From 11fa9456a152405a7481a97b6e2f15f806f4f87c Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Wed, 26 Feb 2025 17:29:00 -0800 Subject: [PATCH 1/6] fix(custom-resources): fix circular dependency when a custom role is provided to Provider --- ...efaultTestDeployAssert1C38BF52.assets.json | 19 + ...aultTestDeployAssert1C38BF52.template.json | 36 + .../cfn-response.js | 106 ++ .../consts.js | 10 + .../framework.js | 185 ++ .../outbound.js | 83 + .../util.js | 53 + .../cdk.out | 1 + ...iter-state-machine-custom-role.assets.json | 32 + ...er-state-machine-custom-role.template.json | 834 ++++++++ .../integ.json | 13 + .../manifest.json | 918 +++++++++ .../tree.json | 1676 +++++++++++++++++ ...r-with-waiter-state-machine-custom-role.ts | 52 + .../lib/provider-framework/provider.ts | 12 +- .../test/provider-framework/provider.test.ts | 90 + 16 files changed, 4119 insertions(+), 1 deletion(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/cfn-response.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/consts.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/framework.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/outbound.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/util.js create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json new file mode 100644 index 0000000000000..dbc0969b3a657 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json @@ -0,0 +1,19 @@ +{ + "version": "39.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/cfn-response.js b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/cfn-response.js new file mode 100644 index 0000000000000..5a86242674505 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/cfn-response.js @@ -0,0 +1,106 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.Retry = exports.includeStackTraces = exports.MISSING_PHYSICAL_ID_MARKER = exports.CREATE_FAILED_PHYSICAL_ID_MARKER = void 0; +exports.submitResponse = submitResponse; +exports.safeHandler = safeHandler; +exports.redactDataFromPayload = redactDataFromPayload; +/* eslint-disable max-len */ +/* eslint-disable no-console */ +const url = require("url"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +exports.CREATE_FAILED_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::CREATE_FAILED'; +exports.MISSING_PHYSICAL_ID_MARKER = 'AWSCDK::CustomResourceProviderFramework::MISSING_PHYSICAL_ID'; +async function submitResponse(status, event, options = {}) { + const json = { + Status: status, + Reason: options.reason || status, + StackId: event.StackId, + RequestId: event.RequestId, + PhysicalResourceId: event.PhysicalResourceId || exports.MISSING_PHYSICAL_ID_MARKER, + LogicalResourceId: event.LogicalResourceId, + NoEcho: options.noEcho, + Data: event.Data, + }; + const responseBody = JSON.stringify(json); + const parsedUrl = url.parse(event.ResponseURL); + const loggingSafeUrl = `${parsedUrl.protocol}//${parsedUrl.hostname}/${parsedUrl.pathname}?***`; + if (options?.noEcho) { + (0, util_1.log)('submit redacted response to cloudformation', loggingSafeUrl, redactDataFromPayload(json)); + } + else { + (0, util_1.log)('submit response to cloudformation', loggingSafeUrl, json); + } + const retryOptions = { + attempts: 5, + sleep: 1000, + }; + await (0, util_1.withRetries)(retryOptions, outbound_1.httpRequest)({ + hostname: parsedUrl.hostname, + path: parsedUrl.path, + method: 'PUT', + headers: { + 'content-type': '', + 'content-length': Buffer.byteLength(responseBody, 'utf8'), + }, + }, responseBody); +} +exports.includeStackTraces = true; // for unit tests +function safeHandler(block) { + return async (event) => { + // ignore DELETE event when the physical resource ID is the marker that + // indicates that this DELETE is a subsequent DELETE to a failed CREATE + // operation. + if (event.RequestType === 'Delete' && event.PhysicalResourceId === exports.CREATE_FAILED_PHYSICAL_ID_MARKER) { + (0, util_1.log)('ignoring DELETE event caused by a failed CREATE event'); + await submitResponse('SUCCESS', event); + return; + } + try { + await block(event); + } + catch (e) { + // tell waiter state machine to retry + if (e instanceof Retry) { + (0, util_1.log)('retry requested by handler'); + throw e; + } + if (!event.PhysicalResourceId) { + // special case: if CREATE fails, which usually implies, we usually don't + // have a physical resource id. in this case, the subsequent DELETE + // operation does not have any meaning, and will likely fail as well. to + // address this, we use a marker so the provider framework can simply + // ignore the subsequent DELETE. + if (event.RequestType === 'Create') { + (0, util_1.log)('CREATE failed, responding with a marker physical resource id so that the subsequent DELETE will be ignored'); + event.PhysicalResourceId = exports.CREATE_FAILED_PHYSICAL_ID_MARKER; + } + else { + // otherwise, if PhysicalResourceId is not specified, something is + // terribly wrong because all other events should have an ID. + (0, util_1.log)(`ERROR: Malformed event. "PhysicalResourceId" is required: ${JSON.stringify({ ...event, ResponseURL: '...' })}`); + } + } + // this is an actual error, fail the activity altogether and exist. + await submitResponse('FAILED', event, { + reason: exports.includeStackTraces ? e.stack : e.message, + }); + } + }; +} +function redactDataFromPayload(payload) { + // Create a deep copy of the payload object + const redactedPayload = JSON.parse(JSON.stringify(payload)); + // Redact the data in the copied payload object + if (redactedPayload.Data) { + const keys = Object.keys(redactedPayload.Data); + for (const key of keys) { + redactedPayload.Data[key] = '*****'; + } + } + return redactedPayload; +} +class Retry extends Error { +} +exports.Retry = Retry; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2ZuLXJlc3BvbnNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY2ZuLXJlc3BvbnNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQXdCQSx3Q0FtQ0M7QUFJRCxrQ0EwQ0M7QUFFRCxzREFZQztBQXZIRCw0QkFBNEI7QUFDNUIsK0JBQStCO0FBQy9CLDJCQUEyQjtBQUMzQix5Q0FBeUM7QUFDekMsaUNBQTBDO0FBRzdCLFFBQUEsZ0NBQWdDLEdBQUcsd0RBQXdELENBQUM7QUFDNUYsUUFBQSwwQkFBMEIsR0FBRyw4REFBOEQsQ0FBQztBQWdCbEcsS0FBSyxVQUFVLGNBQWMsQ0FBQyxNQUE0QixFQUFFLEtBQWlDLEVBQUUsVUFBeUMsRUFBRztJQUNoSixNQUFNLElBQUksR0FBbUQ7UUFDM0QsTUFBTSxFQUFFLE1BQU07UUFDZCxNQUFNLEVBQUUsT0FBTyxDQUFDLE1BQU0sSUFBSSxNQUFNO1FBQ2hDLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztRQUN0QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7UUFDMUIsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLGtDQUEwQjtRQUMxRSxpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1FBQzFDLE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTTtRQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7S0FDakIsQ0FBQztJQUVGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFMUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0MsTUFBTSxjQUFjLEdBQUcsR0FBRyxTQUFTLENBQUMsUUFBUSxLQUFLLFNBQVMsQ0FBQyxRQUFRLElBQUksU0FBUyxDQUFDLFFBQVEsTUFBTSxDQUFDO0lBQ2hHLElBQUksT0FBTyxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ3BCLElBQUEsVUFBRyxFQUFDLDRDQUE0QyxFQUFFLGNBQWMsRUFBRSxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBQ2pHLENBQUM7U0FBTSxDQUFDO1FBQ04sSUFBQSxVQUFHLEVBQUMsbUNBQW1DLEVBQUUsY0FBYyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRCxNQUFNLFlBQVksR0FBRztRQUNuQixRQUFRLEVBQUUsQ0FBQztRQUNYLEtBQUssRUFBRSxJQUFJO0tBQ1osQ0FBQztJQUNGLE1BQU0sSUFBQSxrQkFBVyxFQUFDLFlBQVksRUFBRSxzQkFBVyxDQUFDLENBQUM7UUFDM0MsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRO1FBQzVCLElBQUksRUFBRSxTQUFTLENBQUMsSUFBSTtRQUNwQixNQUFNLEVBQUUsS0FBSztRQUNiLE9BQU8sRUFBRTtZQUNQLGNBQWMsRUFBRSxFQUFFO1lBQ2xCLGdCQUFnQixFQUFFLE1BQU0sQ0FBQyxVQUFVLENBQUMsWUFBWSxFQUFFLE1BQU0sQ0FBQztTQUMxRDtLQUNGLEVBQUUsWUFBWSxDQUFDLENBQUM7QUFDbkIsQ0FBQztBQUVVLFFBQUEsa0JBQWtCLEdBQUcsSUFBSSxDQUFDLENBQUMsaUJBQWlCO0FBRXZELFNBQWdCLFdBQVcsQ0FBQyxLQUFvQztJQUM5RCxPQUFPLEtBQUssRUFBRSxLQUFVLEVBQUUsRUFBRTtRQUMxQix1RUFBdUU7UUFDdkUsdUVBQXVFO1FBQ3ZFLGFBQWE7UUFDYixJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLEtBQUssQ0FBQyxrQkFBa0IsS0FBSyx3Q0FBZ0MsRUFBRSxDQUFDO1lBQ3BHLElBQUEsVUFBRyxFQUFDLHVEQUF1RCxDQUFDLENBQUM7WUFDN0QsTUFBTSxjQUFjLENBQUMsU0FBUyxFQUFFLEtBQUssQ0FBQyxDQUFDO1lBQ3ZDLE9BQU87UUFDVCxDQUFDO1FBRUQsSUFBSSxDQUFDO1lBQ0gsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDckIsQ0FBQztRQUFDLE9BQU8sQ0FBTSxFQUFFLENBQUM7WUFDaEIscUNBQXFDO1lBQ3JDLElBQUksQ0FBQyxZQUFZLEtBQUssRUFBRSxDQUFDO2dCQUN2QixJQUFBLFVBQUcsRUFBQyw0QkFBNEIsQ0FBQyxDQUFDO2dCQUNsQyxNQUFNLENBQUMsQ0FBQztZQUNWLENBQUM7WUFFRCxJQUFJLENBQUMsS0FBSyxDQUFDLGtCQUFrQixFQUFFLENBQUM7Z0JBQzlCLHlFQUF5RTtnQkFDekUsbUVBQW1FO2dCQUNuRSx3RUFBd0U7Z0JBQ3hFLHFFQUFxRTtnQkFDckUsZ0NBQWdDO2dCQUNoQyxJQUFJLEtBQUssQ0FBQyxXQUFXLEtBQUssUUFBUSxFQUFFLENBQUM7b0JBQ25DLElBQUEsVUFBRyxFQUFDLDRHQUE0RyxDQUFDLENBQUM7b0JBQ2xILEtBQUssQ0FBQyxrQkFBa0IsR0FBRyx3Q0FBZ0MsQ0FBQztnQkFDOUQsQ0FBQztxQkFBTSxDQUFDO29CQUNOLGtFQUFrRTtvQkFDbEUsNkRBQTZEO29CQUM3RCxJQUFBLFVBQUcsRUFBQyw2REFBNkQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLEdBQUcsS0FBSyxFQUFFLFdBQVcsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztnQkFDdkgsQ0FBQztZQUNILENBQUM7WUFFRCxtRUFBbUU7WUFDbkUsTUFBTSxjQUFjLENBQUMsUUFBUSxFQUFFLEtBQUssRUFBRTtnQkFDcEMsTUFBTSxFQUFFLDBCQUFrQixDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTzthQUNqRCxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQyxDQUFDO0FBQ0osQ0FBQztBQUVELFNBQWdCLHFCQUFxQixDQUFDLE9BQXdCO0lBQzVELDJDQUEyQztJQUMzQyxNQUFNLGVBQWUsR0FBb0IsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7SUFFN0UsK0NBQStDO0lBQy9DLElBQUksZUFBZSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ3pCLE1BQU0sSUFBSSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQy9DLEtBQUssTUFBTSxHQUFHLElBQUksSUFBSSxFQUFFLENBQUM7WUFDdkIsZUFBZSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxPQUFPLENBQUM7UUFDdEMsQ0FBQztJQUNILENBQUM7SUFDRCxPQUFPLGVBQWUsQ0FBQztBQUN6QixDQUFDO0FBRUQsTUFBYSxLQUFNLFNBQVEsS0FBSztDQUFJO0FBQXBDLHNCQUFvQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG1heC1sZW4gKi9cbi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cbmltcG9ydCAqIGFzIHVybCBmcm9tICd1cmwnO1xuaW1wb3J0IHsgaHR0cFJlcXVlc3QgfSBmcm9tICcuL291dGJvdW5kJztcbmltcG9ydCB7IGxvZywgd2l0aFJldHJpZXMgfSBmcm9tICcuL3V0aWwnO1xuaW1wb3J0IHsgT25FdmVudFJlc3BvbnNlIH0gZnJvbSAnLi4vdHlwZXMnO1xuXG5leHBvcnQgY29uc3QgQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVIgPSAnQVdTQ0RLOjpDdXN0b21SZXNvdXJjZVByb3ZpZGVyRnJhbWV3b3JrOjpDUkVBVEVfRkFJTEVEJztcbmV4cG9ydCBjb25zdCBNSVNTSU5HX1BIWVNJQ0FMX0lEX01BUktFUiA9ICdBV1NDREs6OkN1c3RvbVJlc291cmNlUHJvdmlkZXJGcmFtZXdvcms6Ok1JU1NJTkdfUEhZU0lDQUxfSUQnO1xuXG5leHBvcnQgaW50ZXJmYWNlIENsb3VkRm9ybWF0aW9uUmVzcG9uc2VPcHRpb25zIHtcbiAgcmVhZG9ubHkgcmVhc29uPzogc3RyaW5nO1xuICByZWFkb25seSBub0VjaG8/OiBib29sZWFuO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENsb3VkRm9ybWF0aW9uRXZlbnRDb250ZXh0IHtcbiAgU3RhY2tJZDogc3RyaW5nO1xuICBSZXF1ZXN0SWQ6IHN0cmluZztcbiAgUGh5c2ljYWxSZXNvdXJjZUlkPzogc3RyaW5nO1xuICBMb2dpY2FsUmVzb3VyY2VJZDogc3RyaW5nO1xuICBSZXNwb25zZVVSTDogc3RyaW5nO1xuICBEYXRhPzogYW55O1xufVxuXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gc3VibWl0UmVzcG9uc2Uoc3RhdHVzOiAnU1VDQ0VTUycgfCAnRkFJTEVEJywgZXZlbnQ6IENsb3VkRm9ybWF0aW9uRXZlbnRDb250ZXh0LCBvcHRpb25zOiBDbG91ZEZvcm1hdGlvblJlc3BvbnNlT3B0aW9ucyA9IHsgfSkge1xuICBjb25zdCBqc29uOiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZVJlc3BvbnNlID0ge1xuICAgIFN0YXR1czogc3RhdHVzLFxuICAgIFJlYXNvbjogb3B0aW9ucy5yZWFzb24gfHwgc3RhdHVzLFxuICAgIFN0YWNrSWQ6IGV2ZW50LlN0YWNrSWQsXG4gICAgUmVxdWVzdElkOiBldmVudC5SZXF1ZXN0SWQsXG4gICAgUGh5c2ljYWxSZXNvdXJjZUlkOiBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgfHwgTUlTU0lOR19QSFlTSUNBTF9JRF9NQVJLRVIsXG4gICAgTG9naWNhbFJlc291cmNlSWQ6IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkLFxuICAgIE5vRWNobzogb3B0aW9ucy5ub0VjaG8sXG4gICAgRGF0YTogZXZlbnQuRGF0YSxcbiAgfTtcblxuICBjb25zdCByZXNwb25zZUJvZHkgPSBKU09OLnN0cmluZ2lmeShqc29uKTtcblxuICBjb25zdCBwYXJzZWRVcmwgPSB1cmwucGFyc2UoZXZlbnQuUmVzcG9uc2VVUkwpO1xuICBjb25zdCBsb2dnaW5nU2FmZVVybCA9IGAke3BhcnNlZFVybC5wcm90b2NvbH0vLyR7cGFyc2VkVXJsLmhvc3RuYW1lfS8ke3BhcnNlZFVybC5wYXRobmFtZX0/KioqYDtcbiAgaWYgKG9wdGlvbnM/Lm5vRWNobykge1xuICAgIGxvZygnc3VibWl0IHJlZGFjdGVkIHJlc3BvbnNlIHRvIGNsb3VkZm9ybWF0aW9uJywgbG9nZ2luZ1NhZmVVcmwsIHJlZGFjdERhdGFGcm9tUGF5bG9hZChqc29uKSk7XG4gIH0gZWxzZSB7XG4gICAgbG9nKCdzdWJtaXQgcmVzcG9uc2UgdG8gY2xvdWRmb3JtYXRpb24nLCBsb2dnaW5nU2FmZVVybCwganNvbik7XG4gIH1cblxuICBjb25zdCByZXRyeU9wdGlvbnMgPSB7XG4gICAgYXR0ZW1wdHM6IDUsXG4gICAgc2xlZXA6IDEwMDAsXG4gIH07XG4gIGF3YWl0IHdpdGhSZXRyaWVzKHJldHJ5T3B0aW9ucywgaHR0cFJlcXVlc3QpKHtcbiAgICBob3N0bmFtZTogcGFyc2VkVXJsLmhvc3RuYW1lLFxuICAgIHBhdGg6IHBhcnNlZFVybC5wYXRoLFxuICAgIG1ldGhvZDogJ1BVVCcsXG4gICAgaGVhZGVyczoge1xuICAgICAgJ2NvbnRlbnQtdHlwZSc6ICcnLFxuICAgICAgJ2NvbnRlbnQtbGVuZ3RoJzogQnVmZmVyLmJ5dGVMZW5ndGgocmVzcG9uc2VCb2R5LCAndXRmOCcpLFxuICAgIH0sXG4gIH0sIHJlc3BvbnNlQm9keSk7XG59XG5cbmV4cG9ydCBsZXQgaW5jbHVkZVN0YWNrVHJhY2VzID0gdHJ1ZTsgLy8gZm9yIHVuaXQgdGVzdHNcblxuZXhwb3J0IGZ1bmN0aW9uIHNhZmVIYW5kbGVyKGJsb2NrOiAoZXZlbnQ6IGFueSkgPT4gUHJvbWlzZTx2b2lkPikge1xuICByZXR1cm4gYXN5bmMgKGV2ZW50OiBhbnkpID0+IHtcbiAgICAvLyBpZ25vcmUgREVMRVRFIGV2ZW50IHdoZW4gdGhlIHBoeXNpY2FsIHJlc291cmNlIElEIGlzIHRoZSBtYXJrZXIgdGhhdFxuICAgIC8vIGluZGljYXRlcyB0aGF0IHRoaXMgREVMRVRFIGlzIGEgc3Vic2VxdWVudCBERUxFVEUgdG8gYSBmYWlsZWQgQ1JFQVRFXG4gICAgLy8gb3BlcmF0aW9uLlxuICAgIGlmIChldmVudC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkID09PSBDUkVBVEVfRkFJTEVEX1BIWVNJQ0FMX0lEX01BUktFUikge1xuICAgICAgbG9nKCdpZ25vcmluZyBERUxFVEUgZXZlbnQgY2F1c2VkIGJ5IGEgZmFpbGVkIENSRUFURSBldmVudCcpO1xuICAgICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ1NVQ0NFU1MnLCBldmVudCk7XG4gICAgICByZXR1cm47XG4gICAgfVxuXG4gICAgdHJ5IHtcbiAgICAgIGF3YWl0IGJsb2NrKGV2ZW50KTtcbiAgICB9IGNhdGNoIChlOiBhbnkpIHtcbiAgICAgIC8vIHRlbGwgd2FpdGVyIHN0YXRlIG1hY2hpbmUgdG8gcmV0cnlcbiAgICAgIGlmIChlIGluc3RhbmNlb2YgUmV0cnkpIHtcbiAgICAgICAgbG9nKCdyZXRyeSByZXF1ZXN0ZWQgYnkgaGFuZGxlcicpO1xuICAgICAgICB0aHJvdyBlO1xuICAgICAgfVxuXG4gICAgICBpZiAoIWV2ZW50LlBoeXNpY2FsUmVzb3VyY2VJZCkge1xuICAgICAgICAvLyBzcGVjaWFsIGNhc2U6IGlmIENSRUFURSBmYWlscywgd2hpY2ggdXN1YWxseSBpbXBsaWVzLCB3ZSB1c3VhbGx5IGRvbid0XG4gICAgICAgIC8vIGhhdmUgYSBwaHlzaWNhbCByZXNvdXJjZSBpZC4gaW4gdGhpcyBjYXNlLCB0aGUgc3Vic2VxdWVudCBERUxFVEVcbiAgICAgICAgLy8gb3BlcmF0aW9uIGRvZXMgbm90IGhhdmUgYW55IG1lYW5pbmcsIGFuZCB3aWxsIGxpa2VseSBmYWlsIGFzIHdlbGwuIHRvXG4gICAgICAgIC8vIGFkZHJlc3MgdGhpcywgd2UgdXNlIGEgbWFya2VyIHNvIHRoZSBwcm92aWRlciBmcmFtZXdvcmsgY2FuIHNpbXBseVxuICAgICAgICAvLyBpZ25vcmUgdGhlIHN1YnNlcXVlbnQgREVMRVRFLlxuICAgICAgICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdDcmVhdGUnKSB7XG4gICAgICAgICAgbG9nKCdDUkVBVEUgZmFpbGVkLCByZXNwb25kaW5nIHdpdGggYSBtYXJrZXIgcGh5c2ljYWwgcmVzb3VyY2UgaWQgc28gdGhhdCB0aGUgc3Vic2VxdWVudCBERUxFVEUgd2lsbCBiZSBpZ25vcmVkJyk7XG4gICAgICAgICAgZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkID0gQ1JFQVRFX0ZBSUxFRF9QSFlTSUNBTF9JRF9NQVJLRVI7XG4gICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgLy8gb3RoZXJ3aXNlLCBpZiBQaHlzaWNhbFJlc291cmNlSWQgaXMgbm90IHNwZWNpZmllZCwgc29tZXRoaW5nIGlzXG4gICAgICAgICAgLy8gdGVycmlibHkgd3JvbmcgYmVjYXVzZSBhbGwgb3RoZXIgZXZlbnRzIHNob3VsZCBoYXZlIGFuIElELlxuICAgICAgICAgIGxvZyhgRVJST1I6IE1hbGZvcm1lZCBldmVudC4gXCJQaHlzaWNhbFJlc291cmNlSWRcIiBpcyByZXF1aXJlZDogJHtKU09OLnN0cmluZ2lmeSh7IC4uLmV2ZW50LCBSZXNwb25zZVVSTDogJy4uLicgfSl9YCk7XG4gICAgICAgIH1cbiAgICAgIH1cblxuICAgICAgLy8gdGhpcyBpcyBhbiBhY3R1YWwgZXJyb3IsIGZhaWwgdGhlIGFjdGl2aXR5IGFsdG9nZXRoZXIgYW5kIGV4aXN0LlxuICAgICAgYXdhaXQgc3VibWl0UmVzcG9uc2UoJ0ZBSUxFRCcsIGV2ZW50LCB7XG4gICAgICAgIHJlYXNvbjogaW5jbHVkZVN0YWNrVHJhY2VzID8gZS5zdGFjayA6IGUubWVzc2FnZSxcbiAgICAgIH0pO1xuICAgIH1cbiAgfTtcbn1cblxuZXhwb3J0IGZ1bmN0aW9uIHJlZGFjdERhdGFGcm9tUGF5bG9hZChwYXlsb2FkOiBPbkV2ZW50UmVzcG9uc2UpIHtcbiAgLy8gQ3JlYXRlIGEgZGVlcCBjb3B5IG9mIHRoZSBwYXlsb2FkIG9iamVjdFxuICBjb25zdCByZWRhY3RlZFBheWxvYWQ6IE9uRXZlbnRSZXNwb25zZSA9IEpTT04ucGFyc2UoSlNPTi5zdHJpbmdpZnkocGF5bG9hZCkpO1xuXG4gIC8vIFJlZGFjdCB0aGUgZGF0YSBpbiB0aGUgY29waWVkIHBheWxvYWQgb2JqZWN0XG4gIGlmIChyZWRhY3RlZFBheWxvYWQuRGF0YSkge1xuICAgIGNvbnN0IGtleXMgPSBPYmplY3Qua2V5cyhyZWRhY3RlZFBheWxvYWQuRGF0YSk7XG4gICAgZm9yIChjb25zdCBrZXkgb2Yga2V5cykge1xuICAgICAgcmVkYWN0ZWRQYXlsb2FkLkRhdGFba2V5XSA9ICcqKioqKic7XG4gICAgfVxuICB9XG4gIHJldHVybiByZWRhY3RlZFBheWxvYWQ7XG59XG5cbmV4cG9ydCBjbGFzcyBSZXRyeSBleHRlbmRzIEVycm9yIHsgfVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/consts.js b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/consts.js new file mode 100644 index 0000000000000..31faa077ae313 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/consts.js @@ -0,0 +1,10 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = exports.WAITER_STATE_MACHINE_ARN_ENV = exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = exports.USER_ON_EVENT_FUNCTION_ARN_ENV = void 0; +exports.USER_ON_EVENT_FUNCTION_ARN_ENV = 'USER_ON_EVENT_FUNCTION_ARN'; +exports.USER_IS_COMPLETE_FUNCTION_ARN_ENV = 'USER_IS_COMPLETE_FUNCTION_ARN'; +exports.WAITER_STATE_MACHINE_ARN_ENV = 'WAITER_STATE_MACHINE_ARN'; +exports.FRAMEWORK_ON_EVENT_HANDLER_NAME = 'onEvent'; +exports.FRAMEWORK_IS_COMPLETE_HANDLER_NAME = 'isComplete'; +exports.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME = 'onTimeout'; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY29uc3RzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFhLFFBQUEsOEJBQThCLEdBQUcsNEJBQTRCLENBQUM7QUFDOUQsUUFBQSxpQ0FBaUMsR0FBRywrQkFBK0IsQ0FBQztBQUNwRSxRQUFBLDRCQUE0QixHQUFHLDBCQUEwQixDQUFDO0FBRTFELFFBQUEsK0JBQStCLEdBQUcsU0FBUyxDQUFDO0FBQzVDLFFBQUEsa0NBQWtDLEdBQUcsWUFBWSxDQUFDO0FBQ2xELFFBQUEsaUNBQWlDLEdBQUcsV0FBVyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGNvbnN0IFVTRVJfT05fRVZFTlRfRlVOQ1RJT05fQVJOX0VOViA9ICdVU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTic7XG5leHBvcnQgY29uc3QgVVNFUl9JU19DT01QTEVURV9GVU5DVElPTl9BUk5fRU5WID0gJ1VTRVJfSVNfQ09NUExFVEVfRlVOQ1RJT05fQVJOJztcbmV4cG9ydCBjb25zdCBXQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WID0gJ1dBSVRFUl9TVEFURV9NQUNISU5FX0FSTic7XG5cbmV4cG9ydCBjb25zdCBGUkFNRVdPUktfT05fRVZFTlRfSEFORExFUl9OQU1FID0gJ29uRXZlbnQnO1xuZXhwb3J0IGNvbnN0IEZSQU1FV09SS19JU19DT01QTEVURV9IQU5ETEVSX05BTUUgPSAnaXNDb21wbGV0ZSc7XG5leHBvcnQgY29uc3QgRlJBTUVXT1JLX09OX1RJTUVPVVRfSEFORExFUl9OQU1FID0gJ29uVGltZW91dCc7XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/framework.js b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/framework.js new file mode 100644 index 0000000000000..d381e7833f0b7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/framework.js @@ -0,0 +1,185 @@ +"use strict"; +/* eslint-disable max-len */ +/* eslint-disable no-console */ +const cfnResponse = require("./cfn-response"); +const consts = require("./consts"); +const outbound_1 = require("./outbound"); +const util_1 = require("./util"); +/** + * The main runtime entrypoint of the async custom resource lambda function. + * + * Any lifecycle event changes to the custom resources will invoke this handler, which will, in turn, + * interact with the user-defined `onEvent` and `isComplete` handlers. + * + * This function will always succeed. If an error occurs, it is logged but an error is not thrown. + * + * @param cfnRequest The cloudformation custom resource event. + */ +async function onEvent(cfnRequest) { + const sanitizedRequest = { ...cfnRequest, ResponseURL: '...' }; + (0, util_1.log)('onEventHandler', sanitizedRequest); + cfnRequest.ResourceProperties = cfnRequest.ResourceProperties || {}; + const onEventResult = await invokeUserFunction(consts.USER_ON_EVENT_FUNCTION_ARN_ENV, sanitizedRequest, cfnRequest.ResponseURL); + if (onEventResult?.NoEcho) { + (0, util_1.log)('redacted onEvent returned:', cfnResponse.redactDataFromPayload(onEventResult)); + } + else { + (0, util_1.log)('onEvent returned:', onEventResult); + } + // merge the request and the result from onEvent to form the complete resource event + // this also performs validation. + const resourceEvent = createResponseEvent(cfnRequest, onEventResult); + const sanitizedEvent = { ...resourceEvent, ResponseURL: '...' }; + if (onEventResult?.NoEcho) { + (0, util_1.log)('readacted event:', cfnResponse.redactDataFromPayload(sanitizedEvent)); + } + else { + (0, util_1.log)('event:', sanitizedEvent); + } + // determine if this is an async provider based on whether we have an isComplete handler defined. + // if it is not defined, then we are basically ready to return a positive response. + if (!process.env[consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV]) { + return cfnResponse.submitResponse('SUCCESS', resourceEvent, { noEcho: resourceEvent.NoEcho }); + } + // ok, we are not complete, so kick off the waiter workflow + const waiter = { + stateMachineArn: (0, util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV), + name: resourceEvent.RequestId, + input: JSON.stringify(resourceEvent), + }; + (0, util_1.log)('starting waiter', { + stateMachineArn: (0, util_1.getEnv)(consts.WAITER_STATE_MACHINE_ARN_ENV), + name: resourceEvent.RequestId, + }); + // kick off waiter state machine + await (0, outbound_1.startExecution)(waiter); +} +// invoked a few times until `complete` is true or until it times out. +async function isComplete(event) { + const sanitizedRequest = { ...event, ResponseURL: '...' }; + if (event?.NoEcho) { + (0, util_1.log)('redacted isComplete request', cfnResponse.redactDataFromPayload(sanitizedRequest)); + } + else { + (0, util_1.log)('isComplete', sanitizedRequest); + } + const isCompleteResult = await invokeUserFunction(consts.USER_IS_COMPLETE_FUNCTION_ARN_ENV, sanitizedRequest, event.ResponseURL); + if (event?.NoEcho) { + (0, util_1.log)('redacted user isComplete returned:', cfnResponse.redactDataFromPayload(isCompleteResult)); + } + else { + (0, util_1.log)('user isComplete returned:', isCompleteResult); + } + // if we are not complete, return false, and don't send a response back. + if (!isCompleteResult.IsComplete) { + if (isCompleteResult.Data && Object.keys(isCompleteResult.Data).length > 0) { + throw new Error('"Data" is not allowed if "IsComplete" is "False"'); + } + // This must be the full event, it will be deserialized in `onTimeout` to send the response to CloudFormation + throw new cfnResponse.Retry(JSON.stringify(event)); + } + const response = { + ...event, + ...isCompleteResult, + Data: { + ...event.Data, + ...isCompleteResult.Data, + }, + }; + await cfnResponse.submitResponse('SUCCESS', response, { noEcho: event.NoEcho }); +} +// invoked when completion retries are exhaused. +async function onTimeout(timeoutEvent) { + (0, util_1.log)('timeoutHandler', timeoutEvent); + const isCompleteRequest = JSON.parse(JSON.parse(timeoutEvent.Cause).errorMessage); + await cfnResponse.submitResponse('FAILED', isCompleteRequest, { + reason: 'Operation timed out', + }); +} +async function invokeUserFunction(functionArnEnv, sanitizedPayload, responseUrl) { + const functionArn = (0, util_1.getEnv)(functionArnEnv); + (0, util_1.log)(`executing user function ${functionArn} with payload`, sanitizedPayload); + // transient errors such as timeouts, throttling errors (429), and other + // errors that aren't caused by a bad request (500 series) are retried + // automatically by the JavaScript SDK. + const resp = await (0, outbound_1.invokeFunction)({ + FunctionName: functionArn, + // Cannot strip 'ResponseURL' here as this would be a breaking change even though the downstream CR doesn't need it + Payload: JSON.stringify({ ...sanitizedPayload, ResponseURL: responseUrl }), + }); + (0, util_1.log)('user function response:', resp, typeof (resp)); + // ParseJsonPayload is very defensive. It should not be possible for `Payload` + // to be anything other than a JSON encoded string (or intarray). Something weird is + // going on if that happens. Still, we should do our best to survive it. + const jsonPayload = (0, util_1.parseJsonPayload)(resp.Payload); + if (resp.FunctionError) { + (0, util_1.log)('user function threw an error:', resp.FunctionError); + const errorMessage = jsonPayload.errorMessage || 'error'; + // parse function name from arn + // arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName} + const arn = functionArn.split(':'); + const functionName = arn[arn.length - 1]; + // append a reference to the log group. + const message = [ + errorMessage, + '', + `Logs: /aws/lambda/${functionName}`, // cloudwatch log group + '', + ].join('\n'); + const e = new Error(message); + // the output that goes to CFN is what's in `stack`, not the error message. + // if we have a remote trace, construct a nice message with log group information + if (jsonPayload.trace) { + // skip first trace line because it's the message + e.stack = [message, ...jsonPayload.trace.slice(1)].join('\n'); + } + throw e; + } + return jsonPayload; +} +function createResponseEvent(cfnRequest, onEventResult) { + // + // validate that onEventResult always includes a PhysicalResourceId + onEventResult = onEventResult || {}; + // if physical ID is not returned, we have some defaults for you based + // on the request type. + const physicalResourceId = onEventResult.PhysicalResourceId || defaultPhysicalResourceId(cfnRequest); + // if we are in DELETE and physical ID was changed, it's an error. + if (cfnRequest.RequestType === 'Delete' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}" during deletion`); + } + // if we are in UPDATE and physical ID was changed, it's a replacement (just log) + if (cfnRequest.RequestType === 'Update' && physicalResourceId !== cfnRequest.PhysicalResourceId) { + (0, util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`); + } + // merge request event and result event (result prevails). + return { + ...cfnRequest, + ...onEventResult, + PhysicalResourceId: physicalResourceId, + }; +} +/** + * Calculates the default physical resource ID based in case user handler did + * not return a PhysicalResourceId. + * + * For "CREATE", it uses the RequestId. + * For "UPDATE" and "DELETE" and returns the current PhysicalResourceId (the one provided in `event`). + */ +function defaultPhysicalResourceId(req) { + switch (req.RequestType) { + case 'Create': + return req.RequestId; + case 'Update': + case 'Delete': + return req.PhysicalResourceId; + default: + throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`); + } +} +module.exports = { + [consts.FRAMEWORK_ON_EVENT_HANDLER_NAME]: cfnResponse.safeHandler(onEvent), + [consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME]: cfnResponse.safeHandler(isComplete), + [consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME]: onTimeout, +}; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnJhbWV3b3JrLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZnJhbWV3b3JrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSw0QkFBNEI7QUFDNUIsK0JBQStCO0FBQy9CLDhDQUE4QztBQUM5QyxtQ0FBbUM7QUFDbkMseUNBQTREO0FBQzVELGlDQUF1RDtBQVV2RDs7Ozs7Ozs7O0dBU0c7QUFDSCxLQUFLLFVBQVUsT0FBTyxDQUFDLFVBQXVEO0lBQzVFLE1BQU0sZ0JBQWdCLEdBQUcsRUFBRSxHQUFHLFVBQVUsRUFBRSxXQUFXLEVBQUUsS0FBSyxFQUFXLENBQUM7SUFDeEUsSUFBQSxVQUFHLEVBQUMsZ0JBQWdCLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUV4QyxVQUFVLENBQUMsa0JBQWtCLEdBQUcsVUFBVSxDQUFDLGtCQUFrQixJQUFJLEVBQUcsQ0FBQztJQUVyRSxNQUFNLGFBQWEsR0FBRyxNQUFNLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyw4QkFBOEIsRUFBRSxnQkFBZ0IsRUFBRSxVQUFVLENBQUMsV0FBVyxDQUFvQixDQUFDO0lBQ25KLElBQUksYUFBYSxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQzFCLElBQUEsVUFBRyxFQUFDLDRCQUE0QixFQUFFLFdBQVcsQ0FBQyxxQkFBcUIsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDO0lBQ3RGLENBQUM7U0FBTSxDQUFDO1FBQ04sSUFBQSxVQUFHLEVBQUMsbUJBQW1CLEVBQUUsYUFBYSxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVELG9GQUFvRjtJQUNwRixpQ0FBaUM7SUFDakMsTUFBTSxhQUFhLEdBQUcsbUJBQW1CLENBQUMsVUFBVSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQ3JFLE1BQU0sY0FBYyxHQUFHLEVBQUUsR0FBRyxhQUFhLEVBQUUsV0FBVyxFQUFFLEtBQUssRUFBRSxDQUFDO0lBQ2hFLElBQUksYUFBYSxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQzFCLElBQUEsVUFBRyxFQUFDLGtCQUFrQixFQUFFLFdBQVcsQ0FBQyxxQkFBcUIsQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDO0lBQzdFLENBQUM7U0FBTSxDQUFDO1FBQ04sSUFBQSxVQUFHLEVBQUMsUUFBUSxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRCxpR0FBaUc7SUFDakcsbUZBQW1GO0lBQ25GLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxpQ0FBaUMsQ0FBQyxFQUFFLENBQUM7UUFDM0QsT0FBTyxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsRUFBRSxhQUFhLEVBQUUsRUFBRSxNQUFNLEVBQUUsYUFBYSxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7SUFDaEcsQ0FBQztJQUVELDJEQUEyRDtJQUMzRCxNQUFNLE1BQU0sR0FBRztRQUNiLGVBQWUsRUFBRSxJQUFBLGFBQU0sRUFBQyxNQUFNLENBQUMsNEJBQTRCLENBQUM7UUFDNUQsSUFBSSxFQUFFLGFBQWEsQ0FBQyxTQUFTO1FBQzdCLEtBQUssRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGFBQWEsQ0FBQztLQUNyQyxDQUFDO0lBRUYsSUFBQSxVQUFHLEVBQUMsaUJBQWlCLEVBQUU7UUFDckIsZUFBZSxFQUFFLElBQUEsYUFBTSxFQUFDLE1BQU0sQ0FBQyw0QkFBNEIsQ0FBQztRQUM1RCxJQUFJLEVBQUUsYUFBYSxDQUFDLFNBQVM7S0FDOUIsQ0FBQyxDQUFDO0lBRUgsZ0NBQWdDO0lBQ2hDLE1BQU0sSUFBQSx5QkFBYyxFQUFDLE1BQU0sQ0FBQyxDQUFDO0FBQy9CLENBQUM7QUFFRCxzRUFBc0U7QUFDdEUsS0FBSyxVQUFVLFVBQVUsQ0FBQyxLQUFrRDtJQUMxRSxNQUFNLGdCQUFnQixHQUFHLEVBQUUsR0FBRyxLQUFLLEVBQUUsV0FBVyxFQUFFLEtBQUssRUFBVyxDQUFDO0lBQ25FLElBQUksS0FBSyxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ2xCLElBQUEsVUFBRyxFQUFDLDZCQUE2QixFQUFFLFdBQVcsQ0FBQyxxQkFBcUIsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLENBQUM7SUFDMUYsQ0FBQztTQUFNLENBQUM7UUFDTixJQUFBLFVBQUcsRUFBQyxZQUFZLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxpQ0FBaUMsRUFBRSxnQkFBZ0IsRUFBRSxLQUFLLENBQUMsV0FBVyxDQUF1QixDQUFDO0lBQ3ZKLElBQUksS0FBSyxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ2xCLElBQUEsVUFBRyxFQUFDLG9DQUFvQyxFQUFFLFdBQVcsQ0FBQyxxQkFBcUIsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLENBQUM7SUFDakcsQ0FBQztTQUFNLENBQUM7UUFDTixJQUFBLFVBQUcsRUFBQywyQkFBMkIsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ3JELENBQUM7SUFFRCx3RUFBd0U7SUFDeEUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ2pDLElBQUksZ0JBQWdCLENBQUMsSUFBSSxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQzNFLE1BQU0sSUFBSSxLQUFLLENBQUMsa0RBQWtELENBQUMsQ0FBQztRQUN0RSxDQUFDO1FBRUQsNkdBQTZHO1FBQzdHLE1BQU0sSUFBSSxXQUFXLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRUQsTUFBTSxRQUFRLEdBQUc7UUFDZixHQUFHLEtBQUs7UUFDUixHQUFHLGdCQUFnQjtRQUNuQixJQUFJLEVBQUU7WUFDSixHQUFHLEtBQUssQ0FBQyxJQUFJO1lBQ2IsR0FBRyxnQkFBZ0IsQ0FBQyxJQUFJO1NBQ3pCO0tBQ0YsQ0FBQztJQUVGLE1BQU0sV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLEVBQUUsUUFBUSxFQUFFLEVBQUUsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO0FBQ2xGLENBQUM7QUFFRCxnREFBZ0Q7QUFDaEQsS0FBSyxVQUFVLFNBQVMsQ0FBQyxZQUFpQjtJQUN4QyxJQUFBLFVBQUcsRUFBQyxnQkFBZ0IsRUFBRSxZQUFZLENBQUMsQ0FBQztJQUVwQyxNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFnRCxDQUFDO0lBQ2pJLE1BQU0sV0FBVyxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsaUJBQWlCLEVBQUU7UUFDNUQsTUFBTSxFQUFFLHFCQUFxQjtLQUM5QixDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsS0FBSyxVQUFVLGtCQUFrQixDQUFtQyxjQUFzQixFQUFFLGdCQUFtQixFQUFFLFdBQW1CO0lBQ2xJLE1BQU0sV0FBVyxHQUFHLElBQUEsYUFBTSxFQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQzNDLElBQUEsVUFBRyxFQUFDLDJCQUEyQixXQUFXLGVBQWUsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0lBRTdFLHdFQUF3RTtJQUN4RSxzRUFBc0U7SUFDdEUsdUNBQXVDO0lBQ3ZDLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBQSx5QkFBYyxFQUFDO1FBQ2hDLFlBQVksRUFBRSxXQUFXO1FBRXpCLG1IQUFtSDtRQUNuSCxPQUFPLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLEdBQUcsZ0JBQWdCLEVBQUUsV0FBVyxFQUFFLFdBQVcsRUFBRSxDQUFDO0tBQzNFLENBQUMsQ0FBQztJQUVILElBQUEsVUFBRyxFQUFDLHlCQUF5QixFQUFFLElBQUksRUFBRSxPQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztJQUVuRCw4RUFBOEU7SUFDOUUsb0ZBQW9GO0lBQ3BGLHdFQUF3RTtJQUN4RSxNQUFNLFdBQVcsR0FBRyxJQUFBLHVCQUFnQixFQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNuRCxJQUFJLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUN2QixJQUFBLFVBQUcsRUFBQywrQkFBK0IsRUFBRSxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7UUFFekQsTUFBTSxZQUFZLEdBQUcsV0FBVyxDQUFDLFlBQVksSUFBSSxPQUFPLENBQUM7UUFFekQsK0JBQStCO1FBQy9CLHdFQUF3RTtRQUN4RSxNQUFNLEdBQUcsR0FBRyxXQUFXLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ25DLE1BQU0sWUFBWSxHQUFHLEdBQUcsQ0FBQyxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBRXpDLHVDQUF1QztRQUN2QyxNQUFNLE9BQU8sR0FBRztZQUNkLFlBQVk7WUFDWixFQUFFO1lBQ0YscUJBQXFCLFlBQVksRUFBRSxFQUFFLHVCQUF1QjtZQUM1RCxFQUFFO1NBQ0gsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFYixNQUFNLENBQUMsR0FBRyxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUU3QiwyRUFBMkU7UUFDM0UsaUZBQWlGO1FBQ2pGLElBQUksV0FBVyxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ3RCLGlEQUFpRDtZQUNqRCxDQUFDLENBQUMsS0FBSyxHQUFHLENBQUMsT0FBTyxFQUFFLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDaEUsQ0FBQztRQUVELE1BQU0sQ0FBQyxDQUFDO0lBQ1YsQ0FBQztJQUVELE9BQU8sV0FBVyxDQUFDO0FBQ3JCLENBQUM7QUFFRCxTQUFTLG1CQUFtQixDQUFDLFVBQXVELEVBQUUsYUFBOEI7SUFDbEgsRUFBRTtJQUNGLG1FQUFtRTtJQUVuRSxhQUFhLEdBQUcsYUFBYSxJQUFJLEVBQUcsQ0FBQztJQUVyQyxzRUFBc0U7SUFDdEUsdUJBQXVCO0lBQ3ZCLE1BQU0sa0JBQWtCLEdBQUcsYUFBYSxDQUFDLGtCQUFrQixJQUFJLHlCQUF5QixDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBRXJHLGtFQUFrRTtJQUNsRSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1FBQ2hHLE1BQU0sSUFBSSxLQUFLLENBQUMsd0RBQXdELFVBQVUsQ0FBQyxrQkFBa0IsU0FBUyxhQUFhLENBQUMsa0JBQWtCLG1CQUFtQixDQUFDLENBQUM7SUFDckssQ0FBQztJQUVELGlGQUFpRjtJQUNqRixJQUFJLFVBQVUsQ0FBQyxXQUFXLEtBQUssUUFBUSxJQUFJLGtCQUFrQixLQUFLLFVBQVUsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1FBQ2hHLElBQUEsVUFBRyxFQUFDLCtDQUErQyxVQUFVLENBQUMsa0JBQWtCLFNBQVMsYUFBYSxDQUFDLGtCQUFrQixHQUFHLENBQUMsQ0FBQztJQUNoSSxDQUFDO0lBRUQsMERBQTBEO0lBQzFELE9BQU87UUFDTCxHQUFHLFVBQVU7UUFDYixHQUFHLGFBQWE7UUFDaEIsa0JBQWtCLEVBQUUsa0JBQWtCO0tBQ3ZDLENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7OztHQU1HO0FBQ0gsU0FBUyx5QkFBeUIsQ0FBQyxHQUFnRDtJQUNqRixRQUFRLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN4QixLQUFLLFFBQVE7WUFDWCxPQUFPLEdBQUcsQ0FBQyxTQUFTLENBQUM7UUFFdkIsS0FBSyxRQUFRLENBQUM7UUFDZCxLQUFLLFFBQVE7WUFDWCxPQUFPLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQztRQUVoQztZQUNFLE1BQU0sSUFBSSxLQUFLLENBQUMscUNBQXFDLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2pGLENBQUM7QUFDSCxDQUFDO0FBak5ELGlCQUFTO0lBQ1AsQ0FBQyxNQUFNLENBQUMsK0JBQStCLENBQUMsRUFBRSxXQUFXLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQztJQUMxRSxDQUFDLE1BQU0sQ0FBQyxrQ0FBa0MsQ0FBQyxFQUFFLFdBQVcsQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDO0lBQ2hGLENBQUMsTUFBTSxDQUFDLGlDQUFpQyxDQUFDLEVBQUUsU0FBUztDQUN0RCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyogZXNsaW50LWRpc2FibGUgbWF4LWxlbiAqL1xuLyogZXNsaW50LWRpc2FibGUgbm8tY29uc29sZSAqL1xuaW1wb3J0ICogYXMgY2ZuUmVzcG9uc2UgZnJvbSAnLi9jZm4tcmVzcG9uc2UnO1xuaW1wb3J0ICogYXMgY29uc3RzIGZyb20gJy4vY29uc3RzJztcbmltcG9ydCB7IGludm9rZUZ1bmN0aW9uLCBzdGFydEV4ZWN1dGlvbiB9IGZyb20gJy4vb3V0Ym91bmQnO1xuaW1wb3J0IHsgZ2V0RW52LCBsb2csIHBhcnNlSnNvblBheWxvYWQgfSBmcm9tICcuL3V0aWwnO1xuaW1wb3J0IHsgSXNDb21wbGV0ZVJlc3BvbnNlLCBPbkV2ZW50UmVzcG9uc2UgfSBmcm9tICcuLi90eXBlcyc7XG5cbi8vIHVzZSBjb25zdHMgZm9yIGhhbmRsZXIgbmFtZXMgdG8gY29tcGlsZXItZW5mb3JjZSB0aGUgY291cGxpbmcgd2l0aCBjb25zdHJ1Y3Rpb24gY29kZS5cbmV4cG9ydCA9IHtcbiAgW2NvbnN0cy5GUkFNRVdPUktfT05fRVZFTlRfSEFORExFUl9OQU1FXTogY2ZuUmVzcG9uc2Uuc2FmZUhhbmRsZXIob25FdmVudCksXG4gIFtjb25zdHMuRlJBTUVXT1JLX0lTX0NPTVBMRVRFX0hBTkRMRVJfTkFNRV06IGNmblJlc3BvbnNlLnNhZmVIYW5kbGVyKGlzQ29tcGxldGUpLFxuICBbY29uc3RzLkZSQU1FV09SS19PTl9USU1FT1VUX0hBTkRMRVJfTkFNRV06IG9uVGltZW91dCxcbn07XG5cbi8qKlxuICogVGhlIG1haW4gcnVudGltZSBlbnRyeXBvaW50IG9mIHRoZSBhc3luYyBjdXN0b20gcmVzb3VyY2UgbGFtYmRhIGZ1bmN0aW9uLlxuICpcbiAqIEFueSBsaWZlY3ljbGUgZXZlbnQgY2hhbmdlcyB0byB0aGUgY3VzdG9tIHJlc291cmNlcyB3aWxsIGludm9rZSB0aGlzIGhhbmRsZXIsIHdoaWNoIHdpbGwsIGluIHR1cm4sXG4gKiBpbnRlcmFjdCB3aXRoIHRoZSB1c2VyLWRlZmluZWQgYG9uRXZlbnRgIGFuZCBgaXNDb21wbGV0ZWAgaGFuZGxlcnMuXG4gKlxuICogVGhpcyBmdW5jdGlvbiB3aWxsIGFsd2F5cyBzdWNjZWVkLiBJZiBhbiBlcnJvciBvY2N1cnMsIGl0IGlzIGxvZ2dlZCBidXQgYW4gZXJyb3IgaXMgbm90IHRocm93bi5cbiAqXG4gKiBAcGFyYW0gY2ZuUmVxdWVzdCBUaGUgY2xvdWRmb3JtYXRpb24gY3VzdG9tIHJlc291cmNlIGV2ZW50LlxuICovXG5hc3luYyBmdW5jdGlvbiBvbkV2ZW50KGNmblJlcXVlc3Q6IEFXU0xhbWJkYS5DbG91ZEZvcm1hdGlvbkN1c3RvbVJlc291cmNlRXZlbnQpIHtcbiAgY29uc3Qgc2FuaXRpemVkUmVxdWVzdCA9IHsgLi4uY2ZuUmVxdWVzdCwgUmVzcG9uc2VVUkw6ICcuLi4nIH0gYXMgY29uc3Q7XG4gIGxvZygnb25FdmVudEhhbmRsZXInLCBzYW5pdGl6ZWRSZXF1ZXN0KTtcblxuICBjZm5SZXF1ZXN0LlJlc291cmNlUHJvcGVydGllcyA9IGNmblJlcXVlc3QuUmVzb3VyY2VQcm9wZXJ0aWVzIHx8IHsgfTtcblxuICBjb25zdCBvbkV2ZW50UmVzdWx0ID0gYXdhaXQgaW52b2tlVXNlckZ1bmN0aW9uKGNvbnN0cy5VU0VSX09OX0VWRU5UX0ZVTkNUSU9OX0FSTl9FTlYsIHNhbml0aXplZFJlcXVlc3QsIGNmblJlcXVlc3QuUmVzcG9uc2VVUkwpIGFzIE9uRXZlbnRSZXNwb25zZTtcbiAgaWYgKG9uRXZlbnRSZXN1bHQ/Lk5vRWNobykge1xuICAgIGxvZygncmVkYWN0ZWQgb25FdmVudCByZXR1cm5lZDonLCBjZm5SZXNwb25zZS5yZWRhY3REYXRhRnJvbVBheWxvYWQob25FdmVudFJlc3VsdCkpO1xuICB9IGVsc2Uge1xuICAgIGxvZygnb25FdmVudCByZXR1cm5lZDonLCBvbkV2ZW50UmVzdWx0KTtcbiAgfVxuXG4gIC8vIG1lcmdlIHRoZSByZXF1ZXN0IGFuZCB0aGUgcmVzdWx0IGZyb20gb25FdmVudCB0byBmb3JtIHRoZSBjb21wbGV0ZSByZXNvdXJjZSBldmVudFxuICAvLyB0aGlzIGFsc28gcGVyZm9ybXMgdmFsaWRhdGlvbi5cbiAgY29uc3QgcmVzb3VyY2VFdmVudCA9IGNyZWF0ZVJlc3BvbnNlRXZlbnQoY2ZuUmVxdWVzdCwgb25FdmVudFJlc3VsdCk7XG4gIGNvbnN0IHNhbml0aXplZEV2ZW50ID0geyAuLi5yZXNvdXJjZUV2ZW50LCBSZXNwb25zZVVSTDogJy4uLicgfTtcbiAgaWYgKG9uRXZlbnRSZXN1bHQ/Lk5vRWNobykge1xuICAgIGxvZygncmVhZGFjdGVkIGV2ZW50OicsIGNmblJlc3BvbnNlLnJlZGFjdERhdGFGcm9tUGF5bG9hZChzYW5pdGl6ZWRFdmVudCkpO1xuICB9IGVsc2Uge1xuICAgIGxvZygnZXZlbnQ6Jywgc2FuaXRpemVkRXZlbnQpO1xuICB9XG5cbiAgLy8gZGV0ZXJtaW5lIGlmIHRoaXMgaXMgYW4gYXN5bmMgcHJvdmlkZXIgYmFzZWQgb24gd2hldGhlciB3ZSBoYXZlIGFuIGlzQ29tcGxldGUgaGFuZGxlciBkZWZpbmVkLlxuICAvLyBpZiBpdCBpcyBub3QgZGVmaW5lZCwgdGhlbiB3ZSBhcmUgYmFzaWNhbGx5IHJlYWR5IHRvIHJldHVybiBhIHBvc2l0aXZlIHJlc3BvbnNlLlxuICBpZiAoIXByb2Nlc3MuZW52W2NvbnN0cy5VU0VSX0lTX0NPTVBMRVRFX0ZVTkNUSU9OX0FSTl9FTlZdKSB7XG4gICAgcmV0dXJuIGNmblJlc3BvbnNlLnN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgcmVzb3VyY2VFdmVudCwgeyBub0VjaG86IHJlc291cmNlRXZlbnQuTm9FY2hvIH0pO1xuICB9XG5cbiAgLy8gb2ssIHdlIGFyZSBub3QgY29tcGxldGUsIHNvIGtpY2sgb2ZmIHRoZSB3YWl0ZXIgd29ya2Zsb3dcbiAgY29uc3Qgd2FpdGVyID0ge1xuICAgIHN0YXRlTWFjaGluZUFybjogZ2V0RW52KGNvbnN0cy5XQUlURVJfU1RBVEVfTUFDSElORV9BUk5fRU5WKSxcbiAgICBuYW1lOiByZXNvdXJjZUV2ZW50LlJlcXVlc3RJZCxcbiAgICBpbnB1dDogSlNPTi5zdHJpbmdpZnkocmVzb3VyY2VFdmVudCksXG4gIH07XG5cbiAgbG9nKCdzdGFydGluZyB3YWl0ZXInLCB7XG4gICAgc3RhdGVNYWNoaW5lQXJuOiBnZXRFbnYoY29uc3RzLldBSVRFUl9TVEFURV9NQUNISU5FX0FSTl9FTlYpLFxuICAgIG5hbWU6IHJlc291cmNlRXZlbnQuUmVxdWVzdElkLFxuICB9KTtcblxuICAvLyBraWNrIG9mZiB3YWl0ZXIgc3RhdGUgbWFjaGluZVxuICBhd2FpdCBzdGFydEV4ZWN1dGlvbih3YWl0ZXIpO1xufVxuXG4vLyBpbnZva2VkIGEgZmV3IHRpbWVzIHVudGlsIGBjb21wbGV0ZWAgaXMgdHJ1ZSBvciB1bnRpbCBpdCB0aW1lcyBvdXQuXG5hc3luYyBmdW5jdGlvbiBpc0NvbXBsZXRlKGV2ZW50OiBBV1NDREtBc3luY0N1c3RvbVJlc291cmNlLklzQ29tcGxldGVSZXF1ZXN0KSB7XG4gIGNvbnN0IHNhbml0aXplZFJlcXVlc3QgPSB7IC4uLmV2ZW50LCBSZXNwb25zZVVSTDogJy4uLicgfSBhcyBjb25zdDtcbiAgaWYgKGV2ZW50Py5Ob0VjaG8pIHtcbiAgICBsb2coJ3JlZGFjdGVkIGlzQ29tcGxldGUgcmVxdWVzdCcsIGNmblJlc3BvbnNlLnJlZGFjdERhdGFGcm9tUGF5bG9hZChzYW5pdGl6ZWRSZXF1ZXN0KSk7XG4gIH0gZWxzZSB7XG4gICAgbG9nKCdpc0NvbXBsZXRlJywgc2FuaXRpemVkUmVxdWVzdCk7XG4gIH1cblxuICBjb25zdCBpc0NvbXBsZXRlUmVzdWx0ID0gYXdhaXQgaW52b2tlVXNlckZ1bmN0aW9uKGNvbnN0cy5VU0VSX0lTX0NPTVBMRVRFX0ZVTkNUSU9OX0FSTl9FTlYsIHNhbml0aXplZFJlcXVlc3QsIGV2ZW50LlJlc3BvbnNlVVJMKSBhcyBJc0NvbXBsZXRlUmVzcG9uc2U7XG4gIGlmIChldmVudD8uTm9FY2hvKSB7XG4gICAgbG9nKCdyZWRhY3RlZCB1c2VyIGlzQ29tcGxldGUgcmV0dXJuZWQ6JywgY2ZuUmVzcG9uc2UucmVkYWN0RGF0YUZyb21QYXlsb2FkKGlzQ29tcGxldGVSZXN1bHQpKTtcbiAgfSBlbHNlIHtcbiAgICBsb2coJ3VzZXIgaXNDb21wbGV0ZSByZXR1cm5lZDonLCBpc0NvbXBsZXRlUmVzdWx0KTtcbiAgfVxuXG4gIC8vIGlmIHdlIGFyZSBub3QgY29tcGxldGUsIHJldHVybiBmYWxzZSwgYW5kIGRvbid0IHNlbmQgYSByZXNwb25zZSBiYWNrLlxuICBpZiAoIWlzQ29tcGxldGVSZXN1bHQuSXNDb21wbGV0ZSkge1xuICAgIGlmIChpc0NvbXBsZXRlUmVzdWx0LkRhdGEgJiYgT2JqZWN0LmtleXMoaXNDb21wbGV0ZVJlc3VsdC5EYXRhKS5sZW5ndGggPiAwKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1wiRGF0YVwiIGlzIG5vdCBhbGxvd2VkIGlmIFwiSXNDb21wbGV0ZVwiIGlzIFwiRmFsc2VcIicpO1xuICAgIH1cblxuICAgIC8vIFRoaXMgbXVzdCBiZSB0aGUgZnVsbCBldmVudCwgaXQgd2lsbCBiZSBkZXNlcmlhbGl6ZWQgaW4gYG9uVGltZW91dGAgdG8gc2VuZCB0aGUgcmVzcG9uc2UgdG8gQ2xvdWRGb3JtYXRpb25cbiAgICB0aHJvdyBuZXcgY2ZuUmVzcG9uc2UuUmV0cnkoSlNPTi5zdHJpbmdpZnkoZXZlbnQpKTtcbiAgfVxuXG4gIGNvbnN0IHJlc3BvbnNlID0ge1xuICAgIC4uLmV2ZW50LFxuICAgIC4uLmlzQ29tcGxldGVSZXN1bHQsXG4gICAgRGF0YToge1xuICAgICAgLi4uZXZlbnQuRGF0YSxcbiAgICAgIC4uLmlzQ29tcGxldGVSZXN1bHQuRGF0YSxcbiAgICB9LFxuICB9O1xuXG4gIGF3YWl0IGNmblJlc3BvbnNlLnN1Ym1pdFJlc3BvbnNlKCdTVUNDRVNTJywgcmVzcG9uc2UsIHsgbm9FY2hvOiBldmVudC5Ob0VjaG8gfSk7XG59XG5cbi8vIGludm9rZWQgd2hlbiBjb21wbGV0aW9uIHJldHJpZXMgYXJlIGV4aGF1c2VkLlxuYXN5bmMgZnVuY3Rpb24gb25UaW1lb3V0KHRpbWVvdXRFdmVudDogYW55KSB7XG4gIGxvZygndGltZW91dEhhbmRsZXInLCB0aW1lb3V0RXZlbnQpO1xuXG4gIGNvbnN0IGlzQ29tcGxldGVSZXF1ZXN0ID0gSlNPTi5wYXJzZShKU09OLnBhcnNlKHRpbWVvdXRFdmVudC5DYXVzZSkuZXJyb3JNZXNzYWdlKSBhcyBBV1NDREtBc3luY0N1c3RvbVJlc291cmNlLklzQ29tcGxldGVSZXF1ZXN0O1xuICBhd2FpdCBjZm5SZXNwb25zZS5zdWJtaXRSZXNwb25zZSgnRkFJTEVEJywgaXNDb21wbGV0ZVJlcXVlc3QsIHtcbiAgICByZWFzb246ICdPcGVyYXRpb24gdGltZWQgb3V0JyxcbiAgfSk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGludm9rZVVzZXJGdW5jdGlvbjxBIGV4dGVuZHMgeyBSZXNwb25zZVVSTDogJy4uLicgfT4oZnVuY3Rpb25Bcm5FbnY6IHN0cmluZywgc2FuaXRpemVkUGF5bG9hZDogQSwgcmVzcG9uc2VVcmw6IHN0cmluZykge1xuICBjb25zdCBmdW5jdGlvbkFybiA9IGdldEVudihmdW5jdGlvbkFybkVudik7XG4gIGxvZyhgZXhlY3V0aW5nIHVzZXIgZnVuY3Rpb24gJHtmdW5jdGlvbkFybn0gd2l0aCBwYXlsb2FkYCwgc2FuaXRpemVkUGF5bG9hZCk7XG5cbiAgLy8gdHJhbnNpZW50IGVycm9ycyBzdWNoIGFzIHRpbWVvdXRzLCB0aHJvdHRsaW5nIGVycm9ycyAoNDI5KSwgYW5kIG90aGVyXG4gIC8vIGVycm9ycyB0aGF0IGFyZW4ndCBjYXVzZWQgYnkgYSBiYWQgcmVxdWVzdCAoNTAwIHNlcmllcykgYXJlIHJldHJpZWRcbiAgLy8gYXV0b21hdGljYWxseSBieSB0aGUgSmF2YVNjcmlwdCBTREsuXG4gIGNvbnN0IHJlc3AgPSBhd2FpdCBpbnZva2VGdW5jdGlvbih7XG4gICAgRnVuY3Rpb25OYW1lOiBmdW5jdGlvbkFybixcblxuICAgIC8vIENhbm5vdCBzdHJpcCAnUmVzcG9uc2VVUkwnIGhlcmUgYXMgdGhpcyB3b3VsZCBiZSBhIGJyZWFraW5nIGNoYW5nZSBldmVuIHRob3VnaCB0aGUgZG93bnN0cmVhbSBDUiBkb2Vzbid0IG5lZWQgaXRcbiAgICBQYXlsb2FkOiBKU09OLnN0cmluZ2lmeSh7IC4uLnNhbml0aXplZFBheWxvYWQsIFJlc3BvbnNlVVJMOiByZXNwb25zZVVybCB9KSxcbiAgfSk7XG5cbiAgbG9nKCd1c2VyIGZ1bmN0aW9uIHJlc3BvbnNlOicsIHJlc3AsIHR5cGVvZihyZXNwKSk7XG5cbiAgLy8gUGFyc2VKc29uUGF5bG9hZCBpcyB2ZXJ5IGRlZmVuc2l2ZS4gSXQgc2hvdWxkIG5vdCBiZSBwb3NzaWJsZSBmb3IgYFBheWxvYWRgXG4gIC8vIHRvIGJlIGFueXRoaW5nIG90aGVyIHRoYW4gYSBKU09OIGVuY29kZWQgc3RyaW5nIChvciBpbnRhcnJheSkuIFNvbWV0aGluZyB3ZWlyZCBpc1xuICAvLyBnb2luZyBvbiBpZiB0aGF0IGhhcHBlbnMuIFN0aWxsLCB3ZSBzaG91bGQgZG8gb3VyIGJlc3QgdG8gc3Vydml2ZSBpdC5cbiAgY29uc3QganNvblBheWxvYWQgPSBwYXJzZUpzb25QYXlsb2FkKHJlc3AuUGF5bG9hZCk7XG4gIGlmIChyZXNwLkZ1bmN0aW9uRXJyb3IpIHtcbiAgICBsb2coJ3VzZXIgZnVuY3Rpb24gdGhyZXcgYW4gZXJyb3I6JywgcmVzcC5GdW5jdGlvbkVycm9yKTtcblxuICAgIGNvbnN0IGVycm9yTWVzc2FnZSA9IGpzb25QYXlsb2FkLmVycm9yTWVzc2FnZSB8fCAnZXJyb3InO1xuXG4gICAgLy8gcGFyc2UgZnVuY3Rpb24gbmFtZSBmcm9tIGFyblxuICAgIC8vIGFybjoke1BhcnRpdGlvbn06bGFtYmRhOiR7UmVnaW9ufToke0FjY291bnR9OmZ1bmN0aW9uOiR7RnVuY3Rpb25OYW1lfVxuICAgIGNvbnN0IGFybiA9IGZ1bmN0aW9uQXJuLnNwbGl0KCc6Jyk7XG4gICAgY29uc3QgZnVuY3Rpb25OYW1lID0gYXJuW2Fybi5sZW5ndGggLSAxXTtcblxuICAgIC8vIGFwcGVuZCBhIHJlZmVyZW5jZSB0byB0aGUgbG9nIGdyb3VwLlxuICAgIGNvbnN0IG1lc3NhZ2UgPSBbXG4gICAgICBlcnJvck1lc3NhZ2UsXG4gICAgICAnJyxcbiAgICAgIGBMb2dzOiAvYXdzL2xhbWJkYS8ke2Z1bmN0aW9uTmFtZX1gLCAvLyBjbG91ZHdhdGNoIGxvZyBncm91cFxuICAgICAgJycsXG4gICAgXS5qb2luKCdcXG4nKTtcblxuICAgIGNvbnN0IGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7XG5cbiAgICAvLyB0aGUgb3V0cHV0IHRoYXQgZ29lcyB0byBDRk4gaXMgd2hhdCdzIGluIGBzdGFja2AsIG5vdCB0aGUgZXJyb3IgbWVzc2FnZS5cbiAgICAvLyBpZiB3ZSBoYXZlIGEgcmVtb3RlIHRyYWNlLCBjb25zdHJ1Y3QgYSBuaWNlIG1lc3NhZ2Ugd2l0aCBsb2cgZ3JvdXAgaW5mb3JtYXRpb25cbiAgICBpZiAoanNvblBheWxvYWQudHJhY2UpIHtcbiAgICAgIC8vIHNraXAgZmlyc3QgdHJhY2UgbGluZSBiZWNhdXNlIGl0J3MgdGhlIG1lc3NhZ2VcbiAgICAgIGUuc3RhY2sgPSBbbWVzc2FnZSwgLi4uanNvblBheWxvYWQudHJhY2Uuc2xpY2UoMSldLmpvaW4oJ1xcbicpO1xuICAgIH1cblxuICAgIHRocm93IGU7XG4gIH1cblxuICByZXR1cm4ganNvblBheWxvYWQ7XG59XG5cbmZ1bmN0aW9uIGNyZWF0ZVJlc3BvbnNlRXZlbnQoY2ZuUmVxdWVzdDogQVdTTGFtYmRhLkNsb3VkRm9ybWF0aW9uQ3VzdG9tUmVzb3VyY2VFdmVudCwgb25FdmVudFJlc3VsdDogT25FdmVudFJlc3BvbnNlKTogQVdTQ0RLQXN5bmNDdXN0b21SZXNvdXJjZS5Jc0NvbXBsZXRlUmVxdWVzdCB7XG4gIC8vXG4gIC8vIHZhbGlkYXRlIHRoYXQgb25FdmVudFJlc3VsdCBhbHdheXMgaW5jbHVkZXMgYSBQaHlzaWNhbFJlc291cmNlSWRcblxuICBvbkV2ZW50UmVzdWx0ID0gb25FdmVudFJlc3VsdCB8fCB7IH07XG5cbiAgLy8gaWYgcGh5c2ljYWwgSUQgaXMgbm90IHJldHVybmVkLCB3ZSBoYXZlIHNvbWUgZGVmYXVsdHMgZm9yIHlvdSBiYXNlZFxuICAvLyBvbiB0aGUgcmVxdWVzdCB0eXBlLlxuICBjb25zdCBwaHlzaWNhbFJlc291cmNlSWQgPSBvbkV2ZW50UmVzdWx0LlBoeXNpY2FsUmVzb3VyY2VJZCB8fCBkZWZhdWx0UGh5c2ljYWxSZXNvdXJjZUlkKGNmblJlcXVlc3QpO1xuXG4gIC8vIGlmIHdlIGFyZSBpbiBERUxFVEUgYW5kIHBoeXNpY2FsIElEIHdhcyBjaGFuZ2VkLCBpdCdzIGFuIGVycm9yLlxuICBpZiAoY2ZuUmVxdWVzdC5SZXF1ZXN0VHlwZSA9PT0gJ0RlbGV0ZScgJiYgcGh5c2ljYWxSZXNvdXJjZUlkICE9PSBjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZCkge1xuICAgIHRocm93IG5ldyBFcnJvcihgREVMRVRFOiBjYW5ub3QgY2hhbmdlIHRoZSBwaHlzaWNhbCByZXNvdXJjZSBJRCBmcm9tIFwiJHtjZm5SZXF1ZXN0LlBoeXNpY2FsUmVzb3VyY2VJZH1cIiB0byBcIiR7b25FdmVudFJlc3VsdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgZHVyaW5nIGRlbGV0aW9uYCk7XG4gIH1cblxuICAvLyBpZiB3ZSBhcmUgaW4gVVBEQVRFIGFuZCBwaHlzaWNhbCBJRCB3YXMgY2hhbmdlZCwgaXQncyBhIHJlcGxhY2VtZW50IChqdXN0IGxvZylcbiAgaWYgKGNmblJlcXVlc3QuUmVxdWVzdFR5cGUgPT09ICdVcGRhdGUnICYmIHBoeXNpY2FsUmVzb3VyY2VJZCAhPT0gY2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWQpIHtcbiAgICBsb2coYFVQREFURTogY2hhbmdpbmcgcGh5c2ljYWwgcmVzb3VyY2UgSUQgZnJvbSBcIiR7Y2ZuUmVxdWVzdC5QaHlzaWNhbFJlc291cmNlSWR9XCIgdG8gXCIke29uRXZlbnRSZXN1bHQuUGh5c2ljYWxSZXNvdXJjZUlkfVwiYCk7XG4gIH1cblxuICAvLyBtZXJnZSByZXF1ZXN0IGV2ZW50IGFuZCByZXN1bHQgZXZlbnQgKHJlc3VsdCBwcmV2YWlscykuXG4gIHJldHVybiB7XG4gICAgLi4uY2ZuUmVxdWVzdCxcbiAgICAuLi5vbkV2ZW50UmVzdWx0LFxuICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkLFxuICB9O1xufVxuXG4vKipcbiAqIENhbGN1bGF0ZXMgdGhlIGRlZmF1bHQgcGh5c2ljYWwgcmVzb3VyY2UgSUQgYmFzZWQgaW4gY2FzZSB1c2VyIGhhbmRsZXIgZGlkXG4gKiBub3QgcmV0dXJuIGEgUGh5c2ljYWxSZXNvdXJjZUlkLlxuICpcbiAqIEZvciBcIkNSRUFURVwiLCBpdCB1c2VzIHRoZSBSZXF1ZXN0SWQuXG4gKiBGb3IgXCJVUERBVEVcIiBhbmQgXCJERUxFVEVcIiBhbmQgcmV0dXJucyB0aGUgY3VycmVudCBQaHlzaWNhbFJlc291cmNlSWQgKHRoZSBvbmUgcHJvdmlkZWQgaW4gYGV2ZW50YCkuXG4gKi9cbmZ1bmN0aW9uIGRlZmF1bHRQaHlzaWNhbFJlc291cmNlSWQocmVxOiBBV1NMYW1iZGEuQ2xvdWRGb3JtYXRpb25DdXN0b21SZXNvdXJjZUV2ZW50KTogc3RyaW5nIHtcbiAgc3dpdGNoIChyZXEuUmVxdWVzdFR5cGUpIHtcbiAgICBjYXNlICdDcmVhdGUnOlxuICAgICAgcmV0dXJuIHJlcS5SZXF1ZXN0SWQ7XG5cbiAgICBjYXNlICdVcGRhdGUnOlxuICAgIGNhc2UgJ0RlbGV0ZSc6XG4gICAgICByZXR1cm4gcmVxLlBoeXNpY2FsUmVzb3VyY2VJZDtcblxuICAgIGRlZmF1bHQ6XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoYEludmFsaWQgXCJSZXF1ZXN0VHlwZVwiIGluIHJlcXVlc3QgXCIke0pTT04uc3RyaW5naWZ5KHJlcSl9XCJgKTtcbiAgfVxufVxuIl19 \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/outbound.js b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/outbound.js new file mode 100644 index 0000000000000..110a420ec64c5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/outbound.js @@ -0,0 +1,83 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.httpRequest = exports.invokeFunction = exports.startExecution = void 0; +/* istanbul ignore file */ +const https = require("https"); +// eslint-disable-next-line import/no-extraneous-dependencies +const client_lambda_1 = require("@aws-sdk/client-lambda"); +// eslint-disable-next-line import/no-extraneous-dependencies +const client_sfn_1 = require("@aws-sdk/client-sfn"); +// eslint-disable-next-line import/no-extraneous-dependencies +const FRAMEWORK_HANDLER_TIMEOUT = 900000; // 15 minutes +// In order to honor the overall maximum timeout set for the target process, +// the default 2 minutes from AWS SDK has to be overriden: +// https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Config.html#httpOptions-property +const awsSdkConfig = { + httpOptions: { timeout: FRAMEWORK_HANDLER_TIMEOUT }, +}; +async function defaultHttpRequest(options, requestBody) { + return new Promise((resolve, reject) => { + try { + const request = https.request(options, (response) => { + response.resume(); // Consume the response but don't care about it + if (!response.statusCode || response.statusCode >= 400) { + reject(new Error(`Unsuccessful HTTP response: ${response.statusCode}`)); + } + else { + resolve(); + } + }); + request.on('error', reject); + request.write(requestBody); + request.end(); + } + catch (e) { + reject(e); + } + }); +} +let sfn; +let lambda; +async function defaultStartExecution(req) { + if (!sfn) { + sfn = new client_sfn_1.SFN(awsSdkConfig); + } + return sfn.startExecution(req); +} +async function defaultInvokeFunction(req) { + if (!lambda) { + lambda = new client_lambda_1.Lambda(awsSdkConfig); + } + try { + /** + * Try an initial invoke. + * + * When you try to invoke a function that is inactive, the invocation fails and Lambda sets + * the function to pending state until the function resources are recreated. + * If Lambda fails to recreate the resources, the function is set to the inactive state. + * + * We're using invoke first because `waitFor` doesn't trigger an inactive function to do anything, + * it just runs `getFunction` and checks the state. + */ + return await lambda.invoke(req); + } + catch { + /** + * The status of the Lambda function is checked every second for up to 300 seconds. + * Exits the loop on 'Active' state and throws an error on 'Inactive' or 'Failed'. + * + * And now we wait. + */ + await (0, client_lambda_1.waitUntilFunctionActiveV2)({ + client: lambda, + maxWaitTime: 300, + }, { + FunctionName: req.FunctionName, + }); + return lambda.invoke(req); + } +} +exports.startExecution = defaultStartExecution; +exports.invokeFunction = defaultInvokeFunction; +exports.httpRequest = defaultHttpRequest; +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3V0Ym91bmQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJvdXRib3VuZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwwQkFBMEI7QUFDMUIsK0JBQStCO0FBQy9CLDZEQUE2RDtBQUM3RCwwREFBbUg7QUFDbkgsNkRBQTZEO0FBQzdELG9EQUFxRjtBQUNyRiw2REFBNkQ7QUFFN0QsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLENBQUMsQ0FBQyxhQUFhO0FBRXZELDRFQUE0RTtBQUM1RSwwREFBMEQ7QUFDMUQsMkZBQTJGO0FBQzNGLE1BQU0sWUFBWSxHQUFHO0lBQ25CLFdBQVcsRUFBRSxFQUFFLE9BQU8sRUFBRSx5QkFBeUIsRUFBRTtDQUNwRCxDQUFDO0FBRUYsS0FBSyxVQUFVLGtCQUFrQixDQUFDLE9BQTZCLEVBQUUsV0FBbUI7SUFDbEYsT0FBTyxJQUFJLE9BQU8sQ0FBTyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtRQUMzQyxJQUFJLENBQUM7WUFDSCxNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUFFO2dCQUNsRCxRQUFRLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQywrQ0FBK0M7Z0JBQ2xFLElBQUksQ0FBQyxRQUFRLENBQUMsVUFBVSxJQUFJLFFBQVEsQ0FBQyxVQUFVLElBQUksR0FBRyxFQUFFLENBQUM7b0JBQ3ZELE1BQU0sQ0FBQyxJQUFJLEtBQUssQ0FBQywrQkFBK0IsUUFBUSxDQUFDLFVBQVUsRUFBRSxDQUFDLENBQUMsQ0FBQztnQkFDMUUsQ0FBQztxQkFBTSxDQUFDO29CQUNOLE9BQU8sRUFBRSxDQUFDO2dCQUNaLENBQUM7WUFDSCxDQUFDLENBQUMsQ0FBQztZQUNILE9BQU8sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQzVCLE9BQU8sQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUM7WUFDM0IsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ2hCLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1gsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ1osQ0FBQztJQUNILENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELElBQUksR0FBUSxDQUFDO0FBQ2IsSUFBSSxNQUFjLENBQUM7QUFFbkIsS0FBSyxVQUFVLHFCQUFxQixDQUFDLEdBQXdCO0lBQzNELElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNULEdBQUcsR0FBRyxJQUFJLGdCQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVELE9BQU8sR0FBRyxDQUFDLGNBQWMsQ0FBQyxHQUFHLENBQUMsQ0FBQztBQUNqQyxDQUFDO0FBRUQsS0FBSyxVQUFVLHFCQUFxQixDQUFDLEdBQXVCO0lBQzFELElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNaLE1BQU0sR0FBRyxJQUFJLHNCQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVELElBQUksQ0FBQztRQUNIOzs7Ozs7Ozs7V0FTRztRQUNILE9BQU8sTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFBQyxNQUFNLENBQUM7UUFDUDs7Ozs7V0FLRztRQUNILE1BQU0sSUFBQSx5Q0FBeUIsRUFBQztZQUM5QixNQUFNLEVBQUUsTUFBTTtZQUNkLFdBQVcsRUFBRSxHQUFHO1NBQ2pCLEVBQUU7WUFDRCxZQUFZLEVBQUUsR0FBRyxDQUFDLFlBQVk7U0FDL0IsQ0FBQyxDQUFDO1FBQ0gsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzVCLENBQUM7QUFDSCxDQUFDO0FBRVUsUUFBQSxjQUFjLEdBQUcscUJBQXFCLENBQUM7QUFDdkMsUUFBQSxjQUFjLEdBQUcscUJBQXFCLENBQUM7QUFDdkMsUUFBQSxXQUFXLEdBQUcsa0JBQWtCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBpc3RhbmJ1bCBpZ25vcmUgZmlsZSAqL1xuaW1wb3J0ICogYXMgaHR0cHMgZnJvbSAnaHR0cHMnO1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0IHsgTGFtYmRhLCB3YWl0VW50aWxGdW5jdGlvbkFjdGl2ZVYyLCBJbnZvY2F0aW9uUmVzcG9uc2UsIEludm9rZUNvbW1hbmRJbnB1dCB9IGZyb20gJ0Bhd3Mtc2RrL2NsaWVudC1sYW1iZGEnO1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuaW1wb3J0IHsgU0ZOLCBTdGFydEV4ZWN1dGlvbklucHV0LCBTdGFydEV4ZWN1dGlvbk91dHB1dCB9IGZyb20gJ0Bhd3Mtc2RrL2NsaWVudC1zZm4nO1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llc1xuXG5jb25zdCBGUkFNRVdPUktfSEFORExFUl9USU1FT1VUID0gOTAwMDAwOyAvLyAxNSBtaW51dGVzXG5cbi8vIEluIG9yZGVyIHRvIGhvbm9yIHRoZSBvdmVyYWxsIG1heGltdW0gdGltZW91dCBzZXQgZm9yIHRoZSB0YXJnZXQgcHJvY2Vzcyxcbi8vIHRoZSBkZWZhdWx0IDIgbWludXRlcyBmcm9tIEFXUyBTREsgaGFzIHRvIGJlIG92ZXJyaWRlbjpcbi8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL2xhdGVzdC9BV1MvQ29uZmlnLmh0bWwjaHR0cE9wdGlvbnMtcHJvcGVydHlcbmNvbnN0IGF3c1Nka0NvbmZpZyA9IHtcbiAgaHR0cE9wdGlvbnM6IHsgdGltZW91dDogRlJBTUVXT1JLX0hBTkRMRVJfVElNRU9VVCB9LFxufTtcblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdEh0dHBSZXF1ZXN0KG9wdGlvbnM6IGh0dHBzLlJlcXVlc3RPcHRpb25zLCByZXF1ZXN0Qm9keTogc3RyaW5nKSB7XG4gIHJldHVybiBuZXcgUHJvbWlzZTx2b2lkPigocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IHJlcXVlc3QgPSBodHRwcy5yZXF1ZXN0KG9wdGlvbnMsIChyZXNwb25zZSkgPT4ge1xuICAgICAgICByZXNwb25zZS5yZXN1bWUoKTsgLy8gQ29uc3VtZSB0aGUgcmVzcG9uc2UgYnV0IGRvbid0IGNhcmUgYWJvdXQgaXRcbiAgICAgICAgaWYgKCFyZXNwb25zZS5zdGF0dXNDb2RlIHx8IHJlc3BvbnNlLnN0YXR1c0NvZGUgPj0gNDAwKSB7XG4gICAgICAgICAgcmVqZWN0KG5ldyBFcnJvcihgVW5zdWNjZXNzZnVsIEhUVFAgcmVzcG9uc2U6ICR7cmVzcG9uc2Uuc3RhdHVzQ29kZX1gKSk7XG4gICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgcmVzb2x2ZSgpO1xuICAgICAgICB9XG4gICAgICB9KTtcbiAgICAgIHJlcXVlc3Qub24oJ2Vycm9yJywgcmVqZWN0KTtcbiAgICAgIHJlcXVlc3Qud3JpdGUocmVxdWVzdEJvZHkpO1xuICAgICAgcmVxdWVzdC5lbmQoKTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICByZWplY3QoZSk7XG4gICAgfVxuICB9KTtcbn1cblxubGV0IHNmbjogU0ZOO1xubGV0IGxhbWJkYTogTGFtYmRhO1xuXG5hc3luYyBmdW5jdGlvbiBkZWZhdWx0U3RhcnRFeGVjdXRpb24ocmVxOiBTdGFydEV4ZWN1dGlvbklucHV0KTogUHJvbWlzZTxTdGFydEV4ZWN1dGlvbk91dHB1dD4ge1xuICBpZiAoIXNmbikge1xuICAgIHNmbiA9IG5ldyBTRk4oYXdzU2RrQ29uZmlnKTtcbiAgfVxuXG4gIHJldHVybiBzZm4uc3RhcnRFeGVjdXRpb24ocmVxKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZGVmYXVsdEludm9rZUZ1bmN0aW9uKHJlcTogSW52b2tlQ29tbWFuZElucHV0KTogUHJvbWlzZTxJbnZvY2F0aW9uUmVzcG9uc2U+IHtcbiAgaWYgKCFsYW1iZGEpIHtcbiAgICBsYW1iZGEgPSBuZXcgTGFtYmRhKGF3c1Nka0NvbmZpZyk7XG4gIH1cblxuICB0cnkge1xuICAgIC8qKlxuICAgICAqIFRyeSBhbiBpbml0aWFsIGludm9rZS5cbiAgICAgKlxuICAgICAqIFdoZW4geW91IHRyeSB0byBpbnZva2UgYSBmdW5jdGlvbiB0aGF0IGlzIGluYWN0aXZlLCB0aGUgaW52b2NhdGlvbiBmYWlscyBhbmQgTGFtYmRhIHNldHNcbiAgICAgKiB0aGUgZnVuY3Rpb24gdG8gcGVuZGluZyBzdGF0ZSB1bnRpbCB0aGUgZnVuY3Rpb24gcmVzb3VyY2VzIGFyZSByZWNyZWF0ZWQuXG4gICAgICogSWYgTGFtYmRhIGZhaWxzIHRvIHJlY3JlYXRlIHRoZSByZXNvdXJjZXMsIHRoZSBmdW5jdGlvbiBpcyBzZXQgdG8gdGhlIGluYWN0aXZlIHN0YXRlLlxuICAgICAqXG4gICAgICogV2UncmUgdXNpbmcgaW52b2tlIGZpcnN0IGJlY2F1c2UgYHdhaXRGb3JgIGRvZXNuJ3QgdHJpZ2dlciBhbiBpbmFjdGl2ZSBmdW5jdGlvbiB0byBkbyBhbnl0aGluZyxcbiAgICAgKiBpdCBqdXN0IHJ1bnMgYGdldEZ1bmN0aW9uYCBhbmQgY2hlY2tzIHRoZSBzdGF0ZS5cbiAgICAgKi9cbiAgICByZXR1cm4gYXdhaXQgbGFtYmRhLmludm9rZShyZXEpO1xuICB9IGNhdGNoIHtcbiAgICAvKipcbiAgICAgKiBUaGUgc3RhdHVzIG9mIHRoZSBMYW1iZGEgZnVuY3Rpb24gaXMgY2hlY2tlZCBldmVyeSBzZWNvbmQgZm9yIHVwIHRvIDMwMCBzZWNvbmRzLlxuICAgICAqIEV4aXRzIHRoZSBsb29wIG9uICdBY3RpdmUnIHN0YXRlIGFuZCB0aHJvd3MgYW4gZXJyb3Igb24gJ0luYWN0aXZlJyBvciAnRmFpbGVkJy5cbiAgICAgKlxuICAgICAqIEFuZCBub3cgd2Ugd2FpdC5cbiAgICAgKi9cbiAgICBhd2FpdCB3YWl0VW50aWxGdW5jdGlvbkFjdGl2ZVYyKHtcbiAgICAgIGNsaWVudDogbGFtYmRhLFxuICAgICAgbWF4V2FpdFRpbWU6IDMwMCxcbiAgICB9LCB7XG4gICAgICBGdW5jdGlvbk5hbWU6IHJlcS5GdW5jdGlvbk5hbWUsXG4gICAgfSk7XG4gICAgcmV0dXJuIGxhbWJkYS5pbnZva2UocmVxKTtcbiAgfVxufVxuXG5leHBvcnQgbGV0IHN0YXJ0RXhlY3V0aW9uID0gZGVmYXVsdFN0YXJ0RXhlY3V0aW9uO1xuZXhwb3J0IGxldCBpbnZva2VGdW5jdGlvbiA9IGRlZmF1bHRJbnZva2VGdW5jdGlvbjtcbmV4cG9ydCBsZXQgaHR0cFJlcXVlc3QgPSBkZWZhdWx0SHR0cFJlcXVlc3Q7XG4iXX0= \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/util.js b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/util.js new file mode 100644 index 0000000000000..5d48e914660a6 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6/util.js @@ -0,0 +1,53 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.getEnv = getEnv; +exports.log = log; +exports.withRetries = withRetries; +exports.parseJsonPayload = parseJsonPayload; +function getEnv(name) { + const value = process.env[name]; + if (!value) { + throw new Error(`The environment variable "${name}" is not defined`); + } + return value; +} +function log(title, ...args) { + console.log('[provider-framework]', title, ...args.map(x => typeof (x) === 'object' ? JSON.stringify(x, undefined, 2) : x)); +} +function withRetries(options, fn) { + return async (...xs) => { + let attempts = options.attempts; + let ms = options.sleep; + while (true) { + try { + return await fn(...xs); + } + catch (e) { + if (attempts-- <= 0) { + throw e; + } + await sleep(Math.floor(Math.random() * ms)); + ms *= 2; + } + } + }; +} +async function sleep(ms) { + return new Promise((ok) => setTimeout(ok, ms)); +} +function parseJsonPayload(payload) { + // sdk v3 returns payloads in Uint8Array, either it or a string or Buffer + // can be cast into a buffer and then decoded. + const text = new TextDecoder().decode(Buffer.from(payload ?? '')); + if (!text) { + return {}; + } + try { + return JSON.parse(text); + } + catch { + throw new Error(`return values from user-handlers must be JSON objects. got: "${text}"`); + } +} +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInV0aWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLCtCQUErQjs7QUFFL0Isd0JBTUM7QUFFRCxrQkFFQztBQVNELGtDQWdCQztBQU1ELDRDQVVDO0FBbkRELFNBQWdCLE1BQU0sQ0FBQyxJQUFZO0lBQ2pDLE1BQU0sS0FBSyxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDaEMsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ1gsTUFBTSxJQUFJLEtBQUssQ0FBQyw2QkFBNkIsSUFBSSxrQkFBa0IsQ0FBQyxDQUFDO0lBQ3ZFLENBQUM7SUFDRCxPQUFPLEtBQUssQ0FBQztBQUNmLENBQUM7QUFFRCxTQUFnQixHQUFHLENBQUMsS0FBVSxFQUFFLEdBQUcsSUFBVztJQUM1QyxPQUFPLENBQUMsR0FBRyxDQUFDLHNCQUFzQixFQUFFLEtBQUssRUFBRSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxPQUFNLENBQUMsQ0FBQyxDQUFDLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7QUFDN0gsQ0FBQztBQVNELFNBQWdCLFdBQVcsQ0FBMEIsT0FBcUIsRUFBRSxFQUE0QjtJQUN0RyxPQUFPLEtBQUssRUFBRSxHQUFHLEVBQUssRUFBRSxFQUFFO1FBQ3hCLElBQUksUUFBUSxHQUFHLE9BQU8sQ0FBQyxRQUFRLENBQUM7UUFDaEMsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUN2QixPQUFPLElBQUksRUFBRSxDQUFDO1lBQ1osSUFBSSxDQUFDO2dCQUNILE9BQU8sTUFBTSxFQUFFLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztZQUN6QixDQUFDO1lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDWCxJQUFJLFFBQVEsRUFBRSxJQUFJLENBQUMsRUFBRSxDQUFDO29CQUNwQixNQUFNLENBQUMsQ0FBQztnQkFDVixDQUFDO2dCQUNELE1BQU0sS0FBSyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQzVDLEVBQUUsSUFBSSxDQUFDLENBQUM7WUFDVixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUMsQ0FBQztBQUNKLENBQUM7QUFFRCxLQUFLLFVBQVUsS0FBSyxDQUFDLEVBQVU7SUFDN0IsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsVUFBVSxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBQ2pELENBQUM7QUFFRCxTQUFnQixnQkFBZ0IsQ0FBQyxPQUF3RDtJQUN2Rix5RUFBeUU7SUFDekUsOENBQThDO0lBQzlDLE1BQU0sSUFBSSxHQUFHLElBQUksV0FBVyxFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDbEUsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQUMsT0FBTyxFQUFHLENBQUM7SUFBQyxDQUFDO0lBQzFCLElBQUksQ0FBQztRQUNILE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMxQixDQUFDO0lBQUMsTUFBTSxDQUFDO1FBQ1AsTUFBTSxJQUFJLEtBQUssQ0FBQyxnRUFBZ0UsSUFBSSxHQUFHLENBQUMsQ0FBQztJQUMzRixDQUFDO0FBQ0gsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGZ1bmN0aW9uIGdldEVudihuYW1lOiBzdHJpbmcpOiBzdHJpbmcge1xuICBjb25zdCB2YWx1ZSA9IHByb2Nlc3MuZW52W25hbWVdO1xuICBpZiAoIXZhbHVlKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBUaGUgZW52aXJvbm1lbnQgdmFyaWFibGUgXCIke25hbWV9XCIgaXMgbm90IGRlZmluZWRgKTtcbiAgfVxuICByZXR1cm4gdmFsdWU7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBsb2codGl0bGU6IGFueSwgLi4uYXJnczogYW55W10pIHtcbiAgY29uc29sZS5sb2coJ1twcm92aWRlci1mcmFtZXdvcmtdJywgdGl0bGUsIC4uLmFyZ3MubWFwKHggPT4gdHlwZW9mKHgpID09PSAnb2JqZWN0JyA/IEpTT04uc3RyaW5naWZ5KHgsIHVuZGVmaW5lZCwgMikgOiB4KSk7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmV0cnlPcHRpb25zIHtcbiAgLyoqIEhvdyBtYW55IHJldHJpZXMgKHdpbGwgYXQgbGVhc3QgdHJ5IG9uY2UpICovXG4gIHJlYWRvbmx5IGF0dGVtcHRzOiBudW1iZXI7XG4gIC8qKiBTbGVlcCBiYXNlLCBpbiBtcyAqL1xuICByZWFkb25seSBzbGVlcDogbnVtYmVyO1xufVxuXG5leHBvcnQgZnVuY3Rpb24gd2l0aFJldHJpZXM8QSBleHRlbmRzIEFycmF5PGFueT4sIEI+KG9wdGlvbnM6IFJldHJ5T3B0aW9ucywgZm46ICguLi54czogQSkgPT4gUHJvbWlzZTxCPik6ICguLi54czogQSkgPT4gUHJvbWlzZTxCPiB7XG4gIHJldHVybiBhc3luYyAoLi4ueHM6IEEpID0+IHtcbiAgICBsZXQgYXR0ZW1wdHMgPSBvcHRpb25zLmF0dGVtcHRzO1xuICAgIGxldCBtcyA9IG9wdGlvbnMuc2xlZXA7XG4gICAgd2hpbGUgKHRydWUpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIHJldHVybiBhd2FpdCBmbiguLi54cyk7XG4gICAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgIGlmIChhdHRlbXB0cy0tIDw9IDApIHtcbiAgICAgICAgICB0aHJvdyBlO1xuICAgICAgICB9XG4gICAgICAgIGF3YWl0IHNsZWVwKE1hdGguZmxvb3IoTWF0aC5yYW5kb20oKSAqIG1zKSk7XG4gICAgICAgIG1zICo9IDI7XG4gICAgICB9XG4gICAgfVxuICB9O1xufVxuXG5hc3luYyBmdW5jdGlvbiBzbGVlcChtczogbnVtYmVyKTogUHJvbWlzZTx2b2lkPiB7XG4gIHJldHVybiBuZXcgUHJvbWlzZSgob2spID0+IHNldFRpbWVvdXQob2ssIG1zKSk7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiBwYXJzZUpzb25QYXlsb2FkKHBheWxvYWQ6IHN0cmluZyB8IEJ1ZmZlciB8IFVpbnQ4QXJyYXkgfCB1bmRlZmluZWQgfCBudWxsKTogYW55IHtcbiAgLy8gc2RrIHYzIHJldHVybnMgcGF5bG9hZHMgaW4gVWludDhBcnJheSwgZWl0aGVyIGl0IG9yIGEgc3RyaW5nIG9yIEJ1ZmZlclxuICAvLyBjYW4gYmUgY2FzdCBpbnRvIGEgYnVmZmVyIGFuZCB0aGVuIGRlY29kZWQuXG4gIGNvbnN0IHRleHQgPSBuZXcgVGV4dERlY29kZXIoKS5kZWNvZGUoQnVmZmVyLmZyb20ocGF5bG9hZCA/PyAnJykpO1xuICBpZiAoIXRleHQpIHsgcmV0dXJuIHsgfTsgfVxuICB0cnkge1xuICAgIHJldHVybiBKU09OLnBhcnNlKHRleHQpO1xuICB9IGNhdGNoIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYHJldHVybiB2YWx1ZXMgZnJvbSB1c2VyLWhhbmRsZXJzIG11c3QgYmUgSlNPTiBvYmplY3RzLiBnb3Q6IFwiJHt0ZXh0fVwiYCk7XG4gIH1cbn1cbiJdfQ== \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out new file mode 100644 index 0000000000000..91e1a8b9901d5 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"39.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json new file mode 100644 index 0000000000000..fd5e9ab58fcfa --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json @@ -0,0 +1,32 @@ +{ + "version": "39.0.0", + "files": { + "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6": { + "source": { + "path": "asset.39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4": { + "source": { + "path": "integ-provider-with-waiter-state-machine-custom-role.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json new file mode 100644 index 0000000000000..55ca4a9be9847 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json @@ -0,0 +1,834 @@ +{ + "Resources": { + "OnEventServiceRole6D9476C1": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "OnEvent74718524": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.onEvent", + "Role": { + "Fn::GetAtt": [ + "OnEventServiceRole6D9476C1", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "OnEventServiceRole6D9476C1" + ] + }, + "IsCompleteServiceRole1399DF19": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "IsComplete544AE5AD": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "ZipFile": "foo" + }, + "Handler": "index.isComplete", + "Role": { + "Fn::GetAtt": [ + "IsCompleteServiceRole1399DF19", + "Arn" + ] + }, + "Runtime": "nodejs18.x" + }, + "DependsOn": [ + "IsCompleteServiceRole1399DF19" + ] + }, + "MyRoleF48FFE04": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "MyRoleDefaultPolicyA36BE1DD": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": "states:StartExecution", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyRoleDefaultPolicyA36BE1DD", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkonEventCE6B50CD": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "Description": "AWS CDK resource provider framework - onEvent (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + "WAITER_STATE_MACHINE_ARN": { + "Ref": "MyProviderWithCustomRolewaiterstatemachineA313C5FC" + } + } + }, + "Handler": "framework.onEvent", + "Role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "Runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "Timeout": 900 + }, + "DependsOn": [ + "MyRoleDefaultPolicyA36BE1DD", + "MyRoleF48FFE04" + ] + }, + "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole004FDFBE5": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole004FDFBE5", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole1DFA8A188": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole1DFA8A188", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkisComplete10E48A2A": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "Description": "AWS CDK resource provider framework - isComplete (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + }, + "Handler": "framework.isComplete", + "Role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "Runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "Timeout": 900 + }, + "DependsOn": [ + "MyRoleDefaultPolicyA36BE1DD", + "MyRoleF48FFE04" + ] + }, + "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "Description": "AWS CDK resource provider framework - onTimeout (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "Environment": { + "Variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + }, + "Handler": "framework.onTimeout", + "Role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "Runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "Timeout": 900 + }, + "DependsOn": [ + "MyRoleDefaultPolicyA36BE1DD", + "MyRoleF48FFE04" + ] + }, + "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186", + "Roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "MyProviderWithCustomRolewaiterstatemachineRoleED93441A": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": [ + "logs:CreateLogDelivery", + "logs:CreateLogStream", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutLogEvents", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B", + "Roles": [ + { + "Ref": "MyProviderWithCustomRolewaiterstatemachineRoleED93441A" + } + ] + } + }, + "MyProviderWithCustomRolewaiterstatemachineLogGroup836672C3": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "LogGroupName": { + "Fn::Join": [ + "", + [ + "/aws/vendedlogs/states/waiter-state-machine-", + { + "Ref": "MyProviderWithCustomRoleframeworkisComplete10E48A2A" + }, + "-c8c49299e246ab75d73015b8c106440ea487806d81" + ] + ] + }, + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "MyProviderWithCustomRolewaiterstatemachineA313C5FC": { + "Type": "AWS::StepFunctions::StateMachine", + "Properties": { + "DefinitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":5,\"MaxAttempts\":360,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + "\"}}}" + ] + ] + }, + "LoggingConfiguration": { + "Destinations": [ + { + "CloudWatchLogsLogGroup": { + "LogGroupArn": { + "Fn::GetAtt": [ + "MyProviderWithCustomRolewaiterstatemachineLogGroup836672C3", + "Arn" + ] + } + } + } + ], + "IncludeExecutionData": false, + "Level": "ERROR" + }, + "RoleArn": { + "Fn::GetAtt": [ + "MyProviderWithCustomRolewaiterstatemachineRoleED93441A", + "Arn" + ] + } + }, + "DependsOn": [ + "MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B", + "MyProviderWithCustomRolewaiterstatemachineRoleED93441A" + ] + } + }, + "Mappings": { + "LatestNodeRuntimeMap": { + "af-south-1": { + "value": "nodejs20.x" + }, + "ap-east-1": { + "value": "nodejs20.x" + }, + "ap-northeast-1": { + "value": "nodejs20.x" + }, + "ap-northeast-2": { + "value": "nodejs20.x" + }, + "ap-northeast-3": { + "value": "nodejs20.x" + }, + "ap-south-1": { + "value": "nodejs20.x" + }, + "ap-south-2": { + "value": "nodejs20.x" + }, + "ap-southeast-1": { + "value": "nodejs20.x" + }, + "ap-southeast-2": { + "value": "nodejs20.x" + }, + "ap-southeast-3": { + "value": "nodejs20.x" + }, + "ap-southeast-4": { + "value": "nodejs20.x" + }, + "ap-southeast-5": { + "value": "nodejs20.x" + }, + "ap-southeast-7": { + "value": "nodejs20.x" + }, + "ca-central-1": { + "value": "nodejs20.x" + }, + "ca-west-1": { + "value": "nodejs20.x" + }, + "cn-north-1": { + "value": "nodejs20.x" + }, + "cn-northwest-1": { + "value": "nodejs20.x" + }, + "eu-central-1": { + "value": "nodejs20.x" + }, + "eu-central-2": { + "value": "nodejs20.x" + }, + "eu-isoe-west-1": { + "value": "nodejs18.x" + }, + "eu-north-1": { + "value": "nodejs20.x" + }, + "eu-south-1": { + "value": "nodejs20.x" + }, + "eu-south-2": { + "value": "nodejs20.x" + }, + "eu-west-1": { + "value": "nodejs20.x" + }, + "eu-west-2": { + "value": "nodejs20.x" + }, + "eu-west-3": { + "value": "nodejs20.x" + }, + "il-central-1": { + "value": "nodejs20.x" + }, + "me-central-1": { + "value": "nodejs20.x" + }, + "me-south-1": { + "value": "nodejs20.x" + }, + "mx-central-1": { + "value": "nodejs20.x" + }, + "sa-east-1": { + "value": "nodejs20.x" + }, + "us-east-1": { + "value": "nodejs20.x" + }, + "us-east-2": { + "value": "nodejs20.x" + }, + "us-gov-east-1": { + "value": "nodejs20.x" + }, + "us-gov-west-1": { + "value": "nodejs20.x" + }, + "us-iso-east-1": { + "value": "nodejs18.x" + }, + "us-iso-west-1": { + "value": "nodejs18.x" + }, + "us-isob-east-1": { + "value": "nodejs18.x" + }, + "us-west-1": { + "value": "nodejs20.x" + }, + "us-west-2": { + "value": "nodejs20.x" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json new file mode 100644 index 0000000000000..53e36e71dd375 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "39.0.0", + "testCases": { + "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest": { + "stacks": [ + "integ-provider-with-waiter-state-machine-custom-role" + ], + "diffAssets": true, + "assertionStack": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert", + "assertionStackName": "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json new file mode 100644 index 0000000000000..4a3e8804a67f7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json @@ -0,0 +1,918 @@ +{ + "version": "39.0.0", + "artifacts": { + "integ-provider-with-waiter-state-machine-custom-role.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-provider-with-waiter-state-machine-custom-role.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-provider-with-waiter-state-machine-custom-role": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-provider-with-waiter-state-machine-custom-role.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-provider-with-waiter-state-machine-custom-role.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-provider-with-waiter-state-machine-custom-role.assets" + ], + "metadata": { + "/integ-provider-with-waiter-state-machine-custom-role/OnEvent": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "code": "*", + "handler": "*", + "runtime": "*" + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole/ImportServiceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OnEventServiceRole6D9476C1" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/OnEvent/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OnEvent74718524" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/IsComplete": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "code": "*", + "handler": "*", + "runtime": "*" + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole/ImportServiceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "IsCompleteServiceRole1399DF19" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/IsComplete/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "IsComplete544AE5AD" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/ImportMyRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyRoleF48FFE04" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyRoleDefaultPolicyA36BE1DD" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonEventCE6B50CD" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-0": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole004FDFBE5" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole1DFA8A188" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkisComplete10E48A2A" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-0": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-0/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addEnvironment": [ + "*", + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-0": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-0/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "statements": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/ImportRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRolewaiterstatemachineRoleED93441A" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/LogGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "logGroupName": "*" + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/LogGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRolewaiterstatemachineLogGroup836672C3" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyProviderWithCustomRolewaiterstatemachineA313C5FC" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/LatestNodeRuntimeMap": [ + { + "type": "aws:cdk:logicalId", + "data": "LatestNodeRuntimeMap" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-provider-with-waiter-state-machine-custom-role" + }, + "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets" + ], + "metadata": { + "/IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json new file mode 100644 index 0000000000000..bc23d31b37eb7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json @@ -0,0 +1,1676 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "integ-provider-with-waiter-state-machine-custom-role": { + "id": "integ-provider-with-waiter-state-machine-custom-role", + "path": "integ-provider-with-waiter-state-machine-custom-role", + "children": { + "OnEvent": { + "id": "OnEvent", + "path": "integ-provider-with-waiter-state-machine-custom-role/OnEvent", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0", + "metadata": [ + "*" + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/OnEvent/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0", + "metadata": [ + { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/OnEvent/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.onEvent", + "role": { + "Fn::GetAtt": [ + "OnEventServiceRole6D9476C1", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0", + "metadata": [ + { + "code": "*", + "handler": "*", + "runtime": "*" + } + ] + } + }, + "IsComplete": { + "id": "IsComplete", + "path": "integ-provider-with-waiter-state-machine-custom-role/IsComplete", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0", + "metadata": [ + "*" + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/IsComplete/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0", + "metadata": [ + { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/IsComplete/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "zipFile": "foo" + }, + "handler": "index.isComplete", + "role": { + "Fn::GetAtt": [ + "IsCompleteServiceRole1399DF19", + "Arn" + ] + }, + "runtime": "nodejs18.x" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0", + "metadata": [ + { + "code": "*", + "handler": "*", + "runtime": "*" + } + ] + } + }, + "MyRole": { + "id": "MyRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole", + "children": { + "ImportMyRole": { + "id": "ImportMyRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole/ImportMyRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0", + "metadata": [ + "*" + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": "states:StartExecution", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyRoleDefaultPolicyA36BE1DD", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + "*", + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "addStatements": [ + {} + ] + }, + { + "addStatements": [ + {} + ] + }, + { + "addStatements": [ + {} + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0", + "metadata": [ + { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + } + ] + } + }, + "MyProviderWithCustomRole": { + "id": "MyProviderWithCustomRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole", + "children": { + "framework-onEvent": { + "id": "framework-onEvent", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent", + "children": { + "Code": { + "id": "Code", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/Code/Stage", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/Code/AssetBucket", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0", + "metadata": [] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3_assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "description": "AWS CDK resource provider framework - onEvent (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + "WAITER_STATE_MACHINE_ARN": { + "Ref": "MyProviderWithCustomRolewaiterstatemachineA313C5FC" + } + } + }, + "handler": "framework.onEvent", + "role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + }, + "inlinePolicyAddedToExecutionRole-0": { + "id": "inlinePolicyAddedToExecutionRole-0", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-0", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-0/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole004FDFBE5", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + }, + "inlinePolicyAddedToExecutionRole-1": { + "id": "inlinePolicyAddedToExecutionRole-1", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-1", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent/inlinePolicyAddedToExecutionRole-1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkonEventinlinePolicyAddedToExecutionRole1DFA8A188", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0", + "metadata": [ + { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + }, + { + "addEnvironment": [ + "*", + "*" + ] + }, + { + "addEnvironment": [ + "*", + "*" + ] + }, + { + "addEnvironment": [ + "*", + "*" + ] + } + ] + } + }, + "framework-isComplete": { + "id": "framework-isComplete", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete", + "children": { + "Code": { + "id": "Code", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/Code/Stage", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/Code/AssetBucket", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0", + "metadata": [] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3_assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "description": "AWS CDK resource provider framework - isComplete (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + }, + "handler": "framework.isComplete", + "role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + }, + "inlinePolicyAddedToExecutionRole-0": { + "id": "inlinePolicyAddedToExecutionRole-0", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-0", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-0/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + }, + "inlinePolicyAddedToExecutionRole-1": { + "id": "inlinePolicyAddedToExecutionRole-1", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-1", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-isComplete/inlinePolicyAddedToExecutionRole-1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0", + "metadata": [ + { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + }, + { + "addEnvironment": [ + "*", + "*" + ] + }, + { + "addEnvironment": [ + "*", + "*" + ] + } + ] + } + }, + "framework-onTimeout": { + "id": "framework-onTimeout", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout", + "children": { + "Code": { + "id": "Code", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/Code/Stage", + "constructInfo": { + "fqn": "aws-cdk-lib.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/Code/AssetBucket", + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3.BucketBase", + "version": "0.0.0", + "metadata": [] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_s3_assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6.zip" + }, + "description": "AWS CDK resource provider framework - onTimeout (integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole)", + "environment": { + "variables": { + "USER_ON_EVENT_FUNCTION_ARN": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + "USER_IS_COMPLETE_FUNCTION_ARN": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + }, + "handler": "framework.onTimeout", + "role": { + "Fn::GetAtt": [ + "MyRoleF48FFE04", + "Arn" + ] + }, + "runtime": { + "Fn::FindInMap": [ + "LatestNodeRuntimeMap", + { + "Ref": "AWS::Region" + }, + "value" + ] + }, + "timeout": 900 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", + "version": "0.0.0" + } + }, + "inlinePolicyAddedToExecutionRole-0": { + "id": "inlinePolicyAddedToExecutionRole-0", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-0", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-0/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + }, + "inlinePolicyAddedToExecutionRole-1": { + "id": "inlinePolicyAddedToExecutionRole-1", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-1", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onTimeout/inlinePolicyAddedToExecutionRole-1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:GetFunction", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186", + "roles": [ + { + "Ref": "MyRoleF48FFE04" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + { + "statements": "*" + }, + { + "addStatements": [ + {} + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_lambda.Function", + "version": "0.0.0", + "metadata": [ + { + "code": "*", + "description": "*", + "runtime": "*", + "handler": "*", + "timeout": "*", + "logGroup": "*", + "vpc": "*", + "vpcSubnets": "*", + "securityGroups": "*", + "role": "*", + "functionName": "*", + "environmentEncryption": "*" + }, + { + "addEnvironment": [ + "*", + "*" + ] + }, + { + "addEnvironment": [ + "*", + "*" + ] + } + ] + } + }, + "waiter-state-machine": { + "id": "waiter-state-machine", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine", + "children": { + "Role": { + "id": "Role", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role", + "children": { + "ImportRole": { + "id": "ImportRole", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/ImportRole", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0", + "metadata": [ + "*" + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "states.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Role/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + }, + { + "Action": [ + "logs:CreateLogDelivery", + "logs:CreateLogStream", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutLogEvents", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ], + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B", + "roles": [ + { + "Ref": "MyProviderWithCustomRolewaiterstatemachineRoleED93441A" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + "*", + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "addStatements": [ + {} + ] + }, + { + "addStatements": [ + {} + ] + }, + { + "addStatements": [ + {} + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0", + "metadata": [ + { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + }, + { + "addToPrincipalPolicy": [ + {} + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + } + ] + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/LogGroup", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/LogGroup/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Logs::LogGroup", + "aws:cdk:cloudformation:props": { + "logGroupName": { + "Fn::Join": [ + "", + [ + "/aws/vendedlogs/states/waiter-state-machine-", + { + "Ref": "MyProviderWithCustomRoleframeworkisComplete10E48A2A" + }, + "-c8c49299e246ab75d73015b8c106440ea487806d81" + ] + ] + }, + "retentionInDays": 731 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.CfnLogGroup", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_logs.LogGroup", + "version": "0.0.0", + "metadata": [ + { + "logGroupName": "*" + } + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/waiter-state-machine/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::StepFunctions::StateMachine", + "aws:cdk:cloudformation:props": { + "definitionString": { + "Fn::Join": [ + "", + [ + "{\"StartAt\":\"framework-isComplete-task\",\"States\":{\"framework-isComplete-task\":{\"End\":true,\"Retry\":[{\"ErrorEquals\":[\"States.ALL\"],\"IntervalSeconds\":5,\"MaxAttempts\":360,\"BackoffRate\":1}],\"Catch\":[{\"ErrorEquals\":[\"States.ALL\"],\"Next\":\"framework-onTimeout-task\"}],\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkisComplete10E48A2A", + "Arn" + ] + }, + "\"},\"framework-onTimeout-task\":{\"End\":true,\"Type\":\"Task\",\"Resource\":\"", + { + "Fn::GetAtt": [ + "MyProviderWithCustomRoleframeworkonTimeout1A7D4C59", + "Arn" + ] + }, + "\"}}}" + ] + ] + }, + "loggingConfiguration": { + "destinations": [ + { + "cloudWatchLogsLogGroup": { + "logGroupArn": { + "Fn::GetAtt": [ + "MyProviderWithCustomRolewaiterstatemachineLogGroup836672C3", + "Arn" + ] + } + } + } + ], + "includeExecutionData": false, + "level": "ERROR" + }, + "roleArn": { + "Fn::GetAtt": [ + "MyProviderWithCustomRolewaiterstatemachineRoleED93441A", + "Arn" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_stepfunctions.CfnStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.custom_resources.WaiterStateMachine", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.custom_resources.Provider", + "version": "0.0.0" + } + }, + "LatestNodeRuntimeMap": { + "id": "LatestNodeRuntimeMap", + "path": "integ-provider-with-waiter-state-machine-custom-role/LatestNodeRuntimeMap", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnMapping", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "integ-provider-with-waiter-state-machine-custom-role/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "integ-provider-with-waiter-state-machine-custom-role/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "IntegProviderWithWaiterStateMachineCustomRole": { + "id": "IntegProviderWithWaiterStateMachineCustomRole", + "path": "IntegProviderWithWaiterStateMachineCustomRole", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.4.2" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts new file mode 100644 index 0000000000000..3cab75b45c25e --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts @@ -0,0 +1,52 @@ +/// !cdk-integ * +import { App, Stack } from 'aws-cdk-lib'; +import * as integ from '@aws-cdk/integ-tests-alpha'; +import { Construct } from 'constructs'; +import { Code, Function, Runtime } from 'aws-cdk-lib/aws-lambda'; +import { Provider } from 'aws-cdk-lib/custom-resources'; +import { ManagedPolicy, Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam'; + +// This test is not deployable prior to this PR fix https://github.com/aws/aws-cdk/pull/32404/files +// due to integ-provider-with-waiter-state-machine-custom-role failed: ValidationError: Circular dependency +// between resources: [MyRoleDefaultPolicyA36BE1DD, MyProviderWithCustomRolewaiterstatemachineRoleDefaultPolicy4808872B, +// MyProviderWithCustomRoleframeworkonEventCE6B50CD, MyProviderWithCustomRoleframeworkonTimeout1A7D4C59, +// MyProviderWithCustomRoleframeworkisComplete10E48A2A, MyProviderWithCustomRolewaiterstatemachineA313C5FC, +// MyProviderWithCustomRolewaiterstatemachineLogGroup836672C3] + +class TestStack extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const onEventHandler = new Function(this, 'OnEvent', { + code: Code.fromInline('foo'), + handler: 'index.onEvent', + runtime: Runtime.NODEJS_LATEST, + }); + const isCompleteHandler = new Function(this, 'IsComplete', { + code: Code.fromInline('foo'), + handler: 'index.isComplete', + runtime: Runtime.NODEJS_LATEST, + }); + + new Provider(this, 'MyProviderWithCustomRole', { + role: new Role(this, 'MyRole', { + assumedBy: new ServicePrincipal('lambda.amazonaws.com'), + managedPolicies: [ + ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole'), + ], + }), + onEventHandler, + isCompleteHandler, + }); + } +} + +const app = new App(); +const stack = new TestStack(app, 'integ-provider-with-waiter-state-machine-custom-role'); + +new integ.IntegTest(app, 'IntegProviderWithWaiterStateMachineCustomRole', { + testCases: [stack], + diffAssets: true, +}); + +app.synth(); diff --git a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts index 7eb0bce5f4765..b541f21c58536 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts @@ -232,7 +232,17 @@ export class Provider extends Construct implements ICustomResourceProvider { }); // the on-event entrypoint is going to start the execution of the waiter onEventFunction.addEnvironment(consts.WAITER_STATE_MACHINE_ARN_ENV, waiterStateMachine.stateMachineArn); - waiterStateMachine.grantStartExecution(onEventFunction); + // if role is provided, we can't use grantStartExecution due to circular dependency: + // waitertatemachine --> isComplete/onTimeout lambda -> role default policy --> waiterstatemachine + if (props.role) { + iam.Grant.addToPrincipal({ + grantee: onEventFunction, + actions: ['states:StartExecution'], + resourceArns: ['*'], + }); + } else { + waiterStateMachine.grantStartExecution(onEventFunction); + } } this.entrypoint = onEventFunction; diff --git a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts index 228342b747d46..1f5f61f98429f 100644 --- a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts @@ -770,6 +770,96 @@ describe('role', () => { }, }); }); + + it('omits state machine resource constraint if isCompleteHandler is specified', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + new cr.Provider(stack, 'MyProvider', { + onEventHandler: new lambda.Function(stack, 'OnEventHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + isCompleteHandler: new lambda.Function(stack, 'IsCompleteHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + role: new iam.Role(stack, 'MyRole', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [{ + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'MyProviderframeworkisComplete364190E2', + 'Arn', + ], + }, { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'MyProviderframeworkisComplete364190E2', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, { + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'MyProviderframeworkonTimeoutD9D96588', + 'Arn', + ], + }, { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'MyProviderframeworkonTimeoutD9D96588', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, { + Action: [ + 'logs:CreateLogDelivery', + 'logs:CreateLogStream', + 'logs:GetLogDelivery', + 'logs:UpdateLogDelivery', + 'logs:DeleteLogDelivery', + 'logs:ListLogDeliveries', + 'logs:PutLogEvents', + 'logs:PutResourcePolicy', + 'logs:DescribeResourcePolicies', + 'logs:DescribeLogGroups', + ], + Effect: 'Allow', + Resource: '*', + }], + }, + }); + }); }); describe('name', () => { From d669aae19b254e23afa3c3f9e117afb26971a9ef Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Mon, 3 Mar 2025 13:27:35 -0800 Subject: [PATCH 2/6] update implmentation --- ...efaultTestDeployAssert1C38BF52.assets.json | 2 +- .../cdk.out | 2 +- ...iter-state-machine-custom-role.assets.json | 6 +- ...er-state-machine-custom-role.template.json | 117 +++++++++- .../integ.json | 2 +- .../manifest.json | 140 ++++++++++-- .../tree.json | 216 +++++++++++++++++- ...r-with-waiter-state-machine-custom-role.ts | 8 +- .../lib/provider-framework/provider.ts | 44 +++- .../test/provider-framework/provider.test.ts | 96 ++------ 10 files changed, 508 insertions(+), 125 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json index dbc0969b3a657..5349b8873235c 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/IntegProviderWithWaiterStateMachineCustomRoleDefaultTestDeployAssert1C38BF52.assets.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out index 91e1a8b9901d5..1e02a2deb191b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"39.0.0"} \ No newline at end of file +{"version":"40.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json index fd5e9ab58fcfa..5f342d1e7eb93 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.assets.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "files": { "39472b1c2875cf306d4ba429aeccdd34cb49bcf59dbde81f7e6b6cb9deac23a6": { "source": { @@ -14,7 +14,7 @@ } } }, - "1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4": { + "13001037aa3f64ce93c285aa771a46079687f5cca0ff30e6ceeed576e2239a1c": { "source": { "path": "integ-provider-with-waiter-state-machine-custom-role.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4.json", + "objectKey": "13001037aa3f64ce93c285aa771a46079687f5cca0ff30e6ceeed576e2239a1c.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json index 55ca4a9be9847..9b7b46c78be9b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ-provider-with-waiter-state-machine-custom-role.template.json @@ -185,7 +185,9 @@ { "Action": "states:StartExecution", "Effect": "Allow", - "Resource": "*" + "Resource": { + "Ref": "MyProviderWithCustomRolewaiterstatemachineA313C5FC" + } } ], "Version": "2012-10-17" @@ -198,6 +200,99 @@ ] } }, + "MyRole23935D052": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "MyRole2DefaultPolicy05107F99": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "MyRole2DefaultPolicy05107F99", + "Roles": [ + { + "Ref": "MyRole23935D052" + } + ] + } + }, "MyProviderWithCustomRoleframeworkonEventCE6B50CD": { "Type": "AWS::Lambda::Function", "Properties": { @@ -331,7 +426,7 @@ "Handler": "framework.isComplete", "Role": { "Fn::GetAtt": [ - "MyRoleF48FFE04", + "MyRole23935D052", "Arn" ] }, @@ -347,8 +442,8 @@ "Timeout": 900 }, "DependsOn": [ - "MyRoleDefaultPolicyA36BE1DD", - "MyRoleF48FFE04" + "MyRole2DefaultPolicy05107F99", + "MyRole23935D052" ] }, "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28": { @@ -372,7 +467,7 @@ "PolicyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28", "Roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -398,7 +493,7 @@ "PolicyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4", "Roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -432,7 +527,7 @@ "Handler": "framework.onTimeout", "Role": { "Fn::GetAtt": [ - "MyRoleF48FFE04", + "MyRole23935D052", "Arn" ] }, @@ -448,8 +543,8 @@ "Timeout": 900 }, "DependsOn": [ - "MyRoleDefaultPolicyA36BE1DD", - "MyRoleF48FFE04" + "MyRole2DefaultPolicy05107F99", + "MyRole23935D052" ] }, "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD": { @@ -473,7 +568,7 @@ "PolicyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD", "Roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -499,7 +594,7 @@ "PolicyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186", "Roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json index 53e36e71dd375..c08a17a14f6f7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "testCases": { "IntegProviderWithWaiterStateMachineCustomRole/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json index 4a3e8804a67f7..e528fc481feb5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "artifacts": { "integ-provider-with-waiter-state-machine-custom-role.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1f972f1ad355a768c7c92c701dc91984f868de269148467bafd0a6f7d67eece4.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/13001037aa3f64ce93c285aa771a46079687f5cca0ff30e6ceeed576e2239a1c.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -201,6 +201,110 @@ ] } }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/ImportMyRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyRoleF48FFE04" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "MyRoleDefaultPolicyA36BE1DD" + } + ], + "/integ-provider-with-waiter-state-machine-custom-role/MyRole2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, { "type": "aws:cdk:analytics:method", "data": { @@ -225,6 +329,14 @@ ] } }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, { "type": "aws:cdk:analytics:method", "data": { @@ -268,25 +380,25 @@ { "type": "aws:cdk:analytics:method", "data": { - "addToPrincipalPolicy": [ - {} + "attachInlinePolicy": [ + "*" ] } } ], - "/integ-provider-with-waiter-state-machine-custom-role/MyRole/ImportMyRole": [ + "/integ-provider-with-waiter-state-machine-custom-role/MyRole2/ImportMyRole2": [ { "type": "aws:cdk:analytics:construct", "data": "*" } ], - "/integ-provider-with-waiter-state-machine-custom-role/MyRole/Resource": [ + "/integ-provider-with-waiter-state-machine-custom-role/MyRole2/Resource": [ { "type": "aws:cdk:logicalId", - "data": "MyRoleF48FFE04" + "data": "MyRole23935D052" } ], - "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy": [ + "/integ-provider-with-waiter-state-machine-custom-role/MyRole2/DefaultPolicy": [ { "type": "aws:cdk:analytics:construct", "data": "*" @@ -315,14 +427,6 @@ ] } }, - { - "type": "aws:cdk:analytics:method", - "data": { - "addStatements": [ - {} - ] - } - }, { "type": "aws:cdk:analytics:method", "data": { @@ -332,10 +436,10 @@ } } ], - "/integ-provider-with-waiter-state-machine-custom-role/MyRole/DefaultPolicy/Resource": [ + "/integ-provider-with-waiter-state-machine-custom-role/MyRole2/DefaultPolicy/Resource": [ { "type": "aws:cdk:logicalId", - "data": "MyRoleDefaultPolicyA36BE1DD" + "data": "MyRole2DefaultPolicy05107F99" } ], "/integ-provider-with-waiter-state-machine-custom-role/MyProviderWithCustomRole/framework-onEvent": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json index bc23d31b37eb7..05dcfbbe57211 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.js.snapshot/tree.json @@ -351,7 +351,9 @@ { "Action": "states:StartExecution", "Effect": "Allow", - "Resource": "*" + "Resource": { + "Ref": "MyProviderWithCustomRolewaiterstatemachineA313C5FC" + } } ], "Version": "2012-10-17" @@ -459,6 +461,197 @@ "*" ] }, + { + "addToPrincipalPolicy": [ + {} + ] + } + ] + } + }, + "MyRole2": { + "id": "MyRole2", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole2", + "children": { + "ImportMyRole2": { + "id": "ImportMyRole2", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole2/ImportMyRole2", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0", + "metadata": [ + "*" + ] + } + }, + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnRole", + "version": "0.0.0" + } + }, + "DefaultPolicy": { + "id": "DefaultPolicy", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole2/DefaultPolicy", + "children": { + "Resource": { + "id": "Resource", + "path": "integ-provider-with-waiter-state-machine-custom-role/MyRole2/DefaultPolicy/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Policy", + "aws:cdk:cloudformation:props": { + "policyDocument": { + "Statement": [ + { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "IsComplete544AE5AD", + "Arn" + ] + }, + ":*" + ] + ] + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "OnEvent74718524", + "Arn" + ] + }, + ":*" + ] + ] + } + ] + } + ], + "Version": "2012-10-17" + }, + "policyName": "MyRole2DefaultPolicy05107F99", + "roles": [ + { + "Ref": "MyRole23935D052" + } + ] + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Policy", + "version": "0.0.0", + "metadata": [ + "*", + { + "attachToRole": [ + "*" + ] + }, + { + "attachToRole": [ + "*" + ] + }, + { + "addStatements": [ + {} + ] + }, + { + "addStatements": [ + {} + ] + } + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_iam.Role", + "version": "0.0.0", + "metadata": [ + { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + }, + { + "addToPrincipalPolicy": [ + {} + ] + }, + { + "attachInlinePolicy": [ + "*" + ] + }, { "attachInlinePolicy": [ "*" @@ -474,6 +667,11 @@ "*" ] }, + { + "addToPrincipalPolicy": [ + {} + ] + }, { "attachInlinePolicy": [ "*" @@ -500,8 +698,8 @@ ] }, { - "addToPrincipalPolicy": [ - {} + "attachInlinePolicy": [ + "*" ] } ] @@ -829,7 +1027,7 @@ "handler": "framework.isComplete", "role": { "Fn::GetAtt": [ - "MyRoleF48FFE04", + "MyRole23935D052", "Arn" ] }, @@ -878,7 +1076,7 @@ "policyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole0EB28FB28", "roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -942,7 +1140,7 @@ "policyName": "MyProviderWithCustomRoleframeworkisCompleteinlinePolicyAddedToExecutionRole10FC78DA4", "roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -1075,7 +1273,7 @@ "handler": "framework.onTimeout", "role": { "Fn::GetAtt": [ - "MyRoleF48FFE04", + "MyRole23935D052", "Arn" ] }, @@ -1124,7 +1322,7 @@ "policyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole0F64E0BFD", "roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } @@ -1188,7 +1386,7 @@ "policyName": "MyProviderWithCustomRoleframeworkonTimeoutinlinePolicyAddedToExecutionRole158451186", "roles": [ { - "Ref": "MyRoleF48FFE04" + "Ref": "MyRole23935D052" } ] } diff --git a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts index 3cab75b45c25e..8e185bc56dc19 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/custom-resources/test/provider-framework/integ.provider-with-waiter-state-machine-custom-role.ts @@ -29,7 +29,13 @@ class TestStack extends Stack { }); new Provider(this, 'MyProviderWithCustomRole', { - role: new Role(this, 'MyRole', { + frameworkOnEventRole: new Role(this, 'MyRole', { + assumedBy: new ServicePrincipal('lambda.amazonaws.com'), + managedPolicies: [ + ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole'), + ], + }), + frameworkCompleteAndTimeoutRole: new Role(this, 'MyRole2', { assumedBy: new ServicePrincipal('lambda.amazonaws.com'), managedPolicies: [ ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole'), diff --git a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts index b541f21c58536..83e9612af2833 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts @@ -9,7 +9,7 @@ import * as iam from '../../../aws-iam'; import * as kms from '../../../aws-kms'; import * as lambda from '../../../aws-lambda'; import * as logs from '../../../aws-logs'; -import { Duration } from '../../../core'; +import { Duration, ValidationError } from '../../../core'; const RUNTIME_HANDLER_PATH = path.join(__dirname, 'runtime'); const FRAMEWORK_HANDLER_TIMEOUT = Duration.minutes(15); // keep it simple for now @@ -117,13 +117,37 @@ export interface ProviderProps { /** * AWS Lambda execution role. * - * The role that will be assumed by the AWS Lambda. - * Must be assumable by the 'lambda.amazonaws.com' service principal. + * The role is shared by provider framework's onEvent, isComplete lambda, and onTimeout Lambda functions. + * This role will be assumed by the AWS Lambda, so it must be assumable by the 'lambda.amazonaws.com' + * service principal. * * @default - A default role will be created. + * @deprecated - Use frameworkOnEventLambdaRole, frameworkIsCompleteLambdaRole, frameworkOnTimeoutLambdaRole */ readonly role?: iam.IRole; + /** + * Lambda execution role for provider framework's onEvent Lambda function. Note that this role must be assumed + * by the 'lambda.amazonaws.com' service principal. + * + * This property cannot be used with 'role' property + * + * @default - A default role will be created. + */ + readonly frameworkOnEventRole?: iam.IRole; + + /** + * Lambda execution role for provider framework's isComplete/onTimeout Lambda function. Note that this role + * must be assumed by the 'lambda.amazonaws.com' service principal. To prevent circular dependency problem + * in the provider framework, please ensure you specify a different IAM Role for 'frameworkCompleteAndTimeoutRole' + * from 'frameworkOnEventRole'. + * + * This property cannot be used with 'role' property + * + * @default - A default role will be created. + */ + readonly frameworkCompleteAndTimeoutRole?: iam.IRole; + /** * Provider Lambda name. * @@ -202,6 +226,10 @@ export class Provider extends Construct implements ICustomResourceProvider { } } + if (props.role && (props.frameworkOnEventRole || props.frameworkCompleteAndTimeoutRole)) { + throw new ValidationError('Cannot specify both "role" and any of "frameworkOnEventRole" or "frameworkCompleteAndTimeoutRole".', this); + } + this.onEventHandler = props.onEventHandler; this.isCompleteHandler = props.isCompleteHandler; @@ -214,11 +242,11 @@ export class Provider extends Construct implements ICustomResourceProvider { this.role = props.role; this.providerFunctionEnvEncryption = props.providerFunctionEnvEncryption; - const onEventFunction = this.createFunction(consts.FRAMEWORK_ON_EVENT_HANDLER_NAME, props.providerFunctionName); + const onEventFunction = this.createFunction(consts.FRAMEWORK_ON_EVENT_HANDLER_NAME, props.providerFunctionName, props.frameworkOnEventRole); if (this.isCompleteHandler) { - const isCompleteFunction = this.createFunction(consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME); - const timeoutFunction = this.createFunction(consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME); + const isCompleteFunction = this.createFunction(consts.FRAMEWORK_IS_COMPLETE_HANDLER_NAME, undefined, props.frameworkCompleteAndTimeoutRole); + const timeoutFunction = this.createFunction(consts.FRAMEWORK_ON_TIMEOUT_HANDLER_NAME, undefined, props.frameworkCompleteAndTimeoutRole); const retry = calculateRetryPolicy(props); const waiterStateMachine = new WaiterStateMachine(this, 'waiter-state-machine', { @@ -273,7 +301,7 @@ export class Provider extends Construct implements ICustomResourceProvider { })); } - private createFunction(entrypoint: string, name?: string) { + private createFunction(entrypoint: string, name?: string, role?: iam.IRole) { const fn = new lambda.Function(this, `framework-${entrypoint}`, { code: lambda.Code.fromAsset(RUNTIME_HANDLER_PATH, { exclude: ['*.ts'], @@ -289,7 +317,7 @@ export class Provider extends Construct implements ICustomResourceProvider { vpc: this.vpc, vpcSubnets: this.vpcSubnets, securityGroups: this.securityGroups, - role: this.role, + role: this.role ?? role, functionName: name, environmentEncryption: this.providerFunctionEnvEncryption, }); diff --git a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts index 1f5f61f98429f..e3439ec9a8274 100644 --- a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts @@ -771,12 +771,12 @@ describe('role', () => { }); }); - it('omits state machine resource constraint if isCompleteHandler is specified', () => { + it('cannot specify both role and framework onEvent roles', () => { // GIVEN const stack = new Stack(); // WHEN - new cr.Provider(stack, 'MyProvider', { + expect(() => new cr.Provider(stack, 'MyProvider', { onEventHandler: new lambda.Function(stack, 'OnEventHandler', { code: new lambda.InlineCode('foo'), handler: 'index.onEvent', @@ -788,77 +788,29 @@ describe('role', () => { runtime: lambda.Runtime.NODEJS_LATEST, }), role: new iam.Role(stack, 'MyRole', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), - }); + frameworkOnEventRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + })).toThrow('Cannot specify both "role" and any of "frameworkOnEventRole" or "frameworkCompleteAndTimeoutRole"'); + }); - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { - PolicyDocument: { - Statement: [{ - Action: 'lambda:InvokeFunction', - Effect: 'Allow', - Resource: [ - { - 'Fn::GetAtt': [ - 'MyProviderframeworkisComplete364190E2', - 'Arn', - ], - }, { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'MyProviderframeworkisComplete364190E2', - 'Arn', - ], - }, - ':*', - ], - ], - }, - ], - }, { - Action: 'lambda:InvokeFunction', - Effect: 'Allow', - Resource: [ - { - 'Fn::GetAtt': [ - 'MyProviderframeworkonTimeoutD9D96588', - 'Arn', - ], - }, { - 'Fn::Join': [ - '', - [ - { - 'Fn::GetAtt': [ - 'MyProviderframeworkonTimeoutD9D96588', - 'Arn', - ], - }, - ':*', - ], - ], - }, - ], - }, { - Action: [ - 'logs:CreateLogDelivery', - 'logs:CreateLogStream', - 'logs:GetLogDelivery', - 'logs:UpdateLogDelivery', - 'logs:DeleteLogDelivery', - 'logs:ListLogDeliveries', - 'logs:PutLogEvents', - 'logs:PutResourcePolicy', - 'logs:DescribeResourcePolicies', - 'logs:DescribeLogGroups', - ], - Effect: 'Allow', - Resource: '*', - }], - }, - }); + it('cannot specify both role and framework complete/timeout roles', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + expect(() => new cr.Provider(stack, 'MyProvider', { + onEventHandler: new lambda.Function(stack, 'OnEventHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + isCompleteHandler: new lambda.Function(stack, 'IsCompleteHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + role: new iam.Role(stack, 'MyRole', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + frameworkCompleteAndTimeoutRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + })).toThrow('Cannot specify both "role" and any of "frameworkOnEventRole" or "frameworkCompleteAndTimeoutRole"'); }); }); From c70d681002b8d698ddd41a41b3ccb36c2195bae9 Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Mon, 3 Mar 2025 13:28:35 -0800 Subject: [PATCH 3/6] update implmentation --- .../lib/provider-framework/provider.ts | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts index 83e9612af2833..19a2563214d86 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts @@ -260,17 +260,7 @@ export class Provider extends Construct implements ICustomResourceProvider { }); // the on-event entrypoint is going to start the execution of the waiter onEventFunction.addEnvironment(consts.WAITER_STATE_MACHINE_ARN_ENV, waiterStateMachine.stateMachineArn); - // if role is provided, we can't use grantStartExecution due to circular dependency: - // waitertatemachine --> isComplete/onTimeout lambda -> role default policy --> waiterstatemachine - if (props.role) { - iam.Grant.addToPrincipal({ - grantee: onEventFunction, - actions: ['states:StartExecution'], - resourceArns: ['*'], - }); - } else { - waiterStateMachine.grantStartExecution(onEventFunction); - } + waiterStateMachine.grantStartExecution(onEventFunction); } this.entrypoint = onEventFunction; From 541718465ca91d1a272200942482c37cc8138806 Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Tue, 4 Mar 2025 10:58:40 -0800 Subject: [PATCH 4/6] update implmentation --- .../lib/provider-framework/provider.ts | 3 +++ .../test/provider-framework/provider.test.ts | 15 +++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts index 19a2563214d86..cb816765ee4c7 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts @@ -229,6 +229,9 @@ export class Provider extends Construct implements ICustomResourceProvider { if (props.role && (props.frameworkOnEventRole || props.frameworkCompleteAndTimeoutRole)) { throw new ValidationError('Cannot specify both "role" and any of "frameworkOnEventRole" or "frameworkCompleteAndTimeoutRole".', this); } + if (!props.isCompleteHandler && props.frameworkCompleteAndTimeoutRole) { + throw new ValidationError('Cannot specify "frameworkCompleteAndTimeoutRole" when "isCompleteHandler" is not specified.', this); + } this.onEventHandler = props.onEventHandler; this.isCompleteHandler = props.isCompleteHandler; diff --git a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts index e3439ec9a8274..a56b09e74d62e 100644 --- a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts @@ -812,6 +812,21 @@ describe('role', () => { frameworkCompleteAndTimeoutRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), })).toThrow('Cannot specify both "role" and any of "frameworkOnEventRole" or "frameworkCompleteAndTimeoutRole"'); }); + + it('Cannot specify "frameworkCompleteAndTimeoutRole" when "isCompleteHandler" is not specified.', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + expect(() => new cr.Provider(stack, 'MyProvider', { + onEventHandler: new lambda.Function(stack, 'OnEventHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + frameworkCompleteAndTimeoutRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + })).toThrow('Cannot specify "frameworkCompleteAndTimeoutRole" when "isCompleteHandler" is not specified.'); + }); }); describe('name', () => { From ff953d6ba8044aa104cddfe6b57202e37bd108b4 Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Thu, 6 Mar 2025 11:00:12 -0800 Subject: [PATCH 5/6] update unit test --- .../test/provider-framework/provider.test.ts | 195 +++++++++++++++++- 1 file changed, 194 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts index a56b09e74d62e..93c1730e18c68 100644 --- a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts @@ -573,7 +573,7 @@ describe('role', () => { ], }, }); - template.hasResourceProperties('AWS::IAM::Policy', { + template.hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: [ { @@ -827,6 +827,199 @@ describe('role', () => { frameworkCompleteAndTimeoutRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), })).toThrow('Cannot specify "frameworkCompleteAndTimeoutRole" when "isCompleteHandler" is not specified.'); }); + + it('No circular dependency thrown.', () => { + // GIVEN + const app = new App({ + context: { + '@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy': false, + }, + }); + const stack = new Stack(app); + + // WHEN + new cr.Provider(stack, 'MyProvider', { + onEventHandler: new lambda.Function(stack, 'OnEventHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + isCompleteHandler: new lambda.Function(stack, 'IsCompleteHandler', { + code: new lambda.InlineCode('foo'), + handler: 'index.isComplete', + runtime: lambda.Runtime.NODEJS_LATEST, + }), + frameworkOnEventRole: new iam.Role(stack, 'MyRole', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + frameworkCompleteAndTimeoutRole: new iam.Role(stack, 'MyRole2', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.como') }), + }); + + const template = Template.fromStack(stack); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, + { + Action: 'lambda:GetFunction', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + }, + { + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, + { + Action: 'lambda:GetFunction', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + }, + { + Action: 'states:StartExecution', + Effect: 'Allow', + Resource: { + 'Ref': 'MyProviderwaiterstatemachineC1FBB9F9', + }, + }, + ], + Version: '2012-10-17', + }, + }); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, + { + Action: 'lambda:GetFunction', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'OnEventHandler42BEBAE0', + 'Arn', + ], + }, + }, + { + Action: 'lambda:InvokeFunction', + Effect: 'Allow', + Resource: [ + { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + ':*', + ], + ], + }, + ], + }, + { + Action: 'lambda:GetFunction', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'IsCompleteHandler7073F4DA', + 'Arn', + ], + }, + }, + ], + Version: '2012-10-17', + }, + }); + }); }); describe('name', () => { From 06a3baa67b395c94fe2d7014b4758da04e6dc615 Mon Sep 17 00:00:00 2001 From: yuanhaoz Date: Thu, 6 Mar 2025 11:02:46 -0800 Subject: [PATCH 6/6] update unit test --- .../custom-resources/test/provider-framework/provider.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts index 93c1730e18c68..5e25a5bf5ec78 100644 --- a/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/aws-cdk-lib/custom-resources/test/provider-framework/provider.test.ts @@ -573,7 +573,7 @@ describe('role', () => { ], }, }); - template.hasResourceProperties('AWS::IAM::Policy', { + template.hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { Statement: [ { @@ -933,7 +933,7 @@ describe('role', () => { Action: 'states:StartExecution', Effect: 'Allow', Resource: { - 'Ref': 'MyProviderwaiterstatemachineC1FBB9F9', + Ref: 'MyProviderwaiterstatemachineC1FBB9F9', }, }, ],