diff --git a/packages/@aws-cdk/aws-route53resolver-alpha/lib/firewall-rule-group.ts b/packages/@aws-cdk/aws-route53resolver-alpha/lib/firewall-rule-group.ts index 33645260fb6d4..c3efc406e3c24 100644 --- a/packages/@aws-cdk/aws-route53resolver-alpha/lib/firewall-rule-group.ts +++ b/packages/@aws-cdk/aws-route53resolver-alpha/lib/firewall-rule-group.ts @@ -15,6 +15,13 @@ export interface IFirewallRuleGroup extends IResource { * @attribute */ readonly firewallRuleGroupId: string; + + /** + * The name of the rule group + * + * @attribute + */ + readonly firewallRuleGroupName?: string; } /** @@ -156,7 +163,7 @@ export abstract class DnsBlockResponse { */ export class FirewallRuleGroup extends Resource implements IFirewallRuleGroup { /** - * Import an existing Firewall Rule Group + * Import an existing Firewall Rule Group by ID */ public static fromFirewallRuleGroupId(scope: Construct, id: string, firewallRuleGroupId: string): IFirewallRuleGroup { class Import extends Resource implements IFirewallRuleGroup { @@ -165,8 +172,29 @@ export class FirewallRuleGroup extends Resource implements IFirewallRuleGroup { return new Import(scope, id); } + /** + * Import an existing Firewall Rule Group by Name + */ + public static fromFirewallRuleGroupName(scope: Construct, id: string, firewallRuleGroupName: string): IFirewallRuleGroup { + const firewallRuleGroups: { [name: string]: string } = scope.node.tryGetContext('firewallRuleGroups') || {}; + const firewallRuleGroupId = firewallRuleGroups[firewallRuleGroupName]; + + if (!firewallRuleGroupId) { + throw new Error(`Firewall Rule Group with name "${firewallRuleGroupName}" not found in context.`); + } + + class Import extends Resource implements IFirewallRuleGroup { + public readonly firewallRuleGroupId = firewallRuleGroupId; + public readonly firewallRuleGroupName = firewallRuleGroupName; + } + + return new Import(scope, id); + } + public readonly firewallRuleGroupId: string; + public readonly firewallRuleGroupName?: string; + /** * The ARN (Amazon Resource Name) of the rule group * @attribute @@ -231,6 +259,9 @@ export class FirewallRuleGroup extends Resource implements IFirewallRuleGroup { this.rules = props.rules ?? []; + // Store the name of the rule group + this.firewallRuleGroupName = props.name; + const ruleGroup = new CfnFirewallRuleGroup(this, 'Resource', { name: props.name, firewallRules: Lazy.any({ produce: () => this.rules.map(renderRule) }), diff --git a/packages/@aws-cdk/aws-route53resolver-alpha/test/firewall-rule-group.test.ts b/packages/@aws-cdk/aws-route53resolver-alpha/test/firewall-rule-group.test.ts index 12bfab2aea828..522ca0048219f 100644 --- a/packages/@aws-cdk/aws-route53resolver-alpha/test/firewall-rule-group.test.ts +++ b/packages/@aws-cdk/aws-route53resolver-alpha/test/firewall-rule-group.test.ts @@ -135,3 +135,24 @@ test('throws when associating with a priority not between 100-9,000', () => { vpc, })).toThrow(/Priority must be greater than 100 and less than 9000/); }); + +test('fromFirewallRuleGroupName return correct imported resource when mapping provided', () => { + const stackWithContext = new Stack(); + stackWithContext.node.setContext('firewallRuleGroups', { + TestGroup: 'fwr-123456', + }); + + const importedGroup = FirewallRuleGroup.fromFirewallRuleGroupName(stackWithContext, 'ImportedGroup', 'TestGroup'); + + expect(importedGroup.firewallRuleGroupId).toEqual('fwr-123456'); + expect(importedGroup.firewallRuleGroupName).toEqual('TestGroup'); +}); + +test('fromFirewallRuleGroupName throws an error when the name is not in context', () => { + const stackWithoutMapping = new Stack(); + stackWithoutMapping.node.setContext('firewallRuleGroups', {}); + + expect(() => { + FirewallRuleGroup.fromFirewallRuleGroupName(stackWithoutMapping, 'ImportedGroup', 'NonExistentGroup'); + }).toThrow(/Firewall Rule Group with name "NonExistentGroup" not found in context./); +});