From 339a616282f2d5924f2635585eec8134d875cd40 Mon Sep 17 00:00:00 2001 From: Zachary C <56490116+claypack@users.noreply.github.com> Date: Fri, 12 Sep 2025 13:00:57 -0400 Subject: [PATCH 1/3] feat(opensearch): add OpenSearch 3.0 and 3.1 engine versions - Add OPENSEARCH_3_0 and OPENSEARCH_3_1 constants to EngineVersion class - Update unit tests to include new versions in test arrays - Add integration tests for both new versions - Generate snapshots for integration tests --- .../cdk-integ-opensearch-v3-0.assets.json | 20 + .../cdk-integ-opensearch-v3-0.template.json | 69 ++ .../integ.opensearch.v3-0.js.snapshot/cdk.out | 1 + .../integ.json | 13 + ...efaultTestDeployAssert119C00DA.assets.json | 20 + ...aultTestDeployAssert119C00DA.template.json | 36 ++ .../manifest.json | 598 ++++++++++++++++++ .../tree.json | 1 + .../test/integ.opensearch.v3-0.ts | 24 + .../cdk-integ-opensearch-v3-1.assets.json | 20 + .../cdk-integ-opensearch-v3-1.template.json | 69 ++ .../integ.opensearch.v3-1.js.snapshot/cdk.out | 1 + .../integ.json | 13 + ...efaultTestDeployAssert519822E4.assets.json | 20 + ...aultTestDeployAssert519822E4.template.json | 36 ++ .../manifest.json | 598 ++++++++++++++++++ .../tree.json | 1 + .../test/integ.opensearch.v3-1.ts | 24 + .../aws-opensearchservice/lib/version.ts | 6 + .../aws-opensearchservice/test/domain.test.ts | 4 + 20 files changed, 1574 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json new file mode 100644 index 0000000000000..552f0bf7c6d29 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b": { + "displayName": "cdk-integ-opensearch-v3-0 Template", + "source": { + "path": "cdk-integ-opensearch-v3-0.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-cd686936": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json new file mode 100644 index 0000000000000..6fefe47073ec3 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json @@ -0,0 +1,69 @@ +{ + "Resources": { + "Domain66AC69E0": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r5.large.search", + "MultiAZWithStandbyEnabled": false, + "ZoneAwarenessEnabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_3.0", + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out new file mode 100644 index 0000000000000..523a9aac37cbf --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json new file mode 100644 index 0000000000000..a68416089c3a2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "48.0.0", + "testCases": { + "integ-opensearch-v3-0/DefaultTest": { + "stacks": [ + "cdk-integ-opensearch-v3-0" + ], + "assertionStack": "integ-opensearch-v3-0/DefaultTest/DeployAssert", + "assertionStackName": "integopensearchv30DefaultTestDeployAssert119C00DA" + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json new file mode 100644 index 0000000000000..0c924d3ecee2c --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "integopensearchv30DefaultTestDeployAssert119C00DA Template", + "source": { + "path": "integopensearchv30DefaultTestDeployAssert119C00DA.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d8d86b35": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json new file mode 100644 index 0000000000000..0527a00f47285 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json @@ -0,0 +1,598 @@ +{ + "version": "48.0.0", + "artifacts": { + "cdk-integ-opensearch-v3-0.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdk-integ-opensearch-v3-0.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdk-integ-opensearch-v3-0": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-opensearch-v3-0.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdk-integ-opensearch-v3-0.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdk-integ-opensearch-v3-0.assets" + ], + "metadata": { + "/cdk-integ-opensearch-v3-0/Domain": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/cdk-integ-opensearch-v3-0/Domain/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Domain66AC69E0" + } + ], + "/cdk-integ-opensearch-v3-0/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-opensearch-v3-0/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-opensearch-v3-0" + }, + "integopensearchv30DefaultTestDeployAssert119C00DA.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integopensearchv30DefaultTestDeployAssert119C00DA.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integopensearchv30DefaultTestDeployAssert119C00DA": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integopensearchv30DefaultTestDeployAssert119C00DA.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integopensearchv30DefaultTestDeployAssert119C00DA.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integopensearchv30DefaultTestDeployAssert119C00DA.assets" + ], + "metadata": { + "/integ-opensearch-v3-0/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-opensearch-v3-0/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-opensearch-v3-0/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json new file mode 100644 index 0000000000000..52b512fdbe80d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json @@ -0,0 +1 @@ +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-v3-0":{"id":"cdk-integ-opensearch-v3-0","path":"cdk-integ-opensearch-v3-0","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Domain":{"id":"Domain","path":"cdk-integ-opensearch-v3-0/Domain","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-v3-0/Domain/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_3.0","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-v3-0/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-v3-0/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"integ-opensearch-v3-0":{"id":"integ-opensearch-v3-0","path":"integ-opensearch-v3-0","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-opensearch-v3-0/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-opensearch-v3-0/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts new file mode 100644 index 0000000000000..e762cc5b371b7 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts @@ -0,0 +1,24 @@ +import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib'; +import { Construct } from 'constructs'; +import * as opensearch from 'aws-cdk-lib/aws-opensearchservice'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + // deploy opensearch domain with OpenSearch 3.0 + new opensearch.Domain(this, 'Domain', { + version: opensearch.EngineVersion.OPENSEARCH_3_0, + removalPolicy: RemovalPolicy.DESTROY, + capacity: { + multiAzWithStandbyEnabled: false, + }, + }); + } +} + +const app = new App(); +const stack = new TestStack(app, 'cdk-integ-opensearch-v3-0'); + +new IntegTest(app, 'integ-opensearch-v3-0', { testCases: [stack] }); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json new file mode 100644 index 0000000000000..7b41f1c70280d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077": { + "displayName": "cdk-integ-opensearch-v3-1 Template", + "source": { + "path": "cdk-integ-opensearch-v3-1.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-e3ebb55a": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json new file mode 100644 index 0000000000000..0a224cc83fe63 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json @@ -0,0 +1,69 @@ +{ + "Resources": { + "Domain66AC69E0": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r5.large.search", + "MultiAZWithStandbyEnabled": false, + "ZoneAwarenessEnabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_3.1", + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out new file mode 100644 index 0000000000000..523a9aac37cbf --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json new file mode 100644 index 0000000000000..c25412ce1718b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json @@ -0,0 +1,13 @@ +{ + "version": "48.0.0", + "testCases": { + "integ-opensearch-v3-1/DefaultTest": { + "stacks": [ + "cdk-integ-opensearch-v3-1" + ], + "assertionStack": "integ-opensearch-v3-1/DefaultTest/DeployAssert", + "assertionStackName": "integopensearchv31DefaultTestDeployAssert519822E4" + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json new file mode 100644 index 0000000000000..d50ef3118955f --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "integopensearchv31DefaultTestDeployAssert519822E4 Template", + "source": { + "path": "integopensearchv31DefaultTestDeployAssert519822E4.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d8d86b35": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json new file mode 100644 index 0000000000000..00e629185f86e --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json @@ -0,0 +1,598 @@ +{ + "version": "48.0.0", + "artifacts": { + "cdk-integ-opensearch-v3-1.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdk-integ-opensearch-v3-1.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdk-integ-opensearch-v3-1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-opensearch-v3-1.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdk-integ-opensearch-v3-1.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdk-integ-opensearch-v3-1.assets" + ], + "metadata": { + "/cdk-integ-opensearch-v3-1/Domain": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/cdk-integ-opensearch-v3-1/Domain/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Domain66AC69E0" + } + ], + "/cdk-integ-opensearch-v3-1/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-opensearch-v3-1/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-opensearch-v3-1" + }, + "integopensearchv31DefaultTestDeployAssert519822E4.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integopensearchv31DefaultTestDeployAssert519822E4.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integopensearchv31DefaultTestDeployAssert519822E4": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integopensearchv31DefaultTestDeployAssert519822E4.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integopensearchv31DefaultTestDeployAssert519822E4.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integopensearchv31DefaultTestDeployAssert519822E4.assets" + ], + "metadata": { + "/integ-opensearch-v3-1/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-opensearch-v3-1/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-opensearch-v3-1/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json new file mode 100644 index 0000000000000..add3f28afb7ce --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json @@ -0,0 +1 @@ +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-v3-1":{"id":"cdk-integ-opensearch-v3-1","path":"cdk-integ-opensearch-v3-1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Domain":{"id":"Domain","path":"cdk-integ-opensearch-v3-1/Domain","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-v3-1/Domain/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_3.1","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-v3-1/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-v3-1/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"integ-opensearch-v3-1":{"id":"integ-opensearch-v3-1","path":"integ-opensearch-v3-1","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-opensearch-v3-1/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-opensearch-v3-1/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts new file mode 100644 index 0000000000000..5d78f4bddb2c8 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts @@ -0,0 +1,24 @@ +import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib'; +import { Construct } from 'constructs'; +import * as opensearch from 'aws-cdk-lib/aws-opensearchservice'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + // deploy opensearch domain with OpenSearch 3.1 + new opensearch.Domain(this, 'Domain', { + version: opensearch.EngineVersion.OPENSEARCH_3_1, + removalPolicy: RemovalPolicy.DESTROY, + capacity: { + multiAzWithStandbyEnabled: false, + }, + }); + } +} + +const app = new App(); +const stack = new TestStack(app, 'cdk-integ-opensearch-v3-1'); + +new IntegTest(app, 'integ-opensearch-v3-1', { testCases: [stack] }); diff --git a/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts b/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts index afd8f444cb27d..006cf66f89997 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts @@ -111,6 +111,12 @@ export class EngineVersion { /** AWS OpenSearch 2.19 */ public static readonly OPENSEARCH_2_19 = EngineVersion.openSearch('2.19'); + /** AWS OpenSearch 3.0 */ + public static readonly OPENSEARCH_3_0 = EngineVersion.openSearch('3.0'); + + /** AWS OpenSearch 3.1 */ + public static readonly OPENSEARCH_3_1 = EngineVersion.openSearch('3.1'); + /** * Custom ElasticSearch version * @param version custom version number diff --git a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts index e9e66e4503b1c..860cffbcce1f6 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts @@ -46,6 +46,8 @@ const testedOpenSearchVersions = [ EngineVersion.OPENSEARCH_2_15, EngineVersion.OPENSEARCH_2_17, EngineVersion.OPENSEARCH_2_19, + EngineVersion.OPENSEARCH_3_0, + EngineVersion.OPENSEARCH_3_1, ]; each(testedOpenSearchVersions).test('connections throws if domain is not placed inside a vpc', (engineVersion) => { @@ -204,6 +206,8 @@ each([ [EngineVersion.OPENSEARCH_2_15, 'OpenSearch_2.15'], [EngineVersion.OPENSEARCH_2_17, 'OpenSearch_2.17'], [EngineVersion.OPENSEARCH_2_19, 'OpenSearch_2.19'], + [EngineVersion.OPENSEARCH_3_0, 'OpenSearch_3.0'], + [EngineVersion.OPENSEARCH_3_1, 'OpenSearch_3.1'], ]).test('minimal example renders correctly', (engineVersion, expectedCfVersion) => { new Domain(stack, 'Domain', { version: engineVersion }); From 6d4178056be64eb7807fe85e73b9b611728ca4d2 Mon Sep 17 00:00:00 2001 From: Zachary C <56490116+claypack@users.noreply.github.com> Date: Fri, 12 Sep 2025 13:06:01 -0400 Subject: [PATCH 2/3] fix: remove OpenSearch 3.0 version (does not exist) - Remove OPENSEARCH_3_0 constant from EngineVersion class - Remove 3.0 from unit test arrays - Delete integ.opensearch.v3-0.ts integration test - Delete integ.opensearch.v3-0.js.snapshot directory - Keep only OpenSearch 3.1 version support --- .../cdk-integ-opensearch-v3-0.assets.json | 20 - .../cdk-integ-opensearch-v3-0.template.json | 69 -- .../integ.opensearch.v3-0.js.snapshot/cdk.out | 1 - .../integ.json | 13 - ...efaultTestDeployAssert119C00DA.assets.json | 20 - ...aultTestDeployAssert119C00DA.template.json | 36 -- .../manifest.json | 598 ------------------ .../tree.json | 1 - .../test/integ.opensearch.v3-0.ts | 24 - .../aws-opensearchservice/lib/version.ts | 3 - .../aws-opensearchservice/test/domain.test.ts | 2 - 11 files changed, 787 deletions(-) delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json deleted file mode 100644 index 552f0bf7c6d29..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.assets.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "version": "48.0.0", - "files": { - "4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b": { - "displayName": "cdk-integ-opensearch-v3-0 Template", - "source": { - "path": "cdk-integ-opensearch-v3-0.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region-cd686936": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json deleted file mode 100644 index 6fefe47073ec3..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk-integ-opensearch-v3-0.template.json +++ /dev/null @@ -1,69 +0,0 @@ -{ - "Resources": { - "Domain66AC69E0": { - "Type": "AWS::OpenSearchService::Domain", - "Properties": { - "ClusterConfig": { - "DedicatedMasterEnabled": false, - "InstanceCount": 1, - "InstanceType": "r5.large.search", - "MultiAZWithStandbyEnabled": false, - "ZoneAwarenessEnabled": false - }, - "DomainEndpointOptions": { - "EnforceHTTPS": false, - "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" - }, - "EBSOptions": { - "EBSEnabled": true, - "VolumeSize": 10, - "VolumeType": "gp2" - }, - "EncryptionAtRestOptions": { - "Enabled": false - }, - "EngineVersion": "OpenSearch_3.0", - "LogPublishingOptions": {}, - "NodeToNodeEncryptionOptions": { - "Enabled": false - } - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out deleted file mode 100644 index 523a9aac37cbf..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json deleted file mode 100644 index a68416089c3a2..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integ.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "version": "48.0.0", - "testCases": { - "integ-opensearch-v3-0/DefaultTest": { - "stacks": [ - "cdk-integ-opensearch-v3-0" - ], - "assertionStack": "integ-opensearch-v3-0/DefaultTest/DeployAssert", - "assertionStackName": "integopensearchv30DefaultTestDeployAssert119C00DA" - } - }, - "minimumCliVersion": "2.1027.0" -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json deleted file mode 100644 index 0c924d3ecee2c..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.assets.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "version": "48.0.0", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "displayName": "integopensearchv30DefaultTestDeployAssert119C00DA Template", - "source": { - "path": "integopensearchv30DefaultTestDeployAssert119C00DA.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region-d8d86b35": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/integopensearchv30DefaultTestDeployAssert119C00DA.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json deleted file mode 100644 index 0527a00f47285..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/manifest.json +++ /dev/null @@ -1,598 +0,0 @@ -{ - "version": "48.0.0", - "artifacts": { - "cdk-integ-opensearch-v3-0.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "cdk-integ-opensearch-v3-0.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "cdk-integ-opensearch-v3-0": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "cdk-integ-opensearch-v3-0.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4bc94add0c0a7002dd43c39cbb47d05e09f5e680a6d92e51a908d1cd833e671b.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "cdk-integ-opensearch-v3-0.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "cdk-integ-opensearch-v3-0.assets" - ], - "metadata": { - "/cdk-integ-opensearch-v3-0/Domain": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/cdk-integ-opensearch-v3-0/Domain/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Domain66AC69E0" - } - ], - "/cdk-integ-opensearch-v3-0/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/cdk-integ-opensearch-v3-0/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "cdk-integ-opensearch-v3-0" - }, - "integopensearchv30DefaultTestDeployAssert119C00DA.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "integopensearchv30DefaultTestDeployAssert119C00DA.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "integopensearchv30DefaultTestDeployAssert119C00DA": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "integopensearchv30DefaultTestDeployAssert119C00DA.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "integopensearchv30DefaultTestDeployAssert119C00DA.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "integopensearchv30DefaultTestDeployAssert119C00DA.assets" - ], - "metadata": { - "/integ-opensearch-v3-0/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/integ-opensearch-v3-0/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "integ-opensearch-v3-0/DefaultTest/DeployAssert" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, - "aws-cdk-lib/feature-flag-report": { - "type": "cdk:feature-flag-report", - "properties": { - "module": "aws-cdk-lib", - "flags": { - "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { - "recommendedValue": true, - "explanation": "Pass signingProfileName to CfnSigningProfile" - }, - "@aws-cdk/core:newStyleStackSynthesis": { - "recommendedValue": true, - "explanation": "Switch to new stack synthesis method which enables CI/CD", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:stackRelativeExports": { - "recommendedValue": true, - "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { - "recommendedValue": true, - "explanation": "Disable implicit openListener when custom security groups are provided" - }, - "@aws-cdk/aws-rds:lowercaseDbIdentifier": { - "recommendedValue": true, - "explanation": "Force lowercasing of RDS Cluster names in CDK", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { - "recommendedValue": true, - "explanation": "Allow adding/removing multiple UsagePlanKeys independently", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-lambda:recognizeVersionProps": { - "recommendedValue": true, - "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-lambda:recognizeLayerVersion": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." - }, - "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { - "recommendedValue": true, - "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:checkSecretUsage": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" - }, - "@aws-cdk/core:target-partitions": { - "recommendedValue": [ - "aws", - "aws-cn" - ], - "explanation": "What regions to include in lookup tables of environment agnostic stacks" - }, - "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { - "userValue": true, - "recommendedValue": true, - "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" - }, - "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." - }, - "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { - "userValue": true, - "recommendedValue": true, - "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." - }, - "@aws-cdk/aws-iam:minimizePolicies": { - "userValue": true, - "recommendedValue": true, - "explanation": "Minimize IAM policies by combining Statements" - }, - "@aws-cdk/core:validateSnapshotRemovalPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Error on snapshot removal policies on resources that do not support it." - }, - "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate key aliases that include the stack name" - }, - "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." - }, - "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { - "userValue": true, - "recommendedValue": true, - "explanation": "Restrict KMS key policy for encrypted Queues a bit more" - }, - "@aws-cdk/aws-apigateway:disableCloudWatchRole": { - "userValue": true, - "recommendedValue": true, - "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" - }, - "@aws-cdk/core:enablePartitionLiterals": { - "userValue": true, - "recommendedValue": true, - "explanation": "Make ARNs concrete if AWS partition is known" - }, - "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { - "userValue": true, - "recommendedValue": true, - "explanation": "Event Rules may only push to encrypted SQS queues in the same account" - }, - "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { - "userValue": true, - "recommendedValue": true, - "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" - }, - "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." - }, - "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" - }, - "@aws-cdk/aws-route53-patters:useCertificate": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" - }, - "@aws-cdk/customresources:installLatestAwsSdkDefault": { - "userValue": false, - "recommendedValue": false, - "explanation": "Whether to install the latest SDK by default in AwsCustomResource" - }, - "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use unique resource name for Database Proxy" - }, - "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "Remove CloudWatch alarms from deployment group" - }, - "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." - }, - "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { - "userValue": true, - "recommendedValue": true, - "explanation": "Define user data for a launch template by default when a machine image is provided." - }, - "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { - "userValue": true, - "recommendedValue": true, - "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." - }, - "@aws-cdk/aws-redshift:columnId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Whether to use an ID to track Redshift column changes" - }, - "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" - }, - "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "Restrict access to the VPC default security group" - }, - "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate a unique id for each RequestValidator added to a method" - }, - "@aws-cdk/aws-kms:aliasNameRef": { - "userValue": true, - "recommendedValue": true, - "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" - }, - "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" - }, - "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate a launch template when creating an AutoScalingGroup" - }, - "@aws-cdk/core:includePrefixInUniqueNameGeneration": { - "userValue": true, - "recommendedValue": true, - "explanation": "Include the stack prefix in the stack name generation process" - }, - "@aws-cdk/aws-efs:denyAnonymousAccess": { - "userValue": true, - "recommendedValue": true, - "explanation": "EFS denies anonymous clients accesses" - }, - "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" - }, - "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" - }, - "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." - }, - "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." - }, - "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." - }, - "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." - }, - "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." - }, - "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." - }, - "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." - }, - "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables Pipeline to set the default pipeline type to V2." - }, - "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." - }, - "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { - "recommendedValue": true, - "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-eks:nodegroupNameAttribute": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." - }, - "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default volume type of the EBS volume will be GP3" - }, - "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, remove default deployment alarm settings" - }, - "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { - "userValue": false, - "recommendedValue": false, - "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" - }, - "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { - "userValue": false, - "recommendedValue": false, - "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." - }, - "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { - "recommendedValue": true, - "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:explicitStackTags": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." - }, - "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { - "userValue": false, - "recommendedValue": false, - "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" - }, - "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { - "userValue": true, - "recommendedValue": true, - "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" - }, - "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" - }, - "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" - }, - "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." - }, - "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." - }, - "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" - }, - "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." - }, - "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." - }, - "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." - }, - "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." - }, - "@aws-cdk/core:aspectStabilization": { - "recommendedValue": true, - "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." - }, - "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" - }, - "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" - }, - "@aws-cdk/core:enableAdditionalMetadataCollection": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." - }, - "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { - "userValue": false, - "recommendedValue": false, - "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" - }, - "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." - }, - "@aws-cdk/pipelines:reduceStageRoleTrustScope": { - "recommendedValue": true, - "explanation": "Remove the root account principal from Stage addActions trust policy", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-events:requireEventBusPolicySid": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." - }, - "@aws-cdk/core:aspectPrioritiesMutating": { - "userValue": true, - "recommendedValue": true, - "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." - }, - "@aws-cdk/aws-dynamodb:retainTableReplica": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." - }, - "@aws-cdk/cognito:logUserPoolClientSecretValue": { - "recommendedValue": false, - "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." - }, - "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { - "recommendedValue": true, - "explanation": "When enabled, scopes down the trust policy for the cross-account action role", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" - }, - "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { - "userValue": true, - "recommendedValue": true, - "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." - }, - "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." - }, - "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { - "recommendedValue": false, - "explanation": "When enabled, use resource IDs for VPC V2 migration" - }, - "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." - }, - "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" - } - } - } - } - }, - "minimumCliVersion": "2.1027.0" -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json deleted file mode 100644 index 52b512fdbe80d..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.js.snapshot/tree.json +++ /dev/null @@ -1 +0,0 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-v3-0":{"id":"cdk-integ-opensearch-v3-0","path":"cdk-integ-opensearch-v3-0","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Domain":{"id":"Domain","path":"cdk-integ-opensearch-v3-0/Domain","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-v3-0/Domain/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_3.0","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-v3-0/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-v3-0/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"integ-opensearch-v3-0":{"id":"integ-opensearch-v3-0","path":"integ-opensearch-v3-0","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-opensearch-v3-0/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-opensearch-v3-0/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-opensearch-v3-0/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts deleted file mode 100644 index e762cc5b371b7..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-0.ts +++ /dev/null @@ -1,24 +0,0 @@ -import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib'; -import { Construct } from 'constructs'; -import * as opensearch from 'aws-cdk-lib/aws-opensearchservice'; -import { IntegTest } from '@aws-cdk/integ-tests-alpha'; - -class TestStack extends Stack { - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - - // deploy opensearch domain with OpenSearch 3.0 - new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_3_0, - removalPolicy: RemovalPolicy.DESTROY, - capacity: { - multiAzWithStandbyEnabled: false, - }, - }); - } -} - -const app = new App(); -const stack = new TestStack(app, 'cdk-integ-opensearch-v3-0'); - -new IntegTest(app, 'integ-opensearch-v3-0', { testCases: [stack] }); diff --git a/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts b/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts index 006cf66f89997..f28e0d20b9275 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/lib/version.ts @@ -111,9 +111,6 @@ export class EngineVersion { /** AWS OpenSearch 2.19 */ public static readonly OPENSEARCH_2_19 = EngineVersion.openSearch('2.19'); - /** AWS OpenSearch 3.0 */ - public static readonly OPENSEARCH_3_0 = EngineVersion.openSearch('3.0'); - /** AWS OpenSearch 3.1 */ public static readonly OPENSEARCH_3_1 = EngineVersion.openSearch('3.1'); diff --git a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts index 860cffbcce1f6..c1464ec6036ba 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts @@ -46,7 +46,6 @@ const testedOpenSearchVersions = [ EngineVersion.OPENSEARCH_2_15, EngineVersion.OPENSEARCH_2_17, EngineVersion.OPENSEARCH_2_19, - EngineVersion.OPENSEARCH_3_0, EngineVersion.OPENSEARCH_3_1, ]; @@ -206,7 +205,6 @@ each([ [EngineVersion.OPENSEARCH_2_15, 'OpenSearch_2.15'], [EngineVersion.OPENSEARCH_2_17, 'OpenSearch_2.17'], [EngineVersion.OPENSEARCH_2_19, 'OpenSearch_2.19'], - [EngineVersion.OPENSEARCH_3_0, 'OpenSearch_3.0'], [EngineVersion.OPENSEARCH_3_1, 'OpenSearch_3.1'], ]).test('minimal example renders correctly', (engineVersion, expectedCfVersion) => { new Domain(stack, 'Domain', { version: engineVersion }); From a8c58f52331d1881e049a573fbd88f177328bfbc Mon Sep 17 00:00:00 2001 From: Zachary C <56490116+claypack@users.noreply.github.com> Date: Mon, 15 Sep 2025 09:36:08 -0400 Subject: [PATCH 3/3] feat(opensearch): consolidate OpenSearch 3.1 testing into existing integration test - Add OPENSEARCH_3_1 to existing integ.opensearch.min.ts versions array - Remove separate integ.opensearch.v3-1.ts test file and snapshots - Update snapshot to include OpenSearch 3.1 domain configuration --- .../cdk-integ-opensearch-min.assets.json | 8 +- .../cdk-integ-opensearch-min.template.json | 31 + .../integ.opensearch.min.js.snapshot/cdk.out | 2 +- .../integ.json | 4 +- ...efaultTestDeployAssert0EB58658.assets.json | 4 +- .../manifest.json | 520 ++++++++++++++- .../tree.json | 2 +- .../test/integ.opensearch.min.ts | 1 + .../cdk-integ-opensearch-v3-1.assets.json | 20 - .../cdk-integ-opensearch-v3-1.template.json | 69 -- .../integ.opensearch.v3-1.js.snapshot/cdk.out | 1 - .../integ.json | 13 - ...efaultTestDeployAssert519822E4.assets.json | 20 - ...aultTestDeployAssert519822E4.template.json | 36 -- .../manifest.json | 598 ------------------ .../tree.json | 1 - .../test/integ.opensearch.v3-1.ts | 24 - 17 files changed, 538 insertions(+), 816 deletions(-) delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.assets.json index 5e07acd58fc40..1d985372e9bca 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.assets.json @@ -1,16 +1,16 @@ { - "version": "44.0.0", + "version": "48.0.0", "files": { - "059fcca41bcc00427eb5588bca6475a093d4c6a8cf095471c6918abf7abf3c44": { + "01af71c998c7fb36d39350c7db1d7ef85ffff79d67120321c52b3a85d3db7bbc": { "displayName": "cdk-integ-opensearch-min Template", "source": { "path": "cdk-integ-opensearch-min.template.json", "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-0467589f": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "059fcca41bcc00427eb5588bca6475a093d4c6a8cf095471c6918abf7abf3c44.json", + "objectKey": "01af71c998c7fb36d39350c7db1d7ef85ffff79d67120321c52b3a85d3db7bbc.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.template.json index 45dc541c67d99..220901beec0c0 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk-integ-opensearch-min.template.json @@ -92,6 +92,37 @@ }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" + }, + "OpenSearch31BFB5A26D": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r5.large.search", + "MultiAZWithStandbyEnabled": false, + "ZoneAwarenessEnabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_3.1", + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" } }, "Parameters": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk.out index b3a26d44a5f73..523a9aac37cbf 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"44.0.0"} \ No newline at end of file +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integ.json index c0667101ab547..112a3ed149e54 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "testCases": { "integ-openseach-min/DefaultTest": { "stacks": [ @@ -9,5 +9,5 @@ "assertionStackName": "integopenseachminDefaultTestDeployAssert0EB58658" } }, - "minimumCliVersion": "2.1018.0" + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integopenseachminDefaultTestDeployAssert0EB58658.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integopenseachminDefaultTestDeployAssert0EB58658.assets.json index 2725b5321eddb..76ec81920aa68 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integopenseachminDefaultTestDeployAssert0EB58658.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/integopenseachminDefaultTestDeployAssert0EB58658.assets.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "displayName": "integopenseachminDefaultTestDeployAssert0EB58658 Template", @@ -8,7 +8,7 @@ "packaging": "file" }, "destinations": { - "current_account-current_region": { + "current_account-current_region-d8d86b35": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/manifest.json index 4e8b3da86a3ad..2db6fb875e201 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "44.0.0", + "version": "48.0.0", "artifacts": { "cdk-integ-opensearch-min.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/059fcca41bcc00427eb5588bca6475a093d4c6a8cf095471c6918abf7abf3c44.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/01af71c998c7fb36d39350c7db1d7ef85ffff79d67120321c52b3a85d3db7bbc.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -37,13 +37,7 @@ "/cdk-integ-opensearch-min/OpenSearch_2.13": [ { "type": "aws:cdk:analytics:construct", - "data": { - "version": "*", - "removalPolicy": "destroy", - "capacity": { - "multiAzWithStandbyEnabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-min/OpenSearch_2.13/Resource": [ @@ -55,13 +49,7 @@ "/cdk-integ-opensearch-min/OpenSearch_2.15": [ { "type": "aws:cdk:analytics:construct", - "data": { - "version": "*", - "removalPolicy": "destroy", - "capacity": { - "multiAzWithStandbyEnabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-min/OpenSearch_2.15/Resource": [ @@ -73,13 +61,7 @@ "/cdk-integ-opensearch-min/OpenSearch_2.17": [ { "type": "aws:cdk:analytics:construct", - "data": { - "version": "*", - "removalPolicy": "destroy", - "capacity": { - "multiAzWithStandbyEnabled": false - } - } + "data": "*" } ], "/cdk-integ-opensearch-min/OpenSearch_2.17/Resource": [ @@ -88,6 +70,18 @@ "data": "OpenSearch2174B754FE5" } ], + "/cdk-integ-opensearch-min/OpenSearch_3.1": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/cdk-integ-opensearch-min/OpenSearch_3.1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "OpenSearch31BFB5A26D" + } + ], "/cdk-integ-opensearch-min/BootstrapVersion": [ { "type": "aws:cdk:logicalId", @@ -156,7 +150,485 @@ "properties": { "file": "tree.json" } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } } }, - "minimumCliVersion": "2.1018.0" + "minimumCliVersion": "2.1027.0" } \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/tree.json index f6a749483da14..c8f7d6109401f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.js.snapshot/tree.json @@ -1 +1 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"cdk-integ-opensearch-min":{"id":"cdk-integ-opensearch-min","path":"cdk-integ-opensearch-min","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"OpenSearch_2.13":{"id":"OpenSearch_2.13","path":"cdk-integ-opensearch-min/OpenSearch_2.13","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"version":"*","removalPolicy":"destroy","capacity":{"multiAzWithStandbyEnabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.13/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.13","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"OpenSearch_2.15":{"id":"OpenSearch_2.15","path":"cdk-integ-opensearch-min/OpenSearch_2.15","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"version":"*","removalPolicy":"destroy","capacity":{"multiAzWithStandbyEnabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.15/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.15","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"OpenSearch_2.17":{"id":"OpenSearch_2.17","path":"cdk-integ-opensearch-min/OpenSearch_2.17","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.Domain","version":"0.0.0","metadata":[{"version":"*","removalPolicy":"destroy","capacity":{"multiAzWithStandbyEnabled":false}}]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.17/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_opensearchservice.CfnDomain","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-min/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-min/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"integ-openseach-min":{"id":"integ-openseach-min","path":"integ-openseach-min","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-openseach-min/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-openseach-min/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-openseach-min/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-openseach-min/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-openseach-min/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-min":{"id":"cdk-integ-opensearch-min","path":"cdk-integ-opensearch-min","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"OpenSearch_2.13":{"id":"OpenSearch_2.13","path":"cdk-integ-opensearch-min/OpenSearch_2.13","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.13/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.13","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"OpenSearch_2.15":{"id":"OpenSearch_2.15","path":"cdk-integ-opensearch-min/OpenSearch_2.15","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.15/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.15","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"OpenSearch_2.17":{"id":"OpenSearch_2.17","path":"cdk-integ-opensearch-min/OpenSearch_2.17","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_2.17/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_2.17","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"OpenSearch_3.1":{"id":"OpenSearch_3.1","path":"cdk-integ-opensearch-min/OpenSearch_3.1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-min/OpenSearch_3.1/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_3.1","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-min/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-min/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"integ-openseach-min":{"id":"integ-openseach-min","path":"integ-openseach-min","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-openseach-min/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-openseach-min/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-openseach-min/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-openseach-min/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-openseach-min/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.ts index a59fbba674a60..55de1c8ba59e2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.min.ts @@ -11,6 +11,7 @@ class TestStack extends Stack { opensearch.EngineVersion.OPENSEARCH_2_13, opensearch.EngineVersion.OPENSEARCH_2_15, opensearch.EngineVersion.OPENSEARCH_2_17, + opensearch.EngineVersion.OPENSEARCH_3_1, ]; // deploy opensearch domain with minimal configuration diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json deleted file mode 100644 index 7b41f1c70280d..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.assets.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "version": "48.0.0", - "files": { - "51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077": { - "displayName": "cdk-integ-opensearch-v3-1 Template", - "source": { - "path": "cdk-integ-opensearch-v3-1.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region-e3ebb55a": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json deleted file mode 100644 index 0a224cc83fe63..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk-integ-opensearch-v3-1.template.json +++ /dev/null @@ -1,69 +0,0 @@ -{ - "Resources": { - "Domain66AC69E0": { - "Type": "AWS::OpenSearchService::Domain", - "Properties": { - "ClusterConfig": { - "DedicatedMasterEnabled": false, - "InstanceCount": 1, - "InstanceType": "r5.large.search", - "MultiAZWithStandbyEnabled": false, - "ZoneAwarenessEnabled": false - }, - "DomainEndpointOptions": { - "EnforceHTTPS": false, - "TLSSecurityPolicy": "Policy-Min-TLS-1-2-2019-07" - }, - "EBSOptions": { - "EBSEnabled": true, - "VolumeSize": 10, - "VolumeType": "gp2" - }, - "EncryptionAtRestOptions": { - "Enabled": false - }, - "EngineVersion": "OpenSearch_3.1", - "LogPublishingOptions": {}, - "NodeToNodeEncryptionOptions": { - "Enabled": false - } - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - } - }, - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out deleted file mode 100644 index 523a9aac37cbf..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json deleted file mode 100644 index c25412ce1718b..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integ.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "version": "48.0.0", - "testCases": { - "integ-opensearch-v3-1/DefaultTest": { - "stacks": [ - "cdk-integ-opensearch-v3-1" - ], - "assertionStack": "integ-opensearch-v3-1/DefaultTest/DeployAssert", - "assertionStackName": "integopensearchv31DefaultTestDeployAssert519822E4" - } - }, - "minimumCliVersion": "2.1027.0" -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json deleted file mode 100644 index d50ef3118955f..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.assets.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "version": "48.0.0", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "displayName": "integopensearchv31DefaultTestDeployAssert519822E4 Template", - "source": { - "path": "integopensearchv31DefaultTestDeployAssert519822E4.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region-d8d86b35": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/integopensearchv31DefaultTestDeployAssert519822E4.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json deleted file mode 100644 index 00e629185f86e..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/manifest.json +++ /dev/null @@ -1,598 +0,0 @@ -{ - "version": "48.0.0", - "artifacts": { - "cdk-integ-opensearch-v3-1.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "cdk-integ-opensearch-v3-1.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "cdk-integ-opensearch-v3-1": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "cdk-integ-opensearch-v3-1.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/51bc5d00c46260adb7eaadc11393424f525a1565c5f997fb3b0b16d7c1178077.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "cdk-integ-opensearch-v3-1.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "cdk-integ-opensearch-v3-1.assets" - ], - "metadata": { - "/cdk-integ-opensearch-v3-1/Domain": [ - { - "type": "aws:cdk:analytics:construct", - "data": "*" - } - ], - "/cdk-integ-opensearch-v3-1/Domain/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Domain66AC69E0" - } - ], - "/cdk-integ-opensearch-v3-1/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/cdk-integ-opensearch-v3-1/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "cdk-integ-opensearch-v3-1" - }, - "integopensearchv31DefaultTestDeployAssert519822E4.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "integopensearchv31DefaultTestDeployAssert519822E4.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "integopensearchv31DefaultTestDeployAssert519822E4": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "integopensearchv31DefaultTestDeployAssert519822E4.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "integopensearchv31DefaultTestDeployAssert519822E4.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "integopensearchv31DefaultTestDeployAssert519822E4.assets" - ], - "metadata": { - "/integ-opensearch-v3-1/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/integ-opensearch-v3-1/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "integ-opensearch-v3-1/DefaultTest/DeployAssert" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - }, - "aws-cdk-lib/feature-flag-report": { - "type": "cdk:feature-flag-report", - "properties": { - "module": "aws-cdk-lib", - "flags": { - "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { - "recommendedValue": true, - "explanation": "Pass signingProfileName to CfnSigningProfile" - }, - "@aws-cdk/core:newStyleStackSynthesis": { - "recommendedValue": true, - "explanation": "Switch to new stack synthesis method which enables CI/CD", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:stackRelativeExports": { - "recommendedValue": true, - "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { - "recommendedValue": true, - "explanation": "Disable implicit openListener when custom security groups are provided" - }, - "@aws-cdk/aws-rds:lowercaseDbIdentifier": { - "recommendedValue": true, - "explanation": "Force lowercasing of RDS Cluster names in CDK", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { - "recommendedValue": true, - "explanation": "Allow adding/removing multiple UsagePlanKeys independently", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-lambda:recognizeVersionProps": { - "recommendedValue": true, - "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-lambda:recognizeLayerVersion": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." - }, - "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { - "recommendedValue": true, - "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:checkSecretUsage": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" - }, - "@aws-cdk/core:target-partitions": { - "recommendedValue": [ - "aws", - "aws-cn" - ], - "explanation": "What regions to include in lookup tables of environment agnostic stacks" - }, - "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { - "userValue": true, - "recommendedValue": true, - "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" - }, - "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." - }, - "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { - "userValue": true, - "recommendedValue": true, - "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." - }, - "@aws-cdk/aws-iam:minimizePolicies": { - "userValue": true, - "recommendedValue": true, - "explanation": "Minimize IAM policies by combining Statements" - }, - "@aws-cdk/core:validateSnapshotRemovalPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Error on snapshot removal policies on resources that do not support it." - }, - "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate key aliases that include the stack name" - }, - "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." - }, - "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { - "userValue": true, - "recommendedValue": true, - "explanation": "Restrict KMS key policy for encrypted Queues a bit more" - }, - "@aws-cdk/aws-apigateway:disableCloudWatchRole": { - "userValue": true, - "recommendedValue": true, - "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" - }, - "@aws-cdk/core:enablePartitionLiterals": { - "userValue": true, - "recommendedValue": true, - "explanation": "Make ARNs concrete if AWS partition is known" - }, - "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { - "userValue": true, - "recommendedValue": true, - "explanation": "Event Rules may only push to encrypted SQS queues in the same account" - }, - "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { - "userValue": true, - "recommendedValue": true, - "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" - }, - "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." - }, - "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" - }, - "@aws-cdk/aws-route53-patters:useCertificate": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" - }, - "@aws-cdk/customresources:installLatestAwsSdkDefault": { - "userValue": false, - "recommendedValue": false, - "explanation": "Whether to install the latest SDK by default in AwsCustomResource" - }, - "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { - "userValue": true, - "recommendedValue": true, - "explanation": "Use unique resource name for Database Proxy" - }, - "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "Remove CloudWatch alarms from deployment group" - }, - "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." - }, - "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { - "userValue": true, - "recommendedValue": true, - "explanation": "Define user data for a launch template by default when a machine image is provided." - }, - "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { - "userValue": true, - "recommendedValue": true, - "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." - }, - "@aws-cdk/aws-redshift:columnId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Whether to use an ID to track Redshift column changes" - }, - "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" - }, - "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "Restrict access to the VPC default security group" - }, - "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate a unique id for each RequestValidator added to a method" - }, - "@aws-cdk/aws-kms:aliasNameRef": { - "userValue": true, - "recommendedValue": true, - "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" - }, - "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" - }, - "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { - "userValue": true, - "recommendedValue": true, - "explanation": "Generate a launch template when creating an AutoScalingGroup" - }, - "@aws-cdk/core:includePrefixInUniqueNameGeneration": { - "userValue": true, - "recommendedValue": true, - "explanation": "Include the stack prefix in the stack name generation process" - }, - "@aws-cdk/aws-efs:denyAnonymousAccess": { - "userValue": true, - "recommendedValue": true, - "explanation": "EFS denies anonymous clients accesses" - }, - "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" - }, - "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" - }, - "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." - }, - "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." - }, - "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." - }, - "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." - }, - "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." - }, - "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." - }, - "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." - }, - "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "Enables Pipeline to set the default pipeline type to V2." - }, - "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." - }, - "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { - "recommendedValue": true, - "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-eks:nodegroupNameAttribute": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." - }, - "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default volume type of the EBS volume will be GP3" - }, - "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, remove default deployment alarm settings" - }, - "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { - "userValue": false, - "recommendedValue": false, - "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" - }, - "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { - "userValue": false, - "recommendedValue": false, - "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." - }, - "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { - "recommendedValue": true, - "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/core:explicitStackTags": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." - }, - "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { - "userValue": false, - "recommendedValue": false, - "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" - }, - "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { - "userValue": true, - "recommendedValue": true, - "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" - }, - "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" - }, - "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" - }, - "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." - }, - "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." - }, - "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" - }, - "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." - }, - "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." - }, - "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." - }, - "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." - }, - "@aws-cdk/core:aspectStabilization": { - "recommendedValue": true, - "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." - }, - "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" - }, - "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" - }, - "@aws-cdk/core:enableAdditionalMetadataCollection": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." - }, - "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { - "userValue": false, - "recommendedValue": false, - "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" - }, - "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." - }, - "@aws-cdk/pipelines:reduceStageRoleTrustScope": { - "recommendedValue": true, - "explanation": "Remove the root account principal from Stage addActions trust policy", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-events:requireEventBusPolicySid": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." - }, - "@aws-cdk/core:aspectPrioritiesMutating": { - "userValue": true, - "recommendedValue": true, - "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." - }, - "@aws-cdk/aws-dynamodb:retainTableReplica": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." - }, - "@aws-cdk/cognito:logUserPoolClientSecretValue": { - "recommendedValue": false, - "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." - }, - "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { - "recommendedValue": true, - "explanation": "When enabled, scopes down the trust policy for the cross-account action role", - "unconfiguredBehavesLike": { - "v2": true - } - }, - "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" - }, - "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { - "userValue": true, - "recommendedValue": true, - "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." - }, - "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." - }, - "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { - "recommendedValue": false, - "explanation": "When enabled, use resource IDs for VPC V2 migration" - }, - "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." - }, - "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { - "userValue": true, - "recommendedValue": true, - "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" - } - } - } - } - }, - "minimumCliVersion": "2.1027.0" -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json deleted file mode 100644 index add3f28afb7ce..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.js.snapshot/tree.json +++ /dev/null @@ -1 +0,0 @@ -{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"cdk-integ-opensearch-v3-1":{"id":"cdk-integ-opensearch-v3-1","path":"cdk-integ-opensearch-v3-1","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"Domain":{"id":"Domain","path":"cdk-integ-opensearch-v3-1/Domain","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2","metadata":["*"]},"children":{"Resource":{"id":"Resource","path":"cdk-integ-opensearch-v3-1/Domain/Resource","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"attributes":{"aws:cdk:cloudformation:type":"AWS::OpenSearchService::Domain","aws:cdk:cloudformation:props":{"clusterConfig":{"dedicatedMasterEnabled":false,"instanceCount":1,"instanceType":"r5.large.search","multiAzWithStandbyEnabled":false,"zoneAwarenessEnabled":false},"domainEndpointOptions":{"enforceHttps":false,"tlsSecurityPolicy":"Policy-Min-TLS-1-2-2019-07"},"ebsOptions":{"ebsEnabled":true,"volumeSize":10,"volumeType":"gp2"},"encryptionAtRestOptions":{"enabled":false},"engineVersion":"OpenSearch_3.1","logPublishingOptions":{},"nodeToNodeEncryptionOptions":{"enabled":false}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"cdk-integ-opensearch-v3-1/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"cdk-integ-opensearch-v3-1/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}},"integ-opensearch-v3-1":{"id":"integ-opensearch-v3-1","path":"integ-opensearch-v3-1","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"integ-opensearch-v3-1/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"integ-opensearch-v3-1/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-opensearch-v3-1/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts deleted file mode 100644 index 5d78f4bddb2c8..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.v3-1.ts +++ /dev/null @@ -1,24 +0,0 @@ -import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib'; -import { Construct } from 'constructs'; -import * as opensearch from 'aws-cdk-lib/aws-opensearchservice'; -import { IntegTest } from '@aws-cdk/integ-tests-alpha'; - -class TestStack extends Stack { - constructor(scope: Construct, id: string, props?: StackProps) { - super(scope, id, props); - - // deploy opensearch domain with OpenSearch 3.1 - new opensearch.Domain(this, 'Domain', { - version: opensearch.EngineVersion.OPENSEARCH_3_1, - removalPolicy: RemovalPolicy.DESTROY, - capacity: { - multiAzWithStandbyEnabled: false, - }, - }); - } -} - -const app = new App(); -const stack = new TestStack(app, 'cdk-integ-opensearch-v3-1'); - -new IntegTest(app, 'integ-opensearch-v3-1', { testCases: [stack] });