup-tags-tags", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Athena::WorkGroup.WorkGroupConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-athena-workgroup-workgroupconfiguration.html", "Properties": { @@ -6408,19 +6622,19 @@ "AWS::AuditManager::Assessment.AWSAccount": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html", "Properties": { - "emailAddress": { + "EmailAddress": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html#cfn-auditmanager-assessment-awsaccount-emailaddress", "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" }, - "id": { + "Id": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html#cfn-auditmanager-assessment-awsaccount-id", "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" }, - "name": { + "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccount.html#cfn-auditmanager-assessment-awsaccount-name", "PrimitiveType": "String", "Required": false, @@ -6428,22 +6642,10 @@ } } }, - "AWS::AuditManager::Assessment.AWSAccounts": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccounts.html", - "Properties": { - "AWSAccounts": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsaccounts.html#cfn-auditmanager-assessment-awsaccounts-awsaccounts", - "ItemType": "AWSAccount", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::AuditManager::Assessment.AWSService": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsservice.html", "Properties": { - "serviceName": { + "ServiceName": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsservice.html#cfn-auditmanager-assessment-awsservice-servicename", "PrimitiveType": "String", "Required": false, @@ -6451,28 +6653,16 @@ } } }, - "AWS::AuditManager::Assessment.AWSServices": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsservices.html", - "Properties": { - "AWSServices": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-awsservices.html#cfn-auditmanager-assessment-awsservices-awsservices", - "ItemType": "AWSService", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::AuditManager::Assessment.AssessmentReportsDestination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-assessmentreportsdestination.html", "Properties": { - "destination": { + "Destination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-assessmentreportsdestination.html#cfn-auditmanager-assessment-assessmentreportsdestination-destination", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "destinationType": { + "DestinationType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-assessmentreportsdestination.html#cfn-auditmanager-assessment-assessmentreportsdestination-destinationtype", "PrimitiveType": "String", "Required": false, @@ -6483,67 +6673,67 @@ "AWS::AuditManager::Assessment.Delegation": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html", "Properties": { - "assessmentId": { + "AssessmentId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-assessmentid", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "assessmentName": { + "AssessmentName": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-assessmentname", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "comment": { + "Comment": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-comment", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "controlSetId": { + "ControlSetId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-controlsetid", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "createdBy": { + "CreatedBy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-createdby", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "creationTime": { + "CreationTime": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-creationtime", "PrimitiveType": "Double", "Required": false, "UpdateType": "Mutable" }, - "id": { + "Id": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-id", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "lastUpdated": { + "LastUpdated": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-lastupdated", "PrimitiveType": "Double", "Required": false, "UpdateType": "Mutable" }, - "roleArn": { + "RoleArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-rolearn", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "roleType": { + "RoleType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-roletype", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "status": { + "Status": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegation.html#cfn-auditmanager-assessment-delegation-status", "PrimitiveType": "String", "Required": false, @@ -6551,28 +6741,16 @@ } } }, - "AWS::AuditManager::Assessment.Delegations": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegations.html", - "Properties": { - "Delegations": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-delegations.html#cfn-auditmanager-assessment-delegations-delegations", - "ItemType": "Delegation", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::AuditManager::Assessment.Role": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-role.html", "Properties": { - "roleArn": { + "RoleArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-role.html#cfn-auditmanager-assessment-role-rolearn", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "roleType": { + "RoleType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-role.html#cfn-auditmanager-assessment-role-roletype", "PrimitiveType": "String", "Required": false, @@ -6580,41 +6758,19 @@ } } }, - "AWS::AuditManager::Assessment.Roles": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-roles.html", - "Properties": { - "Roles": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-roles.html#cfn-auditmanager-assessment-roles-roles", - "ItemType": "Role", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::AuditManager::Assessment.Scope": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-scope.html", "Properties": { - "awsAccounts": { + "AwsAccounts": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-scope.html#cfn-auditmanager-assessment-scope-awsaccounts", + "ItemType": "AWSAccount", "Required": false, - "Type": "AWSAccounts", + "Type": "List", "UpdateType": "Mutable" }, - "awsServices": { + "AwsServices": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-scope.html#cfn-auditmanager-assessment-scope-awsservices", - "Required": false, - "Type": "AWSServices", - "UpdateType": "Mutable" - } - } - }, - "AWS::AuditManager::Assessment.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-auditmanager-assessment-tags.html#cfn-auditmanager-assessment-tags-tags", - "ItemType": "Tag", + "ItemType": "AWSService", "Required": false, "Type": "List", "UpdateType": "Mutable" @@ -14327,6 +14483,180 @@ } } }, + "AWS::DataSync::LocationEFS.Ec2Config": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html", + "Properties": { + "SecurityGroupArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html#cfn-datasync-locationefs-ec2config-securitygrouparns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "SubnetArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationefs-ec2config.html#cfn-datasync-locationefs-ec2config-subnetarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationNFS.MountOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationnfs-mountoptions.html", + "Properties": { + "Version": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationnfs-mountoptions.html#cfn-datasync-locationnfs-mountoptions-version", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationNFS.OnPremConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationnfs-onpremconfig.html", + "Properties": { + "AgentArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationnfs-onpremconfig.html#cfn-datasync-locationnfs-onpremconfig-agentarns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationS3.S3Config": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locations3-s3config.html", + "Properties": { + "BucketAccessRoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locations3-s3config.html#cfn-datasync-locations3-s3config-bucketaccessrolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationSMB.MountOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationsmb-mountoptions.html", + "Properties": { + "Version": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationsmb-mountoptions.html#cfn-datasync-locationsmb-mountoptions-version", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::Task.FilterRule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-filterrule.html", + "Properties": { + "FilterType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-filterrule.html#cfn-datasync-task-filterrule-filtertype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-filterrule.html#cfn-datasync-task-filterrule-value", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::Task.Options": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html", + "Properties": { + "Atime": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-atime", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "BytesPerSecond": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-bytespersecond", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Gid": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-gid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "LogLevel": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-loglevel", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Mtime": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-mtime", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "OverwriteMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-overwritemode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "PosixPermissions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-posixpermissions", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "PreserveDeletedFiles": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-preservedeletedfiles", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "PreserveDevices": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-preservedevices", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TaskQueueing": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-taskqueueing", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TransferMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-transfermode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Uid": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-uid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "VerifyMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-options.html#cfn-datasync-task-options-verifymode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::Task.TaskSchedule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskschedule.html", + "Properties": { + "ScheduleExpression": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskschedule.html#cfn-datasync-task-taskschedule-scheduleexpression", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-devopsguru-notificationchannel-notificationchannelconfig.html", "Properties": { @@ -14616,19 +14946,6 @@ } } }, - "AWS::EC2::CarrierGateway.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-carriergateway-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-carriergateway-tags.html#cfn-ec2-carriergateway-tags-tags", - "DuplicatesAllowed": false, - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-clientvpnendpoint-certificateauthenticationrequest.html", "Properties": { @@ -15524,6 +15841,12 @@ "Required": false, "UpdateType": "Mutable" }, + "Throughput": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-blockdevicemapping-ebs.html#cfn-ec2-launchtemplate-blockdevicemapping-ebs-throughput", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, "VolumeSize": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-blockdevicemapping-ebs.html#cfn-ec2-launchtemplate-blockdevicemapping-ebs-volumesize", "PrimitiveType": "Integer", @@ -16074,19 +16397,6 @@ } } }, - "AWS::EC2::LocalGatewayRouteTableVPCAssociation.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-localgatewayroutetablevpcassociation-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-localgatewayroutetablevpcassociation-tags.html#cfn-ec2-localgatewayroutetablevpcassociation-tags-tags", - "DuplicatesAllowed": false, - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::EC2::NetworkAclEntry.Icmp": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-icmp.html", "Properties": { @@ -20564,43 +20874,6 @@ } } }, - "AWS::ElastiCache::User.PasswordList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-user-passwordlist.html", - "Properties": { - "PasswordList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-user-passwordlist.html#cfn-elasticache-user-passwordlist-passwordlist", - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, - "AWS::ElastiCache::User.UserGroupIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-user-usergroupidlist.html", - "Properties": { - "UserGroupIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-user-usergroupidlist.html#cfn-elasticache-user-usergroupidlist-usergroupidlist", - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, - "AWS::ElastiCache::UserGroup.ReplicationGroupIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-usergroup-replicationgroupidlist.html", - "Properties": { - "ReplicationGroupIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-usergroup-replicationgroupidlist.html#cfn-elasticache-usergroup-replicationgroupidlist-replicationgroupidlist", - "DuplicatesAllowed": false, - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::ElastiCache::UserGroup.UserGroupPendingChanges": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-usergroup-usergrouppendingchanges.html", "Properties": { @@ -20622,19 +20895,6 @@ } } }, - "AWS::ElastiCache::UserGroup.UserIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-usergroup-useridlist.html", - "Properties": { - "UserIdList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-usergroup-useridlist.html#cfn-elasticache-usergroup-useridlist-useridlist", - "DuplicatesAllowed": false, - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticbeanstalk-application-applicationresourcelifecycleconfig.html", "Properties": { @@ -21359,52 +21619,52 @@ } }, "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html", "Properties": { "AuthenticateCognitoConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticatecognitoconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticatecognitoconfig", "Required": false, "Type": "AuthenticateCognitoConfig", "UpdateType": "Mutable" }, "AuthenticateOidcConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticateoidcconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticateoidcconfig", "Required": false, "Type": "AuthenticateOidcConfig", "UpdateType": "Mutable" }, "FixedResponseConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-fixedresponseconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-fixedresponseconfig", "Required": false, "Type": "FixedResponseConfig", "UpdateType": "Mutable" }, "ForwardConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-forwardconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-forwardconfig", "Required": false, "Type": "ForwardConfig", "UpdateType": "Mutable" }, "Order": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-order", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-order", "PrimitiveType": "Integer", "Required": false, "UpdateType": "Mutable" }, "RedirectConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listenerrule-action-redirectconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-redirectconfig", "Required": false, "Type": "RedirectConfig", "UpdateType": "Mutable" }, "TargetGroupArn": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listener-actions-targetgrouparn", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-targetgrouparn", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, "Type": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-actions.html#cfn-elasticloadbalancingv2-listener-actions-type", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-type", "PrimitiveType": "String", "Required": true, "UpdateType": "Mutable" @@ -21416,7 +21676,6 @@ "Properties": { "AuthenticationRequestExtraParams": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-authenticationrequestextraparams", - "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, "Type": "Map", @@ -21442,7 +21701,7 @@ }, "SessionTimeout": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-sessiontimeout", - "PrimitiveType": "Long", + "PrimitiveType": "Integer", "Required": false, "UpdateType": "Mutable" }, @@ -21471,7 +21730,6 @@ "Properties": { "AuthenticationRequestExtraParams": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-authenticationrequestextraparams", - "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, "Type": "Map", @@ -21521,7 +21779,7 @@ }, "SessionTimeout": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-sessiontimeout", - "PrimitiveType": "Long", + "PrimitiveType": "Integer", "Required": false, "UpdateType": "Mutable" }, @@ -21531,6 +21789,12 @@ "Required": true, "UpdateType": "Mutable" }, + "UseExistingClientSecret": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-useexistingclientsecret", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, "UserInfoEndpoint": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-userinfoendpoint", "PrimitiveType": "String", @@ -21711,52 +21975,52 @@ } }, "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html", "Properties": { "Field": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-conditions-field", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-field", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, "HostHeaderConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-hostheaderconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-hostheaderconfig", "Required": false, "Type": "HostHeaderConfig", "UpdateType": "Mutable" }, "HttpHeaderConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httpheaderconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httpheaderconfig", "Required": false, "Type": "HttpHeaderConfig", "UpdateType": "Mutable" }, "HttpRequestMethodConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httprequestmethodconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httprequestmethodconfig", "Required": false, "Type": "HttpRequestMethodConfig", "UpdateType": "Mutable" }, "PathPatternConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-pathpatternconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-pathpatternconfig", "Required": false, "Type": "PathPatternConfig", "UpdateType": "Mutable" }, "QueryStringConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-querystringconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-querystringconfig", "Required": false, "Type": "QueryStringConfig", "UpdateType": "Mutable" }, "SourceIpConfig": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-sourceipconfig", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-sourceipconfig", "Required": false, "Type": "SourceIpConfig", "UpdateType": "Mutable" }, "Values": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html#cfn-elasticloadbalancingv2-listenerrule-conditions-values", + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-values", "DuplicatesAllowed": false, "PrimitiveItemType": "String", "Required": false, @@ -23087,18 +23351,6 @@ } } }, - "AWS::GameLift::GameServerGroup.InstanceDefinitions": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-instancedefinitions.html", - "Properties": { - "InstanceDefinitions": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-instancedefinitions.html#cfn-gamelift-gameservergroup-instancedefinitions-instancedefinitions", - "ItemType": "InstanceDefinition", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::GameLift::GameServerGroup.LaunchTemplate": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-launchtemplate.html", "Properties": { @@ -23122,18 +23374,6 @@ } } }, - "AWS::GameLift::GameServerGroup.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-tags.html#cfn-gamelift-gameservergroup-tags-tags", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-targettrackingconfiguration.html", "Properties": { @@ -23145,18 +23385,6 @@ } } }, - "AWS::GameLift::GameServerGroup.VpcSubnets": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-vpcsubnets.html", - "Properties": { - "VpcSubnets": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gameservergroup-vpcsubnets.html#cfn-gamelift-gameservergroup-vpcsubnets-vpcsubnets", - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::GameLift::GameSessionQueue.Destination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-destination.html", "Properties": { @@ -26257,6 +26485,12 @@ "Required": false, "UpdateType": "Mutable" }, + "ContainerDistributionConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-imagebuilder-distributionconfiguration-distribution.html#cfn-imagebuilder-distributionconfiguration-distribution-containerdistributionconfiguration", + "PrimitiveType": "Json", + "Required": false, + "UpdateType": "Mutable" + }, "LicenseConfigurationArns": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-imagebuilder-distributionconfiguration-distribution.html#cfn-imagebuilder-distributionconfiguration-distribution-licenseconfigurationarns", "PrimitiveItemType": "String", @@ -26472,21 +26706,6 @@ } } }, - "AWS::IoT::Authorizer.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-authorizer-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-authorizer-tags.html#cfn-iot-authorizer-tags-tags", - "ItemType": "Json", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, - "AWS::IoT::Authorizer.TokenSigningPublicKeys": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-authorizer-tokensigningpublickeys.html" - }, "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-domainconfiguration-authorizerconfig.html", "Properties": { @@ -26527,18 +26746,6 @@ } } }, - "AWS::IoT::DomainConfiguration.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-domainconfiguration-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-domainconfiguration-tags.html#cfn-iot-domainconfiguration-tags-tags", - "ItemType": "Json", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-provisioningtemplate-provisioninghook.html", "Properties": { @@ -26556,18 +26763,6 @@ } } }, - "AWS::IoT::ProvisioningTemplate.Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-provisioningtemplate-tags.html", - "Properties": { - "Tags": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-provisioningtemplate-tags.html#cfn-iot-provisioningtemplate-tags-tags", - "ItemType": "Json", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::IoT::Thing.AttributePayload": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-thing-attributepayload.html", "Properties": { @@ -29419,12 +29614,12 @@ "DevAddr": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-abpv10x.html#cfn-iotwireless-wirelessdevice-abpv10x-devaddr", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "SessionKeys": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-abpv10x.html#cfn-iotwireless-wirelessdevice-abpv10x-sessionkeys", - "Required": false, + "Required": true, "Type": "SessionKeysAbpV10X", "UpdateType": "Mutable" } @@ -29436,12 +29631,12 @@ "DevAddr": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-abpv11.html#cfn-iotwireless-wirelessdevice-abpv11-devaddr", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "SessionKeys": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-abpv11.html#cfn-iotwireless-wirelessdevice-abpv11-sessionkeys", - "Required": false, + "Required": true, "Type": "SessionKeysAbpV11", "UpdateType": "Mutable" } @@ -29500,13 +29695,13 @@ "AppEui": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-otaav10x.html#cfn-iotwireless-wirelessdevice-otaav10x-appeui", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "AppKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-otaav10x.html#cfn-iotwireless-wirelessdevice-otaav10x-appkey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -29517,19 +29712,19 @@ "AppKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-otaav11.html#cfn-iotwireless-wirelessdevice-otaav11-appkey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "JoinEui": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-otaav11.html#cfn-iotwireless-wirelessdevice-otaav11-joineui", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "NwkKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-otaav11.html#cfn-iotwireless-wirelessdevice-otaav11-nwkkey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -29540,13 +29735,13 @@ "AppSKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv10x.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv10x-appskey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "NwkSKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv10x.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv10x-nwkskey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -29557,25 +29752,25 @@ "AppSKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv11.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv11-appskey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "FNwkSIntKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv11.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv11-fnwksintkey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "NwkSEncKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv11.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv11-nwksenckey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "SNwkSIntKey": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessdevice-sessionkeysabpv11.html#cfn-iotwireless-wirelessdevice-sessionkeysabpv11-snwksintkey", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -29586,13 +29781,13 @@ "GatewayEui": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessgateway-lorawangateway.html#cfn-iotwireless-wirelessgateway-lorawangateway-gatewayeui", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" }, "RfRegion": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iotwireless-wirelessgateway-lorawangateway.html#cfn-iotwireless-wirelessgateway-lorawangateway-rfregion", "PrimitiveType": "String", - "Required": false, + "Required": true, "UpdateType": "Mutable" } } @@ -30748,18 +30943,6 @@ } } }, - "AWS::Kendra::DataSource.TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-taglist.html", - "Properties": { - "TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-datasource-taglist.html#cfn-kendra-datasource-taglist-taglist", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Kendra::Faq.S3Path": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-faq-s3path.html", "Properties": { @@ -30777,18 +30960,6 @@ } } }, - "AWS::Kendra::Faq.TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-faq-taglist.html", - "Properties": { - "TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-faq-taglist.html#cfn-kendra-faq-taglist-taglist", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Kendra::Index.CapacityUnitsConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-capacityunitsconfiguration.html", "Properties": { @@ -30835,18 +31006,6 @@ } } }, - "AWS::Kendra::Index.DocumentMetadataConfigurationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-documentmetadataconfigurationlist.html", - "Properties": { - "DocumentMetadataConfigurationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-documentmetadataconfigurationlist.html#cfn-kendra-index-documentmetadataconfigurationlist-documentmetadataconfigurationlist", - "ItemType": "DocumentMetadataConfiguration", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-jsontokentypeconfiguration.html", "Properties": { @@ -30986,18 +31145,6 @@ } } }, - "AWS::Kendra::Index.TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-taglist.html", - "Properties": { - "TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-taglist.html#cfn-kendra-index-taglist-taglist", - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Kendra::Index.UserTokenConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-usertokenconfiguration.html", "Properties": { @@ -31015,18 +31162,6 @@ } } }, - "AWS::Kendra::Index.UserTokenConfigurationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-usertokenconfigurationlist.html", - "Properties": { - "UserTokenConfigurationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-usertokenconfigurationlist.html#cfn-kendra-index-usertokenconfigurationlist-usertokenconfigurationlist", - "ItemType": "UserTokenConfiguration", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::Kendra::Index.ValueImportanceItem": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kendra-index-valueimportanceitem.html", "Properties": { @@ -33754,32 +33889,6 @@ } } }, - "AWS::LicenseManager::Grant.AllowedOperationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-allowedoperationlist.html", - "Properties": { - "AllowedOperationList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-allowedoperationlist.html#cfn-licensemanager-grant-allowedoperationlist-allowedoperationlist", - "DuplicatesAllowed": false, - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, - "AWS::LicenseManager::Grant.ArnList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-arnlist.html", - "Properties": { - "ArnList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-arnlist.html#cfn-licensemanager-grant-arnlist-arnlist", - "DuplicatesAllowed": false, - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::Grant.Filter": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-filter.html", "Properties": { @@ -33797,19 +33906,6 @@ } } }, - "AWS::LicenseManager::Grant.FilterList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-filterlist.html", - "Properties": { - "FilterList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-filterlist.html#cfn-licensemanager-grant-filterlist-filterlist", - "DuplicatesAllowed": false, - "ItemType": "Filter", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::Grant.StringList": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-stringlist.html", "Properties": { @@ -33823,32 +33919,6 @@ } } }, - "AWS::LicenseManager::Grant.TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-taglist.html", - "Properties": { - "TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-grant-taglist.html#cfn-licensemanager-grant-taglist-taglist", - "DuplicatesAllowed": false, - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, - "AWS::LicenseManager::License.ArnList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-arnlist.html", - "Properties": { - "ArnList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-arnlist.html#cfn-licensemanager-license-arnlist-arnlist", - "DuplicatesAllowed": false, - "PrimitiveItemType": "String", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::License.BorrowConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-borrowconfiguration.html", "Properties": { @@ -33936,19 +34006,6 @@ } } }, - "AWS::LicenseManager::License.EntitlementList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-entitlementlist.html", - "Properties": { - "EntitlementList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-entitlementlist.html#cfn-licensemanager-license-entitlementlist-entitlementlist", - "DuplicatesAllowed": false, - "ItemType": "Entitlement", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::License.Filter": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-filter.html", "Properties": { @@ -33966,19 +34023,6 @@ } } }, - "AWS::LicenseManager::License.FilterList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-filterlist.html", - "Properties": { - "FilterList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-filterlist.html#cfn-licensemanager-license-filterlist-filterlist", - "DuplicatesAllowed": false, - "ItemType": "Filter", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::License.IssuerData": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-issuerdata.html", "Properties": { @@ -34013,19 +34057,6 @@ } } }, - "AWS::LicenseManager::License.MetadataList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-metadatalist.html", - "Properties": { - "MetadataList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-metadatalist.html#cfn-licensemanager-license-metadatalist-metadatalist", - "DuplicatesAllowed": false, - "ItemType": "Metadata", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::License.ProvisionalConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-provisionalconfiguration.html", "Properties": { @@ -34086,19 +34117,6 @@ } } }, - "AWS::LicenseManager::License.TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-taglist.html", - "Properties": { - "TagList": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-taglist.html#cfn-licensemanager-license-taglist-taglist", - "DuplicatesAllowed": false, - "ItemType": "Tag", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - } - } - }, "AWS::LicenseManager::License.ValidityDateFormat": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-licensemanager-license-validitydateformat.html", "Properties": { @@ -34799,6 +34817,323 @@ } } }, + "AWS::MediaConnect::Flow.Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html", + "Properties": { + "Algorithm": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-algorithm", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ConstantInitializationVector": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-constantinitializationvector", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DeviceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-deviceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-keytype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Region": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-region", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ResourceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-resourceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-secretarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Url": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-encryption.html#cfn-mediaconnect-flow-encryption-url", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::Flow.FailoverConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-failoverconfig.html", + "Properties": { + "RecoveryWindow": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-failoverconfig.html#cfn-mediaconnect-flow-failoverconfig-recoverywindow", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "State": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-failoverconfig.html#cfn-mediaconnect-flow-failoverconfig-state", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::Flow.Source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html", + "Properties": { + "Decryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-decryption", + "Required": false, + "Type": "Encryption", + "UpdateType": "Mutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "EntitlementArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-entitlementarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "IngestIp": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-ingestip", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "IngestPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-ingestport", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxBitrate": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-maxbitrate", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-maxlatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Protocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-protocol", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SourceArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-sourcearn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "StreamId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-streamid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "VpcInterfaceName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-vpcinterfacename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "WhitelistCidr": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flow-source.html#cfn-mediaconnect-flow-source-whitelistcidr", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowEntitlement.Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html", + "Properties": { + "Algorithm": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-algorithm", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ConstantInitializationVector": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-constantinitializationvector", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DeviceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-deviceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-keytype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Region": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-region", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ResourceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-resourceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-secretarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Url": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowentitlement-encryption.html#cfn-mediaconnect-flowentitlement-encryption-url", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowOutput.Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html", + "Properties": { + "Algorithm": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html#cfn-mediaconnect-flowoutput-encryption-algorithm", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html#cfn-mediaconnect-flowoutput-encryption-keytype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html#cfn-mediaconnect-flowoutput-encryption-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-encryption.html#cfn-mediaconnect-flowoutput-encryption-secretarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-vpcinterfaceattachment.html", + "Properties": { + "VpcInterfaceName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowoutput-vpcinterfaceattachment.html#cfn-mediaconnect-flowoutput-vpcinterfaceattachment-vpcinterfacename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowSource.Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html", + "Properties": { + "Algorithm": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-algorithm", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "ConstantInitializationVector": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-constantinitializationvector", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DeviceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-deviceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "KeyType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-keytype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Region": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-region", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ResourceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-resourceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SecretArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-secretarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Url": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconnect-flowsource-encryption.html#cfn-mediaconnect-flowsource-encryption-url", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaConvert::JobTemplate.AccelerationSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediaconvert-jobtemplate-accelerationsettings.html", "Properties": { @@ -34939,6 +35274,17 @@ } } }, + "AWS::MediaLive::Channel.AncillarySourceSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-ancillarysourcesettings.html", + "Properties": { + "SourceAncillaryChannelNumber": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-ancillarysourcesettings.html#cfn-medialive-channel-ancillarysourcesettings-sourceancillarychannelnumber", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.ArchiveContainerSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-archivecontainersettings.html", "Properties": { @@ -34947,6 +35293,12 @@ "Required": false, "Type": "M2tsSettings", "UpdateType": "Mutable" + }, + "RawSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-archivecontainersettings.html#cfn-medialive-channel-archivecontainersettings-rawsettings", + "Required": false, + "Type": "RawSettings", + "UpdateType": "Mutable" } } }, @@ -35048,6 +35400,12 @@ "Required": false, "Type": "PassThroughSettings", "UpdateType": "Mutable" + }, + "WavSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-audiocodecsettings.html#cfn-medialive-channel-audiocodecsettings-wavsettings", + "Required": false, + "Type": "WavSettings", + "UpdateType": "Mutable" } } }, @@ -35236,6 +35594,23 @@ } } }, + "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-audiosilencefailoversettings.html", + "Properties": { + "AudioSelectorName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-audiosilencefailoversettings.html#cfn-medialive-channel-audiosilencefailoversettings-audioselectorname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "AudioSilenceThresholdMsec": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-audiosilencefailoversettings.html#cfn-medialive-channel-audiosilencefailoversettings-audiosilencethresholdmsec", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.AudioTrack": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-audiotrack.html", "Properties": { @@ -35262,6 +35637,19 @@ "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-automaticinputfailoversettings.html", "Properties": { + "ErrorClearTimeMsec": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-automaticinputfailoversettings.html#cfn-medialive-channel-automaticinputfailoversettings-errorcleartimemsec", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "FailoverConditions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-automaticinputfailoversettings.html#cfn-medialive-channel-automaticinputfailoversettings-failoverconditions", + "ItemType": "FailoverCondition", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "InputPreference": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-automaticinputfailoversettings.html#cfn-medialive-channel-automaticinputfailoversettings-inputpreference", "PrimitiveType": "String", @@ -35630,6 +36018,12 @@ "AWS::MediaLive::Channel.CaptionSelectorSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-captionselectorsettings.html", "Properties": { + "AncillarySourceSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-captionselectorsettings.html#cfn-medialive-channel-captionselectorsettings-ancillarysourcesettings", + "Required": false, + "Type": "AncillarySourceSettings", + "UpdateType": "Mutable" + }, "AribSourceSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-captionselectorsettings.html#cfn-medialive-channel-captionselectorsettings-aribsourcesettings", "Required": false, @@ -35668,6 +36062,17 @@ } } }, + "AWS::MediaLive::Channel.CdiInputSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-cdiinputspecification.html", + "Properties": { + "Resolution": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-cdiinputspecification.html#cfn-medialive-channel-cdiinputspecification-resolution", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-colorspacepassthroughsettings.html", "Properties": {} @@ -36113,6 +36518,40 @@ } } }, + "AWS::MediaLive::Channel.FailoverCondition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failovercondition.html", + "Properties": { + "FailoverConditionSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failovercondition.html#cfn-medialive-channel-failovercondition-failoverconditionsettings", + "Required": false, + "Type": "FailoverConditionSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaLive::Channel.FailoverConditionSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failoverconditionsettings.html", + "Properties": { + "AudioSilenceSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failoverconditionsettings.html#cfn-medialive-channel-failoverconditionsettings-audiosilencesettings", + "Required": false, + "Type": "AudioSilenceFailoverSettings", + "UpdateType": "Mutable" + }, + "InputLossSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failoverconditionsettings.html#cfn-medialive-channel-failoverconditionsettings-inputlosssettings", + "Required": false, + "Type": "InputLossFailoverSettings", + "UpdateType": "Mutable" + }, + "VideoBlackSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-failoverconditionsettings.html#cfn-medialive-channel-failoverconditionsettings-videoblacksettings", + "Required": false, + "Type": "VideoBlackFailoverSettings", + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.FeatureActivations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-featureactivations.html", "Properties": { @@ -36953,6 +37392,12 @@ "Required": false, "UpdateType": "Mutable" }, + "DiscontinuityTags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-hlsgroupsettings.html#cfn-medialive-channel-hlsgroupsettings-discontinuitytags", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "EncryptionType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-hlsgroupsettings.html#cfn-medialive-channel-hlsgroupsettings-encryptiontype", "PrimitiveType": "String", @@ -36977,6 +37422,12 @@ "Required": false, "UpdateType": "Mutable" }, + "IncompleteSegmentBehavior": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-hlsgroupsettings.html#cfn-medialive-channel-hlsgroupsettings-incompletesegmentbehavior", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, "IndexNSegments": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-hlsgroupsettings.html#cfn-medialive-channel-hlsgroupsettings-indexnsegments", "PrimitiveType": "Integer", @@ -37378,6 +37829,17 @@ } } }, + "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-inputlossfailoversettings.html", + "Properties": { + "InputLossThresholdMsec": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-inputlossfailoversettings.html#cfn-medialive-channel-inputlossfailoversettings-inputlossthresholdmsec", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.InputSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-inputsettings.html", "Properties": { @@ -37922,6 +38384,118 @@ } } }, + "AWS::MediaLive::Channel.Mpeg2FilterSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2filtersettings.html", + "Properties": { + "TemporalFilterSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2filtersettings.html#cfn-medialive-channel-mpeg2filtersettings-temporalfiltersettings", + "Required": false, + "Type": "TemporalFilterSettings", + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaLive::Channel.Mpeg2Settings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html", + "Properties": { + "AdaptiveQuantization": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-adaptivequantization", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "AfdSignaling": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-afdsignaling", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ColorMetadata": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-colormetadata", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ColorSpace": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-colorspace", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DisplayAspectRatio": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-displayaspectratio", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FilterSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-filtersettings", + "Required": false, + "Type": "Mpeg2FilterSettings", + "UpdateType": "Mutable" + }, + "FixedAfd": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-fixedafd", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FramerateDenominator": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-frameratedenominator", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "FramerateNumerator": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-frameratenumerator", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "GopClosedCadence": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-gopclosedcadence", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "GopNumBFrames": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-gopnumbframes", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "GopSize": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-gopsize", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "GopSizeUnits": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-gopsizeunits", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "ScanType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-scantype", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SubgopLength": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-subgoplength", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "TimecodeInsertion": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mpeg2settings.html#cfn-medialive-channel-mpeg2settings-timecodeinsertion", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-mssmoothgroupsettings.html", "Properties": { @@ -38366,6 +38940,10 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-passthroughsettings.html", "Properties": {} }, + "AWS::MediaLive::Channel.RawSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-rawsettings.html", + "Properties": {} + }, "AWS::MediaLive::Channel.Rec601Settings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-rec601settings.html", "Properties": {} @@ -38405,6 +38983,13 @@ "AWS::MediaLive::Channel.RtmpGroupSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-rtmpgroupsettings.html", "Properties": { + "AdMarkers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-rtmpgroupsettings.html#cfn-medialive-channel-rtmpgroupsettings-admarkers", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "AuthenticationScheme": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-rtmpgroupsettings.html#cfn-medialive-channel-rtmpgroupsettings-authenticationscheme", "PrimitiveType": "String", @@ -38715,6 +39300,23 @@ } } }, + "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-videoblackfailoversettings.html", + "Properties": { + "BlackDetectThreshold": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-videoblackfailoversettings.html#cfn-medialive-channel-videoblackfailoversettings-blackdetectthreshold", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "VideoBlackThresholdMsec": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-videoblackfailoversettings.html#cfn-medialive-channel-videoblackfailoversettings-videoblackthresholdmsec", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.VideoCodecSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-videocodecsettings.html", "Properties": { @@ -38735,6 +39337,12 @@ "Required": false, "Type": "H265Settings", "UpdateType": "Mutable" + }, + "Mpeg2Settings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-videocodecsettings.html#cfn-medialive-channel-videocodecsettings-mpeg2settings", + "Required": false, + "Type": "Mpeg2Settings", + "UpdateType": "Mutable" } } }, @@ -38847,6 +39455,29 @@ } } }, + "AWS::MediaLive::Channel.WavSettings": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-wavsettings.html", + "Properties": { + "BitDepth": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-wavsettings.html#cfn-medialive-channel-wavsettings-bitdepth", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + }, + "CodingMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-wavsettings.html#cfn-medialive-channel-wavsettings-codingmode", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SampleRate": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-wavsettings.html#cfn-medialive-channel-wavsettings-samplerate", + "PrimitiveType": "Double", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaLive::Channel.WebvttDestinationSettings": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-channel-webvttdestinationsettings.html", "Properties": {} @@ -45482,6 +46113,46 @@ } } }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html", + "Properties": { + "Key": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-key", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-value", + "Required": true, + "Type": "AccessControlAttributeValue", + "UpdateType": "Mutable" + } + } + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue.html", + "Properties": { + "Source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue-source", + "Required": true, + "Type": "AccessControlAttributeValueSourceList", + "UpdateType": "Mutable" + } + } + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValueSourceList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevaluesourcelist.html", + "Properties": { + "AccessControlAttributeValueSourceList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevaluesourcelist.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevaluesourcelist-accesscontrolattributevaluesourcelist", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::SageMaker::CodeRepository.GitConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-coderepository-gitconfig.html", "Properties": { @@ -47827,9 +48498,6 @@ } } }, - "AWS::StepFunctions::StateMachine.DefinitionSubstitutions": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachine-definitionsubstitutions.html" - }, "AWS::StepFunctions::StateMachine.LogDestination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachine-logdestination.html", "Properties": { @@ -48098,6 +48766,30 @@ } } }, + "AWS::Transfer::User.PosixProfile": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-posixprofile.html", + "Properties": { + "Gid": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-posixprofile.html#cfn-transfer-user-posixprofile-gid", + "PrimitiveType": "Double", + "Required": true, + "UpdateType": "Mutable" + }, + "SecondaryGids": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-posixprofile.html#cfn-transfer-user-posixprofile-secondarygids", + "PrimitiveItemType": "Double", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Uid": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-transfer-user-posixprofile.html#cfn-transfer-user-posixprofile-uid", + "PrimitiveType": "Double", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::Transfer::User.SshPublicKey": { "PrimitiveType": "String" }, @@ -50227,7 +50919,7 @@ } } }, - "ResourceSpecificationVersion": "22.0.0", + "ResourceSpecificationVersion": "23.0.0", "ResourceTypes": { "AWS::ACMPCA::Certificate": { "Attributes": { @@ -50283,6 +50975,12 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-acmpca-certificateauthority.html", "Properties": { + "CsrExtensions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-acmpca-certificateauthority.html#cfn-acmpca-certificateauthority-csrextensions", + "Required": false, + "Type": "CsrExtensions", + "UpdateType": "Immutable" + }, "KeyAlgorithm": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-acmpca-certificateauthority.html#cfn-acmpca-certificateauthority-keyalgorithm", "PrimitiveType": "String", @@ -51043,6 +51741,11 @@ } }, "AWS::ApiGateway::ClientCertificate": { + "Attributes": { + "ClientCertificateId": { + "PrimitiveType": "String" + } + }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-clientcertificate.html", "Properties": { "Description": { @@ -52092,6 +52795,12 @@ "Required": false, "UpdateType": "Mutable" }, + "ResponseParameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-integration.html#cfn-apigatewayv2-integration-responseparameters", + "PrimitiveType": "Json", + "Required": false, + "UpdateType": "Mutable" + }, "TemplateSelectionExpression": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-integration.html#cfn-apigatewayv2-integration-templateselectionexpression", "PrimitiveType": "String", @@ -54164,8 +54873,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-athena-datacatalog.html#cfn-athena-datacatalog-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "Type": { @@ -54250,8 +54960,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-athena-workgroup.html#cfn-athena-workgroup-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "WorkGroupConfiguration": { @@ -54270,76 +54981,79 @@ }, "AWS::AuditManager::Assessment": { "Attributes": { - "arn": { + "Arn": { "PrimitiveType": "String" }, - "assessmentId": { + "AssessmentId": { "PrimitiveType": "String" }, - "creationTime": { + "CreationTime": { "PrimitiveType": "Double" }, - "delegations": { - "Type": "Delegations" + "Delegations": { + "ItemType": "Delegation", + "Type": "List" }, - "frameworkId": { + "FrameworkId": { "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html", "Properties": { - "assessmentReportsDestination": { + "AssessmentReportsDestination": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-assessmentreportsdestination", "Required": false, "Type": "AssessmentReportsDestination", "UpdateType": "Mutable" }, - "awsAccount": { + "AwsAccount": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-awsaccount", "Required": false, "Type": "AWSAccount", "UpdateType": "Immutable" }, - "description": { + "Description": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-description", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "frameworkId": { + "FrameworkId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-frameworkid", "PrimitiveType": "String", "Required": false, "UpdateType": "Immutable" }, - "name": { + "Name": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-name", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "roles": { + "Roles": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-roles", + "ItemType": "Role", "Required": false, - "Type": "Roles", + "Type": "List", "UpdateType": "Mutable" }, - "scope": { + "Scope": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-scope", "Required": false, "Type": "Scope", "UpdateType": "Mutable" }, - "status": { + "Status": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-status", "PrimitiveType": "String", "Required": false, "UpdateType": "Mutable" }, - "tags": { + "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-auditmanager-assessment.html#cfn-auditmanager-assessment-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" } } @@ -58203,6 +58917,45 @@ } } }, + "AWS::Config::StoredQuery": { + "Attributes": { + "QueryArn": { + "PrimitiveType": "String" + }, + "QueryId": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-storedquery.html", + "Properties": { + "QueryDescription": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-storedquery.html#cfn-config-storedquery-querydescription", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "QueryExpression": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-storedquery.html#cfn-config-storedquery-queryexpression", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "QueryName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-storedquery.html#cfn-config-storedquery-queryname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-storedquery.html#cfn-config-storedquery-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::DAX::Cluster": { "Attributes": { "Arn": { @@ -59090,6 +59843,458 @@ } } }, + "AWS::DataSync::Agent": { + "Attributes": { + "AgentArn": { + "PrimitiveType": "String" + }, + "EndpointType": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html", + "Properties": { + "ActivationKey": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-activationkey", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "AgentName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-agentname", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SecurityGroupArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-securitygrouparns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, + "SubnetArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-subnetarns", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "VpcEndpointId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-agent.html#cfn-datasync-agent-vpcendpointid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationEFS": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html", + "Properties": { + "Ec2Config": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-ec2config", + "Required": true, + "Type": "Ec2Config", + "UpdateType": "Immutable" + }, + "EfsFilesystemArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-efsfilesystemarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-subdirectory", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationefs.html#cfn-datasync-locationefs-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::LocationFSxWindows": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html", + "Properties": { + "Domain": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-domain", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "FsxFilesystemArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-fsxfilesystemarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Password": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-password", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "SecurityGroupArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-securitygrouparns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-subdirectory", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "User": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationfsxwindows.html#cfn-datasync-locationfsxwindows-user", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::LocationNFS": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html", + "Properties": { + "MountOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-mountoptions", + "Required": false, + "Type": "MountOptions", + "UpdateType": "Immutable" + }, + "OnPremConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-onpremconfig", + "Required": true, + "Type": "OnPremConfig", + "UpdateType": "Immutable" + }, + "ServerHostname": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-serverhostname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-subdirectory", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationnfs.html#cfn-datasync-locationnfs-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::LocationObjectStorage": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html", + "Properties": { + "AccessKey": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-accesskey", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "AgentArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-agentarns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "BucketName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-bucketname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "SecretKey": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-secretkey", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "ServerHostname": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-serverhostname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "ServerPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-serverport", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + }, + "ServerProtocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-serverprotocol", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-subdirectory", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::LocationS3": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html", + "Properties": { + "S3BucketArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html#cfn-datasync-locations3-s3bucketarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "S3Config": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html#cfn-datasync-locations3-s3config", + "Required": true, + "Type": "S3Config", + "UpdateType": "Immutable" + }, + "S3StorageClass": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html#cfn-datasync-locations3-s3storageclass", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html#cfn-datasync-locations3-subdirectory", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locations3.html#cfn-datasync-locations3-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::DataSync::LocationSMB": { + "Attributes": { + "LocationArn": { + "PrimitiveType": "String" + }, + "LocationUri": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html", + "Properties": { + "AgentArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-agentarns", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Immutable" + }, + "Domain": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-domain", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "MountOptions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-mountoptions", + "Required": false, + "Type": "MountOptions", + "UpdateType": "Immutable" + }, + "Password": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-password", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "ServerHostname": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-serverhostname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Subdirectory": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-subdirectory", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "User": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-user", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, + "AWS::DataSync::Task": { + "Attributes": { + "DestinationNetworkInterfaceArns": { + "PrimitiveItemType": "String", + "Type": "List" + }, + "ErrorCode": { + "PrimitiveType": "String" + }, + "ErrorDetail": { + "PrimitiveType": "String" + }, + "SourceNetworkInterfaceArns": { + "PrimitiveItemType": "String", + "Type": "List" + }, + "Status": { + "PrimitiveType": "String" + }, + "TaskArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html", + "Properties": { + "CloudWatchLogGroupArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-cloudwatchloggrouparn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "DestinationLocationArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-destinationlocationarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Excludes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-excludes", + "ItemType": "FilterRule", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Options": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-options", + "Required": false, + "Type": "Options", + "UpdateType": "Mutable" + }, + "Schedule": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-schedule", + "Required": false, + "Type": "TaskSchedule", + "UpdateType": "Mutable" + }, + "SourceLocationArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-sourcelocationarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, "AWS::Detective::Graph": { "Attributes": { "Arn": { @@ -59732,8 +60937,10 @@ "Properties": { "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-carriergateway.html#cfn-ec2-carriergateway-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "VpcId": { @@ -60639,8 +61846,10 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-localgatewayroutetablevpcassociation.html#cfn-ec2-localgatewayroutetablevpcassociation-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "VpcId": { @@ -60786,6 +61995,9 @@ }, "Status": { "PrimitiveType": "String" + }, + "StatusMessage": { + "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkinsightsanalysis.html", @@ -60803,12 +62015,6 @@ "Required": true, "UpdateType": "Immutable" }, - "StatusMessage": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkinsightsanalysis.html#cfn-ec2-networkinsightsanalysis-statusmessage", - "PrimitiveType": "String", - "Required": false, - "UpdateType": "Mutable" - }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkinsightsanalysis.html#cfn-ec2-networkinsightsanalysis-tags", "ItemType": "Tag", @@ -62401,6 +63607,7 @@ }, "RepositoryPolicyText": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html#cfn-ecr-publicrepository-repositorypolicytext", + "PrimitiveType": "Json", "Required": false, "UpdateType": "Mutable" } @@ -62440,6 +63647,7 @@ }, "RepositoryPolicyText": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-repositorypolicytext", + "PrimitiveType": "Json", "Required": false, "UpdateType": "Mutable" }, @@ -64053,14 +65261,8 @@ "Arn": { "PrimitiveType": "String" }, - "Authentication": { - "Type": "Authentication" - }, "Status": { "PrimitiveType": "String" - }, - "UserGroupIds": { - "Type": "UserGroupIdList" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-user.html", @@ -64071,6 +65273,12 @@ "Required": false, "UpdateType": "Mutable" }, + "Authentication": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-user.html#cfn-elasticache-user-authentication", + "Required": false, + "Type": "Authentication", + "UpdateType": "Mutable" + }, "Engine": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-user.html#cfn-elasticache-user-engine", "PrimitiveType": "String", @@ -64085,8 +65293,18 @@ }, "Passwords": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-user.html#cfn-elasticache-user-passwords", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "UserGroupIds": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-user.html#cfn-elasticache-user-usergroupids", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "PasswordList", + "Type": "List", "UpdateType": "Mutable" }, "UserId": { @@ -64108,12 +65326,6 @@ "Arn": { "PrimitiveType": "String" }, - "PendingChanges": { - "Type": "UserGroupPendingChanges" - }, - "ReplicationGroupIds": { - "Type": "ReplicationGroupIdList" - }, "Status": { "PrimitiveType": "String" } @@ -64126,6 +65338,20 @@ "Required": true, "UpdateType": "Immutable" }, + "PendingChanges": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-usergroup.html#cfn-elasticache-usergroup-pendingchanges", + "Required": false, + "Type": "UserGroupPendingChanges", + "UpdateType": "Mutable" + }, + "ReplicationGroupIds": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-usergroup.html#cfn-elasticache-usergroup-replicationgroupids", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "UserGroupId": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-usergroup.html#cfn-elasticache-usergroup-usergroupid", "PrimitiveType": "String", @@ -64134,8 +65360,10 @@ }, "UserIds": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-usergroup.html#cfn-elasticache-usergroup-userids", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "UserIdList", + "Type": "List", "UpdateType": "Mutable" } } @@ -64528,6 +65756,14 @@ } }, "AWS::ElasticLoadBalancingV2::ListenerRule": { + "Attributes": { + "IsDefault": { + "PrimitiveType": "Boolean" + }, + "RuleArn": { + "PrimitiveType": "String" + } + }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html", "Properties": { "Actions": { @@ -65610,8 +66846,9 @@ }, "InstanceDefinitions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-gameservergroup.html#cfn-gamelift-gameservergroup-instancedefinitions", + "ItemType": "InstanceDefinition", "Required": true, - "Type": "InstanceDefinitions", + "Type": "List", "UpdateType": "Mutable" }, "LaunchTemplate": { @@ -65640,14 +66877,16 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-gameservergroup.html#cfn-gamelift-gameservergroup-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "VpcSubnets": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-gameservergroup.html#cfn-gamelift-gameservergroup-vpcsubnets", + "PrimitiveItemType": "String", "Required": false, - "Type": "VpcSubnets", + "Type": "List", "UpdateType": "Mutable" } } @@ -68545,8 +69784,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-authorizer.html#cfn-iot-authorizer-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "TokenKeyName": { @@ -68557,8 +69797,9 @@ }, "TokenSigningPublicKeys": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-authorizer.html#cfn-iot-authorizer-tokensigningpublickeys", + "PrimitiveItemType": "String", "Required": false, - "Type": "TokenSigningPublicKeys", + "Type": "Map", "UpdateType": "Mutable" } } @@ -68660,8 +69901,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-domainconfiguration.html#cfn-iot-domainconfiguration-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "ValidationCertificateArn": { @@ -68745,8 +69987,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-provisioningtemplate.html#cfn-iot-provisioningtemplate-tags", + "ItemType": "Tag", "Required": false, - "Type": "Tags", + "Type": "List", "UpdateType": "Mutable" }, "TemplateBody": { @@ -69684,6 +70927,7 @@ }, "KeyPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html#cfn-kms-key-keypolicy", + "PrimitiveType": "Json", "Required": true, "UpdateType": "Mutable" }, @@ -69764,8 +71008,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kendra-datasource.html#cfn-kendra-datasource-tags", + "ItemType": "Tag", "Required": false, - "Type": "TagList", + "Type": "List", "UpdateType": "Mutable" }, "Type": { @@ -69825,8 +71070,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kendra-faq.html#cfn-kendra-faq-tags", + "ItemType": "Tag", "Required": false, - "Type": "TagList", + "Type": "List", "UpdateType": "Mutable" } } @@ -69856,8 +71102,9 @@ }, "DocumentMetadataConfigurations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kendra-index.html#cfn-kendra-index-documentmetadataconfigurations", + "ItemType": "DocumentMetadataConfiguration", "Required": false, - "Type": "DocumentMetadataConfigurationList", + "Type": "List", "UpdateType": "Mutable" }, "Edition": { @@ -69886,8 +71133,9 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kendra-index.html#cfn-kendra-index-tags", + "ItemType": "Tag", "Required": false, - "Type": "TagList", + "Type": "List", "UpdateType": "Mutable" }, "UserContextPolicy": { @@ -69898,8 +71146,9 @@ }, "UserTokenConfigurations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kendra-index.html#cfn-kendra-index-usertokenconfigurations", + "ItemType": "UserTokenConfiguration", "Required": false, - "Type": "UserTokenConfigurationList", + "Type": "List", "UpdateType": "Mutable" } } @@ -70805,8 +72054,10 @@ "Properties": { "AllowedOperations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-allowedoperations", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "AllowedOperationList", + "Type": "List", "UpdateType": "Mutable" }, "ClientToken": { @@ -70817,14 +72068,18 @@ }, "Filters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-filters", + "DuplicatesAllowed": false, + "ItemType": "Filter", "Required": false, - "Type": "FilterList", + "Type": "List", "UpdateType": "Mutable" }, "GrantArns": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-grantarns", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "ArnList", + "Type": "List", "UpdateType": "Mutable" }, "GrantName": { @@ -70841,8 +72096,10 @@ }, "GrantedOperations": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-grantedoperations", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "AllowedOperationList", + "Type": "List", "UpdateType": "Mutable" }, "GranteePrincipalArn": { @@ -70883,8 +72140,10 @@ }, "Principals": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-principals", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "ArnList", + "Type": "List", "UpdateType": "Mutable" }, "SourceVersion": { @@ -70907,8 +72166,10 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-grant.html#cfn-licensemanager-grant-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", "Required": false, - "Type": "TagList", + "Type": "List", "UpdateType": "Mutable" }, "Version": { @@ -70947,14 +72208,18 @@ }, "Entitlements": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-license.html#cfn-licensemanager-license-entitlements", + "DuplicatesAllowed": false, + "ItemType": "Entitlement", "Required": true, - "Type": "EntitlementList", + "Type": "List", "UpdateType": "Mutable" }, "Filters": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-license.html#cfn-licensemanager-license-filters", + "DuplicatesAllowed": false, + "ItemType": "Filter", "Required": false, - "Type": "FilterList", + "Type": "List", "UpdateType": "Mutable" }, "HomeRegion": { @@ -70971,14 +72236,18 @@ }, "LicenseArns": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-license.html#cfn-licensemanager-license-licensearns", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", "Required": false, - "Type": "ArnList", + "Type": "List", "UpdateType": "Mutable" }, "LicenseMetadata": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-license.html#cfn-licensemanager-license-licensemetadata", + "DuplicatesAllowed": false, + "ItemType": "Metadata", "Required": false, - "Type": "MetadataList", + "Type": "List", "UpdateType": "Mutable" }, "LicenseName": { @@ -71025,8 +72294,10 @@ }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-licensemanager-license.html#cfn-licensemanager-license-tags", + "DuplicatesAllowed": false, + "ItemType": "Tag", "Required": false, - "Type": "TagList", + "Type": "List", "UpdateType": "Mutable" }, "Validity": { @@ -71583,6 +72854,312 @@ } } }, + "AWS::MediaConnect::Flow": { + "Attributes": { + "FlowArn": { + "PrimitiveType": "String" + }, + "FlowAvailabilityZone": { + "PrimitiveType": "String" + }, + "IngestIp": { + "PrimitiveType": "String" + }, + "SourceArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html", + "Properties": { + "AvailabilityZone": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html#cfn-mediaconnect-flow-availabilityzone", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html#cfn-mediaconnect-flow-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html#cfn-mediaconnect-flow-source", + "Required": true, + "Type": "Source", + "UpdateType": "Mutable" + }, + "SourceFailoverConfig": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flow.html#cfn-mediaconnect-flow-sourcefailoverconfig", + "Required": false, + "Type": "FailoverConfig", + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowEntitlement": { + "Attributes": { + "EntitlementArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html", + "Properties": { + "DataTransferSubscriberFeePercent": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-datatransfersubscriberfeepercent", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-description", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-encryption", + "Required": false, + "Type": "Encryption", + "UpdateType": "Mutable" + }, + "EntitlementStatus": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-entitlementstatus", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FlowArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-flowarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Subscribers": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowentitlement.html#cfn-mediaconnect-flowentitlement-subscribers", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowOutput": { + "Attributes": { + "OutputArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html", + "Properties": { + "CidrAllowList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-cidrallowlist", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Destination": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-destination", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "Encryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-encryption", + "Required": false, + "Type": "Encryption", + "UpdateType": "Mutable" + }, + "FlowArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-flowarn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "MaxLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-maxlatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-name", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, + "Port": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-port", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Protocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-protocol", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "RemoteId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-remoteid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "SmoothingLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-smoothinglatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "StreamId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-streamid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "VpcInterfaceAttachment": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowoutput.html#cfn-mediaconnect-flowoutput-vpcinterfaceattachment", + "Required": false, + "Type": "VpcInterfaceAttachment", + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowSource": { + "Attributes": { + "IngestIp": { + "PrimitiveType": "String" + }, + "SourceArn": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html", + "Properties": { + "Decryption": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-decryption", + "Required": false, + "Type": "Encryption", + "UpdateType": "Mutable" + }, + "Description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-description", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "EntitlementArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-entitlementarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "FlowArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-flowarn", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "IngestPort": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-ingestport", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxBitrate": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-maxbitrate", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "MaxLatency": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-maxlatency", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Mutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Protocol": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-protocol", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "StreamId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-streamid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "VpcInterfaceName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-vpcinterfacename", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "WhitelistCidr": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowsource.html#cfn-mediaconnect-flowsource-whitelistcidr", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::MediaConnect::FlowVpcInterface": { + "Attributes": { + "FlowArn": { + "PrimitiveType": "String" + }, + "Name": { + "PrimitiveType": "String" + }, + "NetworkInterfaceIds": { + "PrimitiveItemType": "String", + "Type": "List" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowvpcinterface.html", + "Properties": { + "RoleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowvpcinterface.html#cfn-mediaconnect-flowvpcinterface-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "SecurityGroupIds": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowvpcinterface.html#cfn-mediaconnect-flowvpcinterface-securitygroupids", + "PrimitiveItemType": "String", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "SubnetId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mediaconnect-flowvpcinterface.html#cfn-mediaconnect-flowvpcinterface-subnetid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::MediaConvert::JobTemplate": { "Attributes": { "Arn": { @@ -71755,6 +73332,12 @@ }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-channel.html", "Properties": { + "CdiInputSpecification": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-channel.html#cfn-medialive-channel-cdiinputspecification", + "Required": false, + "Type": "CdiInputSpecification", + "UpdateType": "Mutable" + }, "ChannelClass": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-channel.html#cfn-medialive-channel-channelclass", "PrimitiveType": "String", @@ -76343,6 +77926,17 @@ } } }, + "AWS::Route53::DNSSEC": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-dnssec.html", + "Properties": { + "HostedZoneId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-dnssec.html#cfn-route53-dnssec-hostedzoneid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + } + } + }, "AWS::Route53::HealthCheck": { "Attributes": { "HealthCheckId": { @@ -76416,6 +78010,35 @@ } } }, + "AWS::Route53::KeySigningKey": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html", + "Properties": { + "HostedZoneId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-hostedzoneid", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "KeyManagementServiceArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-keymanagementservicearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Status": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-status", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::Route53::RecordSet": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html", "Properties": { @@ -76544,6 +78167,28 @@ } } }, + "AWS::Route53Resolver::ResolverDNSSECConfig": { + "Attributes": { + "Id": { + "PrimitiveType": "String" + }, + "OwnerId": { + "PrimitiveType": "String" + }, + "ValidationStatus": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html", + "Properties": { + "ResourceId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html#cfn-route53resolver-resolverdnssecconfig-resourceid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::Route53Resolver::ResolverEndpoint": { "Attributes": { "Arn": { @@ -77949,17 +79594,24 @@ "AWS::SSO::InstanceAccessControlAttributeConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-instanceaccesscontrolattributeconfiguration.html", "Properties": { + "AccessControlAttributes": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-instanceaccesscontrolattributeconfiguration.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributes", + "ItemType": "AccessControlAttribute", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, "InstanceAccessControlAttributeConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-instanceaccesscontrolattributeconfiguration.html#cfn-sso-instanceaccesscontrolattributeconfiguration-instanceaccesscontrolattributeconfiguration", "PrimitiveType": "Json", - "Required": true, + "Required": false, "UpdateType": "Mutable" }, "InstanceArn": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-instanceaccesscontrolattributeconfiguration.html#cfn-sso-instanceaccesscontrolattributeconfiguration-instancearn", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" } } }, @@ -77979,7 +79631,7 @@ }, "InlinePolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-inlinepolicy", - "PrimitiveType": "String", + "PrimitiveType": "Json", "Required": false, "UpdateType": "Mutable" }, @@ -78120,11 +79772,6 @@ } }, "AWS::SageMaker::Device": { - "Attributes": { - "DeviceFleetName": { - "PrimitiveType": "String" - } - }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-device.html", "Properties": { "Device": { @@ -78134,6 +79781,12 @@ "Type": "Device", "UpdateType": "Mutable" }, + "DeviceFleetName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-device.html#cfn-sagemaker-device-devicefleetname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, "Tags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-device.html#cfn-sagemaker-device-tags", "ItemType": "Json", @@ -78144,11 +79797,6 @@ } }, "AWS::SageMaker::DeviceFleet": { - "Attributes": { - "DeviceFleetName": { - "PrimitiveType": "String" - } - }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-devicefleet.html", "Properties": { "Description": { @@ -78157,6 +79805,12 @@ "Required": false, "UpdateType": "Mutable" }, + "DeviceFleetName": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-devicefleet.html#cfn-sagemaker-devicefleet-devicefleetname", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, "OutputConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-devicefleet.html#cfn-sagemaker-devicefleet-outputconfig", "Required": true, @@ -78498,6 +80152,7 @@ }, "ModelPackageGroupPolicy": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-modelpackagegroup.html#cfn-sagemaker-modelpackagegroup-modelpackagegrouppolicy", + "PrimitiveType": "Json", "Required": false, "UpdateType": "Mutable" }, @@ -79903,8 +81558,9 @@ }, "DefinitionSubstitutions": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-definitionsubstitutions", + "PrimitiveItemType": "String", "Required": false, - "Type": "DefinitionSubstitutions", + "Type": "Map", "UpdateType": "Mutable" }, "LoggingConfiguration": { @@ -80115,6 +81771,12 @@ "Required": false, "UpdateType": "Mutable" }, + "Domain": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-server.html#cfn-transfer-server-domain", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" + }, "EndpointDetails": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-server.html#cfn-transfer-server-endpointdetails", "Required": false, @@ -80206,6 +81868,12 @@ "Required": false, "UpdateType": "Mutable" }, + "PosixProfile": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-user.html#cfn-transfer-user-posixprofile", + "Required": false, + "Type": "PosixProfile", + "UpdateType": "Mutable" + }, "Role": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-user.html#cfn-transfer-user-role", "PrimitiveType": "String", diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json b/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json index 9c032b1062520..41065e7109a19 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_sam.spec.json @@ -955,6 +955,29 @@ } } }, + "AWS::Serverless::LayerVersion.S3Location": { + "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#s3-location-object", + "Properties": { + "Bucket": { + "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Key": { + "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "Version": { + "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction", + "PrimitiveType": "Integer", + "Required": false, + "UpdateType": "Immutable" + } + } + }, "AWS::Serverless::SimpleTable.PrimaryKey": { "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#primary-key-object", "Properties": { @@ -1568,8 +1591,13 @@ }, "ContentUri": { "Documentation": "https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlesslayerversion", - "PrimitiveType": "String", + "PrimitiveTypes": [ + "String" + ], "Required": false, + "Types": [ + "S3Location" + ], "UpdateType": "Immutable" }, "Description": { diff --git a/packages/@aws-cdk/cfnspec/spec-source/500_IoT_ProvisioningTemplate_Tags_CorrectItemType_patch.json b/packages/@aws-cdk/cfnspec/spec-source/500_IoT_ProvisioningTemplate_Tags_CorrectItemType_patch.json deleted file mode 100644 index 4282477502f05..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/500_IoT_ProvisioningTemplate_Tags_CorrectItemType_patch.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "PropertyTypes": { - "AWS::IoT::ProvisioningTemplate.Tags": { - "patch": { - "description": "AWS::IoT::ProvisioningTemplate.Tag.ItemType should have been PrimitiveItemType", - "operations": [ - { - "op": "remove", - "path": "/Properties/Tags/ItemType", - "value": "Json" - }, - { - "op": "add", - "path": "/Properties/Tags/PrimitiveItemType", - "value": "Json" - } - ] - } - } - } -} diff --git a/packages/@aws-cdk/cfnspec/spec-source/570_Athena_Workgroup_Tags_patch.json b/packages/@aws-cdk/cfnspec/spec-source/570_Athena_Workgroup_Tags_patch.json deleted file mode 100644 index 6f9224d738886..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/570_Athena_Workgroup_Tags_patch.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "PropertyTypes": { - "AWS::Athena::WorkGroup.Tags": { - "patch": { - "description": "Corrects tag specification for AWS::Athena::WorkGroup.Tags", - "operations": [ - { - "op": "remove", - "path": "/Properties" - }, - { - "op": "add", - "path": "/ItemType", - "value": "Tag" - }, - { - "op": "add", - "path": "/Required", - "value": false - }, - { - "op": "add", - "path": "/Type", - "value": "List" - }, - { - "op": "add", - "path": "/UpdateType", - "value": "Mutable" - } - ] - } - } - } -} - diff --git a/packages/@aws-cdk/cfnspec/spec-source/610_IoT_Authorizer_Tags_patch.json b/packages/@aws-cdk/cfnspec/spec-source/610_IoT_Authorizer_Tags_patch.json deleted file mode 100644 index 45e189299b113..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/610_IoT_Authorizer_Tags_patch.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "PropertyTypes": { - "AWS::IoT::Authorizer.Tags": { - "patch": { - "description": "Tags is defined as a List whereas it should he List", - "operations": [ - { - "path": "/Properties/Tags/ItemType", - "op": "replace", - "value": "Tag" - } - ] - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/cfnspec/spec-source/690_IoT_DomainConfiguration_Tags_CorrectItemType_patch.json b/packages/@aws-cdk/cfnspec/spec-source/690_IoT_DomainConfiguration_Tags_CorrectItemType_patch.json deleted file mode 100644 index 5ffa659a47b46..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/690_IoT_DomainConfiguration_Tags_CorrectItemType_patch.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "PropertyTypes": { - "AWS::IoT::DomainConfiguration.Tags": { - "patch": { - "description": "AWS::IoT::DomainConfiguration.Tag.ItemType should have been PrimitiveItemType", - "operations": [ - { - "op": "remove", - "path": "/Properties/Tags/ItemType", - "value": "Json" - }, - { - "op": "add", - "path": "/Properties/Tags/PrimitiveItemType", - "value": "Json" - } - ] - } - } - } -} diff --git a/packages/@aws-cdk/cfnspec/spec-source/711_AuditMgr_Assesment_patch.json b/packages/@aws-cdk/cfnspec/spec-source/711_AuditMgr_Assesment_patch.json deleted file mode 100644 index 17c14a9db8bf6..0000000000000 --- a/packages/@aws-cdk/cfnspec/spec-source/711_AuditMgr_Assesment_patch.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "ResourceTypes": { - "patch": { - "description": "Remove the AWS::AuditManager::Assessment resource type", - "operations": [ - { - "op": "remove", - "path": "/AWS::AuditManager::Assessment" - } - ] - } - } -} diff --git a/packages/@aws-cdk/cloud-assembly-schema/lib/assets/docker-image-asset.ts b/packages/@aws-cdk/cloud-assembly-schema/lib/assets/docker-image-asset.ts index ebec6ab166fbb..654e1aa032926 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/lib/assets/docker-image-asset.ts +++ b/packages/@aws-cdk/cloud-assembly-schema/lib/assets/docker-image-asset.ts @@ -23,12 +23,24 @@ export interface DockerImageSource { * The directory containing the Docker image build instructions. * * This path is relative to the asset manifest location. + * + * @default - Exactly one of `directory` and `executable` is required + */ + readonly directory?: string; + + /** + * A command-line executable that returns the name of a local + * Docker image on stdout after being run. + * + * @default - Exactly one of `directory` and `executable` is required */ - readonly directory: string; + readonly executable?: string[]; /** * The name of the file with build instructions * + * Only allowed when `directory` is set. + * * @default "Dockerfile" */ readonly dockerFile?: string; @@ -36,6 +48,8 @@ export interface DockerImageSource { /** * Target build stage in a Dockerfile with multiple build stages * + * Only allowed when `directory` is set. + * * @default - The last stage in the Dockerfile */ readonly dockerBuildTarget?: string; @@ -43,6 +57,8 @@ export interface DockerImageSource { /** * Additional build arguments * + * Only allowed when `directory` is set. + * * @default - No additional build arguments */ readonly dockerBuildArgs?: { [name: string]: string }; diff --git a/packages/@aws-cdk/cloud-assembly-schema/lib/assets/file-asset.ts b/packages/@aws-cdk/cloud-assembly-schema/lib/assets/file-asset.ts index efa6cd4384bbe..58c7e0cc93ebc 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/lib/assets/file-asset.ts +++ b/packages/@aws-cdk/cloud-assembly-schema/lib/assets/file-asset.ts @@ -34,16 +34,27 @@ export enum FileAssetPackaging { * Describe the source of a file asset */ export interface FileSource { + /** + * External command which will produce the file asset to upload. + * + * @default - Exactly one of `executable` and `path` is required. + */ + readonly executable?: string[]; + /** * The filesystem object to upload * * This path is relative to the asset manifest location. + * + * @default - Exactly one of `executable` and `path` is required. */ - readonly path: string; + readonly path?: string; /** * Packaging method * + * Only allowed when `path` is specified. + * * @default FILE */ readonly packaging?: FileAssetPackaging; @@ -62,4 +73,4 @@ export interface FileDestination extends AwsDestination { * The destination object key */ readonly objectKey: string; -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/cloud-assembly-schema/package.json b/packages/@aws-cdk/cloud-assembly-schema/package.json index f14d8ad679b71..e24e4cab83995 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/package.json +++ b/packages/@aws-cdk/cloud-assembly-schema/package.json @@ -66,7 +66,7 @@ "jest": "^26.6.3", "mock-fs": "^4.13.0", "pkglint": "0.0.0", - "typescript-json-schema": "^0.46.0" + "typescript-json-schema": "^0.47.0" }, "repository": { "url": "https://github.com/aws/aws-cdk.git", @@ -83,7 +83,7 @@ "semver" ], "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/cloud-assembly-schema/schema/assets.schema.json b/packages/@aws-cdk/cloud-assembly-schema/schema/assets.schema.json index bbd61aae66813..995a895ad824d 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/schema/assets.schema.json +++ b/packages/@aws-cdk/cloud-assembly-schema/schema/assets.schema.json @@ -53,22 +53,26 @@ "description": "Describe the source of a file asset", "type": "object", "properties": { + "executable": { + "description": "External command which will produce the file asset to upload. (Default - Exactly one of `executable` and `path` is required.)", + "type": "array", + "items": { + "type": "string" + } + }, "path": { - "description": "The filesystem object to upload\n\nThis path is relative to the asset manifest location.", + "description": "The filesystem object to upload\n\nThis path is relative to the asset manifest location. (Default - Exactly one of `executable` and `path` is required.)", "type": "string" }, "packaging": { - "description": "Packaging method (Default FILE)", + "description": "Packaging method\n\nOnly allowed when `path` is specified. (Default FILE)", "enum": [ "file", "zip" ], "type": "string" } - }, - "required": [ - "path" - ] + } }, "FileDestination": { "description": "Where in S3 a file asset needs to be published", @@ -126,28 +130,32 @@ "type": "object", "properties": { "directory": { - "description": "The directory containing the Docker image build instructions.\n\nThis path is relative to the asset manifest location.", + "description": "The directory containing the Docker image build instructions.\n\nThis path is relative to the asset manifest location. (Default - Exactly one of `directory` and `executable` is required)", "type": "string" }, + "executable": { + "description": "A command-line executable that returns the name of a local\nDocker image on stdout after being run. (Default - Exactly one of `directory` and `executable` is required)", + "type": "array", + "items": { + "type": "string" + } + }, "dockerFile": { - "description": "The name of the file with build instructions (Default Dockerfile)", + "description": "The name of the file with build instructions\n\nOnly allowed when `directory` is set. (Default Dockerfile)", "type": "string" }, "dockerBuildTarget": { - "description": "Target build stage in a Dockerfile with multiple build stages (Default - The last stage in the Dockerfile)", + "description": "Target build stage in a Dockerfile with multiple build stages\n\nOnly allowed when `directory` is set. (Default - The last stage in the Dockerfile)", "type": "string" }, "dockerBuildArgs": { - "description": "Additional build arguments (Default - No additional build arguments)", + "description": "Additional build arguments\n\nOnly allowed when `directory` is set. (Default - No additional build arguments)", "type": "object", "additionalProperties": { "type": "string" } } - }, - "required": [ - "directory" - ] + } }, "DockerImageDestination": { "description": "Where to publish docker images", diff --git a/packages/@aws-cdk/cloud-assembly-schema/schema/cloud-assembly.version.json b/packages/@aws-cdk/cloud-assembly-schema/schema/cloud-assembly.version.json index bdc5a9f306dec..e6bb766b23585 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/schema/cloud-assembly.version.json +++ b/packages/@aws-cdk/cloud-assembly-schema/schema/cloud-assembly.version.json @@ -1 +1 @@ -{"version":"7.0.0"} \ No newline at end of file +{"version":"8.0.0"} diff --git a/packages/@aws-cdk/cloud-assembly-schema/test/assets.test.ts b/packages/@aws-cdk/cloud-assembly-schema/test/assets.test.ts index 62aebfa26e6ee..24ddd465484b7 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/test/assets.test.ts +++ b/packages/@aws-cdk/cloud-assembly-schema/test/assets.test.ts @@ -21,6 +21,18 @@ describe('Docker image asset', () => { }, }, }, + externalAsset: { + source: { + executable: ['sometool'], + }, + destinations: { + dest: { + region: 'us-north-20', + repositoryName: 'REPO', + imageTag: 'TAG', + }, + }, + }, }, }); }).not.toThrow(); @@ -32,12 +44,18 @@ describe('Docker image asset', () => { version: Manifest.version(), dockerImages: { asset: { + source: { + directory: true, + }, + destinations: {}, + }, + externalAsset: { source: {}, destinations: {}, }, }, }); - }).toThrow(/instance\.dockerImages\.asset\.source requires property \"directory\"/); + }).toThrow(/instance\.dockerImages\.asset\.source\.directory is not of a type\(s\) string/); }); }); @@ -60,6 +78,18 @@ describe('File asset', () => { }, }, }, + externalAsset: { + source: { + executable: ['sometool'], + }, + destinations: { + dest: { + region: 'us-north-20', + bucketName: 'Bouquet', + objectKey: 'key', + }, + }, + }, }, }); }).not.toThrow(); @@ -109,6 +139,18 @@ describe('File asset', () => { }, }, }, + externalAsset: { + source: { + executable: ['sometool'], + }, + destinations: { + dest: { + region: 'us-north-20', + bucketName: 'Bouquet', + objectKey: 'key', + }, + }, + }, }, }); }).toThrow(/instance\.files\.asset\.source\.path is not of a type\(s\) string/); @@ -149,4 +191,4 @@ function validate(manifest: any) { fs.unlinkSync(filePath); fs.rmdirSync(dir); } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 7179ae4210672..c317644bef177 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -49,7 +49,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index a697d0d80b041..6241f01c2e4b7 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -83,6 +83,7 @@ "@aws-cdk/aws-appstream": "0.0.0", "@aws-cdk/aws-appsync": "0.0.0", "@aws-cdk/aws-athena": "0.0.0", + "@aws-cdk/aws-auditmanager": "0.0.0", "@aws-cdk/aws-autoscaling": "0.0.0", "@aws-cdk/aws-autoscalingplans": "0.0.0", "@aws-cdk/aws-backup": "0.0.0", @@ -110,6 +111,7 @@ "@aws-cdk/aws-config": "0.0.0", "@aws-cdk/aws-databrew": "0.0.0", "@aws-cdk/aws-datapipeline": "0.0.0", + "@aws-cdk/aws-datasync": "0.0.0", "@aws-cdk/aws-dax": "0.0.0", "@aws-cdk/aws-detective": "0.0.0", "@aws-cdk/aws-devopsguru": "0.0.0", @@ -161,6 +163,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-macie": "0.0.0", "@aws-cdk/aws-managedblockchain": "0.0.0", + "@aws-cdk/aws-mediaconnect": "0.0.0", "@aws-cdk/aws-mediaconvert": "0.0.0", "@aws-cdk/aws-medialive": "0.0.0", "@aws-cdk/aws-mediapackage": "0.0.0", @@ -224,6 +227,7 @@ "@aws-cdk/aws-appstream": "0.0.0", "@aws-cdk/aws-appsync": "0.0.0", "@aws-cdk/aws-athena": "0.0.0", + "@aws-cdk/aws-auditmanager": "0.0.0", "@aws-cdk/aws-autoscaling": "0.0.0", "@aws-cdk/aws-autoscalingplans": "0.0.0", "@aws-cdk/aws-backup": "0.0.0", @@ -251,6 +255,7 @@ "@aws-cdk/aws-config": "0.0.0", "@aws-cdk/aws-databrew": "0.0.0", "@aws-cdk/aws-datapipeline": "0.0.0", + "@aws-cdk/aws-datasync": "0.0.0", "@aws-cdk/aws-dax": "0.0.0", "@aws-cdk/aws-detective": "0.0.0", "@aws-cdk/aws-devopsguru": "0.0.0", @@ -302,6 +307,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-macie": "0.0.0", "@aws-cdk/aws-managedblockchain": "0.0.0", + "@aws-cdk/aws-mediaconnect": "0.0.0", "@aws-cdk/aws-mediaconvert": "0.0.0", "@aws-cdk/aws-medialive": "0.0.0", "@aws-cdk/aws-mediapackage": "0.0.0", @@ -371,7 +377,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/core/README.md b/packages/@aws-cdk/core/README.md index 3b013f3ff990e..8c5ce270d8dc1 100644 --- a/packages/@aws-cdk/core/README.md +++ b/packages/@aws-cdk/core/README.md @@ -843,3 +843,11 @@ IAM operator, we need it in the *key* of a `StringEquals` condition. JSON keys *must be* strings, so to circumvent this limitation, we use `CfnJson` to "delay" the rendition of this template section to deploy-time. This means that the value of `StringEquals` in the template will be `{ "Fn::GetAtt": [ "ConditionJson", "Value" ] }`, and will only "expand" to the operator we synthesized during deployment. + +### Stack Resource Limit + +When deploying to AWS CloudFormation, it needs to keep in check the amount of resources being added inside a Stack. Currently it's possible to check the limits in the [AWS CloudFormation quotas](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html) page. + +It's possible to synthesize the project with more Resources than the allowed (or even reduce the number of Resources). + +Set the context key `@aws-cdk/core:stackResourceLimit` with the proper value, being 0 for disable the limit of resources. diff --git a/packages/@aws-cdk/core/lib/assets.ts b/packages/@aws-cdk/core/lib/assets.ts index 17d3b9d93e53f..d992546dbfdb3 100644 --- a/packages/@aws-cdk/core/lib/assets.ts +++ b/packages/@aws-cdk/core/lib/assets.ts @@ -106,17 +106,30 @@ export interface FileAssetSource { */ readonly sourceHash: string; + /** + * An external command that will produce the packaged asset. + * + * The command should produce the location of a ZIP file on `stdout`. + * + * @default - Exactly one of `directory` and `executable` is required + */ + readonly executable?: string[]; + /** * The path, relative to the root of the cloud assembly, in which this asset * source resides. This can be a path to a file or a directory, dependning on the * packaging type. + * + * @default - Exactly one of `directory` and `executable` is required */ - readonly fileName: string; + readonly fileName?: string; /** * Which type of packaging to perform. + * + * @default - Required if `fileName` is specified. */ - readonly packaging: FileAssetPackaging; + readonly packaging?: FileAssetPackaging; } export interface DockerImageAssetSource { @@ -130,11 +143,22 @@ export interface DockerImageAssetSource { */ readonly sourceHash: string; + /** + * An external command that will produce the packaged asset. + * + * The command should produce the name of a local Docker image on `stdout`. + * + * @default - Exactly one of `directoryName` and `executable` is required + */ + readonly executable?: string[]; + /** * The directory where the Dockerfile is stored, must be relative * to the cloud assembly root. + * + * @default - Exactly one of `directoryName` and `executable` is required */ - readonly directoryName: string; + readonly directoryName?: string; /** * Build args to pass to the `docker build` command. @@ -143,6 +167,8 @@ export interface DockerImageAssetSource { * values cannot refer to unresolved tokens (such as `lambda.functionArn` or * `queue.queueUrl`). * + * Only allowed when `directoryName` is specified. + * * @default - no build args are passed */ readonly dockerBuildArgs?: { [key: string]: string }; @@ -150,6 +176,8 @@ export interface DockerImageAssetSource { /** * Docker target to build to * + * Only allowed when `directoryName` is specified. + * * @default - no target */ readonly dockerBuildTarget?: string; @@ -157,6 +185,8 @@ export interface DockerImageAssetSource { /** * Path to the Dockerfile (relative to the directory). * + * Only allowed when `directoryName` is specified. + * * @default - no file */ readonly dockerFile?: string; diff --git a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts index 6c66166513c42..ff38c78f3597b 100644 --- a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts +++ b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts @@ -1,16 +1,16 @@ -import * as cxschema from '@aws-cdk/cloud-assembly-schema'; -import * as cxapi from '@aws-cdk/cx-api'; import * as fs from 'fs'; import * as path from 'path'; +import * as cxschema from '@aws-cdk/cloud-assembly-schema'; +import * as cxapi from '@aws-cdk/cx-api'; import { DockerImageAssetLocation, DockerImageAssetSource, FileAssetLocation, FileAssetPackaging, FileAssetSource } from '../assets'; import { Fn } from '../cfn-fn'; import { CfnParameter } from '../cfn-parameter'; import { CfnRule } from '../cfn-rule'; import { Stack } from '../stack'; import { Token } from '../token'; +import { assertBound, contentHash } from './_shared'; import { StackSynthesizer } from './stack-synthesizer'; import { ISynthesisSession } from './types'; -import { assertBound, contentHash } from './_shared'; export const BOOTSTRAP_QUALIFIER_CONTEXT = '@aws-cdk/core:bootstrapQualifier'; @@ -289,12 +289,15 @@ export class DefaultStackSynthesizer extends StackSynthesizer { public addFileAsset(asset: FileAssetSource): FileAssetLocation { assertBound(this.stack); assertBound(this.bucketName); + validateFileAssetSource(asset); + const objectKey = this.bucketPrefix + asset.sourceHash + (asset.packaging === FileAssetPackaging.ZIP_DIRECTORY ? '.zip' : ''); // Add to manifest this.files[asset.sourceHash] = { source: { path: asset.fileName, + executable: asset.executable, packaging: asset.packaging, }, destinations: { @@ -325,12 +328,14 @@ export class DefaultStackSynthesizer extends StackSynthesizer { public addDockerImageAsset(asset: DockerImageAssetSource): DockerImageAssetLocation { assertBound(this.stack); assertBound(this.repositoryName); + validateDockerImageAssetSource(asset); const imageTag = asset.sourceHash; // Add to manifest this.dockerImages[asset.sourceHash] = { source: { + executable: asset.executable, directory: asset.directoryName, dockerBuildArgs: asset.dockerBuildArgs, dockerBuildTarget: asset.dockerBuildTarget, @@ -566,3 +571,29 @@ function range(startIncl: number, endExcl: number) { } return ret; } + +function validateFileAssetSource(asset: FileAssetSource) { + if (!!asset.executable === !!asset.fileName) { + throw new Error(`Exactly one of 'fileName' or 'executable' is required, got: ${JSON.stringify(asset)}`); + } + + if (!!asset.packaging !== !!asset.fileName) { + throw new Error(`'packaging' is expected in combination with 'fileName', got: ${JSON.stringify(asset)}`); + } +} + +function validateDockerImageAssetSource(asset: DockerImageAssetSource) { + if (!!asset.executable === !!asset.directoryName) { + throw new Error(`Exactly one of 'directoryName' or 'executable' is required, got: ${JSON.stringify(asset)}`); + } + + check('dockerBuildArgs'); + check('dockerBuildTarget'); + check('dockerFile'); + + function check(key: K) { + if (asset[key] && !asset.directoryName) { + throw new Error(`'${key}' is only allowed in combination with 'directoryName', got: ${JSON.stringify(asset)}`); + } + } +} diff --git a/packages/@aws-cdk/core/lib/stack-synthesizers/legacy.ts b/packages/@aws-cdk/core/lib/stack-synthesizers/legacy.ts index 9575089e0adf5..6044edef0a9ba 100644 --- a/packages/@aws-cdk/core/lib/stack-synthesizers/legacy.ts +++ b/packages/@aws-cdk/core/lib/stack-synthesizers/legacy.ts @@ -121,6 +121,10 @@ export class LegacyStackSynthesizer extends StackSynthesizer { // only add every image (identified by source hash) once for each stack that uses it. if (!this.addedImageAssets.has(assetId)) { + if (!asset.directoryName) { + throw new Error(`LegacyStackSynthesizer does not support this type of file asset: ${JSON.stringify(asset)}`); + } + const metadata: cxschema.ContainerImageAssetMetadataEntry = { repositoryName, imageTag, @@ -150,6 +154,10 @@ export class LegacyStackSynthesizer extends StackSynthesizer { if (!params) { params = new FileAssetParameters(this.assetParameters, asset.sourceHash); + if (!asset.fileName || !asset.packaging) { + throw new Error(`LegacyStackSynthesizer does not support this type of file asset: ${JSON.stringify(asset)}`); + } + const metadata: cxschema.FileAssetMetadataEntry = { path: asset.fileName, id: asset.sourceHash, diff --git a/packages/@aws-cdk/core/lib/stack.ts b/packages/@aws-cdk/core/lib/stack.ts index 38fe5f99af808..7a9819679c1d3 100644 --- a/packages/@aws-cdk/core/lib/stack.ts +++ b/packages/@aws-cdk/core/lib/stack.ts @@ -22,8 +22,12 @@ import { makeUniqueId } from './private/uniqueid'; const STACK_SYMBOL = Symbol.for('@aws-cdk/core.Stack'); const MY_STACK_CACHE = Symbol.for('@aws-cdk/core.Stack.myStack'); +export const STACK_RESOURCE_LIMIT_CONTEXT = '@aws-cdk/core:stackResourceLimit'; + const VALID_STACK_NAME_REGEX = /^[A-Za-z][A-Za-z0-9-]*$/; +const MAX_RESOURCES = 500; + export interface StackProps { /** * A description of the stack. @@ -748,6 +752,17 @@ export class Stack extends Construct implements ITaggable { // write the CloudFormation template as a JSON file const outPath = path.join(builder.outdir, this.templateFile); + + if (this.maxResources > 0) { + const resources = template.Resources || {}; + const numberOfResources = Object.keys(resources).length; + + if (numberOfResources > this.maxResources) { + throw new Error(`Number of resources: ${numberOfResources} is greater than allowed maximum of ${this.maxResources}`); + } else if (numberOfResources >= (this.maxResources * 0.8)) { + Annotations.of(this).addInfo(`Number of resources: ${numberOfResources} is approaching allowed maximum of ${this.maxResources}`); + } + } fs.writeFileSync(outPath, JSON.stringify(template, undefined, 2)); for (const ctx of this._missingContext) { @@ -902,6 +917,16 @@ export class Stack extends Construct implements ITaggable { }; } + /** + * Maximum number of resources in the stack + * + * Set to 0 to mean "unlimited". + */ + private get maxResources(): number { + const contextLimit = this.node.tryGetContext(STACK_RESOURCE_LIMIT_CONTEXT); + return contextLimit !== undefined ? parseInt(contextLimit, 10) : MAX_RESOURCES; + } + /** * Check whether this stack has a (transitive) dependency on another stack * diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index b24326e58d238..c7162a5e3f31a 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -214,7 +214,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awscdkio": { diff --git a/packages/@aws-cdk/core/test/stack.test.ts b/packages/@aws-cdk/core/test/stack.test.ts index ee6fe6de474b0..dfd701961a2e0 100644 --- a/packages/@aws-cdk/core/test/stack.test.ts +++ b/packages/@aws-cdk/core/test/stack.test.ts @@ -46,6 +46,68 @@ nodeunitShim({ test.done(); }, + 'when stackResourceLimit is default, should give error'(test: Test) { + // GIVEN + const app = new App({}); + + const stack = new Stack(app, 'MyStack'); + + // WHEN + for (let index = 0; index < 1000; index++) { + new CfnResource(stack, `MyResource-${index}`, { type: 'MyResourceType' }); + } + + test.throws(() => { + app.synth(); + }, 'Number of resources: 1000 is greater than allowed maximum of 500'); + + test.done(); + }, + + 'when stackResourceLimit is defined, should give the proper error'(test: Test) { + // GIVEN + const app = new App({ + context: { + '@aws-cdk/core:stackResourceLimit': 100, + }, + }); + + const stack = new Stack(app, 'MyStack'); + + // WHEN + for (let index = 0; index < 200; index++) { + new CfnResource(stack, `MyResource-${index}`, { type: 'MyResourceType' }); + } + + test.throws(() => { + app.synth(); + }, 'Number of resources: 200 is greater than allowed maximum of 100'); + + test.done(); + }, + + 'when stackResourceLimit is 0, should not give error'(test: Test) { + // GIVEN + const app = new App({ + context: { + '@aws-cdk/core:stackResourceLimit': 0, + }, + }); + + const stack = new Stack(app, 'MyStack'); + + // WHEN + for (let index = 0; index < 1000; index++) { + new CfnResource(stack, `MyResource-${index}`, { type: 'MyResourceType' }); + } + + test.doesNotThrow(() => { + app.synth(); + }); + + test.done(); + }, + 'stack.templateOptions can be used to set template-level options'(test: Test) { const stack = new Stack(); diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index 85ec98a49236d..71e4ed01390f8 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -81,7 +81,7 @@ "@types/aws-lambda": "^8.10.64", "@types/fs-extra": "^8.1.1", "@types/sinon": "^9.0.9", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", @@ -113,7 +113,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "awslint": { diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 499c8e3438fe8..c91607b587eb0 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -80,6 +80,15 @@ export const SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME = '@aws-cdk/aws-secretsmana */ export const KMS_DEFAULT_KEY_POLICIES = '@aws-cdk/aws-kms:defaultKeyPolicies'; +/** + * Change the old 's3:PutObject*' permission to 's3:PutObject' on Bucket, + * as the former includes 's3:PutObjectAcl', + * which allows changing the visibility of an object written to the Bucket. + * Use a feature flag to make sure existing customers who might be relying + * on the overly-broad permissions are not broken. + */ +export const S3_GRANT_WRITE_WITHOUT_ACL = '@aws-cdk/aws-s3:grantWriteWithoutAcl'; + /** * This map includes context keys and values for feature flags that enable * capabilities "from the future", which we could not introduce as the default @@ -100,6 +109,7 @@ export const FUTURE_FLAGS = { [DOCKER_IGNORE_SUPPORT]: true, [SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME]: true, [KMS_DEFAULT_KEY_POLICIES]: true, + [S3_GRANT_WRITE_WITHOUT_ACL]: true, // We will advertise this flag when the feature is complete // [NEW_STYLE_STACK_SYNTHESIS_CONTEXT]: 'true', @@ -117,6 +127,7 @@ const FUTURE_FLAGS_DEFAULTS: { [key: string]: boolean } = { [DOCKER_IGNORE_SUPPORT]: false, [SECRETS_MANAGER_PARSE_OWNED_SECRET_NAME]: false, [KMS_DEFAULT_KEY_POLICIES]: false, + [S3_GRANT_WRITE_WITHOUT_ACL]: false, }; export function futureFlagDefault(flag: string): boolean { diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json index e21884db8398c..248d5118d7f53 100644 --- a/packages/@aws-cdk/cx-api/package.json +++ b/packages/@aws-cdk/cx-api/package.json @@ -88,7 +88,7 @@ "semver" ], "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/example-construct-library/package.json b/packages/@aws-cdk/example-construct-library/package.json index 826d9b02e1b8b..4299e4b45bca1 100644 --- a/packages/@aws-cdk/example-construct-library/package.json +++ b/packages/@aws-cdk/example-construct-library/package.json @@ -92,7 +92,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/lambda-layer-awscli/package.json b/packages/@aws-cdk/lambda-layer-awscli/package.json index 44e7ed826958f..8b9cb0ffdb65e 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/package.json +++ b/packages/@aws-cdk/lambda-layer-awscli/package.json @@ -83,7 +83,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/lambda-layer-kubectl/package.json b/packages/@aws-cdk/lambda-layer-kubectl/package.json index 3b7c09f51e0af..a1a5a7d7b6e63 100644 --- a/packages/@aws-cdk/lambda-layer-kubectl/package.json +++ b/packages/@aws-cdk/lambda-layer-kubectl/package.json @@ -89,7 +89,7 @@ "constructs": "10.0.0-pre.5" }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/pipelines/package.json b/packages/@aws-cdk/pipelines/package.json index 59af9ff1fe5cf..507a60267d194 100644 --- a/packages/@aws-cdk/pipelines/package.json +++ b/packages/@aws-cdk/pipelines/package.json @@ -79,7 +79,7 @@ "delivery" ], "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "license": "Apache-2.0", "stability": "experimental", diff --git a/packages/@aws-cdk/region-info/package.json b/packages/@aws-cdk/region-info/package.json index 9db12073061e5..d0a1744c7cfee 100644 --- a/packages/@aws-cdk/region-info/package.json +++ b/packages/@aws-cdk/region-info/package.json @@ -72,7 +72,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index 873f32ac59a96..34b5c0f72363c 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -82,7 +82,7 @@ "jest": true }, "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "experimental", "maturity": "experimental", diff --git a/packages/@monocdk-experiment/rewrite-imports/package.json b/packages/@monocdk-experiment/rewrite-imports/package.json index 874cb01ecc201..8da599c16cc53 100644 --- a/packages/@monocdk-experiment/rewrite-imports/package.json +++ b/packages/@monocdk-experiment/rewrite-imports/package.json @@ -52,6 +52,6 @@ "stability": "experimental", "maturity": "developer-preview", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" } } diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 61826d7af01c7..d9e1b2e2d6aec 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -116,6 +116,7 @@ "@aws-cdk/aws-appstream": "0.0.0", "@aws-cdk/aws-appsync": "0.0.0", "@aws-cdk/aws-athena": "0.0.0", + "@aws-cdk/aws-auditmanager": "0.0.0", "@aws-cdk/aws-autoscaling": "0.0.0", "@aws-cdk/aws-autoscaling-common": "0.0.0", "@aws-cdk/aws-autoscaling-hooktargets": "0.0.0", @@ -149,6 +150,7 @@ "@aws-cdk/aws-config": "0.0.0", "@aws-cdk/aws-databrew": "0.0.0", "@aws-cdk/aws-datapipeline": "0.0.0", + "@aws-cdk/aws-datasync": "0.0.0", "@aws-cdk/aws-dax": "0.0.0", "@aws-cdk/aws-detective": "0.0.0", "@aws-cdk/aws-devopsguru": "0.0.0", @@ -211,6 +213,7 @@ "@aws-cdk/aws-logs-destinations": "0.0.0", "@aws-cdk/aws-macie": "0.0.0", "@aws-cdk/aws-managedblockchain": "0.0.0", + "@aws-cdk/aws-mediaconnect": "0.0.0", "@aws-cdk/aws-mediaconvert": "0.0.0", "@aws-cdk/aws-medialive": "0.0.0", "@aws-cdk/aws-mediapackage": "0.0.0", @@ -287,7 +290,7 @@ }, "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "keywords": [ "aws", diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index 64b542ed4b2fd..d17a38e62f923 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -115,6 +115,9 @@ $ cdk synth $ # Synthesize cloud assembly for StackName, but don't include dependencies $ cdk synth MyStackName --exclusively + +$ # Synthesize cloud assembly for StackName, but don't cloudFormation template output to STDOUT +$ cdk synth MyStackName --quiet ``` See the [AWS Documentation](https://docs.aws.amazon.com/cdk/latest/guide/apps.html#apps_cloud_assembly) to learn more about cloud assemblies. diff --git a/packages/aws-cdk/bin/cdk.ts b/packages/aws-cdk/bin/cdk.ts index e305da55164e5..d14e53892354a 100644 --- a/packages/aws-cdk/bin/cdk.ts +++ b/packages/aws-cdk/bin/cdk.ts @@ -68,7 +68,8 @@ async function parseCommandLineArguments() { .option('long', { type: 'boolean', default: false, alias: 'l', desc: 'Display environment information for each stack' }), ) .command(['synthesize [STACKS..]', 'synth [STACKS..]'], 'Synthesizes and prints the CloudFormation template for this stack', yargs => yargs - .option('exclusively', { type: 'boolean', alias: 'e', desc: 'Only synthesize requested stacks, don\'t include dependencies' })) + .option('exclusively', { type: 'boolean', alias: 'e', desc: 'Only synthesize requested stacks, don\'t include dependencies' }) + .option('quiet', { type: 'boolean', alias: 'q', desc: 'Do not output CloudFormation Template to stdout', default: false })) .command('bootstrap [ENVIRONMENTS..]', 'Deploys the CDK toolkit stack into an AWS environment', yargs => yargs .option('bootstrap-bucket-name', { type: 'string', alias: ['b', 'toolkit-bucket-name'], desc: 'The name of the CDK toolkit bucket; bucket will be created and must not exist', default: undefined }) .option('bootstrap-kms-key-id', { type: 'string', desc: 'AWS KMS master key ID used for the SSE-KMS encryption', default: undefined, conflicts: 'bootstrap-customer-key' }) @@ -328,7 +329,7 @@ async function initCommandLine() { case 'synthesize': case 'synth': - return cli.synth(args.STACKS, args.exclusively); + return cli.synth(args.STACKS, args.exclusively, args.quiet); case 'metadata': return cli.metadata(args.STACK); diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index c0ae230879a80..c3e8c649eaa7b 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -295,12 +295,15 @@ export class CdkToolkit { * OUTPUT: If more than one stack ends up being selected, an output directory * should be supplied, where the templates will be written. */ - public async synth(stackNames: string[], exclusively: boolean): Promise { + public async synth(stackNames: string[], exclusively: boolean, quiet: boolean): Promise { const stacks = await this.selectStacksForDiff(stackNames, exclusively); // if we have a single stack, print it to STDOUT if (stacks.stackCount === 1) { - return stacks.firstStack.template; + if (!quiet) { + return stacks.firstStack.template; + } + return undefined; } // This is a slight hack; in integ mode we allow multiple stacks to be synthesized to stdout sequentially. diff --git a/packages/aws-cdk/lib/init-templates/v1/app/python/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/app/python/.template.gitignore index 383cdd5040f7e..58505a0211c74 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/python/.template.gitignore +++ b/packages/aws-cdk/lib/init-templates/v1/app/python/.template.gitignore @@ -3,6 +3,7 @@ package-lock.json __pycache__ .pytest_cache .env +.venv *.egg-info # CDK asset staging directory diff --git a/packages/aws-cdk/lib/settings.ts b/packages/aws-cdk/lib/settings.ts index 0663d021f63d3..f61d2ebd270da 100644 --- a/packages/aws-cdk/lib/settings.ts +++ b/packages/aws-cdk/lib/settings.ts @@ -98,7 +98,8 @@ export class Configuration { this.context = new Context( this.commandLineContext, this.projectConfig.subSettings([CONTEXT_KEY]).makeReadOnly(), - this.projectContext); + this.projectContext, + userConfig.subSettings([CONTEXT_KEY]).makeReadOnly()); // Build settings from what's left this.settings = this.defaultConfig diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index aea264fdb46b3..eb1351446e05e 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -74,11 +74,11 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "archiver": "^5.2.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "camelcase": "^6.2.0", "cdk-assets": "0.0.0", "colors": "^1.4.0", - "decamelize": "^4.0.0", + "decamelize": "^5.0.0", "fs-extra": "^9.0.1", "glob": "^7.1.6", "json-diff": "^0.5.4", @@ -103,7 +103,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "stability": "stable", "maturity": "stable" diff --git a/packages/aws-cdk/test/cdk-toolkit.test.ts b/packages/aws-cdk/test/cdk-toolkit.test.ts index caf3e6cc83257..9266d9bc10646 100644 --- a/packages/aws-cdk/test/cdk-toolkit.test.ts +++ b/packages/aws-cdk/test/cdk-toolkit.test.ts @@ -138,6 +138,16 @@ describe('deploy', () => { }); }); +describe('synth', () => { + test('with no stdout option', async () => { + // GIVE + const toolkit = defaultToolkitSetup(); + + // THEN + await expect(toolkit.synth(['Test-Stack-A'], false, true)).resolves.toBeUndefined(); + }); +}); + class MockStack { public static readonly MOCK_STACK_A: TestStackArtifact = { stackName: 'Test-Stack-A', diff --git a/packages/aws-cdk/test/usersettings.test.ts b/packages/aws-cdk/test/usersettings.test.ts new file mode 100644 index 0000000000000..948b3b3f907bc --- /dev/null +++ b/packages/aws-cdk/test/usersettings.test.ts @@ -0,0 +1,72 @@ +import * as os from 'os'; +import * as fs_path from 'path'; +import * as fs from 'fs-extra'; +import { mocked } from 'ts-jest/utils'; +import { Configuration, PROJECT_CONFIG, PROJECT_CONTEXT } from '../lib/settings'; + +// mock fs deeply +jest.mock('fs-extra'); +const mockedFs = mocked(fs, true); + +const USER_CONFIG = fs_path.join(os.homedir(), '.cdk.json'); + +test('load settings from both files if available', async () => { + // GIVEN + const GIVEN_CONFIG: Map = new Map([ + [PROJECT_CONFIG, { + project: 'foobar', + }], + [USER_CONFIG, { + project: 'foo', + test: 'bar', + }], + ]); + + // WHEN + mockedFs.pathExists.mockImplementation(path => { + return GIVEN_CONFIG.has(path); + }); + mockedFs.readJSON.mockImplementation(path => { + return GIVEN_CONFIG.get(path); + }); + + const config = await new Configuration().load(); + + // THEN + expect(config.settings.get(['project'])).toBe('foobar'); + expect(config.settings.get(['test'])).toBe('bar'); +}); + +test('load context from all 3 files if available', async () => { + // GIVEN + const GIVEN_CONFIG: Map = new Map([ + [PROJECT_CONFIG, { + context: { + project: 'foobar', + }, + }], + [PROJECT_CONTEXT, { + foo: 'bar', + }], + [USER_CONFIG, { + context: { + test: 'bar', + }, + }], + ]); + + // WHEN + mockedFs.pathExists.mockImplementation(path => { + return GIVEN_CONFIG.has(path); + }); + mockedFs.readJSON.mockImplementation(path => { + return GIVEN_CONFIG.get(path); + }); + + const config = await new Configuration().load(); + + // THEN + expect(config.context.get('project')).toBe('foobar'); + expect(config.context.get('foo')).toBe('bar'); + expect(config.context.get('test')).toBe('bar'); +}); \ No newline at end of file diff --git a/packages/awslint/package.json b/packages/awslint/package.json index 7e9ed60a7b4b3..14b68795adfba 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -48,6 +48,6 @@ "maturity": "developer-preview", "stability": "experimental", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" } } diff --git a/packages/cdk-assets/README.md b/packages/cdk-assets/README.md index 2eb10ae621947..c40afcd00c42d 100644 --- a/packages/cdk-assets/README.md +++ b/packages/cdk-assets/README.md @@ -28,6 +28,7 @@ Currently the following asset types are supported: * Files and archives, uploaded to S3 * Docker Images, uploaded to ECR +* Files, archives, and Docker images built by external utilities S3 buckets and ECR repositories to upload to are expected to exist already. @@ -41,6 +42,13 @@ itself in the following behaviors: image in the local Docker cache) already exists named after the asset's ID, it will not be packaged, but will be uploaded directly to the destination location. + +For assets build by external utilities, the contract is such that cdk-assets +expects the utility to manage dedupe detection as well as path/image tag generation. +This means that cdk-assets will call the external utility every time generation +is warranted, and it is up to the utility to a) determine whether to do a +full rebuild; and b) to return only one thing on stdout: the path to the file/archive +asset, or the name of the local Docker image. ## Usage @@ -82,6 +90,19 @@ An asset manifest looks like this: } } }, + "3dfe2b80b050e7e4e168f84feff678d4": { + "source": { + "executable": ["myzip"] + }, + "destinations": { + "us-east-1": { + "region": "us-east-1", + "assumeRoleArn": "arn:aws:iam::12345789012:role/my-account", + "bucketName": "MySpecialBucket", + "objectKey": "3dfe2b80b050e7e4e168f84feff678d4.zip" + } + } + }, }, "dockerImages": { "b48783c58a86f7b8c68a4591c4f9be31": { @@ -97,6 +118,20 @@ An asset manifest looks like this: "imageUri": "123456789012.dkr.ecr.us-east-1.amazonaws.com/MyRepository:1234567891b48783c58a86f7b8c68a4591c4f9be31", } } + }, + "d92753c58a86f7b8c68a4591c4f9cf28": { + "source": { + "executable": ["mytool", "package", "dockerdir"], + }, + "destinations": { + "us-east-1": { + "region": "us-east-1", + "assumeRoleArn": "arn:aws:iam::12345789012:role/my-account", + "repositoryName": "MyRepository2", + "imageTag": "d92753c58a86f7b8c68a4591c4f9cf28", + "imageUri": "123456789987.dkr.ecr.us-east-1.amazonaws.com/MyRepository2:1234567891b48783c58a86f7b8c68a4591c4f9be31", + } + } } } } diff --git a/packages/cdk-assets/lib/private/handlers/container-images.ts b/packages/cdk-assets/lib/private/handlers/container-images.ts index bd755a52f139b..a3b6756ecb18d 100644 --- a/packages/cdk-assets/lib/private/handlers/container-images.ts +++ b/packages/cdk-assets/lib/private/handlers/container-images.ts @@ -1,73 +1,128 @@ import * as path from 'path'; +import { DockerImageDestination } from '@aws-cdk/cloud-assembly-schema'; import { DockerImageManifestEntry } from '../../asset-manifest'; import { EventType } from '../../progress'; import { IAssetHandler, IHandlerHost } from '../asset-handler'; import { Docker } from '../docker'; import { replaceAwsPlaceholders } from '../placeholders'; +import { shell } from '../shell'; export class ContainerImageAssetHandler implements IAssetHandler { - private readonly localTagName: string; private readonly docker = new Docker(m => this.host.emitMessage(EventType.DEBUG, m)); constructor( private readonly workDir: string, private readonly asset: DockerImageManifestEntry, private readonly host: IHandlerHost) { - - this.localTagName = `cdkasset-${this.asset.id.assetId.toLowerCase()}`; } public async publish(): Promise { const destination = await replaceAwsPlaceholders(this.asset.destination, this.host.aws); - const ecr = await this.host.aws.ecrClient(destination); - const account = (await this.host.aws.discoverCurrentAccount()).accountId; - const repoUri = await repositoryUri(ecr, destination.repositoryName); + if (!repoUri) { throw new Error(`No ECR repository named '${destination.repositoryName}' in account ${account}. Is this account bootstrapped?`); } const imageUri = `${repoUri}:${destination.imageTag}`; - this.host.emitMessage(EventType.CHECK, `Check ${imageUri}`); - if (await imageExists(ecr, destination.repositoryName, destination.imageTag)) { - this.host.emitMessage(EventType.FOUND, `Found ${imageUri}`); - return; - } - + if (await this.destinationAlreadyExists(ecr, destination, imageUri)) { return; } if (this.host.aborted) { return; } // Login before build so that the Dockerfile can reference images in the ECR repo await this.docker.login(ecr); - await this.buildImage(); + + const localTagName = this.asset.source.executable + ? await this.buildExternalAsset(this.asset.source.executable) + : await this.buildDirectoryAsset(); + + if (localTagName === undefined || this.host.aborted) { + return; + } this.host.emitMessage(EventType.UPLOAD, `Push ${imageUri}`); if (this.host.aborted) { return; } - await this.docker.tag(this.localTagName, imageUri); + await this.docker.tag(localTagName, imageUri); await this.docker.push(imageUri); } - private async buildImage(): Promise { - if (await this.docker.exists(this.localTagName)) { - this.host.emitMessage(EventType.CACHED, `Cached ${this.localTagName}`); - return; + /** + * Build a (local) Docker asset from a directory with a Dockerfile + * + * Tags under a deterministic, unique, local identifier wich will skip + * the build if it already exists. + */ + private async buildDirectoryAsset(): Promise { + const localTagName = `cdkasset-${this.asset.id.assetId.toLowerCase()}`; + + if (!(await this.isImageCached(localTagName))) { + if (this.host.aborted) { return undefined; } + + await this.buildImage(localTagName); + } + + return localTagName; + } + + /** + * Build a (local) Docker asset by running an external command + * + * External command is responsible for deduplicating the build if possible, + * and is expected to return the generated image identifier on stdout. + */ + private async buildExternalAsset(executable: string[]): Promise { + this.host.emitMessage(EventType.BUILD, `Building Docker image using command '${executable}'`); + if (this.host.aborted) { return undefined; } + + return (await shell(executable, { quiet: true })).trim(); + } + + + /** + * Check whether the image already exists in the ECR repo + * + * Use the fields from the destination to do the actual check. The imageUri + * should correspond to that, but is only used to print Docker image location + * for user benefit (the format is slightly different). + */ + private async destinationAlreadyExists(ecr: AWS.ECR, destination: DockerImageDestination, imageUri: string): Promise { + this.host.emitMessage(EventType.CHECK, `Check ${imageUri}`); + if (await imageExists(ecr, destination.repositoryName, destination.imageTag)) { + this.host.emitMessage(EventType.FOUND, `Found ${imageUri}`); + return true; } + return false; + } + + private async buildImage(localTagName: string): Promise { const source = this.asset.source; + if (!source.directory) { + throw new Error(`'directory' is expected in the DockerImage asset source, got: ${JSON.stringify(source)}`); + } const fullPath = path.resolve(this.workDir, source.directory); this.host.emitMessage(EventType.BUILD, `Building Docker image at ${fullPath}`); await this.docker.build({ directory: fullPath, - tag: this.localTagName, + tag: localTagName, buildArgs: source.dockerBuildArgs, target: source.dockerBuildTarget, file: source.dockerFile, }); } + + private async isImageCached(localTagName: string): Promise { + if (await this.docker.exists(localTagName)) { + this.host.emitMessage(EventType.CACHED, `Cached ${localTagName}`); + return true; + } + + return false; + } } async function imageExists(ecr: AWS.ECR, repositoryName: string, imageTag: string) { @@ -93,4 +148,4 @@ async function repositoryUri(ecr: AWS.ECR, repositoryName: string): Promise { - const source = this.asset.source; - const fullPath = path.resolve(this.workDir, this.asset.source.path); + private async packageFile(source: FileSource): Promise { + if (!source.path) { + throw new Error(`'path' is expected in the File asset source, got: ${JSON.stringify(source)}`); + } + + const fullPath = path.resolve(this.workDir, source.path); if (source.packaging === FileAssetPackaging.ZIP_DIRECTORY) { + const contentType = 'application/zip'; + await fs.mkdir(this.fileCacheRoot, { recursive: true }); - const ret = path.join(this.fileCacheRoot, `${this.asset.id.assetId}.zip`); + const packagedPath = path.join(this.fileCacheRoot, `${this.asset.id.assetId}.zip`); - if (await pathExists(ret)) { - this.host.emitMessage(EventType.CACHED, `From cache ${ret}`); - return ret; + if (await pathExists(packagedPath)) { + this.host.emitMessage(EventType.CACHED, `From cache ${path}`); + return { packagedPath, contentType }; } - this.host.emitMessage(EventType.BUILD, `Zip ${fullPath} -> ${ret}`); - await zipDirectory(fullPath, ret); - return ret; + this.host.emitMessage(EventType.BUILD, `Zip ${fullPath} -> ${path}`); + await zipDirectory(fullPath, packagedPath); + return { packagedPath, contentType }; } else { - return fullPath; + return { packagedPath: fullPath }; } } + + private async externalPackageFile(executable: string[]): Promise { + this.host.emitMessage(EventType.BUILD, `Building asset source using command: '${executable}'`); + + return { + packagedPath: (await shell(executable, { quiet: true })).trim(), + contentType: 'application/zip', + }; + } } enum BucketOwnership { @@ -109,3 +124,21 @@ async function objectExists(s3: AWS.S3, bucket: string, key: string) { const response = await s3.listObjectsV2({ Bucket: bucket, Prefix: key, MaxKeys: 1 }).promise(); return response.Contents != null && response.Contents.some(object => object.Key === key); } + + +/** + * A packaged asset which can be uploaded (either a single file or directory) + */ +interface PackagedFileAsset { + /** + * Path of the file or directory + */ + readonly packagedPath: string; + + /** + * Content type to be added in the S3 upload action + * + * @default - No content type + */ + readonly contentType?: string; +} diff --git a/packages/cdk-assets/lib/private/handlers/index.ts b/packages/cdk-assets/lib/private/handlers/index.ts index 2e4d406ce5b0b..97ec7354279df 100644 --- a/packages/cdk-assets/lib/private/handlers/index.ts +++ b/packages/cdk-assets/lib/private/handlers/index.ts @@ -12,4 +12,4 @@ export function makeAssetHandler(manifest: AssetManifest, asset: IManifestEntry, } throw new Error(`Unrecognized asset type: '${asset}'`); -} \ No newline at end of file +} diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index f5f6f12a4bf09..6968bb005fd02 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -47,7 +47,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "archiver": "^5.2.0", - "aws-sdk": "^2.824.0", + "aws-sdk": "^2.828.0", "glob": "^7.1.6", "yargs": "^16.2.0" }, @@ -62,7 +62,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "cdk-package": { "shrinkWrap": true diff --git a/packages/cdk-assets/test/docker-images.test.ts b/packages/cdk-assets/test/docker-images.test.ts index 3f0aeaabf474c..3b608a1e63ffe 100644 --- a/packages/cdk-assets/test/docker-images.test.ts +++ b/packages/cdk-assets/test/docker-images.test.ts @@ -9,6 +9,8 @@ import { mockSpawn } from './mock-child_process'; let aws: ReturnType; const absoluteDockerPath = '/simple/cdk.out/dockerdir'; beforeEach(() => { + jest.resetAllMocks(); + mockfs({ '/simple/cdk.out/assets.json': JSON.stringify({ version: Manifest.version(), @@ -28,6 +30,24 @@ beforeEach(() => { }, }, }), + '/external/cdk.out/assets.json': JSON.stringify({ + version: Manifest.version(), + dockerImages: { + theExternalAsset: { + source: { + executable: ['sometool'], + }, + destinations: { + theDestination: { + region: 'us-north-50', + assumeRoleArn: 'arn:aws:role', + repositoryName: 'repo', + imageTag: 'ghijkl', + }, + }, + }, + }, + }), '/simple/cdk.out/dockerdir/Dockerfile': 'FROM scratch', '/abs/cdk.out/assets.json': JSON.stringify({ version: Manifest.version(), @@ -92,7 +112,7 @@ describe('with a complete manifest', () => { ], }); - mockSpawn( + const expectAllSpawns = mockSpawn( { commandLine: ['docker', 'login', '--username', 'user', '--password-stdin', 'https://proxy.com/'] }, { commandLine: ['docker', 'inspect', 'cdkasset-theasset'] }, { commandLine: ['docker', 'tag', 'cdkasset-theasset', '12345.amazonaws.com/repo:abcdef'] }, @@ -100,6 +120,9 @@ describe('with a complete manifest', () => { ); await pub.publish(); + + expectAllSpawns(); + expect(true).toBeTruthy(); // Expect no exception, satisfy linter }); test('build and upload docker image if not exists anywhere', async () => { @@ -110,7 +133,7 @@ describe('with a complete manifest', () => { ], }); - mockSpawn( + const expectAllSpawns = mockSpawn( { commandLine: ['docker', 'login', '--username', 'user', '--password-stdin', 'https://proxy.com/'] }, { commandLine: ['docker', 'inspect', 'cdkasset-theasset'], exitCode: 1 }, { commandLine: ['docker', 'build', '--tag', 'cdkasset-theasset', '.'], cwd: absoluteDockerPath }, @@ -119,6 +142,41 @@ describe('with a complete manifest', () => { ); await pub.publish(); + + expectAllSpawns(); + expect(true).toBeTruthy(); // Expect no exception, satisfy linter + }); +}); + +describe('external assets', () => { + let pub: AssetPublishing; + const externalTag = 'external:tag'; + beforeEach(() => { + pub = new AssetPublishing(AssetManifest.fromPath('/external/cdk.out'), { aws }); + }); + + test('upload externally generated Docker image', async () => { + aws.mockEcr.describeImages = mockedApiFailure('ImageNotFoundException', 'File does not exist'); + aws.mockEcr.getAuthorizationToken = mockedApiResult({ + authorizationData: [ + { authorizationToken: 'dXNlcjpwYXNz', proxyEndpoint: 'https://proxy.com/' }, + ], + }); + + const expectAllSpawns = mockSpawn( + { commandLine: ['docker', 'login', '--username', 'user', '--password-stdin', 'https://proxy.com/'] }, + { commandLine: ['sometool'], stdout: externalTag }, + { commandLine: ['docker', 'tag', externalTag, '12345.amazonaws.com/repo:ghijkl'] }, + { commandLine: ['docker', 'push', '12345.amazonaws.com/repo:ghijkl'] }, + ); + + await pub.publish(); + + expect(aws.ecrClient).toHaveBeenCalledWith(expect.objectContaining({ + region: 'us-north-50', + assumeRoleArn: 'arn:aws:role', + })); + expectAllSpawns(); }); }); @@ -132,7 +190,7 @@ test('correctly identify Docker directory if path is absolute', async () => { ], }); - mockSpawn( + const expectAllSpawns = mockSpawn( // Only care about the 'build' command line { commandLine: ['docker', 'login'], prefix: true }, { commandLine: ['docker', 'inspect'], exitCode: 1, prefix: true }, @@ -142,4 +200,7 @@ test('correctly identify Docker directory if path is absolute', async () => { ); await pub.publish(); + + expect(true).toBeTruthy(); // Expect no exception, satisfy linter + expectAllSpawns(); }); diff --git a/packages/cdk-assets/test/files.test.ts b/packages/cdk-assets/test/files.test.ts index e8c7247ef7f42..42cb8a71c05ad 100644 --- a/packages/cdk-assets/test/files.test.ts +++ b/packages/cdk-assets/test/files.test.ts @@ -1,10 +1,17 @@ +jest.mock('child_process'); + import { Manifest } from '@aws-cdk/cloud-assembly-schema'; import * as mockfs from 'mock-fs'; import { AssetManifest, AssetPublishing } from '../lib'; import { mockAws, mockedApiResult, mockUpload } from './mock-aws'; +import { mockSpawn } from './mock-child_process'; + +const ABS_PATH = '/simple/cdk.out/some_external_file'; let aws: ReturnType; beforeEach(() => { + jest.resetAllMocks(); + mockfs({ '/simple/cdk.out/assets.json': JSON.stringify({ version: Manifest.version(), @@ -25,6 +32,7 @@ beforeEach(() => { }, }), '/simple/cdk.out/some_file': 'FILE_CONTENTS', + [ABS_PATH]: 'FILE_CONTENTS', '/abs/cdk.out/assets.json': JSON.stringify({ version: Manifest.version(), files: { @@ -36,7 +44,25 @@ beforeEach(() => { theDestination: { region: 'us-north-50', assumeRoleArn: 'arn:aws:role', - bucketName: 'some_bucket', + bucketName: 'some_other_bucket', + objectKey: 'some_key', + }, + }, + }, + }, + }), + '/external/cdk.out/assets.json': JSON.stringify({ + version: Manifest.version(), + files: { + externalAsset: { + source: { + executable: ['sometool'], + }, + destinations: { + theDestination: { + region: 'us-north-50', + assumeRoleArn: 'arn:aws:role', + bucketName: 'some_external_bucket', objectKey: 'some_key', }, }, @@ -127,4 +153,40 @@ test('correctly identify asset path if path is absolute', async () => { aws.mockS3.upload = mockUpload('FILE_CONTENTS'); await pub.publish(); + + expect(true).toBeTruthy(); // No exception, satisfy linter +}); + +describe('external assets', () => { + let pub: AssetPublishing; + beforeEach(() => { + pub = new AssetPublishing(AssetManifest.fromPath('/external/cdk.out'), { aws }); + }); + + test('do nothing if file exists already', async () => { + aws.mockS3.listObjectsV2 = mockedApiResult({ Contents: [{ Key: 'some_key' }] }); + + await pub.publish(); + + expect(aws.mockS3.listObjectsV2).toHaveBeenCalledWith(expect.objectContaining({ + Bucket: 'some_external_bucket', + Prefix: 'some_key', + MaxKeys: 1, + })); + }); + + test('upload external asset correctly', async () => { + aws.mockS3.listObjectsV2 = mockedApiResult({ Contents: undefined }); + aws.mockS3.upload = mockUpload('FILE_CONTENTS'); + const expectAllSpawns = mockSpawn({ commandLine: ['sometool'], stdout: ABS_PATH }); + + await pub.publish(); + + expect(aws.s3Client).toHaveBeenCalledWith(expect.objectContaining({ + region: 'us-north-50', + assumeRoleArn: 'arn:aws:role', + })); + + expectAllSpawns(); + }); }); diff --git a/packages/cdk-assets/test/mock-child_process.ts b/packages/cdk-assets/test/mock-child_process.ts index da0fd27d08fe6..2cb513e24fff7 100644 --- a/packages/cdk-assets/test/mock-child_process.ts +++ b/packages/cdk-assets/test/mock-child_process.ts @@ -17,7 +17,7 @@ export interface Invocation { prefix?: boolean; } -export function mockSpawn(...invocations: Invocation[]) { +export function mockSpawn(...invocations: Invocation[]): () => void { let mock = (child_process.spawn as any); for (const _invocation of invocations) { const invocation = _invocation; // Mirror into variable for closure @@ -42,7 +42,7 @@ export function mockSpawn(...invocations: Invocation[]) { child.stderr = new events.EventEmitter(); if (invocation.stdout) { - mockEmit(child.stdout, 'data', invocation.stdout); + mockEmit(child.stdout, 'data', Buffer.from(invocation.stdout)); } mockEmit(child, 'close', invocation.exitCode ?? 0); @@ -53,6 +53,10 @@ export function mockSpawn(...invocations: Invocation[]) { mock.mockImplementation((binary: string, args: string[], _options: any) => { throw new Error(`Did not expect call of ${JSON.stringify([binary, ...args])}`); }); + + return () => { + expect(mock).toHaveBeenCalledTimes(invocations.length); + }; } /** diff --git a/packages/decdk/package.json b/packages/decdk/package.json index a22066a22e5e4..27ba890f8f0a9 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -46,6 +46,7 @@ "@aws-cdk/aws-appstream": "0.0.0", "@aws-cdk/aws-appsync": "0.0.0", "@aws-cdk/aws-athena": "0.0.0", + "@aws-cdk/aws-auditmanager": "0.0.0", "@aws-cdk/aws-autoscaling": "0.0.0", "@aws-cdk/aws-autoscaling-common": "0.0.0", "@aws-cdk/aws-autoscaling-hooktargets": "0.0.0", @@ -79,6 +80,7 @@ "@aws-cdk/aws-config": "0.0.0", "@aws-cdk/aws-databrew": "0.0.0", "@aws-cdk/aws-datapipeline": "0.0.0", + "@aws-cdk/aws-datasync": "0.0.0", "@aws-cdk/aws-dax": "0.0.0", "@aws-cdk/aws-detective": "0.0.0", "@aws-cdk/aws-devopsguru": "0.0.0", @@ -141,6 +143,7 @@ "@aws-cdk/aws-logs-destinations": "0.0.0", "@aws-cdk/aws-macie": "0.0.0", "@aws-cdk/aws-managedblockchain": "0.0.0", + "@aws-cdk/aws-mediaconnect": "0.0.0", "@aws-cdk/aws-mediaconvert": "0.0.0", "@aws-cdk/aws-medialive": "0.0.0", "@aws-cdk/aws-mediapackage": "0.0.0", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index b0efee31b2f60..27803e34806af 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -119,6 +119,7 @@ "@aws-cdk/aws-appstream": "0.0.0", "@aws-cdk/aws-appsync": "0.0.0", "@aws-cdk/aws-athena": "0.0.0", + "@aws-cdk/aws-auditmanager": "0.0.0", "@aws-cdk/aws-autoscaling": "0.0.0", "@aws-cdk/aws-autoscaling-common": "0.0.0", "@aws-cdk/aws-autoscaling-hooktargets": "0.0.0", @@ -152,6 +153,7 @@ "@aws-cdk/aws-config": "0.0.0", "@aws-cdk/aws-databrew": "0.0.0", "@aws-cdk/aws-datapipeline": "0.0.0", + "@aws-cdk/aws-datasync": "0.0.0", "@aws-cdk/aws-dax": "0.0.0", "@aws-cdk/aws-detective": "0.0.0", "@aws-cdk/aws-devopsguru": "0.0.0", @@ -214,6 +216,7 @@ "@aws-cdk/aws-logs-destinations": "0.0.0", "@aws-cdk/aws-macie": "0.0.0", "@aws-cdk/aws-managedblockchain": "0.0.0", + "@aws-cdk/aws-mediaconnect": "0.0.0", "@aws-cdk/aws-mediaconvert": "0.0.0", "@aws-cdk/aws-medialive": "0.0.0", "@aws-cdk/aws-mediapackage": "0.0.0", @@ -290,7 +293,7 @@ }, "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "keywords": [ "aws", diff --git a/scripts/check-api-compatibility.sh b/scripts/check-api-compatibility.sh index e49d684e8b98c..8c260d248f02e 100755 --- a/scripts/check-api-compatibility.sh +++ b/scripts/check-api-compatibility.sh @@ -55,15 +55,22 @@ if ! ${SKIP_DOWNLOAD:-false}; then existing_names=$(echo "$jsii_package_dirs" | xargs -n1 -P4 -I {} bash -c 'dirs_to_existing_names "$@"' _ {}) echo " Done." >&2 - current_version=$(node -p 'require("./lerna.json").version') - echo "Current version in lerna.json is $current_version" - if ! ${DOWNLOAD_LATEST:-false} && package_exists_on_npm aws-cdk $current_version; then - echo "Using package version ${current_version} as baseline" - existing_names=$(echo "$existing_names" | sed -e "s/$/@$current_version/") - else - echo "However, using the latest version from NPM as the baseline" + version=$(node -p 'require("./scripts/resolve-version.js").version') + echo "Current version is $version." + + if ! package_exists_on_npm aws-cdk $version; then + # occurs within a release PR where the version is bumped but is not yet published to npm. + if [ -z ${NPM_DISTTAG:-} ]; then + echo "env variable NPM_DISTTAG is not set. Failing." + exit 1 + fi + echo "Current version not published. Setting version to NPM_DISTTAG (${NPM_DISTTAG})." + version=$NPM_DISTTAG fi + echo "Using version '$version' as the baseline..." + existing_names=$(echo "$existing_names" | sed -e "s/$/@$version/") + rm -rf $tmpdir mkdir -p $tmpdir diff --git a/tools/cdk-build-tools/bin/cdk-build.ts b/tools/cdk-build-tools/bin/cdk-build.ts index d745de50aa2be..b4a5b38542292 100644 --- a/tools/cdk-build-tools/bin/cdk-build.ts +++ b/tools/cdk-build-tools/bin/cdk-build.ts @@ -26,9 +26,14 @@ async function main() { }) .option('gen', { type: 'boolean', - desc: 'execute gen script', + desc: 'Execute gen script', default: true, }) + .option('fix', { + type: 'boolean', + desc: 'Fix linter errors', + default: false, + }) .argv; const options = cdkBuildOptions(); @@ -46,7 +51,7 @@ async function main() { const overrides: CompilerOverrides = { eslint: args.eslint, jsii: args.jsii, tsc: args.tsc }; await compileCurrentPackage(options, timers, overrides); - await lintCurrentPackage(options, overrides); + await lintCurrentPackage(options, { ...overrides, fix: args.fix }); if (options.post) { await shell(options.post, { timers, env }); diff --git a/tools/cdk-build-tools/config/eslintrc.js b/tools/cdk-build-tools/config/eslintrc.js index 63608e69161a3..446af2c2e2ff4 100644 --- a/tools/cdk-build-tools/config/eslintrc.js +++ b/tools/cdk-build-tools/config/eslintrc.js @@ -42,6 +42,7 @@ module.exports = { ignorePatterns: ['*.js', '*.d.ts', 'node_modules/', '*.generated.ts'], rules: { 'cdk/no-core-construct': [ 'error' ], + 'cdk/no-qualified-construct': [ 'error' ], // Require use of the `import { foo } from 'bar';` form instead of `import foo = require('bar');` '@typescript-eslint/no-require-imports': ['error'], '@typescript-eslint/indent': ['error', 2], diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index 226ba63a75b81..e43def68cf890 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -67,7 +67,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "ubergen": { "exclude": true diff --git a/tools/cdk-integ-tools/package.json b/tools/cdk-integ-tools/package.json index 8685d8435f8dc..f5ce70a844cf5 100644 --- a/tools/cdk-integ-tools/package.json +++ b/tools/cdk-integ-tools/package.json @@ -48,7 +48,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "peerDependencies": { "@aws-cdk/assert": "0.0.0" diff --git a/tools/cfn2ts/package.json b/tools/cfn2ts/package.json index 785d1a52c18b0..f808cfaabe092 100644 --- a/tools/cfn2ts/package.json +++ b/tools/cfn2ts/package.json @@ -49,7 +49,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "ubergen": { "exclude": true diff --git a/tools/eslint-plugin-cdk/lib/index.ts b/tools/eslint-plugin-cdk/lib/index.ts index aae510df35d54..94eef4dd8f57f 100644 --- a/tools/eslint-plugin-cdk/lib/index.ts +++ b/tools/eslint-plugin-cdk/lib/index.ts @@ -1,3 +1,4 @@ export const rules = { 'no-core-construct': require('./rules/no-core-construct'), + 'no-qualified-construct': require('./rules/no-qualified-construct'), }; diff --git a/tools/eslint-plugin-cdk/lib/private/import-cache.ts b/tools/eslint-plugin-cdk/lib/private/import-cache.ts index 7d78b2a421e93..04325645fdb5d 100644 --- a/tools/eslint-plugin-cdk/lib/private/import-cache.ts +++ b/tools/eslint-plugin-cdk/lib/private/import-cache.ts @@ -29,6 +29,10 @@ export class ImportCache { public find(key: ImportCacheKey): ImportCacheRecord | undefined { return this.records[hashed(key)]; } + + public get imports(): ImportCacheRecord[] { + return Object.values(this.records); + } } function hashed(key: {}): string { diff --git a/tools/eslint-plugin-cdk/lib/rules/no-qualified-construct.ts b/tools/eslint-plugin-cdk/lib/rules/no-qualified-construct.ts new file mode 100644 index 0000000000000..eb8a418cab58e --- /dev/null +++ b/tools/eslint-plugin-cdk/lib/rules/no-qualified-construct.ts @@ -0,0 +1,134 @@ +// +// This rule ensures that the `@aws-cdk/core.Construct` class is always +// referenced without a namespace qualifier (`Construct` instead of +// `xxx.Construct`). The fixer will automatically add an `import` statement +// separated from the main import group to reduce the chance for merge conflicts +// with v2-main. +// +// If there is already an import of `constructs.Construct` under the name +// `Construct`, we will import `core.Construct` as the alias `CoreConstruct` +// instead. +// + +import { AST, Rule } from 'eslint'; +import { ImportCache } from '../private/import-cache'; + +const importCache = new ImportCache(); + +export function create(context: Rule.RuleContext): Rule.NodeListener { + // skip core + if (context.getFilename().includes('@aws-cdk/core')) { + return {}; + } + + return { + // collect all "import" statements. we will later use them to determine + // exactly how to import `core.Construct`. + ImportDeclaration: node => { + for (const s of node.specifiers) { + const typeName = () => { + switch (s.type) { + case 'ImportSpecifier': return s.imported.name; + case 'ImportDefaultSpecifier': return s.local.name; + case 'ImportNamespaceSpecifier': return s.local.name; + } + }; + + importCache.record({ + fileName: context.getFilename(), + typeName: typeName(), + importNode: node, + localName: `${node.source.value}.${s.local.name}` + }); + } + }, + + // this captures `class X extends xxx.Construct` + ClassDeclaration: node => { + if (node.superClass?.type === 'MemberExpression') { + const sc = node.superClass; + // const qualifier = sc.object.type === 'Identifier' ? sc.object.name : undefined; + const baseClass = sc.property.type === 'Identifier' ? sc.property.name : undefined; + if (baseClass === 'Construct' && sc.range) { + report(context, node, sc.range); + } + } + }, + + // this captures using `xxx.Construct` as an identifier + Identifier: node => { + const typeAnnotation = (node as any).typeAnnotation?.typeAnnotation; + const type = typeAnnotation?.typeName; + if (type?.type === 'TSQualifiedName' && type?.right.name === 'Construct' && type?.left.name !== 'constructs') { + report(context, node, typeAnnotation.range); + } + }, + } +} + +/** + * Reports an error indicating that we found `xxx.Construct` usage, and apply + * the appropriate fix. + * @param context Rule context + * @param node Rule node (for the report) + * @param replaceRange Text range to replace + */ +function report(context: Rule.RuleContext, node: Rule.Node, replaceRange: AST.Range) { + context.report({ + message: 'To avoid merge conflicts with the v2-main branch, the "Construct" type must be referenced without a qualifier (e.g. "Construct" instead of "CoreConstruct")', + node, + fix: fixer => { + const imports = importCache.imports.filter(x => x.fileName === context.getFilename()); + const findImport = (x: string) => imports.find(i => i.localName === x); + + const coreConstruct = findImport('@aws-cdk/core.Construct') + const coreCoreConstruct = findImport('@aws-cdk/core.CoreConstruct'); + const constructsConstruct = findImport('constructs.Construct'); + + // determines whether we will replace with `Construct` or `CoreConstruct` + // based on whether this file already imported `constructs.Construct`. + let replaceBy: string | undefined; + + // determines whether an "import" statement should be added and it's + // contents. + let addImport: string | undefined; + + if (coreConstruct) { + // we already import `core.Construct` as `Construct` + replaceBy = 'Construct'; + } else if (coreCoreConstruct) { + // we already import `core.Construct` as `CoreConstruct` + replaceBy = 'CoreConstruct' + } else if (constructsConstruct) { + // we import `constructs.Construct`, so import and replace + // `core.Construct` with `CoreConstruct` + replaceBy = 'CoreConstruct'; + addImport = `import { Construct as ${replaceBy} } from '@aws-cdk/core';`; + } else { + // import `core.Construct` as `Construct` and replace + replaceBy = 'Construct'; + addImport = `import { ${replaceBy} } from '@aws-cdk/core';`; + } + + const fixes: Rule.Fix[] = [ + fixer.replaceTextRange(replaceRange, replaceBy) + ]; + + if (addImport) { + // find the last import statement in the file and add our import immediately after + const lastImport = imports[imports.length - 1]; + if (lastImport) { + fixes.push(fixer.insertTextAfter(lastImport.importNode, [ + "", + "", + "// keep this import separate from other imports to reduce chance for merge conflicts with v2-main", + "// eslint-disable-next-line no-duplicate-imports, import/order", + addImport, + ].join('\n'))); + } + } + + return fixes; + }, + }); +} \ No newline at end of file diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index 0bded88c313ef..87300515e617d 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -284,8 +284,32 @@ export class MaturitySetting extends ValidationRule { maturity = 'deprecated'; } + const packageLevels = this.determinePackageLevels(pkg); + + const hasL1s = packageLevels.some(level => level === 'l1'); + const hasL2s = packageLevels.some(level => level === 'l2'); + if (hasL2s) { + // validate that a package that contains L2s does not declare a 'cfn-only' maturity + if (maturity === 'cfn-only') { + pkg.report({ + ruleName: this.name, + message: "Package that contains any L2s cannot declare a 'cfn-only' maturity", + fix: () => pkg.json.maturity = 'experimental', + }); + } + } else if (hasL1s) { + // validate that a package that contains only L1s declares a 'cfn-only' maturity + if (maturity !== 'cfn-only') { + pkg.report({ + ruleName: this.name, + message: "Package that contains only L1s cannot declare a maturity other than 'cfn-only'", + fix: () => pkg.json.maturity = 'cfn-only', + }); + } + } + if (maturity) { - this.validateReadmeHasBanner(pkg, maturity, this.determinePackageLevels(pkg)); + this.validateReadmeHasBanner(pkg, maturity, packageLevels); } } @@ -342,7 +366,9 @@ export class MaturitySetting extends ValidationRule { // to see if this package has L1s. const hasL1 = !!pkg.json['cdk-build']?.cloudformation; - const libFiles = glob.sync('lib/*.ts'); + const libFiles = glob.sync('lib/**/*.ts', { + ignore: 'lib/**/*.d.ts', // ignore the generated TS declaration files + }); const hasL2 = libFiles.some(f => !f.endsWith('.generated.ts') && !f.endsWith('index.ts')); return [ @@ -1079,7 +1105,11 @@ export class MustHaveNodeEnginesDeclaration extends ValidationRule { public readonly name = 'package-info/engines'; public validate(pkg: PackageJson): void { - expectJSON(this.name, pkg, 'engines.node', '>= 10.13.0 <13 || >=13.7.0'); + if (cdkMajorVersion() === 2) { + expectJSON(this.name, pkg, 'engines.node', '>= 14.15.0'); + } else { + expectJSON(this.name, pkg, 'engines.node', '>= 10.13.0 <13 || >=13.7.0'); + } } } @@ -1511,9 +1541,7 @@ export class UbergenPackageVisibility extends ValidationRule { ]; public validate(pkg: PackageJson): void { - // eslint-disable-next-line @typescript-eslint/no-require-imports - const releaseJson = require(`${__dirname}/../../../release.json`); - if (releaseJson.majorVersion === 2) { + if (cdkMajorVersion() === 2) { // Only packages in the publicPackages list should be "public". Everything else should be private. if (this.publicPackages.includes(pkg.json.name) && pkg.json.private === true) { pkg.report({ @@ -1616,3 +1644,9 @@ function toRegExp(str: string): RegExp { function readBannerFile(file: string): string { return fs.readFileSync(path.join(__dirname, 'banners', file), { encoding: 'utf-8' }).trim(); } + +function cdkMajorVersion() { + // eslint-disable-next-line @typescript-eslint/no-require-imports + const releaseJson = require(`${__dirname}/../../../release.json`); + return releaseJson.majorVersion as number; +} diff --git a/tools/pkgtools/package.json b/tools/pkgtools/package.json index d5255e81d465d..f9130019bdc41 100644 --- a/tools/pkgtools/package.json +++ b/tools/pkgtools/package.json @@ -44,7 +44,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "ubergen": { "exclude": true diff --git a/tools/ubergen/package.json b/tools/ubergen/package.json index 483d7ecfa4dfa..77bb68c7a3d0b 100644 --- a/tools/ubergen/package.json +++ b/tools/ubergen/package.json @@ -41,7 +41,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "ubergen": { "exclude": true diff --git a/tools/yarn-cling/package.json b/tools/yarn-cling/package.json index aefba13ff8ee0..02516633ef5f5 100644 --- a/tools/yarn-cling/package.json +++ b/tools/yarn-cling/package.json @@ -54,7 +54,7 @@ ], "homepage": "https://github.com/aws/aws-cdk", "engines": { - "node": ">= 10.13.0 <13 || >=13.7.0" + "node": ">= 14.15.0" }, "ubergen": { "exclude": true diff --git a/version.v1.json b/version.v1.json index 5d4e6a68aecb5..e9e06b8086b92 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.83.0" + "version": "1.85.0" } diff --git a/yarn.lock b/yarn.lock index 285e77f7f0705..374de3ff6b642 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2309,10 +2309,10 @@ aws-sdk-mock@^5.1.0: sinon "^9.0.1" traverse "^0.6.6" -aws-sdk@^2.637.0, aws-sdk@^2.824.0: - version "2.824.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.824.0.tgz#a67747d4d0b53d09c6c121e93f44d8f6e76fc44b" - integrity sha512-9KNRQBkIMPn+6DWb4gR+RzqTMNyGLEwOgXbE4dDehOIAflfLnv3IFwLnzrhxJnleB4guYrILIsBroJFBzjiekg== +aws-sdk@^2.637.0, aws-sdk@^2.828.0: + version "2.828.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.828.0.tgz#6aa599c3582f219568f41fb287eb65753e4a9234" + integrity sha512-JoDujGdncSIF9ka+XFZjop/7G+fNGucwPwYj7OHYMmFIOV5p7YmqomdbVmH/vIzd988YZz8oLOinWc4jM6vvhg== dependencies: buffer "4.9.2" events "1.1.1" @@ -3518,6 +3518,11 @@ decamelize@^4.0.0: resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-4.0.0.tgz#aa472d7bf660eb15f3494efd531cab7f2a709837" integrity sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ== +decamelize@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-5.0.0.tgz#88358157b010ef133febfd27c18994bd80c6215b" + integrity sha512-U75DcT5hrio3KNtvdULAWnLiAPbFUC4191ldxMmj4FA/mRuBnmDwU0boNfPyFRhnan+Jm+haLeSn3P0afcBn4w== + decimal.js@^10.2.0: version "10.2.1" resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.2.1.tgz#238ae7b0f0c793d3e3cea410108b35a2c01426a3" @@ -3943,10 +3948,10 @@ es6-promisify@^5.0.0: dependencies: es6-promise "^4.0.3" -esbuild@^0.8.31: - version "0.8.31" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.31.tgz#c21e7adb3ad283c951a53de7ad64a5ae2df2ed34" - integrity sha512-7EIU0VdUxltwivjVezX3HgeNzeIVR1snkrAo57WdUnuBMykdzin5rTrxwCDM6xQqj0RL/HjOEm3wFr2ijHKeaA== +esbuild@^0.8.32: + version "0.8.32" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.32.tgz#d3d679ea417925f7afaab37555e52070df317355" + integrity sha512-5IzQapMW/wFy5oxziHCJzawk26K3xeyrIAQPnPN3c0Q84hqRw6IfGDGfGWOdJNw5tAx77yvwqZ4r1QMpo6emJA== escalade@^3.1.1: version "3.1.1" @@ -9923,10 +9928,10 @@ typedarray@^0.0.6: resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c= -typescript-json-schema@^0.46.0: - version "0.46.0" - resolved "https://registry.yarnpkg.com/typescript-json-schema/-/typescript-json-schema-0.46.0.tgz#45204ba80915db3608d01de5b839c470c053e716" - integrity sha512-9ktZr69Yh6iGTWVa3Ln0J+H6RyAoED9e68tz8k+0lIiCR+UZLvpvs9PqsSsE7aZ7Olvg0p161ls7JHldlA0Ocg== +typescript-json-schema@^0.47.0: + version "0.47.0" + resolved "https://registry.yarnpkg.com/typescript-json-schema/-/typescript-json-schema-0.47.0.tgz#84dde5460b127c6774da81bf70b23c7e04857b13" + integrity sha512-A6NVwSOTSsNDHfaqDcDeKwwyXEeKqBHoAr20jcetnYj4e8C6zVFofAVhAuwsBXCRYiWEE/lyHrcxpsSpbIk0Mg== dependencies: "@types/json-schema" "^7.0.6" glob "^7.1.6"